lsa shell og isass fejl
Hej Eksperter kan i hjælpeNår jeg har haft tændt computeren et stykke tid kommer der en fejlmeddelse hvor overskriften er: LSA SHELL (Export Version) ca. 1-2 minutter senere kommer der en meddelse med at computeren har fejl og vil lukke ned efter 1 minut altså fejlen som er beskrevet mange steder (isass.exe).
Jeg har installeret mange spyware programmer og antivirus programmer men det hjælper ikke.
Vil i se på mine logfiler og se om der er noget som ikke er korrekt?
Hijackthis loggen:
Logfile of HijackThis v1.97.7
Scan saved at 19:15:51, on 19-05-2004
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Programmer\Alwil Software\Avast4\aswUpdSv.exe
C:\Programmer\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\System32\overproof.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\MSDTC32.exe
C:\WINDOWS\System32\winsys.exe
C:\WINDOWS\System32\devldr32.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashmaisv.exe
C:\Programmer\Messenger\msmsgs.exe
C:\WINDOWS\System32\jbrjfoy.exe
C:\Programmer\Hewlett-Packard\HP OfficeJet R Series\ScanPicture\hpsplmwa.exe
C:\WINDOWS\PCHealth\HelpCtr\Binaries\HelpCtr.exe
C:\Documents and Settings\Mor og Far\Dokumenter\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [Video Device Loader] MSDTC32.exe
O4 - HKLM\..\Run: [OverProof Loader] overproof.exe
O4 - HKLM\..\Run: [esoh] esoh123.exe
O4 - HKLM\..\Run: [Microsoft Update] jbrjfoy.exe
O4 - HKLM\..\Run: [DVDUpgrade] DVDUpgrd.exe /async
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [ashMaiSv] C:\PROGRA~1\ALWILS~1\Avast4\ashmaisv.exe
O4 - HKLM\..\RunServices: [Video Device Loader] MSDTC32.exe
O4 - HKLM\..\RunServices: [OverProof Loader] overproof.exe
O4 - HKLM\..\RunServices: [esoh] esoh123.exe
O4 - HKLM\..\RunServices: [Microsoft Update] jbrjfoy.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Programmer\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Microsoft Update] jbrjfoy.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programmer\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: HP ScanPicture.lnk = C:\Programmer\Hewlett-Packard\HP OfficeJet R Series\ScanPicture\hpsplmwa.exe
O4 - Global Startup: hpmdlbwa.lnk = C:\Programmer\Hewlett-Packard\HP OfficeJet R Series\PrecisionScan\hpmdlbwa.exe
O9 - Extra button: Related (HKLM)
O9 - Extra 'Tools' menuitem: Show &Related Links (HKLM)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://www.apple.com/qtactivex/qtplugin.cab
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?38123.5602546296
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Ad-Adware loggen:
Lavasoft Ad-aware Personal Build 6.181
Logfile created on :19. maj 2004 20:50:57
Created with Ad-aware Personal, free for private use.
Using reference-file :01R298 20.04.2004
______________________________________________________
Ad-aware Settings
=========================
Set : Activate in-depth scan (Recommended)
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep scan registry
19-05-2004 20:50:57 - Scan started. (Smart mode)
Listing running processes
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
#:1 [smss.exe]
FilePath : \SystemRoot\System32\
ThreadCreationTime : 19-05-2004 18:24:27
BasePriority : Normal
#:2 [winlogon.exe]
FilePath : \??\C:\WINDOWS\system32\
ThreadCreationTime : 19-05-2004 18:24:33
BasePriority : High
#:3 [services.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 19-05-2004 18:24:33
BasePriority : Normal
FileSize : 99 KB
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : Tjenester og controllerprogrammer
InternalName : services.exe
OriginalFilename : services.exe
ProductName : Microsoft
Created on : 09-10-2001 11:00:00
Last accessed : 18-05-2004 22:00:00
Last modified : 09-10-2001 11:00:00
#:4 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 19-05-2004 18:24:34
BasePriority : Normal
FileSize : 12 KB
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
OriginalFilename : svchost.exe
