Hoppa till innehåll

Foto

seg dator


  • Vänligen logga in för att kunna svara
50 svar till detta ämne

#1 Martassen

Martassen

    Flitig

  • Medlemmar
  • PipPipPipPip
  • 1 290 inlägg
  • Ort:Göteborg

Postad 4 juli 2012 klockan 08:21

Min dator är väldigt seg. Se bifogade filer.

Bifogad fil(er)

  • Bifogad fil  Attach.txt   16,68K   5 Antal nerladdningar
  • Bifogad fil  DDS.txt   18,07K   6 Antal nerladdningar


#2 Cecilia

Cecilia

    Beroende

  • Huvudmoderator
  • 85 412 inlägg
  • Ort:Stockholm

Postad 4 juli 2012 klockan 09:45

Klistrar in DDS.txt för då blir det lättare att gå tillbaka samt att söka efter information.

DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 9.0.8112.16421
Run by Älsklingsparet at 9:11:42 on 2012-07-04
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.46.1053.18.2046.283 [GMT 2:00]
.
AV: Lavasoft Ad-Aware *Enabled/Updated* {445B48C3-0FA4-6B16-8F07-6506F305D800}
AV: Norton Internet Security *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Lavasoft Ad-Aware *Enabled/Updated* {FF3AA927-299E-6498-B5B7-5E74888292BD}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Lavasoft Ad-Watch Live! *Enabled/Updated* {61CDFD9D-3CAC-9270-C6FC-52325ACB795B}
SP: Norton Internet Security *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Internet Security *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
FW: Lavasoft Ad-Aware *Disabled* {7C60C9E6-45CB-6A4E-A458-CC330DD69F7B}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\Ati2evxx.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\hp\support\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Ad-Aware Antivirus\AdAwareService.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Common Files\Microsoft Shared\IME14\SHARED\IMEDICTUPDATE.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Norton Internet Security\Engine\19.7.1.5\ccSvcHst.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Secunia\PSI\PSIA.exe
C:\Program Files\Searchqu Toolbar\Datamngr\datamngrUI.exe
C:\Program Files\Norton Internet Security\Engine\19.7.1.5\ccSvcHst.exe
C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\PROGRA~1\AD-AWA~1\AdAware.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Web Assistant\ExtensionUpdaterService.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\DllHost.exe
C:\Windows\System32\mobsync.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Secunia\PSI\sua.exe
C:\Program Files\Ad-Aware Antivirus\SBAMSvc.exe
C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
C:\hp\kbd\kbd.exe
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\Windows Mail\WinMail.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\rundll32.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Microsoft Office\Office12\WINWORD.EXE
C:\Users\Älsklingsparet\Downloads\dds (1).com
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=SV_SE&c=71&bd=Pavilion&pf=desktop
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://g.msn.se/0SESVSE/SAOS01?FORM=TOOLBR
mSearchAssistant = hxxp://www.symantec.com
uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} -
uURLSearchHooks: H - No File
BHO: ContributeBHO Class: {074c1dc5-9320-4a9a-947d-c042949c6216} - c:\program files\adobe\adobe contribute cs5\plugins\ieplugin\contributeieplugin.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Web Assistant: {336d0c35-8a85-403a-b9d2-65c292c39087} - c:\program files\web assistant\Extension32.dll
BHO: Norton Identity Protection: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - c:\program files\norton internet security\engine\19.7.1.5\coIEPlg.dll
BHO: Norton Vulnerability Protection: {6d53ec84-6aae-4787-aeee-f4628f01010c} - c:\program files\norton internet security\engine\19.7.1.5\ips\IPSBHO.DLL
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\progra~1\micros~3\office14\GROOVEEX.DLL
BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Searchqu Toolbar: {99079a25-328f-4bd4-be04-00955acaa0a7} - c:\progra~1\search~1\datamngr\toolbar\searchqudtx.dll
BHO: DataMngr: {9d717f81-9148-4f12-8568-69135f087db0} - c:\progra~1\search~1\datamngr\BROWSE~1.DLL
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:\progra~1\micros~3\office14\URLREDIR.DLL
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - c:\program files\norton internet security\engine\19.7.1.5\coIEPlg.dll
TB: Contribute Toolbar: {517bdde4-e3a7-4570-b21e-2b52b6139fc7} - c:\program files\adobe\adobe contribute cs5\plugins\ieplugin\contributeieplugin.dll
TB: Searchqu Toolbar: {99079a25-328f-4bd4-be04-00955acaa0a7} - c:\progra~1\search~1\datamngr\toolbar\searchqudtx.dll
TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
TB: {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No File
TB: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
TB: {32099AAC-C132-4136-9E9A-4E364A424E17} - No File
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [ISUSPM Startup] c:\progra~1\common~1\instal~1\update~1\ISUSPM.exe -startup
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
uRun: [AdobeBridge]
uRun: [DAEMON Tools Lite] "c:\program files\daemon tools lite\DTLite.exe" -autorun
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
mRun: [hpsysdrv] c:\hp\support\hpsysdrv.exe
mRun: [OsdMaestro] "c:\program files\hewlett-packard\on-screen osd indicator\OSD.exe"
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [KBD] c:\hp\kbd\KbdStub.EXE
mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun
mRun: [AdobeAAMUpdater-1.0] "c:\program files\common files\adobe\oobe\pdapp\uwa\UpdaterStartupUtility.exe"
mRun: [SwitchBoard] c:\program files\common files\adobe\switchboard\SwitchBoard.exe
mRun: [AdobeCS5ServiceManager] "c:\program files\common files\adobe\cs5servicemanager\CS5ServiceManager.exe" -launchedbylogin
mRun: [IME14 CHT Setup] c:\progra~1\common~1\micros~1\ime14\shared\IMEKLMG.EXE /SetPreload /CHT /Log
mRun: [IME14 JPN Setup] c:\progra~1\common~1\micros~1\ime14\shared\IMEKLMG.EXE /SetPreload /JPN /Log
mRun: [IME14 KOR Setup] c:\progra~1\common~1\micros~1\ime14\shared\IMEKLMG.EXE /SetPreload /KOR /Log
mRun: [IME14 CHS Setup] c:\progra~1\common~1\micros~1\ime14\shared\IMEKLMG.EXE /SetPreload /CHS /Log
mRun: [BCSSync] "c:\program files\microsoft office\office14\BCSSync.exe" /DelayServices
mRun: [DATAMNGR] c:\progra~1\search~1\datamngr\DATAMN~1.EXE
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [Ad-Aware Antivirus] "c:\program files\ad-aware antivirus\AdAwareLauncher" --windows-run
mRun: [Ad-Aware Browsing Protection] "c:\programdata\ad-aware browsing protection\adawarebp.exe"
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Append Link Target to Existing PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office14\EXCEL.EXE/3000
IE: E&xportera till Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\micros~3\office14\ONBttnIE.dll/105
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 195.54.122.199 195.54.122.204
TCP: Interfaces\{06B68424-1266-4E45-8B9D-DD81771CDD78} : DhcpNameServer = 195.54.122.199 195.54.122.204
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
AppInit_DLLs: c:\progra~1\search~1\datamngr\datamngr.dll c:\progra~1\search~1\datamngr\IEBHO.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~1\micros~3\office14\GROOVEEX.DLL
.
============= SERVICES / DRIVERS ===============
.
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2012-7-2 64288]
R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\nis\1307010.005\symds.sys [2012-5-18 340088]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\nis\1307010.005\symefa.sys [2012-5-18 905336]
R1 BHDrvx86;BHDrvx86;c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_19.1.1.3\definitions\bashdefs\20120619.001\BHDrvx86.sys [2012-6-19 821920]
R1 ccSet_NIS;Norton Internet Security Settings Manager;c:\windows\system32\drivers\nis\1307010.005\ccsetx86.sys [2012-5-18 132744]
R1 IDSVix86;IDSVix86;c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_19.1.1.3\definitions\ipsdefs\20120702.001\IDSvix86.sys [2012-7-3 382624]
R1 SbFw;SbFw;c:\windows\system32\drivers\SbFw.sys [2012-7-2 223864]
R1 SBRE;SBRE;c:\windows\system32\drivers\SBREDrv.sys [2011-10-26 101112]
R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\nis\1307010.005\ironx86.sys [2012-5-18 149624]
R1 SYMTDIv;Symantec Vista Network Dispatch Driver;c:\windows\system32\drivers\nis\1307010.005\symtdiv.sys [2012-5-18 345208]
R2 Ad-Aware Service;Ad-Aware Service;c:\program files\ad-aware antivirus\AdAwareService.exe [2012-5-3 1226096]
R2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\common files\adobe\arm\1.0\armsvc.exe [2012-4-4 63928]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-7-30 21504]
R2 ImeDictUpdateService;Microsoft IME Dictionary Update;c:\program files\common files\microsoft shared\ime14\shared\IMEDICTUPDATE.EXE [2010-10-20 59760]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\AAWService.exe [2010-8-12 1355416]
R2 NIS;Norton Internet Security;c:\program files\norton internet security\engine\19.7.1.5\ccsvchst.exe [2012-5-18 138232]
R2 sbapifs;sbapifs;c:\windows\system32\drivers\sbapifs.sys [2011-11-29 77816]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2012-5-31 106656]
R3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files\lavasoft\ad-aware\kernexplorer.sys [2010-8-12 15008]
R3 Ph3xIB32;Philips 713x Inbox PCI TV Card;c:\windows\system32\drivers\Ph3xIB32.sys [2006-11-6 1119616]
R3 SBFWIMCLMP;GFI Software Firewall NDIS IM Filter Miniport;c:\windows\system32\drivers\SbFwIm.sys [2012-7-2 94584]
R3 sbhips;sbhips;c:\windows\system32\drivers\sbhips.sys [2012-7-2 93816]
R3 sbwtis;sbwtis;c:\windows\system32\drivers\sbwtis.sys [2011-12-19 72312]
S2 gupdate;Tjänsten Google Update (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-2-6 135664]
S3 3xHybrid;ASUSTek SAA713x PCI Card;c:\windows\system32\drivers\3xHybrid.sys [2007-2-13 2807936]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-5-28 250056]
S3 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr.sys [2012-7-2 39272]
S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2012-3-8 1492840]
S3 gupdatem;Tjänsten Google Update (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-2-6 135664]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2012-7-1 40776]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\microsoft office\office14\GROOVE.EXE [2011-6-12 31125880]
S3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2010-1-9 4640000]
S3 PSI;PSI;c:\windows\system32\drivers\psi_mf.sys [2010-9-1 15544]
S3 SBFWIMCL;GFI Software Firewall NDIS IM Filter Service;c:\windows\system32\drivers\SbFwIm.sys [2012-7-2 94584]
.
=============== Created Last 30 ================
.
2012-07-03 22:05:10 -------- d-----w- c:\program files\MSXML 4.0
2012-07-02 21:22:35 -------- d-----w- c:\windows\sv
2012-07-02 21:21:48 39272 ----a-w- c:\windows\system32\drivers\fssfltr.sys
2012-07-02 21:10:43 89944 ----a-w- c:\program files\common files\windows live\.cache\2438afe11cd589702\DSETUP.dll
2012-07-02 21:10:43 537432 ----a-w- c:\program files\common files\windows live\.cache\2438afe11cd589702\DXSETUP.exe
2012-07-02 21:10:43 1801048 ----a-w- c:\program files\common files\windows live\.cache\2438afe11cd589702\dsetup32.dll
2012-07-02 21:02:01 15880 ----a-w- c:\windows\system32\lsdelete.exe
2012-07-02 20:39:51 64288 ----a-w- c:\windows\system32\drivers\Lbd.sys
2012-07-02 20:38:19 -------- dc-h--w- c:\programdata\{ECC164E0-3133-4C70-A831-F08DB2940F70}
2012-07-02 20:32:24 93816 ----a-w- c:\windows\system32\drivers\sbhips.sys
2012-07-02 20:30:41 94584 ----a-w- c:\windows\system32\drivers\SbFwIm.sys
2012-07-02 20:30:40 223864 ----a-w- c:\windows\system32\drivers\SbFw.sys
2012-07-02 20:30:36 -------- d-----w- c:\windows\system32\drivers\VDD
2012-07-02 20:30:35 -------- d-----w- c:\program files\Ad-Aware Antivirus
2012-07-02 20:28:51 -------- d-----w- c:\users\älsklingsparet\appdata\roaming\Ad-Aware Antivirus
2012-07-01 21:17:56 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2012-06-24 10:13:58 2422272 ----a-w- c:\windows\system32\wucltux.dll
2012-06-24 10:13:31 88576 ----a-w- c:\windows\system32\wudriver.dll
2012-06-24 10:13:24 33792 ----a-w- c:\windows\system32\wuapp.exe
2012-06-24 10:13:24 171904 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-13 16:51:51 984064 ----a-w- c:\windows\system32\crypt32.dll
2012-06-13 16:51:51 98304 ----a-w- c:\windows\system32\cryptnet.dll
2012-06-13 16:51:51 133120 ----a-w- c:\windows\system32\cryptsvc.dll
2012-06-13 16:49:33 180736 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-06-13 16:46:18 2045440 ----a-w- c:\windows\system32\win32k.sys
.
==================== Find3M ====================
.
2012-06-25 07:54:26 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-06-25 07:54:26 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-05-29 06:52:51 472808 ----a-w- c:\windows\system32\deployJava1.dll
2012-05-17 22:45:37 1800192 ----a-w- c:\windows\system32\jscript9.dll
2012-05-17 22:35:47 1129472 ----a-w- c:\windows\system32\wininet.dll
2012-05-17 22:35:39 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2012-05-17 22:29:45 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2012-05-17 22:24:45 2382848 ----a-w- c:\windows\system32\mshtml.tlb
.
============= FINISH: 9:15:59,84 ===============

