Problem vid inloggning

[ArgusX]

Hej

Har haft denna tråd inne tidigare och fick en del tips. Då jag gjorde resett på Alcatel Speed Touch-modemet blev det plötsligt bra men nu är det samma visa igen, mitt svar var förhastat. Har antivirus F-Secure på Vista och AVG på den andra.

Har kört med och utan router (kabelgrejor), men lika segt. XP-datorn är något snabbare än Vista men den tar ändå ca 10 sek innan webbsidan kommer upp. Bläddringen på webben är också seg och hakar upp sig ibland. Allmänt trögt på webben...

Skrev tidigare:

"Har två datorer, en med Vista Home Premium med SP2 och en med XP Pro med Sp3. Hyfsade dator med ca 2 Gb ramminne och funkar ok och har inga problem när det gäller vanlig datahantering lokalt. Har ADSL-uppkoppling med Glocalnet som leverantör och de säger att det ligger på datorsidan ej deras fel.

Har Firefox och Explorer 8 på båda men oberoende om jag kör med Firefox eller Explorer så är bägge datorerna väldigt sega när det gäller uppkoppling till webben. Det tar ca 20 sek och det går trögt med bläddringen för att få nya webbsidor.

Har antivirusprogram på båda...

Någon som har idé om vad som hänt och vad man kan göra åt det. Har återinstallerat webbprogrammen utan resultat....

Tacksam för hjälp ! "

[Cecilia]

Här är den tidigare tråden: //eforum.idg.se/topic/221563-segt-att-koppla-upp-pa-internet

 

-----------

Flyttar tråden från "Windows 7" till "Internetuppkoppling".

 

Cecilia

Moderator

[Mats H]

Hej,

"Då jag gjorde resett på Alcatel Speed Touch-modemet blev det plötsligt bra men nu är det samma visa igen"

Felet återkommer, gjort reset denna gång med, vad sker?

"Har ADSL-uppkoppling med Glocalnet som leverantör och de säger att det ligger på datorsidan ej deras fel."

Kan det vara bekymmer med modemet, finns det ngn form av felsökning från din leverantör med tanke på svaret från dem?

Du kan ju köra DDS på varje dator så kan vi se om det finns ngt som ser underligt ut.

Förmodligen det enklaste sättet att pröva och utesluta datorerna.

Klistra in loggen/resultatet från programmet DDS. Spara DDS på Skrivbordet.

http://download.blee...om/sUBs/dds.scr

Starta programmet genom att dubbelklicka på det.

Tryck Yes/Ja om frågan om Optional Scan dyker upp.

I ditt svar klistrar du in loggen DSS.txt. Medan du bifogar Attach.txt som en fil.

 

DDS är ett program som listar processer som kör, program och tjänster som startas automatiskt samt filer i sådana mappar som är vanliga att skadliga program och som är nya eller ändrade under senaste 1-3 månader. DDS är ett mycket vanligt program bland oss som hjälper till att rensa datorer. Resultatet ger oss en grundläggande kunskap om vad som händer och har hänt nyligen i datorn,

Mvh

Mats H

[ArgusX]

Hej Mats

Tack för info...men när jag ska ladda ner enl din rödmärkta fil (program DDS) så kommer det varning från F-secure som säger att den är skadlig och rekommenderar att inte logga ner den !!!!!

[Mats H]

Hej,

den kommer från en säker sida, så du kan ignorera F-Secures varning.

Bleepingcomputer är en väl renomerad sida som hjälper till med bekämpande av "otyg"!

Lycka till!

Mvh

Mats h

[ArgusX]

Hej Mats

 

Min Vista-dator vill inte poppa upp logfilerna.Har letat men hittar inget...

Däremot funkar det med XP-datorn. DDS kommer här...och attach som bilöaga

 

Mvh

Roland

 

 

DDS (Ver_10-03-17.01) - NTFSx86

Run by Administrat”r at 8:22:41,15 on 2010-07-31

Internet Explorer: 8.0.6001.18702

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1053.18.1535.1085 [GMT 2:00]

 

AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}

 

============== Running Processes ===============

 

C:\WINDOWS\system32\svchost -k DcomLaunch

svchost.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

svchost.exe

svchost.exe

C:\Program\AVG\AVG9\avgchsvx.exe

C:\Program\AVG\AVG9\avgrsx.exe

C:\Program\AVG\AVG9\avgcsrvx.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\Program\AVG\AVG9\avgtray.exe

E:\Program\TweakNow PowerPack 2009\CDAuto.exe

C:\WINDOWS\system32\ctfmon.exe

svchost.exe

C:\Program\AVG\AVG9\avgwdsvc.exe

C:\WINDOWS\system32\svchost.exe -k imgsvc

C:\Program\AVG\AVG9\avgnsx.exe

C:\Program\Mozilla Firefox\firefox.exe

C:\Documents and Settings\Administratör\Mina dokument\Hämtade filer\dds.scr

 

