Just nu i M3-nätverket
Gå till innehåll
Eforum är stängt för nya inlägg och svar sedan 20 juni 2022. Klicka för att läsa vad som hände och om alternativ.

Virus igen!?

Dag Erlandsson

Startad av Dag Erlandsson,
i Virus, skadliga program & botemedel

Rekommendera Poster

Dag Erlandsson

Dag Erlandsson

Postad
Postad

Då verkar det ha hänt igen på min laptop HP. Det som dyker upp är en stor ruta som "säger" Microsoft security essentials: registry hack, restore backup registry to avoid permanent system damage, Microsoft security essentials, restore backup. Grejen är att när jag trycker på restore backup, så står det, Drwtsn32.exe!? Är det säkert?? Den försvinner inte + att när jag trycker på den stängs datorn av? + Att jag inte ordentligt kommer ut på webben det låser sig att skriva. + FLV direct player lagts "till" på datorn!?Har omstartat i felsäkert läge och kört en Malaware runda. Skriver detta från min tel. Då jag inte kan skriva "inne" på eforum. Kan nån hjälpa mig? Tack på förhand via min telefon.../Nu kommit "in" och fixat AVG som scannar, Jag har tagit bort FLV direct player Drwtsn32.exe funkade tillslut och tog bort 3 Maleware... Men fortfarande är datorn inte på topp...

Här kommer en DDS log:

[log]

DDS (Ver_10-03-17.01) - NTFSx86

Run by XX at 23:31:11,86 on 2010-07-23

Internet Explorer: 8.0.6001.18928 BrowserJavaVersion: 1.6.0_20

Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.46.1053.18.3068.1583 [GMT 2:00]

 

SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

 

============== Running Processes ===============

 

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k rpcss

C:\Windows\System32\svchost.exe -k secsvcs

C:\Windows\system32\Ati2evxx.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_52c73ccb\STacSV.exe

C:\Windows\system32\svchost.exe -k GPSvcGroup

C:\Windows\system32\SLsvc.exe

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\Hpservice.exe

C:\Windows\system32\Ati2evxx.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\WLANExt.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_52c73ccb\aestsrv.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Windows\system32\svchost.exe -k hpdevmgmt

C:\Program Files\Common Files\LightScribe\LSSrvc.exe

C:\Windows\System32\svchost.exe -k HPZ12

C:\Program Files\Norton Internet Security\Engine\17.7.0.12\ccSvcHst.exe

C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe

C:\Windows\System32\svchost.exe -k HPZ12

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Program Files\SMINST\BLService.exe

C:\Program Files\CyberLink\Shared files\RichVideo.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe

C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe

C:\Windows\System32\svchost.exe -k WerSvcGroup

C:\Windows\system32\SearchIndexer.exe

C:\Windows\system32\WUDFHost.exe

C:\Windows\system32\DllHost.exe

C:\Program Files\Norton Internet Security\Engine\17.7.0.12\ccSvcHst.exe

C:\Windows\system32\Dwm.exe

C:\Windows\system32\taskeng.exe

C:\Windows\Explorer.EXE

C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe

C:\Program Files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe

C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe

C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe

C:\Program Files\Windows Defender\MSASCui.exe

C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe

C:\Program Files\HP\HP Software Update\hpwuSchd2.exe

C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe

C:\Program Files\IDT\WDM\sttray.exe

C:\Program Files\Hewlett-Packard\Media\TV\TVAgent.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe

C:\Program Files\Windows Live\Messenger\msnmsgr.exe

C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe

C:\Program Files\Skype\Phone\Skype.exe

C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

C:\Program Files\WinZip\WZQKPICK.EXE

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files\Secunia\PSI\psi.exe

C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe

C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

C:\Program Files\Hewlett-Packard\Shared\hpqToaster.exe

C:\Windows\system32\conime.exe

C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe

C:\Users\xx\Downloads\avg_iswt_stb_all_9_115_free.exe

C:\Users\xx\AppData\Local\Temp\7zS473C.tmp\stub.exe

c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe

C:\Windows\system32\rundll32.exe

C:\Windows\helppane.exe

C:\Users\xx\AppData\Local\Temp\AVGDownloadManager\packages\setup\setup.exe

C:\Windows\system32\msiexec.exe

C:\Windows\system32\vssvc.exe

C:\Windows\System32\svchost.exe -k swprv

C:\Windows\system32\SearchProtocolHost.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Mozilla Firefox\plugin-container.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Users\xx\Downloads\dds(3).scr

C:\Windows\system32\wbem\wmiprvse.exe

 

============== Pseudo HJT Report ===============

 

uDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=sv_se&c=91&bd=Pavilion&pf=cnnb

uStart Page = hxxp://flvdirect.iamwired.net/

uSearch Bar =

mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=sv_se&c=91&bd=Pavilion&pf=cnnb

mDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=sv_se&c=91&bd=Pavilion&pf=cnnb

uInternet Settings,ProxyOverride = <local>

uURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg9\toolbar\IEToolbar.dll

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg9\avgssie.dll

BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - c:\program files\norton internet security\engine\17.7.0.12\coIEPlg.dll

BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - c:\program files\norton internet security\engine\17.7.0.12\IPSBHO.DLL

BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll

BHO: AOL Toolbar BHO: {7c554162-8cb7-45a4-b8f4-8ea1c75885f9} - c:\program files\aol\aol toolbar 5.0\aoltb.dll

BHO: Windows Live inloggningshjälpen: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll

BHO: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg9\toolbar\IEToolbar.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

TB: AOL Toolbar: {de9c389f-3316-41a7-809b-aa305ed9d922} - c:\program files\aol\aol toolbar 5.0\aoltb.dll

TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - c:\program files\norton internet security\engine\17.7.0.12\coIEPlg.dll

TB: AVG Security Toolbar: {ccc7a320-b3ca-4199-b1a6-9f516dd69829} - c:\program files\avg\avg9\toolbar\IEToolbar.dll

uRun: [LightScribe Control Panel] c:\program files\common files\lightscribe\LightScribeControlPanel.exe -hidden

uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background

uRun: [sony Ericsson PC Companion] "c:\program files\sony ericsson\sony ericsson pc companion\PCCompanion.exe" /systray /nologon

uRun: [skype] "c:\program files\skype\phone\Skype.exe" /nosplash /minimized

uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe

mRun: [startCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun

mRun: [synTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe

mRun: [DVDAgent] "c:\program files\hewlett-packard\media\dvd\DVDAgent.exe"

mRun: [TSMAgent] "c:\program files\hewlett-packard\touchsmart\media\TSMAgent.exe"

mRun: [CLMLServer for HP TouchSmart] "c:\program files\hewlett-packard\touchsmart\media\kernel\clml\CLMLSvc.exe"

mRun: [uCam_Menu] "c:\program files\hewlett-packard\media\webcam\muitransfer\muistartmenu.exe" "c:\program files\hewlett-packard\media\webcam" update "software\hewlett-packard\media\Webcam"

mRun: [smartMenu] %ProgramFiles%\Hewlett-Packard\HP MediaSmart\SmartMenu.exe

mRun: [updateLBPShortCut] "c:\program files\cyberlink\labelprint\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\labelprint" updatewithcreateonce "software\cyberlink\labelprint\2.5"

mRun: [updatePSTShortCut] "c:\program files\cyberlink\dvd suite\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\dvd suite" updatewithcreateonce "software\cyberlink\PowerStarter"

mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

mRun: [QlbCtrl.exe] c:\program files\hewlett-packard\hp quick launch buttons\QlbCtrl.exe /Start

mRun: [updateP2GoShortCut] "c:\program files\cyberlink\power2go\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\power2go" updatewithcreateonce "software\cyberlink\power2go\6.0"

mRun: [updatePDIRShortCut] "c:\program files\cyberlink\powerdirector\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\powerdirector" updatewithcreateonce "software\cyberlink\powerdirector\7.0"

mRun: [HP Health Check Scheduler] c:\program files\hewlett-packard\hp health check\HPHC_Scheduler.exe

mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe

mRun: [WirelessAssistant] c:\program files\hewlett-packard\hp wireless assistant\HPWAMain.exe

mRun: [sysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exe

mRun: [TVAgent] "c:\program files\hewlett-packard\media\tv\TVAgent.exe"

mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"

mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"

mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime

mRun: [ATICustomerCare] "c:\program files\ati\aticustomercare\ATICustomerCare.exe"

mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe

mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"

mRun: [AVG9_TRAY] c:\progra~1\avg\avg9\avgtray.exe

StartupFolder: c:\users\xx\appdata\roaming\microsoft\windows\start menu\programs\startup\Dr Watson.exe

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\winzip~1.lnk - c:\program files\winzip\WZQKPICK.EXE

mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: &AOL Verktygsfalt Sök - c:\programdata\aol\ietoolbar\resources\sv-se\local\search.html

IE: E&xportera till Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL

Trusted Zone: qword.com

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab

DPF: {A27C56D2-3F58-4ABB-AA31-1168EDA6636F} - hxxp://utilities.pcpitstop.com/Nirvana/controls/pcmatic.cab

DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab

Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - c:\program files\avg\avg9\toolbar\IEToolbar.dll

Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg9\avgpp.dll

AppInit_DLLs: avgrsstx.dll

mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "c:\program files\common files\lightscribe\LSRunOnce.exe"

 

================= FIREFOX ===================

 

FF - ProfilePath - c:\users\xx\appdata\roaming\mozilla\firefox\profiles\d4iqibzp.default\

FF - prefs.js: browser.search.defaulturl - hxxp://flvdirect.iamwired.net/websearch.php?src=tops&search=

FF - prefs.js: browser.search.selectedEngine - Search

FF - prefs.js: browser.startup.homepage - hxxp://flvdirect.iamwired.net/

FF - prefs.js: keyword.URL - hxxp://flvdirect.iamwired.net/websearch.php?src=tops&search=

FF - component: c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_17.6.0.32\coffplgn\components\coFFPlgn.dll

FF - component: c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_17.6.0.32\ipsffplgn\components\IPSFFPl.dll

FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: c:\program files\sony\media go\npmediago.dll

FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\

FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}

 

---- FIREFOX POLICIES ----

c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_colors", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);

c:\program files\mozilla firefox\greprefs\all.js - pref("browser.visited_color", "#551A8B");

c:\program files\mozilla firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);

c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.proxy.type", 5);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.buffer.cache.count", 24);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.buffer.cache.size", 4096);

c:\program files\mozilla firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);

c:\program files\mozilla firefox\greprefs\all.js - pref("svg.smil.enabled", false);

c:\program files\mozilla firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);

c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.debug", false);

c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);

c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);

c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);

c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);

c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);

c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);

c:\program files\mozilla firefox\greprefs\all.js - pref("accelerometer.enabled", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("html5.enable", false);

c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);

c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");

c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);

c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);

c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);

c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);

c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");

c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");

c:\program files\mozilla firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".se");

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.videoFeeds.handler", "ask");

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);

 

============= SERVICES / DRIVERS ===============

 

R0 AVGIDSErHrvtx;AVG9IDSErHr;c:\windows\system32\drivers\AVGIDSvx.sys [2010-7-23 25168]

R0 AvgRkx86;avgrkx86.sys;c:\windows\system32\drivers\avgrkx86.sys [2010-7-23 52872]

R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\nis\1107000.00c\symds.sys [2010-5-25 328752]

R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\nis\1107000.00c\symefa.sys [2010-5-25 173104]

R1 Avgfwfd;AVG network filter service;c:\windows\system32\drivers\avgfwd6x.sys [2010-7-23 24856]

R1 AvgTdiX;AVG Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2010-7-23 243024]