#3 Cecilia

Cecilia

    Beroende

  • Huvudmoderator
  • 85 412 inlägg
  • Ort:Stockholm

Postad 4 juli 2012 klockan 10:00

Avinstallera Searchqu Toolbar pga http://www.systemloo...OWSE_1_DLL.html
Starta om datorn och så ny DDS.txt så får vi se om allt försvann.

Har du kört Secunias program nyligen för att kontrollera att hur det är med programversioner?
Du ser ut att ha en gammal Java-version installerad.

Du ser ut att ha någon sorts blandning av Ad-Aware 9 och 10 samt Norton. Det är för mycket för datorn. Om du ska behålla Norton rekommenderar jag att du stannar på Ad-Aware 9 för Ad-Aware 10 är ett program med fullt realtidsskydd precis som Norton och två sådana program kan ge upphov till problem. Däremot har Ad-Aware 9 Free bara ett begränsat realtidsskydd.

#4 Martassen

Martassen

    Flitig

  • Medlemmar
  • PipPipPipPip
  • 1 290 inlägg
  • Ort:Göteborg

Postad 4 juli 2012 klockan 10:41

Angående addaware:
Ska jag avinstallera allt som har med addaware att göra och sedan installera 9:an eller hur ska jag göra?
Se bifogad bild.

Nope ej kört igenom med secunia. Göra det då.

Bifogad fil(er)

  • Bifogad fil  bilf.gif   40,91K   0 Antal nerladdningar


#5 Cecilia

Cecilia

    Beroende

  • Huvudmoderator
  • 85 412 inlägg
  • Ort:Stockholm

Postad 4 juli 2012 klockan 10:57

Börja med att avinstallera version 10, vilket är den som heter "Ad-Aware Antivirus", men först högerklicka på dess ikon vid klockan och välj Exit. Starta om datorn efter avinstallationen. Avinstallera sedan version 9 genom att följa How to uninstall Ad-Aware 9.x.

Kör DDS igen och klistra in DDS.txt så får vi se om det är något kvar av Ad-Aware 10. Först när det är säkert att allt som hör ihop med Ad-Aware 10 är borta är det lämpligt att installera Ad-Aware 9.6 igen.

#6 Martassen

Martassen

    Flitig

  • Medlemmar
  • PipPipPipPip
  • 1 290 inlägg
  • Ort:Göteborg

Postad 4 juli 2012 klockan 11:04

Går ej avinstallera adaware antivirus. kommer bara åt knapparna "Ändra" och "reparera" inne i kontrollpanelen.(program och funktioner).

