WhyBother

Det låter ju bra.

Pröva med att ominstallera Dreamweaver så får vi se om det blir samma problem med IE igen.

Jag har för mig att Trial försvinner helt då? Man får ju bara 30 dagars prova på en gång.

Efter lite tips och snack med zipp så kom vi fram till att Chapdu-BHOer brukar åtföljas av en registerändring och en annan fil. Vet du hur man hanterar registereditorn regedit?

För där så behöver följande nyckel kontrolleras:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ctfmon.exe

Det ska inte finnas något data med Debugger eller ctfmon för den nyckeln.

Om du hittar något sådant så skriv här vad du hittar.

Varifrån laddade du ner Dreamweaver?

Nej. Efter CurrentVersion fanns inget mer. Inget om ctfmon

Laddade hem det från adobe.com

WhyBother, fungerar Dreamweaver nu?

Ja, det fungerar. Men det var väldigt trögstartat och stod som "Not responding" två gånger.

Det låter ju bra. Så här såg det ut i loggen:

2009-09-26 01:34 <DIR> --d----- c:\programdata\FLEXnet

2009-09-26 01:32 225,280 a------- c:\windows\system32\xwr60722.dll

2009-09-26 01:17 <DIR> --d----- c:\program files (x86)\common files\Macrovision Shared

så filen kom in mellan en Macrovision-mapp och en FLEXnet-mapp skapades.

DDS-programmet och loggarna kan du ta bort från datorn förstås.

Så det har med Adobe reader att göra eller?

Tillägg:

Axife Mouse Recorder är trial

Dreamweaver är trial

WinRar är trial

De andra programmen är gratis eller så har jag licens för dem.

Inget illegalt alltså.

Ska kanske tillägga att de program som jag medvetet installerat på nyinstallation (ingen uppgradering) av Win 7 är:

Utorrent

Hijackthis

VLC

Axife Mouse Recorder

Adobe Dreamweaver 30 dagars testversion

Opera

Firefox

Spotify

WinRar

SQLyog Enterprise

Microsoft Office 2007

Audacity

Win7codecs (skulle vara pålitligt enl andra)

Windows Live

(skulle installera Nero, men det funkade inte för W7)

Ja, det räcker med ett par minuter för att konstatera att Internet Explorer mår bra igen.. ;-)

Tack så mycket för hjälpen Cecilia! Du vet vad du gör!

Jag avinstallerade Ask Toolbar. (Har ingen aning om när den blev installerad bara)

Det gick inte att markera dessa, för de fanns inte med:

O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files (x86)\AskBarDis\bar\bin\askBar.dll

O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files (x86)\AskBarDis\bar\bin\askBar.dll

Ingen av dessa fanns kvar heller..

C:\Windows\SysWow64\xwr60722.dll

C:\Program Files (x86)\AskBarDis

Ska nu låta Internet Explorer vara igång lite, återkommer snart hur det fungerar.

HiJackThis:

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 18:55:48, on 2009-09-29

Platform: Unknown Windows (WinNT 6.01.3504)

MSIE: Internet Explorer v8.00 (8.00.7600.16385)

Boot mode: Normal

Running processes:

C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe

C:\Program Files (x86)\uTorrent\uTorrent.exe

C:\Program Files\Alwil Software\Avast4\ashDisp.exe

C:\Windows\SysWOW64\Ctxfihlp.exe

C:\Windows\SysWOW64\CTXFISPI.EXE

C:\Program Files (x86)\Internet Explorer\IELowutil.exe

C:\Program Files (x86)\Windows Media Player\wmplayer.exe

C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS4\dreamweaver.exe

C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Program Files (x86)\Spotify\spotify.exe

E:\Setupx.exe

E:\Nero 7 Premium\Setupx.exe

C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

F2 - REG:system.ini: UserInit=userinit.exe

O2 - BHO: D - {0160F9E6-5B25-34A2-81F1-1A25F5DEFB09} - C:\Windows\SysWow64\xwr60722.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files (x86)\AskBarDis\bar\bin\askBar.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files (x86)\AskBarDis\bar\bin\askBar.dll

O4 - HKLM\..\Run: [avast!] "C:\Program Files\Alwil Software\Avast4\ashDisp.exe"

O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe"

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O8 - Extra context menu item: E&xportera till Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000

O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll

O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll

O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O13 - Gopher Prefix:

