CIO Tech Eksperten IT-JOB IT-Kurser Events Podcast Søg

Log ind eller opret profil

Du kan også logge ind via nedenstående tjenester

lasse0000 Novice

11. juni 2010 - 12:23 Der er 18 kommentarer og
1 løsning

Åbner programmer hele tiden

Hej. Jeg har fået en virus, som åbner alverdens programmer,mediaplayer, word, denne computer mm. man kan ikke lukke noget da intet virker, prøver jeg at åbne mailwarebytes elign. åbner den programmet uendelig mange gange indtil jeg tager strømmen.Maskinen starter fint, også i fejlsikret tilstand, lige indtil man prøver at gøre noget. Har en usb nøgle klar med de gængse værktøjer, hijack mm. men hvordan får jeg mulighed for at benytte dette, når man ikke kan komme i kontakt med maskinen, den er sat til at boote op på usb, men den hopper og danser og gør som do. Det er en xp maskine.

Synes godt om

f-arn Guru

11. juni 2010 - 12:34 #1

Kan du dette?

Hent og gem Combofix på dit skrivebord som alg.exe:

http://download.bleepingcomputer.com/sUBs/ComboFix.exe

Overfør via usb eller lign.

Start alg.exe og følg anvisningerne.

Da Combofix kan konflikte med dine sikkerhedsprogrammer er det vigtigt at du deaktiverer dem.

Så skulle Combofix gerne give sig til at arbejde. Muligvis vil den kræve en genstart, hvilket du skal tillade. Du bør ikke klikke på vinduet imens værktøjet kører, idet det kan få din computer til at fryse.
Når Combofix er færdig, og efter det (muligvis) har genstartet, skulle der gerne åbnes en logfil combofix.txt som ligger her C:\Combofix.txt

Indholdet af denne fil må du gerne lægge herind.

Synes godt om

lasse0000 Novice

11. juni 2010 - 13:13 #2

Desværre, det gik ikke, combofix blev åbnet 38 gange, jeg lod dem køre, selvom skærmen skiftede mellem alt muligt, det endte med at maskinen valgte at gå i standbye. Der skete lidt det samme med Hijack This, men der kom en advarsel, men skærmen flimmrede altfor meget, men der stod noget med google?

Synes godt om

f-arn Guru

11. juni 2010 - 13:29 #3

Kaspersky Rescue CD kan bruges, hvis du slet ikke kan komme ind i Windows, eller hvis du ikke kan få installeret andre værktøjer. Du kan brænde den ISO-fil, du henter fra Kaspersky og derefter starte computeren fra CD'en.

http://www.fromsej.dk/Vejledninger/html/kasres.html

Spørg endelig, hvis du bliver i tvivl om noget undervejs.

Synes godt om

lasse0000 Novice

11. juni 2010 - 13:30 #4

Har fedtet lidt rundt, og vil prøve at følge en anvisning jeg fandt fra Helge C, som omhandler en knoppix live cd. Vender tilbage når det er prøvet.

Synes godt om

johnstigers Seniormester

11. juni 2010 - 18:59 #5

Lyder lidt som lidt tastatur knapper der sidder fast...

Synes godt om

lasse0000 Novice

11. juni 2010 - 23:59 #6

F-arn, Kan se at vi fik skrevet samtidig, dog vil jeg gerne tildele dig point, da din løsning og den jeg hentede hos Helge C stort set er identiske. Med Knoppix 6,2 fulgte jeg instruksen, og det gik temmelig nemt,der blev fundet en inficeret win\system32\msgsvc.dll fil. Derefter kunne combofix mailware oa køres almindeligt igen. Blev dog lidt begejstret for dette knoppix,som åbenbart kan en masse.

Synes godt om

f-arn Guru

12. juni 2010 - 10:47 #7

Jeg vil gerne se Combofix loggen, da der godt kan ligge mere.

Synes godt om

lasse0000 Novice

12. juni 2010 - 12:37 #8

Det kan jo godt have sin rigtighed, så jeg vedlægger loggen. fortsat mange tak for hjælpen.

ComboFix 10-06-11.01 - lars 01-01-2002 12:09:43.2.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.45.1030.18.1023.697 [GMT 1:00]
Kører fra: c:\documents and settings\lars\Skrivebord\ComboFix.exe
AV: avast! antivirus 4.8.1368 [VPS 100611-1] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
.

((((((((((((((((((((((((((((((((((((((( Andet, der er slettet )))))))))))))))))))))))))))))))))))))))))))))))))
.

Inficeret kopi af c:\windows\system32\msgsvc.dll blev fundet og desinficeret
Genskabt kopi fra - c:\windows\ERDNT\cache\msgsvc.dll

.
((((((((((((((((((((((((((((( Filer skabt fra 2001-12-01 til 2002-01-01 )))))))))))))))))))))))))))))))))))
.