============== Pseudo HJT Report ===============

 

uStart Page = hxxp://www.aftonbladet.se/

uURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program\avg\avg9\toolbar\IEToolbar.dll

BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program\avg\avg9\avgssie.dll

BHO: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program\avg\avg9\toolbar\IEToolbar.dll

TB: AVG Security Toolbar: {ccc7a320-b3ca-4199-b1a6-9f516dd69829} - c:\program\avg\avg9\toolbar\IEToolbar.dll

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

mRun: [AVG9_TRAY] c:\program\avg\avg9\avgtray.exe

mRun: [CD Autorun] e:\program\tweaknow powerpack 2009\CDAuto.exe

StartupFolder: c:\docume~1\alluse~1\start-~1\program\autost~1\micros~1.lnk - c:\program\microsoft office\office\OSA9.EXE

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program\messenger\msmsgs.exe

DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1271865101677

Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - c:\program\avg\avg9\toolbar\IEToolbar.dll

Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program\avg\avg9\avgpp.dll

Notify: avgrsstarter - avgrsstx.dll

 

================= FIREFOX ===================

 

FF - ProfilePath - c:\docume~1\admini~1\applic~1\mozilla\firefox\profiles\ylv3xnxp.default\

FF - prefs.js: browser.startup.homepage - hxxp://co110w.col110.mail.live.com/default.aspx?n=1409240240&wa=wsignin1.0

 

---- FIREFOX POLICIES ----

c:\program\mozilla firefox\greprefs\all.js - pref("ui.use_native_colors", true);

c:\program\mozilla firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);

c:\program\mozilla firefox\greprefs\all.js - pref("browser.visited_color", "#551A8B");

c:\program\mozilla firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);

c:\program\mozilla firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);

c:\program\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);

c:\program\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);

c:\program\mozilla firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);

c:\program\mozilla firefox\greprefs\all.js - pref("svg.smil.enabled", false);

c:\program\mozilla firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);

c:\program\mozilla firefox\greprefs\all.js - pref("browser.formfill.debug", false);

c:\program\mozilla firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);

c:\program\mozilla firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);

c:\program\mozilla firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);

c:\program\mozilla firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);

c:\program\mozilla firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);

c:\program\mozilla firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);

c:\program\mozilla firefox\greprefs\all.js - pref("html5.enable", false);

c:\program\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);

c:\program\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");

c:\program\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);

c:\program\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);

c:\program\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);

c:\program\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);

c:\program\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");

c:\program\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");

c:\program\mozilla firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".se");

c:\program\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");

c:\program\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");

c:\program\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");

c:\program\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");

c:\program\mozilla firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);

c:\program\mozilla firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);

c:\program\mozilla firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);

c:\program\mozilla firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);

c:\program\mozilla firefox\defaults\pref\firefox.js - pref("browser.videoFeeds.handler", "ask");

c:\program\mozilla firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);

c:\program\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);

c:\program\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);

c:\program\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);

 

============= SERVICES / DRIVERS ===============

 

R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2010-4-22 216400]

R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2010-4-22 29584]

R1 AvgTdiX;AVG Free Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2010-4-22 243024]

R2 avg9wd;AVG Free WatchDog;c:\program\avg\avg9\avgwdsvc.exe [2010-4-22 308136]

R3 SiSV;SiSV;c:\windows\system32\drivers\SiSV.sys [2010-4-15 50432]

S3 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\program\avg\avg9\toolbar\ToolbarBroker.exe [2010-4-22 369920]

 

=============== Created Last 30 ================

 

 

==================== Find3M ====================

 

2010-07-30 06:42:56 1572864 ---ha-w- c:\documents and settings\administratör\NTUSER.DAT

2010-07-17 16:06:07 243024 ----a-w- c:\windows\system32\drivers\avgtdix.sys

2010-07-17 16:05:33 216400 ----a-w- c:\windows\system32\drivers\avgldx86.sys

2010-05-06 10:36:51 916480 ----a-w- c:\windows\system32\wininet.dll

2010-05-02 08:10:15 1851264 ----a-w- c:\windows\system32\win32k.sys

 

============= FINISH: 8:23:32,71 ===============

[Mats H]

Hej,

på Vista datorn bör du hitta DDS.txt och Attach.txt där DDS.scr hamnat vid nedladdning.

Mvh

Mats H

[Mats H]

Hej Mats

 

Min Vista-dator vill inte poppa upp logfilerna.Har letat men hittar inget...

Däremot funkar det med XP-datorn. DDS kommer här...och attach som bilöaga

 

Mvh

Roland

 

Attach kom visst inte med!

Använd full redigerare när du bifogar filer.

Mvh

Mats H

[ArgusX]

Hej Mats

 

Har kollat men dds och attach hittar jag ingenstans. Är det inte så att om de inte poppar upp efter scanning så försvinner de ? Finns inte i mappen med dds.scr..

Försöker igen med attach...

Attach.txt

[Mats H]

Nej de sparas normalt.