ProductName : Microsoft
Created on : 09-10-2001 11:00:00
Last accessed : 18-05-2004 22:00:00
Last modified : 09-10-2001 11:00:00
#:5 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 19-05-2004 18:24:34
BasePriority : Normal
FileSize : 12 KB
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
OriginalFilename : svchost.exe
ProductName : Microsoft
Created on : 09-10-2001 11:00:00
Last accessed : 18-05-2004 22:00:00
Last modified : 09-10-2001 11:00:00
#:6 [spoolsv.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 19-05-2004 18:24:37
BasePriority : Normal
FileSize : 50 KB
FileVersion : 5.1.2600.0 (XPClient.010817-1148)
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
OriginalFilename : spoolsv.exe
ProductName : Microsoft
Created on : 09-10-2001 11:00:00
Last accessed : 18-05-2004 22:00:00
Last modified : 09-10-2001 11:00:00
#:7 [explorer.exe]
FilePath : C:\WINDOWS\
ThreadCreationTime : 19-05-2004 18:24:44
BasePriority : Normal
FileSize : 978 KB
FileVersion : 6.00.2600.0000 (xpclient.010817-1148)
ProductVersion : 6.00.2600.0000
CompanyName : Microsoft Corporation
FileDescription : Windows Stifinder
InternalName : explorer
OriginalFilename : EXPLORER.EXE
ProductName : Microsoft
Created on : 09-10-2001 11:00:00
Last accessed : 18-05-2004 22:00:00
Last modified : 09-10-2001 11:00:00
#:8 [aswupdsv.exe]
FilePath : C:\Programmer\Alwil Software\Avast4\
ThreadCreationTime : 19-05-2004 18:24:47
BasePriority : Normal
FileSize : 52 KB
Created on : 19-05-2004 13:13:42
Last accessed : 18-05-2004 22:00:00
Last modified : 27-04-2004 06:18:00
#:9 [msdtc32.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 19-05-2004 18:24:48
BasePriority : Normal
FileSize : 362 KB
Created on : 19-04-2004 14:48:31
Last accessed : 18-05-2004 22:00:00
Last modified : 05-04-2004 12:10:32
#:10 [jbrjfoy.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 19-05-2004 18:24:51
BasePriority : Normal
FileSize : 85 KB
Created on : 10-05-2004 20:03:42
Last accessed : 18-05-2004 22:00:00
Last modified : 10-05-2004 20:03:42
#:11 [ashserv.exe]
FilePath : C:\Programmer\Alwil Software\Avast4\
ThreadCreationTime : 19-05-2004 18:24:51
BasePriority : High
FileSize : 68 KB
FileVersion : 4, 1, 357, 0
ProductVersion : 4, 1, 0, 0
Copyright : Copyright (c) 2003 ALWIL Software
FileDescription : avast! antivirus service
InternalName : aswServ
OriginalFilename : aswServ.exe
ProductName : avast! Antivirus
Created on : 19-05-2004 13:13:42
Last accessed : 18-05-2004 22:00:00
Last modified : 27-04-2004 06:24:32
#:12 [devldr32.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 19-05-2004 18:24:53
BasePriority : Normal
FileSize : 23 KB
FileVersion : 1, 0, 0, 17
ProductVersion : 1, 0, 0, 17
Copyright : Copyright (C) Creative Technology Ltd. 1998-2001
CompanyName : Creative Technology Ltd.
FileDescription : DevLdr32
InternalName : DevLdr
OriginalFilename : DevLdr32.exe
ProductName : Creative Ring3 NT Inteface
Created on : 28-09-2003 08:59:35
Last accessed : 18-05-2004 22:00:00
Last modified : 04-10-2001 15:07:44
#:13 [ashdisp.exe]
FilePath : C:\PROGRA~1\ALWILS~1\Avast4\
ThreadCreationTime : 19-05-2004 18:24:54
BasePriority : Normal
FileSize : 96 KB
FileVersion : 4, 1, 357, 0
ProductVersion : 4, 1, 0, 0
Copyright : Copyright (c) 2003 ALWIL Software
FileDescription : avast! service GUI component
InternalName : aswDisp
OriginalFilename : aswDisp.exe
ProductName : avast! Antivirus
Created on : 19-05-2004 13:13:42
Last accessed : 18-05-2004 22:00:00
Last modified : 27-04-2004 06:24:34
#:14 [ashmaisv.exe]
FilePath : C:\PROGRA~1\ALWILS~1\Avast4\
ThreadCreationTime : 19-05-2004 18:24:54
BasePriority : Normal
FileSize : 196 KB
FileVersion : 4, 1, 389, 0
ProductVersion : 4, 1, 0, 0
Copyright : Copyright (c) 2003 ALWIL Software
CompanyName : ALWIL Software
FileDescription : avast! e-Mail Scanner Service
InternalName : AvMaiSrv
OriginalFilename : AvMaiSrv.exe
ProductName : avast! Antivirus
Created on : 19-05-2004 13:13:42