2010-06-11 16:35 . 2010-05-06 10:34 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll
2010-06-11 11:08 . 2010-06-11 11:08 -------- d-----w- C:\32788R22FWJFW.1.tmp
2010-06-11 10:47 . 2010-06-11 10:47 -------- d-----w- c:\documents and settings\lars\Application Data\Windows Search
2010-06-11 08:57 . 2010-06-11 08:57 -------- d-----w- c:\documents and settings\lars\Application Data\MSN6
2010-06-11 08:57 . 2010-06-11 08:57 -------- d-----w- c:\documents and settings\All Users\Application Data\MSN6
2010-06-08 07:01 . 2010-06-08 07:01 -------- d-----w- c:\documents and settings\lars\DoctorWeb
2010-06-08 06:26 . 2008-04-14 07:05 26624 ----a-w- c:\documents and settings\LocalService\Application Data\Microsoft\UPnP Device Host\upnphost\udhisapi.dll
2010-06-07 19:37 . 2002-01-01 10:19 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2010-06-07 19:26 . 2010-06-07 19:26 57344 ----a-w- c:\documents and settings\All Users\Application Data\DivX\RunAsUser\RUNASUSERPROCESS.dll
2010-06-07 19:21 . 2010-06-07 19:21 57409 ----a-w- c:\documents and settings\All Users\Application Data\DivX\ControlPanel\Uninstaller.exe
2010-06-07 19:21 . 2010-06-07 19:21 52963 ----a-w- c:\documents and settings\All Users\Application Data\DivX\MSVC80CRTRedist\Uninstaller.exe
2010-06-07 19:21 . 2010-06-07 19:21 54073 ----a-w- c:\documents and settings\All Users\Application Data\DivX\Qt4.5\Uninstaller.exe
2010-06-07 19:21 . 2010-06-07 19:21 -------- d-----w- c:\programmer\Fælles filer\DivX Shared
2010-06-07 19:21 . 2010-06-07 19:21 56969 ----a-w- c:\documents and settings\All Users\Application Data\DivX\ASPEncoder\Uninstaller.exe
2010-06-07 19:20 . 2010-06-07 19:22 -------- d-----w- c:\programmer\DivX
2010-06-07 19:19 . 2010-06-07 19:22 -------- d-----w- c:\documents and settings\All Users\Application Data\DivX
2010-06-07 18:17 . 2010-06-07 18:17 -------- d-----w- c:\programmer\Microsoft.NET
2010-06-07 18:16 . 2010-06-07 18:16 -------- d-----w- c:\programmer\MSXML 6.0
2010-06-07 18:14 . 2010-06-07 18:19 -------- d-----w- c:\programmer\Microsoft SQL Server
2010-06-07 18:13 . 2010-06-07 18:20 -------- d-----w- c:\documents and settings\All Users\Application Data\Team MediaPortal
2010-06-07 18:12 . 2008-07-31 08:41 68616 ----a-w- c:\windows\system32\XAPOFX1_1.dll
2010-06-07 18:12 . 2008-07-31 08:40 509448 ----a-w- c:\windows\system32\XAudio2_2.dll
2010-06-07 18:12 . 2008-07-31 08:41 238088 ----a-w- c:\windows\system32\xactengine3_2.dll
2010-06-07 18:12 . 2008-07-12 06:18 1493528 ----a-w- c:\windows\system32\D3DCompiler_39.dll
2010-06-07 18:12 . 2008-07-12 06:18 467984 ----a-w- c:\windows\system32\d3dx10_39.dll
2010-06-07 18:12 . 2008-07-12 06:18 3851784 ----a-w- c:\windows\system32\D3DX9_39.dll
2010-06-07 18:12 . 2008-05-30 12:19 507400 ----a-w- c:\windows\system32\XAudio2_1.dll
2010-06-07 18:12 . 2008-05-30 12:17 65032 ----a-w- c:\windows\system32\XAPOFX1_0.dll
2010-06-07 18:10 . 2010-06-07 18:10 -------- d-----w- c:\windows\Logs
2010-06-07 17:17 . 2010-06-07 18:20 -------- d-----w- c:\programmer\Team MediaPortal
2010-06-07 16:37 . 2010-06-07 16:37 -------- d-----w- c:\documents and settings\lars\Application Data\Malwarebytes
2010-06-07 16:37 . 2010-04-29 13:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-06-07 16:37 . 2010-06-07 16:37 -------- d-----w- c:\programmer\Malwarebytes' Anti-Malware
2010-06-07 16:37 . 2010-06-07 16:37 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2010-06-07 16:37 . 2010-04-29 13:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-06-07 15:51 . 2010-06-07 15:52 -------- d-----w- c:\documents and settings\lars\Lokale indstillinger\Application Data\Temp
2010-06-07 15:38 . 2008-04-13 09:46 15232 -c--a-w- c:\windows\system32\dllcache\mpe.sys
2010-06-07 15:38 . 2008-04-13 09:46 15232 ----a-w- c:\windows\system32\drivers\MPE.sys
2010-06-07 15:37 . 2008-04-14 07:05 363520 -c--a-w- c:\windows\system32\dllcache\psisdecd.dll
2010-06-07 15:37 . 2008-04-14 07:05 363520 ----a-w- c:\windows\system32\PsisDecd.dll
2010-06-07 15:37 . 2008-04-13 09:46 11776 -c--a-w- c:\windows\system32\dllcache\bdasup.sys
2010-06-07 15:37 . 2008-04-13 09:46 11776 ----a-w- c:\windows\system32\drivers\BdaSup.sys
2010-06-07 15:37 . 2010-06-07 15:37 -------- dc----w- c:\windows\system32\DRVSTORE
