Just nu i M3-nätverket
Jump to content

HiJack-logg


cjf

Recommended Posts


Medlem sedan: 040504

Stad/plats: Uppsala

Hej!
Vore oändligt tacksam för en analys av följande rapport och förslag till åtgärder. Ser bl.a. dubbelstartade processer?
/Lennart

Logfile of Advanced SystemCare 3 Security Analyzer
Scan saved at 17:49:34, on 2009-11-25
Platform: Windows 2000 (WinNT 5.0)
MSIE: Internet Explorer v6.0 (6.0.2800.1106)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\Program\Norman\Npm\Bin\Elogsvc.exe
C:\Program\Norman\Ngs\Bin\Nprosec.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program\Norman\Npm\Bin\Zanda.exe
C:\Program\Norman\npm\bin\nvoy.exe
C:\Program\Norman\npf\bin\npfsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program\ANI\ANIWZCS2 Service\ANIWZCSdS.exe
C:\WINDOWS\System32\svchost.exe
C:\Program\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\MSTask.exe
C:\Program\Telia\Supportassistent\bin\sprtsvc.exe
C:\WINDOWS\system32\stisvc.exe
C:\WINDOWS\System32\WBEM\WinMgmt.exe
C:\WINDOWS\system32\svchost.exe
C:\Program\Norman\Npm\Bin\scheduler.exe
C:\Program\Norman\npc\bin\npcsvc32.exe
C:\Program\Norman\Npm\Bin\Njeeves.exe
C:\WINDOWS\System32\svchost.exe
C:\Program\Norman\nse\bin\NSESVC.EXE
C:\Program\Norman\npc\bin\nuaa.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program\VIAudioi\SBADeck\ADeck.exe
C:\Program\Telia\Supportassistent\bin\sprtcmd.exe
C:\Program\Logitech\iTouch\iTouch.exe
C:\Program\D-Link\AirPlus G\AirGCFG.exe
C:\Program\QuickTime\qttask.exe
C:\Program\Norman\Npm\Bin\ZLH.EXE
C:\Program\Java\jre6\bin\jusched.exe
C:\Program\Canon\MyPrinter\BJMyPrt.exe
C:\Program\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE
C:\Program\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\Program\Microsoft ActiveSync\WCESCOMM.EXE
C:\Program\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program\IObit\Advanced SystemCare 3\AWC.exe
C:\Program\Personal\bin\Personal.exe
C:\Program\Norman\Nvc\Bin\nvcoas.exe
C:\WINDOWS\System32\SCardSvr.exe
C:\Program\Norman\Nvc\Bin\Nip.exe
C:\Program\Norman\Nvc\Bin\cclaw.exe
C:\Program\IObit\Advanced SystemCare 3\IObitUpdate.exe
C:\Program\Norman\npf\bin\npfuser.exe
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - (no file)
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Skype add-on (mastermind) - {2EF37A01-884F-11d5-AC99-B112050ECB4F} - C:\Program\Popup Free\htmledit.dll
O2 - BHO: Skype add-on (mastermind) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program\Java\jre6\bin\ssv.dll
O2 - BHO: Skype add-on (mastermind) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program\google\googletoolbar2.dll
O2 - BHO: Skype add-on (mastermind) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O2 - BHO: Skype add-on (mastermind) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program\google\googletoolbar2.dll
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKCU\..\Run: [swg] C:\Program\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Advanced SystemCare 3] "C:\Program\IObit\Advanced SystemCare 3\AWC.exe" /startup
O4 - HKLM\..\Run: [AudioDeck] C:\Program\VIAudioi\SBADeck\ADeck.exe 1
O4 - HKLM\..\Run: [Telia] "C:\Program\Telia\Supportassistent\bin\sprtcmd.exe" /P Telia
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [NPCTray] C:\Program\Norman\npc\bin\npc_tray.exe /LOAD
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [CAP3ON] C:\WINDOWS\system32\spool\drivers\w32x86\3\CAP3ONN.EXE
O4 - HKLM\..\Run: [D-Link AirPlus G] C:\Program\D-Link\AirPlus G\AirGCFG.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Norman ZANDA] "C:\Program\Norman\Npm\Bin\ZLH.EXE" /LOAD /SPLASH
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program\Canon\SolutionMenu\CNSLMAIN.exe /logon
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [iJNetworkScanUtility] C:\Program\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE
O4 - HKLM\..\Run: [MMTray] C:\Program\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
O9 - Extra button: Sun Java-konsol - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - 
O9 - Extra button: Skapa mobilfavorit - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - 
