Just nu i M3-nätverket
Jump to content

Långsam dator Windows Vista, hjälp någon?


towermountain

Recommended Posts

towermountain

Hej,

 

Någon som kan hjälpa en som snart slitit bort allt sitt hår?

Min dator har blivit segare och segare sista månaderna, har försökt de flesta Vista-tips jag googlat runt efter. Inget tycks hjälpa.

 

Spec: Intel Core2 Quad CPU Q8200 2.33GHz, 4.0GB RAM, NVIDIA GeForce GT 130

OS: Vista Home Premium 64-bit SP2

 

Vid tomgång används 2.25 av 4 GB, men nästan ingen CPU används. Allt går ändå väldigt långsamt.

Har städat tempfiler och register med SlowPCFighter och CCleaner.

Öppna tex IE och andra fönster tar låång tid.

 

HIJack-logg bifogas

 

Temperaturer normala (?). (GPU-core 59C, Max 47C i kärnorna)

 

Tacksam för tips

hijackthis.txt

Link to comment
Share on other sites

Hej,

postar din logg här:

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 00:12:33, on 2010-08-02

Platform: Windows Vista SP2 (WinNT 6.00.1906)

MSIE: Internet Explorer v8.00 (8.00.6001.18928)

Boot mode: Normal

 

Running processes:

C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe

C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program Files (x86)\F-Secure Online Backup\F-Secure Online Backup\fsolb-eu.exe

C:\Users\Fredrik\AppData\Roaming\Dropbox\bin\DropBox.exe

C:\hp\support\hpsysdrv.exe

C:\Program Files (x86)\F-Secure Internet Security\Common\FSM32.EXE

C:\Windows\SysWOW64\drivers\Phibtn.exe

C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe

C:\Program Files (x86)\Citrix\ICA Client\concentr.exe

C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe

C:\Windows\SysWOW64\conime.exe

C:\Program Files (x86)\Hewlett-Packard\KBD\kbd.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe

C:\Windows\SysWow64\Macromed\Flash\FlashUtil10e.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Program Files (x86)\F-Secure Online Backup\F-Secure Online Backup\AGMailAgent.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=sv_se&c=91&bd=Pavilion&pf=cndt'>http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=sv_se&c=91&bd=Pavilion&pf=cndt'>http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=sv_se&c=91&bd=Pavilion&pf=cndt

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896'>http://go.microsoft.com/fwlink/?LinkId=54896'>http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.aftonbladet.se/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=sv_se&c=91&bd=Pavilion&pf=cndt

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=sv_se&c=91&bd=Pavilion&pf=cndt

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

F2 - REG:system.ini: UserInit=userinit.exe

O1 - Hosts: ::1 localhost

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: AOL Toolbar BHO - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files (x86)\AOL\AOL Verktygsfält 5.0\aoltb.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll

O2 - BHO: LitmusBHO - {C6867EB7-8350-4856-877F-93CF8AE3DC9C} - C:\Program Files (x86)\F-Secure Internet Security\NRS\iescript\baselitmus.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files (x86)\AOL\AOL Verktygsfält 5.0\aoltb.dll

O3 - Toolbar: Browsing Protection Toolbar - {265EEE8E-3228-44D3-AEA5-F7FDF5860049} - C:\Program Files (x86)\F-Secure Internet Security\NRS\iescript\baselitmus.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe

O4 - HKLM\..\Run: [KBD] C:\Program Files (x86)\Hewlett-Packard\KBD\KbdStub.EXE

O4 - HKLM\..\Run: [OsdMaestro] c:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD64.exe

O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files (x86)\F-Secure Internet Security\Common\FSM32.EXE" /splash

O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files (x86)\F-Secure Internet Security\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW

O4 - HKLM\..\Run: [PhiBtn] C:\Windows\System32\Drivers\PhiBtn.exe

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [ConnectionCenter] "C:\Program Files (x86)\Citrix\ICA Client\concentr.exe" /startup

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\\Phone\Skype.exe" /nosplash /minimized

O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe

O4 - HKCU\..\Run: [F-Secure Online Backup] "C:\Program Files (x86)\F-Secure Online Backup\F-Secure Online Backup\fsolb-eu.exe" /delayed

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKAL TJÄNST')

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKAL TJÄNST')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NÄTVERKSTJÄNST')

O4 - Startup: Dropbox.lnk = C:\Users\Fredrik\AppData\Roaming\Dropbox\bin\DropBox.exe

O8 - Extra context menu item: &AOL Verktygsfalt Sök - C:\ProgramData\AOL\ieToolbar\resources\sv-SE\local\search.html

O8 - Extra context menu item: E&xportera till Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html

O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe

O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe

O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL

O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe

O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe

O13 - Gopher Prefix:

O16 - DPF: Garmin Communicator Plug-In - https://static.garmincdn.com/gcp/ie/2.9.1.0/GarminAxControl.CAB

O16 - DPF: {19D6A3D5-EA50-4C3B-88F0-79627C325570} (IlosoftMultipleImageCtrl Class) - http://iloapp.famtornberg.se/gallery/executable/IlosoftMultipleImageUpload.dll