2010-06-07 15:37 . 2006-12-18 15:53 1121536 ----a-w- c:\windows\system32\drivers\3xHybrid.sys
2010-06-07 15:37 . 2003-02-27 08:07 3072 ----a-w- c:\windows\system32\34CoInstaller.dll
2010-06-07 14:17 . 2010-06-07 14:17 -------- d-----w- c:\documents and settings\lars\Lokale indstillinger\Application Data\Innovative Solutions
2010-06-07 14:17 . 2010-06-07 14:17 -------- d-----w- c:\documents and settings\All Users\Application Data\Innovative Solutions
2010-06-07 14:00 . 2010-06-07 14:00 -------- d-----w- c:\programmer\Speccy
2010-06-07 13:57 . 2010-06-07 13:57 -------- d-----w- c:\programmer\CCleaner
2010-06-07 13:43 . 2010-06-07 13:43 -------- d-----w- c:\windows\system32\XPSViewer
2010-06-07 13:43 . 2010-06-07 13:43 -------- d-----w- c:\programmer\MSBuild
2010-06-07 13:43 . 2010-06-07 13:43 -------- d-----w- c:\programmer\Reference Assemblies
2010-06-07 13:42 . 2008-07-06 12:06 89088 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll
2010-06-07 13:42 . 2008-07-06 12:06 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2010-06-07 13:42 . 2008-07-06 12:06 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll
2010-06-07 13:42 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll
2010-06-07 13:42 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll
2010-06-07 13:42 . 2008-07-06 10:50 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2010-06-07 13:42 . 2008-07-06 10:50 597504 ------w- c:\windows\system32\Spool\prtprocs\w32x86\printfilterpipelinesvc.exe
2010-06-07 13:42 . 2008-07-06 12:06 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll
2010-06-07 13:42 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\xpssvcs.dll
2010-06-07 13:42 . 2010-06-07 13:42 -------- d-----w- C:\d48e3c61ea876d5c833a368f98
2010-06-07 13:38 . 2010-06-07 13:38 -------- d-----w- c:\documents and settings\lars\Lokale indstillinger\Application Data\Identities
2010-06-07 13:38 . 2010-06-07 13:38 -------- d-----w- c:\documents and settings\lars\Application Data\Windows Desktop Search
2010-06-07 13:38 . 2010-06-07 13:38 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache
2010-06-07 13:38 . 2010-06-07 13:38 -------- d-----w- c:\windows\system32\GroupPolicy
2010-06-07 13:38 . 2002-01-01 11:16 -------- d-----w- c:\programmer\Windows Desktop Search
2010-06-07 13:37 . 2008-03-07 17:02 98304 -c----w- c:\windows\system32\dllcache\nlhtml.dll
2010-06-07 13:37 . 2008-03-07 17:02 29696 -c----w- c:\windows\system32\dllcache\mimefilt.dll
2010-06-07 13:37 . 2008-03-07 17:02 192000 -c----w- c:\windows\system32\dllcache\offfilt.dll
2010-06-07 13:37 . 2010-06-07 13:37 -------- d-----w- c:\programmer\Windows Media Connect 2
2010-06-07 13:35 . 2010-06-07 13:36 -------- d-----w- c:\windows\system32\drivers\UMDF
2010-06-07 13:35 . 2010-06-07 13:35 -------- d-----w- c:\windows\system32\LogFiles
2010-06-07 13:33 . 2010-06-07 13:34 -------- d-----w- c:\windows\system32\URTTemp
2010-06-07 13:25 . 2010-06-07 13:25 -------- d-sh--w- c:\documents and settings\lars\IECompatCache
2010-06-07 13:24 . 2010-06-07 13:24 -------- d-sh--w- c:\documents and settings\lars\PrivacIE
2010-06-07 13:18 . 2010-06-07 13:18 -------- d-sh--w- c:\documents and settings\lars\IETldCache
2010-06-07 13:16 . 2010-04-16 11:43 41984 -c----w- c:\windows\system32\dllcache\iecompat.dll
2010-06-07 13:15 . 2002-01-01 01:42 -------- d-----w- c:\windows\ie8updates
2010-06-07 13:15 . 2010-05-06 10:34 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2010-06-07 13:15 . 2010-05-06 10:34 599040 -c----w- c:\windows\system32\dllcache\msfeeds.dll
2010-06-07 13:15 . 2010-05-06 10:34 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
2010-06-07 13:15 . 2010-05-06 10:34 1985536 -c----w- c:\windows\system32\dllcache\iertutil.dll
2010-06-07 13:15 . 2010-05-06 10:34 247808 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2010-06-07 13:15 . 2010-05-06 10:34 11076096 -c----w- c:\windows\system32\dllcache\ieframe.dll
2010-06-07 13:14 . 2010-06-07 13:15 -------- dc-h--w- c:\windows\ie8
2010-06-03 07:14 . 2008-04-14 07:05 221184 ----a-w- c:\windows\system32\wmpns.dll
2010-06-02 06:09 . 2010-04-08 00:50 1496064 ----a-w- c:\documents and settings\lars\Application Data\Mozilla\Firefox\Profiles\sd41e0ao.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll
