Just nu i M3-nätverket
Jump to content

sp2 - Ask.com och Windows Switcher


HUP151

Recommended Posts

har fått in toolbaren "Ask.com" som jag inte vill ha - fanns först med ilägg till/ta bort program och så gjorde jag och den försvann i listan men finns fortfarande kvar i Firefox men däremot inte i Explorer.

Link to comment
Share on other sites

har också fått nåt som heter Windows Switcher som jag inte vet varifrån kommer men skulle vilja ta bort men hittar den inte i "ta bort program".

Link to comment
Share on other sites

Du har väl installerat något olämpligt för Ask brukar följa med andra program som ett sätt för programtillverkare att tjäna pengar på gratisprogram.

 

Vi kan se vad DDS visar till att börja med. Spara DDS på Skrivbordet.

http://download.bleepingcomputer.com/sUBs/dds.scr

 

Starta programmet genom att dubbelklicka på det.

Tryck Yes/Ja om frågan om Optional Scan dyker upp.

I ditt svar klistrar du in loggen DSS.txt. Medan du bifogar Attach.txt som en fil.

Link to comment
Share on other sites

DDS (Ver_10-11-27.01) - NTFS_AMD64

Run by Hans-Erik at 12:35:52,28 on 2010-11-29

Internet Explorer: 8.0.6001.18975 BrowserJavaVersion: 1.6.0_22

Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.46.1053.18.4094.2348 [GMT 1:00]

 

SP: Lavasoft Ad-Watch Live! *disabled* (Updated) {67844DAE-4F77-4D69-9457-98E8CFFDAA22}

SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

SP: SUPERAntiSpyware *enabled* (Updated) {222A897C-5018-402e-943F-7E7AC8560DA7}

 

============== Running Processes ===============

 

C:\PROGRA~2\AVG\AVG10\avgchsva.exe

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\nvvsvc.exe

C:\Windows\system32\svchost.exe -k rpcss

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\AUDIODG.EXE

C:\Windows\system32\svchost.exe -k GPSvcGroup

C:\Windows\system32\SLsvc.exe

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\nvvsvc.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\svchost.exe -k bthsvcs

C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\taskeng.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\System32\svchost.exe -k WerSvcGroup

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\WUDFHost.exe

C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe

C:\Program Files (x86)\AVG\AVG10\avgnsa.exe

C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe

C:\Program Files (x86)\AVG\AVG10\avgemca.exe

C:\Program Files (x86)\Personal\bin\Personal.exe

C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe

C:\Windows\splwow64.exe

C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

C:\Users\Hans-Erik\AppData\Roaming\CBS Interactive\CNET TechTracker\TechTracker.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe

C:\Program Files (x86)\AVG\AVG10\avgtray.exe

C:\Program Files (x86)\Secunia\PSI\psi.exe

C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe

C:\Windows\System32\mobsync.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe

C:\Program Files (x86)\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe

C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\PROGRA~2\AVG\AVG10\avgrsa.exe

C:\Program Files (x86)\AVG\AVG10\avgcsrva.exe

C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE

C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

C:\Program Files (x86)\AVG\AVG10\avgcsrva.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\DllHost.exe

C:\Users\Hans-Erik\Desktop\dds.scr

C:\Windows\system32\wbem\wmiprvse.exe

 

============== Pseudo HJT Report ===============

 

uStart Page = hxxp://fotbollskanalen.se/

uSearch Bar = Preserve

uURLSearchHooks: SearchSettings Class: {e312764e-7706-43f1-8dab-fcdd2b1e416d} - C:\Program Files (x86)\Search Settings\kb128\SearchSettings.dll

mURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - C:\Program Files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll

BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files (x86)\AVG\AVG10\avgssie.dll

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - C:\Program Files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll

BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

BHO: SearchSettings Class: {e312764e-7706-43f1-8dab-fcdd2b1e416d} - C:\Program Files (x86)\Search Settings\kb128\SearchSettings.dll

TB: AVG Security Toolbar: {ccc7a320-b3ca-4199-b1a6-9f516dd69829} - C:\Program Files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll

TB: {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No File

TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File

uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background

uRun: [Gadwin PrintScreen] C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash

uRun: [Google Update] "C:\Users\Hans-Erik\AppData\Local\Google\Update\GoogleUpdate.exe" /c

uRun: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

mRun: [HDAudDeck] "C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" -r

mRun: [Ad-Watch] "C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe"

mRun: [searchSettings] C:\Program Files (x86)\Search Settings\SearchSettings.exe

mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun: [TkBellExe] "C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe" -osboot

mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG10\avgtray.exe

StartupFolder: C:\Users\HANS-E~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\CNETTE~1.LNK - C:\Users\Hans-Erik\AppData\Roaming\CBS Interactive\CNET TechTracker\TechTracker.exe

StartupFolder: C:\Users\HANS-E~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\LIMEWI~1.LNK - E:\Program\LimeWire\LimeWire.exe

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\ADOBEG~1.LNK - C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BANKID~1.LNK - C:\Program Files (x86)\Personal\bin\Personal.exe

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BTTray.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

mPolicies-explorer: NoActiveDesktop = 1 (0x1)

mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: {53F6FCCD-9E22-4d71-86EA-6E43136192AB}

IE: {925DAB62-F9AC-4221-806A-057BFB1014AA}

IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MI1933~1\OFFICE11\REFIEBAR.DLL

DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} - hxxp://cdn.scan.onecare.live.com/resource/download/scanner/sv-se/wlscctrl2.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll

Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\Advisor\System\BAVoilaX.dll

Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgpp.dll

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}

{9030D464-4C02-4ABF-8ECC-5164760863C6}

{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}

TB-X64: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File

TB-X64: {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No File

TB-X64: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File

mRun-x64: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

IE-X64: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

Hosts: 127.0.0.1 www.spywareinfo.com

 

================= FIREFOX ===================

 

FF - ProfilePath - C:\Users\HANS-E~1\AppData\Roaming\Mozilla\Firefox\Profiles\e2qzvj9j.default\

FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2384137&SearchSource=3&q={searchTerms}

FF - prefs.js: browser.search.selectedEngine - AVG Secure Search

FF - prefs.js: browser.startup.homepage - hxxp://www.ask.com?o=13760&l=dis

FF - prefs.js: keyword.URL - hxxp://search.avg.com/route/?d=4cc686e2&v=6.010.023.001&i=23&tp=ab&iy=&ychte=se&lng=sv-SE&q=

FF - component: C:\Program Files (x86)\AVG\AVG10\Firefox\components\avgssff.dll

FF - component: C:\Program Files (x86)\AVG\AVG10\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils2.dll

FF - component: C:\Program Files (x86)\AVG\AVG10\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils3.dll

FF - component: C:\Program Files (x86)\AVG\AVG10\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils35.dll

FF - component: C:\Program Files (x86)\AVG\AVG10\Toolbar\Firefox\avg@igeared\components\xpavgtbapi.dll

FF - component: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\components\nprpffbrowserrecordext.dll

FF - component: C:\Users\Hans-Erik\AppData\Roaming\Mozilla\Firefox\Profiles\e2qzvj9j.default\extensions\ffxtlbr@Facemoods.com\components\FFHst.dll

FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

FF - plugin: C:\Program Files (x86)\Google\Google Updater\2.4.1739.5352\npCIDetect13.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.2.183.13\npGoogleOneClick8.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.2.183.17\npGoogleOneClick8.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.2.183.29\npGoogleOneClick8.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.2.183.39\npGoogleOneClick8.dll

FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: C:\Program Files (x86)\Personal\bin\np_prsnl.dll

FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll

FF - plugin: C:\Users\Hans-Erik\AppData\Local\Google\Update\1.2.183.39\npGoogleOneClick8.dll

FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll

FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

FF - HiddenExtension: Java Console: No Registry Reference - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}

FF - HiddenExtension: Java Console: No Registry Reference - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}

FF - HiddenExtension: Java Console: No Registry Reference - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}

FF - HiddenExtension: Java Console: No Registry Reference - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}

FF - HiddenExtension: Java Console: No Registry Reference - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}

FF - HiddenExtension: Java Console: No Registry Reference - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}

FF - HiddenExtension: Java Console: No Registry Reference - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}

FF - Extension: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

FF - Extension: Java Console: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}

FF - Extension: Java Console: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}

FF - Extension: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}

FF - Extension: Java Console: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}

FF - Extension: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}

FF - Extension: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}

FF - Extension: FindXplorer: {CA60F577-1B28-41D6-8C78-C49E63304FCF} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CA60F577-1B28-41D6-8C78-C49E63304FCF}

FF - Extension: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}

FF - Extension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension

FF - Extension: RealPlayer Browser Record Plugin: {ABDE892B-13A8-4d1b-88E6-365A6E755758} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext

FF - Extension: AVG Safe Search: {3f963a5b-e555-4543-90e2-c3908898db71} - C:\Program Files (x86)\AVG\AVG10\Firefox

FF - Extension: AVG Security Toolbar em:version=6.010.023.001 em:displayname=AVG Security Toolbar em:iconURL=chrome://tavgp/skin/logo.ico em:creator=AVG Technologies em:description=AVG Security Toolbar em:homepageURL=http://www.avg.com >: avg@igeared - C:\Program Files (x86)\AVG\AVG10\Toolbar\Firefox\avg@igeared

FF - Extension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - C:\Users\HANS-E~1\AppData\Roaming\Mozilla\Firefox\Profiles\e2qzvj9j.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}

FF - Extension: Flash Video Resources Downloader: max@subfighter.com - C:\Users\HANS-E~1\AppData\Roaming\Mozilla\Firefox\Profiles\e2qzvj9j.default\extensions\max@subfighter.com

FF - Extension: UnPlug: unplug@compunach - C:\Users\HANS-E~1\AppData\Roaming\Mozilla\Firefox\Profiles\e2qzvj9j.default\extensions\unplug@compunach

FF - Extension: Flash Video Downloader - Youtube Downloader: artur.dubovoy@gmail.com - C:\Users\HANS-E~1\AppData\Roaming\Mozilla\Firefox\Profiles\e2qzvj9j.default\extensions\artur.dubovoy@gmail.com

FF - Extension: Facemoods: ffxtlbr@Facemoods.com - C:\Users\HANS-E~1\AppData\Roaming\Mozilla\Firefox\Profiles\e2qzvj9j.default\extensions\ffxtlbr@Facemoods.com

 

============= SERVICES / DRIVERS ===============

 

R0 AVGIDSEH;AVGIDSEH;C:\Windows\System32\drivers\AVGIDSEH.sys [2010-9-13 27216]

R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2010-9-7 30288]

R0 Lbd;Lbd;C:\Windows\System32\drivers\Lbd.sys [2009-7-26 68640]

R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2010-9-7 305232]

R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2010-9-7 41040]

R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2010-11-9 382032]

R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2010-6-29 128752]

R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe [2010-11-10 6127184]