R1 BHDrvx86;BHDrvx86;c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_17.6.0.32\definitions\bashdefs\20100709.001\BHDrvx86.sys [2010-7-13 691248]

R1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\nis\1107000.00c\cchpx86.sys [2010-5-25 501888]

R1 IDSVix86;IDSVix86;c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_17.6.0.32\definitions\ipsdefs\20100721.003\IDSvix86.sys [2010-7-23 344112]

R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\nis\1107000.00c\ironx86.sys [2010-5-25 116784]

R1 SYMTDIv;Symantec Vista Network Dispatch Driver;c:\windows\system32\drivers\nis\1107000.00c\symtdiv.sys [2010-5-25 339504]

R2 {55662437-DA8C-40c0-AADA-2C816A897A49};Power Control [2009/06/15 03:57:14];c:\program files\hewlett-packard\media\dvd\000.fcl [2008-11-29 87536]

R2 AESTFilters;Andrea ST Filters Service;c:\windows\system32\driverstore\filerepository\stwrt.inf_52c73ccb\AEstSrv.exe [2009-6-15 77824]

R2 ezSharedSvc;Easybits Shared Services for Windows;c:\windows\system32\svchost.exe -k netsvcs [2008-1-21 21504]

R2 hpsrv;HP Service;c:\windows\system32\hpservice.exe [2008-3-19 19456]

R2 NIS;Norton Internet Security;c:\program files\norton internet security\engine\17.7.0.12\ccsvchst.exe [2010-5-25 126392]

R2 OMSI download service;Sony Ericsson OMSI download service;c:\program files\sony ericsson\sony ericsson pc suite\SupServ.exe [2010-5-11 90112]

R2 Recovery Service for Windows;Recovery Service for Windows;c:\program files\sminst\BLService.exe [2009-2-8 365952]

R2 TVCapSvc;TV Background Capture Service (TVBCS);c:\program files\hewlett-packard\media\tv\kernel\tv\TVCapSvc.exe [2009-2-9 296320]

R2 TVSched;TV Task Scheduler (TVTS);c:\program files\hewlett-packard\media\tv\kernel\tv\TVSched.exe [2009-2-9 116096]

R3 Com4QLBEx;Com4QLBEx;c:\program files\hewlett-packard\hp quick launch buttons\Com4QLBEx.exe [2009-2-8 222512]

R3 enecir;ENE CIR Receiver;c:\windows\system32\drivers\enecir.sys [2008-9-4 54784]

R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2010-5-28 102448]

R3 JMCR;JMCR;c:\windows\system32\drivers\jmcr.sys [2008-10-23 107360]

R3 PSI;PSI;c:\windows\system32\drivers\psi_mf.sys [2010-5-28 14896]

S2 avg9wd;AVG WatchDog;c:\program files\avg\avg9\avgwdsvc.exe [2010-7-23 308136]

S2 avgfws9;AVG Firewall;c:\program files\avg\avg9\avgfws9.exe [2010-7-23 2331032]

S2 AVGIDSAgent;AVG9IDSAgent;c:\program files\avg\avg9\identity protection\agent\bin\AVGIDSAgent.exe [2010-7-23 5897808]

S3 AVGIDSDrivervtx;AVG9IDSDriver;c:\program files\avg\avg9\identity protection\agent\driver\platform_vista\AVGIDSDriver.sys [2010-7-23 122448]

S3 AVGIDSFiltervtx;AVG9IDSFilter;c:\program files\avg\avg9\identity protection\agent\driver\platform_vista\AVGIDSFilter.sys [2010-7-23 30288]

S3 AVGIDSShimvtx;AVG9IDSShim;c:\program files\avg\avg9\identity protection\agent\driver\platform_vista\AVGIDSShim.sys [2010-7-23 27216]

S3 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-21 21504]

S3 s0017bus;Sony Ericsson Device 0017 driver (WDM);c:\windows\system32\drivers\s0017bus.sys [2010-5-11 86824]

S3 s0017mdfl;Sony Ericsson Device 0017 USB WMC Modem Filter;c:\windows\system32\drivers\s0017mdfl.sys [2010-5-11 15016]

S3 s0017mdm;Sony Ericsson Device 0017 USB WMC Modem Driver;c:\windows\system32\drivers\s0017mdm.sys [2010-5-11 114600]

S3 s0017mgmt;Sony Ericsson Device 0017 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s0017mgmt.sys [2010-5-11 108328]

S3 s0017nd5;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (NDIS);c:\windows\system32\drivers\s0017nd5.sys [2010-5-11 26024]

S3 s0017obex;Sony Ericsson Device 0017 USB WMC OBEX Interface;c:\windows\system32\drivers\s0017obex.sys [2010-5-11 104616]

S3 s0017unic;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (WDM);c:\windows\system32\drivers\s0017unic.sys [2010-5-11 109736]

S3 s1029bus;Sony Ericsson Device 1029 driver (WDM);c:\windows\system32\drivers\s1029bus.sys [2010-5-11 90280]

S3 s1029mdfl;Sony Ericsson Device 1029 USB WMC Modem Filter;c:\windows\system32\drivers\s1029mdfl.sys [2010-5-11 15016]

S3 s1029mdm;Sony Ericsson Device 1029 USB WMC Modem Driver;c:\windows\system32\drivers\s1029mdm.sys [2010-5-11 122280]

S3 s1029mgmt;Sony Ericsson Device 1029 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s1029mgmt.sys [2010-5-11 115880]

S3 s1029nd5;Sony Ericsson Device 1029 USB Ethernet Emulation (NDIS);c:\windows\system32\drivers\s1029nd5.sys [2010-5-11 26024]

S3 s1029obex;Sony Ericsson Device 1029 USB WMC OBEX Interface;c:\windows\system32\drivers\s1029obex.sys [2010-5-11 111912]

S3 s1029unic;Sony Ericsson Device 1029 USB Ethernet Emulation (WDM);c:\windows\system32\drivers\s1029unic.sys [2010-5-11 116904]

 

=============== Created Last 30 ================

 

2010-07-23 21:30:16 25168 ----a-w- c:\windows\system32\drivers\AVGIDSvx.sys

2010-07-23 21:29:58 52872 ----a-w- c:\windows\system32\drivers\avgrkx86.sys

2010-07-23 21:29:54 243024 ----a-w- c:\windows\system32\drivers\avgtdix.sys

2010-07-23 21:28:08 24856 ----a-w- c:\windows\system32\drivers\avgfwd6x.sys

2010-07-23 21:26:48 0 d-----w- c:\program files\AVG

2010-07-23 21:26:21 0 d-----w- c:\programdata\avg9

2010-07-23 21:09:13 0 d-----w- c:\program files\FLV Direct Player

2010-07-23 17:22:49 0 d-----w- c:\programdata\WinZip

2010-07-23 10:59:07 0 d-----w- c:\program files\iPod

2010-07-23 10:59:00 0 d-----w- c:\program files\iTunes

2010-07-23 10:55:06 629 ----a-w- c:\windows\system32\mapisvc.inf

2010-07-22 15:08:10 0 d-----w- c:\programdata\PC Drivers HeadQuarters

2010-07-22 14:31:14 0 d-----w- c:\programdata\PCPitstop

2010-07-22 14:31:10 0 d-----w- c:\program files\PCPitstop

2010-07-22 08:34:10 0 d-----w- c:\windows\system32\drivers\NSS

2010-07-22 08:34:10 0 d-----w- c:\program files\Norton Security Scan

2010-07-22 08:25:04 0 d-----w- C:\ATI

2010-07-06 22:28:59 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll

2010-07-06 22:28:59 49472 ----a-w- c:\windows\system32\netfxperf.dll

2010-07-06 22:28:59 297808 ----a-w- c:\windows\system32\mscoree.dll

2010-07-06 22:28:59 295264 ----a-w- c:\windows\system32\PresentationHost.exe

2010-07-06 22:28:59 1130824 ----a-w- c:\windows\system32\dfshim.dll

2010-07-06 22:27:39 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll

2010-07-06 22:27:39 28672 ----a-w- c:\windows\system32\Apphlpdm.dll

 

==================== Find3M ====================

 

2010-07-23 21:28:28 51200 ----a-w- c:\windows\inf\infpub.dat

2010-07-23 21:28:27 143360 ----a-w- c:\windows\inf\infstrng.dat

2010-07-23 21:28:26 143360 ----a-w- c:\windows\inf\infstor.dat

2010-07-18 21:40:08 80612 ----a-w- c:\windows\system32\perfc00B.dat

2010-07-18 21:40:08 76390 ----a-w- c:\windows\system32\perfc014.dat

2010-07-18 21:40:08 597836 ----a-w- c:\windows\system32\perfh01D.dat

2010-07-18 21:40:08 454842 ----a-w- c:\windows\system32\perfh006.dat

2010-07-18 21:40:08 443832 ----a-w- c:\windows\system32\perfh014.dat

2010-07-18 21:40:08 427118 ----a-w- c:\windows\system32\perfh00B.dat

2010-07-18 21:40:08 117416 ----a-w- c:\windows\system32\perfc01D.dat

2010-07-18 21:40:07 77100 ----a-w- c:\windows\system32\perfc006.dat

2010-06-20 17:06:48 11264 ----a-w- c:\windows\DCEBoot.exe

2010-05-28 11:04:52 14896 ----a-w- c:\windows\system32\drivers\psi_mf.sys

2010-05-26 17:06:41 34304 ----a-w- c:\windows\system32\atmlib.dll

2010-05-26 14:47:41 289792 ----a-w- c:\windows\system32\atmfd.dll

2010-05-21 12:14:28 221568 ------w- c:\windows\system32\MpSigStub.exe

2010-05-18 14:35:16 91424 ----a-w- c:\windows\system32\dnssd.dll

2010-05-18 14:35:16 107808 ----a-w- c:\windows\system32\dns-sd.exe

2010-05-11 17:24:12 148736 ----a-w- c:\programdata\hpe576D.dll

2010-05-11 07:34:37 139414 ----a-w- c:\windows\hpoins18.dat

2010-05-09 09:27:40 411368 ----a-w- c:\windows\system32\deployJava1.dll

2010-05-04 19:25:45 665600 ----a-w- c:\windows\inf\drvindex.dat

2010-05-04 17:54:07 588472 ----a-w- c:\windows\system32\ezsvc7x.dll

2010-05-04 17:36:26 37665 ----a-w- c:\windows\fonts\GlobalUserInterface.CompositeFont

