WhyBother
-
Innehållsantal
19 -
Gick med
-
Besökte senast
Inlägg postade av WhyBother
-
-
Efter lite tips och snack med zipp så kom vi fram till att Chapdu-BHOer brukar åtföljas av en registerändring och en annan fil. Vet du hur man hanterar registereditorn regedit?
För där så behöver följande nyckel kontrolleras:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ctfmon.exe
Det ska inte finnas något data med Debugger eller ctfmon för den nyckeln.
Om du hittar något sådant så skriv här vad du hittar.
Varifrån laddade du ner Dreamweaver?
Nej. Efter CurrentVersion fanns inget mer. Inget om ctfmon
Laddade hem det från adobe.com
-
WhyBother, fungerar Dreamweaver nu?
Ja, det fungerar. Men det var väldigt trögstartat och stod som "Not responding" två gånger.
-
Det låter ju bra. Så här såg det ut i loggen:
2009-09-26 01:34 <DIR> --d----- c:\programdata\FLEXnet
2009-09-26 01:32 225,280 a------- c:\windows\system32\xwr60722.dll
2009-09-26 01:17 <DIR> --d----- c:\program files (x86)\common files\Macrovision Shared
så filen kom in mellan en Macrovision-mapp och en FLEXnet-mapp skapades.
DDS-programmet och loggarna kan du ta bort från datorn förstås.
Så det har med Adobe reader att göra eller?
-
Tillägg:
Axife Mouse Recorder är trial
Dreamweaver är trial
WinRar är trial
De andra programmen är gratis eller så har jag licens för dem.
Inget illegalt alltså.
-
Ska kanske tillägga att de program som jag medvetet installerat på nyinstallation (ingen uppgradering) av Win 7 är:
Utorrent
Hijackthis
VLC
Axife Mouse Recorder
Adobe Dreamweaver 30 dagars testversion
Opera
Firefox
Spotify
WinRar
SQLyog Enterprise
Microsoft Office 2007
Audacity
Win7codecs (skulle vara pålitligt enl andra)
Windows Live
(skulle installera Nero, men det funkade inte för W7)
-
Ja, det räcker med ett par minuter för att konstatera att Internet Explorer mår bra igen.. ;-)
Tack så mycket för hjälpen Cecilia! Du vet vad du gör!
-
Jag avinstallerade Ask Toolbar. (Har ingen aning om när den blev installerad bara)
Det gick inte att markera dessa, för de fanns inte med:
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files (x86)\AskBarDis\bar\bin\askBar.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files (x86)\AskBarDis\bar\bin\askBar.dll
Ingen av dessa fanns kvar heller..
C:\Windows\SysWow64\xwr60722.dll
C:\Program Files (x86)\AskBarDis
Ska nu låta Internet Explorer vara igång lite, återkommer snart hur det fungerar.
-
HiJackThis:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:55:48, on 2009-09-29
Platform: Unknown Windows (WinNT 6.01.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Program Files (x86)\uTorrent\uTorrent.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Windows\SysWOW64\Ctxfihlp.exe
C:\Windows\SysWOW64\CTXFISPI.EXE
C:\Program Files (x86)\Internet Explorer\IELowutil.exe
C:\Program Files (x86)\Windows Media Player\wmplayer.exe
C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS4\dreamweaver.exe
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Spotify\spotify.exe
E:\Setupx.exe
E:\Nero 7 Premium\Setupx.exe
C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: D - {0160F9E6-5B25-34A2-81F1-1A25F5DEFB09} - C:\Windows\SysWow64\xwr60722.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files (x86)\AskBarDis\bar\bin\askBar.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files (x86)\AskBarDis\bar\bin\askBar.dll
O4 - HKLM\..\Run: [avast!] "C:\Program Files\Alwil Software\Avast4\ashDisp.exe"
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe"
O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportera till Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O13 - Gopher Prefix:
O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://catalog.update.microsoft.com/v7/sit...b?1250371452405
O16 - DPF: {6D2EF4B4-CB62-4C0B-85F3-B79C236D702C} (ContactExtractor Class) - http://www.facebook.com/controls/contactx.dll
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.0...oUploader55.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: ASKUpgrade - Unknown owner - C:\Program Files (x86)\AskBarDis\bar\bin\ASKUpgrade.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Dolby Digital Live Pack Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\DDLLicensing.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 9017 bytes
-
Då kommer genast den stora frågan:
Hur får jag bort möget? ;-)
-
Jo, jag var in där och kollade på Change Settings för UAC. Den stod på Max. Har inte rört den tidigare heller.
