Tony Posted September 24, 2012 Share Posted September 24, 2012 Hej. Har fått ett märkligt fel på Telia säker surf. Helt plötsligt slutade det att fungera och ikonen försvann. Programmet finns kvar men det går inte att få igång det. Har kört flera olika antivirusprogram, men utan att hitta något. Jag tog bort alla backuper i systemskyddet och stängde av det, då fungerade Telia säker surf, men när jag slår på systemskyddet igen fungera bara Telia säker surf tills jag stänger av datorn. Slår på den igen, och det är samma, Telia säker surf slutar fungera. Så länge jag har systemåterställningen avstängd fungerar Telia säker surf klockrent. Vad är det som hänt? Har även installerat om programmet, men med samma resultat. Tony. Quote Link to comment Share on other sites More sharing options...
Marion Posted September 24, 2012 Share Posted September 24, 2012 · Hidden by Manneman, September 25, 2012 - Off topic... trots påpekande i tråden Hidden by Manneman, September 25, 2012 - Off topic... trots påpekande i tråden Hej. Har fått ett märkligt fel på Telia säker surf. Helt plötsligt slutade det att fungera och ikonen försvann. Programmet finns kvar men det går inte att få igång det. Har kört flera olika antivirusprogram, men utan att hitta något. Jag tog bort alla backuper i systemskyddet och stängde av det, då fungerade Telia säker surf, men när jag slår på systemskyddet igen fungera bara Telia säker surf tills jag stänger av datorn. Slår på den igen, och det är samma, Telia säker surf slutar fungera. Så länge jag har systemåterställningen avstängd fungerar Telia säker surf klockrent. Vad är det som hänt? Har även installerat om programmet, men med samma resultat. Tony. Grattis! Att "telia säker surf" (F-secure) har slutat fungera ser jag bara som positivt. Att du har en bugg är en annan sak. Som i detta fall kanske kan kvitta?! Du får väl betala 600:- /året för denna tjänst, som jag ser, som totalt värdelös. F-secure/Teliasurf är väldigt trög, så jag skulle fundera på nåt annat - samt avsluta prenumerationen. Link to comment
Cecilia Posted September 24, 2012 Share Posted September 24, 2012 Kommer det något i Loggboken (Kontrollpanelen - Administrationsprogrm) i samband med att du sätter på systemåterställningen? Quote Link to comment Share on other sites More sharing options...
OlleBull Posted September 24, 2012 Share Posted September 24, 2012 · Hidden by Manneman, September 25, 2012 - Off topic... trots påpekande i tråden Hidden by Manneman, September 25, 2012 - Off topic... trots påpekande i tråden Visst, det ingår i abonnemang, men säga att det är kostnadsfritt, är väl att överdriva. Link to comment
Marion Posted September 24, 2012 Share Posted September 24, 2012 · Hidden by Manneman, September 25, 2012 - Off topic... trots påpekande i tråden Hidden by Manneman, September 25, 2012 - Off topic... trots påpekande i tråden PS. Telia Säker Surf för en dator ingår utan extra kostnad i många bredbandsabonnemang. Det har.. eller fortf. kostar 600kr om året, nu kör dom någon luddig kampanj som inte går att tyda, men du kan få det billigt en stund.. sen blir det 600 igen: Telia Säker surf Extra dator: 0 kr/mån i 6 månader. Efter 6 månader ordinarie kampanjpris 24,50 kr/mån* Telia Säker surf Tillval: 10 kr/mån för 1 licens i Telia Bredband/Telia Mobilt bredband (ord. pris 49 kr/mån) Link to comment
Cecilia Posted September 24, 2012 Share Posted September 24, 2012 · Hidden by Manneman, September 25, 2012 - Off topic... trots påpekande i tråden Hidden by Manneman, September 25, 2012 - Off topic... trots påpekande i tråden "Extra dator" betyder att det kostar för dator nummer två, tre osv, men det ingår för en dator när man har Telias ADSL-abonnemang. Men nu har väl inläggen lämnat trådens ämne. Link to comment
Manneman Posted September 24, 2012 Share Posted September 24, 2012 Har inte så mycket erfarenhet av Telia Säker Surf... men uppenbarligen ingår F-Secure, vilket är ett antivirusprogram. Samtidigt skriver du i din tråd: "Har kört flera olika antivirusprogram, men utan att hitta något". Som jag uppfattar det har du Telia Säker Surf kvar i datorn när du gör detta? Du ska inte köra fler antivirusprogram samtidigt i datorn, oavsett om Telia Säker Surf verkar vara inaktiverat. Börja med att avinstallera F-Secure från datorn och därefter prova ett annat AV och se om det spökar något. Quote Link to comment Share on other sites More sharing options...
Marion Posted September 24, 2012 Share Posted September 24, 2012 Jag har haft detta fel som du har när jag tänker efter, den gången var det ett virus som hade kommit in bakom "frontlinjen", så viruset stängde ner F-secure. Detta virus hitta inte Mbam, utan jag körde Combofix.exe. Quote Link to comment Share on other sites More sharing options...
Venoms Posted September 24, 2012 Share Posted September 24, 2012 (edited) · Hidden by Manneman, September 25, 2012 - Off topic... trots påpekande i tråden Hidden by Manneman, September 25, 2012 - Off topic... trots påpekande i tråden för denna tjänst, som jag ser, som totalt värdelös. Äntligen något jag håller med om utan att knorra.. Jag har inte råkat ut själv.. men jag har lagat fler maskiner med fel pga otillräcklig Telia säker surf.. Däremot måste jag säga att det är bättre än inget... Edited September 24, 2012 by Venoms Link to comment
Cecilia Posted September 24, 2012 Share Posted September 24, 2012 Hej. Har fått ett märkligt fel på Telia säker surf. Helt plötsligt slutade det att fungera och ikonen försvann. Programmet finns kvar men det går inte att få igång det. Har kört flera olika antivirusprogram, men utan att hitta något. Jag tog bort alla backuper i systemskyddet och stängde av det, då fungerade Telia säker surf, men när jag slår på systemskyddet igen fungera bara Telia säker surf tills jag stänger av datorn. Slår på den igen, och det är samma, Telia säker surf slutar fungera. Så länge jag har systemåterställningen avstängd fungerar Telia säker surf klockrent. Vad är det som hänt? Har även installerat om programmet, men med samma resultat. Tony. Om du misstänker att datorn är infekterad så följ anvisningarna i tråden Till dig med virus eller andra skadliga program i datorn så gott det går. Quote Link to comment Share on other sites More sharing options...
Marion Posted September 24, 2012 Share Posted September 24, 2012 · Hidden by Manneman, September 25, 2012 - Off topic... trots påpekande i tråden Hidden by Manneman, September 25, 2012 - Off topic... trots påpekande i tråden Om du misstänker att datorn är infekterad så följ anvisningarna i tråden Till dig med virus eller andra skadliga program i datorn så gott det går. PS. Det är inget fel med att använda Telia säker surf. Min pappa har det eftersom han har Telia ADSL och inte behöver betala något för det. Okej, då teckna han under dom körde kampanj, strunta i det, jag tänkte mer på; du som är duktig virus-jagare, och kan djungeln, så trodde jag faktiskt du hade gett din far ett "snabbare" AVP. Eller tycker du inte om honom? Link to comment
Cecilia Posted September 24, 2012 Share Posted September 24, 2012 · Hidden by Manneman, September 25, 2012 - Off topic... trots påpekande i tråden Hidden by Manneman, September 25, 2012 - Off topic... trots påpekande i tråden Han har haft Telia säker surf gratis i kanske 10 år vid det här laget. Eftersom han nu är 85 år så har han svårt att lära sig ett annat program, det var alldeles tillräckligt jobbigt för honom att vänja sig vid Windows 7 efter att ha haft XP i många år. Link to comment
Manneman Posted September 25, 2012 Share Posted September 25, 2012 Tråden blev off-topic och fortsatte off-topic trots uppmaning. Har rensat upp i tråden och även redigerat vissa inlägg för att få följsamhet på det hela. // Manneman Quote Link to comment Share on other sites More sharing options...
Tony Posted September 25, 2012 Author Share Posted September 25, 2012 Hej igen. Svar på frågan om det kommer något när jag aktiverar programmet, nej, det fungerar precis som vanligt och ingenting kommer upp, men försvinner när jag startar om datorn. Jag vet inte men, jag installerade IZarc packprogram för en vecka sen, och fick med något som hette Babyloon, trots att jag klickade ur det vid installationen, men avinstallerade sen Babyloon, efter det verkande det som att detta problem kom, men jag är inte säker. Hoppas jag gjort rätt. Tony DDS.txt Quote Link to comment Share on other sites More sharing options...
Cecilia Posted September 25, 2012 Share Posted September 25, 2012 Jag börjar med att klistra in DDS.txt för det blir mycket lättare för mig att kolla upp filnamnen etc. i loggen. . DDS (Ver_2011-08-26.01) - NTFSx86 Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.7.2 Run by Tony at 7:12:12 on 2012-09-25 Microsoft Windows 7 Enterprise 6.1.7601.1.1252.46.1053.18.3071.2329 [GMT 2:00] . AV: Telia Säker surf 9.15 *Enabled/Updated* {15414183-282E-D62C-CA37-EF24860A2F17} SP: Telia Säker surf 9.15 *Enabled/Updated* {AE20A067-0E14-D9A2-F087-D456FD8D65AA} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: Telia Säker surf 9.15 *Enabled* {2D7AC0A6-6241-D774-E168-461178D9686C} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Windows\system32\svchost.exe -k apphost C:\Program Files\Application Updater\ApplicationUpdater.exe C:\Windows\Explorer.EXE C:\ProgramData\Browser Manager\2.2.643.41\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe C:\Program Files\Telia\Telias sakerhetstjanster\Anti-Virus\fsgk32st.exe C:\Windows\system32\schtasks.exe C:\Windows\system32\conhost.exe C:\ProgramData\Browser Manager\2.2.643.41\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe C:\Program Files\Telia\Telias sakerhetstjanster\Anti-Virus\FSGK32.EXE C:\Program Files\Telia\Telias sakerhetstjanster\Common\FSMA32.EXE C:\Windows\system32\svchost.exe -k hpdevmgmt C:\Windows\system32\PnkBstrA.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Program Files\Telia\Supportassistenten\bin\sprtsvc.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\Telia\Supportassistenten\bin\tgsrvc.exe C:\Program Files\Telia\Telias sakerhetstjanster\Common\FSHDLL32.EXE C:\Program Files\Web Assistant\ExtensionUpdaterService.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Windows\system32\svchost.exe -k HPService C:\Program Files\Telia\Telias sakerhetstjanster\Anti-Virus\fssm32.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Program Files\Telia\Telias sakerhetstjanster\FWES\Program\fsdfwd.exe C:\Program Files\Telia\Telias sakerhetstjanster\ORSP Client\fsorsp.exe C:\Windows\SOUNDMAN.EXE C:\Program Files\Classic Shell\ClassicStartMenu.exe C:\Program Files\Microsoft IntelliPoint\ipoint.exe C:\Program Files\Microsoft IntelliType Pro\itype.exe C:\Program Files\Telia\Telias sakerhetstjanster\Common\FSM32.EXE C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Personal\bin\Personal.exe C:\Program Files\NVIDIA Corporation\Display\nvtray.