2010-05-04 05:59:21 916480 ----a-w- c:\windows\system32\wininet.dll

2010-05-04 05:55:42 71680 ----a-w- c:\windows\system32\iesetup.dll

2010-05-04 05:55:42 109056 ----a-w- c:\windows\system32\iesysprep.dll

2010-05-04 04:31:05 133632 ----a-w- c:\windows\system32\ieUnatt.exe

2010-05-01 14:13:48 2037248 ----a-w- c:\windows\system32\win32k.sys

2009-02-08 16:27:26 35978 ----a-w- c:\windows\inf\perflib\041d\perfd.dat

2009-02-08 16:27:26 35978 ----a-w- c:\windows\inf\perflib\041d\perfc.dat

2009-02-08 16:27:26 290490 ----a-w- c:\windows\inf\perflib\041d\perfi.dat

2009-02-08 16:27:26 290490 ----a-w- c:\windows\inf\perflib\041d\perfh.dat

2009-02-08 16:22:25 35166 ----a-w- c:\windows\inf\perflib\0414\perfd.dat

2009-02-08 16:22:25 35166 ----a-w- c:\windows\inf\perflib\0414\perfc.dat

2009-02-08 16:22:25 294254 ----a-w- c:\windows\inf\perflib\0414\perfi.dat

2009-02-08 16:22:25 294254 ----a-w- c:\windows\inf\perflib\0414\perfh.dat

2009-02-08 16:17:38 36790 ----a-w- c:\windows\inf\perflib\040b\perfd.dat

2009-02-08 16:17:38 36790 ----a-w- c:\windows\inf\perflib\040b\perfc.dat

2009-02-08 16:17:38 274158 ----a-w- c:\windows\inf\perflib\040b\perfi.dat

2009-02-08 16:17:38 274158 ----a-w- c:\windows\inf\perflib\040b\perfh.dat

2009-02-08 16:12:59 36364 ----a-w- c:\windows\inf\perflib\0406\perfd.dat

2009-02-08 16:12:59 36364 ----a-w- c:\windows\inf\perflib\0406\perfc.dat

2009-02-08 16:12:59 300302 ----a-w- c:\windows\inf\perflib\0406\perfi.dat

2009-02-08 16:12:59 300302 ----a-w- c:\windows\inf\perflib\0406\perfh.dat

2008-01-21 02:43:21 174 --sha-w- c:\program files\desktop.ini

2006-11-02 09:20:21 287440 ----a-w- c:\windows\inf\perflib\0000\perfi.dat

2006-11-02 09:20:21 287440 ----a-w- c:\windows\inf\perflib\0000\perfh.dat

2006-11-02 09:20:19 30674 ----a-w- c:\windows\inf\perflib\0000\perfd.dat

2006-11-02 09:20:19 30674 ----a-w- c:\windows\inf\perflib\0000\perfc.dat

2009-02-08 16:55:45 8192 --sha-w- c:\windows\users\default\NTUSER.DAT

 

============= FINISH: 23:35:02,67 ===============

[/log]

Länk till kommentar
Dela på andra webbplatser
Brynäsarn

Brynäsarn

Postad
Postad

Skicka ny DDS-logg,klistra bara in den (inget annat)använd inte logg-knappen.Loggen

blir svårläst annars.

Länk till kommentar
Dela på andra webbplatser
Dag Erlandsson

Dag Erlandsson

Postad
  • Trådskapare
Postad

Skicka ny DDS-logg,klistra bara in den (inget annat)använd inte logg-knappen.Loggen

blir svårläst annars.

 

DDS (Ver_10-03-17.01) - NTFSx86

Run by XX at 23:31:11,86 on 2010-07-23

Internet Explorer: 8.0.6001.18928 BrowserJavaVersion: 1.6.0_20

Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.46.1053.18.3068.1583 [GMT 2:00]

 

SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

 

============== Running Processes ===============

 

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k rpcss

C:\Windows\System32\svchost.exe -k secsvcs

C:\Windows\system32\Ati2evxx.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_52c73ccb\STacSV.exe

C:\Windows\system32\svchost.exe -k GPSvcGroup

C:\Windows\system32\SLsvc.exe

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\Hpservice.exe

C:\Windows\system32\Ati2evxx.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\WLANExt.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_52c73ccb\aestsrv.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Windows\system32\svchost.exe -k hpdevmgmt

C:\Program Files\Common Files\LightScribe\LSSrvc.exe

C:\Windows\System32\svchost.exe -k HPZ12

C:\Program Files\Norton Internet Security\Engine\17.7.0.12\ccSvcHst.exe

C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe

C:\Windows\System32\svchost.exe -k HPZ12

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Program Files\SMINST\BLService.exe

C:\Program Files\CyberLink\Shared files\RichVideo.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe

C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe

C:\Windows\System32\svchost.exe -k WerSvcGroup

C:\Windows\system32\SearchIndexer.exe

C:\Windows\system32\WUDFHost.exe

C:\Windows\system32\DllHost.exe

C:\Program Files\Norton Internet Security\Engine\17.7.0.12\ccSvcHst.exe

C:\Windows\system32\Dwm.exe

C:\Windows\system32\taskeng.exe

C:\Windows\Explorer.EXE

C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe

C:\Program Files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe

C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe

C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe

C:\Program Files\Windows Defender\MSASCui.exe

C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe

C:\Program Files\HP\HP Software Update\hpwuSchd2.exe

C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe

C:\Program Files\IDT\WDM\sttray.exe

C:\Program Files\Hewlett-Packard\Media\TV\TVAgent.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe

C:\Program Files\Windows Live\Messenger\msnmsgr.exe

C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe

C:\Program Files\Skype\Phone\Skype.exe

C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

C:\Program Files\WinZip\WZQKPICK.EXE

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files\Secunia\PSI\psi.exe

C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe

C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

C:\Program Files\Hewlett-Packard\Shared\hpqToaster.exe

C:\Windows\system32\conime.exe

C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe

C:\Users\xx\Downloads\avg_iswt_stb_all_9_115_free.exe

C:\Users\xx\AppData\Local\Temp\7zS473C.tmp\stub.exe

c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe

C:\Windows\system32\rundll32.exe

C:\Windows\helppane.exe

C:\Users\xx\AppData\Local\Temp\AVGDownloadManager\packages\setup\setup.exe

C:\Windows\system32\msiexec.exe

C:\Windows\system32\vssvc.exe

C:\Windows\System32\svchost.exe -k swprv

C:\Windows\system32\SearchProtocolHost.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Mozilla Firefox\plugin-container.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Users\xx\Downloads\dds(3).scr

C:\Windows\system32\wbem\wmiprvse.exe

 

============== Pseudo HJT Report ===============

 

uDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=sv_se&c=91&bd=Pavilion&pf=cnnb

uStart Page = hxxp://flvdirect.iamwired.net/

uSearch Bar =

mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=sv_se&c=91&bd=Pavilion&pf=cnnb

mDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=sv_se&c=91&bd=Pavilion&pf=cnnb

uInternet Settings,ProxyOverride = <local>

uURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg9\toolbar\IEToolbar.dll

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg9\avgssie.dll

BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - c:\program files\norton internet security\engine\17.7.0.12\coIEPlg.dll

BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - c:\program files\norton internet security\engine\17.7.0.12\IPSBHO.DLL

BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll

BHO: AOL Toolbar BHO: {7c554162-8cb7-45a4-b8f4-8ea1c75885f9} - c:\program files\aol\aol toolbar 5.0\aoltb.dll

BHO: Windows Live inloggningshjälpen: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll

BHO: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg9\toolbar\IEToolbar.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

TB: AOL Toolbar: {de9c389f-3316-41a7-809b-aa305ed9d922} - c:\program files\aol\aol toolbar 5.0\aoltb.dll

TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - c:\program files\norton internet security\engine\17.7.0.12\coIEPlg.dll

TB: AVG Security Toolbar: {ccc7a320-b3ca-4199-b1a6-9f516dd69829} - c:\program files\avg\avg9\toolbar\IEToolbar.dll

uRun: [LightScribe Control Panel] c:\program files\common files\lightscribe\LightScribeControlPanel.exe -hidden

uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background

uRun: [sony Ericsson PC Companion] "c:\program files\sony ericsson\sony ericsson pc companion\PCCompanion.exe" /systray /nologon

uRun: [skype] "c:\program files\skype\phone\Skype.exe" /nosplash /minimized

uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe

mRun: [startCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun

mRun: [synTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe

mRun: [DVDAgent] "c:\program files\hewlett-packard\media\dvd\DVDAgent.exe"

mRun: [TSMAgent] "c:\program files\hewlett-packard\touchsmart\media\TSMAgent.exe"

mRun: [CLMLServer for HP TouchSmart] "c:\program files\hewlett-packard\touchsmart\media\kernel\clml\CLMLSvc.exe"

mRun: [uCam_Menu] "c:\program files\hewlett-packard\media\webcam\muitransfer\muistartmenu.exe" "c:\program files\hewlett-packard\media\webcam" update "software\hewlett-packard\media\Webcam"

mRun: [smartMenu] %ProgramFiles%\Hewlett-Packard\HP MediaSmart\SmartMenu.exe

mRun: [updateLBPShortCut] "c:\program files\cyberlink\labelprint\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\labelprint" updatewithcreateonce "software\cyberlink\labelprint\2.5"

mRun: [updatePSTShortCut] "c:\program files\cyberlink\dvd suite\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\dvd suite" updatewithcreateonce "software\cyberlink\PowerStarter"

mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

mRun: [QlbCtrl.exe] c:\program files\hewlett-packard\hp quick launch buttons\QlbCtrl.exe /Start

mRun: [updateP2GoShortCut] "c:\program files\cyberlink\power2go\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\power2go" updatewithcreateonce "software\cyberlink\power2go\6.0"

mRun: [updatePDIRShortCut] "c:\program files\cyberlink\powerdirector\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\powerdirector" updatewithcreateonce "software\cyberlink\powerdirector\7.0"

mRun: [HP Health Check Scheduler] c:\program files\hewlett-packard\hp health check\HPHC_Scheduler.exe

mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe

mRun: [WirelessAssistant] c:\program files\hewlett-packard\hp wireless assistant\HPWAMain.exe

mRun: [sysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exe

mRun: [TVAgent] "c:\program files\hewlett-packard\media\tv\TVAgent.exe"

mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"

mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"

mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime

mRun: [ATICustomerCare] "c:\program files\ati\aticustomercare\ATICustomerCare.exe"

mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe

mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"

mRun: [AVG9_TRAY] c:\progra~1\avg\avg9\avgtray.exe

StartupFolder: c:\users\xx\appdata\roaming\microsoft\windows\start menu\programs\startup\Dr Watson.exe

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\winzip~1.lnk - c:\program files\winzip\WZQKPICK.EXE

mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: &AOL Verktygsfalt Sök - c:\programdata\aol\ietoolbar\resources\sv-se\local\search.html

IE: E&xportera till Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL

Trusted Zone: qword.com

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab

DPF: {A27C56D2-3F58-4ABB-AA31-1168EDA6636F} - hxxp://utilities.pcpitstop.com/Nirvana/controls/pcmatic.cab

DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab

Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - c:\program files\avg\avg9\toolbar\IEToolbar.dll

Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg9\avgpp.dll

AppInit_DLLs: avgrsstx.dll

mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "c:\program files\common files\lightscribe\LSRunOnce.exe"

 

================= FIREFOX ===================

 

FF - ProfilePath - c:\users\xx\appdata\roaming\mozilla\firefox\profiles\d4iqibzp.default\

FF - prefs.js: browser.search.defaulturl - hxxp://flvdirect.iamwired.net/websearch.php?src=tops&search=

FF - prefs.js: browser.search.selectedEngine - Search

FF - prefs.js: browser.startup.homepage - hxxp://flvdirect.iamwired.net/

FF - prefs.js: keyword.URL - hxxp://flvdirect.iamwired.net/websearch.php?src=tops&search=

FF - component: c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_17.6.0.32\coffplgn\components\coFFPlgn.dll

FF - component: c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_17.6.0.32\ipsffplgn\components\IPSFFPl.dll

FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: c:\program files\sony\media go\npmediago.dll

FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\

FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}

 

---- FIREFOX POLICIES ----

c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_colors", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);

c:\program files\mozilla firefox\greprefs\all.js - pref("browser.visited_color", "#551A8B");

c:\program files\mozilla firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);

c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.proxy.type", 5);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.buffer.cache.count", 24);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.buffer.cache.size", 4096);

c:\program files\mozilla firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);

c:\program files\mozilla firefox\greprefs\all.js - pref("svg.smil.enabled", false);

c:\program files\mozilla firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);

c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.debug", false);

c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);

c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);

c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);

c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);

c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);

c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);

c:\program files\mozilla firefox\greprefs\all.js - pref("accelerometer.enabled", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("html5.enable", false);

c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);

c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");

c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);

c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);

c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);

c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);

c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");

c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");

c:\program files\mozilla firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".se");