#7 Cecilia

Cecilia

    Beroende

  • Huvudmoderator
  • 85 412 inlägg
  • Ort:Stockholm

Postad 4 juli 2012 klockan 11:12

Om du väljer Ändra först kanske det blir avinstallera sedan.

#8 Martassen

Martassen

    Flitig

  • Medlemmar
  • PipPipPipPip
  • 1 290 inlägg
  • Ort:Göteborg

Postad 4 juli 2012 klockan 12:09

Här är DDS.

Bifogad fil(er)

  • Bifogad fil  DDSny.txt   16,36K   2 Antal nerladdningar


#9 Cecilia

Cecilia

    Beroende

  • Huvudmoderator
  • 85 412 inlägg
  • Ort:Stockholm

Postad 4 juli 2012 klockan 13:42

.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 9.0.8112.16421
Run by Älsklingsparet at 12:58:27 on 2012-07-04
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.46.1053.18.2046.538 [GMT 2:00]
.
AV: Norton Internet Security *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Lavasoft Ad-Watch Live! *Enabled/Updated* {61CDFD9D-3CAC-9270-C6FC-52325ACB795B}
SP: Norton Internet Security *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Internet Security *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\Ati2evxx.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Common Files\Microsoft Shared\IME14\SHARED\IMEDICTUPDATE.EXE
c:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Norton Internet Security\Engine\19.7.1.5\ccSvcHst.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Secunia\PSI\PSIA.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Web Assistant\ExtensionUpdaterService.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe
C:\Program Files\Secunia\PSI\sua.exe
C:\Program Files\Norton Internet Security\Engine\19.7.1.5\ccSvcHst.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\hp\support\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\DAEMON Tools Lite\DTLite.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\rundll32.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\hp\kbd\kbd.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Älsklingsparet\Downloads\dds (3).com
C:\Windows\system32\conime.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=SV_SE&c=71&bd=Pavilion&pf=desktop
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://g.msn.se/0SESVSE/SAOS01?FORM=TOOLBR
mSearchAssistant = hxxp://www.symantec.com
uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} -
uURLSearchHooks: H - No File
BHO: ContributeBHO Class: {074c1dc5-9320-4a9a-947d-c042949c6216} - c:\program files\adobe\adobe contribute cs5\plugins\ieplugin\contributeieplugin.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Web Assistant: {336d0c35-8a85-403a-b9d2-65c292c39087} - c:\program files\web assistant\Extension32.dll
BHO: Norton Identity Protection: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - c:\program files\norton internet security\engine\19.7.1.5\coIEPlg.dll
BHO: Norton Vulnerability Protection: {6d53ec84-6aae-4787-aeee-f4628f01010c} - c:\program files\norton internet security\engine\19.7.1.5\ips\IPSBHO.DLL
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\progra~1\micros~3\office14\GROOVEEX.DLL
BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:\progra~1\micros~3\office14\URLREDIR.DLL
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - c:\program files\norton internet security\engine\19.7.1.5\coIEPlg.dll
TB: Contribute Toolbar: {517bdde4-e3a7-4570-b21e-2b52b6139fc7} - c:\program files\adobe\adobe contribute cs5\plugins\ieplugin\contributeieplugin.dll
TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
TB: {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - No File
TB: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
TB: {32099AAC-C132-4136-9E9A-4E364A424E17} - No File
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [ISUSPM Startup] c:\progra~1\common~1\instal~1\update~1\ISUSPM.exe -startup
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
uRun: [AdobeBridge]
uRun: [DAEMON Tools Lite] "c:\program files\daemon tools lite\DTLite.exe" -autorun
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
mRun: [hpsysdrv] c:\hp\support\hpsysdrv.exe
mRun: [OsdMaestro] "c:\program files\hewlett-packard\on-screen osd indicator\OSD.exe"
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [KBD] c:\hp\kbd\KbdStub.EXE
mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun
mRun: [AdobeAAMUpdater-1.0] "c:\program files\common files\adobe\oobe\pdapp\uwa\UpdaterStartupUtility.exe"
mRun: [SwitchBoard] c:\program files\common files\adobe\switchboard\SwitchBoard.exe
mRun: [AdobeCS5ServiceManager] "c:\program files\common files\adobe\cs5servicemanager\CS5ServiceManager.exe" -launchedbylogin
mRun: [IME14 CHT Setup] c:\progra~1\common~1\micros~1\ime14\shared\IMEKLMG.EXE /SetPreload /CHT /Log
mRun: [IME14 JPN Setup] c:\progra~1\common~1\micros~1\ime14\shared\IMEKLMG.EXE /SetPreload /JPN /Log
mRun: [IME14 KOR Setup] c:\progra~1\common~1\micros~1\ime14\shared\IMEKLMG.EXE /SetPreload /KOR /Log
mRun: [IME14 CHS Setup] c:\progra~1\common~1\micros~1\ime14\shared\IMEKLMG.EXE /SetPreload /CHS /Log
mRun: [BCSSync] "c:\program files\microsoft office\office14\BCSSync.exe" /DelayServices
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [Ad-Aware Browsing Protection] "c:\programdata\ad-aware browsing protection\adawarebp.exe"
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Append Link Target to Existing PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office14\EXCEL.EXE/3000
IE: E&xportera till Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\micros~3\office14\ONBttnIE.dll/105
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 195.54.122.199 195.54.122.204
TCP: Interfaces\{06B68424-1266-4E45-8B9D-DD81771CDD78} : DhcpNameServer = 195.54.122.199 195.54.122.204
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~1\micros~3\office14\GROOVEEX.DLL
.
============= SERVICES / DRIVERS ===============
.
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2012-7-2 64288]
R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\nis\1307010.005\symds.sys [2012-5-18 340088]
R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\nis\1307010.005\symefa.sys [2012-5-18 905336]
R1 BHDrvx86;BHDrvx86;c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_19.1.1.3\definitions\bashdefs\20120619.001\BHDrvx86.sys [2012-6-19 821920]
R1 ccSet_NIS;Norton Internet Security Settings Manager;c:\windows\system32\drivers\nis\1307010.005\ccsetx86.sys [2012-5-18 132744]
R1 IDSVix86;IDSVix86;c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_19.1.1.3\definitions\ipsdefs\20120703.002\IDSvix86.sys [2012-7-4 382624]
R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\nis\1307010.005\ironx86.sys [2012-5-18 149624]
R1 SYMTDIv;Symantec Vista Network Dispatch Driver;c:\windows\system32\drivers\nis\1307010.005\symtdiv.sys [2012-5-18 345208]
R2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\common files\adobe\arm\1.0\armsvc.exe [2012-4-4 63928]
R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-7-30 21504]
R2 ImeDictUpdateService;Microsoft IME Dictionary Update;c:\program files\common files\microsoft shared\ime14\shared\IMEDICTUPDATE.EXE [2010-10-20 59760]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\AAWService.exe [2010-8-12 1355416]
R2 NIS;Norton Internet Security;c:\program files\norton internet security\engine\19.7.1.5\ccsvchst.exe [2012-5-18 138232]
R2 Secunia PSI Agent;Secunia PSI Agent;c:\program files\secunia\psi\psia.exe [2011-10-14 994360]
R2 Secunia Update Agent;Secunia Update Agent;c:\program files\secunia\psi\sua.exe [2011-10-14 399416]
R2 Web Assistant Updater;Web Assistant Updater;c:\program files\web assistant\ExtensionUpdaterService.exe [2012-6-2 185856]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2012-5-31 106656]
R3 Ph3xIB32;Philips 713x Inbox PCI TV Card;c:\windows\system32\drivers\Ph3xIB32.sys [2006-11-6 1119616]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate;Tjänsten Google Update (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-2-6 135664]
S3 3xHybrid;ASUSTek SAA713x PCI Card;c:\windows\system32\drivers\3xHybrid.sys [2007-2-13 2807936]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-5-28 250056]
S3 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr.sys [2012-7-2 39272]
S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2012-3-8 1492840]
S3 gupdatem;Tjänsten Google Update (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-2-6 135664]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2012-7-1 40776]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\microsoft office\office14\GROOVE.EXE [2011-6-12 31125880]
S3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2010-1-9 4640000]
S3 PSI;PSI;c:\windows\system32\drivers\psi_mf.sys [2010-9-1 15544]
S3 SwitchBoard;SwitchBoard;c:\program files\common files\adobe\switchboard\SwitchBoard.exe [2009-12-15 515560]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
.
=============== Created Last 30 ================
.
2012-07-04 10:50:17 -------- d-----w- c:\programdata\GFI Software
2012-07-03 22:05:10 -------- d-----w- c:\program files\MSXML 4.0
2012-07-02 21:22:35 -------- d-----w- c:\windows\sv
2012-07-02 21:21:48 39272 ----a-w- c:\windows\system32\drivers\fssfltr.sys
2012-07-02 21:10:43 89944 ----a-w- c:\program files\common files\windows live\.cache\2438afe11cd589702\DSETUP.dll
2012-07-02 21:10:43 537432 ----a-w- c:\program files\common files\windows live\.cache\2438afe11cd589702\DXSETUP.exe
2012-07-02 21:10:43 1801048 ----a-w- c:\program files\common files\windows live\.cache\2438afe11cd589702\dsetup32.dll
2012-07-02 21:02:01 15880 ----a-w- c:\windows\system32\lsdelete.exe
2012-07-02 20:39:51 64288 ----a-w- c:\windows\system32\drivers\Lbd.sys
2012-07-02 20:38:19 -------- dc-h--w- c:\programdata\{ECC164E0-3133-4C70-A831-F08DB2940F70}
2012-07-02 20:30:35 -------- d-----w- c:\program files\Ad-Aware Antivirus
2012-07-02 20:28:51 -------- d-----w- c:\users\älsklingsparet\appdata\roaming\Ad-Aware Antivirus
2012-07-01 21:17:56 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2012-06-24 10:13:58 2422272 ----a-w- c:\windows\system32\wucltux.dll
2012-06-24 10:13:31 88576 ----a-w- c:\windows\system32\wudriver.dll
2012-06-24 10:13:24 33792 ----a-w- c:\windows\system32\wuapp.exe
2012-06-24 10:13:24 171904 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-13 16:51:51 984064 ----a-w- c:\windows\system32\crypt32.dll
2012-06-13 16:51:51 98304 ----a-w- c:\windows\system32\cryptnet.dll
2012-06-13 16:51:51 133120 ----a-w- c:\windows\system32\cryptsvc.dll
2012-06-13 16:49:33 180736 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-06-13 16:46:18 2045440 ----a-w- c:\windows\system32\win32k.sys
.
==================== Find3M ====================
.
2012-06-25 07:54:26 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-06-25 07:54:26 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-05-29 06:52:51 472808 ----a-w- c:\windows\system32\deployJava1.dll
2012-05-17 22:45:37 1800192 ----a-w- c:\windows\system32\jscript9.dll
2012-05-17 22:35:47 1129472 ----a-w- c:\windows\system32\wininet.dll
2012-05-17 22:35:39 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2012-05-17 22:29:45 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2012-05-17 22:24:45 2382848 ----a-w- c:\windows\system32\mshtml.tlb
.
============= FINISH: 13:02:32,87 ===============