2010-06-02 06:09 . 2010-04-08 00:50 43008 ----a-w- c:\documents and settings\lars\Application Data\Mozilla\Firefox\Profiles\sd41e0ao.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbarloader.dll
2010-06-02 06:09 . 2010-04-08 00:50 338944 ----a-w- c:\documents and settings\lars\Application Data\Mozilla\Firefox\Profiles\sd41e0ao.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\libraries\googletoolbar-ff2.dll
2010-06-02 06:09 . 2010-04-08 00:50 346112 ----a-w- c:\documents and settings\lars\Application Data\Mozilla\Firefox\Profiles\sd41e0ao.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\libraries\googletoolbar-ff3.dll
2010-06-02 06:08 . 2010-06-02 06:08 0 ----a-w- c:\windows\nsreg.dat
2010-06-02 06:08 . 2010-06-02 06:08 -------- d-----w- c:\documents and settings\lars\Lokale indstillinger\Application Data\Mozilla
2010-06-01 14:53 . 2010-06-01 14:53 -------- d-----w- c:\programmer\Fælles filer\Java
2010-06-01 14:53 . 2010-06-01 14:53 503808 ----a-w- c:\documents and settings\lars\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-2280a7a2-n\msvcp71.dll
2010-06-01 14:53 . 2010-06-01 14:53 499712 ----a-w- c:\documents and settings\lars\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-2280a7a2-n\jmc.dll
2010-06-01 14:53 . 2010-06-01 14:53 348160 ----a-w- c:\documents and settings\lars\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-2280a7a2-n\msvcr71.dll
2010-06-01 14:53 . 2010-06-01 14:53 61440 ----a-w- c:\documents and settings\lars\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-54f8b941-n\decora-sse.dll
2010-06-01 14:53 . 2010-06-01 14:53 12800 ----a-w- c:\documents and settings\lars\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-54f8b941-n\decora-d3d.dll
2010-06-01 14:52 . 2010-06-01 14:52 411368 ----a-w- c:\windows\system32\deployJava1.dll
2010-06-01 14:52 . 2010-06-01 14:52 -------- d-----w- c:\programmer\Java
2010-06-01 14:51 . 2010-06-01 14:51 -------- d-----w- c:\windows\system32\Adobe
2010-06-01 14:32 . 2010-06-01 14:32 -------- d-----w- c:\documents and settings\NetworkService\Lokale indstillinger\Application Data\Google
2010-06-01 14:28 . 2010-06-01 14:28 -------- d-----w- c:\programmer\WOT
2010-06-01 14:27 . 2010-06-01 14:27 -------- d-----w- c:\documents and settings\LocalService\Lokale indstillinger\Application Data\Google
2010-06-01 14:27 . 2001-12-31 22:25 -------- d-----w- c:\documents and settings\lars\Lokale indstillinger\Application Data\Google
2010-06-01 14:26 . 2010-06-09 13:16 -------- d-----w- c:\programmer\Google
2010-06-01 13:25 . 2010-02-12 10:03 293376 ------w- c:\windows\system32\browserchoice.exe
2010-06-01 13:24 . 2010-02-24 13:11 455680 -c----w- c:\windows\system32\dllcache\mrxsmb.sys
2010-06-01 13:23 . 2009-10-23 15:28 3558912 -c----w- c:\windows\system32\dllcache\moviemk.exe
2010-06-01 13:23 . 2009-12-31 16:50 353792 -c----w- c:\windows\system32\dllcache\srv.sys
2010-06-01 13:22 . 2009-10-15 16:32 81920 -c----w- c:\windows\system32\dllcache\fontsub.dll
2010-06-01 13:22 . 2009-10-15 16:32 119808 -c----w- c:\windows\system32\dllcache\t2embed.dll
2010-06-01 13:22 . 2009-11-21 15:58 471552 -c----w- c:\windows\system32\dllcache\aclayers.dll
2010-06-01 13:20 . 2009-06-21 21:48 153088 -c----w- c:\windows\system32\dllcache\triedit.dll
2010-06-01 13:17 . 2009-07-31 04:34 1172480 -c----w- c:\windows\system32\dllcache\msxml3.dll
2010-06-01 13:17 . 2008-10-15 16:37 337408 -c----w- c:\windows\system32\dllcache\netapi32.dll
2010-06-01 13:17 . 2008-05-01 14:36 331776 -c----w- c:\windows\system32\dllcache\msadce.dll
2010-06-01 13:17 . 2008-06-14 17:35 272256 -c----w- c:\windows\system32\dllcache\bthport.sys
2010-06-01 13:16 . 2008-05-08 14:02 203136 -c----w- c:\windows\system32\dllcache\rmcast.sys
2010-06-01 13:16 . 2002-01-01 01:44 -------- d--h--w- c:\windows\$hf_mig$
2010-06-01 13:04 . 2009-08-06 17:24 44768 ----a-w- c:\windows\system32\wups2.dll
2010-06-01 13:03 . 2010-06-01 13:03 -------- d-sh--w- c:\documents and settings\lars\UserData
2010-06-01 13:03 . 2006-08-01 13:02 49152 ----a-w- c:\windows\system32\ChCfg.exe
2010-06-01 13:03 . 2008-09-24 08:40 4122368 ----a-r- c:\windows\system32\drivers\alcxwdm.sys