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.videoFeeds.handler", "ask");

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);

 

============= SERVICES / DRIVERS ===============

 

R0 AVGIDSErHrvtx;AVG9IDSErHr;c:\windows\system32\drivers\AVGIDSvx.sys [2010-7-23 25168]

R0 AvgRkx86;avgrkx86.sys;c:\windows\system32\drivers\avgrkx86.sys [2010-7-23 52872]

R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\nis\1107000.00c\symds.sys [2010-5-25 328752]

R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\nis\1107000.00c\symefa.sys [2010-5-25 173104]

R1 Avgfwfd;AVG network filter service;c:\windows\system32\drivers\avgfwd6x.sys [2010-7-23 24856]

R1 AvgTdiX;AVG Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2010-7-23 243024]

R1 BHDrvx86;BHDrvx86;c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_17.6.0.32\definitions\bashdefs\20100709.001\BHDrvx86.sys [2010-7-13 691248]

R1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\nis\1107000.00c\cchpx86.sys [2010-5-25 501888]

R1 IDSVix86;IDSVix86;c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_17.6.0.32\definitions\ipsdefs\20100721.003\IDSvix86.sys [2010-7-23 344112]

R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\nis\1107000.00c\ironx86.sys [2010-5-25 116784]

R1 SYMTDIv;Symantec Vista Network Dispatch Driver;c:\windows\system32\drivers\nis\1107000.00c\symtdiv.sys [2010-5-25 339504]

R2 {55662437-DA8C-40c0-AADA-2C816A897A49};Power Control [2009/06/15 03:57:14];c:\program files\hewlett-packard\media\dvd\000.fcl [2008-11-29 87536]

R2 AESTFilters;Andrea ST Filters Service;c:\windows\system32\driverstore\filerepository\stwrt.inf_52c73ccb\AEstSrv.exe [2009-6-15 77824]

R2 ezSharedSvc;Easybits Shared Services for Windows;c:\windows\system32\svchost.exe -k netsvcs [2008-1-21 21504]

R2 hpsrv;HP Service;c:\windows\system32\hpservice.exe [2008-3-19 19456]

R2 NIS;Norton Internet Security;c:\program files\norton internet security\engine\17.7.0.12\ccsvchst.exe [2010-5-25 126392]

R2 OMSI download service;Sony Ericsson OMSI download service;c:\program files\sony ericsson\sony ericsson pc suite\SupServ.exe [2010-5-11 90112]

R2 Recovery Service for Windows;Recovery Service for Windows;c:\program files\sminst\BLService.exe [2009-2-8 365952]

R2 TVCapSvc;TV Background Capture Service (TVBCS);c:\program files\hewlett-packard\media\tv\kernel\tv\TVCapSvc.exe [2009-2-9 296320]

R2 TVSched;TV Task Scheduler (TVTS);c:\program files\hewlett-packard\media\tv\kernel\tv\TVSched.exe [2009-2-9 116096]

R3 Com4QLBEx;Com4QLBEx;c:\program files\hewlett-packard\hp quick launch buttons\Com4QLBEx.exe [2009-2-8 222512]

R3 enecir;ENE CIR Receiver;c:\windows\system32\drivers\enecir.sys [2008-9-4 54784]

R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2010-5-28 102448]

R3 JMCR;JMCR;c:\windows\system32\drivers\jmcr.sys [2008-10-23 107360]

R3 PSI;PSI;c:\windows\system32\drivers\psi_mf.sys [2010-5-28 14896]

S2 avg9wd;AVG WatchDog;c:\program files\avg\avg9\avgwdsvc.exe [2010-7-23 308136]

S2 avgfws9;AVG Firewall;c:\program files\avg\avg9\avgfws9.exe [2010-7-23 2331032]

S2 AVGIDSAgent;AVG9IDSAgent;c:\program files\avg\avg9\identity protection\agent\bin\AVGIDSAgent.exe [2010-7-23 5897808]

S3 AVGIDSDrivervtx;AVG9IDSDriver;c:\program files\avg\avg9\identity protection\agent\driver\platform_vista\AVGIDSDriver.sys [2010-7-23 122448]

S3 AVGIDSFiltervtx;AVG9IDSFilter;c:\program files\avg\avg9\identity protection\agent\driver\platform_vista\AVGIDSFilter.sys [2010-7-23 30288]

S3 AVGIDSShimvtx;AVG9IDSShim;c:\program files\avg\avg9\identity protection\agent\driver\platform_vista\AVGIDSShim.sys [2010-7-23 27216]

S3 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-21 21504]

S3 s0017bus;Sony Ericsson Device 0017 driver (WDM);c:\windows\system32\drivers\s0017bus.sys [2010-5-11 86824]

S3 s0017mdfl;Sony Ericsson Device 0017 USB WMC Modem Filter;c:\windows\system32\drivers\s0017mdfl.sys [2010-5-11 15016]

S3 s0017mdm;Sony Ericsson Device 0017 USB WMC Modem Driver;c:\windows\system32\drivers\s0017mdm.sys [2010-5-11 114600]

S3 s0017mgmt;Sony Ericsson Device 0017 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s0017mgmt.sys [2010-5-11 108328]

S3 s0017nd5;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (NDIS);c:\windows\system32\drivers\s0017nd5.sys [2010-5-11 26024]

S3 s0017obex;Sony Ericsson Device 0017 USB WMC OBEX Interface;c:\windows\system32\drivers\s0017obex.sys [2010-5-11 104616]

S3 s0017unic;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (WDM);c:\windows\system32\drivers\s0017unic.sys [2010-5-11 109736]

S3 s1029bus;Sony Ericsson Device 1029 driver (WDM);c:\windows\system32\drivers\s1029bus.sys [2010-5-11 90280]

S3 s1029mdfl;Sony Ericsson Device 1029 USB WMC Modem Filter;c:\windows\system32\drivers\s1029mdfl.sys [2010-5-11 15016]

S3 s1029mdm;Sony Ericsson Device 1029 USB WMC Modem Driver;c:\windows\system32\drivers\s1029mdm.sys [2010-5-11 122280]

S3 s1029mgmt;Sony Ericsson Device 1029 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s1029mgmt.sys [2010-5-11 115880]

S3 s1029nd5;Sony Ericsson Device 1029 USB Ethernet Emulation (NDIS);c:\windows\system32\drivers\s1029nd5.sys [2010-5-11 26024]

S3 s1029obex;Sony Ericsson Device 1029 USB WMC OBEX Interface;c:\windows\system32\drivers\s1029obex.sys [2010-5-11 111912]

S3 s1029unic;Sony Ericsson Device 1029 USB Ethernet Emulation (WDM);c:\windows\system32\drivers\s1029unic.sys [2010-5-11 116904]

 

=============== Created Last 30 ================

 

2010-07-23 21:30:16 25168 ----a-w- c:\windows\system32\drivers\AVGIDSvx.sys

2010-07-23 21:29:58 52872 ----a-w- c:\windows\system32\drivers\avgrkx86.sys

2010-07-23 21:29:54 243024 ----a-w- c:\windows\system32\drivers\avgtdix.sys

2010-07-23 21:28:08 24856 ----a-w- c:\windows\system32\drivers\avgfwd6x.sys

2010-07-23 21:26:48 0 d-----w- c:\program files\AVG

2010-07-23 21:26:21 0 d-----w- c:\programdata\avg9

2010-07-23 21:09:13 0 d-----w- c:\program files\FLV Direct Player

2010-07-23 17:22:49 0 d-----w- c:\programdata\WinZip

2010-07-23 10:59:07 0 d-----w- c:\program files\iPod

2010-07-23 10:59:00 0 d-----w- c:\program files\iTunes

2010-07-23 10:55:06 629 ----a-w- c:\windows\system32\mapisvc.inf

2010-07-22 15:08:10 0 d-----w- c:\programdata\PC Drivers HeadQuarters

2010-07-22 14:31:14 0 d-----w- c:\programdata\PCPitstop

2010-07-22 14:31:10 0 d-----w- c:\program files\PCPitstop

2010-07-22 08:34:10 0 d-----w- c:\windows\system32\drivers\NSS

2010-07-22 08:34:10 0 d-----w- c:\program files\Norton Security Scan

2010-07-22 08:25:04 0 d-----w- C:\ATI

2010-07-06 22:28:59 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll

2010-07-06 22:28:59 49472 ----a-w- c:\windows\system32\netfxperf.dll

2010-07-06 22:28:59 297808 ----a-w- c:\windows\system32\mscoree.dll

2010-07-06 22:28:59 295264 ----a-w- c:\windows\system32\PresentationHost.exe

2010-07-06 22:28:59 1130824 ----a-w- c:\windows\system32\dfshim.dll

2010-07-06 22:27:39 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll

2010-07-06 22:27:39 28672 ----a-w- c:\windows\system32\Apphlpdm.dll

 

==================== Find3M ====================

 

2010-07-23 21:28:28 51200 ----a-w- c:\windows\inf\infpub.dat

2010-07-23 21:28:27 143360 ----a-w- c:\windows\inf\infstrng.dat

2010-07-23 21:28:26 143360 ----a-w- c:\windows\inf\infstor.dat

2010-07-18 21:40:08 80612 ----a-w- c:\windows\system32\perfc00B.dat

2010-07-18 21:40:08 76390 ----a-w- c:\windows\system32\perfc014.dat

2010-07-18 21:40:08 597836 ----a-w- c:\windows\system32\perfh01D.dat

2010-07-18 21:40:08 454842 ----a-w- c:\windows\system32\perfh006.dat

2010-07-18 21:40:08 443832 ----a-w- c:\windows\system32\perfh014.dat

2010-07-18 21:40:08 427118 ----a-w- c:\windows\system32\perfh00B.dat

2010-07-18 21:40:08 117416 ----a-w- c:\windows\system32\perfc01D.dat

2010-07-18 21:40:07 77100 ----a-w- c:\windows\system32\perfc006.dat

2010-06-20 17:06:48 11264 ----a-w- c:\windows\DCEBoot.exe

2010-05-28 11:04:52 14896 ----a-w- c:\windows\system32\drivers\psi_mf.sys

2010-05-26 17:06:41 34304 ----a-w- c:\windows\system32\atmlib.dll

2010-05-26 14:47:41 289792 ----a-w- c:\windows\system32\atmfd.dll

2010-05-21 12:14:28 221568 ------w- c:\windows\system32\MpSigStub.exe

2010-05-18 14:35:16 91424 ----a-w- c:\windows\system32\dnssd.dll

2010-05-18 14:35:16 107808 ----a-w- c:\windows\system32\dns-sd.exe

2010-05-11 17:24:12 148736 ----a-w- c:\programdata\hpe576D.dll

2010-05-11 07:34:37 139414 ----a-w- c:\windows\hpoins18.dat

2010-05-09 09:27:40 411368 ----a-w- c:\windows\system32\deployJava1.dll

2010-05-04 19:25:45 665600 ----a-w- c:\windows\inf\drvindex.dat

2010-05-04 17:54:07 588472 ----a-w- c:\windows\system32\ezsvc7x.dll

2010-05-04 17:36:26 37665 ----a-w- c:\windows\fonts\GlobalUserInterface.CompositeFont