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\Telia\Telias sakerhetstjanster\Anti-Virus\fsav32.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\DllHost.exe C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE C:\Windows\servicing\TrustedInstaller.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\PrintIsolationHost.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\conhost.exe C:\Windows\system32\wbem\wmiprvse.exe . ============== Pseudo HJT Report =============== . uURLSearchHooks: YTD Toolbar: {f3fee66e-e034-436a-86e4-9690573bee8a} - c:\program files\ytd toolbar\ie\6.3\ytdToolbarIE.dll BHO: {2EECD738-5844-4a99-B4B6-146BF802613B} - No File BHO: ExplorerBHO Class: {449d0d6e-2412-4e61-b68f-1cb625cd9e52} - c:\program files\classic shell\ClassicExplorer32.dll BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:\progra~1\micros~1\office14\URLREDIR.DLL BHO: Browsing Protection Class: {c6867eb7-8350-4856-877f-93cf8ae3dc9c} - c:\program files\telia\telias sakerhetstjanster\nrs\iescript\baselitmus.dll TB: {D0F4A166-B8D4-48b8-9D63-80849FE137CB} - No File TB: Browsing Protection Toolbar: {265eee8e-3228-44d3-aea5-f7fdf5860049} - c:\program files\telia\telias sakerhetstjanster\nrs\iescript\baselitmus.dll EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll uRun: [sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun uRun: [] mRun: [soundMan] SOUNDMAN.EXE mRun: [Classic Start Menu] c:\program files\classic shell\ClassicStartMenu.exe mRun: [amd_dc_opt] c:\program files\amd\dual-core optimizer\amd_dc_opt.exe mRun: [intelliPoint] "c:\program files\microsoft intellipoint\ipoint.exe" mRun: [itype] "c:\program files\microsoft intellitype pro\itype.exe" mRun: [F-Secure Manager] "c:\program files\telia\telias sakerhetstjanster\common\FSM32.EXE" /splash mRun: [F-Secure TNB] "c:\program files\telia\telias sakerhetstjanster\fsgui\TNBUtil.exe" /CHECKALL /WAITFORSW mRun: [] mRun: [Telia] "c:\program files\telia\supportassistenten\bin\sprtcmd.exe" /P TeliaDA StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\bankid~1.lnk - c:\program files\personal\bin\Personal.exe mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) mPolicies-system: PromptOnSecureDesktop = 0 (0x0) IE: E&xportera till Microsoft Excel - c:\progra~1\micros~1\office14\EXCEL.EXE/3000 IE: {56753E59-AF1D-4FBA-9E15-31557124ADA2} - c:\program files\classic shell\ClassicIE9_32.exe IE: {64964764-1101-4bbd-8891-B56B1A53B9B3} - {553891B7-A0D5-4526-BE18-D3CE461D6310} - c:\program files\classic shell\ClassicExplorer32.dll LSP: c:\program files\telia\telias sakerhetstjanster\fsps\program\FSLSP.DLL DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} - hxxp://acs.pandasoftware.com/activescan/cabs/as2stubie.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab TCP: DhcpNameServer = 192.168.1.1 TCP: Interfaces\{360EF9FC-06DF-4D92-90E2-195AF4DCA062} : DhcpNameServer = 192.168.1.1 Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll AppInit_DLLs: c:\progra~2\browse~1\22643~1.41\{16cdf~1\browse~1.dll . ================= FIREFOX =================== . FF - ProfilePath - c:\users\tony\appdata\roaming\mozilla\firefox\profiles\wnu33429.default\ FF - prefs.js: browser.startup.homepage - hxxp://search.babylon.com/?affID=112542&tt=120912_pcp_3812_4&babsrc=HP_ss&mntrId=4cf9d8c3000000000000001a921dba8e FF - prefs.js: browser.search.selectedEngine - Yahoo FF - prefs.js: keyword.URL - hxxp://se.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=937811&p= FF - prefs.js: network.proxy.type - 4 FF - plugin: c:\progra~1\micros~1\office14\NPAUTHZ.DLL FF - plugin: c:\progra~1\micros~1\office14\NPSPWRAP.DLL FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll FF - plugin: c:\program files\common files\avg secure search\sitesafetyinstaller\12.2.6\npsitesafety.dll FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll FF - plugin: c:\program files\microsoft silverlight\5.1.10411.0\npctrlui.dll FF - plugin: c:\program files\nokia\nokia suite\npNokiaSuiteEnabler.dll FF - plugin: c:\program files\nvidia corporation\3d vision\npnv3dv.dll FF - plugin: c:\program files\nvidia corporation\3d vision\npnv3dvstreaming.dll FF - plugin: c:\program files\personal\bin\np_prsnl.dll FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll FF - plugin: c:\windows\system32\adobe\director\np32dsw_1166636.dll FF - plugin: c:\windows\system32\adobe\director\np32dsw_1167637.dll FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_4_402_278.dll FF - plugin: c:\windows\system32\npDeployJava1.dll FF - plugin: c:\windows\system32\npmproxy.dll . ---- FIREFOX POLICIES ---- FF - user.js: extensions.incredibar_i.newTab - false FF - user.js: extensions.incredibar_i.tlbrSrchUrl - hxxp://mystart.Incredibar.com/?a=6PQIC5zomA&loc=IB_TB&i=26&search= FF - user.js: extensions.incredibar_i.id - 4cf9d8c3000000000000001a921dba8e FF - user.js: extensions.incredibar_i.instlDay - 15587 FF - user.js: extensions.incredibar_i.vrsn - 1.5.11.14 FF - user.js: extensions.incredibar_i.vrsni - 1.5.11.14 FF - user.js: extensions.incredibar_i.vrsnTs - 1.5.11.1412:18:05 FF - user.js: extensions.incredibar_i.prtnrId - Incredibar FF - user.js: extensions.incredibar_i.prdct - incredibar FF - user.js: extensions.incredibar_i.aflt - orgnl FF - user.js: extensions.incredibar_i.smplGrp - none FF - user.js: extensions.incredibar_i.tlbrId - base FF - user.js: extensions.incredibar_i.instlRef - FF - user.js: extensions.incredibar_i.dfltLng - FF - user.js: extensions.incredibar_i.excTlbr - false FF - user.js: extensions.incredibar_i.ms_url_id - FF - user.js: extensions.incredibar_i.upn2 - 6PQIC5zomA FF - user.js: extensions.incredibar_i.upn2n - 92543522727663952 FF - user.js: extensions.incredibar_i.productid - 26 FF - user.js: extensions.incredibar_i.installerproductid - 26 FF - user.js: extensions.incredibar_i.did - 10650 FF - user.js: extensions.incredibar_i.ppd - 201%5F6 FF - user.js: extensions.BabylonToolbar.autoRvrt - false FF - user.js: extensions.BabylonToolbar_i.newTab - false FF - user.js: extensions.BabylonToolbar.tlbrSrchUrl - hxxp://search.babylon.com/?babsrc=TB_def&mntrId=4cf9d8c3000000000000001a921dba8e&q= FF - user.js: extensions.BabylonToolbar.id - 4cf9d8c3000000000000001a921dba8e FF - user.js: extensions.BabylonToolbar.appId - {BDB69379-802F-4eaf-B541-F8DE92DD98DB} FF - user.js: extensions.BabylonToolbar.instlDay - 15603 FF - user.js: extensions.BabylonToolbar.vrsn - 1.6.9.12 FF - user.js: extensions.BabylonToolbar.vrsni - 1.6.9.12 FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.6.9.1218:25:26 FF - user.js: extensions.BabylonToolbar.prtnrId - babylon FF - user.js: extensions.BabylonToolbar.prdct - BabylonToolbar FF - user.js: extensions.BabylonToolbar.aflt - babsst FF - user.js: extensions.BabylonToolbar_i.smplGrp - none FF - user.js: extensions.BabylonToolbar.tlbrId - base FF - user.js: extensions.BabylonToolbar.instlRef - sst FF - user.js: extensions.BabylonToolbar.dfltLng - en FF - user.js: extensions.BabylonToolbar.excTlbr - false FF - user.js: extensions.BabylonToolbar.admin - false FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=112542&tt=120912_pcp_3812_4 FF - user.js: extensions.BabylonToolbar_i.babExt - FF - user.js: extensions.BabylonToolbar_i.srcExt - ss . ============= SERVICES / DRIVERS =============== . R0 fsbts;fsbts;c:\windows\system32\drivers\fsbts.sys [2012-9-22 44240] R0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [2012-9-24 28552] R1 F-Secure HIPS;F-Secure HIPS Driver;c:\program files\telia\telias sakerhetstjanster\hips\drivers\fshs.sys [2012-9-22 70184] R1 FSES;F-Secure Email Scanning Driver;c:\windows\system32\drivers\fses.sys [2012-9-22 37832] R1 FSFW;F-Secure Firewall Driver;c:\windows\system32\drivers\fsdfw.sys [2012-9-22 73160] R1 fsvista;F-Secure Vista Support Driver;c:\program files\telia\telias sakerhetstjanster\anti-virus\minifilter\fsvista.sys [2012-9-22 14504] R2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\common files\adobe\arm\1.0\armsvc.exe [2012-7-27 63960] R2 Application Updater;Application Updater;c:\program files\application updater\ApplicationUpdater.exe [2012-9-19 795072] R2 Browser Manager;Browser Manager;c:\programdata\browser manager\2.2.643.41\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe [2012-9-20 1701400] R2 F-Secure Gatekeeper Handler Starter;FSGKHS;c:\program files\telia\telias sakerhetstjanster\anti-virus\fsgk32st.exe [2012-9-22 221864] R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\nvidia corporation\nvidia update core\daemonu.exe [2012-8-30 1258856] R2 sprtsvc_teliada;SupportSoft Sprocket Service (teliada);c:\program files\telia\supportassistenten\bin\sprtsvc.exe [2012-8-31 206120] R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\nvidia corporation\3d vision\nvSCPAPISvr.exe [2012-8-30 382312] R2 tgsrvc_teliada;SupportSoft Repair Service (teliada);c:\program files\telia\supportassistenten\bin\tgsrvc.exe [2012-8-31 185640] R2 Web Assistant Updater;Web Assistant Updater;c:\program files\web assistant\ExtensionUpdaterService.exe [2012-9-18 185856] R3 F-Secure Gatekeeper;F-Secure Gatekeeper;c:\program files\telia\telias sakerhetstjanster\anti-virus\minifilter\fsgk.sys [2012-9-22 149672] R3 FSORSPClient;F-Secure ORSP Client;c:\program files\telia\telias sakerhetstjanster\orsp client\fsorsp.exe [2012-9-22 61088] R3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2010-1-9 4640000] R3 Tdsshbecr;Handelsbanken card reader;c:\windows\system32\drivers\shbecr.sys [2008-9-23 42368] R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\drivers\yk62x86.sys [2009-9-28 315392] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888] S3 fssfltr;fssfltr;c:\windows\system32\drivers\fssfltr.sys [2012-8-31 49088] S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2012-7-28 1511872] S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\mozilla maintenance service\maintenanceservice.exe [2012-8-31 114144] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-8-30 15872] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2011-6-10 394856] S3 StorSvc;Storage Service;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 20992] S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2012-8-31 52224] S3 WatAdminSvc;Aktiveringsteknologier för Windows-tjänst;c:\windows\system32\wat\WatAdminSvc.exe [2012-8-30 1343400] S3 WMZuneComm;Zune Windows Mobile Connectivity Service;c:\program files\zune\WMZuneComm.exe [2011-8-5 268512] S4 F-Secure Filter;F-Secure File System Filter;c:\program files\telia\telias sakerhetstjanster\anti-virus\win2k\fsfilter.sys [2012-9-22 41896] S4 F-Secure Recognizer;F-Secure File System Recognizer;c:\program files\telia\telias sakerhetstjanster\anti-virus\win2k\fsrec.sys [2012-9-22 27304] . =============== Created Last 30 ================ . 