O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.0.cab

O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://www.extrafilm.se/ImageUploader5.cab

O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scanner/sources/en/scan8/oscan8.cab

O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab

O16 - DPF: {DC6FEBC5-0A2D-458A-A01B-5DB15EEC4305} (IlosoftImageUploadCtl Class) - http://webc.famtornberg.se/auth/controls/IlosoftImageUpload.dll

O16 - DPF: {F7EDBBEA-1AD2-4EBF-AA07-D453CC29EE65} (Flash Casino Helper Control) - https://plugins.valueactive.eu/flashax/iefax.cab

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll

O18 - Filter hijack: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll

O23 - Service: Adobe Active File Monitor V7 (AdobeActiveFileMonitor7.0) - Adobe Systems Incorporated - C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: Bonjour-tjänst (Bonjour Service) - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe

O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)

O23 - Service: Emma Device Management (EmmaDevMgmtSvc) - Sony Ericsson Mobile Communications - C:\Program Files (x86)\Common Files\Sony Ericsson\Emma Core\Services64\EmmaDeviceMgmt.exe

O23 - Service: Emma Update Management (EmmaUpdMgmtSvc) - Sony Ericsson Mobile Communications - C:\Program Files (x86)\Common Files\Sony Ericsson\Emma Core\Services64\EmmaUpdateMgmt.exe

O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files (x86)\F-Secure Internet Security\Anti-Virus\fsgk32st.exe

O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files (x86)\F-Secure Internet Security\FWES\Program\fsdfwd.exe

O23 - Service: FSMA - F-Secure Corporation - C:\Program Files (x86)\F-Secure Internet Security\Common\FSMA32.EXE

O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program Files (x86)\F-Secure Internet Security\ORSP Client\fsorsp.exe

O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\My HP Game Console\GameConsoleService.exe

O23 - Service: Tjänsten Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe

O23 - Service: HP Easy Backup Button Service (HPBtnSrv) - Unknown owner - C:\Program Files (x86)\Hewlett-Packard\HP Easy Backup\HPBtnSrv.exe

O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Norton Internet Security - Unknown owner - C:\Program Files (x86)\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe (file missing)

O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)

O23 - Service: Sony Ericsson OMSI download service (OMSI download service) - Unknown owner - C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: Check Point VPN-1 Securemote service (SR_Service) - Check Point Software Technologies - C:\Program Files (x86)\CheckPoint\SecuRemote\bin\SR_Service.exe

O23 - Service: Check Point VPN-1 Securemote watchdog (SR_Watchdog) - Check Point Software Technologies - C:\Program Files (x86)\CheckPoint\SecuRemote\bin\SR_Watchdog.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

 

--

End of file - 14439 bytes

Link to comment
Share on other sites

Hej,

skulle vilja att du kör en DDS, den visar mer än Hijack This, så ska vi ta oss en titt!

Klistra in loggen/resultatet från programmet DDS. Spara DDS på Skrivbordet.

http://download.blee...om/sUBs/dds.scr

Starta programmet genom att dubbelklicka på det.

Tryck Yes/Ja om frågan om Optional Scan dyker upp.

I ditt svar klistrar du in loggen DSS.txt. Medan du bifogar Attach.txt som en fil.

 

DDS är ett program som listar processer som kör, program och tjänster som startas automatiskt samt filer i sådana mappar som är vanliga att skadliga program och som är nya eller ändrade under senaste 1-3 månader. DDS är ett mycket vanligt program bland oss som hjälper till att rensa datorer. Resultatet ger oss en grundläggande kunskap om vad som händer och har hänt nyligen i datorn, och från det kan vi dra slutsatser om vad som är nästa lämpliga steg i rensningen av datorn.

Mvh

Mats H

Link to comment
Share on other sites

towermountain

Tack Mats, för snabbt svar!

 

Här kommer logg och fil:

 

Mvh Fredrik

 

 

 

DDS (Ver_10-03-17.01) - NTFSX64

Run by Fredrik at 19:47:41,76 on 2010-08-02

Internet Explorer: 8.0.6001.18928

Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.46.1053.18.4094.1223 [GMT 2:00]

 

SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

 

============== Running Processes ===============

 

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\nvvsvc.exe

C:\Windows\system32\svchost.exe -k rpcss

C:\Windows\System32\svchost.exe -k secsvcs

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup

C:\Windows\system32\SLsvc.exe

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\rundll32.exe

C:\Windows\system32\taskeng.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe

C:\Program Files (x86)\Bonjour\mDNSResponder.exe

C:\Windows\system32\svchost.exe -k bthsvcs

C:\Program Files (x86)\Common Files\Sony Ericsson\Emma Core\Services64\EmmaDeviceMgmt.exe

C:\Program Files (x86)\Common Files\Sony Ericsson\Emma Core\Services64\EmmaUpdateMgmt.exe