.
(((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-06-10 13:44 . 2010-06-07 19:22 -------- d-----w- c:\documents and settings\lars\Application Data\DivX
2010-06-01 14:39 . 2010-06-01 14:39 -------- d-----w- c:\programmer\Alwil Software
2010-06-01 12:47 . 2010-06-11 09:06 150070 ----a-w- c:\windows\PCHealth\HelpCtr\Config\Cache\Personal_32_1030.dat
2010-06-01 12:47 . 2010-06-01 11:52 76487 ----a-w- c:\windows\PCHealth\HelpCtr\OfflineCache\index.dat
2010-06-01 11:53 . 2010-06-01 11:53 -------- d-----w- c:\programmer\microsoft frontpage
2010-06-01 11:53 . 2010-06-01 11:53 558142 ----a-w- c:\windows\java\Packages\P77JZB5R.ZIP
2010-06-01 11:53 . 2010-06-01 11:53 2678 ----a-w- c:\windows\java\Packages\Data\0XBPZVRV.DAT
2010-06-01 11:53 . 2010-06-01 11:53 2678 ----a-w- c:\windows\java\Packages\Data\93XB9ZLV.DAT
2010-06-01 11:53 . 2010-06-01 11:53 155995 ----a-w- c:\windows\java\Packages\GOCDNJH7.ZIP
2010-06-01 11:53 . 2010-06-01 11:53 2678 ----a-w- c:\windows\java\Packages\Data\PRN7XJHJ.DAT
2010-06-01 11:53 . 2010-06-01 11:53 2678 ----a-w- c:\windows\java\Packages\Data\DRFF7ZL3.DAT
2010-06-01 11:53 . 2010-06-01 11:53 2678 ----a-w- c:\windows\java\Packages\Data\5JZ5FNDR.DAT
2010-06-01 11:52 . 2010-06-01 11:49 -------- d-----w- c:\programmer\Onlinetjenester
2010-06-01 11:51 . 2010-06-01 11:51 -------- d-----w- c:\programmer\Fælles filer\Tjenester
2010-06-01 11:50 . 2010-06-01 11:50 21644 ----a-w- c:\windows\system32\emptyregdb.dat
2010-05-06 10:34 . 2002-09-16 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2010-05-02 08:09 . 2002-09-16 12:00 1851264 ----a-w- c:\windows\system32\win32k.sys
2010-04-27 18:40 . 2010-06-07 19:22 9200 ------w- c:\windows\system32\drivers\cdralw2k.sys
2010-04-27 18:40 . 2010-06-07 19:22 9072 ------w- c:\windows\system32\drivers\cdr4_xp.sys
2010-04-27 18:40 . 2010-06-07 19:22 45648 ------w- c:\windows\system32\drivers\PxHelp20.sys
2010-04-27 18:40 . 2010-06-07 19:22 133616 ------w- c:\windows\system32\pxafs.dll
2010-04-27 18:40 . 2010-06-07 19:22 126448 ------w- c:\windows\system32\pxinsi64.exe
2010-04-27 18:40 . 2010-06-07 19:22 123888 ------w- c:\windows\system32\pxcpyi64.exe
2010-04-20 05:31 . 2002-09-16 12:00 285696 ----a-w- c:\windows\system32\atmfd.dll
2010-03-10 19:29 . 2010-03-10 19:29 94208 ----a-w- c:\windows\system32\dpl100.dll
2010-03-10 06:17 . 2002-09-16 12:00 420352 ----a-w- c:\windows\system32\vbscript.dll
2010-03-05 14:39 . 2002-09-16 12:00 65536 ----a-w- c:\windows\system32\asycfilt.dll
2010-02-24 13:11 . 2002-09-16 12:00 455680 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2010-02-19 19:27 . 2010-02-19 19:27 720384 ----a-w- c:\windows\system32\DivX.dll
2010-02-19 19:27 . 2010-02-19 19:27 856064 ----a-w- c:\windows\system32\divx_xx0c.dll
2010-02-19 19:27 . 2010-02-19 19:27 856064 ----a-w- c:\windows\system32\divx_xx07.dll
2010-02-19 19:27 . 2010-02-19 19:27 847872 ----a-w- c:\windows\system32\divx_xx0a.dll
2010-02-19 19:27 . 2010-02-19 19:27 843776 ----a-w- c:\windows\system32\divx_xx16.dll
2010-02-19 19:27 . 2010-02-19 19:27 839680 ----a-w- c:\windows\system32\divx_xx11.dll
2010-02-17 12:09 . 2002-09-16 12:00 2192512 ----a-w- c:\windows\system32\ntoskrnl.exe
2010-02-16 19:09 . 2002-09-09 14:07 2069376 ----a-w- c:\windows\system32\ntkrnlpa.exe
2010-02-12 04:34 . 2002-09-16 12:00 100864 ----a-w- c:\windows\system32\6to4svc.dll
2010-02-11 12:02 . 2002-09-16 12:00 226880 ----a-w- c:\windows\system32\drivers\tcpip6.sys
2010-02-05 18:26 . 2002-09-16 12:00 1295872 ----a-w- c:\windows\system32\quartz.dll
2010-01-29 15:00 . 2010-06-01 11:50 691712 ----a-w- c:\windows\system32\inetcomm.dll
2010-01-13 14:01 . 2002-09-16 12:00 86528 ----a-w- c:\windows\system32\cabview.dll
2009-12-31 16:50 . 2002-09-16 12:00 353792 ----a-w- c:\windows\system32\drivers\srv.sys
2009-12-24 07:01 . 2002-09-16 12:00 177664 ----a-w- c:\windows\system32\wintrust.dll
2009-12-17 07:41 . 2010-06-01 11:49 344576 ----a-w- c:\windows\system32\mspaint.exe
2009-12-14 07:09 . 2002-09-16 12:00 33280 ----a-w- c:\windows\system32\csrsrv.dll
2009-11-27 17:13 . 2001-10-04 17:07 17920 ----a-w- c:\windows\system32\msyuv.dll
2009-11-27 16:09 . 2002-09-16 12:00 85504 ----a-w- c:\windows\system32\avifil32.dll
2009-11-27 16:09 . 2002-09-16 12:00 28672 ----a-w- c:\windows\system32\msvidc32.dll
2009-11-27 16:09 . 2002-09-16 12:00 11264 ----a-w- c:\windows\system32\msrle32.dll