2012-09-24 05:08:03 28552 ----a-w- c:\windows\system32\drivers\pavboot.sys 2012-09-24 05:07:54 -------- d-----w- c:\program files\Panda Security 2012-09-22 12:15:39 22856 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-09-22 12:15:38 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2012-09-22 12:14:35 -------- d-----w- c:\program files\Application Updater 2012-09-22 12:14:34 -------- d-----w- c:\program files\YTD Toolbar 2012-09-22 12:14:34 -------- d-----w- c:\program files\common files\Spigot 2012-09-22 09:49:44 44240 ----a-w- c:\windows\system32\drivers\fsbts.sys 2012-09-22 09:48:57 37832 ----a-w- c:\windows\system32\drivers\fses.sys 2012-09-22 09:48:53 73160 ----a-w- c:\windows\system32\drivers\fsdfw.sys 2012-09-22 09:22:52 2224 ----a-w- c:\windows\system32\ASOROSet.bin 2012-09-22 08:52:12 -------- d-----w- c:\users\tony\appdata\roaming\Systweak 2012-09-22 08:52:09 15544 ----a-w- c:\windows\system32\roboot.exe 2012-09-21 08:12:58 -------- d-----w- c:\users\tony\appdata\roaming\FreeFixer 2012-09-21 08:12:58 -------- d-----w- c:\users\tony\appdata\local\FreeFixer 2012-09-20 16:26:45 -------- d-----w- c:\program files\IZArc 2012-09-20 16:25:35 -------- d-----w- c:\programdata\Browser Manager 2012-09-20 10:03:02 -------- d-----w- c:\users\tony\appdata\local\Adobe 2012-09-20 09:51:55 73136 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-09-20 09:51:55 696240 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-09-19 17:08:40 -------- d-----w- c:\users\tony\appdata\local\Windows Live Writer 2012-09-19 17:01:02 -------- d-----w- c:\users\tony\appdata\local\Diagnostics 2012-09-19 16:29:13 -------- d-----w- c:\users\tony\appdata\local\Macromedia 2012-09-19 16:28:58 -------- d-----w- c:\users\tony\appdata\local\Mozilla 2012-09-19 15:28:22 -------- d-----w- c:\programdata\AVG Secure Search 2012-09-14 06:46:24 -------- d-----w- c:\program files\Microsoft IntelliType Pro 2012-09-14 05:21:04 2557288 ----a-w- c:\windows\system32\nvsvcr.dll 2012-09-14 05:19:12 7626088 ----a-w- c:\windows\system32\nvcuda.dll 2012-09-14 05:19:12 6109032 ----a-w- c:\windows\system32\nvopencl.dll 2012-09-14 05:19:12 2573672 ----a-w- c:\windows\system32\nvcuvid.dll 2012-09-14 05:19:12 19828584 ----a-w- c:\windows\system32\nvoglv32.dll 2012-09-14 05:19:12 1866088 ----a-w- c:\windows\system32\nvcuvenc.dll 2012-09-14 05:19:12 17559912 ----a-w- c:\windows\system32\nvcompiler.dll 2012-09-14 05:19:12 15291752 ----a-w- c:\windows\system32\nvd3dum.dll 2012-09-14 05:19:12 10790760 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys 2012-09-13 13:39:20 -------- d-----w- c:\program files\Realtek 2012-09-13 13:39:16 540672 ----a-w- c:\windows\RtlExUpd.dll 2012-09-13 13:39:15 69715 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\ctor.dll 2012-09-13 13:39:15 5632 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\DotNetInstaller.exe 2012-09-13 13:39:15 32768 ----a-w- c:\program files\common files\installshield\professional\runtime\Objectps.dll 2012-09-13 13:39:15 274432 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\iscript.dll 2012-09-13 13:39:15 204800 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\iuser.dll 2012-09-13 13:39:14 757760 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\iKernel.dll 2012-09-13 13:39:13 331908 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\setup.dll 2012-09-13 13:39:13 200836 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\iGdi.dll 2012-09-13 13:31:45 -------- d--h--w- c:\program files\Temp 2012-09-12 11:30:01 -------- d-----w- c:\users\tony\appdata\roaming\Canneverbe Limited 2012-09-12 09:22:07 -------- d-----w- c:\users\tony\appdata\local\PunkBuster 2012-09-12 09:22:00 -------- d-----w- c:\users\tony\appdata\local\Activision 2012-09-12 09:19:50 22328 ----a-w- c:\users\tony\appdata\roaming\PnkBstrK.sys 2012-09-12 09:19:50 138464 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys 2012-09-12 09:19:24 111928 ----a-w- c:\windows\system32\PnkBstrB.exe 2012-09-12 09:19:23 682280 ----a-w- c:\windows\system32\pbsvc.exe 2012-09-12 09:19:23 66872 ----a-w- c:\windows\system32\PnkBstrA.exe 2012-09-12 09:05:34 -------- d-----w- c:\program files\Activision 2012-09-12 04:59:23 240496 ----a-w- c:\windows\system32\drivers\netio.sys 2012-09-12 04:59:23 187760 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS 2012-09-12 04:59:23 1292144 ----a-w- c:\windows\system32\drivers\tcpip.sys 2012-09-12 04:59:21 712048 ----a-w- c:\windows\system32\drivers\ndis.sys 2012-09-12 04:59:21 33280 ----a-w- c:\windows\system32\drivers\RNDISMP.sys 2012-09-12 04:59:18 490496 ----a-w- c:\windows\system32\d3d10level9.dll 2012-09-07 09:48:15 -------- d-----w- c:\programdata\Nokia 2012-09-07 09:48:15 -------- d-----w- c:\program files\common files\Nokia 2012-09-07 09:47:51 19072 ----a-w- c:\windows\system32\drivers\pccsmcfd.sys 2012-09-07 09:47:44 -------- d-----w- c:\program files\PC Connectivity Solution 2012-09-07 09:47:19 75264 ----a-w- c:\windows\system32\nmwcdcls.dll 2012-09-07 09:46:48 -------- d-----w- c:\programdata\NokiaInstallerCache 2012-09-07 09:46:48 -------- d-----w- c:\program files\Nokia 2012-09-05 11:42:35 -------- d-----w- c:\program files\VAMT 2.0 2012-09-04 17:41:57 -------- d-sh--w- C:\found.000 2012-09-04 14:41:45 -------- d-----w- c:\program files\Microsoft IntelliPoint 2012-09-04 13:30:11 -------- d-----w- c:\programdata\EA Logs 2012-09-04 11:32:04 -------- d-----w- c:\users\tony\appdata\roaming\PeaZip 2012-09-04 11:31:04 -------- d--h--w- c:\programdata\Common Files 2012-09-04 11:30:24 -------- d-----w- c:\programdata\Norton 2012-09-04 11:14:01 626960 ----a-w- c:\windows\system32\temp.003 2012-09-04 11:14:01 16896 ----a-w- c:\windows\system32\temp.005 2012-09-04 11:14:01 164112 ----a-w- c:\windows\system32\temp.004 2012-09-04 11:14:00 3856 ----a-w- c:\windows\system32\temp.001 2012-09-04 11:14:00 143632 ----a-w- c:\windows\system32\temp.000 2012-09-04 11:14:00 1385744 ----a-w- c:\windows\system32\temp.002 2012-09-04 11:13:57 -------- d-----w- c:\program files\allemans 2012-09-04 10:19:20 -------- d-----w- c:\programdata\Premium 2012-09-04 10:18:26 -------- d-----w- c:\programdata\OptimizerPro1 2012-09-04 10:17:55 -------- d-----w- c:\program files\Web Assistant 2012-09-04 10:17:09 -------- d-----w- c:\programdata\InstallMate 2012-09-04 10:14:04 -------- d-----w- c:\users\tony\appdata\roaming\OneTab 2012-09-04 10:01:27 -------- d-----w- c:\users\tony\appdata\roaming\Geek Uninstaller 2012-09-04 07:47:16 -------- d-----w- c:\users\tony\appdata\roaming\NVIDIA 2012-09-04 07:47:11 -------- d-sh--w- c:\programdata\DSS 2012-09-04 05:03:43 514560 ----a-w- c:\windows\system32\qdvd.dll 2012-09-03 18:00:59 746984 ----a-w- c:\windows\system32\deployJava1.dll 2012-09-03 18:00:58 821736 ----a-w- c:\windows\system32\npDeployJava1.dll 2012-09-03 18:00:46 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll 2012-09-03 13:54:33 -------- d-----w- c:\programdata\EA Core 2012-09-03 13:44:24 -------- d-----w- c:\programdata\Solidshield 2012-09-03 11:41:12 -------- d-----w- c:\program files\AMD 2012-09-03 11:33:07 -------- d--h--w- c:\program files\common files\EAInstaller 2012-09-03 10:23:55 -------- d-----w- c:\users\tony\appdata\roaming\Origin 2012-09-03 10:22:25 -------- d-----w- c:\program files\Origin 2012-09-03 10:21:19 -------- d-----w- c:\programdata\Origin 2012-09-03 10:21:18 -------- d-----w- c:\programdata\Electronic Arts 2012-09-03 07:45:52 -------- d-----w- c:\users\tony\appdata\local\SniperV2 2012-09-03 05:25:39 239960 ----a-w- c:\windows\system32\xactengine3_7.dll 2012-09-03 05:25:38 1868128 ----a-w- c:\windows\system32\d3dcsx_43.dll 2012-09-03 05:25:37 470880 ----a-w- c:\windows\system32\d3dx10_43.dll 2012-09-03 05:25:37 1998168 ----a-w- c:\windows\system32\D3DX9_43.dll 2012-09-03 05:25:36 74072 ----a-w- c:\windows\system32\XAPOFX1_4.dll 2012-09-03 05:25:36 528216 ----a-w- c:\windows\system32\XAudio2_6.dll 2012-09-03 05:25:36 238936 ----a-w- c:\windows\system32\xactengine3_6.dll 2012-09-03 05:25:35 22360 ----a-w- c:\windows\system32\X3DAudio1_7.dll 2012-09-02 16:11:56 -------- d-----w- c:\program files\FileHippo.com 2012-09-02 14:45:47 -------- d-----w- c:\program files\MSECache 2012-09-02 14:37:48 -------- d-----w- c:\windows\system32\appmgmt 2012-09-02 08:09:27 -------- d-----w- c:\program files\MSXML 4.0 2012-09-01 13:41:01 515416 ----a-w- c:\windows\system32\XAudio2_5.dll 2012-09-01 13:41:00 238936 ----a-w- c:\windows\system32\xactengine3_5.dll 2012-09-01 13:03:08 -------- d-----w- c:\users\tony\appdata\roaming\Malwarebytes 2012-09-01 13:02:53 -------- d-----w- c:\programdata\Malwarebytes 2012-09-01 08:59:12 -------- d-----w- c:\users\tony\appdata\roaming\HpUpdate 2012-09-01 08:54:42 -------- d-----w- c:\windows\Hewlett-Packard 2012-09-01 08:43:17 -------- d-----w- c:\programdata\WEBREG 2012-09-01 08:41:23 280064 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\hpzppw71.dll 2012-09-01 08:35:54 -------- d-----w- c:\program files\common files\Hewlett-Packard 2012-09-01 08:35:28 -------- d-----w- c:\program files\common files\HP 2012-09-01 08:33:12 -------- d-----w- c:\program files\HP 2012-09-01 08:31:44 675840 ----a-w- c:\windows\system32\hpowiav1.dll 2012-09-01 08:31:44 452408 ----a-w- c:\windows\system32\hpzids01.dll 2012-09-01 08:31:44 303104 ----a-w- c:\windows\system32\hpovst01.dll 2012-09-01 08:31:43 897024 ----a-w- c:\windows\system32\hpotiop1.dll 2012-08-31 15:33:43 -------- d-----w- c:\program files\common files\Steam 2012-08-31 15:33:41 -------- d-----w- c:\program files\Steam 2012-08-31 14:06:31 -------- d-----w- c:\windows\pss 2012-08-31 12:54:11 -------- d-----r- c:\users\tony\Podcasts 2012-08-31 12:52:57 -------- d-----w- c:\windows\system32\drivers\umdf\it-IT 2012-08-31 12:52:54 -------- d-----w- c:\windows\system32\drivers\umdf\de-DE 2012-08-31 12:52:51 -------- d-----w- c:\windows\system32\drivers\umdf\fr-FR 2012-08-31 12:52:48 -------- d-----w- c:\windows\system32\drivers\umdf\es-ES 2012-08-31 12:46:40 -------- d-----w- c:\programdata\YTD Video Downloader 2012-08-31 12:10:00 -------- d-----w- c:\program files\GreenTree Applications 2012-08-31 11:13:08 -------- d-----w- c:\users\tony\appdata\roaming\Babylon 2012-08-31 10:48:27 -------- d-----w- c:\users\tony\appdata\roaming\Auslogics 2012-08-31 10:48:20 -------- d-----w- c:\program files\Auslogics 2012-08-31 10:42:32 -------- d-----w- c:\program files\uTorrent 2012-08-31 10:42:01 -------- d-----w- c:\users\tony\appdata\roaming\uTorrent 2012-08-31 10:03:15 34304 ----a-w- c:\windows\system32\drivers\AmdLLD.sys 2012-08-31 10:02:45 -------- d-----w- c:\users\tony\appdata\local\Downloaded Installations 2012-08-31 09:36:24 -------- d-----w- c:\program files\VideoLAN 2012-08-31 09:28:05 -------- d-----w- c:\program files\CCleaner 2012-08-31 09:23:21 -------- d-----w- c:\programdata\Canneverbe Limited 2012-08-31 09:23:08 7168 ----a-w- c:\windows\system32\drivers\StarOpen.sys 