Kanske F-Secure hittat på ngt med dem!

Starta i Felsäkert läge, och prova igen!

Mvh

Mats H

[Mats H]

Hej,

allt ser bra ut med din XP dator.

Det enda som kan sinka ned internet som jag ser är:

AVG Linkscanner, prova att inaktivera den Toolbaren.

Kan ge dig lite snabbare nät.

 

En annan sak som verkar/kan vara "skum" är din startsida i Firefox, ta bort den om den inte är relevant och ersätt med t.ex. http://www.google.com., och se om det ger någon effekt.

Övrigt när det gäller XP datorn, vad gör detta program: tweaknow powerpack 2009

 

Om du har motsvarande inställningar i din Vista dator, men en F-Secure Linkscanner, tror att det finns ngt sådant, avvaktivera den.

Kontrollera även hemsidan i Firefox.

 

Återkom gärna med DDS för Vista datorn eller om du har ytterligare frågor.

Mvh

Mats H

[ArgusX]

Hej igen Mats

 

Ja, nu gick det att få loggfilerna. Här kommer Vistadatorns DDS.txt samt attach,

Ska begrunda ditt senaste mail betr AVG m.m.

Mvh

Roland

 

 

DDS (Ver_10-03-17.01) - NTFSx86

Run by 1 at 19:49:20,82 on 2010-07-31

Internet Explorer: 8.0.6001.18928 BrowserJavaVersion: 1.6.0_20

 

============== Running Processes ===============

 

 

============== Pseudo HJT Report ===============

 

uStart Page = hxxp://www.aftonbladet.se/

uDefault_Page_URL = hxxp://www.thetechguys.com/welcome

uInternet Settings,ProxyOverride = *.local;<local>

mURLSearchHooks: H - No File

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\googletoolbar1.dll

BHO: Browsing Protection Class: {c6867eb7-8350-4856-877f-93cf8ae3dc9c} - c:\program files\glocalnet sakerhetspaket\nrs\iescript\baselitmus.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

TB: &Google: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\googletoolbar1.dll

TB: Browsing Protection Toolbar: {265eee8e-3228-44d3-aea5-f7fdf5860049} - c:\program files\glocalnet sakerhetspaket\nrs\iescript\baselitmus.dll

mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

LSP: c:\program files\glocalnet sakerhetspaket\fsps\program\FSLSP.DLL

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab

DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab

DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab

Notify: igfxcui - igfxdev.dll

 

================= FIREFOX ===================

 

FF - ProfilePath - c:\users\1\appdata\roaming\mozilla\firefox\profiles\xup4u9cs.default\

FF - prefs.js: browser.search.selectedEngine - Yahoo! Search

FF - prefs.js: browser.startup.homepage - hxxp://co110w.col110.mail.live.com/default.aspx?n=1409240240&wa=wsignin1.0

FF - prefs.js: keyword.URL - hxxp://se.yhs.search.yahoo.com/avg/search?fr=yhs-avg&type=yahoo_avg_hs2-tb-web_se&p=

FF - prefs.js: network.proxy.type - 0

FF - component: c:\program files\glocalnet sakerhetspaket\nrs\litmus-ff@f-secure.com\components\litmus-ff.dll

FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: c:\program files\personal\bin\np_prsnl.dll

FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\

FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}

FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}

FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}

FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}

FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}

 

---- FIREFOX POLICIES ----

c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_colors", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);

c:\program files\mozilla firefox\greprefs\all.js - pref("browser.visited_color", "#551A8B");

c:\program files\mozilla firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);

c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.proxy.type", 5);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.buffer.cache.count", 24);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.buffer.cache.size", 4096);

c:\program files\mozilla firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);

c:\program files\mozilla firefox\greprefs\all.js - pref("svg.smil.enabled", false);

c:\program files\mozilla firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);

c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.debug", false);

c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);

c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);

c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);

c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);

c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);

c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);

c:\program files\mozilla firefox\greprefs\all.js - pref("accelerometer.enabled", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("html5.enable", false);

c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);

c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");

c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);

c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);

c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);

c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);

c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");

c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");

c:\program files\mozilla firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".se");

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.videoFeeds.handler", "ask");

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);

 

============= SERVICES / DRIVERS ===============

 

 

=============== Created Last 30 ================

 

2010-07-31 17:44:09 0 d-----w- c:\windows\pss

2010-07-13 06:53:22 151552 ------w- c:\windows\system32\fpres532.dll

2010-07-10 11:57:18 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll

2010-07-10 11:57:18 297808 ----a-w- c:\windows\system32\mscoree.dll

2010-07-10 11:57:18 295264 ----a-w- c:\windows\system32\PresentationHost.exe

2010-07-10 11:57:17 49472 ----a-w- c:\windows\system32\netfxperf.dll

2010-07-10 11:57:17 1130824 ----a-w- c:\windows\system32\dfshim.dll

2010-07-10 11:52:32 28672 ----a-w- c:\windows\system32\Apphlpdm.dll

2010-07-10 11:52:31 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll

 