R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe [2010-10-22 265400]

R2 npf;NetGroup Packet Filter Driver;C:\Windows\System32\drivers\npf.sys [2009-3-15 40464]

R3 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\AVGIDSDriver.sys [2010-8-19 133712]

R3 AVGIDSFilter;AVGIDSFilter;C:\Windows\System32\drivers\AVGIDSFilter.sys [2010-8-19 35920]

R3 FontCache;Windows Font Cache Service;C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-21 27648]

R3 lvpepf64;Volume Adapter;C:\Windows\System32\drivers\lv302a64.sys [2007-5-9 16032]

R3 LVUSBS64;Logitech USB Monitor Filter;C:\Windows\System32\drivers\LVUSBS64.sys [2007-5-9 50208]

R3 Tdsshbecr;Handelsbanken card reader;C:\Windows\System32\drivers\shbecr.sys [2009-9-19 50176]

R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;C:\Windows\System32\drivers\viahduaa.sys [2009-7-15 1018368]

RUnknown SASDIFSV;SASDIFSV; [x]

RUnknown SASKUTIL;SASKUTIL; [x]

S2 gupdate;Tjänsten Google Update (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2009-8-4 133104]

S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;"C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe" --> C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe [?]

S3 AVG Security Toolbar Service;AVG Security Toolbar Service;C:\Program Files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe [2010-11-25 517448]

S3 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64;C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2009-12-3 89920]

S3 PerfHost;Värd för prestandaräknar-DLL;C:\Windows\SysWOW64\perfhost.exe [2008-1-21 19968]

S3 PSI;PSI;C:\Windows\System32\drivers\psi_mf.sys [2010-5-28 17456]

 

=============== File Associations ===============

 

JSEFile=C:\Windows\SysWOW64\WScript.exe "%1" %*

 

=============== Created Last 30 ================

 

2010-11-29 07:56:15 -------- d-----w- C:\Users\HANS-E~1\AppData\Roaming\SUPERAntiSpyware.com

2010-11-29 07:56:12 -------- d-----w- C:\PROGRA~3\!SASCORE

2010-11-29 07:56:10 -------- d-----w- C:\Program Files\SUPERAntiSpyware

2010-11-25 19:27:45 -------- d-----w- C:\Users\HANS-E~1\AppData\Local\AVG Security Toolbar

2010-11-25 19:07:41 -------- d-----w- C:\Users\HANS-E~1\AppData\Roaming\AVG10

2010-11-25 18:01:45 -------- d--h--w- C:\PROGRA~3\Common Files

2010-11-25 18:01:32 -------- d-----w- C:\PROGRA~3\AVG Security Toolbar

2010-11-25 17:59:46 -------- d-----w- C:\Windows\System32\drivers\AVG

2010-11-25 17:59:46 -------- d-----w- C:\PROGRA~3\AVG10

2010-11-25 17:48:25 -------- d-----w- C:\PROGRA~3\MFAData

2010-11-24 06:35:48 7680 ----a-w- C:\Program Files\Internet Explorer\iecompat.dll

2010-11-24 06:35:48 7680 ----a-w- C:\Program Files (x86)\Internet Explorer\iecompat.dll

2010-11-16 09:24:48 -------- d-----w- C:\Program Files (x86)\WinPcap

2010-11-16 09:24:45 -------- d-----w- C:\Program Files (x86)\Simple Internet Meter Lite

2010-11-14 11:55:26 -------- d-----w- C:\PROGRA~3\FileCure

2010-11-14 10:38:37 -------- d-----w- C:\Program Files (x86)\Sony

2010-11-10 07:00:54 2409784 ----a-w- C:\Program Files\Windows Mail\OESpamFilter.dat

2010-11-10 07:00:54 2409784 ----a-w- C:\Program Files (x86)\Windows Mail\OESpamFilter.dat

2010-11-09 21:20:56 382032 ----a-w- C:\Windows\System32\drivers\avgtdia.sys

2010-11-09 10:56:59 33792 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\ssb3mpc.dll

2010-11-06 10:37:34 103864 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\nppdf32.dll

2010-11-06 10:37:34 103864 ----a-w- C:\Program Files (x86)\Internet Explorer\PLUGINS\nppdf32.dll

2010-11-06 09:02:50 10915840 ----a-w- C:\Windows\SysWow64\libmfxhw32.dll

2010-11-06 09:02:50 10833920 ----a-w- C:\Windows\SysWow64\libmfxsw32.dll

 

==================== Find3M ====================

 