2009-11-27 16:09 . 2001-10-04 17:07 8704 ----a-w- c:\windows\system32\tsbyuv.dll
2009-11-27 16:09 . 2001-10-04 17:07 48128 ----a-w- c:\windows\system32\iyuv_32.dll
2009-11-24 22:54 . 2010-06-01 14:39 1280480 ----a-w- c:\windows\system32\aswBoot.exe
2009-11-24 22:51 . 2010-06-01 14:39 93424 ----a-w- c:\windows\system32\drivers\aswmon.sys
2009-11-24 22:50 . 2010-06-01 14:39 94160 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2009-11-24 22:50 . 2010-06-01 14:39 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys
2009-11-24 22:50 . 2010-06-01 14:39 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2009-11-24 22:49 . 2010-06-01 14:39 48560 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2009-11-24 22:48 . 2010-06-01 14:39 23120 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2009-11-24 22:47 . 2010-06-01 14:39 27408 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2009-11-24 22:47 . 2010-06-01 14:39 97480 ----a-w- c:\windows\system32\AvastSS.scr
2009-11-21 15:58 . 2002-09-16 12:00 471552 ----a-w- c:\windows\AppPatch\aclayers.dll
2009-10-21 05:39 . 2010-06-01 12:23 25088 ----a-w- c:\windows\system32\httpapi.dll
2009-10-21 05:39 . 2010-06-01 12:23 75776 ----a-w- c:\windows\system32\strmfilt.dll
2009-10-20 16:20 . 2010-06-01 12:23 265728 ------w- c:\windows\system32\drivers\http.sys
2009-10-15 16:32 . 2002-09-16 12:00 81920 ----a-w- c:\windows\system32\fontsub.dll
2009-10-15 16:32 . 2002-09-16 12:00 119808 ----a-w- c:\windows\system32\t2embed.dll
2009-10-13 10:34 . 2002-09-16 12:00 270848 ----a-w- c:\windows\system32\oakley.dll
2009-10-12 13:40 . 2002-09-16 12:00 79872 ----a-w- c:\windows\system32\raschap.dll
2009-10-12 13:40 . 2002-09-16 12:00 150016 ----a-w- c:\windows\system32\rastls.dll
2009-10-09 02:02 . 2008-07-29 17:59 613376 ----a-w- c:\windows\system32\uiautomationcore.dll
2009-10-09 02:02 . 2002-09-16 12:00 21504 ----a-w- c:\windows\system32\oleaccrc.dll
2009-10-09 02:02 . 2002-09-16 12:00 220160 ----a-w- c:\windows\system32\oleacc.dll
2009-09-11 14:19 . 2002-09-16 12:00 136192 ----a-w- c:\windows\system32\msv1_0.dll
2009-09-04 21:04 . 2002-09-16 12:00 58880 ----a-w- c:\windows\system32\msasn1.dll
2009-08-26 08:02 . 2002-09-16 12:00 247326 ----a-w- c:\windows\system32\strmdll.dll
2009-08-25 09:19 . 2002-09-16 12:00 354816 ----a-w- c:\windows\system32\winhttp.dll
2009-08-06 17:24 . 2010-06-01 12:23 327896 ----a-w- c:\windows\system32\wucltui.dll
2009-08-06 17:24 . 2010-06-01 12:23 35552 ----a-w- c:\windows\system32\wups.dll
2009-08-06 17:24 . 2010-06-01 11:49 53472 ----a-w- c:\windows\system32\wuauclt.exe
2009-08-06 17:24 . 2002-09-16 12:00 96480 ----a-w- c:\windows\system32\cdm.dll
2009-08-06 17:23 . 2010-06-01 12:23 575704 ----a-w- c:\windows\system32\wuapi.dll
2009-08-06 17:23 . 2010-06-01 11:49 1929952 ----a-w- c:\windows\system32\wuaueng.dll
2009-08-06 17:23 . 2010-06-01 12:23 209624 ----a-w- c:\windows\system32\wuweb.dll
2009-08-05 09:00 . 2002-09-16 12:00 204800 ----a-w- c:\windows\system32\mswebdvd.dll
2009-07-31 08:04 . 2010-06-01 12:45 1372672 ----a-w- c:\windows\system32\msxml6.dll
2009-07-31 04:34 . 2002-09-16 12:00 1172480 ----a-w- c:\windows\system32\msxml3.dll
2009-07-17 19:03 . 2002-09-16 12:00 58880 ----a-w- c:\windows\system32\atl.dll
2009-07-17 16:17 . 2002-09-16 12:00 1438720 ----a-w- c:\windows\system32\query.dll
2009-07-13 21:43 . 2010-06-01 12:23 286208 ------w- c:\windows\system32\wmpdxm.dll
2009-06-25 08:26 . 2002-09-16 12:00 731648 ----a-w- c:\windows\system32\lsasrv.dll
2009-06-25 08:26 . 2002-09-16 12:00 56832 ----a-w- c:\windows\system32\secur32.dll
2009-06-25 08:26 . 2002-09-16 12:00 54272 ----a-w- c:\windows\system32\wdigest.dll
2009-06-25 08:26 . 2002-09-16 12:00 301568 ----a-w- c:\windows\system32\kerberos.dll
2009-06-25 08:26 . 2002-09-16 12:00 147456 ----a-w- c:\windows\system32\schannel.dll
2009-06-24 11:18 . 2002-09-16 12:00 92928 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2009-06-15 10:44 . 2002-09-16 12:00 77824 ----a-w- c:\windows\system32\telnet.exe
2009-06-10 07:21 . 2010-06-01 11:49 2066432 ----a-w- c:\windows\system32\mstscax.dll
2009-06-10 06:16 . 2002-09-16 12:00 132096 ----a-w- c:\windows\system32\wkssvc.dll
2009-05-07 15:33 . 2002-09-16 12:00 346624 ----a-w- c:\windows\system32\localspl.dll
2009-04-15 14:53 . 2002-09-16 12:00 585216 ----a-w- c:\windows\system32\rpcrt4.dll
.