==================== Find3M ====================

 

2010-07-27 18:53:06 51200 ----a-w- c:\windows\inf\infpub.dat

2010-07-27 18:53:05 143360 ----a-w- c:\windows\inf\infstrng.dat

2010-07-26 16:15:10 607342 ----a-w- c:\windows\system32\perfh01D.dat

2010-07-26 16:15:10 121668 ----a-w- c:\windows\system32\perfc01D.dat

2010-07-13 16:37:16 41256 ----a-w- c:\windows\system32\drivers\fsbts.sys

2010-05-26 17:06:41 34304 ----a-w- c:\windows\system32\atmlib.dll

2010-05-26 14:47:41 289792 ----a-w- c:\windows\system32\atmfd.dll

2010-05-21 12:14:28 221568 ------w- c:\windows\system32\MpSigStub.exe

2010-05-04 05:59:21 916480 ----a-w- c:\windows\system32\wininet.dll

2010-05-04 05:55:42 71680 ----a-w- c:\windows\system32\iesetup.dll

2010-05-04 05:55:42 109056 ----a-w- c:\windows\system32\iesysprep.dll

2010-05-04 04:31:05 133632 ----a-w- c:\windows\system32\ieUnatt.exe

2009-12-11 07:22:31 86016 ----a-w- c:\windows\inf\infstor.dat

2009-11-17 14:22:55 665600 ----a-w- c:\windows\inf\drvindex.dat

2008-04-20 16:47:49 174 --sha-w- c:\program files\desktop.ini

2007-09-14 04:19:42 35978 ----a-w- c:\windows\inf\perflib\041d\perfd.dat

2007-09-14 04:19:42 35978 ----a-w- c:\windows\inf\perflib\041d\perfc.dat

2007-09-14 04:19:42 290490 ----a-w- c:\windows\inf\perflib\041d\perfi.dat

2007-09-14 04:19:42 290490 ----a-w- c:\windows\inf\perflib\041d\perfh.dat

2006-11-02 09:20:21 287440 ----a-w- c:\windows\inf\perflib\0000\perfi.dat

2006-11-02 09:20:21 287440 ----a-w- c:\windows\inf\perflib\0000\perfh.dat

2006-11-02 09:20:19 30674 ----a-w- c:\windows\inf\perflib\0000\perfd.dat

2006-11-02 09:20:19 30674 ----a-w- c:\windows\inf\perflib\0000\perfc.dat

2009-10-17 06:27:37 245760 --sha-w- c:\windows\serviceprofiles\networkservice\appdata\roaming\microsoft\windows\ietldcache\index.dat

2007-07-13 10:29:35 8192 --sha-w- c:\windows\users\default\NTUSER.DAT

 

============= FINISH: 19:51:13,60 ===============

Attach.txt

[Mats H]

Hej,

Vista datorn, ser bra ut med.

Men det finns några saker som bör tas bort och som kan påverka. Tänkte att vi skulle använda Hijack This.

HijackThis - Trend Micro USA hämtas här.

Installera programmet och kör "Do A System Scan And Save A Log".

Klistra in loggen här i din tråd.

Mvh

Mats H

[ArgusX]

Hej envise Mats !

 

Här kommer hijack från Vistadatorn..

 

Mvh

Roland

[Mats H]

Hej envise Mats !

 

Här kommer hijack från Vistadatorn..

 

Mvh

Roland

 

Hmm!

Ser den inte!

Mvh

Mats H

[ArgusX]

Hej Mats

 

Konstigt...försöker igen men nu står det att jag inte har tillåtelse att ladda upp filtypen !!! Filen heter hijackthis.log

Något fel ?

Mvh

Roland

[Mats H]

Hej,

öppna den på din dator så att du ser loggen, (den öppnas i programmet Anteckningar).

Välj Redigera i verktygsraden, och Markera allt, tryck Ctrl och C samtidigt, ställ markören i "Snabbsvarsrutan här och tryck Ctrl och V samtidigt, så är den på plats!

Filen i sig ska inte laddas upp.

Mvh

Mats H

[ArgusX]

Hej igen

 

Tänkte till och lade texten på en Winwordfil istället...hoppas de går lika bra ?

Filen ligger på en USB, därav D:

 

Betr Tweaknow och några andra hjälpprogram så har jag tagit bort dem från XP-datorn...

Denna dator är inte så seg vid uppstarten som Vistadatorn..

 

/Roland

Logfile of Trend Micro HijackThis v2.doc

[Mats H]

Postar din logg här!

Åter om ngn timme!