2010-09-22 22:47:28 49016 ----a-w- C:\Windows\SysWow64\sirenacm.dll

2010-09-22 22:32:56 301936 ----a-w- C:\Windows\WLXPGSS.SCR

2010-09-15 03:50:37 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll

2010-09-13 14:32:37 8147968 ----a-w- C:\Windows\System32\wmploc.DLL

2010-09-13 14:27:46 27216 ----a-w- C:\Windows\System32\drivers\AVGIDSEH.sys

2010-09-13 13:56:41 8147456 ----a-w- C:\Windows\SysWow64\wmploc.DLL

2010-09-08 09:17:46 94208 ----a-w- C:\Windows\SysWow64\QuickTimeVR.qtx

2010-09-08 09:17:46 69632 ----a-w- C:\Windows\SysWow64\QuickTime.qts

2010-09-08 06:41:05 1147904 ----a-w- C:\Windows\System32\wininet.dll

2010-09-08 06:36:53 56832 ----a-w- C:\Windows\System32\licmgr10.dll

2010-09-08 06:36:38 1538560 ----a-w- C:\Windows\System32\inetcpl.cpl

2010-09-08 06:36:24 132096 ----a-w- C:\Windows\System32\iesysprep.dll

2010-09-08 06:36:23 77312 ----a-w- C:\Windows\System32\iesetup.dll

2010-09-08 06:01:28 916480 ----a-w- C:\Windows\SysWow64\wininet.dll

2010-09-08 05:57:18 43520 ----a-w- C:\Windows\SysWow64\licmgr10.dll

2010-09-08 05:57:05 1469440 ----a-w- C:\Windows\SysWow64\inetcpl.cpl

2010-09-08 05:56:53 71680 ----a-w- C:\Windows\SysWow64\iesetup.dll

2010-09-08 05:56:53 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll

2010-09-08 05:36:07 479232 ----a-w- C:\Windows\System32\html.iec

2010-09-08 05:04:36 385024 ----a-w- C:\Windows\SysWow64\html.iec

2010-09-08 04:51:18 162816 ----a-w- C:\Windows\System32\ieUnatt.exe

2010-09-08 04:49:56 1638912 ----a-w- C:\Windows\System32\mshtml.tlb

2010-09-08 04:26:46 133632 ----a-w- C:\Windows\SysWow64\ieUnatt.exe

2010-09-08 04:25:15 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb

2010-09-07 02:48:56 41040 ----a-w- C:\Windows\System32\drivers\avgmfx64.sys

2010-09-07 02:48:52 305232 ----a-w- C:\Windows\System32\drivers\avgldx64.sys

2010-09-07 02:48:50 30288 ----a-w- C:\Windows\System32\drivers\avgrkx64.sys

2010-09-06 18:28:38 179712 ----a-w- C:\Windows\System32\srvsvc.dll

2010-09-06 18:28:38 12288 ----a-w- C:\Windows\System32\sscore.dll

2010-09-06 18:27:03 17920 ----a-w- C:\Windows\System32\netevent.dll

2010-09-06 16:20:29 9728 ----a-w- C:\Windows\SysWow64\sscore.dll

2010-09-06 16:19:06 17920 ----a-w- C:\Windows\SysWow64\netevent.dll

2010-09-06 15:34:14 451584 ----a-w- C:\Windows\System32\drivers\srv.sys

2010-09-06 15:33:51 175104 ----a-w- C:\Windows\System32\drivers\srv2.sys

2010-09-06 15:33:49 145920 ----a-w- C:\Windows\System32\drivers\srvnet.sys

2010-08-31 17:27:07 633856 ----a-w- C:\Windows\System32\comctl32.dll

2010-08-31 15:46:37 954752 ----a-w- C:\Windows\SysWow64\mfc40.dll

2010-08-31 15:46:37 954288 ----a-w- C:\Windows\SysWow64\mfc40u.dll

2010-08-31 15:44:31 531968 ----a-w- C:\Windows\SysWow64\comctl32.dll

2010-08-31 14:57:39 2753024 ----a-w- C:\Windows\System32\win32k.sys

2009-09-03 12:12:07 75447 ----a-w- C:\Program Files (x86)\Uninstal.exe

2009-08-09 14:06:24 925696 ----a-w- C:\Program Files (x86)\GSpot.exe

 

============= FINISH: 12:36:15,87 ===============

Link to comment
Share on other sites

Windows Switcher är ett windows-program. här kommer Attach.txt . hittade ingen knapp att bifoga tillsammans med DSS.

Link to comment
Share on other sites

Du har något som heter "SearchSettings" i Internet Explorer vilket är allvarligare än Ask Toolbar. http://www.systemlookup.com/CLSID/34383-SearchSettings_dll.html

Är det något som går att avinstallera i "Program och funktioner"?

 

FF - component: C:\Users\Hans-Erik\AppData\Roaming\Mozilla\Firefox\Profiles\e2qzvj9j.default\extensions\ffxtlbr@Facemoods.com\components\FFHst.dll

Det är ett tillägg av någon typ i Firefox och här kan du läsa en del åsikter om facemoods.com: http://www.mywot.com/sv/scorecard/facemoods.com

För mig låter det som något man inte bör ha.

 

FF - Extension: FindXplorer: {CA60F577-1B28-41D6-8C78-C49E63304FCF} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CA60F577-1B28-41D6-8C78-C49E63304FCF}

http://www.systemlookup.com/FF_Extensions/148-FindXplorer.html

 

I Firefox finns även flera tidigare versioner av Java installerade. Eftersom dessa innehåller säkerhetshål bör de åtminstone inaktiveras.

 

Hittar du hur du avinstallerar eller inaktiverar ovanstående?

Om inte så fråga.

 

Om det går bra så starta om datorn och klistra in en ny DDS-logg så får vi se vad som finns kvar att ta bort. Du ser hur man bifogar filer om du antingen klickar på knappen "Skriv nytt inlägg i tråden" eller efter att ha klistrat in DDS-loggen i Snabbsvarsrutan klickar på knappen "Använd full redigerare".

Link to comment
Share on other sites

Du har något som heter "SearchSettings" i Internet Explorer vilket är allvarligare än Ask Toolbar. http://www.systemlookup.com/CLSID/34383-SearchSettings_dll.html

Är det något som går att avinstallera i "Program och funktioner"?

 

FF - component: C:\Users\Hans-Erik\AppData\Roaming\Mozilla\Firefox\Profiles\e2qzvj9j.default\extensions\ffxtlbr@Facemoods.com\components\FFHst.dll

Det är ett tillägg av någon typ i Firefox och här kan du läsa en del åsikter om facemoods.com: http://www.mywot.com/sv/scorecard/facemoods.com

För mig låter det som något man inte bör ha.