((((((((((((((((((((((((((((( SnapShot@2001-12-31_21.39.36 )))))))))))))))))))))))))))))))))))))))))
.
+ 2002-01-01 11:16 . 2002-01-01 11:16 16384 c:\windows\Temp\Perflib_Perfdata_c4.dat
+ 2002-01-01 11:16 . 2002-01-01 11:16 16384 c:\windows\Temp\Perflib_Perfdata_4c0.dat
- 2001-12-31 21:39 . 2001-12-31 21:39 16384 c:\windows\Temp\Perflib_Perfdata_4c0.dat
- 2010-06-01 12:19 . 2009-01-07 16:20 26144 c:\windows\system32\spupdsvc.exe
+ 2010-06-01 12:19 . 2009-05-12 13:12 26144 c:\windows\system32\spupdsvc.exe
+ 2010-06-07 13:37 . 2009-05-12 13:12 16928 c:\windows\system32\spmsg.dll
- 2002-09-16 12:00 . 2001-12-31 21:17 88702 c:\windows\system32\perfc009.dat
+ 2002-09-16 12:00 . 2002-01-01 01:47 88702 c:\windows\system32\perfc009.dat
+ 2009-03-08 02:31 . 2010-05-06 10:34 55296 c:\windows\system32\msfeedsbs.dll
- 2009-03-08 02:31 . 2010-02-25 06:17 55296 c:\windows\system32\msfeedsbs.dll
- 2002-09-16 12:00 . 2010-02-25 06:17 25600 c:\windows\system32\jsproxy.dll
+ 2002-09-16 12:00 . 2010-05-06 10:34 25600 c:\windows\system32\jsproxy.dll
+ 2010-06-01 10:30 . 2002-01-01 09:21 95864 c:\windows\system32\FNTCACHE.DAT
- 2010-06-01 10:30 . 2010-06-07 13:52 95864 c:\windows\system32\FNTCACHE.DAT
+ 2009-03-08 02:33 . 2010-05-06 10:34 25600 c:\windows\system32\dllcache\jsproxy.dll
- 2009-03-08 02:33 . 2010-02-25 06:17 25600 c:\windows\system32\dllcache\jsproxy.dll
+ 2010-03-05 14:39 . 2010-03-05 14:39 65536 c:\windows\system32\dllcache\asycfilt.dll
+ 2010-04-07 22:48 . 2010-04-07 22:48 32768 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.WasHosting.dll
- 2008-07-29 17:16 . 2008-07-29 17:16 32768 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.ServiceModel.WasHosting.dll
+ 2010-03-23 04:31 . 2010-03-23 04:31 30544 c:\windows\Microsoft.NET\Framework\v2.0.50727\aspnet_wp.exe
- 2003-02-20 19:10 . 2003-02-20 19:10 31744 c:\windows\Microsoft.NET\Framework\v1.1.4322\WMINet_Utils.dll
+ 2004-07-15 01:11 . 2004-07-15 01:11 31744 c:\windows\Microsoft.NET\Framework\v1.1.4322\WMINet_Utils.dll
+ 2004-06-22 12:51 . 2004-06-22 12:51 53248 c:\windows\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe
- 2003-02-21 06:24 . 2003-02-21 06:24 57344 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Web.RegularExpressions.dll
+ 2004-07-15 13:28 . 2004-07-15 13:28 57344 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Web.RegularExpressions.dll
- 2003-02-21 06:26 . 2003-02-21 06:26 77824 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Security.dll
+ 2004-07-15 13:28 . 2004-07-15 13:28 77824 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Security.dll
+ 2004-07-14 23:35 . 2004-07-14 23:35 66560 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.EnterpriseServices.Thunk.dll
+ 2004-07-15 13:28 . 2004-07-15 13:28 90112 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.DirectoryServices.dll
- 2003-02-21 06:26 . 2003-02-21 06:26 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\RegCode.dll
+ 2004-07-15 13:28 . 2004-07-15 13:28 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\RegCode.dll
+ 2004-07-14 23:34 . 2004-07-14 23:34 94208 c:\windows\Microsoft.NET\Framework\v1.1.4322\PerfCounter.dll
- 2003-02-20 18:09 . 2003-02-20 18:09 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsec.dll
+ 2004-07-14 23:33 . 2004-07-14 23:33 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsec.dll
+ 2004-07-14 23:32 . 2004-07-14 23:32 86016 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscordbc.dll
+ 2004-07-15 13:28 . 2004-07-15 13:28 49152 c:\windows\Microsoft.NET\Framework\v1.1.4322\MigPolWin.exe
- 2003-02-21 06:25 . 2003-02-21 06:25 49152 c:\windows\Microsoft.NET\Framework\v1.1.4322\MigPolWin.exe
- 2003-02-21 06:25 . 2003-02-21 06:25 49152 c:\windows\Microsoft.NET\Framework\v1.1.4322\MigPol.exe