2012-08-31 09:17:17 9008 ----a-w- c:\windows\VER.DL 2012-08-31 09:17:17 7008 ----a-w- c:\windows\system\SETUPKIT.DLL 2012-08-31 09:17:17 398416 ----a-w- c:\windows\system\VBRUN300.DLL 2012-08-31 09:17:17 26897 ----a-w- c:\windows\MOTTSET.EXE 2012-08-31 08:42:38 -------- d-----w- c:\users\tony\appdata\roaming\Windows Live Writer 2012-08-31 08:27:46 -------- d-----w- c:\users\tony\Tracing 2012-08-31 08:21:43 -------- d-----w- c:\windows\sv 2012-08-31 08:21:09 49088 ----a-w- c:\windows\system32\drivers\fssfltr.sys 2012-08-31 08:20:41 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition 2012-08-31 08:17:13 74072 ----a-w- c:\windows\system32\XAPOFX1_5.dll 2012-08-31 08:17:13 527192 ----a-w- c:\windows\system32\XAudio2_7.dll 2012-08-31 08:17:12 248672 ----a-w- c:\windows\system32\d3dx11_43.dll 2012-08-31 08:17:12 2106216 ----a-w- c:\windows\system32\D3DCompiler_43.dll 2012-08-31 08:15:39 453456 ----a-w- c:\windows\system32\d3dx10_42.dll 2012-08-31 08:14:01 3426072 ----a-w- c:\windows\system32\d3dx9_32.dll 2012-08-31 08:13:21 5563840 -c--a-w- c:\program files\common files\windows live\.cache\5ebcecca1cd875005\skydrivesetup.exe 2012-08-31 08:13:21 -------- d-----w- c:\program files\Microsoft SkyDrive 2012-08-31 08:13:21 -------- d-----r- c:\users\tony\SkyDrive 2012-08-31 08:13:00 -------- d-----w- c:\programdata\Microsoft SkyDrive 2012-08-31 08:12:21 89944 -c--a-w- c:\program files\common files\windows live\.cache\54156a9a1cd875003\DSETUP.dll 2012-08-31 08:12:21 537432 -c--a-w- c:\program files\common files\windows live\.cache\54156a9a1cd875003\DXSETUP.exe 2012-08-31 08:12:21 1801048 -c--a-w- c:\program files\common files\windows live\.cache\54156a9a1cd875003\dsetup32.dll 2012-08-31 08:12:12 94040 -c--a-w- c:\program files\common files\windows live\.cache\4c097ada1cd875002\DSETUP.dll 2012-08-31 08:12:12 525656 -c--a-w- c:\program files\common files\windows live\.cache\4c097ada1cd875002\DXSETUP.exe 2012-08-31 08:12:12 1691480 -c--a-w- c:\program files\common files\windows live\.cache\4c097ada1cd875002\dsetup32.dll 2012-08-31 08:11:59 89944 -c--a-w- c:\program files\common files\windows live\.cache\4a172f601cd875001\DSETUP.dll 2012-08-31 08:11:59 537432 -c--a-w- c:\program files\common files\windows live\.cache\4a172f601cd875001\DXSETUP.exe 2012-08-31 08:11:59 1801048 -c--a-w- c:\program files\common files\windows live\.cache\4a172f601cd875001\dsetup32.dll 2012-08-31 08:11:49 -------- d-----w- c:\users\tony\appdata\local\Windows Live 2012-08-31 08:11:43 -------- d-----w- c:\program files\common files\Windows Live 2012-08-31 06:52:27 -------- d-----w- c:\windows\system32\SPReview 2012-08-31 06:51:36 -------- d-----w- c:\windows\system32\EventProviders 2012-08-31 06:17:09 1130824 ----a-w- c:\windows\system32\dfshim.dll 2012-08-31 06:17:04 53760 ----a-w- c:\windows\system32\LSCSHostPolicy.dll 2012-08-31 06:17:04 52224 ----a-w- c:\windows\system32\drivers\TsUsbFlt.sys 2012-08-31 06:17:04 3215872 ----a-w- c:\windows\system32\mstscax.dll 2012-08-31 06:17:04 11776 ----a-w- c:\windows\system32\TsUsbRedirectionGroupPolicyExtension.dll 2012-08-31 06:17:01 1171456 ----a-w- c:\windows\system32\d3d10warp.dll 2012-08-31 06:17:00 954752 ----a-w- c:\windows\system32\mfc40.dll 2012-08-31 06:17:00 954288 ----a-w- c:\windows\system32\mfc40u.dll 2012-08-31 06:17:00 80896 ----a-w- c:\windows\system32\RDVGHelper.exe 2012-08-31 06:17:00 120320 ----a-w- c:\windows\system32\tssrvlic.dll 2012-08-31 06:15:59 78208 ----a-w- c:\windows\system32\drivers\mountmgr.sys 2012-08-31 06:14:57 606208 ----a-w- c:\windows\system32\wbem\fastprox.dll 2012-08-31 06:14:57 363008 ----a-w- c:\windows\system32\wbemcomn.dll 2012-08-31 06:14:57 189952 ----a-w- c:\program files\windows portable devices\sqmapi.dll 2012-08-31 06:14:52 189952 ----a-w- c:\windows\system32\sqmapi.dll 2012-08-31 05:52:27 7022536 ----a-w- c:\programdata\microsoft\windows defender\definition updates\backup\mpengine.dll 2012-08-31 05:42:52 -------- d-----w- c:\users\tony\appdata\local\SupportSoft 2012-08-31 05:42:29 -------- d-----w- c:\program files\common files\SupportSoft 2012-08-31 05:27:57 -------- d-----w- c:\windows\PCHEALTH 2012-08-31 05:26:33 -------- d-----w- c:\program files\Microsoft Analysis Services 2012-08-31 05:25:40 -------- d-----w- c:\users\tony\appdata\local\Microsoft Help 2012-08-31 04:59:00 -------- d-----w- c:\program files\Classic Shell 2012-08-31 04:56:35 -------- d-----w- c:\users\tony\appdata\local\VS Revo Group 2012-08-31 04:56:23 -------- d-----w- c:\program files\VS Revo Group 2012-08-31 04:53:55 -------- d-----w- c:\program files\Lantmäteriet 2012-08-30 19:17:05 805376 ----a-w- c:\windows\system32\FntCache.dll 2012-08-30 19:17:04 739840 ----a-w- c:\windows\system32\d2d1.dll 2012-08-30 18:57:24 -------- d-----w- c:\windows\system32\Wat 2012-08-30 17:58:00 5120 ----a-w- c:\windows\system32\wmi.dll 2012-08-30 17:58:00 19824 ----a-w- c:\windows\system32\drivers\fs_rec.sys 2012-08-30 17:57:59 172544 ----a-w- c:\windows\system32\wintrust.dll 2012-08-30 17:57:59 159232 ----a-w- c:\windows\system32\imagehlp.dll 2012-08-30 17:54:59 293376 ----a-w- c:\windows\system32\browserchoice.exe 2012-08-30 17:47:45 1164288 ----a-w- c:\windows\system32\mfc42u.dll 2012-08-30 17:47:45 1137664 ----a-w- c:\windows\system32\mfc42.dll 2012-08-30 17:47:36 140288 ----a-w- c:\windows\system32\cryptsvc.dll 2012-08-30 17:47:36 1158656 ----a-w- c:\windows\system32\crypt32.dll 2012-08-30 17:47:35 103936 ----a-w- c:\windows\system32\cryptnet.dll 2012-08-30 17:47:25 31232 ----a-w- c:\windows\system32\prevhost.exe 2012-08-30 17:45:33 492032 ----a-w- c:\windows\system32\win32spl.dll 2012-08-30 17:45:33 317440 ----a-w- c:\windows\system32\spoolsv.exe 2012-08-30 17:45:05 3968368 ----a-w- c:\windows\system32\ntkrnlpa.exe 2012-08-30 17:45:04 3913072 ----a-w- c:\windows\system32\ntoskrnl.exe 2012-08-30 17:43:51 1077248 ----a-w- c:\windows\system32\DWrite.dll 2012-08-30 17:42:59 338944 ----a-w- c:\windows\system32\drivers\afd.sys 2012-08-30 17:40:56 70656 ----a-w- c:\windows\system32\fontsub.dll 2012-08-30 17:39:51 690688 ----a-w- c:\windows\system32\msvcrt.dll 2012-08-30 17:39:49 2342400 ----a-w- c:\windows\system32\msi.dll 2012-08-30 17:39:46 8192 ----a-w- c:\windows\system32\rdrmemptylst.exe 2012-08-30 17:39:45 58880 ----a-w- c:\windows\system32\rdpwsx.dll 2012-08-30 17:39:45 129536 ----a-w- c:\windows\system32\rdpcorekmts.dll 2012-08-30 17:39:43 288256 ----a-w- c:\windows\system32\XpsGdiConverter.dll 2012-08-30 17:39:39 56176 ----a-w- c:\windows\system32\drivers\partmgr.sys 2012-08-30 17:39:33 69632 ----a-w- c:\windows\system32\drivers\bowser.sys 2012-08-30 17:24:13 728448 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys 2012-08-30 17:24:12 219008 ----a-w- c:\windows\system32\drivers\dxgmms1.sys 2012-08-30 17:24:12 107520 ----a-w- c:\windows\system32\cdd.dll 2012-08-30 17:09:54 -------- d-----w- c:\users\tony\appdata\roaming\Personal 2012-08-30 17:09:52 -------- d-----w- c:\program files\Personal 2012-08-30 17:08:52 -------- d-----w- c:\program files\Handelsbanken kortläsare 2012-08-30 16:39:47 645992 ----a-w- c:\windows\system32\nvvsvc.exe 2012-08-30 16:39:47 62312 ----a-w- c:\windows\system32\nvshext.dll 2012-08-30 16:39:47 3963240 ----a-w- c:\windows\system32\nvcpl.dll 2012-08-30 16:39:47 2836840 ----a-w- c:\windows\system32\nvsvc.dll 2012-08-30 16:39:47 108392 ----a-w- c:\windows\system32\nvmctray.dll 2012-08-30 16:39:13 52584 ----a-w- c:\windows\system32\OpenCL.dll 2012-08-30 16:38:59 -------- d-----w- c:\programdata\NVIDIA Corporation 2012-08-30 16:37:34 888168 ----a-w- c:\windows\system32\nvdispgenco32.dll 2012-08-30 16:37:34 2422120 ----a-w- c:\windows\system32\nvapi.dll 2012-08-30 16:37:34 1009512 ----a-w- c:\windows\system32\nvdispco32.dll 2012-08-30 16:37:12 -------- d-----w- c:\program files\NVIDIA Corporation 2012-08-30 16:33:13 485920 ----a-w- c:\windows\system32\nvusmb.exe 2012-08-30 16:32:30 485920 ----a-w- c:\windows\system32\NVUNINST.EXE 2012-08-30 16:30:55 -------- d-----w- c:\windows\Panther 2012-08-30 16:10:45 574632 ----a-w- c:\windows\system32\msvcp50.dll 2012-08-30 16:09:24 -------- d-----w- c:\program files\Telia 2012-08-30 16:09:07 -------- d-sh--w- c:\windows\Installer 2012-08-30 16:08:16 -------- d-----w- c:\programdata\fssg 2012-08-30 16:06:54 -------- d-----w- c:\programdata\f-secure 2012-08-30 16:06:31 826880 ----a-w- c:\windows\system32\rdpcore.dll 2012-08-30 16:06:31 15872 ----a-w- c:\windows\system32\drivers\rdpvideominiport.sys 2012-08-30 16:06:31 134656 ----a-w- c:\windows\system32\rdpudd.dll 2012-08-30 16:06:30 24576 ----a-w- c:\windows\system32\drivers\tdtcp.sys 2012-08-30 16:06:30 18432 ----a-w- c:\windows\system32\drivers\tdpipe.sys 2012-08-30 16:05:20 -------- d-----w- c:\windows\system32\wbem\Performance 2012-08-30 16:04:51 -------- d-----w- c:\users\tony\appdata\local\ElevatedDiagnostics 2012-08-30 16:02:34 2422272 ----a-w- c:\windows\system32\wucltux.dll 2012-08-30 16:01:50 88576 ----a-w- c:\windows\system32\wudriver.dll 2012-08-30 16:01:36 33792 ----a-w- c:\windows\system32\wuapp.exe 2012-08-30 16:01:36 171904 ----a-w- c:\windows\system32\wuwebv.dll 2012-08-30 16:01:01 -------- d-----w- c:\users\tony\appdata\local\VirtualStore 2012-08-30 15:49:18 237072 ------w- c:\windows\system32\MpSigStub.exe 2012-08-30 08:40:14 429416 ----a-w- c:\windows\system32\nvStreaming.exe 2012-08-28 15:18:57 -------- d-----w- C:\a8b589ca09b91f6153 . ==================== Find3M ==================== . 2012-08-31 07:13:07 152576 ----a-w- c:\windows\system32\msclmd.dll 2012-08-30 19:13:00 12465512 ----a-w- c:\windows\system32\nvwgf2um.dll 2012-08-24 06:59:17 1800704 ----a-w- c:\windows\system32\jscript9.dll 2012-08-24 06:51:27 1129472 ----a-w- c:\windows\system32\wininet.dll 2012-08-24 06:51:02 1427968 ----a-w- c:\windows\system32\inetcpl.cpl 2012-08-24 06:47:26 142848 ----a-w- c:\windows\system32\ieUnatt.exe 2012-08-24 06:47:12 420864 ----a-w- c:\windows\system32\vbscript.dll 2012-08-24 06:43:58 2382848 ----a-w- c:\windows\system32\mshtml.tlb 2012-07-28 01:09:02 57792 ----a-w- c:\windows\system32\sirenacm.dll 2012-07-28 00:54:00 321472 ----a-w- c:\windows\WLXPGSS.SCR 2012-07-26 17:08:06 862664 ----a-w- c:\windows\system32\msvcr110.dll 2012-07-26 17:08:06 534480 ----a-w- c:\windows\system32\msvcp110.dll 2012-07-26 17:08:06 251864 ----a-w- c:\windows\system32\vccorlib110.dll 2012-07-26 17:08:06 153536 ----a-w- c:\windows\system32\atl110.dll 2012-07-26 17:08:06 115656 ----a-w- c:\windows\system32\vcomp110.dll 2012-07-18 17:47:53 2345984 ----a-w- c:\windows\system32\win32k.sys 2012-07-17 12:49:00 209648 ----a-w- c:\windows\system32\LIVESSP.DLL 2012-07-04 21:14:34 41984 ----a-w- c:\windows\system32\browcli.dll 2012-07-04 21:14:34 102912 ----a-w- c:\windows\system32\browser.dll . ============= FINISH: 7:14:57,94 =============== Quote Link to comment Share on other sites More sharing options...