C:\Windows\SysWOW64\svchost.exe -k netsvcs

C:\Program Files (x86)\F-Secure Internet Security\Anti-Virus\fsgk32st.exe

C:\Program Files (x86)\F-Secure Internet Security\Common\FSMA32.EXE

C:\Program Files (x86)\F-Secure Internet Security\Anti-Virus\FSGK32.EXE

C:\Program Files (x86)\Hewlett-Packard\HP Easy Backup\HPBtnSrv.exe

C:\Program Files (x86)\F-Secure Internet Security\Common\FSHDLL32.EXE

C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe

c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\System32\svchost.exe -k WerSvcGroup

C:\Windows\system32\SearchIndexer.exe

C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe

C:\Windows\system32\WUDFHost.exe

C:\Program Files (x86)\F-Secure Internet Security\Common\FSHDLL64.EXE

C:\Program Files (x86)\F-Secure Internet Security\FWES\Program\fsdfwd.exe

C:\Program Files (x86)\F-Secure Internet Security\Anti-Virus\fssm32.exe

C:\Program Files (x86)\F-Secure Internet Security\ORSP Client\fsorsp.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files (x86)\F-Secure Internet Security\Anti-Virus\fsav32.exe

C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Windows\ehome\ehtray.exe

C:\Program Files (x86)\F-Secure Online Backup\F-Secure Online Backup\fsolb-eu.exe

C:\Users\Fredrik\AppData\Roaming\Dropbox\bin\DropBox.exe

C:\hp\support\hpsysdrv.exe

C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD64.exe

C:\Program Files (x86)\F-Secure Internet Security\Common\FSM32.EXE

C:\Windows\SysWOW64\drivers\Phibtn.exe

C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe

C:\Program Files (x86)\Citrix\ICA Client\concentr.exe

C:\Program Files (x86)\F-Secure Internet Security\Spam Control\fsscoepl_x64.exe

C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe

C:\Windows\ehome\ehmsas.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Windows\SysWOW64\conime.exe

C:\Program Files\Windows Sidebar\sidebar.exe

c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe

C:\Program Files (x86)\Hewlett-Packard\KBD\kbd.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe

C:\Windows\SysWow64\Macromed\Flash\FlashUtil10e.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Program Files (x86)\F-Secure Online Backup\F-Secure Online Backup\AGMailAgent.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\PROGRA~2\MICROS~2\Office12\OUTLOOK.EXE

C:\Windows\system32\taskeng.exe

C:\Windows\servicing\TrustedInstaller.exe

C:\Windows\system32\wuauclt.exe

C:\Windows\system32\vssvc.exe

C:\Program Files (x86)\F-Secure Internet Security\FSGUI\fscuif.exe

C:\Windows\System32\svchost.exe -k swprv

C:\Windows\system32\wuauclt.exe

C:\Windows\SoftwareDistribution\Download\Install\mpas-d_bd1.exe

C:\Users\Fredrik\Desktop\dds.scr

c:\028e7b17ba222ccddf2124\MpMiniSigStub.exe

C:\Windows\system32\MpSigStub.exe

C:\Windows\system32\wbem\wmiprvse.exe

 

============== Pseudo HJT Report ===============

 

uStart Page = hxxp://www.aftonbladet.se/

uDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=sv_se&c=91&bd=Pavilion&pf=cndt

mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=sv_se&c=91&bd=Pavilion&pf=cndt

mDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=sv_se&c=91&bd=Pavilion&pf=cndt

mLocal Page = c:\windows\syswow64\blank.htm

uInternet Settings,ProxyOverride = *.local

mWinlogon: Userinit=userinit.exe

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files (x86)\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: AOL Toolbar BHO: {7c554162-8cb7-45a4-b8f4-8ea1c75885f9} - c:\program files (x86)\aol\aol verktygsfält 5.0\aoltb.dll

BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files (x86)\google\google toolbar\GoogleToolbar_32.dll

BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files (x86)\google\googletoolbarnotifier\5.5.5126.1836\swg.dll

BHO: Browsing Protection Class: {c6867eb7-8350-4856-877f-93cf8ae3dc9c} - c:\program files (x86)\f-secure internet security\nrs\iescript\baselitmus.dll

BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files (x86)\java\jre6\bin\jp2ssv.dll

TB: AOL Toolbar: {de9c389f-3316-41a7-809b-aa305ed9d922} - c:\program files (x86)\aol\aol verktygsfält 5.0\aoltb.dll

TB: Browsing Protection Toolbar: {265eee8e-3228-44d3-aea5-f7fdf5860049} - c:\program files (x86)\f-secure internet security\nrs\iescript\baselitmus.dll

TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files (x86)\google\google toolbar\GoogleToolbar_32.dll

uRun: [sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun

uRun: [swg] "c:\program files (x86)\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"

uRun: [skype] "c:\program files (x86)\skype\\phone\Skype.exe" /nosplash /minimized

uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe

uRun: [F-Secure Online Backup] "c:\program files (x86)\f-secure online backup\f-secure online backup\fsolb-eu.exe" /delayed

mRun: [hpsysdrv] c:\hp\support\hpsysdrv.exe

mRun: [KBD] c:\program files (x86)\hewlett-packard\kbd\KbdStub.EXE

mRun: [OsdMaestro] c:\program files\hewlett-packard\on-screen osd indicator\OSD64.exe

mRun: [F-Secure Manager] "c:\program files (x86)\f-secure internet security\common\FSM32.EXE" /splash

mRun: [F-Secure TNB] "c:\program files (x86)\f-secure internet security\fsgui\TNBUtil.exe" /CHECKALL /WAITFORSW

mRun: [PhiBtn] c:\windows\system32\drivers\PhiBtn.exe

mRun: [HP Software Update] c:\program files (x86)\hp\hp software update\HPWuSchd2.exe

mRun: [Adobe Reader Speed Launcher] "c:\program files (x86)\adobe\reader 9.0\reader\Reader_sl.exe"

mRun: [Adobe ARM] "c:\program files (x86)\common files\adobe\arm\1.0\AdobeARM.exe"

mRun: [AppleSyncNotifier] c:\program files (x86)\common files\apple\mobile device support\AppleSyncNotifier.exe

mRun: [iTunesHelper] "c:\program files (x86)\itunes\iTunesHelper.exe"

mRun: [ConnectionCenter] "c:\program files (x86)\citrix\ica client\concentr.exe" /startup

StartupFolder: c:\users\fredrik\appdata\roaming\micros~1\windows\startm~1\programs\startup\dropbox.lnk - c:\users\fredrik\appdata\roaming\dropbox\bin\DropBox.exe

mPolicies-explorer: NoActiveDesktop = 1 (0x1)

mPolicies-explorer: ForceActiveDesktopOn = 0 (0x0)

mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

mPolicies-system: HideFastUserSwitching = 1 (0x1)

IE: &AOL Verktygsfalt Sök - c:\programdata\aol\ietoolbar\resources\sv-se\local\search.html

IE: E&xportera till Microsoft Excel - c:\progra~2\micros~2\office12\EXCEL.EXE/3000

IE: Google Sidewiki... - c:\program files (x86)\google\google toolbar\component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html

IE: {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - c:\program files (x86)\pokerstars\PokerStarsUpdate.exe

IE: {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe

IE: {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - c:\programs\partygaming\partypoker\RunApp.exe

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~2\micros~2\office12\REFIEBAR.DLL

LSP: c:\program files (x86)\f-secure internet security\fsps\program\FSLSP.DLL

Trusted Zone: onsala-ing.se\mail

Trusted Zone: skatteverket.se\www2

Trusted Zone: telia.com\cve.trust

DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/2.9.1.0/GarminAxControl.CAB

DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab

DPF: {19D6A3D5-EA50-4C3B-88F0-79627C325570} - hxxp://iloapp.famtornberg.se/gallery/executable/IlosoftMultipleImageUpload.dll

DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} - hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.0.cab

DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} - hxxp://www.extrafilm.se/ImageUploader5.cab

DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - hxxp://download.bitdefender.com/resources/scanner/sources/en/scan8/oscan8.cab

DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab

DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab

DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab

DPF: {DC6FEBC5-0A2D-458A-A01B-5DB15EEC4305} - hxxp://webc.famtornberg.se/auth/controls/IlosoftImageUpload.dll

DPF: {F7EDBBEA-1AD2-4EBF-AA07-D453CC29EE65} - hxxps://plugins.valueactive.eu/flashax/iefax.cab

Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files (x86)\citrix\ica client\IcaMimeFilter.dll

Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - c:\program files (x86)\citrix\ica client\IcaMimeFilter.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~2\common~1\skype\SKYPE4~1.DLL

LSA: Notification Packages = scecli CPNP

{AA58ED58-01DD-4d91-8333-CF10577473F7}

{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}

{2318C2B1-4965-11d4-9B18-009027A5CD4F}

{DE9C389F-3316-41A7-809B-AA305ED9D922}

mRun-x64: [iAAnotif] "c:\program files (x86)\intel\intel matrix storage manager\iaanotif.exe"

 

================= FIREFOX ===================

 

FF - ProfilePath - c:\users\fredrik\appdata\roaming\mozilla\firefox\profiles\us5r90jb.default\

FF - prefs.js: browser.startup.homepage - hxxp://www.aftonbladet.se/

FF - component: c:\program files (x86)\f-secure internet security\nrs\litmus-ff@f-secure.com\components\litmus-ff.dll

FF - plugin: c:\program files (x86)\google\update\1.2.183.29\npGoogleOneClick8.dll

FF - plugin: c:\program files (x86)\mozilla firefox\plugins\npicaN.dll

FF - plugin: c:\windows\syswow64\adobe\director\np32dsw.dll

FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\

 

---- FIREFOX POLICIES ----

c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("ui.use_native_colors", true);

c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);

c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.visited_color", "#551A8B");

c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);

c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);

c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);

c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);

c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);

c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("svg.smil.enabled", false);

c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);

c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.debug", false);

c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);

c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);

c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);

c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);

c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);

c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);

c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("html5.enable", false);

c:\program files (x86)\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);

c:\program files (x86)\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);

c:\program files (x86)\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");

c:\program files (x86)\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");

c:\program files (x86)\mozilla firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".se");

c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");

c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");

c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");

c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");

c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);

c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);

c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);

c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);

c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("browser.videoFeeds.handler", "ask");

c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);

c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);

c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);

c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);