#10 Cecilia

Cecilia

    Beroende

  • Huvudmoderator
  • 85 412 inlägg
  • Ort:Stockholm

Postad 4 juli 2012 klockan 13:48

Går det att avinstallera "Ad-Aware Browsing Protection"?

Du kan ta bort mapparna:
2012-07-02 20:30:35 -------- d-----w- c:\program files\Ad-Aware Antivirus
2012-07-02 20:28:51 -------- d-----w- c:\users\älsklingsparet\appdata\roaming\Ad-Aware Antivirus
2012-07-04 10:50:17 -------- d-----w- c:\programdata\GFI Software

Ta fram Kommandotolken på följande sätt:
Start-knappen - Alla program - Tillbehör
Högerklicka på Kommandotolken och välj Kör som administratör.
Skriv in kommandot:

sc stop Lbd

Under förutsättning att ovanstående kommando inte gav något felmeddelande ger du detta kommando:

sc delete Lbd

Starta om datorn och så en ny DDS.txt.

#11 Martassen

Martassen

    Flitig

  • Medlemmar
  • PipPipPipPip
  • 1 290 inlägg
  • Ort:Göteborg

Postad 5 juli 2012 klockan 08:24

Ska jag trycka Enter när jag skrivit i kommandotolken?

#12 Cecilia

Cecilia

    Beroende

  • Huvudmoderator
  • 85 412 inlägg
  • Ort:Stockholm

Postad 5 juli 2012 klockan 08:33

Förlåt, du trycker på Enter efter att du har skrivit in t ex: sc stop Lbd

#13 Martassen

Martassen

    Flitig

  • Medlemmar
  • PipPipPipPip
  • 1 290 inlägg
  • Ort:Göteborg

Postad 5 juli 2012 klockan 08:58

funkade första gången jag skrev och tryckte enter men sen va jag osäker om man ska trycka enter så jag lät det vara. Skrev in igen och nu säger den fölande. Se bifogad bild.

Jag hitta inte följande mapp:
2012-07-02 20:28:51 -------- d-----w- c:\users\älsklingsparet\appdata\roaming\Ad-Aware Antivirus

Bifogad fil(er)



#14 Cecilia

Cecilia

    Beroende

  • Huvudmoderator
  • 85 412 inlägg
  • Ort:Stockholm

Postad 5 juli 2012 klockan 09:08

Då tar vi till OTL. Spara OTL på Skrivbordet.
http://www.geekstogo...timers-list-it/
Stäng alla program.
Kör OTL.

Under Output högt upp så välj Minimal Output.
Bocka för LOP Check och Purity Check.
Tryck på Run Scan och låt programmet köra ostört.

När det är klart så skapas två loggfiler på Skrivbordet, OTL.txt och Extras.txt. I ditt svar klistrar du in loggen OTL.txt. För närvarande behövs inte Extras.txt.

#15 Martassen

Martassen

    Flitig

  • Medlemmar
  • PipPipPipPip
  • 1 290 inlägg
  • Ort:Göteborg

Postad 5 juli 2012 klockan 09:19

Då tar vi till OTL. Spara OTL på Skrivbordet.
http://www.geekstogo...timers-list-it/
Stäng alla program.
Kör OTL.

Under Output högt upp så välj Minimal Output.
Bocka för LOP Check och Purity Check.
Tryck på Run Scan och låt programmet köra ostört.

När det är klart så skapas två loggfiler på Skrivbordet, OTL.txt och Extras.txt. I ditt svar klistrar du in loggen OTL.txt. För närvarande behövs inte Extras.txt.


Länken för att kunna spara otl..jag hittar inte otl eller så är jag blind.
Klickade runt lite och hitta nog.

Redigerat av Martassen, 5 juli 2012 klockan 09:21.


#16 Martassen

Martassen

    Flitig

  • Medlemmar
  • PipPipPipPip
  • 1 290 inlägg
  • Ort:Göteborg

Postad 5 juli 2012 klockan 09:42

Har nu kört otl. Jag fick inte otl sparat på skrivbordet. Körde igång direkt.
Se bifogad fil.
Jag har fortfarande kvar addawareikonen nere vild klockan.

Bifogad fil(er)

  • Bifogad fil  OTL.Txt   110,13K   2 Antal nerladdningar

Redigerat av Martassen, 5 juli 2012 klockan 09:50.