O9 - Extra button: Skapa mobilfavorit... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - 
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - 
O9 - Extra button: @shdoclc.dll,-864 - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - 
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://www.apple.com/qtactivex/qtplugin.cab
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15012/CTSUEng.cab
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/yinst/yinst_current.cab
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} - http://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1124284223103
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1124284747938
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Plug-in 1.6.0_13) - http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab'>http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab'>http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
O16 - DPF: {9B03C5F1-F5AB-47EE-937D-A8EDA626F876} (Anonymizer Anti-Spyware Scanner) - http://download.zonelabs.com/bin/promotions/spywaredetector/WebAAS.cab
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} - http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?38755.0687731481
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} (Java Plug-in 1.6.0_13) - http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} (Java Plug-in 1.6.0_13) - http://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - http://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su/ocx/15012/CTPID.cab
O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Alpha Networks Inc. - C:\Program\ANI\ANIWZCS2 Service\ANIWZCSdS.exe
O23 - Service:  (Ati HotKey Poller) - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\SYSTEM32\ati2sgag.exe
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: Norman eLogger service 6 (eLoggerSvc6) - Norman ASA - C:\Program\Norman\Npm\Bin\Elogsvc.exe
O23 - Service: Google Update Service (gupdate1c9a8a01909d3f0) (gupdate1c9a8a01909d3f0) - Google Inc. - C:\Program\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program\Java\jre6\bin\jqs.exe
O23 - Service: Norman NJeeves - Norman ASA - C:\Program\Norman\Npm\Bin\Njeeves.exe
O23 - Service: Norman ZANDA - Norman ASA - C:\Program\Norman\Npm\Bin\Zanda.exe
O23 - Service: Norman Parental Control (NPC) - Norman ASA - C:\Program\Norman\npc\bin\npcsvc32.exe
O23 - Service: Norman Personal Firewall Service (NPFSvc32) - Norman ASA - C:\Program\Norman\npf\bin\npfsvc32.exe
O23 - Service: Norman Security service (NPROSECSVC) - Norman ASA - C:\Program\Norman\Ngs\Bin\Nprosec.exe
O23 - Service: Norman Scanner Engine Service (nsesvc) - Norman ASA - C:\Program\Norman\nse\bin\NSESVC.EXE
O23 - Service: Norman User Activity Agent (NUAA) - Norman ASA - C:\Program\Norman\npc\bin\nuaa.exe
O23 - Service: Norman Virus Control on-access component (nvcoas) - Norman ASA - C:\Program\Norman\Nvc\Bin\nvcoas.exe
O23 - Service: Norman Virus Control Scheduler (NVCScheduler) - Unknown - C:\Program\Norman\Npm\Bin\Nvcsched.exe
O23 - Service: Norman Resource Provider (NVOY) - Norman ASA - C:\Program\Norman\npm\bin\nvoy.exe
O23 - Service: Norman Scheduler Service (Scheduler) - Norman ASA - C:\Program\Norman\Npm\Bin\scheduler.exe
O23 - Service: SupportSoft Sprocket Service (telia) (sprtsvc_telia) - SupportSoft, Inc. - C:\Program\Telia\Supportassistent\bin\sprtsvc.exe
O23 - Service: SupportSoft RemoteAssist - SupportSoft, Inc. - C:\Program\Delade filer\SupportSoft\bin\ssrc.exe


Link to comment
Share on other sites

Jag ser inga skadliga program i loggen.

Det är en gammal Java-version med säkerhetshål i datorn. Jag rekommenderar dig att installera en ny från http://www.java.com/sv/ och därefter avinstallera alla Java och J2SE utom den senaste i Kontrollpanelen - Lägg till eller ta bort program (inga webbläsare igång).

Jag vet inte vad du menar med "dubbelstartade processer".

Link to comment
Share on other sites

Tack för info!
Installerade den nyare Javaversionen och datorn fungerar bättre.

Med flera versioner av processer menar jag exempelvis svchost.exe som det finns tre av i listan. Men det kanske ska vara så?
/Lennart

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.



×
×
  • Create New...