 

============= SERVICES / DRIVERS ===============

 

R0 PxHlpa64;PxHlpa64;c:\windows\system32\drivers\PxHlpa64.sys [2009-8-3 52856]

R1 ctxusbm;Citrix USB Monitor Driver;c:\windows\system32\drivers\ctxusbm.sys [2009-10-5 87600]

R1 F-Secure HIPS;F-Secure HIPS Driver;c:\program files (x86)\f-secure internet security\hips\drivers\fshs.sys [2009-3-3 57920]

R1 FSES;F-Secure Email Scanning Driver;c:\windows\system32\drivers\fses.sys [2009-3-3 44480]

R1 FSFW;F-Secure Firewall Driver;c:\windows\system32\drivers\fsdfw.sys [2009-3-3 92160]

R1 fsvista;F-Secure Vista Support Driver;c:\program files (x86)\f-secure internet security\anti-virus\minifilter\fsvista.sys [2009-3-3 14904]

R2 acedrv10;acedrv10;c:\windows\system32\drivers\acedrv10.sys [2009-4-29 464464]

R2 acehlp10;acehlp10;c:\windows\system32\drivers\acehlp10.sys [2009-4-29 229664]

R2 AdobeActiveFileMonitor7.0;Adobe Active File Monitor V7;c:\program files (x86)\adobe\photoshop elements 7.0\PhotoshopElementsFileAgent.exe [2008-9-16 169312]

R2 EmmaDevMgmtSvc;Emma Device Management;c:\program files (x86)\common files\sony ericsson\emma core\services64\EmmaDeviceMgmt.exe [2009-9-8 403064]

R2 EmmaUpdMgmtSvc;Emma Update Management;c:\program files (x86)\common files\sony ericsson\emma core\services64\EmmaUpdateMgmt.exe [2009-9-8 193656]

R2 ezSharedSvc;Easybits Shared Services for Windows;c:\windows\system32\svchost.exe -k netsvcs [2008-1-21 27648]

R2 F-Secure Gatekeeper Handler Starter;FSGKHS;c:\program files (x86)\f-secure internet security\anti-virus\fsgk32st.exe [2009-3-3 215648]

R2 HPBtnSrv;HP Easy Backup Button Service;c:\program files (x86)\hewlett-packard\hp easy backup\HPBtnSrv.exe [2009-1-6 192512]

R3 camdrv42;Philips SPC 900NC PC Camera;c:\windows\system32\drivers\camdrv42.sys [2009-3-8 1533952]

R3 F-Secure Gatekeeper;F-Secure Gatekeeper;c:\program files (x86)\f-secure internet security\anti-virus\minifilter\fsgk.sys [2009-3-3 189104]

R3 FSORSPClient;F-Secure ORSP Client;c:\program files (x86)\f-secure internet security\orsp client\fsorsp.exe [2009-3-3 57008]

R3 netr28x;Ralink 802.11n Wireless Driver for Windows Vista;c:\windows\system32\drivers\netr28x.sys [2009-1-6 520192]

R3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\drivers\seehcri.sys [2009-9-7 34032]

S2 cpuz133;cpuz133;c:\windows\system32\drivers\cpuz133_x64.sys [2010-8-1 20968]

S2 gupdate;Tjänsten Google Update (gupdate);c:\program files (x86)\google\update\GoogleUpdate.exe [2010-1-28 135664]

S2 Norton Internet Security;Norton Internet Security;"c:\program files (x86)\norton internet security\engine\16.0.0.125\ccsvchst.exe" /s "norton internet security" /m "c:\program files (x86)\norton internet security\engine\16.0.0.125\dimaster.dll" /prefetch:1 --> c:\program files (x86)\norton internet security\engine\16.0.0.125\ccSvcHst.exe [?]

S3 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64;c:\windows\microsoft.net\framework64\v2.0.50727\mscorsvw.exe [2009-8-19 89920]

S3 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-21 27648]

S3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\drivers\ggflt.sys [2009-4-6 13352]

S3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\drivers\netaapl64.sys [2010-4-19 22528]

S3 OMSI download service;Sony Ericsson OMSI download service;c:\program files (x86)\sony ericsson\sony ericsson pc suite\SupServ.exe [2009-11-5 90112]

S3 PCD5SRVC{8AAF211B-043E02A9-05040000};PCD5SRVC{8AAF211B-043E02A9-05040000} - PCDR Kernel Mode Service Helper Driver;c:\progra~1\pc-doc~1\PCD5SRVC_x64.pkms [2008-9-10 25888]

S3 PerfHost;Värd för prestandaräknar-DLL;c:\windows\syswow64\perfhost.exe [2008-1-21 19968]

S3 s0016bus;Sony Ericsson Device 0016 driver (WDM);c:\windows\system32\drivers\s0016bus.sys [2009-9-7 115240]

S3 s0016mdfl;Sony Ericsson Device 0016 USB WMC Modem Filter;c:\windows\system32\drivers\s0016mdfl.sys [2009-9-7 19496]