 

FF - Extension: FindXplorer: {CA60F577-1B28-41D6-8C78-C49E63304FCF} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CA60F577-1B28-41D6-8C78-C49E63304FCF}

http://www.systemlookup.com/FF_Extensions/148-FindXplorer.html

 

I Firefox finns även flera tidigare versioner av Java installerade. Eftersom dessa innehåller säkerhetshål bör de åtminstone inaktiveras.

 

Hittar du hur du avinstallerar eller inaktiverar ovanstående?

Om inte så fråga.

 

Om det går bra så starta om datorn och klistra in en ny DDS-logg så får vi se vad som finns kvar att ta bort. Du ser hur man bifogar filer om du antingen klickar på knappen "Skriv nytt inlägg i tråden" eller efter att ha klistrat in DDS-loggen i Snabbsvarsrutan klickar på knappen "Använd full redigerare".

Link to comment
Share on other sites

DDS (Ver_10-11-27.01) - NTFS_AMD64

Run by Hans-Erik at 20:07:32,74 on 2010-12-01

Internet Explorer: 8.0.6001.18975 BrowserJavaVersion: 1.6.0_22

Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.46.1053.18.4094.2657 [GMT 1:00]

 

SP: Lavasoft Ad-Watch Live! *disabled* (Updated) {67844DAE-4F77-4D69-9457-98E8CFFDAA22}

SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

SP: SUPERAntiSpyware *disabled* (Updated) {222A897C-5018-402e-943F-7E7AC8560DA7}

 

============== Running Processes ===============

 

C:\PROGRA~2\AVG\AVG10\avgchsva.exe

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\nvvsvc.exe

C:\Windows\system32\svchost.exe -k rpcss

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\AUDIODG.EXE

C:\Windows\system32\svchost.exe -k GPSvcGroup

C:\Windows\system32\SLsvc.exe

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\nvvsvc.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\Dwm.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\taskeng.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\taskeng.exe

C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE

C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\svchost.exe -k bthsvcs

C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\System32\svchost.exe -k WerSvcGroup

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Windows\system32\SearchIndexer.exe

C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Windows\system32\WUDFHost.exe

C:\Program Files (x86)\AVG\AVG10\avgnsa.exe

C:\Program Files (x86)\AVG\AVG10\avgemca.exe

C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe

C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe

C:\Program Files (x86)\Personal\bin\Personal.exe

C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

C:\Users\Hans-Erik\AppData\Roaming\CBS Interactive\CNET TechTracker\TechTracker.exe

C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe

C:\Windows\splwow64.exe

C:\Program Files (x86)\AVG\AVG10\avgtray.exe

C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe

C:\Windows\System32\mobsync.exe

C:\Program Files (x86)\Secunia\PSI\psi.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files (x86)\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe

C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe

C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\system32\wbem\wmiprvse.exe

C:\PROGRA~2\AVG\AVG10\avgrsa.exe

C:\Program Files (x86)\AVG\AVG10\avgcsrva.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Program Files (x86)\AVG\AVG10\avgcsrva.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\DllHost.exe

C:\Users\Hans-Erik\Desktop\dds.scr

C:\Windows\system32\wbem\wmiprvse.exe

 

============== Pseudo HJT Report ===============

 

uStart Page = hxxp://fotbollskanalen.se/

uSearch Bar = Preserve

mURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - C:\Program Files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll

BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files (x86)\AVG\AVG10\avgssie.dll

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - C:\Program Files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll

BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

TB: AVG Security Toolbar: {ccc7a320-b3ca-4199-b1a6-9f516dd69829} - C:\Program Files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll

TB: {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No File

TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File

uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background

uRun: [Gadwin PrintScreen] C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash

uRun: [Google Update] "C:\Users\Hans-Erik\AppData\Local\Google\Update\GoogleUpdate.exe" /c

uRun: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

mRun: [HDAudDeck] "C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" -r

mRun: [Ad-Watch] "C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe"

mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun: [TkBellExe] "C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe" -osboot

mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG10\avgtray.exe

StartupFolder: C:\Users\HANS-E~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\CNETTE~1.LNK - C:\Users\Hans-Erik\AppData\Roaming\CBS Interactive\CNET TechTracker\TechTracker.exe

StartupFolder: C:\Users\HANS-E~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\LIMEWI~1.LNK - E:\Program\LimeWire\LimeWire.exe

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\ADOBEG~1.LNK - C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BANKID~1.LNK - C:\Program Files (x86)\Personal\bin\Personal.exe

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BTTray.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

mPolicies-explorer: NoActiveDesktop = 1 (0x1)

mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: {53F6FCCD-9E22-4d71-86EA-6E43136192AB}

IE: {925DAB62-F9AC-4221-806A-057BFB1014AA}

IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MI1933~1\OFFICE11\REFIEBAR.DLL

DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} - hxxp://cdn.scan.onecare.live.com/resource/download/scanner/sv-se/wlscctrl2.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll

Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\Advisor\System\BAVoilaX.dll

Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgpp.dll

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}

{9030D464-4C02-4ABF-8ECC-5164760863C6}

{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}

TB-X64: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File

TB-X64: {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No File

TB-X64: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File

mRun-x64: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

IE-X64: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

Hosts: 127.0.0.1 www.spywareinfo.com

 

================= FIREFOX ===================

 