Här är filen:
http://www.skickafilen.se/download.jsp?fil...cKdThvnnfZHcPAN
-
Resultat:
Två program har hittat en trojan?
a-squared 4.5.0.24 2009.09.28 Trojan.Win32.Chepdu!IK
AhnLab-V3 5.0.0.2 2009.09.28 -
AntiVir 7.9.1.27 2009.09.28 -
Antiy-AVL 2.0.3.7 2009.09.28 -
Authentium 5.1.2.4 2009.09.28 -
Avast 4.8.1351.0 2009.09.27 -
AVG 8.5.0.412 2009.09.28 -
BitDefender 7.2 2009.09.28 -
CAT-QuickHeal 10.00 2009.09.26 -
ClamAV 0.94.1 2009.09.28 -
Comodo 2462 2009.09.28 -
DrWeb 5.0.0.12182 2009.09.28 -
eSafe 7.0.17.0 2009.09.24 -
eTrust-Vet 31.6.6763 2009.09.27 -
F-Prot 4.5.1.85 2009.09.27 -
F-Secure 8.0.14470.0 2009.09.28 -
Fortinet 3.120.0.0 2009.09.28 -
GData 19 2009.09.28 -
Ikarus T3.1.1.72.0 2009.09.28 Trojan.Win32.Chepdu
Jiangmin 11.0.800 2009.09.27 -
K7AntiVirus 7.10.855 2009.09.26 -
Kaspersky 7.0.0.125 2009.09.28 -
McAfee 5755 2009.09.28 -
McAfee+Artemis 5755 2009.09.28 -
McAfee-GW-Edition 6.8.5 2009.09.28 -
Microsoft 1.5005 2009.09.23 -
NOD32 4465 2009.09.28 -
Norman 6.01.09 2009.09.28 -
nProtect 2009.1.8.0 2009.09.28 -
Panda 10.0.2.2 2009.09.28 -
PCTools 4.4.2.0 2009.09.28 -
Prevx 3.0 2009.09.28 -
Rising 21.49.04.00 2009.09.28 -
Sophos 4.45.0 2009.09.28 -
Sunbelt 3.2.1858.2 2009.09.27 -
Symantec 1.4.4.12 2009.09.28 -
TheHacker 6.5.0.2.020 2009.09.28 -
TrendMicro 8.950.0.1094 2009.09.25 -
VBA32 3.12.10.11 2009.09.27 -
ViRobot 2009.9.28.1960 2009.09.28 -
VirusBuster 4.6.5.0 2009.09.28 -
-
-
Jag gjorde en scan:
DDS (Ver_09-09-29.01) - NTFSx86
Run by Tolle at 17:00:32,50 on 2009-09-29
Internet Explorer: 8.0.7600.16385
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.46.1033.18.3071.1290 [GMT 2:00]
============== Running Processes ===============
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Windows\WindowsMobile\wmdc.exe
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
C:\Windows\system32\WUDFHost.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\uTorrent\uTorrent.exe
C:\Windows\system32\svchost.exe -k WindowsMobile
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\SysWOW64\Ctxfihlp.exe
C:\Windows\SysWOW64\CTXFISPI.EXE
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\DllHost.exe
C:\Windows\system32\sppsvc.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files (x86)\Internet Explorer\IELowutil.exe
C:\Windows\ehome\ehRecvr.exe
C:\Program Files (x86)\Windows Media Player\wmplayer.exe
C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS4\dreamweaver.exe
C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
c:\program files\windows defender\MpCmdRun.exe
C:\Users\Tolle\Desktop\dds.scr
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
============== Pseudo HJT Report ===============
mLocal Page = c:\windows\syswow64\blank.htm
mWinlogon: Userinit=userinit.exe
BHO: D: {0160f9e6-5b25-34a2-81f1-1a25f5defb09} - c:\windows\syswow64\xwr60722.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files (x86)\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: AskBar BHO: {201f27d4-3704-41d6-89c1-aa35e39143ed} - c:\program files (x86)\askbardis\bar\bin\askBar.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files (x86)\common files\microsoft shared\windows live\WindowsLiveLogin.dll
TB: Ask Toolbar: {3041d03e-fd4b-44e0-b742-2d9b88305f98} - c:\program files (x86)\askbardis\bar\bin\askBar.dll