S3 s0016mdm;Sony Ericsson Device 0016 USB WMC Modem Driver;c:\windows\system32\drivers\s0016mdm.sys [2009-9-7 158760]

S3 s0016mgmt;Sony Ericsson Device 0016 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s0016mgmt.sys [2009-9-7 137256]

S3 s0016nd5;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (NDIS);c:\windows\system32\drivers\s0016nd5.sys [2009-9-7 34344]

S3 s0016obex;Sony Ericsson Device 0016 USB WMC OBEX Interface;c:\windows\system32\drivers\s0016obex.sys [2009-9-7 136744]

S3 s0016unic;Sony Ericsson Device 0016 USB Ethernet Emulation SEMC0016 (WDM);c:\windows\system32\drivers\s0016unic.sys [2009-9-7 151592]

S3 s0017bus;Sony Ericsson Device 0017 driver (WDM);c:\windows\system32\drivers\s0017bus.sys [2009-9-7 113704]

S3 s0017mdfl;Sony Ericsson Device 0017 USB WMC Modem Filter;c:\windows\system32\drivers\s0017mdfl.sys [2009-9-7 19496]

S3 s0017mdm;Sony Ericsson Device 0017 USB WMC Modem Driver;c:\windows\system32\drivers\s0017mdm.sys [2009-9-7 152616]

S3 s0017mgmt;Sony Ericsson Device 0017 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s0017mgmt.sys [2009-9-7 133160]

S3 s0017nd5;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (NDIS);c:\windows\system32\drivers\s0017nd5.sys [2009-9-7 34856]

S3 s0017obex;Sony Ericsson Device 0017 USB WMC OBEX Interface;c:\windows\system32\drivers\s0017obex.sys [2009-9-7 128552]

S3 s0017unic;Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (WDM);c:\windows\system32\drivers\s0017unic.sys [2009-9-7 145960]

S3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\drivers\usbaapl64.sys [2010-4-19 50688]

S4 F-Secure Filter;F-Secure File System Filter;c:\program files (x86)\f-secure internet security\anti-virus\win2k\fsfilter.sys [2009-3-3 39776]

S4 F-Secure Recognizer;F-Secure File System Recognizer;c:\program files (x86)\f-secure internet security\anti-virus\win2k\fsrec.sys [2009-3-3 25184]

 

============== File Associations ===============

 

JSEFile=c:\windows\syswow64\WScript.exe "%1" %*

 

=============== Created Last 30 ================

 

2010-08-01 21:49:01 0 d-----w- c:\program files (x86)\Trend Micro

2010-08-01 21:38:54 20968 ----a-w- c:\windows\system32\drivers\cpuz133_x64.sys

2010-08-01 21:38:53 0 d-----w- c:\program files\CPUID

2010-08-01 21:09:49 0 d-----w- c:\program files (x86)\CCleaner

2010-08-01 20:48:07 0 d-----w- c:\windows\syswow64\WindowsPowerShell

2010-08-01 20:44:18 2048 ----a-w- c:\windows\syswow64\winrsmgr.dll

2010-08-01 20:44:18 2048 ----a-w- c:\windows\system32\winrsmgr.dll

2010-08-01 20:44:15 13312 ----a-w- c:\windows\system32\wsmplpxy.dll

2010-08-01 20:44:15 13312 ----a-w- c:\windows\system32\winrssrv.dll

2010-08-01 20:44:04 10240 ----a-w- c:\windows\syswow64\wsmplpxy.dll

2010-08-01 20:44:04 10240 ----a-w- c:\windows\syswow64\winrssrv.dll

2010-08-01 20:42:52 310272 ----a-w- c:\windows\system32\WsmWmiPl.dll

2010-08-01 20:42:52 214016 ----a-w- c:\windows\syswow64\WsmWmiPl.dll

2010-08-01 20:42:52 180736 ----a-w- c:\windows\system32\WsmAuto.dll

2010-08-01 20:42:52 145408 ----a-w- c:\windows\syswow64\WsmAuto.dll

2010-08-01 20:42:51 370688 ----a-w- c:\windows\system32\winrscmd.dll

2010-08-01 20:42:51 348672 ----a-w- c:\windows\system32\WSManHTTPConfig.exe

2010-08-01 20:42:51 252416 ----a-w- c:\windows\syswow64\WSManMigrationPlugin.dll

2010-08-01 20:42:51 246272 ----a-w- c:\windows\syswow64\WSManHTTPConfig.exe

2010-08-01 20:42:51 241152 ----a-w- c:\windows\syswow64\winrscmd.dll

2010-08-01 20:42:51 1181696 ----a-w- c:\windows\syswow64\WsmSvc.dll

2010-08-01 20:42:50 352768 ----a-w- c:\windows\system32\WSManMigrationPlugin.dll

2010-08-01 20:42:50 2050048 ----a-w- c:\windows\system32\WsmSvc.dll

2010-08-01 20:03:09 0 d-----w- c:\users\fredrik\appdata\roaming\Uniblue

2010-07-24 21:36:26 0 d-----w- c:\program files\iPod

2010-07-24 21:36:24 0 d-----w- c:\program files\iTunes

2010-07-24 21:36:24 0 d-----w- c:\program files (x86)\iTunes

2010-07-23 10:31:49 0 d-----w- c:\users\fredrik\appdata\roaming\Mozilla-Cache

2010-07-22 12:10:44 0 d-----w- c:\users\fredrik\Videofilm egna

2010-07-18 20:31:42 0 d-----w- c:\programdata\Lavasoft

2010-07-07 12:58:25 0 d-----w- c:\windows\pss

 