O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - http://catalog.update.microsoft.com/v7/sit...b?1250371452405

O16 - DPF: {6D2EF4B4-CB62-4C0B-85F3-B79C236D702C} (ContactExtractor Class) - http://www.facebook.com/controls/contactx.dll

O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.0...oUploader55.cab

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)

O23 - Service: ASKUpgrade - Unknown owner - C:\Program Files (x86)\AskBarDis\bar\bin\ASKUpgrade.exe

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe

O23 - Service: Creative Dolby Digital Live Pack Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\DDLLicensing.exe

O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--

End of file - 9017 bytes

Då kommer genast den stora frågan:

Hur får jag bort möget? ;-)

Jo, jag var in där och kollade på Change Settings för UAC. Den stod på Max. Har inte rört den tidigare heller.

Här är filen:

http://www.skickafilen.se/download.jsp?fil...cKdThvnnfZHcPAN

Resultat:

Två program har hittat en trojan?

a-squared 4.5.0.24 2009.09.28 Trojan.Win32.Chepdu!IK

AhnLab-V3 5.0.0.2 2009.09.28 -

AntiVir 7.9.1.27 2009.09.28 -

Antiy-AVL 2.0.3.7 2009.09.28 -

Authentium 5.1.2.4 2009.09.28 -

Avast 4.8.1351.0 2009.09.27 -

AVG 8.5.0.412 2009.09.28 -

BitDefender 7.2 2009.09.28 -

CAT-QuickHeal 10.00 2009.09.26 -

ClamAV 0.94.1 2009.09.28 -

Comodo 2462 2009.09.28 -

DrWeb 5.0.0.12182 2009.09.28 -

eSafe 7.0.17.0 2009.09.24 -

eTrust-Vet 31.6.6763 2009.09.27 -

F-Prot 4.5.1.85 2009.09.27 -

F-Secure 8.0.14470.0 2009.09.28 -

Fortinet 3.120.0.0 2009.09.28 -

GData 19 2009.09.28 -

Ikarus T3.1.1.72.0 2009.09.28 Trojan.Win32.Chepdu

Jiangmin 11.0.800 2009.09.27 -

K7AntiVirus 7.10.855 2009.09.26 -

Kaspersky 7.0.0.125 2009.09.28 -

McAfee 5755 2009.09.28 -

McAfee+Artemis 5755 2009.09.28 -

McAfee-GW-Edition 6.8.5 2009.09.28 -

Microsoft 1.5005 2009.09.23 -

NOD32 4465 2009.09.28 -

Norman 6.01.09 2009.09.28 -

nProtect 2009.1.8.0 2009.09.28 -

Panda 10.0.2.2 2009.09.28 -

PCTools 4.4.2.0 2009.09.28 -

Prevx 3.0 2009.09.28 -

Rising 21.49.04.00 2009.09.28 -

Sophos 4.45.0 2009.09.28 -

Sunbelt 3.2.1858.2 2009.09.27 -

Symantec 1.4.4.12 2009.09.28 -

TheHacker 6.5.0.2.020 2009.09.28 -

TrendMicro 8.950.0.1094 2009.09.25 -

VBA32 3.12.10.11 2009.09.27 -

ViRobot 2009.9.28.1960 2009.09.28 -

VirusBuster 4.6.5.0 2009.09.28 -

Är det här inte max inställningar?

Jag gjorde en scan:

DDS (Ver_09-09-29.01) - NTFSx86

Run by Tolle at 17:00:32,50 on 2009-09-29

Internet Explorer: 8.0.7600.16385

Microsoft Windows 7 Ultimate 6.1.7600.0.1252.46.1033.18.3071.1290 [GMT 2:00]

============== Running Processes ===============

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\system32\atiesrxx.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\atieclxx.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

C:\Program Files\Alwil Software\Avast4\ashServ.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

C:\Windows\WindowsMobile\wmdc.exe

C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe

C:\Windows\system32\WUDFHost.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files (x86)\uTorrent\uTorrent.exe

C:\Windows\system32\svchost.exe -k WindowsMobile

C:\Program Files\Alwil Software\Avast4\ashDisp.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\SysWOW64\Ctxfihlp.exe