uRun: [msnmsgr] "c:\program files (x86)\windows live\messenger\msnmsgr.exe" /background
uRun: [sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [uTorrent] "c:\program files (x86)\utorrent\uTorrent.exe"
mRun: [avast!] "c:\program files\alwil software\avast4\ashDisp.exe"
mRun: [CTxfiHlp] CTXFIHLP.EXE
mRun: [Adobe Reader Speed Launcher] "c:\program files (x86)\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [AdobeCS4ServiceManager] "c:\program files (x86)\common files\adobe\cs4servicemanager\CS4ServiceManager.exe" -launchedbylogin
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-explorer: ForceActiveDesktopOn = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xportera till Microsoft Excel - c:\progra~2\micros~1\office12\EXCEL.EXE/3000
IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\windows\windowsmobile\INetRepl.dll
IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\windows\windowsmobile\INetRepl.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~2\micros~1\office12\REFIEBAR.DLL
DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} - hxxp://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1250371452405
DPF: {6D2EF4B4-CB62-4C0B-85F3-B79C236D702C} - hxxp://www.facebook.com/controls/contactx.dll
DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
================= FIREFOX ===================
FF - ProfilePath - c:\users\tolle\appdata\roaming\mozilla\firefox\profiles\oh9hrebt.default\
FF - prefs.js: browser.startup.homepage - hxxp://go.microsoft.com/fwlink/?LinkId=69157
FF - plugin: c:\program files (x86)\microsoft\office live\npOLW.dll
FF - plugin: c:\program files (x86)\win7codecs\rm\browser\plugins\nppl3260.dll
FF - plugin: c:\program files (x86)\win7codecs\rm\browser\plugins\nprpjplug.dll
FF - plugin: c:\program files (x86)\windows live\photo gallery\NPWLPG.dll
---- FIREFOX POLICIES ----
c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.visited_color", "#551A8B");
c:\program files (x86)\mozilla firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".se");
c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("browser.videoFeeds.handler", "ask");
============= SERVICES / DRIVERS ===============
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswsp.sys --> c:\windows\system32\drivers\aswSP.sys [?]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswfsblk.sys --> c:\windows\system32\drivers\aswFsBlk.sys [?]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswmonflt.sys --> c:\windows\system32\drivers\aswMonFlt.sys [?]
R3 camdrv42;Philips SPC 900NC PC Camera;c:\windows\system32\drivers\camdrv42.sys --> c:\windows\system32\drivers\camdrv42.sys [?]
R3 CT20XUT.SYS;CT20XUT.SYS;c:\windows\system32\drivers\ct20xut.sys --> c:\windows\system32\drivers\CT20XUT.SYS [?]
R3 CTEXFIFX.SYS;CTEXFIFX.SYS;c:\windows\system32\drivers\ctexfifx.sys --> c:\windows\system32\drivers\CTEXFIFX.SYS [?]
R3 CTHWIUT.SYS;CTHWIUT.SYS;c:\windows\system32\drivers\cthwiut.sys --> c:\windows\system32\drivers\CTHWIUT.SYS [?]
S3 CT20XUT;CT20XUT;c:\windows\system32\drivers\ct20xut.sys --> c:\windows\system32\drivers\CT20XUT.SYS [?]
S3 CTEXFIFX;CTEXFIFX;c:\windows\system32\drivers\ctexfifx.sys --> c:\windows\system32\drivers\CTEXFIFX.SYS [?]
S3 CTHWIUT;CTHWIUT;c:\windows\system32\drivers\cthwiut.sys --> c:\windows\system32\drivers\CTHWIUT.SYS [?]