==================== Find3M ====================

 

2010-08-01 20:49:11 86016 ----a-w- c:\windows\inf\infpub.dat

2010-08-01 20:49:11 143360 ----a-w- c:\windows\inf\infstrng.dat

2010-08-01 20:49:09 143360 ----a-w- c:\windows\inf\infstor.dat

2010-07-30 13:42:47 654860 ----a-w- c:\windows\system32\perfh01D.dat

2010-07-30 13:42:47 141504 ----a-w- c:\windows\system32\perfc01D.dat

2010-06-22 15:28:22 0 ---ha-w- c:\windows\system32\drivers\Msft_Kernel_netaapl64_01009.Wdf

2010-06-22 15:28:20 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf

2010-05-26 17:23:46 48128 ----a-w- c:\windows\system32\atmlib.dll

2010-05-26 17:06:41 34304 ----a-w- c:\windows\syswow64\atmlib.dll

2010-05-26 15:10:41 366080 ----a-w- c:\windows\system32\atmfd.dll

2010-05-26 14:47:41 289792 ----a-w- c:\windows\syswow64\atmfd.dll

2010-05-21 12:14:28 270208 ------w- c:\windows\system32\MpSigStub.exe

2010-05-18 14:55:18 95520 ----a-w- c:\windows\system32\dnssd.dll

2010-05-18 14:55:18 119584 ----a-w- c:\windows\system32\dns-sd.exe

2010-05-18 14:35:16 91424 ----a-w- c:\windows\syswow64\dnssd.dll

2010-05-18 14:35:16 107808 ----a-w- c:\windows\syswow64\dns-sd.exe

2010-01-04 07:17:24 225280 ----a-w- c:\program files\VoiceStudio.exe

2009-11-16 22:28:41 665600 ----a-w- c:\windows\inf\drvindex.dat

2009-09-29 13:01:44 27648 ----a-w- c:\program files\scew.dll

2009-09-29 13:01:44 122880 ----a-w- c:\program files\libexpat.dll

2009-04-30 07:33:16 1233408 ----a-w- c:\program files\libvorbis.dll

2009-04-30 06:57:02 51712 ----a-w- c:\program files\libogg.dll

2009-01-06 06:24:13 35978 ----a-w- c:\windows\inf\perflib\041d\perfd.dat

2009-01-06 06:24:13 35978 ----a-w- c:\windows\inf\perflib\041d\perfc.dat

2009-01-06 06:24:13 290490 ----a-w- c:\windows\inf\perflib\041d\perfi.dat

2009-01-06 06:24:13 290490 ----a-w- c:\windows\inf\perflib\041d\perfh.dat

2008-06-12 11:35:52 1872884 ----a-w- c:\program files\cygwin1.dll

2008-01-21 03:21:59 174 --sha-w- c:\program files\desktop.ini

2008-01-21 03:21:59 174 --sha-w- c:\program files (x86)\desktop.ini

2007-12-10 23:06:24 157184 ----a-w- c:\program files\libspeexdsp.dll

2006-11-02 10:52:12 287440 ----a-w- c:\windows\inf\perflib\0000\perfi.dat

2006-11-02 10:52:12 287440 ----a-w- c:\windows\inf\perflib\0000\perfh.dat

2006-11-02 10:52:10 30674 ----a-w- c:\windows\inf\perflib\0000\perfd.dat

2006-11-02 10:52:10 30674 ----a-w- c:\windows\inf\perflib\0000\perfc.dat

2010-04-15 18:39:10 16384 --sha-w- c:\windows\serviceprofiles\localservice\appdata\local\temp\cookies\index.dat

2010-04-15 18:39:10 16384 --sha-w- c:\windows\serviceprofiles\localservice\appdata\local\temp\history\history.ie5\index.dat

2010-04-15 18:39:10 32768 --sha-w- c:\windows\serviceprofiles\localservice\appdata\local\temp\temporary internet files\content.ie5\index.dat

2009-08-13 09:39:14 245760 --sha-w- c:\windows\serviceprofiles\localservice\appdata\roaming\microsoft\windows\ietldcache\index.dat

2009-11-09 22:32:18 16384 --sha-w- c:\windows\serviceprofiles\networkservice\appdata\local\microsoft\windows\history\history.ie5\index.dat

2009-11-09 22:32:18 32768 --sha-w- c:\windows\serviceprofiles\networkservice\appdata\local\microsoft\windows\temporary internet files\content.ie5\index.dat

2009-11-09 22:32:18 16384 --sha-w- c:\windows\serviceprofiles\networkservice\appdata\roaming\microsoft\windows\cookies\index.dat

2009-11-09 22:32:18 245760 --sha-w- c:\windows\serviceprofiles\networkservice\appdata\roaming\microsoft\windows\ietldcache\index.dat

2009-10-15 08:22:12 245760 --sha-w- c:\windows\syswow64\config\systemprofile\appdata\roaming\microsoft\windows\ietldcache\index.dat

2009-01-06 07:25:30 8192 --sha-w- c:\windows\users\default\NTUSER.DAT

 

============= FINISH: 19:50:04,69 ===============

Attach.txt

Link to comment
Share on other sites

Hej.