C:\Windows\SysWOW64\CTXFISPI.EXE

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

C:\Windows\system32\DllHost.exe

C:\Windows\system32\sppsvc.exe

C:\Windows\System32\svchost.exe -k secsvcs

C:\Program Files (x86)\Internet Explorer\IELowutil.exe

C:\Windows\ehome\ehRecvr.exe

C:\Program Files (x86)\Windows Media Player\wmplayer.exe

C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS4\dreamweaver.exe

C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Windows\System32\svchost.exe -k WerSvcGroup

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

c:\program files\windows defender\MpCmdRun.exe

C:\Users\Tolle\Desktop\dds.scr

C:\Windows\system32\conhost.exe

C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

mLocal Page = c:\windows\syswow64\blank.htm

mWinlogon: Userinit=userinit.exe

BHO: D: {0160f9e6-5b25-34a2-81f1-1a25f5defb09} - c:\windows\syswow64\xwr60722.dll

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files (x86)\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: AskBar BHO: {201f27d4-3704-41d6-89c1-aa35e39143ed} - c:\program files (x86)\askbardis\bar\bin\askBar.dll

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files (x86)\common files\microsoft shared\windows live\WindowsLiveLogin.dll

TB: Ask Toolbar: {3041d03e-fd4b-44e0-b742-2d9b88305f98} - c:\program files (x86)\askbardis\bar\bin\askBar.dll

uRun: [msnmsgr] "c:\program files (x86)\windows live\messenger\msnmsgr.exe" /background

uRun: [sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun

uRun: [uTorrent] "c:\program files (x86)\utorrent\uTorrent.exe"

mRun: [avast!] "c:\program files\alwil software\avast4\ashDisp.exe"

mRun: [CTxfiHlp] CTXFIHLP.EXE

mRun: [Adobe Reader Speed Launcher] "c:\program files (x86)\adobe\reader 9.0\reader\Reader_sl.exe"

mRun: [AdobeCS4ServiceManager] "c:\program files (x86)\common files\adobe\cs4servicemanager\CS4ServiceManager.exe" -launchedbylogin

mPolicies-explorer: NoActiveDesktop = 1 (0x1)

mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)

mPolicies-explorer: ForceActiveDesktopOn = 0 (0x0)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: E&xportera till Microsoft Excel - c:\progra~2\micros~1\office12\EXCEL.EXE/3000

IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\windows\windowsmobile\INetRepl.dll

IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\windows\windowsmobile\INetRepl.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~2\micros~1\office12\REFIEBAR.DLL

DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} - hxxp://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1250371452405

DPF: {6D2EF4B4-CB62-4C0B-85F3-B79C236D702C} - hxxp://www.facebook.com/controls/contactx.dll

DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

================= FIREFOX ===================

FF - ProfilePath - c:\users\tolle\appdata\roaming\mozilla\firefox\profiles\oh9hrebt.default\

FF - prefs.js: browser.startup.homepage - hxxp://go.microsoft.com/fwlink/?LinkId=69157

FF - plugin: c:\program files (x86)\microsoft\office live\npOLW.dll

FF - plugin: c:\program files (x86)\win7codecs\rm\browser\plugins\nppl3260.dll

FF - plugin: c:\program files (x86)\win7codecs\rm\browser\plugins\nprpjplug.dll

FF - plugin: c:\program files (x86)\windows live\photo gallery\NPWLPG.dll

---- FIREFOX POLICIES ----

c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.visited_color", "#551A8B");

c:\program files (x86)\mozilla firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".se");

c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("browser.videoFeeds.handler", "ask");

============= SERVICES / DRIVERS ===============

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswsp.sys --> c:\windows\system32\drivers\aswSP.sys [?]

R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswfsblk.sys --> c:\windows\system32\drivers\aswFsBlk.sys [?]

R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswmonflt.sys --> c:\windows\system32\drivers\aswMonFlt.sys [?]

R3 camdrv42;Philips SPC 900NC PC Camera;c:\windows\system32\drivers\camdrv42.sys --> c:\windows\system32\drivers\camdrv42.sys [?]

R3 CT20XUT.SYS;CT20XUT.SYS;c:\windows\system32\drivers\ct20xut.sys --> c:\windows\system32\drivers\CT20XUT.SYS [?]

R3 CTEXFIFX.SYS;CTEXFIFX.SYS;c:\windows\system32\drivers\ctexfifx.sys --> c:\windows\system32\drivers\CTEXFIFX.SYS [?]