Cecilia Posted September 25, 2012 Share Posted September 25, 2012 Kan du klistra in Attach.txt som DDS-programmet skapade? Quote Link to comment Share on other sites More sharing options...
OlleBull Posted September 25, 2012 Share Posted September 25, 2012 Vilken soppa, ursäkta min kommentar! Quote Link to comment Share on other sites More sharing options...
Manneman Posted September 25, 2012 Share Posted September 25, 2012 Vilken soppa, ursäkta min kommentar! Motivera det gärna... kanske är bättre hjälp för trådskaparen? Quote Link to comment Share on other sites More sharing options...
Tony Posted September 25, 2012 Author Share Posted September 25, 2012 Här kommer den, tror jag. Tony DDS.txt Quote Link to comment Share on other sites More sharing options...
Tony Posted September 25, 2012 Author Share Posted September 25, 2012 Eller den här?. Tony DDS.txt Quote Link to comment Share on other sites More sharing options...
Tony Posted September 25, 2012 Author Share Posted September 25, 2012 Vet inte riktigt vad ni menar, men tog en kopia på alltihop och klistrade in här. Hoppas det hjälper. Tony. DDS (Ver_2011-08-26.01) - NTFSx86 Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.7.2 Run by Tony at 14:50:23 on 2012-09-25 Microsoft Windows 7 Enterprise 6.1.7601.1.1252.46.1053.18.3071.2278 [GMT 2:00] . AV: Telia Säker surf 9.15 *Enabled/Updated* {15414183-282E-D62C-CA37-EF24860A2F17} SP: Telia Säker surf 9.15 *Enabled/Updated* {AE20A067-0E14-D9A2-F087-D456FD8D65AA} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: Telia Säker surf 9.15 *Enabled* {2D7AC0A6-6241-D774-E168-461178D9686C} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Windows\system32\svchost.exe -k apphost C:\Program Files\Application Updater\ApplicationUpdater.exe C:\Windows\Explorer.EXE C:\ProgramData\Browser Manager\2.2.643.41\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe C:\Program Files\Telia\Telias sakerhetstjanster\Anti-Virus\fsgk32st.exe C:\Windows\system32\schtasks.exe C:\Windows\system32\conhost.exe C:\ProgramData\Browser Manager\2.2.643.41\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe C:\Program Files\Telia\Telias sakerhetstjanster\Anti-Virus\FSGK32.EXE C:\Program Files\Telia\Telias sakerhetstjanster\Common\FSMA32.EXE C:\Windows\system32\svchost.exe -k hpdevmgmt C:\Windows\system32\PnkBstrA.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Program Files\Telia\Supportassistenten\bin\sprtsvc.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\Telia\Supportassistenten\bin\tgsrvc.exe C:\Program Files\Telia\Telias sakerhetstjanster\Common\FSHDLL32.EXE C:\Program Files\Web Assistant\ExtensionUpdaterService.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Windows\system32\svchost.exe -k HPService C:\Program Files\Telia\Telias sakerhetstjanster\Anti-Virus\fssm32.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Program Files\Telia\Telias sakerhetstjanster\FWES\Program\fsdfwd.exe C:\Program Files\Telia\Telias sakerhetstjanster\ORSP Client\fsorsp.exe C:\Windows\SOUNDMAN.EXE C:\Program Files\Classic Shell\ClassicStartMenu.exe C:\Program Files\Microsoft IntelliPoint\ipoint.exe C:\Program Files\Microsoft IntelliType Pro\itype.exe C:\Program Files\Telia\Telias sakerhetstjanster\Common\FSM32.EXE C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Personal\bin\Personal.exe C:\Program Files\NVIDIA Corporation\Display\nvtray.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\Telia\Telias sakerhetstjanster\Anti-Virus\fsav32.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\DllHost.exe C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\conhost.exe C:\Windows\system32\wbem\wmiprvse.exe . ============== Pseudo HJT Report =============== . uURLSearchHooks: YTD Toolbar: {f3fee66e-e034-436a-86e4-9690573bee8a} - c:\program files\ytd toolbar\ie\6.3\ytdToolbarIE.dll BHO: {2EECD738-5844-4a99-B4B6-146BF802613B} - No File BHO: ExplorerBHO Class: {449d0d6e-2412-4e61-b68f-1cb625cd9e52} - c:\program files\classic shell\ClassicExplorer32.dll BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:\progra~1\micros~1\office14\URLREDIR.DLL BHO: Browsing Protection Class: {c6867eb7-8350-4856-877f-93cf8ae3dc9c} - c:\program files\telia\telias sakerhetstjanster\nrs\iescript\baselitmus.dll TB: {D0F4A166-B8D4-48b8-9D63-80849FE137CB} - No File TB: Browsing Protection Toolbar: {265eee8e-3228-44d3-aea5-f7fdf5860049} - c:\program files\telia\telias sakerhetstjanster\nrs\iescript\baselitmus.dll EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll uRun: [sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun uRun: [<NO NAME>] mRun: [soundMan] SOUNDMAN.EXE mRun: [Classic Start Menu] c:\program files\classic shell\ClassicStartMenu.exe mRun: [amd_dc_opt] c:\program files\amd\dual-core optimizer\amd_dc_opt.exe mRun: [intelliPoint] "c:\program files\microsoft intellipoint\ipoint.exe" mRun: [itype] "c:\program files\microsoft intellitype pro\itype.exe" mRun: [F-Secure Manager] "c:\program files\telia\telias sakerhetstjanster\common\FSM32.EXE" /splash mRun: [F-Secure TNB] "c:\program files\telia\telias sakerhetstjanster\fsgui\TNBUtil.exe" /CHECKALL /WAITFORSW mRun: [<NO NAME>] mRun: [Telia] "c:\program files\telia\supportassistenten\bin\sprtcmd.exe" /P TeliaDA StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\bankid~1.lnk - c:\program files\personal\bin\Personal.exe mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) mPolicies-system: PromptOnSecureDesktop = 0 (0x0) IE: E&xportera till Microsoft Excel - c:\progra~1\micros~1\office14\EXCEL.EXE/3000 IE: {56753E59-AF1D-4FBA-9E15-31557124ADA2} - c:\program files\classic shell\ClassicIE9_32.exe IE: {64964764-1101-4bbd-8891-B56B1A53B9B3} - {553891B7-A0D5-4526-BE18-D3CE461D6310} - c:\program files\classic shell\ClassicExplorer32.dll LSP: c:\program files\telia\telias sakerhetstjanster\fsps\program\FSLSP.DLL DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} - hxxp://acs.pandasoftware.com/activescan/cabs/as2stubie.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab TCP: DhcpNameServer = 192.168.1.1 TCP: Interfaces\{360EF9FC-06DF-4D92-90E2-195AF4DCA062} : DhcpNameServer = 192.168.1.1 Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll AppInit_DLLs: c:\progra~2\browse~1\22643~1.41\{16cdf~1\browse~1.dll . ================= FIREFOX =================== . FF - ProfilePath - c:\users\tony\appdata\roaming\mozilla\firefox\profiles\wnu33429.default\ FF - prefs.js: browser.startup.homepage - hxxp://search.babylon.com/?affID=112542&tt=120912_pcp_3812_4&babsrc=HP_ss&mntrId=4cf9d8c3000000000000001a921dba8e FF - prefs.js: browser.search.selectedEngine - Yahoo FF - prefs.js: keyword.URL - hxxp://se.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=937811&p= FF - prefs.js: network.proxy.type - 4 FF - plugin: c:\progra~1\micros~1\office14\NPAUTHZ.DLL FF - plugin: c:\progra~1\micros~1\office14\NPSPWRAP.DLL FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll FF - plugin: c:\program files\common files\avg secure search\sitesafetyinstaller\12.2.6\npsitesafety.dll FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll FF - plugin: c:\program files\microsoft silverlight\5.1.10411.0\npctrlui.dll FF - plugin: c:\program files\nokia\nokia suite\npNokiaSuiteEnabler.dll FF - plugin: c:\program files\nvidia corporation\3d vision\npnv3dv.dll FF - plugin: c:\program files\nvidia corporation\3d vision\npnv3dvstreaming.dll FF - plugin: c:\program files\personal\bin\np_prsnl.dll FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll FF - plugin: c:\windows\system32\adobe\director\np32dsw_1166636.dll FF - plugin: c:\windows\system32\adobe\director\np32dsw_1167637.dll FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_4_402_278.dll FF - plugin: c:\windows\system32\npDeployJava1.dll FF - plugin: c:\windows\system32\npmproxy.dll . ---- FIREFOX POLICIES ---- FF - user.js: extensions.incredibar_i.newTab - false FF - user.js: extensions.incredibar_i.tlbrSrchUrl - hxxp://mystart.Incredibar.com/?a=6PQIC5zomA&loc=IB_TB&i=26&search= FF - user.js: extensions.incredibar_i.id - 4cf9d8c3000000000000001a921dba8e FF - user.js: extensions.incredibar_i.instlDay - 15587 FF - user.js: extensions.incredibar_i.vrsn - 1.5.11.14 FF - user.js: extensions.incredibar_i.vrsni - 1.5.11.14 FF - user.js: extensions.incredibar_i.vrsnTs - 1.5.11.1412:18:05 FF - user.js: extensions.incredibar_i.prtnrId - Incredibar FF - user.js: extensions.incredibar_i.prdct - incredibar FF - user.js: extensions.incredibar_i.aflt - orgnl FF - user.js: extensions.incredibar_i.smplGrp - none FF - user.js: extensions.incredibar_i.tlbrId - base FF - user.js: extensions.incredibar_i.instlRef - FF - user.js: extensions.incredibar_i.dfltLng - FF - user.js: extensions.incredibar_i.excTlbr - false FF - user.js: extensions.incredibar_i.ms_url_id - FF - user.js: extensions.incredibar_i.upn2 - 6PQIC5zomA FF - user.js: extensions.incredibar_i.upn2n - 92543522727663952 FF - user.js: extensions.incredibar_i.productid - 26 FF - user.js: extensions.incredibar_i.installerproductid - 26 FF - user.js: extensions.incredibar_i.did - 10650 FF - user.js: extensions.incredibar_i.ppd - 201%5F6 FF - user.js: extensions.BabylonToolbar.autoRvrt - false FF - user.js: extensions.BabylonToolbar_i.newTab - false FF - user.js: extensions.BabylonToolbar.tlbrSrchUrl - hxxp://search.babylon.com/?babsrc=TB_def&mntrId=4cf9d8c3000000000000001a921dba8e&q= FF - user.js: extensions.BabylonToolbar.id - 4cf9d8c3000000000000001a921dba8e FF - user.js: extensions.BabylonToolbar.appId - {BDB69379-802F-4eaf-B541-F8DE92DD98DB} FF - user.js: extensions.BabylonToolbar.instlDay - 15603 FF - user.js: extensions.BabylonToolbar.vrsn - 1.6.9.12 FF - user.js: extensions.BabylonToolbar.vrsni - 1.6.9.12 FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.6.9.1218:25:26 FF - user.js: extensions.BabylonToolbar.prtnrId - babylon FF - user.js: extensions.BabylonToolbar.prdct - BabylonToolbar FF - user.js: extensions.BabylonToolbar.aflt - babsst FF - user.js: extensions.BabylonToolbar_i.smplGrp - none FF - user.js: extensions.BabylonToolbar.tlbrId - base FF - user.js: extensions.BabylonToolbar.instlRef - sst FF - user.js: extensions.BabylonToolbar.dfltLng - en FF - user.js: extensions.BabylonToolbar.excTlbr - false FF - user.js: extensions.BabylonToolbar.admin - false FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=112542&tt=120912_pcp_3812_4 FF - user.js: extensions.BabylonToolbar_i.babExt - FF - user.js: extensions.BabylonToolbar_i.srcExt - ss . ============= SERVICES / DRIVERS =============== . R0 fsbts;fsbts;c:\windows\system32\drivers\fsbts.sys [2012-9-22 44240] R0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [2012-9-24 28552] R1 F-Secure HIPS;F-Secure HIPS Driver;c:\program files\telia\telias sakerhetstjanster\hips\drivers\fshs.sys [2012-9-22 70184] R1 FSES;F-Secure Email Scanning Driver;c:\windows\system32\drivers\fses.sys [2012-9-22 37832] R1 FSFW;F-Secure Firewall Driver;c:\windows\system32\drivers\fsdfw.sys [2012-9-22 73160] R1 fsvista;F-Secure Vista Support Driver;c:\program files\telia\telias sakerhetstjanster\anti-virus\minifilter\fsvista.sys [2012-9-22 14504] R2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\common files\adobe\arm\1.0\armsvc.exe [2012-7-27 63960] R2 Application Updater;Application Updater;c:\program files\application updater\ApplicationUpdater.exe [2012-9-19 795072] R2 Browser Manager;Browser Manager;c:\programdata\browser manager\2.2.643.41\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe [2012-9-20 1701400] R2 F-Secure Gatekeeper Handler Starter;FSGKHS;c:\program files\telia\telias sakerhetstjanster\anti-virus\fsgk32st.exe [2012-9-22 221864] R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\nvidia corporation\nvidia update core\daemonu.exe [2012-8-30 1258856] R2 sprtsvc_teliada;SupportSoft Sprocket Service (teliada);c:\program files\telia\supportassistenten\bin\sprtsvc.exe [2012-8-31 206120] R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\nvidia corporation\3d vision\nvSCPAPISvr.exe [2012-8-30 382312] R2 tgsrvc_teliada;SupportSoft Repair Service (teliada);c:\program files\telia\supportassistenten\bin\tgsrvc.exe [2012-8-31 185640] R2 Web Assistant Updater;Web Assistant Updater;c:\program files\web assistant\ExtensionUpdaterService.exe [2012-9-18 185856] R3 F-Secure Gatekeeper;F-Secure Gatekeeper;c:\program files\telia\telias sakerhetstjanster\anti-virus\minifilter\fsgk.sys [2012-9-22 149672] R3 FSORSPClient;F-Secure ORSP Client;c:\program files\telia\telias sakerhetstjanster\orsp client\fsorsp.exe [2012-9-22 61088] R3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2010-1-9 4640000] R3 Tdsshbecr;Handelsbanken card reader;c:\windows\system32\drivers\shbecr.sys [2008-9-23 42368] R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\drivers\yk62x86.sys [2009-9-28 315392] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888] S3 fssfltr;fssfltr;c:\windows\system32\drivers\fssfltr.sys [2012-8-31 49088] S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2012-7-28 1511872] S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\mozilla maintenance service\maintenanceservice.exe [2012-8-31 114144] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-8-30 15872] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2011-6-10 394856] S3 StorSvc;Storage Service;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 20992] S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2012-8-31 52224] S3 WatAdminSvc;Aktiveringsteknologier för Windows-tjänst;c:\windows\system32\wat\WatAdminSvc.exe [2012-8-30 1343400] S3 WMZuneComm;Zune Windows Mobile Connectivity Service;c:\program files\zune\WMZuneComm.exe [2011-8-5 268512] S4 F-Secure Filter;F-Secure File System Filter;c:\program files\telia\telias sakerhetstjanster\anti-virus\win2k\fsfilter.sys [2012-9-22 41896] S4 F-Secure Recognizer;F-Secure File System Recognizer;c:\program files\telia\telias sakerhetstjanster\anti-virus\win2k\fsrec.sys [2012-9-22 27304] . =============== Created Last 30 ================ . 2012-09-25 08:34:29 -------- d-----w- c:\users\tony\appdata\local\Apps 2012-09-25 07:26:09 -------- d-----w- c:\users\tony\appdata\local\CrashDumps 2012-09-24 05:08:03 28552 ----a-w- c:\windows\system32\drivers\pavboot.sys 2012-09-22 12:15:39 22856 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-09-22 12:15:38 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2012-09-22 12:14:35 -------- d-----w- c:\program files\Application Updater 2012-09-22 12:14:34 -------- d-----w- c:\program files\YTD Toolbar 2012-09-22 12:14:34 -------- d-----w- c:\program files\common files\Spigot 2012-09-22 09:49:44 44240 ----a-w- c:\windows\system32\drivers\fsbts.sys 2012-09-22 09:48:57 37832 ----a-w- c:\windows\system32\drivers\fses.sys 2012-09-22 09:48:53 73160 ----a-w- c:\windows\system32\drivers\fsdfw.sys 2012-09-22 09:22:52 2224 ----a-w- c:\windows\system32\ASOROSet.bin 2012-09-22 08:52:12 -------- d-----w- c:\users\tony\appdata\roaming\Systweak 2012-09-22 08:52:09 15544 ----a-w- c:\windows\system32\roboot.exe 2012-09-21 08:12:58 -------- d-----w- c:\users\tony\appdata\roaming\FreeFixer 2012-09-21 08:12:58 -------- d-----w- c:\users\tony\appdata\local\FreeFixer 2012-09-20 16:26:45 -------- d-----w- c:\program files\IZArc 2012-09-20 16:25:35 -------- d-----w- c:\programdata\Browser Manager 2012-09-20 10:03:02 -------- d-----w- c:\users\tony\appdata\local\Adobe 2012-09-20 09:51:55 73136 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-09-20 09:51:55 696240 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-09-19 17:08:40 -------- d-----w- c:\users\tony\appdata\local\Windows Live Writer 2012-09-19 17:01:02 -------- d-----w- c:\users\tony\appdata\local\Diagnostics 2012-09-19 16:29:13 -------- d-----w- c:\users\tony\appdata\local\Macromedia 2012-09-19 16:28:58 -------- d-----w- c:\users\tony\appdata\local\Mozilla 2012-09-19 15:28:22 -------- d-----w- c:\programdata\AVG Secure Search 2012-09-14 06:46:24 -------- d-----w- c:\program files\Microsoft IntelliType Pro 2012-09-14 05:21:04 2557288 ----a-w- c:\windows\system32\nvsvcr.dll 2012-09-14 05:19:12 7626088 ----a-w- c:\windows\system32\nvcuda.dll 2012-09-14 05:19:12 6109032 ----a-w- c:\windows\system32\nvopencl.dll 2012-09-14 05:19:12 2573672 ----a-w- c:\windows\system32\nvcuvid.dll 2012-09-14 05:19:12 19828584 ----a-w- c:\windows\system32\nvoglv32.dll 2012-09-14 05:19:12 1866088 ----a-w- c:\windows\system32\nvcuvenc.dll 2012-09-14 05:19:12 17559912 ----a-w- c:\windows\system32\nvcompiler.dll 2012-09-14 05:19:12 15291752 ----a-w- c:\windows\system32\nvd3dum.dll 2012-09-14 05:19:12 10790760 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys 2012-09-13 13:39:20 -------- d-----w- c:\program files\Realtek 2012-09-13 13:39:16 540672 ----a-w- c:\windows\RtlExUpd.dll 2012-09-13 13:39:15 69715 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\ctor.dll 2012-09-13 13:39:15 5632 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\DotNetInstaller.exe 2012-09-13 13:39:15 32768 ----a-w- c:\program files\common files\installshield\professional\runtime\Objectps.dll 2012-09-13 13:39:15 274432 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\iscript.dll 2012-09-13 13:39:15 204800 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\iuser.dll 2012-09-13 13:39:14 757760 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\iKernel.dll 2012-09-13 13:39:13 331908 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\setup.dll 2012-09-13 13:39:13 200836 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\iGdi.dll 2012-09-13 13:31:45 -------- d--h--w- c:\program files\Temp 2012-09-12 11:30:01 -------- d-----w- c:\users\tony\appdata\roaming\Canneverbe Limited 2012-09-12 09:22:07 -------- d-----w- c:\users\tony\appdata\local\PunkBuster 2012-09-12 09:22:00 -------- d-----w- c:\users\tony\appdata\local\Activision 2012-09-12 09:19:50 22328 ----a-w- c:\users\tony\appdata\roaming\PnkBstrK.sys 2012-09-12 09:19:50 138464 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys 2012-09-12 09:19:24 111928 ----a-w- c:\windows\system32\PnkBstrB.exe 2012-09-12 09:19:23 682280 ----a-w- c:\windows\system32\pbsvc.exe 2012-09-12 09:19:23 66872 ----a-w- c:\windows\system32\PnkBstrA.exe 2012-09-12 09:05:34 -------- d-----w- c:\program files\Activision 2012-09-12 04:59:23 240496 ----a-w- c:\windows\system32\drivers\netio.sys 2012-09-12 04:59:23 187760 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS 2012-09-12 04:59:23 1292144 ----a-w- c:\windows\system32\drivers\tcpip.sys 2012-09-12 04:59:21 712048 ----a-w- c:\windows\system32\drivers\ndis.sys 2012-09-12 04:59:21 33280 ----a-w- c:\windows\system32\drivers\RNDISMP.sys 2012-09-12 04:59:18 490496 ----a-w- c:\windows\system32\d3d10level9.dll 2012-09-07 09:48:15 -------- d-----w- c:\programdata\Nokia 2012-09-07 09:48:15 -------- d-----w- c:\program files\common files\Nokia 2012-09-07 09:47:51 19072 ----a-w- c:\windows\system32\drivers\pccsmcfd.sys 2012-09-07 09:47:44 -------- d-----w- c:\program files\PC Connectivity Solution 2012-09-07 09:47:19 75264 ----a-w- c:\windows\system32\nmwcdcls.dll 2012-09-07 09:46:48 -------- d-----w- c:\programdata\NokiaInstallerCache 2012-09-07 09:46:48 -------- d-----w- c:\program files\Nokia 2012-09-05 11:42:35 -------- d-----w- c:\program files\VAMT 2.0 2012-09-04 17:41:57 -------- d-sh--w- C:\found.000 2012-09-04 14:41:45 -------- d-----w- c:\program files\Microsoft IntelliPoint 2012-09-04 13:30:11 -------- d-----w- c:\programdata\EA Logs 2012-09-04 11:32:04 -------- d-----w- c:\users\tony\appdata\roaming\PeaZip 2012-09-04 11:31:04 -------- d--h--w- c:\programdata\Common Files 2012-09-04 11:30:24 -------- d-----w- c:\programdata\Norton 2012-09-04 11:14:01 626960 ----a-w- c:\windows\system32\temp.003 2012-09-04 11:14:01 16896 ----a-w- c:\windows\system32\temp.005 2012-09-04 11:14:01 164112 ----a-w- c:\windows\system32\temp.004 2012-09-04 11:14:00 3856 ----a-w- c:\windows\system32\temp.001 2012-09-04 11:14:00 143632 ----a-w- c:\windows\system32\temp.000 2012-09-04 11:14:00 1385744 ----a-w- c:\windows\system32\temp.002 2012-09-04 