Till att börja med skulle jag vilja att du kör en snabbskanner med Malwarebytes,

för att se om något fångas upp, hittas här:

Malwarebytes' Anti-Malware : Malwarebytes

Följ programmets instruktioner, en logg dyker upp, klistra in den här i din tråd, den hittas också under fliken Loggar.

 

Jag jämför våra datorer, ganska lika, även i resursförbrukning, CPU och RAM.

Men din CPU temp är betydligt högre, jag ligger på +30.

Kan bero på damm och smuts.

En urblåsning av datorn med tryckluft på burk kanske?

 

Har en åtgärdslista på gång dessutom, men före den så vill jag snabbt söka igenom din dator för ev. virus eller annat med!

Mvh

Mats H

Link to comment
Share on other sites

towermountain

Hej igen,

 

Nu har jag kört en scanning (4 rensade spionfiler) och jag klistrar in loggen nedan:

 

Malwarebytes' Anti-Malware 1.46

www.malwarebytes.org

 

Databasversion: 4382

 

Windows 6.0.6002 Service Pack 2

Internet Explorer 8.0.6001.18928

 

2010-08-03 19:06:47

mbam-log-2010-08-03 (19-06-47).txt

 

Skanningstyp: Fullständig skanning (C:\|D:\|J:\|)

Antal skannade objekt: 444640

Förfluten tid: 1 timme(ar), 48 minut(er), 49 sekund(er)

 

Infekterade minnesprocesser: 0

Infekterade minnesmoduler: 0

Infekterade registernycklar: 0

Infekterade registervärden: 0

Infekterade registerdataposter: 0

Infekterade mappar: 0

Infekterade filer: 4

 

Infekterade minnesprocesser:

(Inga illasinnade poster hittades)

 

Infekterade minnesmoduler:

(Inga illasinnade poster hittades)

 

Infekterade registernycklar:

(Inga illasinnade poster hittades)

 

Infekterade registervärden:

(Inga illasinnade poster hittades)

 

Infekterade registerdataposter:

(Inga illasinnade poster hittades)

 

Infekterade mappar:

(Inga illasinnade poster hittades)

 

Infekterade filer:

C:\Program Files\libogg.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.

C:\Program Files\libspeexdsp.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.

C:\Program Files\libvorbis.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.

C:\Program Files\scew.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.

 

 

 

Jag får köpa lite luft på burk imorgon för att se om jag kan få ner temperaturerna lite också.

Fler tips mottages tacksamt.

 

Mvh

Fredrik

 

 

 

Link to comment
Share on other sites

Hej,

fint att det gav resultat, hur fungerar din dator nu?

 

Mitt lilla åtgärdspaket för fortsättningen:

Du kan stänga av dessa uppstarts objekt via CCleaner\Verktyg - Uppstart:

hpsysdrv

HP Software Update

Adobe Reader Speed Launcher

Adobe ARM

iTunesHelper

 

F-Secure Browsing Protection Toolbar, kan stängas av, tar resurser vid surfande.Påverkar ju ditt surfande lite.

Använd t.ex. NoScript tillägget i Firefox, ger bra skydd.

 

c:\users\fredrik\appdata\roaming\Uniblue ta bort med Delete, dold fil.

 

Ser också att du har, eller använder Slow PC Fighetr, man bör inte använda 2 olika registerfixare, så avinstallera den om det inte redan är gjort. CCleaner är nog den som ställer till med minst problem.

 

Ser att du har Norton i datorn också, bör avistalleras eftersom F-Secure är det som du använder. Man bör ej ha 2 AntiVirus system i sin dator, kan ge motsatt effekt. Avinstalltionsverktyg hittar du här:

http://service1.symantec.com/SUPPORT/INTER/tsgeninfointl.nsf/01ae6bfe9ea2884588256d0a004be5b1/89b453a95ecbfe8180256fe00051a497?OpenDocument

 

Dessutom kan du med fördel också stänga av Windows Defender, ihop med F-Secure, som redan är resurskrävande, drar du ned prestandan genom att ha det igång med.

 

Avinstalleras via CCleaner Verktyg eller Kontrollpanelen, Lägg till/Ta bort program

Java 6 Update 7

 

Uppdatera:

Mozilla Firefox 3.6 till 3.6.8

 

Återkom med frågor och annat och gärna om det blev någon förbättring.

Mvh

Mats H

Link to comment
Share on other sites

towermountain

Tusen tack Mats, du är en hjälte!

 

Nu, efter ditt åtgärdsprogram, så smäller fönstrena upp direkt, precis som man vill att de ska göra.

 

Mvh

Fredrik

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.



×
×
  • Create New...