#17 Cecilia

Cecilia

    Beroende

  • Huvudmoderator
  • 85 412 inlägg
  • Ort:Stockholm

Postad 5 juli 2012 klockan 09:52

Förlåt, de har visst flyttat på OTL-programmet.
http://oldtimer.geekstogo.com/OTL.exe

OTL logfile created on: 2012-07-05 10:26:16 - Run 1
OTL by OldTimer - Version 3.2.53.1 Folder = C:\Users\Älsklingsparet\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 0000041D | Country: Sverige | Language: SVE | Date Format: yyyy-MM-dd

2,00 Gb Total Physical Memory | 0,63 Gb Available Physical Memory | 31,38% Memory free
4,23 Gb Paging File | 2,78 Gb Available in Paging File | 65,69% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 292,78 Gb Total Space | 195,15 Gb Free Space | 66,65% Space Free | Partition Type: NTFS
Drive D: | 5,31 Gb Total Space | 1,08 Gb Free Space | 20,41% Space Free | Partition Type: NTFS
Drive E: | 298,09 Gb Total Space | 297,99 Gb Free Space | 99,97% Space Free | Partition Type: NTFS

Computer Name: ÄLSKLING | User Name: Älsklingsparet | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Älsklingsparet\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program\Web Assistant\ExtensionUpdaterService.exe ()
PRC - C:\Program\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program\Norton Internet Security\Engine\19.7.1.5\ccsvchst.exe (Symantec Corporation)
PRC - C:\Program\Secunia\PSI\psia.exe (Secunia)
PRC - C:\Program\Secunia\PSI\sua.exe (Secunia)
PRC - C:\Program\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Microsoft Corp.)
PRC - C:\Program\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
PRC - C:\Program\Common Files\microsoft shared\IME14\SHARED\IMEDICTUPDATE.EXE (Microsoft Corporation)
PRC - C:\Program\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft)
PRC - C:\Program\Lavasoft\Ad-Aware\AAWTray.exe (Lavasoft)
PRC - C:\Program\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe (Adobe Systems Incorporated)
PRC - C:\Program\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
PRC - C:\Program\Windows Sidebar\sidebar.exe (Microsoft Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\System32\conime.exe (Microsoft Corporation)
PRC - C:\Program\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Program\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
PRC - C:\Windows\System32\RacAgent.exe (Microsoft Corporation)
PRC - C:\Program\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe (OsdMaestro)
PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\hp\support\hpsysdrv.exe (Hewlett-Packard Company)


========== Modules (No Company Name) ==========

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\508b444db523c5cf20ff12c7f440837b\System.Web.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\f2691cfa7671cdc58179e56ba9227591\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\18f9789aa214c657113e676b3a9015aa\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\846b9cf2756fdd15f704c9bab9c70b6f\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\bd76aaaa03ddc15d1840207b5a480644\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\1b337cf9a031145849bc48c11b2cfe58\Accessibility.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d2630342a066a7cb9056d9eb6157687a\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\28d633338fc8d29f8af31935ef7d001b\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\af9c9e9d7e0523cd444f8b551baa9cbf\mscorlib.ni.dll ()
MOD - C:\Program\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF ()
MOD - C:\Program\Microsoft Office\Office14\1033\GrooveIntlResource.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.3489.18085__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3489.18067__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3489.18086__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3489.18080__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3489.18075__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.HydraVision.Runtime\2.0.3489.18174__90ba9c70f846762e\CLI.Caste.HydraVision.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.HydraVision.Shared\2.0.3489.18174__90ba9c70f846762e\CLI.Caste.HydraVision.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.HydraVision.Wizard\2.0.3489.18178__90ba9c70f846762e\CLI.Caste.HydraVision.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.HydraVision.Dashboard\2.0.3489.18174__90ba9c70f846762e\CLI.Caste.HydraVision.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Wizard\2.0.3489.18132__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3489.18159__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Wizard\2.0.3489.18145__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3489.18160__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3489.18140__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3489.18075__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3489.18122__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3489.18109__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.OverDrive3.Graphics.Dashboard\2.0.3489.18097__90ba9c70f846762e\CLI.Aspect.OverDrive3.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3489.18127__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3489.18127__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.OverDrive3.Graphics.Runtime\2.0.3489.18096__90ba9c70f846762e\CLI.Aspect.OverDrive3.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3489.18126__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime\2.0.3489.18158__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3489.18111__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.3489.18076__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3489.18087__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3489.18135__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3489.18086__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3489.18120__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3489.18111__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3489.18120__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Dashboard\2.0.3489.18141__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3489.18090__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3489.18121__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Dashboard\2.0.3489.18123__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.3489.18106__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3489.18110__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3489.18109__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3489.18110__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3309.28617__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3309.28608__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3309.28629__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.REG.Shared\2.0.3309.28645__90ba9c70f846762e\AEM.Plugin.REG.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3309.28647__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3309.28627__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.3309.28601__90ba9c70f846762e\LOG.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3309.28603__90ba9c70f846762e\NEWAEM.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.3309.28626__90ba9c70f846762e\MOM.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3309.28647__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.3309.28604__90ba9c70f846762e\CLI.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3309.28618__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3309.28636__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3309.28644__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3309.28669__90ba9c70f846762e\CLI.Foundation.XManifest.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.OS.I0602\2.0.3309.28630__90ba9c70f846762e\DEM.OS.I0602.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3309.28620__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3309.28617__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3309.28611__90ba9c70f846762e\CLI.Component.Client.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.OS\2.0.3309.28645__90ba9c70f846762e\DEM.OS.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.Graphics\2.0.3309.28630__90ba9c70f846762e\DEM.Graphics.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3309.28617__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3309.28631__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3309.28630__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3309.28636__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3309.28634__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3309.28634__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3309.28634__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3309.28636__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3309.28624__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Shared\2.0.3309.28644__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3309.28632__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3309.28630__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.OverDrive3.Graphics.Shared\2.0.3309.28633__90ba9c70f846762e\CLI.Aspect.OverDrive3.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3309.28635__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3309.28630__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\ResourceManagement.Foundation.Implementation\2.0.3489.18186__90ba9c70f846762e\ResourceManagement.Foundation.Implementation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2.0.3489.18154__90ba9c70f846762e\MOM.Implementation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3489.18167__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3309.28627__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\ResourceManagement.Foundation.Private\2.0.3309.28612__90ba9c70f846762e\ResourceManagement.Foundation.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\APM.Foundation\2.0.3309.28626__90ba9c70f846762e\APM.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3309.28617__90ba9c70f846762e\AEM.Server.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AxInterop.WBOCXLib\1.0.0.0__90ba9c70f846762e\AxInterop.WBOCXLib.dll ()
MOD - C:\Windows\assembly\GAC\Interop.WBOCXLib\1.0.0.0__90ba9c70f846762e\Interop.WBOCXLib.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3489.18063__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.3489.18148__90ba9c70f846762e\CLI.Component.Systemtray.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3489.18080__90ba9c70f846762e\CLI.Component.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3489.18065__90ba9c70f846762e\CLI.Component.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3489.18152__90ba9c70f846762e\LOG.Foundation.Implementation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3489.18066__90ba9c70f846762e\CLI.Component.SkinFactory.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3309.28628__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3309.28608__90ba9c70f846762e\CLI.Foundation.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3309.28614__90ba9c70f846762e\LOG.Foundation.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3309.28627__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3309.28626__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3309.28624__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3489.18071__90ba9c70f846762e\CLI.Component.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\ATIDEMOS\2.0.3489.18065__90ba9c70f846762e\ATIDEMOS.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\APM.Server\2.0.3489.18064__90ba9c70f846762e\APM.Server.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Server\2.0.3489.18063__90ba9c70f846762e\AEM.Server.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3309.28621__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2.0.3489.18153__90ba9c70f846762e\CCC.Implementation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3309.28637__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll ()
MOD - C:\Windows\System32\atitmmxx.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_sv_b77a5c561934e089\System.Windows.Forms.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_sv_b77a5c561934e089\mscorlib.resources.dll ()


========== Win32 Services (SafeList) ==========

SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (Web Assistant Updater) -- C:\Program\Web Assistant\ExtensionUpdaterService.exe ()
SRV - (AdobeARMservice) -- C:\Program\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (NIS) -- C:\Program Files\Norton Internet Security\Engine\19.7.1.5\ccSvcHst.exe (Symantec Corporation)
SRV - (fsssvc) -- C:\Program\Windows Live\Family Safety\fsssvc.exe (Microsoft Corporation)
SRV - (Secunia PSI Agent) -- C:\Program\Secunia\PSI\psia.exe (Secunia)
SRV - (Secunia Update Agent) -- C:\Program\Secunia\PSI\sua.exe (Secunia)
SRV - (odserv) -- C:\Program\Common Files\microsoft shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (Microsoft SharePoint Workspace Audit Service) -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE (Microsoft Corporation)
SRV - (wlidsvc) -- C:\Program\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
SRV - (ImeDictUpdateService) -- C:\Program\Common Files\microsoft shared\IME14\SHARED\IMEDICTUPDATE.EXE (Microsoft Corporation)
SRV - (Lavasoft Ad-Aware Service) -- C:\Program\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft)
SRV - (osppsvc) -- C:\Program\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation)
SRV - (SwitchBoard) -- C:\Program\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
SRV - (Symantec RemoteAssist) -- C:\Program\Common Files\Symantec Shared\Support Controls\ssrc.exe (Symantec, Inc.)
SRV - (WinDefend) -- C:\Program\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (WMPNetworkSvc) -- C:\Program\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
SRV - (ose) -- C:\Program\Common Files\microsoft shared\Source Engine\OSE.EXE (Microsoft Corporation)