2010-05-04 05:59:21 916480 ----a-w- c:\windows\system32\wininet.dll

2010-05-04 05:55:42 71680 ----a-w- c:\windows\system32\iesetup.dll

2010-05-04 05:55:42 109056 ----a-w- c:\windows\system32\iesysprep.dll

2010-05-04 04:31:05 133632 ----a-w- c:\windows\system32\ieUnatt.exe

2010-05-01 14:13:48 2037248 ----a-w- c:\windows\system32\win32k.sys

2009-02-08 16:27:26 35978 ----a-w- c:\windows\inf\perflib\041d\perfd.dat

2009-02-08 16:27:26 35978 ----a-w- c:\windows\inf\perflib\041d\perfc.dat

2009-02-08 16:27:26 290490 ----a-w- c:\windows\inf\perflib\041d\perfi.dat

2009-02-08 16:27:26 290490 ----a-w- c:\windows\inf\perflib\041d\perfh.dat

2009-02-08 16:22:25 35166 ----a-w- c:\windows\inf\perflib\0414\perfd.dat

2009-02-08 16:22:25 35166 ----a-w- c:\windows\inf\perflib\0414\perfc.dat

2009-02-08 16:22:25 294254 ----a-w- c:\windows\inf\perflib\0414\perfi.dat

2009-02-08 16:22:25 294254 ----a-w- c:\windows\inf\perflib\0414\perfh.dat

2009-02-08 16:17:38 36790 ----a-w- c:\windows\inf\perflib\040b\perfd.dat

2009-02-08 16:17:38 36790 ----a-w- c:\windows\inf\perflib\040b\perfc.dat

2009-02-08 16:17:38 274158 ----a-w- c:\windows\inf\perflib\040b\perfi.dat

2009-02-08 16:17:38 274158 ----a-w- c:\windows\inf\perflib\040b\perfh.dat

2009-02-08 16:12:59 36364 ----a-w- c:\windows\inf\perflib\0406\perfd.dat

2009-02-08 16:12:59 36364 ----a-w- c:\windows\inf\perflib\0406\perfc.dat

2009-02-08 16:12:59 300302 ----a-w- c:\windows\inf\perflib\0406\perfi.dat

2009-02-08 16:12:59 300302 ----a-w- c:\windows\inf\perflib\0406\perfh.dat

2008-01-21 02:43:21 174 --sha-w- c:\program files\desktop.ini

2006-11-02 09:20:21 287440 ----a-w- c:\windows\inf\perflib\0000\perfi.dat

2006-11-02 09:20:21 287440 ----a-w- c:\windows\inf\perflib\0000\perfh.dat

2006-11-02 09:20:19 30674 ----a-w- c:\windows\inf\perflib\0000\perfd.dat

2006-11-02 09:20:19 30674 ----a-w- c:\windows\inf\perflib\0000\perfc.dat

2009-02-08 16:55:45 8192 --sha-w- c:\windows\users\default\NTUSER.DAT

 

============= FINISH: 23:35:02,67 ===============

Länk till kommentar
Dela på andra webbplatser
Cecilia

Cecilia

Postad
Postad

Installera aldrig två antivirusprogram i en dator, det blir bara problem, aå avinstallera antingen Norton eller AVG. Starta om datorn. Därefter använder du det städprogram som hör ihop med programmet du avinstallerade:

Norton: http://www.symantec.com/norton/support/kb/web_view.jsp?wv_type=public_web&docurl=20090910004050EN Step 3

AVG Remover: http://www.avg.com/us-en/download-tools

 

Därefter startar du om datorn igen. Kör DDS och klistra in båda loggarna.

Länk till kommentar
Dela på andra webbplatser
Dag Erlandsson

Dag Erlandsson

Postad
  • Trådskapare
Postad

Installera aldrig två antivirusprogram i en dator, det blir bara problem, aå avinstallera antingen Norton eller AVG. Starta om datorn. Därefter använder du det städprogram som hör ihop med programmet du avinstallerade:

Norton: http://www.symantec.com/norton/support/kb/web_view.jsp?wv_type=public_web&docurl=20090910004050EN Step 3

AVG Remover: http://www.avg.com/us-en/download-tools

 

Därefter startar du om datorn igen. Kör DDS och klistra in båda loggarna.

 

Hej Cecilia,

Då är AVG borttaget och jag kan nu öppna min mejl, vilket inte gick då den var "på". Hittade dock inget "städprogram" som jag skulle använda efter omstart? Datorn segar fortfarande, så här kommer DDS:

 

DDS (Ver_10-03-17.01) - NTFSx86

Run by X at 10:34:25,24 on 2010-07-24

Internet Explorer: 8.0.6001.18928 BrowserJavaVersion: 1.6.0_20

Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.46.1053.18.3068.1496 [GMT 2:00]

 

SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

 

============== Running Processes ===============

 

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k rpcss

C:\Windows\system32\Ati2evxx.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_52c73ccb\STacSV.exe

C:\Windows\system32\svchost.exe -k GPSvcGroup

C:\Windows\system32\SLsvc.exe

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\Ati2evxx.exe

C:\Windows\system32\Hpservice.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\WLANExt.exe

C:\Windows\system32\taskeng.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\Dwm.exe

C:\Windows\system32\taskeng.exe

C:\Windows\Explorer.EXE

C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_52c73ccb\aestsrv.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Windows\system32\svchost.exe -k hpdevmgmt

C:\Program Files\Common Files\LightScribe\LSSrvc.exe

C:\Windows\System32\svchost.exe -k HPZ12

C:\Program Files\Norton Internet Security\Engine\17.7.0.12\ccSvcHst.exe

C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe

C:\Windows\System32\svchost.exe -k HPZ12

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Program Files\SMINST\BLService.exe

C:\Program Files\CyberLink\Shared files\RichVideo.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe

C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe

C:\Windows\System32\svchost.exe -k WerSvcGroup

C:\Windows\system32\SearchIndexer.exe

C:\Windows\servicing\TrustedInstaller.exe

C:\Windows\system32\WUDFHost.exe

C:\Windows\system32\DllHost.exe

C:\Program Files\Norton Internet Security\Engine\17.7.0.12\ccSvcHst.exe

C:\Windows\system32\conime.exe

C:\Windows\system32\taskeng.exe

C:\Program Files\Secunia\PSI\psi.exe

C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe

C:\Program Files\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe

C:\Program Files\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe

C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe

C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe

C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe

C:\Program Files\HP\HP Software Update\hpwuSchd2.exe

C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe

C:\Program Files\IDT\WDM\sttray.exe

C:\Program Files\Hewlett-Packard\Media\TV\TVAgent.exe

C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe

C:\Program Files\Windows Live\Messenger\msnmsgr.exe

C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe

C:\Program Files\Skype\Phone\Skype.exe

C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe

C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

C:\Program Files\Hewlett-Packard\Shared\hpqToaster.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe

c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe

C:\Program Files\Mozilla Firefox\plugin-container.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Users\X\Downloads\dds(4).scr

 

============== Pseudo HJT Report ===============

 

uDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=sv_se&c=91&bd=Pavilion&pf=cnnb

uStart Page = hxxp://flvdirect.iamwired.net/

uSearch Bar =

mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=sv_se&c=91&bd=Pavilion&pf=cnnb

mDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=sv_se&c=91&bd=Pavilion&pf=cnnb

uInternet Settings,ProxyOverride = <local>

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No File

BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - c:\program files\norton internet security\engine\17.7.0.12\coIEPlg.dll

BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - c:\program files\norton internet security\engine\17.7.0.12\IPSBHO.DLL

BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll

BHO: AOL Toolbar BHO: {7c554162-8cb7-45a4-b8f4-8ea1c75885f9} - c:\program files\aol\aol toolbar 5.0\aoltb.dll

BHO: Windows Live inloggningshjälpen: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

TB: AOL Toolbar: {de9c389f-3316-41a7-809b-aa305ed9d922} - c:\program files\aol\aol toolbar 5.0\aoltb.dll

TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - c:\program files\norton internet security\engine\17.7.0.12\coIEPlg.dll

uRun: [LightScribe Control Panel] c:\program files\common files\lightscribe\LightScribeControlPanel.exe -hidden

uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background

uRun: [sony Ericsson PC Companion] "c:\program files\sony ericsson\sony ericsson pc companion\PCCompanion.exe" /systray /nologon

uRun: [skype] "c:\program files\skype\phone\Skype.exe" /nosplash /minimized

uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe

mRun: [startCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun

mRun: [synTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe

mRun: [DVDAgent] "c:\program files\hewlett-packard\media\dvd\DVDAgent.exe"

mRun: [TSMAgent] "c:\program files\hewlett-packard\touchsmart\media\TSMAgent.exe"

mRun: [CLMLServer for HP TouchSmart] "c:\program files\hewlett-packard\touchsmart\media\kernel\clml\CLMLSvc.exe"

mRun: [uCam_Menu] "c:\program files\hewlett-packard\media\webcam\muitransfer\muistartmenu.exe" "c:\program files\hewlett-packard\media\webcam" update "software\hewlett-packard\media\Webcam"

mRun: [smartMenu] %ProgramFiles%\Hewlett-Packard\HP MediaSmart\SmartMenu.exe

mRun: [updateLBPShortCut] "c:\program files\cyberlink\labelprint\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\labelprint" updatewithcreateonce "software\cyberlink\labelprint\2.5"

mRun: [updatePSTShortCut] "c:\program files\cyberlink\dvd suite\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\dvd suite" updatewithcreateonce "software\cyberlink\PowerStarter"

mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

mRun: [QlbCtrl.exe] c:\program files\hewlett-packard\hp quick launch buttons\QlbCtrl.exe /Start

mRun: [updateP2GoShortCut] "c:\program files\cyberlink\power2go\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\power2go" updatewithcreateonce "software\cyberlink\power2go\6.0"

mRun: [updatePDIRShortCut] "c:\program files\cyberlink\powerdirector\muitransfer\muistartmenu.exe" "c:\program files\cyberlink\powerdirector" updatewithcreateonce "software\cyberlink\powerdirector\7.0"

mRun: [HP Health Check Scheduler] c:\program files\hewlett-packard\hp health check\HPHC_Scheduler.exe

mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe

mRun: [WirelessAssistant] c:\program files\hewlett-packard\hp wireless assistant\HPWAMain.exe

mRun: [sysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exe

mRun: [TVAgent] "c:\program files\hewlett-packard\media\tv\TVAgent.exe"

mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"

mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"

mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime

mRun: [ATICustomerCare] "c:\program files\ati\aticustomercare\ATICustomerCare.exe"

mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe

mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe

mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: &AOL Verktygsfalt Sök - c:\programdata\aol\ietoolbar\resources\sv-se\local\search.html

IE: E&xportera till Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL

Trusted Zone: qword.com

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab

DPF: {A27C56D2-3F58-4ABB-AA31-1168EDA6636F} - hxxp://utilities.pcpitstop.com/Nirvana/controls/pcmatic.cab

DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab

Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} -

mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "c:\program files\common files\lightscribe\LSRunOnce.exe"

 

================= FIREFOX ===================

 

FF - ProfilePath - c:\users\X\appdata\roaming\mozilla\firefox\profiles\d4iqibzp.default\

FF - prefs.js: browser.search.defaulturl - hxxp://flvdirect.iamwired.net/websearch.php?src=tops&search=

FF - prefs.js: browser.search.selectedEngine - Google

FF - prefs.js: browser.startup.homepage - hxxp://www.aftonbladet.se/

FF - prefs.js: keyword.URL - hxxp://flvdirect.iamwired.net/websearch.php?src=tops&search=

FF - component: c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_17.6.0.32\coffplgn\components\coFFPlgn.dll

FF - component: c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_17.6.0.32\ipsffplgn\components\IPSFFPl.dll

FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: c:\program files\sony\media go\npmediago.dll

FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\

FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}

 