=============== Created Last 30 ================
2009-09-26 01:34 <DIR> --d----- c:\programdata\FLEXnet
2009-09-26 01:32 225,280 a------- c:\windows\system32\xwr60722.dll
2009-09-26 01:17 <DIR> --d----- c:\program files (x86)\common files\Macrovision Shared
2009-09-14 12:13 <DIR> --d----- C:\TokensBackup
2009-09-14 01:23 <DIR> --d----- c:\program files (x86)\Axife Mouse Recorder DEMO
2009-09-14 01:22 <DIR> --d----- c:\windows\system32\XPSViewer
2009-09-14 01:22 <DIR> --d----- c:\windows\system32\wbem\sv-SE
2009-09-14 01:22 <DIR> --d----- c:\windows\system32\sv
2009-09-14 01:22 <DIR> --d----- c:\windows\system32\drivers\sv-SE
2009-09-14 01:21 <DIR> --d----- c:\windows\sv-SE
2009-09-10 00:02 <DIR> --d----- c:\users\tolle\Resor
2009-09-04 23:41 <DIR> --d----- C:\TT
==================== Find3M ====================
2009-09-14 01:20 294,764 a------- c:\windows\inf\perflib\041d\perfi.dat
2009-09-14 01:20 294,764 a------- c:\windows\inf\perflib\041d\perfh.dat
2009-09-14 01:20 37,052 a------- c:\windows\inf\perflib\041d\perfd.dat
2009-09-14 01:20 37,052 a------- c:\windows\inf\perflib\041d\perfc.dat
2009-08-27 08:31 347,648 a------- c:\windows\apppatch\apppatch64\AcLayers.dll
2009-08-27 08:31 135,168 a------- c:\windows\apppatch\apppatch64\AcXtrnal.dll
2009-08-18 02:34 356,352 a------- c:\windows\system32\atipdlxx.dll
2009-08-18 02:34 274,432 a------- c:\windows\system32\Oemdspif.dll
2009-08-18 02:34 43,520 a------- c:\windows\system32\ati2edxx.dll
2009-08-18 02:31 2,469,888 a------- c:\windows\system32\atidxx32.dll
2009-08-18 02:20 3,105,280 a------- c:\windows\system32\atiumdag.dll
2009-08-18 02:11 11,650,560 a------- c:\windows\system32\atioglxx.dll
2009-08-18 02:05 2,868,736 a------- c:\windows\system32\atiumdva.dll
2009-08-18 01:52 51,712 a------- c:\windows\system32\atimpc32.dll
2009-08-18 01:52 51,712 a------- c:\windows\system32\amdpcom32.dll
2009-08-18 01:52 184,320 a------- c:\windows\system32\atiadlxy.dll
2009-08-18 01:49 53,248 a------- c:\windows\system32\aticalrt.dll
2009-08-18 01:49 53,248 a------- c:\windows\system32\aticalcl.dll
2009-08-18 01:48 3,264,512 a------- c:\windows\system32\aticaldd.dll
2009-08-15 01:21 444,952 a------- c:\windows\system32\wrap_oal.dll
2009-08-15 01:21 109,080 a------- c:\windows\system32\OpenAL32.dll
2009-08-15 00:59 319,488 a------- c:\windows\HideWin.exe
2009-08-15 00:46 323,104 a------- c:\windows\AlcRmv64.exe
2009-08-15 00:46 524,288 a------- c:\windows\RtlExUpd.dll
2009-08-15 00:46 475,648 a------- c:\windows\AlcUpd64.exe
2009-07-14 07:37 291,294 a------- c:\windows\inf\perflib\0409\perfi.dat
2009-07-14 07:37 291,294 a------- c:\windows\inf\perflib\0409\perfh.dat
2009-07-14 07:37 31,548 a------- c:\windows\inf\perflib\0409\perfd.dat
2009-07-14 07:37 31,548 a------- c:\windows\inf\perflib\0409\perfc.dat
2009-07-14 06:54 174 a--sh--- c:\program files (x86)\desktop.ini
2009-07-14 03:40 52,736 a------- c:\windows\apppatch\apppatch64\apihex64.dll
2009-07-14 03:40 309,248 a------- c:\windows\apppatch\apppatch64\AcGenral.dll
2009-07-14 03:40 111,104 a------- c:\windows\apppatch\apppatch64\acspecfc.dll