FF - ProfilePath - C:\Users\HANS-E~1\AppData\Roaming\Mozilla\Firefox\Profiles\e2qzvj9j.default\

FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2384137&SearchSource=3&q={searchTerms}

FF - prefs.js: browser.search.selectedEngine - AVG Secure Search

FF - prefs.js: browser.startup.homepage - hxxp://www.ask.com?o=13760&l=dis

FF - prefs.js: keyword.URL - hxxp://search.avg.com/route/?d=4cc686e2&v=6.010.023.001&i=23&tp=ab&iy=&ychte=se&lng=sv-SE&q=

FF - component: C:\Program Files (x86)\AVG\AVG10\Firefox\components\avgssff.dll

FF - component: C:\Program Files (x86)\AVG\AVG10\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils2.dll

FF - component: C:\Program Files (x86)\AVG\AVG10\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils3.dll

FF - component: C:\Program Files (x86)\AVG\AVG10\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils35.dll

FF - component: C:\Program Files (x86)\AVG\AVG10\Toolbar\Firefox\avg@igeared\components\xpavgtbapi.dll

FF - component: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\components\nprpffbrowserrecordext.dll

FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

FF - plugin: C:\Program Files (x86)\Google\Google Updater\2.4.1739.5352\npCIDetect13.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.2.183.13\npGoogleOneClick8.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.2.183.17\npGoogleOneClick8.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.2.183.29\npGoogleOneClick8.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.2.183.39\npGoogleOneClick8.dll

FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: C:\Program Files (x86)\Personal\bin\np_prsnl.dll

FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll

FF - plugin: C:\Users\Hans-Erik\AppData\Local\Google\Update\1.2.183.39\npGoogleOneClick8.dll

FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll

FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

FF - HiddenExtension: Java Console: No Registry Reference - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}

FF - HiddenExtension: Java Console: No Registry Reference - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}

FF - HiddenExtension: Java Console: No Registry Reference - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}

FF - HiddenExtension: Java Console: No Registry Reference - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}

FF - HiddenExtension: Java Console: No Registry Reference - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}

FF - HiddenExtension: Java Console: No Registry Reference - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}

FF - HiddenExtension: Java Console: No Registry Reference - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}

FF - Extension: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

FF - Extension: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}

FF - Extension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension

FF - Extension: RealPlayer Browser Record Plugin: {ABDE892B-13A8-4d1b-88E6-365A6E755758} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext

FF - Extension: AVG Safe Search: {3f963a5b-e555-4543-90e2-c3908898db71} - C:\Program Files (x86)\AVG\AVG10\Firefox

FF - Extension: AVG Security Toolbar em:version=6.010.023.001 em:displayname=AVG Security Toolbar em:iconURL=chrome://tavgp/skin/logo.ico em:creator=AVG Technologies em:description=AVG Security Toolbar em:homepageURL=http://www.avg.com >: avg@igeared - C:\Program Files (x86)\AVG\AVG10\Toolbar\Firefox\avg@igeared

FF - Extension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - C:\Users\HANS-E~1\AppData\Roaming\Mozilla\Firefox\Profiles\e2qzvj9j.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}

FF - Extension: Flash Video Resources Downloader: max@subfighter.com - C:\Users\HANS-E~1\AppData\Roaming\Mozilla\Firefox\Profiles\e2qzvj9j.default\extensions\max@subfighter.com

FF - Extension: UnPlug: unplug@compunach - C:\Users\HANS-E~1\AppData\Roaming\Mozilla\Firefox\Profiles\e2qzvj9j.default\extensions\unplug@compunach

FF - Extension: Flash Video Downloader - Youtube Downloader: artur.dubovoy@gmail.com - C:\Users\HANS-E~1\AppData\Roaming\Mozilla\Firefox\Profiles\e2qzvj9j.default\extensions\artur.dubovoy@gmail.com

 

============= SERVICES / DRIVERS ===============

 

R0 AVGIDSEH;AVGIDSEH;C:\Windows\System32\drivers\AVGIDSEH.sys [2010-9-13 27216]

R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2010-9-7 30288]

R0 Lbd;Lbd;C:\Windows\System32\drivers\Lbd.sys [2009-7-26 68640]

R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2010-9-7 305232]

R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2010-9-7 41040]

R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2010-11-9 382032]

R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2010-6-29 128752]

R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe [2010-11-10 6127184]

R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe [2010-10-22 265400]

R2 npf;NetGroup Packet Filter Driver;C:\Windows\System32\drivers\npf.sys [2009-3-15 40464]

R3 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\AVGIDSDriver.sys [2010-8-19 133712]

R3 AVGIDSFilter;AVGIDSFilter;C:\Windows\System32\drivers\AVGIDSFilter.sys [2010-8-19 35920]

R3 FontCache;Windows Font Cache Service;C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-21 27648]

R3 lvpepf64;Volume Adapter;C:\Windows\System32\drivers\lv302a64.sys [2007-5-9 16032]

R3 LVUSBS64;Logitech USB Monitor Filter;C:\Windows\System32\drivers\LVUSBS64.sys [2007-5-9 50208]

R3 Tdsshbecr;Handelsbanken card reader;C:\Windows\System32\drivers\shbecr.sys [2009-9-19 50176]

R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;C:\Windows\System32\drivers\viahduaa.sys [2009-7-15 1018368]

S2 gupdate;Tjänsten Google Update (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2009-8-4 133104]

S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;"C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe" --> C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe [?]