Mvh

Mats H

 

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 23:26:42, on 2010-07-31

Platform: Windows Vista SP2 (WinNT 6.00.1906)

MSIE: Internet Explorer v8.00 (8.00.6001.18928)

Boot mode: Normal

 

Running processes:

 

C:\Windows\system32\taskeng.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Windows\RtHDVCpl.exe

C:\Windows\System32\rundll32.exe

C:\Windows\System32\rundll32.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Windows\System32\spool\drivers\w32x86\3\fpdisp5a.exe

C:\Program Files\Glocalnet Sakerhetspaket\Common\FSM32.EXE

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Windows\ehome\ehtray.exe

C:\Program Files\Personal\bin\Personal.exe

C:\Program Files\Jasc Software Inc\After Shot\IXApplet.exe

C:\Windows\ehome\ehmsas.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Mozilla Firefox\plugin-container.exe

C:\Users\1\Downloads\HijackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.thetechguys.com/welcome

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.aftonbladet.se/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.thetechguys.com/welcome

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local;<local>

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O1 - Hosts: ::1 localhost

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll

O2 - BHO: LitmusBHO - {C6867EB7-8350-4856-877F-93CF8AE3DC9C} - C:\Program Files\Glocalnet Sakerhetspaket\NRS\iescript\baselitmus.dll

O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll

O3 - Toolbar: Browsing Protection Toolbar - {265EEE8E-3228-44D3-AEA5-F7FDF5860049} - C:\Program Files\Glocalnet Sakerhetspaket\NRS\iescript\baselitmus.dll

O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

O4 - HKLM\..\Run: [updateP2GShortCut] C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe "C:\Program Files\CyberLink\Power2Go" update "SOFTWARE\CyberLink\Power2Go\5.0"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [skytel] Skytel.exe

O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe

O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe

O4 - HKLM\..\Run: [FinePrint Dispatcher v5] C:\Windows\system32\spool\DRIVERS\W32X86\3\fpdisp5a.exe

O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Glocalnet Sakerhetspaket\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW

O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Glocalnet Sakerhetspaket\Common\FSM32.EXE" /splash

O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe

O4 - Global Startup: BankID säkerhetsprogram.lnk = C:\Program Files\Personal\bin\Personal.exe

O4 - Global Startup: Camio Viewer.lnk = C:\Program Files\Jasc Software Inc\After Shot\IXApplet.exe

O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: Bonjour-tjänst (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: F-Secure BlackLight Sensor - Unknown owner - C:\Windows\TEMP\F-Secure\Anti-Virus\fsblsrv.exe (file missing)

O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - Unknown owner - C:\Program Files\Glocalnet Sakerhetspaket\Anti-Virus\fsgk32st.exe

O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Glocalnet Sakerhetspaket\FWES\Program\fsdfwd.exe

O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\Glocalnet Sakerhetspaket\Common\FSMA32.EXE

O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program Files\Glocalnet Sakerhetspaket\ORSP Client\fsorsp.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

 

 

 

--

 

End of file - 6777 bytes

[Mats H]

Hej,

när du kört ut loggar, är du inloggad som administratör, om inte, kan du då köra om DDS loggen och HiJack Thisloggen som admin.? Du kan högerklicka på programikonen och välja Kör som Administratör.

Om du är det, låt mig få veta.

Mvh

Mats H

[ArgusX]

Hej

Hänger inte med riktigt. Trodde att jag kör som adm alltid..... Vilken programikon menar du ?

/Roland

[ArgusX]

Sri, nu fattade jag...he..he

Ska skicka DDS och Hi....igen strax

/Roland

[ArgusX]

Här kommer Hijack...

 

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 23:26:42, on 2010-07-31

Platform: Windows Vista SP2 (WinNT 6.00.1906)

MSIE: Internet Explorer v8.00 (8.00.6001.18928)

Boot mode: Normal

 

Running processes:

C:\Windows\system32\taskeng.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Windows\RtHDVCpl.exe

C:\Windows\System32\rundll32.exe

C:\Windows\System32\rundll32.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Windows\System32\spool\drivers\w32x86\3\fpdisp5a.exe

C:\Program Files\Glocalnet Sakerhetspaket\Common\FSM32.EXE

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Windows\ehome\ehtray.exe

C:\Program Files\Personal\bin\Personal.exe

C:\Program Files\Jasc Software Inc\After Shot\IXApplet.exe

C:\Windows\ehome\ehmsas.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Mozilla Firefox\plugin-container.exe

C:\Users\1\Downloads\HijackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.thetechguys.com/welcome'>http://www.thetechguys.com/welcome

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896'>http://go.microsoft.com/fwlink/?LinkId=54896'>http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.aftonbladet.se/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.thetechguys.com/welcome

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local;<local>

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O1 - Hosts: ::1 localhost

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll

O2 - BHO: LitmusBHO - {C6867EB7-8350-4856-877F-93CF8AE3DC9C} - C:\Program Files\Glocalnet Sakerhetspaket\NRS\iescript\baselitmus.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll

O3 - Toolbar: Browsing Protection Toolbar - {265EEE8E-3228-44D3-AEA5-F7FDF5860049} - C:\Program Files\Glocalnet Sakerhetspaket\NRS\iescript\baselitmus.dll