========== Driver Services (SafeList) ==========

DRV - (SBRE) -- C:\Windows\system32\drivers\SBREdrv.sys File not found
DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found
DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found
DRV - (blbdrive) -- C:\Windows\system32\drivers\blbdrive.sys File not found
DRV - (adfs) -- File not found
DRV - (a0onpnhz) -- File not found
DRV - (MBAMSwissArmy) -- C:\Windows\System32\drivers\mbamswissarmy.sys (Malwarebytes Corporation)
DRV - (BHDrvx86) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\BASHDefs\20120619.001\BHDrvx86.sys (Symantec Corporation)
DRV - (IDSVix86) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\IPSDefs\20120704.001\IDSvix86.sys (Symantec Corporation)
DRV - (eeCtrl) -- C:\Program\Common Files\Symantec Shared\EENGINE\eeCtrl.sys (Symantec Corporation)
DRV - (EraserUtilRebootDrv) -- C:\Program\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation)
DRV - (NAVEX15) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\VirusDefs\20120704.017\NAVEX15.SYS (Symantec Corporation)
DRV - (NAVENG) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\VirusDefs\20120704.017\NAVENG.SYS (Symantec Corporation)
DRV - (SYMTDIv) -- C:\Windows\System32\drivers\NIS\1307010.005\symtdiv.sys (Symantec Corporation)
DRV - (SymEFA) -- C:\Windows\System32\drivers\NIS\1307010.005\symefa.sys (Symantec Corporation)
DRV - (SymIRON) -- C:\Windows\System32\drivers\NIS\1307010.005\ironx86.sys (Symantec Corporation)
DRV - (SRTSP) -- C:\Windows\System32\drivers\NIS\1307010.005\srtsp.sys (Symantec Corporation)
DRV - (SRTSPX) Symantec Real Time Storage Protection (PEL) -- C:\Windows\System32\drivers\NIS\1307010.005\srtspx.sys (Symantec Corporation)
DRV - (SymEvent) -- C:\Windows\System32\drivers\SYMEVENT.SYS (Symantec Corporation)
DRV - (ccSet_NIS) -- C:\Windows\System32\drivers\NIS\1307010.005\ccsetx86.sys (Symantec Corporation)
DRV - (SymDS) -- C:\Windows\System32\drivers\NIS\1307010.005\symds.sys (Symantec Corporation)
DRV - (sptd) -- C:\Windows\System32\drivers\sptd.sys ()
DRV - (PSI) -- C:\Windows\System32\drivers\psi_mf.sys (Secunia)
DRV - (Lbd) -- C:\Windows\System32\drivers\Lbd.sys (Lavasoft AB)
DRV - (Lavasoft Kernexplorer) -- C:\Program\Lavasoft\Ad-Aware\kernexplorer.sys ()
DRV - (R300) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.)
DRV - (nvstor32) -- C:\Windows\System32\drivers\nvstor32.sys (NVIDIA Corporation)
DRV - (NVENETFD) -- C:\Windows\System32\drivers\nvmfdx32.sys (NVIDIA Corporation)
DRV - (Ph3xIB32) -- C:\Windows\System32\drivers\Ph3xIB32.sys (Philips Semiconductors GmbH)
DRV - (3xHybrid) -- C:\Windows\System32\drivers\3xHybrid.sys (ASUSTek)
DRV - (Ps2) -- C:\Windows\System32\drivers\PS2.sys (Hewlett-Packard Company)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...lion&pf=desktop
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.symantec.com
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{494F526A-F409-4A7A-9129-17CC489137A4}: "URL" = http://se.search.yah...ing}&fr=cb-hp06
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-re...q={searchTerms}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = sv
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0E F9 67 DF 16 39 CA 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {687578b9-7132-4a7a-80e4-30ee31099e03} - No CLSID value found
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {CFF4DB9B-135F-47c0-9269-B4C6572FD61A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ferrer:source?}
IE - HKCU\..\SearchScopes\{3F79C64C-5F90-4BAD-9EDC-6A30BB00E4EC}: "URL" = http://websearch.ask...06-7533E98EF621
IE - HKCU\..\SearchScopes\{494F526A-F409-4A7A-9129-17CC489137A4}: "URL" = http://se.search.yah...ing}&fr=cb-hp06
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.se...&rlz=1I7GGLL_sv
IE - HKCU\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-re...q={searchTerms}
IE - HKCU\..\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}: "URL" = http://www.daemon-se...q={searchTerms}
IE - HKCU\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = http://mystart.incre...6R8uIQOw7X&i=26
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local


========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_262.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@se.nexus/Personal: C:\Program Files\Personal\bin\np_prsnl.dll (Technology Nexus AB)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1: C:\Program Files\Yahoo!\Common\npyaxmpb.dll (Yahoo! Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}: C:\Program Files\Adobe\Adobe Contribute CS5\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9} [2010-07-13 21:51:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\IPSFFPlgn\ [2012-05-25 01:42:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\coFFPlgn\ [2012-07-05 10:04:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\Program Files\Web Assistant\Firefox [2012-06-02 01:30:23 | 000,000,000 | ---D | M]

[2012-06-02 02:09:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Älsklingsparet\AppData\Roaming\mozilla\Firefox\extensions
[2012-06-02 02:09:26 | 000,000,000 | ---D | M] (uTorrentControl2 Community Toolbar) -- C:\Users\Älsklingsparet\AppData\Roaming\mozilla\Firefox\extensions\{687578b9-7132-4a7a-80e4-30ee31099e03}
[2012-06-02 01:30:34 | 000,000,000 | ---D | M] (No name found) -- C:\Program\Mozilla Firefox\extensions

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\20.0.1132.47\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\20.0.1132.47\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\20.0.1132.47\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\\u00C4lsklingsparet\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll
CHR - plugin: Injovo Extension Plugin (Enabled) = C:\Users\\u00C4lsklingsparet\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd\2.0.0.439_0\npbrowserext.dll
CHR - plugin: Norton Confidential (Enabled) = C:\Users\\u00C4lsklingsparet\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2012.5.4.6_0\npcoplgn.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files\Microsoft\Office Live\npOLW.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Java™ Platform SE 6 U31 (Enabled) = C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: Nexus Personal (Enabled) = C:\Program Files\Personal\bin\np_prsnl.dll
CHR - plugin: Veetle TV Player (Enabled) = C:\Program Files\Veetle\Player\npvlc.dll
CHR - plugin: Veetle TV Core (Enabled) = C:\Program Files\Veetle\plugins\npVeetle.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Yahoo! activeX Plug-in Bridge (Enabled) = C:\Program Files\Yahoo!\Common\npyaxmpb.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: ADDICT-THING = C:\Users\Älsklingsparet\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahokhbjgnldieobeclfpcgnadnkfbbia\1.0_0\
CHR - Extension: Web Assistant = C:\Users\Älsklingsparet\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd\2.0.0.439_0\
CHR - Extension: Norton Identity Protection = C:\Users\Älsklingsparet\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2012.5.4.6_0\
CHR - Extension: uTorrentControl2 = C:\Users\Älsklingsparet\AppData\Local\Google\Chrome\User Data\Default\Extensions\pacgpkgadgmibnhpdidcnfafllnmeomc\2.3.15.10_0\
CHR - Extension: ADDICT-THING = C:\Users\Älsklingsparet\AppData\Local\Google\Chrome\User Data\Default\Extensions\pancgebmjaamnjcocknlonnpkfemaeib\1.0_0\
CHR - Extension: Vid-Saver = C:\Users\Älsklingsparet\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgmfkblbflahhponhjmkcnpjinenhlnc\1.17.20_0\