11:13:57 -------- d-----w- c:\program files\allemans 2012-09-04 10:19:20 -------- d-----w- c:\programdata\Premium 2012-09-04 10:18:26 -------- d-----w- c:\programdata\OptimizerPro1 2012-09-04 10:17:55 -------- d-----w- c:\program files\Web Assistant 2012-09-04 10:17:09 -------- d-----w- c:\programdata\InstallMate 2012-09-04 10:14:04 -------- d-----w- c:\users\tony\appdata\roaming\OneTab 2012-09-04 10:01:27 -------- d-----w- c:\users\tony\appdata\roaming\Geek Uninstaller 2012-09-04 07:47:16 -------- d-----w- c:\users\tony\appdata\roaming\NVIDIA 2012-09-04 07:47:11 -------- d-sh--w- c:\programdata\DSS 2012-09-04 05:03:43 514560 ----a-w- c:\windows\system32\qdvd.dll 2012-09-03 18:00:59 746984 ----a-w- c:\windows\system32\deployJava1.dll 2012-09-03 18:00:58 821736 ----a-w- c:\windows\system32\npDeployJava1.dll 2012-09-03 18:00:46 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll 2012-09-03 13:54:33 -------- d-----w- c:\programdata\EA Core 2012-09-03 13:44:24 -------- d-----w- c:\programdata\Solidshield 2012-09-03 11:41:12 -------- d-----w- c:\program files\AMD 2012-09-03 11:33:07 -------- d--h--w- c:\program files\common files\EAInstaller 2012-09-03 10:23:55 -------- d-----w- c:\users\tony\appdata\roaming\Origin 2012-09-03 10:22:25 -------- d-----w- c:\program files\Origin 2012-09-03 10:21:19 -------- d-----w- c:\programdata\Origin 2012-09-03 10:21:18 -------- d-----w- c:\programdata\Electronic Arts 2012-09-03 07:45:52 -------- d-----w- c:\users\tony\appdata\local\SniperV2 2012-09-03 05:25:39 239960 ----a-w- c:\windows\system32\xactengine3_7.dll 2012-09-03 05:25:38 1868128 ----a-w- c:\windows\system32\d3dcsx_43.dll 2012-09-03 05:25:37 470880 ----a-w- c:\windows\system32\d3dx10_43.dll 2012-09-03 05:25:37 1998168 ----a-w- c:\windows\system32\D3DX9_43.dll 2012-09-03 05:25:36 74072 ----a-w- c:\windows\system32\XAPOFX1_4.dll 2012-09-03 05:25:36 528216 ----a-w- c:\windows\system32\XAudio2_6.dll 2012-09-03 05:25:36 238936 ----a-w- c:\windows\system32\xactengine3_6.dll 2012-09-03 05:25:35 22360 ----a-w- c:\windows\system32\X3DAudio1_7.dll 2012-09-02 16:11:56 -------- d-----w- c:\program files\FileHippo.com 2012-09-02 14:45:47 -------- d-----w- c:\program files\MSECache 2012-09-02 14:37:48 -------- d-----w- c:\windows\system32\appmgmt 2012-09-02 08:09:27 -------- d-----w- c:\program files\MSXML 4.0 2012-09-01 13:41:01 515416 ----a-w- c:\windows\system32\XAudio2_5.dll 2012-09-01 13:41:00 238936 ----a-w- c:\windows\system32\xactengine3_5.dll 2012-09-01 13:03:08 -------- d-----w- c:\users\tony\appdata\roaming\Malwarebytes 2012-09-01 13:02:53 -------- d-----w- c:\programdata\Malwarebytes 2012-09-01 08:59:12 -------- d-----w- c:\users\tony\appdata\roaming\HpUpdate 2012-09-01 08:54:42 -------- d-----w- c:\windows\Hewlett-Packard 2012-09-01 08:43:17 -------- d-----w- c:\programdata\WEBREG 2012-09-01 08:41:23 280064 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\hpzppw71.dll 2012-09-01 08:35:54 -------- d-----w- c:\program files\common files\Hewlett-Packard 2012-09-01 08:35:28 -------- d-----w- c:\program files\common files\HP 2012-09-01 08:33:12 -------- d-----w- c:\program files\HP 2012-09-01 08:31:44 675840 ----a-w- c:\windows\system32\hpowiav1.dll 2012-09-01 08:31:44 452408 ----a-w- c:\windows\system32\hpzids01.dll 2012-09-01 08:31:44 303104 ----a-w- c:\windows\system32\hpovst01.dll 2012-09-01 08:31:43 897024 ----a-w- c:\windows\system32\hpotiop1.dll 2012-08-31 15:33:43 -------- d-----w- c:\program files\common files\Steam 2012-08-31 15:33:41 -------- d-----w- c:\program files\Steam 2012-08-31 14:06:31 -------- d-----w- c:\windows\pss 2012-08-31 12:54:11 -------- d-----r- c:\users\tony\Podcasts 2012-08-31 12:52:57 -------- d-----w- c:\windows\system32\drivers\umdf\it-IT 2012-08-31 12:52:54 -------- d-----w- c:\windows\system32\drivers\umdf\de-DE 2012-08-31 12:52:51 -------- d-----w- c:\windows\system32\drivers\umdf\fr-FR 2012-08-31 12:52:48 -------- d-----w- c:\windows\system32\drivers\umdf\es-ES 2012-08-31 12:46:40 -------- d-----w- c:\programdata\YTD Video Downloader 2012-08-31 12:10:00 -------- d-----w- c:\program files\GreenTree Applications 2012-08-31 11:13:08 -------- d-----w- c:\users\tony\appdata\roaming\Babylon 2012-08-31 10:48:27 -------- d-----w- c:\users\tony\appdata\roaming\Auslogics 2012-08-31 10:48:20 -------- d-----w- c:\program files\Auslogics 2012-08-31 10:42:32 -------- d-----w- c:\program files\uTorrent 2012-08-31 10:42:01 -------- d-----w- c:\users\tony\appdata\roaming\uTorrent 2012-08-31 10:03:15 34304 ----a-w- c:\windows\system32\drivers\AmdLLD.sys 2012-08-31 10:02:45 -------- d-----w- c:\users\tony\appdata\local\Downloaded Installations 2012-08-31 09:36:24 -------- d-----w- c:\program files\VideoLAN 2012-08-31 09:28:05 -------- d-----w- c:\program files\CCleaner 2012-08-31 09:23:21 -------- d-----w- c:\programdata\Canneverbe Limited 2012-08-31 09:23:08 7168 ----a-w- c:\windows\system32\drivers\StarOpen.sys 2012-08-31 09:17:17 9008 ----a-w- c:\windows\VER.DL 2012-08-31 09:17:17 7008 ----a-w- c:\windows\system\SETUPKIT.DLL 2012-08-31 09:17:17 398416 ----a-w- c:\windows\system\VBRUN300.DLL 2012-08-31 09:17:17 26897 ----a-w- c:\windows\MOTTSET.EXE 2012-08-31 08:42:38 -------- d-----w- c:\users\tony\appdata\roaming\Windows Live Writer 2012-08-31 08:27:46 -------- d-----w- c:\users\tony\Tracing 2012-08-31 08:21:43 -------- d-----w- c:\windows\sv 2012-08-31 08:21:09 49088 ----a-w- c:\windows\system32\drivers\fssfltr.sys 2012-08-31 08:20:41 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition 2012-08-31 08:17:13 74072 ----a-w- c:\windows\system32\XAPOFX1_5.dll 2012-08-31 08:17:13 527192 ----a-w- c:\windows\system32\XAudio2_7.dll 2012-08-31 08:17:12 248672 ----a-w- c:\windows\system32\d3dx11_43.dll 2012-08-31 08:17:12 2106216 ----a-w- c:\windows\system32\D3DCompiler_43.dll 2012-08-31 08:15:39 453456 ----a-w- c:\windows\system32\d3dx10_42.dll 2012-08-31 08:14:01 3426072 ----a-w- c:\windows\system32\d3dx9_32.dll 2012-08-31 08:13:21 5563840 -c--a-w- c:\program files\common files\windows live\.cache\5ebcecca1cd875005\skydrivesetup.exe 2012-08-31 08:13:21 -------- d-----w- c:\program files\Microsoft SkyDrive 2012-08-31 08:13:21 -------- d-----r- c:\users\tony\SkyDrive 2012-08-31 08:13:00 -------- d-----w- c:\programdata\Microsoft SkyDrive 2012-08-31 08:12:21 89944 -c--a-w- c:\program files\common files\windows live\.cache\54156a9a1cd875003\DSETUP.dll 2012-08-31 08:12:21 537432 -c--a-w- c:\program files\common files\windows live\.cache\54156a9a1cd875003\DXSETUP.exe 2012-08-31 08:12:21 1801048 -c--a-w- c:\program files\common files\windows live\.cache\54156a9a1cd875003\dsetup32.dll 2012-08-31 08:12:12 94040 -c--a-w- c:\program files\common files\windows live\.cache\4c097ada1cd875002\DSETUP.dll 2012-08-31 08:12:12 525656 -c--a-w- c:\program files\common files\windows live\.cache\4c097ada1cd875002\DXSETUP.exe 2012-08-31 08:12:12 1691480 -c--a-w- c:\program files\common files\windows live\.cache\4c097ada1cd875002\dsetup32.dll 2012-08-31 08:11:59 89944 -c--a-w- c:\program files\common files\windows live\.cache\4a172f601cd875001\DSETUP.dll 2012-08-31 08:11:59 537432 -c--a-w- c:\program files\common files\windows live\.cache\4a172f601cd875001\DXSETUP.exe 2012-08-31 08:11:59 1801048 -c--a-w- c:\program files\common files\windows live\.cache\4a172f601cd875001\dsetup32.dll 2012-08-31 08:11:49 -------- d-----w- c:\users\tony\appdata\local\Windows Live 2012-08-31 08:11:43 -------- d-----w- c:\program files\common files\Windows Live 2012-08-31 06:52:27 -------- d-----w- c:\windows\system32\SPReview 2012-08-31 06:51:36 -------- d-----w- c:\windows\system32\EventProviders 2012-08-31 06:17:09 1130824 ----a-w- c:\windows\system32\dfshim.dll 2012-08-31 06:17:04 53760 ----a-w- c:\windows\system32\LSCSHostPolicy.dll 2012-08-31 06:17:04 52224 ----a-w- c:\windows\system32\drivers\TsUsbFlt.sys 2012-08-31 06:17:04 3215872 ----a-w- c:\windows\system32\mstscax.dll 2012-08-31 06:17:04 11776 ----a-w- c:\windows\system32\TsUsbRedirectionGroupPolicyExtension.dll 2012-08-31 06:17:01 1171456 ----a-w- c:\windows\system32\d3d10warp.dll 2012-08-31 06:17:00 954752 ----a-w- c:\windows\system32\mfc40.dll 2012-08-31 06:17:00 954288 ----a-w- c:\windows\system32\mfc40u.dll 2012-08-31 06:17:00 80896 ----a-w- c:\windows\system32\RDVGHelper.exe 2012-08-31 06:17:00 120320 ----a-w- c:\windows\system32\tssrvlic.dll 2012-08-31 06:15:59 78208 ----a-w- c:\windows\system32\drivers\mountmgr.sys 2012-08-31 06:14:57 606208 ----a-w- c:\windows\system32\wbem\fastprox.dll 2012-08-31 06:14:57 363008 ----a-w- c:\windows\system32\wbemcomn.dll 2012-08-31 06:14:57 189952 ----a-w- c:\program files\windows portable devices\sqmapi.dll 2012-08-31 06:14:52 189952 ----a-w- c:\windows\system32\sqmapi.dll 2012-08-31 05:52:27 7022536 ----a-w- c:\programdata\microsoft\windows defender\definition updates\backup\mpengine.dll 2012-08-31 05:42:52 -------- d-----w- c:\users\tony\appdata\local\SupportSoft 2012-08-31 05:42:29 -------- d-----w- c:\program files\common files\SupportSoft 2012-08-31 05:27:57 -------- d-----w- c:\windows\PCHEALTH 2012-08-31 05:26:33 -------- d-----w- c:\program files\Microsoft Analysis Services 2012-08-31 05:25:40 -------- d-----w- c:\users\tony\appdata\local\Microsoft Help 2012-08-31 04:59:00 -------- d-----w- c:\program files\Classic Shell 2012-08-31 04:56:35 -------- d-----w- c:\users\tony\appdata\local\VS Revo Group 2012-08-31 04:56:23 -------- d-----w- c:\program files\VS Revo Group 2012-08-31 04:53:55 -------- d-----w- c:\program files\Lantmäteriet 2012-08-30 19:17:05 805376 ----a-w- c:\windows\system32\FntCache.dll 2012-08-30 19:17:04 739840 ----a-w- c:\windows\system32\d2d1.dll 2012-08-30 18:57:24 -------- d-----w- c:\windows\system32\Wat 2012-08-30 17:58:00 5120 ----a-w- c:\windows\system32\wmi.dll 2012-08-30 17:58:00 19824 ----a-w- c:\windows\system32\drivers\fs_rec.sys 2012-08-30 17:57:59 172544 ----a-w- c:\windows\system32\wintrust.dll 2012-08-30 17:57:59 159232 ----a-w- c:\windows\system32\imagehlp.dll 2012-08-30 17:54:59 293376 ----a-w- c:\windows\system32\browserchoice.exe 