O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

O4 - HKLM\..\Run: [updateP2GShortCut] C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe "C:\Program Files\CyberLink\Power2Go" update "SOFTWARE\CyberLink\Power2Go\5.0"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [skytel] Skytel.exe

O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe

O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe

O4 - HKLM\..\Run: [FinePrint Dispatcher v5] C:\Windows\system32\spool\DRIVERS\W32X86\3\fpdisp5a.exe

O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Glocalnet Sakerhetspaket\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW

O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Glocalnet Sakerhetspaket\Common\FSM32.EXE" /splash

O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe

O4 - Global Startup: BankID säkerhetsprogram.lnk = C:\Program Files\Personal\bin\Personal.exe

O4 - Global Startup: Camio Viewer.lnk = C:\Program Files\Jasc Software Inc\After Shot\IXApplet.exe

O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: Bonjour-tjänst (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: F-Secure BlackLight Sensor - Unknown owner - C:\Windows\TEMP\F-Secure\Anti-Virus\fsblsrv.exe (file missing)

O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - Unknown owner - C:\Program Files\Glocalnet Sakerhetspaket\Anti-Virus\fsgk32st.exe

O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Glocalnet Sakerhetspaket\FWES\Program\fsdfwd.exe

O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\Glocalnet Sakerhetspaket\Common\FSMA32.EXE

O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program Files\Glocalnet Sakerhetspaket\ORSP Client\fsorsp.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

 

--

End of file - 6777 bytes

[ArgusX]

..och här DDS och Attach

Måste inaktivera F-Secure för att fixa det...Har en känsla av att det antivirusprogrammet ställer till en del strul...

Mvh

Roland

 

 

DDS (Ver_10-03-17.01) - NTFSx86

Run by 1 at 11:19:56,16 on 2010-08-01

Internet Explorer: 8.0.6001.18928 BrowserJavaVersion: 1.6.0_20

Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.46.1053.18.2046.1135 [GMT 2:00]

 

SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

 

============== Running Processes ===============

 

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k rpcss

C:\Windows\System32\svchost.exe -k secsvcs

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup

C:\Windows\system32\SLsvc.exe

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\Dwm.exe

C:\Windows\system32\taskeng.exe

C:\Windows\Explorer.EXE

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Windows\RtHDVCpl.exe

C:\Windows\System32\rundll32.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Windows\System32\spool\drivers\w32x86\3\fpdisp5a.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Windows\ehome\ehtray.exe

C:\Program Files\Personal\bin\Personal.exe

C:\Program Files\Jasc Software Inc\After Shot\IXApplet.exe

C:\Windows\System32\rundll32.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\Windows\ehome\ehmsas.exe

C:\Program Files\Glocalnet Sakerhetspaket\Anti-Virus\fsgk32st.exe

C:\Program Files\Glocalnet Sakerhetspaket\Common\FSMA32.EXE

C:\Program Files\Glocalnet Sakerhetspaket\Anti-Virus\FSGK32.EXE

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\System32\svchost.exe -k WerSvcGroup

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\system32\WUDFHost.exe

C:\Windows\System32\mobsync.exe

C:\Program Files\Glocalnet Sakerhetspaket\Anti-Virus\fssm32.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Windows\system32\taskeng.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Mozilla Firefox\plugin-container.exe

C:\Windows\system32\conime.exe

C:\Program Files\Glocalnet Sakerhetspaket\Common\FSLAUNCH.EXE

C:\Windows\system32\DllHost.exe

C:\Windows\system32\DllHost.exe

C:\Users\1\Desktop\dds.scr

C:\Windows\system32\wbem\wmiprvse.exe

 

============== Pseudo HJT Report ===============

 

uStart Page = hxxp://www.aftonbladet.se/

uDefault_Page_URL = hxxp://www.thetechguys.com/welcome

uInternet Settings,ProxyOverride = *.local;<local>

mURLSearchHooks: H - No File

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\googletoolbar1.dll

BHO: Browsing Protection Class: {c6867eb7-8350-4856-877f-93cf8ae3dc9c} - c:\program files\glocalnet sakerhetspaket\nrs\iescript\baselitmus.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

TB: &Google: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\googletoolbar1.dll

TB: Browsing Protection Toolbar: {265eee8e-3228-44d3-aea5-f7fdf5860049} - c:\program files\glocalnet sakerhetspaket\nrs\iescript\baselitmus.dll

uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe

uRun: [swg] c:\program files\google\googletoolbarnotifier\1.2.1128.5462\GoogleToolbarNotifier.exe

uRun: [sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun

uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe

mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

mRun: [updateP2GShortCut] c:\program files\cyberlink\power2go\muitransfer\muistartmenu.exe "c:\program files\cyberlink\power2go" update "software\cyberlink\power2go\5.0"

mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

mRun: [skytel] Skytel.exe

mRun: [RtHDVCpl] RtHDVCpl.exe

mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime

mRun: [Persistence] c:\windows\system32\igfxpers.exe

mRun: [NvSvc] RUNDLL32.EXE c:\windows\system32\nvsvc.dll,nvsvcStart

mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit

mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup

mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"