---- FIREFOX POLICIES ----

c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_colors", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);

c:\program files\mozilla firefox\greprefs\all.js - pref("browser.visited_color", "#551A8B");

c:\program files\mozilla firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);

c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.proxy.type", 5);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.buffer.cache.count", 24);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.buffer.cache.size", 4096);

c:\program files\mozilla firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);

c:\program files\mozilla firefox\greprefs\all.js - pref("svg.smil.enabled", false);

c:\program files\mozilla firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);

c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.debug", false);

c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);

c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);

c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);

c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);

c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);

c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);

c:\program files\mozilla firefox\greprefs\all.js - pref("accelerometer.enabled", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("html5.enable", false);

c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);

c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");

c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);

c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);

c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);

c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);

c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");

c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");

c:\program files\mozilla firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".se");

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.videoFeeds.handler", "ask");

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);

 

============= SERVICES / DRIVERS ===============

 

R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\nis\1107000.00c\symds.sys [2010-5-25 328752]

R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\nis\1107000.00c\symefa.sys [2010-5-25 173104]

R1 BHDrvx86;BHDrvx86;c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_17.6.0.32\definitions\bashdefs\20100709.001\BHDrvx86.sys [2010-7-13 691248]

R1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\nis\1107000.00c\cchpx86.sys [2010-5-25 501888]

R1 IDSVix86;IDSVix86;c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_17.6.0.32\definitions\ipsdefs\20100723.001\IDSvix86.sys [2010-7-24 344112]

R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\nis\1107000.00c\ironx86.sys [2010-5-25 116784]

R1 SYMTDIv;Symantec Vista Network Dispatch Driver;c:\windows\system32\drivers\nis\1107000.00c\symtdiv.sys [2010-5-25 339504]

R2 {55662437-DA8C-40c0-AADA-2C816A897A49};Power Control [2009/06/15 03:57:14];c:\program files\hewlett-packard\media\dvd\000.fcl [2008-11-29 87536]

R2 AESTFilters;Andrea ST Filters Service;c:\windows\system32\driverstore\filerepository\stwrt.inf_52c73ccb\AEstSrv.exe [2009-6-15 77824]

R2 ezSharedSvc;Easybits Shared Services for Windows;c:\windows\system32\svchost.exe -k netsvcs [2008-1-21 21504]

R2 hpsrv;HP Service;c:\windows\system32\hpservice.exe [2008-3-19 19456]

R2 NIS;Norton Internet Security;c:\program files\norton internet security\engine\17.7.0.12\ccsvchst.exe [2010-5-25 126392]

R2 OMSI download service;Sony Ericsson OMSI download service;c:\program files\sony ericsson\sony ericsson pc suite\SupServ.exe [2010-5-11 90112]

R2 Recovery Service for Windows;Recovery Service for Windows;c:\program files\sminst\BLService.exe [2009-2-8 365952]

R2 TVCapSvc;TV Background Capture Service (TVBCS);c:\program files\hewlett-packard\media\tv\kernel\tv\TVCapSvc.exe [2009-2-9 296320]

R2 TVSched;TV Task Scheduler (TVTS);c:\program files\hewlett-packard\media\tv\kernel\tv\TVSched.exe [2009-2-9 116096]

R3 Com4QLBEx;Com4QLBEx;c:\program files\hewlett-packard\hp quick launch buttons\Com4QLBEx.exe [2009-2-8 222512]

R3 enecir;ENE CIR Receiver;c:\windows\system32\drivers\enecir.sys [2008-9-4 54784]

R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2010-5-28 102448]

R3 JMCR;JMCR;c:\windows\system32\drivers\jmcr.sys [2008-10-23 107360]

R3 PSI;PSI;c:\windows\system32\drivers\psi_mf.sys [2010-5-28 14896]

S3 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\program files\avg\avg9\toolbar\toolbarbroker.exe --> c:\program files\avg\avg9\toolbar\ToolbarBroker.exe [?]

S3 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-21 21504]

S3 s0017bus;Sony Ericsson Device 0017 driver (WDM);c:\windows\system32\drivers\s0017bus.sys [2010-5-11 86824]

S3 s0017mdfl;Sony Ericsson Device 0017 USB WMC Modem Filter;c:\windows\system32\drivers\s0017mdfl.sys [2010-5-11 15016]

S3 s0017mdm;Sony Ericsson Device 0017 USB WMC Modem Driver;c:\windows\system32\drivers\s0017mdm.sys [2010-5-11 114600]

S3 s0017mgmt;Sony Ericsson Device 0017 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s0017mgmt.sys [2010-5-11 108328]

S3 s0017nd5;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (NDIS);c:\windows\system32\drivers\s0017nd5.sys [2010-5-11 26024]

S3 s0017obex;Sony Ericsson Device 0017 USB WMC OBEX Interface;c:\windows\system32\drivers\s0017obex.sys [2010-5-11 104616]

S3 s0017unic;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (WDM);c:\windows\system32\drivers\s0017unic.sys [2010-5-11 109736]

S3 s1029bus;Sony Ericsson Device 1029 driver (WDM);c:\windows\system32\drivers\s1029bus.sys [2010-5-11 90280]

S3 s1029mdfl;Sony Ericsson Device 1029 USB WMC Modem Filter;c:\windows\system32\drivers\s1029mdfl.sys [2010-5-11 15016]

S3 s1029mdm;Sony Ericsson Device 1029 USB WMC Modem Driver;c:\windows\system32\drivers\s1029mdm.sys [2010-5-11 122280]

S3 s1029mgmt;Sony Ericsson Device 1029 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s1029mgmt.sys [2010-5-11 115880]

S3 s1029nd5;Sony Ericsson Device 1029 USB Ethernet Emulation (NDIS);c:\windows\system32\drivers\s1029nd5.sys [2010-5-11 26024]

S3 s1029obex;Sony Ericsson Device 1029 USB WMC OBEX Interface;c:\windows\system32\drivers\s1029obex.sys [2010-5-11 111912]

S3 s1029unic;Sony Ericsson Device 1029 USB Ethernet Emulation (WDM);c:\windows\system32\drivers\s1029unic.sys [2010-5-11 116904]

 

=============== Created Last 30 ================

 

2010-07-23 21:31:59 0 d-----w- c:\programdata\AVG Security Toolbar

2010-07-23 21:26:48 0 d-----w- c:\program files\AVG

2010-07-23 21:26:21 0 d-----w- c:\programdata\avg9

2010-07-23 17:22:49 0 d-----w- c:\programdata\WinZip

2010-07-23 10:59:07 0 d-----w- c:\program files\iPod

2010-07-23 10:59:00 0 d-----w- c:\program files\iTunes

2010-07-23 10:55:06 629 ----a-w- c:\windows\system32\mapisvc.inf

2010-07-22 15:08:10 0 d-----w- c:\programdata\PC Drivers HeadQuarters

2010-07-22 14:31:14 0 d-----w- c:\programdata\PCPitstop

2010-07-22 14:31:10 0 d-----w- c:\program files\PCPitstop

2010-07-22 08:34:10 0 d-----w- c:\windows\system32\drivers\NSS

2010-07-22 08:34:10 0 d-----w- c:\program files\Norton Security Scan

2010-07-22 08:25:04 0 d-----w- C:\ATI

2010-07-06 22:28:59 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll

2010-07-06 22:28:59 49472 ----a-w- c:\windows\system32\netfxperf.dll

2010-07-06 22:28:59 297808 ----a-w- c:\windows\system32\mscoree.dll

2010-07-06 22:28:59 295264 ----a-w- c:\windows\system32\PresentationHost.exe

2010-07-06 22:28:59 1130824 ----a-w- c:\windows\system32\dfshim.dll

2010-07-06 22:27:39 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll

2010-07-06 22:27:39 28672 ----a-w- c:\windows\system32\Apphlpdm.dll

 

==================== Find3M ====================

 

2010-07-24 08:30:37 51200 ----a-w- c:\windows\inf\infpub.dat

2010-07-24 08:30:37 143360 ----a-w- c:\windows\inf\infstrng.dat

2010-07-24 08:30:37 143360 ----a-w- c:\windows\inf\infstor.dat

2010-07-18 21:40:08 80612 ----a-w- c:\windows\system32\perfc00B.dat

2010-07-18 21:40:08 76390 ----a-w- c:\windows\system32\perfc014.dat

2010-07-18 21:40:08 597836 ----a-w- c:\windows\system32\perfh01D.dat

2010-07-18 21:40:08 454842 ----a-w- c:\windows\system32\perfh006.dat

2010-07-18 21:40:08 443832 ----a-w- c:\windows\system32\perfh014.dat

2010-07-18 21:40:08 427118 ----a-w- c:\windows\system32\perfh00B.dat

2010-07-18 21:40:08 117416 ----a-w- c:\windows\system32\perfc01D.dat

2010-07-18 21:40:07 77100 ----a-w- c:\windows\system32\perfc006.dat

2010-06-20 17:06:48 11264 ----a-w- c:\windows\DCEBoot.exe

2010-05-28 11:04:52 14896 ----a-w- c:\windows\system32\drivers\psi_mf.sys

2010-05-26 17:06:41 34304 ----a-w- c:\windows\system32\atmlib.dll

2010-05-26 14:47:41 289792 ----a-w- c:\windows\system32\atmfd.dll

2010-05-21 12:14:28 221568 ------w- c:\windows\system32\MpSigStub.exe

2010-05-18 14:35:16 91424 ----a-w- c:\windows\system32\dnssd.dll

2010-05-18 14:35:16 107808 ----a-w- c:\windows\system32\dns-sd.exe

2010-05-11 17:24:12 148736 ----a-w- c:\programdata\hpe576D.dll

2010-05-11 07:34:37 139414 ----a-w- c:\windows\hpoins18.dat

2010-05-09 09:27:40 411368 ----a-w- c:\windows\system32\deployJava1.dll

2010-05-04 19:25:45 665600 ----a-w- c:\windows\inf\drvindex.dat

2010-05-04 17:54:07 588472 ----a-w- c:\windows\system32\ezsvc7x.dll

2010-05-04 17:36:26 37665 ----a-w- c:\windows\fonts\GlobalUserInterface.CompositeFont

2010-05-04 05:59:21 916480 ----a-w- c:\windows\system32\wininet.dll

2010-05-04 05:55:42 71680 ----a-w- c:\windows\system32\iesetup.dll

2010-05-04 05:55:42 109056 ----a-w- c:\windows\system32\iesysprep.dll

2010-05-04 04:31:05 133632 ----a-w- c:\windows\system32\ieUnatt.exe

2010-05-01 14:13:48 2037248 ----a-w- c:\windows\system32\win32k.sys

2009-02-08 16:27:26 35978 ----a-w- c:\windows\inf\perflib\041d\perfd.dat

2009-02-08 16:27:26 35978 ----a-w- c:\windows\inf\perflib\041d\perfc.dat

2009-02-08 16:27:26 290490 ----a-w- c:\windows\inf\perflib\041d\perfi.dat

2009-02-08 16:27:26 290490 ----a-w- c:\windows\inf\perflib\041d\perfh.dat

2009-02-08 16:22:25 35166 ----a-w- c:\windows\inf\perflib\0414\perfd.dat

2009-02-08 16:22:25 35166 ----a-w- c:\windows\inf\perflib\0414\perfc.dat

2009-02-08 16:22:25 294254 ----a-w- c:\windows\inf\perflib\0414\perfi.dat

2009-02-08 16:22:25 294254 ----a-w- c:\windows\inf\perflib\0414\perfh.dat

2009-02-08 16:17:38 36790 ----a-w- c:\windows\inf\perflib\040b\perfd.dat

2009-02-08 16:17:38 36790 ----a-w- c:\windows\inf\perflib\040b\perfc.dat

2009-02-08 16:17:38 274158 ----a-w- c:\windows\inf\perflib\040b\perfi.dat

2009-02-08 16:17:38 274158 ----a-w- c:\windows\inf\perflib\040b\perfh.dat

2009-02-08 16:12:59 36364 ----a-w- c:\windows\inf\perflib\0406\perfd.dat

2009-02-08 16:12:59 36364 ----a-w- c:\windows\inf\perflib\0406\perfc.dat

2009-02-08 16:12:59 300302 ----a-w- c:\windows\inf\perflib\0406\perfi.dat

2009-02-08 16:12:59 300302 ----a-w- c:\windows\inf\perflib\0406\perfh.dat

2008-01-21 02:43:21 174 --sha-w- c:\program files\desktop.ini

2006-11-02 09:20:21 287440 ----a-w- c:\windows\inf\perflib\0000\perfi.dat

2006-11-02 09:20:21 287440 ----a-w- c:\windows\inf\perflib\0000\perfh.dat

2006-11-02 09:20:19 30674 ----a-w- c:\windows\inf\perflib\0000\perfd.dat

2006-11-02 09:20:19 30674 ----a-w- c:\windows\inf\perflib\0000\perfc.dat

2009-02-08 16:55:45 8192 --sha-w- c:\windows\users\default\NTUSER.DAT

 

============= FINISH: 10:39:14,26 ===============

 

 

Sedan Text:

[log]

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

 

DDS (Ver_10-03-17.01)

 

Microsoft® Windows Vista™ Home Premium

Boot Device: \Device\HarddiskVolume1

Install Date: 2009-06-15 12:16:44

System Uptime: 2010-07-24 10:29:06 (0 hours ago)

 

Motherboard: Quanta | | 3624

Processor: Pentium® Dual-Core CPU T4200 @ 2.00GHz | CPU | 2000/800mhz

 

==== Disk Partitions =========================

 

C: is FIXED (NTFS) - 286 GiB total, 156,38 GiB free.