Last accessed : 18-05-2004 22:00:00
Last modified : 27-04-2004 06:24:18
#:15 [msmsgs.exe]
FilePath : C:\Programmer\Messenger\
ThreadCreationTime : 19-05-2004 18:24:55
BasePriority : Normal
FileSize : 1052 KB
FileVersion : 4.0.0155
ProductVersion : Version 4.0
Copyright : Copyright (c) Microsoft Corporation 1997-2001
CompanyName : Microsoft Corporation
FileDescription : Messenger Client
InternalName : msmsgs
OriginalFilename : msmsgs.exe
ProductName : Messenger
Created on : 28-09-2003 09:05:48
Last accessed : 18-05-2004 22:00:00
Last modified : 02-08-2001 05:14:34
#:16 [hpsplmwa.exe]
FilePath : C:\Programmer\Hewlett-Packard\HP OfficeJet R Series\ScanPicture\
ThreadCreationTime : 19-05-2004 18:24:58
BasePriority : Normal
FileSize : 43 KB
FileVersion : 1, 0, 0, 1
ProductVersion : 6.0.0.316
Copyright : Copyright (C) 1998
FileDescription : PullMan MFC Application
InternalName : PullMan
OriginalFilename : PullMan.EXE
ProductName : PullMan Application
Created on : 05-03-2003 11:41:09
Last accessed : 18-05-2004 22:00:00
Last modified : 02-06-1999 13:07:44
#:17 [overproof.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 19-05-2004 18:25:00
BasePriority : Normal
FileSize : 213 KB
Created on : 02-05-2004 13:18:11
Last accessed : 18-05-2004 22:00:00
Last modified : 02-05-2004 13:18:10
#:18 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 19-05-2004 18:25:00
BasePriority : Normal
FileSize : 12 KB
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
OriginalFilename : svchost.exe
ProductName : Microsoft
Created on : 09-10-2001 11:00:00
Last accessed : 18-05-2004 22:00:00
Last modified : 09-10-2001 11:00:00
#:19 [iexplore.exe]
FilePath : C:\Programmer\Internet Explorer\
ThreadCreationTime : 19-05-2004 18:25:53
BasePriority : Normal
FileSize : 89 KB
FileVersion : 6.00.2600.0000 (xpclient.010817-1148)
ProductVersion : 6.00.2600.0000
CompanyName : Microsoft Corporation
FileDescription : Internet Explorer
InternalName : iexplore
OriginalFilename : IEXPLORE.EXE
ProductName : Microsoft
Created on : 28-09-2003 09:07:58
Last accessed : 18-05-2004 22:00:00
Last modified : 09-10-2001 13:00:00
#:20 [winsys.exe]
FilePath : C:\WINDOWS\System32\
ThreadCreationTime : 19-05-2004 18:26:51
BasePriority : Normal
FileSize : 145 KB
Created on : 19-05-2004 17:04:33
Last accessed : 18-05-2004 22:00:00
Last modified : 19-05-2004 17:05:32
#:21 [iexplore.exe]
FilePath : C:\Programmer\Internet Explorer\
ThreadCreationTime : 19-05-2004 18:30:59
BasePriority : Normal
FileSize : 89 KB
FileVersion : 6.00.2600.0000 (xpclient.010817-1148)
ProductVersion : 6.00.2600.0000
CompanyName : Microsoft Corporation
FileDescription : Internet Explorer
InternalName : iexplore
OriginalFilename : IEXPLORE.EXE
ProductName : Microsoft
Created on : 28-09-2003 09:07:58
Last accessed : 18-05-2004 22:00:00
Last modified : 09-10-2001 13:00:00
#:22 [notepad.exe]
FilePath : C:\WINDOWS\system32\
ThreadCreationTime : 19-05-2004 18:49:27
BasePriority : Normal
FileSize : 65 KB
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
CompanyName : Microsoft Corporation
FileDescription : Notesblok
InternalName : Notepad
OriginalFilename : NOTEPAD.EXE
ProductName : Microsoft
Created on : 09-10-2001 11:00:00
Last accessed : 18-05-2004 22:00:00
Last modified : 09-10-2001 11:00:00
#:23 [ad-aware.exe]
FilePath : C:\PROGRA~1\LAVASOFT\AD-AWA~1\
ThreadCreationTime : 19-05-2004 18:50:06
BasePriority : Normal
FileSize : 668 KB
FileVersion : 6.0.1.181
ProductVersion : 6.0.0.0
Copyright : Copyright
CompanyName : Lavasoft Sweden
FileDescription : Ad-aware 6 core application
InternalName : Ad-aware.exe
OriginalFilename : Ad-aware.exe
ProductName : Lavasoft Ad-aware Plus
Created on : 19-05-2004 18:42:33
Last accessed : 18-05-2004 22:00:00
Last modified : 12-07-2003 19:00:20
Memory scan result :
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 0
Objects found so far: 0
Started registry scan
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Alexa Object recognized!