2009-07-14 03:39 10,240 a------- c:\windows\write.exe
2009-07-14 03:39 61,952 a------- c:\windows\splwow64.exe
2009-07-14 03:39 427,008 a------- c:\windows\regedit.exe
2009-07-14 03:39 193,536 a------- c:\windows\notepad.exe
2009-07-14 03:39 733,696 a------- c:\windows\HelpPane.exe
2009-07-14 03:39 16,896 a------- c:\windows\hh.exe
2009-07-14 03:39 2,868,224 a------- c:\windows\explorer.exe
2009-07-14 03:39 15,360 a------- c:\windows\fveupdate.exe
2009-07-14 03:38 71,168 a------- c:\windows\bfsvc.exe
2009-07-14 03:26 21,584 a------- c:\windows\system32\BOOTVID.DLL
2009-07-14 03:23 5,070,848 a------- c:\windows\system32\AuthFWSnapin.dll
2009-07-14 03:22 107,008 a------- c:\windows\system32\NAPHLPR.DLL
2009-07-14 03:22 46,080 a------- c:\windows\system32\NAPCRYPT.DLL
2009-07-14 03:20 3,954,768 a------- c:\windows\system32\ntkrnlpa.exe
2009-07-14 03:20 3,899,472 a------- c:\windows\system32\ntoskrnl.exe
2009-07-14 03:20 91,728 a------- c:\windows\system32\MigAutoPlay.exe
2009-07-14 03:20 126,976 a------- c:\windows\system32\AuthFWWizFwk.dll
2009-07-14 03:19 52,816 a------- c:\windows\system32\PSHED.DLL
2009-07-14 03:17 249,680 a------- c:\windows\system32\bcryptprimitives.dll
2009-07-14 03:17 242,936 a------- c:\windows\system32\rsaenh.dll
2009-07-14 03:17 156,728 a------- c:\windows\system32\dssenh.dll
2009-07-14 03:17 102,448 a------- c:\windows\system32\wbem\Win32_Tpm.dll
2009-07-14 03:17 1,289,712 a------- c:\windows\system32\ntdll.dll
2009-07-14 03:17 143,936 a------- c:\windows\system32\basecsp.dll
2009-07-14 03:15 1,386,496 a------- c:\windows\system32\msxml6.dll
2009-07-14 03:14 171,520 a------- c:\windows\system32\BioCredProv.dll
2009-07-14 03:11 54,272 a------- c:\windows\system32\WsmRes.dll
2009-07-14 03:10 2,560 a------- c:\windows\system32\uxlibres.dll
2009-07-14 03:10 1,164,800 a------- c:\windows\system32\UIRibbonRes.dll
2009-07-14 03:10 2,048 a------- c:\windows\system32\tzres.dll
2009-07-14 03:10 108,544 a------- c:\windows\system32\tapiui.dll
2009-07-14 03:10 7,168 a------- c:\windows\system32\spwizres.dll
2009-07-14 03:10 8,338,432 a------- c:\windows\system32\spwizimg.dll
2009-07-14 03:10 2,560 a------- c:\windows\system32\sfc.dll
2009-07-14 03:10 68,608 a------- c:\windows\system32\nlsbres.dll
2009-07-14 03:08 6,917,120 a------- c:\windows\system32\NlsLexicons0c1a.dll
2009-07-14 03:07 18,944 a------- c:\windows\system32\netevent.dll
2009-07-14 03:07 2,048 a------- c:\windows\system32\netmsg.dll
2009-07-14 03:07 2,048 a------- c:\windows\system32\neth.dll
2009-07-14 03:07 2,048 a------- c:\windows\system32\msxml6r.dll
2009-07-14 03:07 2,048 a------- c:\windows\system32\msxml3r.dll
2009-07-14 03:07 60,928 a------- c:\windows\system32\msvcrt40.dll
2009-07-14 03:07 268,800 a------- c:\windows\system32\msshavmsg.dll
2009-07-14 03:07 8,192 a------- c:\windows\system32\msorc32r.dll
2009-07-14 03:07 60,416 a------- c:\windows\system32\msobjs.dll
2009-07-14 03:07 25,088 a------- c:\windows\system32\msimsg.dll
2009-07-14 03:07 4,608 a------- c:\windows\system32\msidntld.dll
2009-07-14 03:05 3,072 a------- c:\windows\system32\icmp.dll