R3 CTHWIUT.SYS;CTHWIUT.SYS;c:\windows\system32\drivers\cthwiut.sys --> c:\windows\system32\drivers\CTHWIUT.SYS [?]

S3 CT20XUT;CT20XUT;c:\windows\system32\drivers\ct20xut.sys --> c:\windows\system32\drivers\CT20XUT.SYS [?]

S3 CTEXFIFX;CTEXFIFX;c:\windows\system32\drivers\ctexfifx.sys --> c:\windows\system32\drivers\CTEXFIFX.SYS [?]

S3 CTHWIUT;CTHWIUT;c:\windows\system32\drivers\cthwiut.sys --> c:\windows\system32\drivers\CTHWIUT.SYS [?]

=============== Created Last 30 ================

2009-09-26 01:34 <DIR> --d----- c:\programdata\FLEXnet

2009-09-26 01:32 225,280 a------- c:\windows\system32\xwr60722.dll

2009-09-26 01:17 <DIR> --d----- c:\program files (x86)\common files\Macrovision Shared

2009-09-14 12:13 <DIR> --d----- C:\TokensBackup

2009-09-14 01:23 <DIR> --d----- c:\program files (x86)\Axife Mouse Recorder DEMO

2009-09-14 01:22 <DIR> --d----- c:\windows\system32\XPSViewer

2009-09-14 01:22 <DIR> --d----- c:\windows\system32\wbem\sv-SE

2009-09-14 01:22 <DIR> --d----- c:\windows\system32\sv

2009-09-14 01:22 <DIR> --d----- c:\windows\system32\drivers\sv-SE

2009-09-14 01:21 <DIR> --d----- c:\windows\sv-SE

2009-09-10 00:02 <DIR> --d----- c:\users\tolle\Resor

2009-09-04 23:41 <DIR> --d----- C:\TT

==================== Find3M ====================

2009-09-14 01:20 294,764 a------- c:\windows\inf\perflib\041d\perfi.dat

2009-09-14 01:20 294,764 a------- c:\windows\inf\perflib\041d\perfh.dat

2009-09-14 01:20 37,052 a------- c:\windows\inf\perflib\041d\perfd.dat

2009-09-14 01:20 37,052 a------- c:\windows\inf\perflib\041d\perfc.dat

2009-08-27 08:31 347,648 a------- c:\windows\apppatch\apppatch64\AcLayers.dll

2009-08-27 08:31 135,168 a------- c:\windows\apppatch\apppatch64\AcXtrnal.dll

2009-08-18 02:34 356,352 a------- c:\windows\system32\atipdlxx.dll

2009-08-18 02:34 274,432 a------- c:\windows\system32\Oemdspif.dll

2009-08-18 02:34 43,520 a------- c:\windows\system32\ati2edxx.dll

2009-08-18 02:31 2,469,888 a------- c:\windows\system32\atidxx32.dll

2009-08-18 02:20 3,105,280 a------- c:\windows\system32\atiumdag.dll

2009-08-18 02:11 11,650,560 a------- c:\windows\system32\atioglxx.dll

2009-08-18 02:05 2,868,736 a------- c:\windows\system32\atiumdva.dll

2009-08-18 01:52 51,712 a------- c:\windows\system32\atimpc32.dll

2009-08-18 01:52 51,712 a------- c:\windows\system32\amdpcom32.dll

2009-08-18 01:52 184,320 a------- c:\windows\system32\atiadlxy.dll

2009-08-18 01:49 53,248 a------- c:\windows\system32\aticalrt.dll

2009-08-18 01:49 53,248 a------- c:\windows\system32\aticalcl.dll

2009-08-18 01:48 3,264,512 a------- c:\windows\system32\aticaldd.dll

2009-08-15 01:21 444,952 a------- c:\windows\system32\wrap_oal.dll

2009-08-15 01:21 109,080 a------- c:\windows\system32\OpenAL32.dll

2009-08-15 00:59 319,488 a------- c:\windows\HideWin.exe

2009-08-15 00:46 323,104 a------- c:\windows\AlcRmv64.exe

2009-08-15 00:46 524,288 a------- c:\windows\RtlExUpd.dll

2009-08-15 00:46 475,648 a------- c:\windows\AlcUpd64.exe

2009-07-14 07:37 291,294 a------- c:\windows\inf\perflib\0409\perfi.dat

2009-07-14 07:37 291,294 a------- c:\windows\inf\perflib\0409\perfh.dat

2009-07-14 07:37 31,548 a------- c:\windows\inf\perflib\0409\perfd.dat

2009-07-14 07:37 31,548 a------- c:\windows\inf\perflib\0409\perfc.dat