S3 AVG Security Toolbar Service;AVG Security Toolbar Service;C:\Program Files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe [2010-11-25 517448]

S3 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64;C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2009-12-3 89920]

S3 PerfHost;Värd för prestandaräknar-DLL;C:\Windows\SysWOW64\perfhost.exe [2008-1-21 19968]

S3 PSI;PSI;C:\Windows\System32\drivers\psi_mf.sys [2010-5-28 17456]

 

=============== File Associations ===============

 

JSEFile=C:\Windows\SysWOW64\WScript.exe "%1" %*

 

=============== Created Last 30 ================

 

2010-12-01 08:10:11 -------- d-----w- C:\Windows\CheckSur

2010-11-29 07:56:15 -------- d-----w- C:\Users\HANS-E~1\AppData\Roaming\SUPERAntiSpyware.com

2010-11-29 07:56:12 -------- d-----w- C:\PROGRA~3\!SASCORE

2010-11-29 07:56:10 -------- d-----w- C:\Program Files\SUPERAntiSpyware

2010-11-25 19:27:45 -------- d-----w- C:\Users\HANS-E~1\AppData\Local\AVG Security Toolbar

2010-11-25 19:07:41 -------- d-----w- C:\Users\HANS-E~1\AppData\Roaming\AVG10

2010-11-25 18:01:45 -------- d--h--w- C:\PROGRA~3\Common Files

2010-11-25 18:01:32 -------- d-----w- C:\PROGRA~3\AVG Security Toolbar

2010-11-25 17:59:46 -------- d-----w- C:\Windows\System32\drivers\AVG

2010-11-25 17:59:46 -------- d-----w- C:\PROGRA~3\AVG10

2010-11-25 17:48:25 -------- d-----w- C:\PROGRA~3\MFAData

2010-11-24 06:35:48 7680 ----a-w- C:\Program Files\Internet Explorer\iecompat.dll

2010-11-24 06:35:48 7680 ----a-w- C:\Program Files (x86)\Internet Explorer\iecompat.dll

2010-11-16 09:24:48 -------- d-----w- C:\Program Files (x86)\WinPcap

2010-11-16 09:24:45 -------- d-----w- C:\Program Files (x86)\Simple Internet Meter Lite

2010-11-14 11:55:26 -------- d-----w- C:\PROGRA~3\FileCure

2010-11-14 10:38:37 -------- d-----w- C:\Program Files (x86)\Sony

2010-11-10 07:00:54 2409784 ----a-w- C:\Program Files\Windows Mail\OESpamFilter.dat

2010-11-10 07:00:54 2409784 ----a-w- C:\Program Files (x86)\Windows Mail\OESpamFilter.dat

2010-11-09 21:20:56 382032 ----a-w- C:\Windows\System32\drivers\avgtdia.sys

2010-11-09 10:56:59 33792 ----a-w- C:\Windows\System32\Spool\prtprocs\x64\ssb3mpc.dll

2010-11-06 10:37:34 103864 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\nppdf32.dll

2010-11-06 10:37:34 103864 ----a-w- C:\Program Files (x86)\Internet Explorer\PLUGINS\nppdf32.dll

2010-11-06 09:02:50 10915840 ----a-w- C:\Windows\SysWow64\libmfxhw32.dll

2010-11-06 09:02:50 10833920 ----a-w- C:\Windows\SysWow64\libmfxsw32.dll

 

==================== Find3M ====================

 