mRun: [igfxTray] c:\windows\system32\igfxtray.exe

mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe

mRun: [FinePrint Dispatcher v5] c:\windows\system32\spool\drivers\w32x86\3\fpdisp5a.exe

mRun: [F-Secure TNB] "c:\program files\glocalnet sakerhetspaket\fsgui\TNBUtil.exe" /CHECKALL /WAITFORSW

mRun: [F-Secure Manager] "c:\program files\glocalnet sakerhetspaket\common\FSM32.EXE" /splash

mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\bin\AppleSyncNotifier.exe

mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"

mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\bankid~1.lnk - c:\program files\personal\bin\Personal.exe

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\camiov~1.lnk - c:\program files\jasc software inc\after shot\IXApplet.exe

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office\OSA9.EXE

mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

LSP: c:\program files\glocalnet sakerhetspaket\fsps\program\FSLSP.DLL

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab

DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab

DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab

Notify: igfxcui - igfxdev.dll

 

================= FIREFOX ===================

 

FF - ProfilePath - c:\users\1\appdata\roaming\mozilla\firefox\profiles\xup4u9cs.default\

FF - prefs.js: browser.search.selectedEngine - Yahoo! Search

FF - prefs.js: browser.startup.homepage - hxxp://www.google.se/

FF - prefs.js: keyword.URL - hxxp://se.yhs.search.yahoo.com/avg/search?fr=yhs-avg&type=yahoo_avg_hs2-tb-web_se&p=

FF - prefs.js: network.proxy.type - 0

FF - component: c:\program files\glocalnet sakerhetspaket\nrs\litmus-ff@f-secure.com\components\litmus-ff.dll

FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: c:\program files\personal\bin\np_prsnl.dll

FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\

FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}

FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}

FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}

FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}

FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}

 

---- FIREFOX POLICIES ----

c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_colors", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);

c:\program files\mozilla firefox\greprefs\all.js - pref("browser.visited_color", "#551A8B");

c:\program files\mozilla firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);

c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.proxy.type", 5);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.buffer.cache.count", 24);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.buffer.cache.size", 4096);

c:\program files\mozilla firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);

c:\program files\mozilla firefox\greprefs\all.js - pref("svg.smil.enabled", false);

c:\program files\mozilla firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);

c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.debug", false);

c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);

c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);

c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);

c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);

c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);

c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);

c:\program files\mozilla firefox\greprefs\all.js - pref("accelerometer.enabled", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("html5.enable", false);

c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);

c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");

c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);

c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);

c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);

c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);

c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");

c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");

c:\program files\mozilla firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".se");

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.videoFeeds.handler", "ask");

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);

 

============= SERVICES / DRIVERS ===============

 

R0 fsbts;fsbts;c:\windows\system32\drivers\fsbts.sys [2009-11-26 41256]

R1 F-Secure HIPS;F-Secure HIPS Driver;c:\program files\glocalnet sakerhetspaket\hips\drivers\fshs.sys [2009-11-26 68064]

R1 FSES;F-Secure Email Scanning Driver;c:\windows\system32\drivers\fses.sys [2009-11-26 35792]

R1 FSFW;F-Secure Firewall Driver;c:\windows\system32\drivers\fsdfw.sys [2009-11-26 71040]

R1 fsvista;F-Secure Vista Support Driver;c:\program files\glocalnet sakerhetspaket\anti-virus\minifilter\fsvista.sys [2009-11-26 12384]

R2 F-Secure Gatekeeper Handler Starter;FSGKHS;c:\program files\glocalnet sakerhetspaket\anti-virus\fsgk32st.exe [2009-11-26 215648]

R3 F-Secure Gatekeeper;F-Secure Gatekeeper;c:\program files\glocalnet sakerhetspaket\anti-virus\minifilter\fsgk.sys [2009-11-26 123056]

S3 F-Secure BlackLight Sensor;F-Secure BlackLight Sensor;c:\windows\temp\f-secure\anti-virus\fsblsrv.exe --> c:\windows\temp\f-secure\anti-virus\fsblsrv.exe [?]