O1 HOSTS File: ([2010-06-02 19:42:06 | 000,001,798 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 practivate.adobe.com
O1 - Hosts: 127.0.0.1 ereg.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com
O1 - Hosts: 127.0.0.1 wip3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com
O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com
O1 - Hosts: 127.0.0.1 activate-sea.adobe.com
O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com
O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com
O1 - Hosts: 127.0.0.1 adobe.activate.com
O1 - Hosts: 127.0.0.1 adobeereg.com
O1 - Hosts: 127.0.0.1 www.adobeereg.com
O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com
O1 - Hosts: 127.0.0.1 125.252.224.90
O1 - Hosts: 127.0.0.1 125.252.224.91
O1 - Hosts: 127.0.0.1 hl2rcv.adobe.com
O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems Incorporated.)
O2 - BHO: (Web Assistant) - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program\Web Assistant\Extension32.dll ()
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program\Norton Internet Security\Engine\19.7.1.5\coieplg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program\Norton Internet Security\Engine\19.7.1.5\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems Incorporated.)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program\Norton Internet Security\Engine\19.7.1.5\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program\Norton Internet Security\Engine\19.7.1.5\coieplg.dll (Symantec Corporation)
O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [IME14 CHS Setup] C:\Program\Common Files\microsoft shared\IME14\SHARED\IMEKLMG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [IME14 CHT Setup] C:\Program\Common Files\microsoft shared\IME14\SHARED\IMEKLMG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [IME14 JPN Setup] C:\Program\Common Files\microsoft shared\IME14\SHARED\IMEKLMG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [IME14 KOR Setup] C:\Program\Common Files\microsoft shared\IME14\SHARED\IMEKLMG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [KBD] C:\hp\KBD\KbdStub.exe ()
O4 - HKLM..\Run: [OsdMaestro] C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe (OsdMaestro)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKCU..\Run: [AdobeBridge] File not found
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [WMPNSCFG] C:\Program\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html File not found
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: E&xportera till Microsoft Excel - C:\Program\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 195.54.122.199 195.54.122.204
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{06B68424-1266-4E45-8B9D-DD81771CDD78}: DhcpNameServer = 195.54.122.199 195.54.122.204
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Public\Pictures\Sample Pictures\Cabo.JPG
O24 - Desktop BackupWallPaper: C:\Users\Public\Pictures\Sample Pictures\Cabo.JPG
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{a0704caa-af5b-11de-89f0-001a9225e63c}\Shell - "" = AutoRun
O33 - MountPoints2\{a0704caa-af5b-11de-89f0-001a9225e63c}\Shell\AutoRun\command - "" = L:\SETUP.EXE
O33 - MountPoints2\{a0704caa-af5b-11de-89f0-001a9225e63c}\Shell\configure\command - "" = L:\SETUP.EXE
O33 - MountPoints2\{a0704caa-af5b-11de-89f0-001a9225e63c}\Shell\install\command - "" = L:\SETUP.EXE
O33 - MountPoints2\{f71a6ba9-c67c-11df-8c93-001a9225e63c}\Shell\AutoRun\command - "" = L:\avira.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (lsdelete)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2012-07-04 00:05:10 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
[2012-07-02 23:22:35 | 000,000,000 | ---D | C] -- C:\Windows\sv
[2012-07-02 22:52:42 | 000,000,000 | ---D | C] -- C:\Users\Älsklingsparet\AppData\Local\{A839F181-FE27-41E9-84B0-5722CDDAAAE3}
[2012-07-02 22:52:19 | 000,000,000 | ---D | C] -- C:\Users\Älsklingsparet\AppData\Local\{3E51C1D3-3BB6-4427-87AA-33113AD8E7BE}
[2012-07-02 22:52:01 | 000,000,000 | ---D | C] -- C:\Users\Älsklingsparet\AppData\Local\{10C501AE-3CFE-49B5-9798-799D35F4485D}
[2012-07-02 22:51:07 | 000,000,000 | ---D | C] -- C:\Users\Älsklingsparet\AppData\Local\{C12C6B60-1F34-4280-AF4C-99B34FF0D98B}
[2012-07-02 22:39:51 | 000,064,288 | ---- | C] (Lavasoft AB) -- C:\Windows\System32\drivers\Lbd.sys
[2012-07-02 22:38:19 | 000,000,000 | -H-D | C] -- C:\ProgramData\{ECC164E0-3133-4C70-A831-F08DB2940F70}
[2012-07-02 22:37:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
[2012-07-02 22:28:51 | 000,000,000 | ---D | C] -- C:\Users\Älsklingsparet\AppData\Roaming\Ad-Aware Antivirus
[2012-07-02 22:24:00 | 000,000,000 | ---D | C] -- C:\Users\Älsklingsparet\AppData\Local\{50DFB370-9E4C-4C97-9143-F30F2F659D8E}
[2012-07-01 23:17:56 | 000,040,776 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2012-06-24 12:13:58 | 002,422,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll
[2012-06-24 12:13:58 | 000,045,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll
[2012-06-24 12:13:31 | 000,577,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll
[2012-06-24 12:13:31 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll
[2012-06-24 12:13:31 | 000,035,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups.dll
[2012-06-24 12:13:24 | 000,171,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll
[2012-06-24 12:13:24 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe
[2012-06-13 21:32:35 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012-06-13 21:32:34 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012-06-13 21:32:34 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2012-06-13 21:32:33 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012-06-13 21:32:32 | 001,800,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2012-06-13 21:32:32 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2012-06-13 21:32:32 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012-06-13 18:46:18 | 002,045,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys

========== Files - Modified Within 30 Days ==========

[2012-07-05 10:37:00 | 000,000,982 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012-07-05 10:06:36 | 000,000,978 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012-07-05 10:03:47 | 000,005,120 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012-07-05 10:03:47 | 000,005,120 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012-07-05 10:03:36 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012-07-05 10:03:27 | 2145,968,128 | -HS- | M] () -- C:\hiberfil.sys
[2012-07-05 09:54:25 | 000,000,868 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012-07-05 09:35:15 | 000,008,934 | ---- | M] () -- C:\Users\Älsklingsparet\Desktop\kommandotolk.gif
[2012-07-04 11:39:02 | 000,041,895 | ---- | M] () -- C:\Users\Älsklingsparet\Desktop\bilf.gif
[2012-07-04 09:09:44 | 000,000,065 | ---- | M] () -- C:\Windows\wininit.ini
[2012-07-03 23:28:01 | 003,940,144 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012-07-03 11:40:52 | 000,946,176 | ---- | M] () -- C:\Users\Älsklingsparet\Desktop\Genomgång2003.mdb
[2012-07-02 22:38:15 | 000,001,039 | ---- | M] () -- C:\Users\Älsklingsparet\Application Data\Microsoft\Internet Explorer\Quick Launch\Ad-Aware.lnk
[2012-07-02 22:35:42 | 000,608,958 | ---- | M] () -- C:\Windows\System32\perfh01D.dat
[2012-07-02 22:35:41 | 000,598,940 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012-07-02 22:35:41 | 000,121,660 | ---- | M] () -- C:\Windows\System32\perfc01D.dat
[2012-07-02 22:35:41 | 000,104,954 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012-07-02 21:52:50 | 001,277,141 | ---- | M] () -- C:\Users\Älsklingsparet\Desktop\Activex.zip
[2012-07-02 21:52:43 | 000,033,214 | ---- | M] () -- C:\Users\Älsklingsparet\Desktop\Programtillägg.zip
[2012-07-01 23:17:56 | 000,040,776 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2012-06-25 09:54:26 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012-06-25 09:54:26 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl

========== Files Created - No Company Name ==========

[2012-07-05 09:35:14 | 000,008,934 | ---- | C] () -- C:\Users\Älsklingsparet\Desktop\kommandotolk.gif
[2012-07-04 11:39:02 | 000,041,895 | ---- | C] () -- C:\Users\Älsklingsparet\Desktop\bilf.gif
[2012-07-04 09:09:44 | 000,000,065 | ---- | C] () -- C:\Windows\wininit.ini
[2012-07-02 23:02:01 | 000,015,880 | ---- | C] () -- C:\Windows\System32\lsdelete.exe
[2012-07-02 22:38:15 | 000,001,039 | ---- | C] () -- C:\Users\Älsklingsparet\Application Data\Microsoft\Internet Explorer\Quick Launch\Ad-Aware.lnk
[2012-07-02 21:52:49 | 001,277,141 | ---- | C] () -- C:\Users\Älsklingsparet\Desktop\Activex.zip
[2012-07-02 21:52:42 | 000,033,214 | ---- | C] () -- C:\Users\Älsklingsparet\Desktop\Programtillägg.zip
[2012-06-21 11:10:07 | 000,946,176 | ---- | C] () -- C:\Users\Älsklingsparet\Desktop\Genomgång2003.mdb
[2011-11-29 01:00:32 | 000,000,000 | ---- | C] () -- C:\Users\Älsklingsparet\AppData\Local\{3515D99F-006C-472A-AAFA-571A82E64DBD}
[2011-06-23 21:44:19 | 000,000,000 | ---- | C] () -- C:\Windows\Setup32.INI
[2011-06-18 01:37:26 | 000,008,192 | ---- | C] () -- C:\Users\Älsklingsparet\edb.chk
[2011-06-18 01:37:25 | 005,242,880 | ---- | C] () -- C:\Users\Älsklingsparet\edbres00002.jrs
[2011-06-18 01:37:24 | 005,242,880 | ---- | C] () -- C:\Users\Älsklingsparet\edbres00001.jrs
[2011-04-24 02:17:32 | 000,000,064 | ---- | C] () -- C:\Windows\System32\rp_stats.dat
[2011-04-24 02:17:32 | 000,000,044 | ---- | C] () -- C:\Windows\System32\rp_rules.dat
[2010-07-24 22:03:14 | 000,001,456 | ---- | C] () -- C:\Users\Älsklingsparet\AppData\Local\Adobe Save for Web 12.0 Prefs
[2010-07-15 23:40:34 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe
[2010-07-15 23:40:34 | 000,077,312 | ---- | C] () -- C:\Windows\MBR.exe
[2010-07-15 08:38:41 | 000,001,356 | ---- | C] () -- C:\Users\Älsklingsparet\AppData\Local\d3d9caps.dat
[2010-06-04 20:50:38 | 000,004,096 | -H-- | C] () -- C:\Users\Älsklingsparet\AppData\Local\keyfile3.drm
[2009-09-08 23:10:52 | 000,026,340 | ---- | C] () -- C:\Users\Älsklingsparet\AppData\Roaming\UserTile.png
[2007-08-02 12:32:53 | 000,000,254 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2007-06-03 22:05:37 | 000,026,488 | ---- | C] () -- C:\Users\Älsklingsparet\_C7CD2135A7B24EB580CEE88D6BDB4905
[2007-06-03 21:24:15 | 000,068,096 | ---- | C] () -- C:\Users\Älsklingsparet\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== LOP Check ==========

[2007-06-03 23:54:54 | 000,000,000 | ---D | M] -- C:\Users\Älsklingsparet\AppData\Roaming\.BitTornado
[2012-07-04 12:01:34 | 000,000,000 | ---D | M] -- C:\Users\Älsklingsparet\AppData\Roaming\Ad-Aware Antivirus
[2010-07-13 23:21:24 | 000,000,000 | ---D | M] -- C:\Users\Älsklingsparet\AppData\Roaming\com.adobe.bridge.PublishPanel
[2012-06-02 21:30:56 | 000,000,000 | ---D | M] -- C:\Users\Älsklingsparet\AppData\Roaming\DAEMON Tools Lite
[2010-07-14 09:25:44 | 000,000,000 | ---D | M] -- C:\Users\Älsklingsparet\AppData\Roaming\DDAC05A22130E0E659E1FD8363CC896B
[2009-09-08 23:10:50 | 000,000,000 | ---D | M] -- C:\Users\Älsklingsparet\AppData\Roaming\PeerNetworking
[2009-09-13 23:33:22 | 000,000,000 | ---D | M] -- C:\Users\Älsklingsparet\AppData\Roaming\Personal
[2010-07-13 21:03:34 | 000,000,000 | ---D | M] -- C:\Users\Älsklingsparet\AppData\Roaming\StageManager
[2010-08-15 22:23:42 | 000,000,000 | ---D | M] -- C:\Users\Älsklingsparet\AppData\Roaming\Tific
[2012-06-02 21:15:18 | 000,000,000 | ---D | M] -- C:\Users\Älsklingsparet\AppData\Roaming\uTorrent
[2008-08-06 16:34:23 | 000,000,000 | ---D | M] -- C:\Users\Älsklingsparet\AppData\Roaming\WinBatch
[2012-07-05 10:02:08 | 000,032,586 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



< End of report >

#18 Martassen

Martassen

    Flitig

  • Medlemmar
  • PipPipPipPip
  • 1 290 inlägg
  • Ort:Göteborg

Postad 5 juli 2012 klockan 09:58

E bara glad och tacksam du hjälper mig.

#19 Cecilia

Cecilia

    Beroende

  • Huvudmoderator
  • 85 412 inlägg
  • Ort:Stockholm

Postad 5 juli 2012 klockan 10:09

Stäng av alla program du ser, om möjligt inklusive antivirusprogram och antispionprogram, så att de inte krockar med OTL.
Hur? Se http://www.bleepingc...opic114351.html

Starta programmet OTL (i Vista/Windows7 högerklicka och välj Kör som administratör).
Kopiera alla raderna i rutan:
:OTL
SRV - (Lavasoft Ad-Aware Service) -- C:\Program\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft)
DRV - (SBRE) -- C:\Windows\system32\drivers\SBREdrv.sys File not found
DRV - (Lbd) -- C:\Windows\System32\drivers\Lbd.sys (Lavasoft AB)
DRV - (Lavasoft Kernexplorer) -- C:\Program\Lavasoft\Ad-Aware\kernexplorer.sys ()
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-re...q={searchTerms}
IE - HKCU\..\URLSearchHook: {687578b9-7132-4a7a-80e4-30ee31099e03} - No CLSID value found
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {CFF4DB9B-135F-47c0-9269-B4C6572FD61A}
IE - HKCU\..\SearchScopes\{3F79C64C-5F90-4BAD-9EDC-6A30BB00E4EC}: "URL" = http://websearch.ask...06-7533E98EF621
IE - HKCU\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = http://dts.search-re...q={searchTerms}
IE - HKCU\..\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}: "URL" = http://www.daemon-se...q={searchTerms}
IE - HKCU\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = http://mystart.incre...6R8uIQOw7X&i=26
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No CLSID value found.
[2012-07-02 22:37:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
[2012-07-02 22:28:51 | 000,000,000 | ---D | C] -- C:\Users\Älsklingsparet\AppData\Roaming\Ad-Aware Antivirus
:Commands
[CREATERESTOREPOINT]
[EMPTYTEMP]
[REBOOT]
Klistra in dem i rutan Custom Scans/Fixes. Kontrollera att det ser exakt likadant ut, t ex när det gäller radbrytningar.
Tryck på Run Fix.
Om du blir tillfrågad om att starta om datorn så gör det.
Det kommer upp en logg i Anteckningar. Kopiera den och klistra in i ditt svar.

Om den inte kommer automatiskt så hittar du den i mappen c:\_OTL\Moved Files med ett namn som innehåller dagens datum och klockslaget för körningen.

Se till att aktivera antivirusprogram mm innan du ansluter datorn till internet.

#20 Martassen

Martassen

    Flitig

  • Medlemmar
  • PipPipPipPip
  • 1 290 inlägg
  • Ort:Göteborg

Postad 5 juli 2012 klockan 10:23

Är osäker hur jag släcker ner norton och vilken det är jag ska välja under länken du skicka.
Ska jag även högerklicka på addaware ner vid klockan? E ju ganska mkt ikoner där nere.

Jag får inte otl sparat på skrivbordet. Den vill köras igång direkt och jag klickar tillåt och så öppnas otl.

Redigerat av Martassen, 5 juli 2012 klockan 10:27.





0 användare läser detta ämne

0 medlemmar, 0 gäster, 0 anonyma medlemmar

 

Senaste trådarna

pc för alla Senaste nytt


Prenumerera på nyheter

Missa inte PC för Allas
smarta nyhetsbrev
Läs mer om nyhetsbreven här!
  PFA Express
  Veckans surftips
  Extreme
PC för Alla-nätverket