2010-09-22 22:47:28 49016 ----a-w- C:\Windows\SysWow64\sirenacm.dll

2010-09-22 22:32:56 301936 ----a-w- C:\Windows\WLXPGSS.SCR

2010-09-15 03:50:37 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll

2010-09-13 14:32:37 8147968 ----a-w- C:\Windows\System32\wmploc.DLL

2010-09-13 14:27:46 27216 ----a-w- C:\Windows\System32\drivers\AVGIDSEH.sys

2010-09-13 13:56:41 8147456 ----a-w- C:\Windows\SysWow64\wmploc.DLL

2010-09-08 09:17:46 94208 ----a-w- C:\Windows\SysWow64\QuickTimeVR.qtx

2010-09-08 09:17:46 69632 ----a-w- C:\Windows\SysWow64\QuickTime.qts

2010-09-08 06:41:05 1147904 ----a-w- C:\Windows\System32\wininet.dll

2010-09-08 06:36:53 56832 ----a-w- C:\Windows\System32\licmgr10.dll

2010-09-08 06:36:38 1538560 ----a-w- C:\Windows\System32\inetcpl.cpl

2010-09-08 06:36:24 132096 ----a-w- C:\Windows\System32\iesysprep.dll

2010-09-08 06:36:23 77312 ----a-w- C:\Windows\System32\iesetup.dll

2010-09-08 06:01:28 916480 ----a-w- C:\Windows\SysWow64\wininet.dll

2010-09-08 05:57:18 43520 ----a-w- C:\Windows\SysWow64\licmgr10.dll

2010-09-08 05:57:05 1469440 ----a-w- C:\Windows\SysWow64\inetcpl.cpl

2010-09-08 05:56:53 71680 ----a-w- C:\Windows\SysWow64\iesetup.dll

2010-09-08 05:56:53 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll

2010-09-08 05:36:07 479232 ----a-w- C:\Windows\System32\html.iec

2010-09-08 05:04:36 385024 ----a-w- C:\Windows\SysWow64\html.iec

2010-09-08 04:51:18 162816 ----a-w- C:\Windows\System32\ieUnatt.exe

2010-09-08 04:49:56 1638912 ----a-w- C:\Windows\System32\mshtml.tlb

2010-09-08 04:26:46 133632 ----a-w- C:\Windows\SysWow64\ieUnatt.exe

2010-09-08 04:25:15 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb

2010-09-07 02:48:56 41040 ----a-w- C:\Windows\System32\drivers\avgmfx64.sys

2010-09-07 02:48:52 305232 ----a-w- C:\Windows\System32\drivers\avgldx64.sys

2010-09-07 02:48:50 30288 ----a-w- C:\Windows\System32\drivers\avgrkx64.sys

2010-09-06 18:28:38 179712 ----a-w- C:\Windows\System32\srvsvc.dll

2010-09-06 18:28:38 12288 ----a-w- C:\Windows\System32\sscore.dll

2010-09-06 18:27:03 17920 ----a-w- C:\Windows\System32\netevent.dll

2010-09-06 16:20:29 9728 ----a-w- C:\Windows\SysWow64\sscore.dll

2010-09-06 16:19:06 17920 ----a-w- C:\Windows\SysWow64\netevent.dll

2010-09-06 15:34:14 451584 ----a-w- C:\Windows\System32\drivers\srv.sys

2010-09-06 15:33:51 175104 ----a-w- C:\Windows\System32\drivers\srv2.sys

2010-09-06 15:33:49 145920 ----a-w- C:\Windows\System32\drivers\srvnet.sys

2009-09-03 12:12:07 75447 ----a-w- C:\Program Files (x86)\Uninstal.exe

2009-08-09 14:06:24 925696 ----a-w- C:\Program Files (x86)\GSpot.exe

 

============= FINISH: 20:07:50,73 ===============

Link to comment
Share on other sites

kanske kommer på fel ställe...är faktiskt lite småkrångligt. Har avinstallerat Search Settings via Lägg till/Ta bort program. Avinstallerat Facemoods i Firefox tillägg. Inaktiverat FindXplorer, och tagit bort alla Java utom console 6.0.22.

Link to comment
Share on other sites

Det ser ut att ha gått bra i alla fall. :thumbsup:

 

I Firefox adressfält skriver du:

about:config

 

Leta sedan upp raden:

browser.search.defaulturl

högerklicka på den och välj "Återställ".

 

Leta sedan upp raden:

browser.startup.homepage

högerklicka på den och ändra till den startsida du vill ha.

 

På sidan http://www.virustotal.com trycker du på Bläddra-knappen och klistrar in följande filnamn i rutan, tryck på Öppna och sedan Skicka Fil. Vänta tills resultatet är klart (Närvarande status blir genomförd). Klistra in en länk till resultatet här.

C:\Windows\System32\Spool\prtprocs\x64\ssb3mpc.dll

 

Angående "Window Switcher" se:

http://www.vistax64.com/vista-hardware-devices/70691-windows-switcher.html på slutet

http://www.mydigitallife.info/2007/12/27/how-to-turn-off-and-disable-windows-flip-3d-switcher-in-vista/

http://www.howtogeek.com/howto/windows-vista/disable-flip3d-in-windows-vista/

Link to comment
Share on other sites

Det ser ut att ha gått bra i alla fall. :thumbsup:

 

I Firefox adressfält skriver du:

about:config

 

Leta sedan upp raden:

browser.search.defaulturl

högerklicka på den och välj "Återställ".

 

Leta sedan upp raden:

browser.startup.homepage

högerklicka på den och ändra till den startsida du vill ha.

 

På sidan http://www.virustotal.com trycker du på Bläddra-knappen och klistrar in följande filnamn i rutan, tryck på Öppna och sedan Skicka Fil. Vänta tills resultatet är klart (Närvarande status blir genomförd). Klistra in en länk till resultatet här.

C:\Windows\System32\Spool\prtprocs\x64\ssb3mpc.dll

 

Angående "Window Switcher" se:

http://www.vistax64....s-switcher.html på slutet

http://www.mydigital...tcher-in-vista/

http://www.howtogeek...-windows-vista/

 

hittar inte "browser.search.defaulturl" och följaktligen inte heller raden browser.startup.homepage. va jag har att tillgå i Firefox är "Arkiv-Redigera-Visa-Historik-Bokmärken-Verktyg-Hjälp". att skriva in about:config i adressfältet hade jag inga problem med.....

Link to comment
Share on other sites

När du skriver in about:config i adressfältet och trycker på Enter följat av att du lovar att vara försiktig får du upp en lista med konfigurationsrader.

Link to comment
Share on other sites

När du skriver in about:config i adressfältet och trycker på Enter följat av att du lovar att vara försiktig får du upp en lista med konfigurationsrader.

 

skäms - borde jag ha förstått - sagt och gjort - och nu funkar det kanonbra och jag ser inte skymten av Ask.com (tackar varmast) - men svetten börjar lacka under armarna så dax för deoderant. vad gäller www.virustool.com är jag dum igen - du skriver "klistrar in följande fil" (vilken?) vilket och sedan "klistra in en länk till resultatet här" - en länk? valfri?? och "till resultatet här"??

Link to comment
Share on other sites

Inte lätt att veta vad jag menar alla gånger. :thumbsup:

 

På sidan http://www.virustotal.com klickar du på Bläddra-knappen.

I rutan för filnamn klistrar du in detta:

C:\Windows\System32\Spool\prtprocs\x64\ssb3mpc.dll

 

 

Klicka på Öppna och sedan Skicka Fil.

Vänta tills resultatet är klart (Närvarande status blir genomförd eller något liknande).

Kopiera innehållet i adressfältet (när resultatet syns) och klistra in det i ditt svar.

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.×
×
  • Create New...