S3 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-4-20 21504]

S3 FSORSPClient;F-Secure ORSP Client;c:\program files\glocalnet sakerhetspaket\orsp client\fsorsp.exe [2009-11-26 57008]

S4 F-Secure Filter;F-Secure File System Filter;c:\program files\glocalnet sakerhetspaket\anti-virus\win2k\fsfilter.sys [2009-11-26 39776]

S4 F-Secure Recognizer;F-Secure File System Recognizer;c:\program files\glocalnet sakerhetspaket\anti-virus\win2k\fsrec.sys [2009-11-26 25184]

 

=============== Created Last 30 ================

 

2010-07-31 21:24:53 0 d-----w- c:\program files\Trend Micro

2010-07-31 17:44:09 0 d-----w- c:\windows\pss

2010-07-13 06:53:22 151552 ------w- c:\windows\system32\fpres532.dll

2010-07-10 11:57:18 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll

2010-07-10 11:57:18 297808 ----a-w- c:\windows\system32\mscoree.dll

2010-07-10 11:57:18 295264 ----a-w- c:\windows\system32\PresentationHost.exe

2010-07-10 11:57:17 49472 ----a-w- c:\windows\system32\netfxperf.dll

2010-07-10 11:57:17 1130824 ----a-w- c:\windows\system32\dfshim.dll

2010-07-10 11:52:32 28672 ----a-w- c:\windows\system32\Apphlpdm.dll

2010-07-10 11:52:31 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll

 

==================== Find3M ====================

 

2010-07-27 18:53:06 51200 ----a-w- c:\windows\inf\infpub.dat

2010-07-27 18:53:05 143360 ----a-w- c:\windows\inf\infstrng.dat

2010-07-26 16:15:10 607342 ----a-w- c:\windows\system32\perfh01D.dat

2010-07-26 16:15:10 121668 ----a-w- c:\windows\system32\perfc01D.dat

2010-07-13 16:37:16 41256 ----a-w- c:\windows\system32\drivers\fsbts.sys

2010-05-26 17:06:41 34304 ----a-w- c:\windows\system32\atmlib.dll

2010-05-26 14:47:41 289792 ----a-w- c:\windows\system32\atmfd.dll

2010-05-21 12:14:28 221568 ------w- c:\windows\system32\MpSigStub.exe

2010-05-04 05:59:21 916480 ----a-w- c:\windows\system32\wininet.dll

2010-05-04 05:55:42 71680 ----a-w- c:\windows\system32\iesetup.dll

2010-05-04 05:55:42 109056 ----a-w- c:\windows\system32\iesysprep.dll

2010-05-04 04:31:05 133632 ----a-w- c:\windows\system32\ieUnatt.exe

2009-12-11 07:22:31 86016 ----a-w- c:\windows\inf\infstor.dat

2009-11-17 14:22:55 665600 ----a-w- c:\windows\inf\drvindex.dat

2008-04-20 16:47:49 174 --sha-w- c:\program files\desktop.ini

2007-09-14 04:19:42 35978 ----a-w- c:\windows\inf\perflib\041d\perfd.dat

2007-09-14 04:19:42 35978 ----a-w- c:\windows\inf\perflib\041d\perfc.dat

2007-09-14 04:19:42 290490 ----a-w- c:\windows\inf\perflib\041d\perfi.dat

2007-09-14 04:19:42 290490 ----a-w- c:\windows\inf\perflib\041d\perfh.dat

2006-11-02 09:20:21 287440 ----a-w- c:\windows\inf\perflib\0000\perfi.dat

2006-11-02 09:20:21 287440 ----a-w- c:\windows\inf\perflib\0000\perfh.dat

2006-11-02 09:20:19 30674 ----a-w- c:\windows\inf\perflib\0000\perfd.dat

2006-11-02 09:20:19 30674 ----a-w- c:\windows\inf\perflib\0000\perfc.dat

2009-10-17 06:27:37 245760 --sha-w- c:\windows\serviceprofiles\networkservice\appdata\roaming\microsoft\windows\ietldcache\index.dat

2007-07-13 10:29:35 8192 --sha-w- c:\windows\users\default\NTUSER.DAT

 

============= FINISH: 11:21:07,36 ===============

Attach.txt

[Mats H]

Hej,

följande program kan du bocka ur från uppstart, skriv msconfig i sökrutan, tryck Enter, välj fliken Autostart och markera ur dessa. Starta om datorn.

UpdateP2GShortCut

Skytel

QuickTime Task

iTunesHelper

FinePrint Dispatcher v5

Adobe Reader Speed Launcher

Adobe ARM

Om ngt program ev. skulle få ngt bekymmer pga detta, bara att gå tillbaka hit och ändra.

 

I Firefox, Verktyg\Tillägg,

avaktivera/ta bort följande tillägg:

Java 6 Update 13

Java 6 Update 15

Java 6 Update 16

Java 6 Update 17

 

I övrigt verkar allt vara alldeles utmärkt.

Hur mycket RAM minne har din Vista dator?

F-Secure är ett tungt program. Ser att du har Windows Defender igång med.

Det kan stängas av utan risk för datorn. Se Kontrollpanelen Säkerhetscenter, alt. Vista Hjälpen.

 

Jag skulle be GlocalNet om ett nytt modem, och stå på dig.

Iom att denna genomgång av dina datorer, inte visar på bristande underhåll/uppdateringar och att de inte är infekterade, så är det upp till GlocalNet att göra en insats.

Reseten av modemet, tidigare visade att det fungerade bättre efter den, och att det över tid försämras.

Du kan alltid referera hit till E-Forum om du behöver det.

 

Mvh

Mats H