Type : RegKey
Data :
Rootkey : HKEY_LOCAL_MACHINE
Object : SOFTWARE\Microsoft\Internet Explorer\Extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a}
Registry scan result :
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 1
Objects found so far: 1
Started deep registry scan
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Deep registry scan result :
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 0
Objects found so far: 1
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Tracking Cookie Object recognized!
Type : File
Data : mor og far@doubleclick[1].txt
Object : C:\Documents and Settings\Mor og Far\Cookies\
Created on : 19-05-2004 09:38:43
Last accessed : 18-05-2004 22:00:00
Last modified : 19-05-2004 09:38:56
Tracking Cookie Object recognized!
Type : File
Data : mor og far@hitbox[1].txt
Object : C:\Documents and Settings\Mor og Far\Cookies\
Created on : 19-05-2004 09:41:03
Last accessed : 18-05-2004 22:00:00
Last modified : 19-05-2004 09:43:52
Tracking Cookie Object recognized!
Type : File
Data : mor og far@linksynergy[1].txt
Object : C:\Documents and Settings\Mor og Far\Cookies\
Created on : 19-05-2004 09:41:19
Last accessed : 18-05-2004 22:00:00
Last modified : 19-05-2004 09:41:20
Tracking Cookie Object recognized!
Type : File
Data : mor og far@mediaplex[1].txt
Object : C:\Documents and Settings\Mor og Far\Cookies\
Created on : 19-05-2004 12:47:36
Last accessed : 18-05-2004 22:00:00
Last modified : 19-05-2004 12:47:38
Tracking Cookie Object recognized!
Type : File
Data : mor og far@cgi-bin[1].txt
Object : C:\Documents and Settings\Mor og Far\Cookies\
Created on : 19-05-2004 12:51:26
Last accessed : 18-05-2004 22:00:00
Last modified : 19-05-2004 12:51:28
Tracking Cookie Object recognized!
Type : File
Data : mor og far@ehg-idg.hitbox[1].txt
Object : C:\Documents and Settings\Mor og Far\Cookies\
Created on : 19-05-2004 09:42:47
Last accessed : 18-05-2004 22:00:00
Last modified : 19-05-2004 09:43:52
Tracking Cookie Object recognized!
Type : File
Data : mor og far@adtech[2].txt
Object : C:\Documents and Settings\Mor og Far\Cookies\
Created on : 19-05-2004 12:51:18
Last accessed : 18-05-2004 22:00:00
Last modified : 19-05-2004 12:51:20
Tracking Cookie Object recognized!
Type : File
Data : anyuser@mediaplex[1].txt
Object : C:\Documents and Settings\Mor og Far\Cookies\
Created on : 19-05-2004 17:21:42
Last accessed : 18-05-2004 22:00:00
Last modified : 19-05-2004 17:21:44
Tracking Cookie Object recognized!
Type : File
Data : anyuser@adtech[2].txt
Object : C:\Documents and Settings\Mor og Far\Cookies\
Created on : 19-05-2004 17:21:41
Last accessed : 18-05-2004 22:00:00
Last modified : 19-05-2004 17:21:42
Tracking Cookie Object recognized!
Type : File
Data : anyuser@cgi-bin[1].txt
Object : C:\Documents and Settings\Mor og Far\Cookies\
Created on : 19-05-2004 17:21:54
Last accessed : 18-05-2004 22:00:00
Last modified : 19-05-2004 17:21:56
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Deep scanning and examining files (C:)
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Performing conditional scans..
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Conditional scan result:
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
New objects : 0
Objects found so far: 11
20:54:11 Scan complete
Summary of this scan
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Total scanning time :00:03:03:204
Objects scanned :40204
Objects identified :11
Objects ignored :0
New objects :11
Tak for hjælpen
MVH
JNE