2012-08-30 17:47:45 1164288 ----a-w- c:\windows\system32\mfc42u.dll 2012-08-30 17:47:45 1137664 ----a-w- c:\windows\system32\mfc42.dll 2012-08-30 17:47:36 140288 ----a-w- c:\windows\system32\cryptsvc.dll 2012-08-30 17:47:36 1158656 ----a-w- c:\windows\system32\crypt32.dll 2012-08-30 17:47:35 103936 ----a-w- c:\windows\system32\cryptnet.dll 2012-08-30 17:47:25 31232 ----a-w- c:\windows\system32\prevhost.exe 2012-08-30 17:45:33 492032 ----a-w- c:\windows\system32\win32spl.dll 2012-08-30 17:45:33 317440 ----a-w- c:\windows\system32\spoolsv.exe 2012-08-30 17:45:05 3968368 ----a-w- c:\windows\system32\ntkrnlpa.exe 2012-08-30 17:45:04 3913072 ----a-w- c:\windows\system32\ntoskrnl.exe 2012-08-30 17:43:51 1077248 ----a-w- c:\windows\system32\DWrite.dll 2012-08-30 17:42:59 338944 ----a-w- c:\windows\system32\drivers\afd.sys 2012-08-30 17:40:56 70656 ----a-w- c:\windows\system32\fontsub.dll 2012-08-30 17:39:51 690688 ----a-w- c:\windows\system32\msvcrt.dll 2012-08-30 17:39:49 2342400 ----a-w- c:\windows\system32\msi.dll 2012-08-30 17:39:46 8192 ----a-w- c:\windows\system32\rdrmemptylst.exe 2012-08-30 17:39:45 58880 ----a-w- c:\windows\system32\rdpwsx.dll 2012-08-30 17:39:45 129536 ----a-w- c:\windows\system32\rdpcorekmts.dll 2012-08-30 17:39:43 288256 ----a-w- c:\windows\system32\XpsGdiConverter.dll 2012-08-30 17:39:39 56176 ----a-w- c:\windows\system32\drivers\partmgr.sys 2012-08-30 17:39:33 69632 ----a-w- c:\windows\system32\drivers\bowser.sys 2012-08-30 17:24:13 728448 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys 2012-08-30 17:24:12 219008 ----a-w- c:\windows\system32\drivers\dxgmms1.sys 2012-08-30 17:24:12 107520 ----a-w- c:\windows\system32\cdd.dll 2012-08-30 17:09:54 -------- d-----w- c:\users\tony\appdata\roaming\Personal 2012-08-30 17:09:52 -------- d-----w- c:\program files\Personal 2012-08-30 17:08:52 -------- d-----w- c:\program files\Handelsbanken kortläsare 2012-08-30 16:39:47 645992 ----a-w- c:\windows\system32\nvvsvc.exe 2012-08-30 16:39:47 62312 ----a-w- c:\windows\system32\nvshext.dll 2012-08-30 16:39:47 3963240 ----a-w- c:\windows\system32\nvcpl.dll 2012-08-30 16:39:47 2836840 ----a-w- c:\windows\system32\nvsvc.dll 2012-08-30 16:39:47 108392 ----a-w- c:\windows\system32\nvmctray.dll 2012-08-30 16:39:13 52584 ----a-w- c:\windows\system32\OpenCL.dll 2012-08-30 16:38:59 -------- d-----w- c:\programdata\NVIDIA Corporation 2012-08-30 16:37:34 888168 ----a-w- c:\windows\system32\nvdispgenco32.dll 2012-08-30 16:37:34 2422120 ----a-w- c:\windows\system32\nvapi.dll 2012-08-30 16:37:34 1009512 ----a-w- c:\windows\system32\nvdispco32.dll 2012-08-30 16:37:12 -------- d-----w- c:\program files\NVIDIA Corporation 2012-08-30 16:33:13 485920 ----a-w- c:\windows\system32\nvusmb.exe 2012-08-30 16:32:30 485920 ----a-w- c:\windows\system32\NVUNINST.EXE 2012-08-30 16:30:55 -------- d-----w- c:\windows\Panther 2012-08-30 16:10:45 574632 ----a-w- c:\windows\system32\msvcp50.dll 2012-08-30 16:09:24 -------- d-----w- c:\program files\Telia 2012-08-30 16:09:07 -------- d-sh--w- c:\windows\Installer 2012-08-30 16:08:16 -------- d-----w- c:\programdata\fssg 2012-08-30 16:06:54 -------- d-----w- c:\programdata\f-secure 2012-08-30 16:06:31 826880 ----a-w- c:\windows\system32\rdpcore.dll 2012-08-30 16:06:31 15872 ----a-w- c:\windows\system32\drivers\rdpvideominiport.sys 2012-08-30 16:06:31 134656 ----a-w- c:\windows\system32\rdpudd.dll 2012-08-30 16:06:30 24576 ----a-w- c:\windows\system32\drivers\tdtcp.sys 2012-08-30 16:06:30 18432 ----a-w- c:\windows\system32\drivers\tdpipe.sys 2012-08-30 16:05:20 -------- d-----w- c:\windows\system32\wbem\Performance 2012-08-30 16:04:51 -------- d-----w- c:\users\tony\appdata\local\ElevatedDiagnostics 2012-08-30 16:02:34 2422272 ----a-w- c:\windows\system32\wucltux.dll 2012-08-30 16:01:50 88576 ----a-w- c:\windows\system32\wudriver.dll 2012-08-30 16:01:36 33792 ----a-w- c:\windows\system32\wuapp.exe 2012-08-30 16:01:36 171904 ----a-w- c:\windows\system32\wuwebv.dll 2012-08-30 16:01:01 -------- d-----w- c:\users\tony\appdata\local\VirtualStore 2012-08-30 15:49:18 237072 ------w- c:\windows\system32\MpSigStub.exe 2012-08-30 08:40:14 429416 ----a-w- c:\windows\system32\nvStreaming.exe 2012-08-28 15:18:57 -------- d-----w- C:\a8b589ca09b91f6153 . ==================== Find3M ==================== . 2012-08-31 07:13:07 152576 ----a-w- c:\windows\system32\msclmd.dll 2012-08-30 19:13:00 12465512 ----a-w- c:\windows\system32\nvwgf2um.dll 2012-08-24 06:59:17 1800704 ----a-w- c:\windows\system32\jscript9.dll 2012-08-24 06:51:27 1129472 ----a-w- c:\windows\system32\wininet.dll 2012-08-24 06:51:02 1427968 ----a-w- c:\windows\system32\inetcpl.cpl 2012-08-24 06:47:26 142848 ----a-w- c:\windows\system32\ieUnatt.exe 2012-08-24 06:47:12 420864 ----a-w- c:\windows\system32\vbscript.dll 2012-08-24 06:43:58 2382848 ----a-w- c:\windows\system32\mshtml.tlb 2012-07-28 01:09:02 57792 ----a-w- c:\windows\system32\sirenacm.dll 2012-07-28 00:54:00 321472 ----a-w- c:\windows\WLXPGSS.SCR 2012-07-26 17:08:06 862664 ----a-w- c:\windows\system32\msvcr110.dll 2012-07-26 17:08:06 534480 ----a-w- c:\windows\system32\msvcp110.dll 2012-07-26 17:08:06 251864 ----a-w- c:\windows\system32\vccorlib110.dll 2012-07-26 17:08:06 153536 ----a-w- c:\windows\system32\atl110.dll 2012-07-26 17:08:06 115656 ----a-w- c:\windows\system32\vcomp110.dll 2012-07-18 17:47:53 2345984 ----a-w- c:\windows\system32\win32k.sys 2012-07-17 12:49:00 209648 ----a-w- c:\windows\system32\LIVESSP.DLL 2012-07-04 21:14:34 41984 ----a-w- c:\windows\system32\browcli.dll 2012-07-04 21:14:34 102912 ----a-w- c:\windows\system32\browser.dll . ============= FINISH: 14:52:59,33 =============== Quote Link to comment Share on other sites More sharing options...
Cecilia Posted September 25, 2012 Share Posted September 25, 2012 Nej, det är samma som sist. Kör DDS-programmet igen så ska du se att programmet skapar två loggar, dels DDS.txt som du har bifogat och dels Attach.txt som är den som jag också vill se. Är det en företagsdator du har? Jag ser att det är Windows Enterprise och många av de särskilda program, t ex ComboFix, jag använder på infekterade datorer är inte godkända för företagsdatorer eftersom de kan förstöra inställningar som behövs i en företagsmiljö. Quote Link to comment Share on other sites More sharing options...
Tony Posted September 25, 2012 Author Share Posted September 25, 2012 Hej Cecilia. Det är en privat dator, men den har varit en företagsdator som jag fått med hem efter att ha gått i pension från ett företag. Jag försöker igen då, få de hur det går. Har upptäck att jag i Windows system 32 har två Driverstore, varav den ena är blåmärkt. Kan det vara något? Försöker igen då, få se om jag lyckat denna gång. Har haft barnbarn i 12-årsåldern hemma förra veckan som tydligen hämtat hem en hel del "grejer" utan min vetskap, så man kan aldrig vara säker vad de haft för sig, detta verkar komma i samband med dessa filer och program de tagit hem. Tony. Attach.txt Quote Link to comment Share on other sites More sharing options...
Cecilia Posted September 25, 2012 Share Posted September 25, 2012 Hej! Tack för Attach-loggen. Om du själv inte brukar använda uTorrent för fildelning så föreslår jag att du avinstallerar det. Jag rekommenderar också att du skapar ett nytt användarkonto för barnbarnen sedan. Sätt dessutom det till att vara ett standardkonto och inte ett administratörskonto så kan de inte installera så mycket. Avinstallera YTD Toolbar v6.3 pga http://www.systemlookup.com/CLSID/70201-youtubedownloaderToolbarIE_dll_ytdToolbarIE_dll.html Det ser ut som att du har kört några registerstädningsprogram. Om man inte vet vad man gör med dem så kan de orsaka problem i stället för att avhjälpa problem. Inga garantier för att inte ComboFix orsakar problem i datorn när det har varit en företagsdator. Spara ComboFix på Skrivbordet: http://download.bleepingcomputer.com/sUBs/ComboFix.exe Stäng av alla program du ser inklusive antivirusprogram och antispionprogram, men lämna brandväggen på. Hur? Se http://www.bleepingcomputer.com/forums/topic114351.html Sätt på systemåterställningen och skapa en systemåterställningspunkt. Starta om datorn. Om antivirusprogrammet är igång så stäng av det igen. Kör ComboFix och följ anvisningarna som visas. Mer detaljerad vägledning finns på http://www.bleepingcomputer.com/combofix/se/hur-combofix-ska-anvandas Om det kommer upp något meddelande, t ex att ett rootkit har hittats, från ComboFix skriv ner det och skriv det sedan i ditt svar. VIKTIGT! Klicka inte på ComboFix-fönstret med musen när det körs eftersom så det kan hänga upp sig då. När ComboFix är färdig ska en logg komma upp, klistra in den i ditt svar. Kontrollera att antivirusprogram mm är igång innan du ansluter till internet. Om du får problem med att komma ut på internet: Kontrollpanelen - Nätverksanslutningar högerklicka på din internetanslutning och välj Reparera och/eller starta om datorn. Om du får felmeddelanden när du försöker köra Windows-program, så starta om datorn igen. Quote Link to comment Share on other sites More sharing options...
Tony Posted September 25, 2012 Author Share Posted September 25, 2012 Hej igen Cecilia. Har nu gjort som du sa, men programmet gick aldrig färdigt. Har låtit det gå i nästan en timme, och det verkade som om det stannade efter ett tag. Däremot så verkar det som det tagit bort tre filer, det stod så i rutan, och att de var succeful remove. Har statrtat om datorn 2 gånger nu och "Telia säker surf" startar direkt, som det ska. Så jag vet inte vad man ska kunna göra mer, nu verkar det att fungera. Filerna som togs bort var C:prgramfiles/webbassistent/extension 32.dll C:users/appdata Roaming one tab. ETab.dll samt C:windows/system32/roboot.exe Har du någon annan idé? eller ska jag nöja mig med detta. I så fall ska du ha stort tack för hjälpen, och jag ska skapa ett nytt användarkonto snarast. Kan bli lite svårt kanske, att förbjuda 4 vildbasar att använda datorn framöver. Tony. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.