2009-07-14 06:54 174 a--sh--- c:\program files (x86)\desktop.ini

2009-07-14 03:40 52,736 a------- c:\windows\apppatch\apppatch64\apihex64.dll

2009-07-14 03:40 309,248 a------- c:\windows\apppatch\apppatch64\AcGenral.dll

2009-07-14 03:40 111,104 a------- c:\windows\apppatch\apppatch64\acspecfc.dll

2009-07-14 03:39 10,240 a------- c:\windows\write.exe

2009-07-14 03:39 61,952 a------- c:\windows\splwow64.exe

2009-07-14 03:39 427,008 a------- c:\windows\regedit.exe

2009-07-14 03:39 193,536 a------- c:\windows\notepad.exe

2009-07-14 03:39 733,696 a------- c:\windows\HelpPane.exe

2009-07-14 03:39 16,896 a------- c:\windows\hh.exe

2009-07-14 03:39 2,868,224 a------- c:\windows\explorer.exe

2009-07-14 03:39 15,360 a------- c:\windows\fveupdate.exe

2009-07-14 03:38 71,168 a------- c:\windows\bfsvc.exe

2009-07-14 03:26 21,584 a------- c:\windows\system32\BOOTVID.DLL

2009-07-14 03:23 5,070,848 a------- c:\windows\system32\AuthFWSnapin.dll

2009-07-14 03:22 107,008 a------- c:\windows\system32\NAPHLPR.DLL

2009-07-14 03:22 46,080 a------- c:\windows\system32\NAPCRYPT.DLL

2009-07-14 03:20 3,954,768 a------- c:\windows\system32\ntkrnlpa.exe

2009-07-14 03:20 3,899,472 a------- c:\windows\system32\ntoskrnl.exe

2009-07-14 03:20 91,728 a------- c:\windows\system32\MigAutoPlay.exe

2009-07-14 03:20 126,976 a------- c:\windows\system32\AuthFWWizFwk.dll

2009-07-14 03:19 52,816 a------- c:\windows\system32\PSHED.DLL

2009-07-14 03:17 249,680 a------- c:\windows\system32\bcryptprimitives.dll

2009-07-14 03:17 242,936 a------- c:\windows\system32\rsaenh.dll

2009-07-14 03:17 156,728 a------- c:\windows\system32\dssenh.dll

2009-07-14 03:17 102,448 a------- c:\windows\system32\wbem\Win32_Tpm.dll

2009-07-14 03:17 1,289,712 a------- c:\windows\system32\ntdll.dll

2009-07-14 03:17 143,936 a------- c:\windows\system32\basecsp.dll

2009-07-14 03:15 1,386,496 a------- c:\windows\system32\msxml6.dll

2009-07-14 03:14 171,520 a------- c:\windows\system32\BioCredProv.dll

2009-07-14 03:11 54,272 a------- c:\windows\system32\WsmRes.dll

2009-07-14 03:10 2,560 a------- c:\windows\system32\uxlibres.dll

2009-07-14 03:10 1,164,800 a------- c:\windows\system32\UIRibbonRes.dll

2009-07-14 03:10 2,048 a------- c:\windows\system32\tzres.dll

2009-07-14 03:10 108,544 a------- c:\windows\system32\tapiui.dll

2009-07-14 03:10 7,168 a------- c:\windows\system32\spwizres.dll

2009-07-14 03:10 8,338,432 a------- c:\windows\system32\spwizimg.dll

2009-07-14 03:10 2,560 a------- c:\windows\system32\sfc.dll

2009-07-14 03:10 68,608 a------- c:\windows\system32\nlsbres.dll

2009-07-14 03:08 6,917,120 a------- c:\windows\system32\NlsLexicons0c1a.dll

2009-07-14 03:07 18,944 a------- c:\windows\system32\netevent.dll

2009-07-14 03:07 2,048 a------- c:\windows\system32\netmsg.dll

2009-07-14 03:07 2,048 a------- c:\windows\system32\neth.dll

2009-07-14 03:07 2,048 a------- c:\windows\system32\msxml6r.dll

2009-07-14 03:07 2,048 a------- c:\windows\system32\msxml3r.dll

2009-07-14 03:07 60,928 a------- c:\windows\system32\msvcrt40.dll

2009-07-14 03:07 268,800 a------- c:\windows\system32\msshavmsg.dll

2009-07-14 03:07 8,192 a------- c:\windows\system32\msorc32r.dll