D: is FIXED (NTFS) - 12 GiB total, 1,9 GiB free.

E: is CDROM ()

F: is Removable

 

==== Disabled Device Manager Items =============

 

==== System Restore Points ===================

 

 

==== Installed Programs ======================

 

32 Bit HP CIO Components Installer

Activation Assistant for the 2007 Microsoft Office suites

ActiveCheck component for HP Active Support Library

Adobe Flash Player 10 ActiveX

Adobe Flash Player 10 Plugin

Adobe Reader 9.3.3 - Svenska

Adobe Shockwave Player

Adobe Shockwave Player 11.5

AIO_CDA_ProductContext

AIO_CDA_Software

AIO_Scan

AOL Toolbar 5.0

Apple Application Support

Apple Mobile Device Support

Apple Software Update

ATI Catalyst Install Manager

ATI Catalyst Registration

µTorrent

Bonjour

Broadcom 802.11 Wireless LAN Adapter

BufferChm

C5100

c5100_Help

Catalyst Control Center - Branding

Catalyst Control Center Core Implementation

Catalyst Control Center Graphics Full Existing

Catalyst Control Center Graphics Full New

Catalyst Control Center Graphics Light

Catalyst Control Center Graphics Previews Common

Catalyst Control Center Graphics Previews Vista

Catalyst Control Center InstallProxy

Catalyst Control Center Localization Chinese Standard

Catalyst Control Center Localization Chinese Traditional

Catalyst Control Center Localization Czech

Catalyst Control Center Localization Danish

Catalyst Control Center Localization Dutch

Catalyst Control Center Localization Finnish

Catalyst Control Center Localization French

Catalyst Control Center Localization German

Catalyst Control Center Localization Greek

Catalyst Control Center Localization Hungarian

Catalyst Control Center Localization Italian

Catalyst Control Center Localization Japanese

Catalyst Control Center Localization Korean

Catalyst Control Center Localization Norwegian

Catalyst Control Center Localization Polish

Catalyst Control Center Localization Portuguese

Catalyst Control Center Localization Russian

Catalyst Control Center Localization Spanish

Catalyst Control Center Localization Swedish

Catalyst Control Center Localization Thai

Catalyst Control Center Localization Turkish

ccc-core-static

ccc-utility

CCC Help Chinese Standard

CCC Help Chinese Traditional

CCC Help Czech

CCC Help Danish

CCC Help Dutch

CCC Help English

CCC Help Finnish

CCC Help French

CCC Help German

CCC Help Greek

CCC Help Hungarian

CCC Help Italian

CCC Help Japanese

CCC Help Korean

CCC Help Norwegian

CCC Help Polish

CCC Help Portuguese

CCC Help Russian

CCC Help Spanish

CCC Help Swedish

CCC Help Thai

CCC Help Turkish

CCleaner

Compatibility Pack för Office 2007-systemet

Copy

CustomerResearchQFolder

CyberLink DVD Suite

Destinations

DeviceManagementQFolder

DocProc

DocProcQFolder

ESU for Microsoft Vista

eSupportQFolder

Fax

HiJackThis

HijackThis 2.0.2

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

HP Active Support Library

HP Common Access Service Library

HP Customer Experience Enhancements

HP Customer Participation Program 8.0

HP Help and Support

HP Imaging Device Functions 8.0

HP MediaSmart DVD

HP MediaSmart Music/Photo/Video

HP MediaSmart SmartMenu

HP MediaSmart TV

HP MediaSmart Webcam

HP OCR Software 8.0

HP Photosmart Essential

HP Photosmart.All-In-One Driver Software 8.0 .A

HP Quick Launch Buttons 6.40 L1

HP Solution Center 8.0

HP Total Care Setup

HP Update

HP User Guides 0134

HP Wireless Assistant

HPAsset component for HP Active Support Library

HPNetworkAssistant

HPProductAssistant

HPSSupply

IDT Audio

iTunes

Java Auto Updater

Java 6 Update 20

JMicron JMB38X Flash Media Controller Driver

Junk Mail filter update

LabelPrint

LightScribe System Software 1.14.17.1

Malwarebytes' Anti-Malware

MarketResearch

Media Go

Microsoft .NET Framework 3.5 Language Pack SP1 - sve

Microsoft .NET Framework 3.5 SP1

Microsoft Application Error Reporting

Microsoft Choice Guard

Microsoft Office 2007 Service Pack 2 (SP2)

Microsoft Office Excel 2007 Help Uppdatering (KB963678)

Microsoft Office Excel MUI (Swedish) 2007

Microsoft Office Home and Student 2007

Microsoft Office OneNote MUI (Swedish) 2007

Microsoft Office Powerpoint 2007 Help Uppdatering (KB963669)

Microsoft Office PowerPoint MUI (Swedish) 2007

Microsoft Office PowerPoint Viewer 2007 (Swedish)

Microsoft Office Proof (English) 2007

Microsoft Office Proof (Finnish) 2007

Microsoft Office Proof (German) 2007

Microsoft Office Proof (Swedish) 2007

Microsoft Office Proofing (Swedish) 2007

Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

Microsoft Office Shared MUI (Swedish) 2007

Microsoft Office Word 2007 Help Uppdatering (KB963665)

Microsoft Office Word MUI (Swedish) 2007

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Works

MobileMe Control Panel

Mozilla Firefox (3.6.8)

MSVCRT

MSXML 4.0 SP2 (KB927978)

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

My HP Games

Norton Internet Security

Norton Security Scan

OGA Notifier 2.0.0048.0

OpenOffice.org 3.2

PlayStation®Network Downloader

PlayStation®Store

Power2Go

PowerDirector

ProtectSmart Hard Drive Protection

QuickTime

Realtek 8169 8168 8101E 8102E Ethernet Driver

Safari

Scan

Secunia PSI

Security Update for 2007 Microsoft Office System (KB969559)

Security Update for 2007 Microsoft Office System (KB976321)

Security Update for 2007 Microsoft Office System (KB982312)

Security Update for 2007 Microsoft Office System (KB982331)

Security Update for Microsoft Office Excel 2007 (KB982308)

Security Update for Microsoft Office InfoPath 2007 (KB979441)

Security Update for Microsoft Office PowerPoint 2007 (KB982158)

Security Update for Microsoft Office system 2007 (972581)

Security Update for Microsoft Office system 2007 (KB969613)

Security Update for Microsoft Office system 2007 (KB974234)

Security Update for Microsoft Office Visio Viewer 2007 (KB973709)

Security Update for Microsoft Office Word 2007 (KB982135)

Skins

Skype™ 4.2

SolutionCenter

Sony Ericsson PC Companion 1.60.00

Sony Ericsson PC Suite 6.011.00

SPORE Creature Creator Trial Edition

Språkpaket för Microsoft .NET Framework 3.5 SP 1 - sve

Status

Synaptics Pointing Device Driver

The Lord of the Rings FREE Trial

Toolbox

TrayApp

UnloadSupport

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

Update for Microsoft Office OneNote 2007 (KB980729)

WebReg

Windows Driver Package - ENE (enecir) HIDClass (09/04/2008 2.6.0.0)

Windows Live Communications Platform

Windows Live Essentials

Windows Live inloggningsassistenten

Windows Live Mail

Windows Live Messenger

Windows Live Upload Tool

Wisdom-soft Set up ScreenHunter 5.1 Pro

VLC media player 1.1.0

 

==== End Of File ===========================

[/log]

Länk till kommentar
Dela på andra webbplatser
Cecilia

Cecilia

Postad
Postad

Ser du ingen länk som heter "AVG Remover(32bit) (avgremover.exe)" på sidan http://www.avg.com/us-en/download-tools ?

 

Internet-alternativ - Säkerhet - Tillförlitliga platser - Platser

Ta bort qword.com

Ej tillförlitliga platser - Platser

Lägg till qword.com

 

I adressfältet i Firefox skriver du:

about:config

 

Leta upp raden:

browser.search.defaulturl

Högerklicka på den och välj Återställ om det alternativet finns och annars så fyller du i en sökmotor som google eller bing.

Leta upp raden:

keyword.URL

Gör samma sak med den. I min dator detta inskrivet där:

http://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q=

 

På sidan http://www.virustotal.com trycker du på Bläddra-knappen och klistrar in följande filnamn i rutan, tryck på Öppna och sedan Skicka Fil. Vänta tills resultatet är klart (Närvarande status blir genomförd). Klistra in en länk till resultatet här.

c:\windows\DCEBoot.exe

 

När du kör en online-skanning ska du inte köra Nortons/Symantecs utan någon annan tillverkares online-skanning så att du får datorn kontrollerad mot en annan virusdatabas.

Länk till kommentar
Dela på andra webbplatser
Dag Erlandsson

Dag Erlandsson

Postad
  • Trådskapare
Postad

Ser du ingen länk som heter "AVG Remover(32bit) (avgremover.exe)" på sidan http://www.avg.com/us-en/download-tools ?

 

Internet-alternativ - Säkerhet - Tillförlitliga platser - Platser

Ta bort qword.com

Ej tillförlitliga platser - Platser

Lägg till qword.com

 

I adressfältet i Firefox skriver du:

about:config

 

Leta upp raden:

browser.search.defaulturl

Högerklicka på den och välj Återställ om det alternativet finns och annars så fyller du i en sökmotor som google eller bing.

Leta upp raden:

keyword.URL

Gör samma sak med den. I min dator detta inskrivet där:

http://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q=

 

På sidan http://www.virustotal.com trycker du på Bläddra-knappen och klistrar in följande filnamn i rutan, tryck på Öppna och sedan Skicka Fil. Vänta tills resultatet är klart (Närvarande status blir genomförd). Klistra in en länk till resultatet här.

c:\windows\DCEBoot.exe

 

När du kör en online-skanning ska du inte köra Nortons/Symantecs utan någon annan tillverkares online-skanning så att du får datorn kontrollerad mot en annan virusdatabas.