2009-07-14 03:05 4,240,384 a------- c:\windows\system32\GameUXLegacyGDFs.dll
2009-07-14 03:05 925,184 a------- c:\windows\system32\FXSRESM.dll
2009-07-14 03:04 2,560 a------- c:\windows\system32\dpnlobby.dll
2009-07-14 03:04 2,048 a------- c:\windows\system32\dpnaddr.dll
2009-07-14 03:04 372,224 a------- c:\windows\system32\dmdskres.dll
2009-07-14 03:04 2,048 a------- c:\windows\system32\dmdskres2.dll
2009-07-14 03:04 1,297,408 a------- c:\windows\system32\comres.dll
2009-07-14 03:04 514,048 a------- c:\windows\system32\shellstyle.dll
2009-07-14 03:00 291,294 a------- c:\windows\inf\perflib\0000\perfi.dat
2009-07-14 03:00 291,294 a------- c:\windows\inf\perflib\0000\perfh.dat
2009-07-14 03:00 31,548 a------- c:\windows\inf\perflib\0000\perfd.dat
2009-07-14 03:00 31,548 a------- c:\windows\inf\perflib\0000\perfc.dat
2009-07-14 01:25 293,888 a------- c:\windows\system32\atmfd.dll
2009-07-14 01:16 14,336 a------- c:\windows\system32\wowreg32.exe
2009-07-14 01:16 7,680 a------- c:\windows\system32\instnm.exe
2009-07-14 01:15 2,048 a------- c:\windows\system32\user.exe
2009-07-14 01:15 25,088 a------- c:\windows\system32\mode.com
2009-07-14 01:15 16,384 a------- c:\windows\system32\tree.com
2009-07-14 01:15:17 A------- 20,992 c:\windows\system32\more.com
2009-06-10 22:44 9,633,792 a--shr-- c:\windows\fonts\StaticCache.dat
============= FINISH: 17:04:04,72 ===============
-
Nej, inga tillägg har installerats. Jo, Flash installerade jag samma dag jag installerade hela Windows 7.
Men problemen började förra veckan. Då har jag inte medvetet installerat något.
Det som jag har installerat (via win update) är svenska som språk man kunde få, men det har väl inte så mycket med IE8 att göra?
-
Jag använder också Windows 7. Problemet är att IE8 återställer flikar hela tiden. Flikar som inte syns. Vare sig man har IE8 öppet eller inte. Ni ser på ena bilden att skrivbordet är framme när en flik återskapas.
Detta började för en vecka sen. Jag har haft Windows 7 i ca två månader.
Startar man inte IE8 så händer ingenting, men när man kört det en gång så är det kört för datorn till slut.
Det funkar att stänga alla processer i Aktivitetshanteraren, när alla är stängda startas inga nya.
-
Hm. Kollar man bara så ser man ju hur lätt det var med favoriterna... :-)
Hej då IE!
Stäng tråden om ni vill.
-
Jo, kör med Firefox nu istället. Men har ju alla favoriter i IE. Vet inte hur man flyttar över dem till FF.
Vet MS om det här problemet? Eller skyller dem på att man har trojan/mask/etc i burken?
-
Hej!
Bifogar bilder så ni ser vad jag menar med..
Problemet är inte att varje gång man öppnar en flik så startar en ny process.
Problemet är att IE8 har fått för sig att en flik kraschar hela tiden och ska återställa den.
Detta resulterar i att det blir väldigt många processer och jag kan inte ens starta IE8.
Jag behöver bara starta IE8 en gång så håller den på. Men inte utan att jag startat.
Efteråt så fortsätter den, se bild.
Hur får man bort det?
IE8 - Slutar inte skapa nya processer
i Borttagning av virus och andra skadliga program
Postad
Jag har för mig att Trial försvinner helt då? Man får ju bara 30 dagars prova på en gång.