2009-07-14 03:07 60,416 a------- c:\windows\system32\msobjs.dll

2009-07-14 03:07 25,088 a------- c:\windows\system32\msimsg.dll

2009-07-14 03:07 4,608 a------- c:\windows\system32\msidntld.dll

2009-07-14 03:05 3,072 a------- c:\windows\system32\icmp.dll

2009-07-14 03:05 4,240,384 a------- c:\windows\system32\GameUXLegacyGDFs.dll

2009-07-14 03:05 925,184 a------- c:\windows\system32\FXSRESM.dll

2009-07-14 03:04 2,560 a------- c:\windows\system32\dpnlobby.dll

2009-07-14 03:04 2,048 a------- c:\windows\system32\dpnaddr.dll

2009-07-14 03:04 372,224 a------- c:\windows\system32\dmdskres.dll

2009-07-14 03:04 2,048 a------- c:\windows\system32\dmdskres2.dll

2009-07-14 03:04 1,297,408 a------- c:\windows\system32\comres.dll

2009-07-14 03:04 514,048 a------- c:\windows\system32\shellstyle.dll

2009-07-14 03:00 291,294 a------- c:\windows\inf\perflib\0000\perfi.dat

2009-07-14 03:00 291,294 a------- c:\windows\inf\perflib\0000\perfh.dat

2009-07-14 03:00 31,548 a------- c:\windows\inf\perflib\0000\perfd.dat

2009-07-14 03:00 31,548 a------- c:\windows\inf\perflib\0000\perfc.dat

2009-07-14 01:25 293,888 a------- c:\windows\system32\atmfd.dll

2009-07-14 01:16 14,336 a------- c:\windows\system32\wowreg32.exe

2009-07-14 01:16 7,680 a------- c:\windows\system32\instnm.exe

2009-07-14 01:15 2,048 a------- c:\windows\system32\user.exe

2009-07-14 01:15 25,088 a------- c:\windows\system32\mode.com

2009-07-14 01:15 16,384 a------- c:\windows\system32\tree.com

2009-07-14 01:15:17 A------- 20,992 c:\windows\system32\more.com

2009-06-10 22:44 9,633,792 a--shr-- c:\windows\fonts\StaticCache.dat

============= FINISH: 17:04:04,72 ===============

Attach.zip

Nej, inga tillägg har installerats. Jo, Flash installerade jag samma dag jag installerade hela Windows 7.

Men problemen började förra veckan. Då har jag inte medvetet installerat något.

Det som jag har installerat (via win update) är svenska som språk man kunde få, men det har väl inte så mycket med IE8 att göra?

Jag använder också Windows 7. Problemet är att IE8 återställer flikar hela tiden. Flikar som inte syns. Vare sig man har IE8 öppet eller inte. Ni ser på ena bilden att skrivbordet är framme när en flik återskapas.

Detta började för en vecka sen. Jag har haft Windows 7 i ca två månader.

Startar man inte IE8 så händer ingenting, men när man kört det en gång så är det kört för datorn till slut.

Det funkar att stänga alla processer i Aktivitetshanteraren, när alla är stängda startas inga nya.

Hm. Kollar man bara så ser man ju hur lätt det var med favoriterna... :-)

Hej då IE!

Stäng tråden om ni vill.

Jo, kör med Firefox nu istället. Men har ju alla favoriter i IE. Vet inte hur man flyttar över dem till FF.

Vet MS om det här problemet? Eller skyller dem på att man har trojan/mask/etc i burken?

Hej!

Bifogar bilder så ni ser vad jag menar med..

Problemet är inte att varje gång man öppnar en flik så startar en ny process.

Problemet är att IE8 har fått för sig att en flik kraschar hela tiden och ska återställa den.

Detta resulterar i att det blir väldigt många processer och jag kan inte ens starta IE8.

Jag behöver bara starta IE8 en gång så håller den på. Men inte utan att jag startat.

Efteråt så fortsätter den, se bild.

Hur får man bort det?