 

Hej igen,

1. Jo den länken såg jag och laddade naturligtvis och det tog bort AVG dvs. :

"AVG Remover(32bit) (avgremover.exe)" Var aldrig inne på kontrollpanelen utan allt sköttes via din länk. Funkar det? Jag trodde nämligen att man skulle ha ytterligare ett program för att "städa upp".

 

2. Du skriver, Internet-alternativ - Säkerhet - Tillförlitliga platser - Platser

 

Ta bort qword.com

Ej tillförlitliga platser - Platser

Lägg till qword.com

 

Men jag har Firefox, så jag antar att jag skall köra på alternativet inunder? För jag har inte internetalternativ osv. Funkar det?

Länk till kommentar
Dela på andra webbplatser
Cecilia

Cecilia

Postad
Postad

Internet Explorer finns i datorn och bör förstås säkras upp även om du inte brukar använda den. Det förekommer t ex att skadliga program startar Internet Explorer. Internet-alternativ hittar du någonstans i Kontrollpanelen.

Länk till kommentar
Dela på andra webbplatser
Dag Erlandsson

Dag Erlandsson

Postad
  • Trådskapare
Postad

Ser du ingen länk som heter "AVG Remover(32bit) (avgremover.exe)" på sidan http://www.avg.com/us-en/download-tools ?

 

Internet-alternativ - Säkerhet - Tillförlitliga platser - Platser

Ta bort qword.com

Ej tillförlitliga platser - Platser

Lägg till qword.com

 

I adressfältet i Firefox skriver du:

about:config

 

Leta upp raden:

browser.search.defaulturl

Högerklicka på den och välj Återställ om det alternativet finns och annars så fyller du i en sökmotor som google eller bing.

Leta upp raden:

keyword.URL

Gör samma sak med den. I min dator detta inskrivet där:

http://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q=

 

På sidan http://www.virustotal.com trycker du på Bläddra-knappen och klistrar in följande filnamn i rutan, tryck på Öppna och sedan Skicka Fil. Vänta tills resultatet är klart (Närvarande status blir genomförd). Klistra in en länk till resultatet här.

c:\windows\DCEBoot.exe

 

När du kör en online-skanning ska du inte köra Nortons/Symantecs utan någon annan tillverkares online-skanning så att du får datorn kontrollerad mot en annan virusdatabas.

 

 

Hej,

Det står att Filen har redan blivid analyserad:MD5: cfeded305519282bcac83d0a1ae52e13

First received: 2010.06.09 01:06:26 UTC

Datum 2010.07.19 23:06:16 UTC [>4D]

Resultat 2/41

 

Men här kommer länken:

 

analisis/e3b5bbebba471fa3c405c203511a504011918adadea782aef7d8a25e69f4fb96-1279580776

 

Körde även en Housecall online scanning, som hittade 3 hot, men som ignorerades.. Så då borde det väl vara rent nu? Finns det ngt. program som tar bort alla dds filer och housecall osv som ligger kvar i datorn?

Länk till kommentar
Dela på andra webbplatser
Cecilia

Cecilia

Postad
Postad

Vad var det för hot som Housecall hittade? Varför ignorerades de?

Om där finns något olämpligt i datorn enligt Housecall så är det ju inte säkert att datorn är ren.

Länk till kommentar
Dela på andra webbplatser
Dag Erlandsson

Dag Erlandsson

Postad
  • Trådskapare
Postad

Vad var det för hot som Housecall hittade? Varför ignorerades de?

Om där finns något olämpligt i datorn enligt Housecall så är det ju inte säkert att datorn är ren.

 

Vet ej, men nu körde jag Housecall igen och den var nu "ren". Så vad säger du, är den "ren" nu? Massor med tack igen.

Länk till kommentar
Dela på andra webbplatser
Cecilia

Cecilia

Postad
Postad

Om du inte har kört MBAM sedan igår kväll så kan du ju köra det igen. Om du inte märker något problem så är det sannolikt att datorn är ren.

 

Nu återstår bara en sista städomgång:

 

1. Ta bort samtliga systemåterställningspunkter eftersom dessa kan vara infekterade.

Börja med att skapa en ny systemåterställningspunkt:

XP:

Start - Program- Tillbehör - Systemverktyg - Systemåterställning

Välj att skapa en ny återställningspunkt och tryck på Nästa.

Vista och Windows 7:

Högerklick på Datorn - Egenskaper - Systemskydd

Tryck på Skapa.

 

Ta sedan bort alla gamla systemåterställningspunkter genom att köra diskrensningsprogrammet.

Högerklicka på C: i Den här datorn/Utforskaren och välj Egenskaper.

På fliken Allmänt finns det en knapp som heter Diskrensning. Välj den.

Efter några minuter kommer programmet upp och då väljer du en flik som heter Fler alternativ eller något likande. Tryck på den Rensa-knapp som tar bort alla systemåterställningspunkter utom den senaste.

 

2. Ladda ner avinstallationsprogrammet OTC till Skrivbordet.

http://oldtimer.geekstogo.com/OTC.exe

Dubbelklicka på filen för att starta programmet.

Tryck på knappen CleanUp! och DDS samt detta program kommer att avinstalleras efter en omstart av datorn. Ta bort eventuella loggfiler som finns kvar.

 

3. Ta bort alla tillfälliga filer genom att ladda ner ATF-Cleaner på Skrivbordet:

http://www.atribune.org/ccount/click.php?id=1

Stäng av alla andra program, särskilt webbläsare.

Dubbelklicka på ATF-Cleaner.exe för att starta programmet.

Bocka i Select All. Tryck på Empty Selected.

 

Om du använder Firefox: Tryck på Firefox och välj Select All. Tryck på Empty Selected. Om du vill ha kvar dina lösenord så tryck No vid frågan.

 

Om du använder Opera: Tryck på Opera och välj Select All. Tryck på Empty Selected. Om du vill ha kvar dina lösenord så tryck No vid frågan.

Tryck på Exit i Main-menyn för att stänga programmet.

 

Obs! Detta kommer att ta bort alla cookies, om du har cookies som du vill ha kvar så får du antingen spara undan dem innan eller låta bli att välja Select All och i stället markera allt annat.

 

4. Byt alla lösenord som du använder i datorn och på internet eftersom dessa kan ha kommit i orätta händer.

http://mnin.blogspot.com/2009/02/why-i-enjoyed-tiggersyzor.html beskriver ett skadligt program som spionerar genom att ta skärmbilder, logga tangentbordsnedtryckningar och läsa lösenord som är lagrade i webbläsare, epostprogram etc.

 

5. Förbättra skyddet i datorn, se mina Råd för en säkrare dator. http://sites.google.com/site/ceblstockholm/home

Länk till kommentar
Dela på andra webbplatser
Dag Erlandsson

Dag Erlandsson

Postad
  • Trådskapare
Postad

Om du inte har kört MBAM sedan igår kväll så kan du ju köra det igen. Om du inte märker något problem så är det sannolikt att datorn är ren.

 

Nu återstår bara en sista städomgång:

 

1. Ta bort samtliga systemåterställningspunkter eftersom dessa kan vara infekterade.

Börja med att skapa en ny systemåterställningspunkt:

XP:

Start - Program- Tillbehör - Systemverktyg - Systemåterställning

Välj att skapa en ny återställningspunkt och tryck på Nästa.

Vista och Windows 7:

Högerklick på Datorn - Egenskaper - Systemskydd

Tryck på Skapa.

 

Ta sedan bort alla gamla systemåterställningspunkter genom att köra diskrensningsprogrammet.

Högerklicka på C: i Den här datorn/Utforskaren och välj Egenskaper.

På fliken Allmänt finns det en knapp som heter Diskrensning. Välj den.

Efter några minuter kommer programmet upp och då väljer du en flik som heter Fler alternativ eller något likande. Tryck på den Rensa-knapp som tar bort alla systemåterställningspunkter utom den senaste.

 

2. Ladda ner avinstallationsprogrammet OTC till Skrivbordet.

http://oldtimer.geekstogo.com/OTC.exe

Dubbelklicka på filen för att starta programmet.

Tryck på knappen CleanUp! och DDS samt detta program kommer att avinstalleras efter en omstart av datorn. Ta bort eventuella loggfiler som finns kvar.

 

3. Ta bort alla tillfälliga filer genom att ladda ner ATF-Cleaner på Skrivbordet:

http://www.atribune.org/ccount/click.php?id=1

Stäng av alla andra program, särskilt webbläsare.

Dubbelklicka på ATF-Cleaner.exe för att starta programmet.

Bocka i Select All. Tryck på Empty Selected.

 

Om du använder Firefox: Tryck på Firefox och välj Select All. Tryck på Empty Selected. Om du vill ha kvar dina lösenord så tryck No vid frågan.

 

Om du använder Opera: Tryck på Opera och välj Select All. Tryck på Empty Selected. Om du vill ha kvar dina lösenord så tryck No vid frågan.

Tryck på Exit i Main-menyn för att stänga programmet.

 

Obs! Detta kommer att ta bort alla cookies, om du har cookies som du vill ha kvar så får du antingen spara undan dem innan eller låta bli att välja Select All och i stället markera allt annat.

 

4. Byt alla lösenord som du använder i datorn och på internet eftersom dessa kan ha kommit i orätta händer.

http://mnin.blogspot.com/2009/02/why-i-enjoyed-tiggersyzor.html beskriver ett skadligt program som spionerar genom att ta skärmbilder, logga tangentbordsnedtryckningar och läsa lösenord som är lagrade i webbläsare, epostprogram etc.

 

5. Förbättra skyddet i datorn, se mina Råd för en säkrare dator. http://sites.google.com/site/ceblstockholm/home

 

Hej igen,

Då har jag gjort allt du sagt, men.... Det fanns 2 objekt i MBAM, jag tog bort dom. Bif. log:

[log]Malwarebytes' Anti-Malware 1.46

www.malwarebytes.org

 

Databasversion: 4326

 

Windows 6.0.6002 Service Pack 2

Internet Explorer 8.0.6001.18928

 

2010-07-24 23:06:05

mbam-log-2010-07-24 (23-06-05).txt

 

Skanningstyp: Snabbskanning

Antal skannade objekt: 127788

Förfluten tid: 8 minut(er), 0 sekund(er)

 

Infekterade minnesprocesser: 0

Infekterade minnesmoduler: 0

Infekterade registernycklar: 1

Infekterade registervärden: 0

Infekterade registerdataposter: 1

Infekterade mappar: 0

Infekterade filer: 0

 

Infekterade minnesprocesser:

(Inga illasinnade poster hittades)

 

Infekterade minnesmoduler:

(Inga illasinnade poster hittades)

 

Infekterade registernycklar:

HKEY_CURRENT_USER\SOFTWARE\AppDataLow\HavingFunOnline (Adware.BHO.FL) -> Quarantined and deleted successfully.

 

Infekterade registervärden:

(Inga illasinnade poster hittades)

 

Infekterade registerdataposter:

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\Start Page (Hijack.StartPage) -> Bad: (http://flvdirect.iamwired.net/) Good: (http://www.google.com) -> Quarantined and deleted successfully.

 

Infekterade mappar:

(Inga illasinnade poster hittades)

 

Infekterade filer:

(Inga illasinnade poster hittades)

[/log]

Länk till kommentar
Dela på andra webbplatser
Dag Erlandsson

Dag Erlandsson

Postad
  • Trådskapare
Postad

Då får vi hoppas att MBAM tog bort det sista skräpet.

 

Tack för allt Cecilia! Du är en räddare i nöden verkligen!!!

Länk till kommentar
Dela på andra webbplatser

Arkiverat

Det här ämnet är nu arkiverat och är stängt för ytterligare svar.

Gå till ämneslista


×
×
  • Skapa nytt...