+ 2004-07-15 13:28 . 2004-07-15 13:28 49152 c:\windows\Microsoft.NET\Framework\v1.1.4322\MigPol.exe
- 2003-02-21 06:24 . 2003-02-21 06:24 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\IEHost.dll
+ 2004-07-15 13:31 . 2004-07-15 13:31 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\IEHost.dll
+ 2003-10-08 13:30 . 2003-10-08 13:30 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\gacutil.exe
+ 2004-07-15 10:23 . 2004-07-15 10:23 49152 c:\windows\Microsoft.NET\Framework\v1.1.4322\csc.exe
- 2003-02-21 09:20 . 2003-02-21 09:20 49152 c:\windows\Microsoft.NET\Framework\v1.1.4322\csc.exe
+ 2004-07-14 23:32 . 2004-07-14 23:32 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll
- 2003-02-20 18:19 . 2003-02-20 18:19 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe
+ 2004-07-15 00:49 . 2004-07-15 00:49 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe
- 2003-02-20 18:19 . 2003-02-20 18:19 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe
+ 2004-07-15 00:49 . 2004-07-15 00:49 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe
- 2003-02-20 18:19 . 2003-02-20 18:19 20480 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_regiis.exe
+ 2004-07-15 00:49 . 2004-07-15 00:49 20480 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_regiis.exe
+ 2002-01-01 01:42 . 2010-02-25 06:18 12800 c:\windows\ie8updates\KB982381-IE8\xpshims.dll
+ 2002-01-01 01:42 . 2010-02-25 06:17 55296 c:\windows\ie8updates\KB982381-IE8\msfeedsbs.dll
+ 2002-01-01 01:42 . 2010-02-25 06:17 25600 c:\windows\ie8updates\KB982381-IE8\jsproxy.dll
+ 2002-01-01 01:40 . 2002-01-01 01:40 90112 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_e494efe6\System.Drawing.Design.dll
+ 2002-01-01 01:40 . 2002-01-01 01:40 61440 c:\windows\assembly\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a_ff7995f5\CustomMarshalers.dll
+ 2002-01-01 09:26 . 2002-01-01 09:26 60928 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationProvider\b4a9e413d5cd6d6ec2d50aa05381e293\UIAutomationProvider.ni.dll
+ 2002-01-01 09:32 . 2002-01-01 09:32 37888 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Pres#\1c1629f536fa9874ef08d09fb19ab0f0\System.Windows.Presentation.ni.dll
+ 2002-01-01 09:32 . 2002-01-01 09:32 36864 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\1464c662c302ea6372a885161b983732\System.Web.DynamicData.Design.ni.dll
+ 2002-01-01 09:29 . 2002-01-01 09:29 94208 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ComponentMod#\5d535ecadf77ac2d9278a1661beb2855\System.ComponentModel.DataAnnotations.ni.dll
+ 2002-01-01 09:29 . 2002-01-01 09:29 82944 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn.Contra#\f9a75bbdc2ce7db578b5977766a09b99\System.AddIn.Contract.ni.dll
+ 2002-01-01 09:24 . 2002-01-01 09:24 47104 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\e67992626a30603458b0df22841c2423\PresentationFontCache.ni.exe
+ 2002-01-01 09:23 . 2002-01-01 09:23 39424 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\6be27d744e6e2bfc4b0e25bd2998ef7c\PresentationCFFRasterizer.ni.dll
+ 2002-01-01 09:31 . 2002-01-01 09:31 55296 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Vsa\4a52287444c36c89310856b38ff52fe0\Microsoft.Vsa.ni.dll
+ 2002-01-01 09:29 . 2002-01-01 09:29 74752 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\19483d90c96f5d6201f16641dab73fdf\Microsoft.SqlServer.CustomControls.ni.dll
+ 2002-01-01 09:29 . 2002-01-01 09:29 65024 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\d513fe1a81c441e7656a9b062cff4e9f\Microsoft.Build.Framework.ni.dll
+ 2002-01-01 09:29 . 2002-01-01 09:29 74752 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\c5d504724d7f351b1d034615dbb72a2a\Microsoft.Build.Framework.ni.dll
+ 2002-01-01 09:29 . 2002-01-01 09:29 14336 c:\windows\assembly\NativeImages_v2.0.50727_32\dfsvc\a664ccab020f93f1d533919f57131190\dfsvc.ni.exe
+ 2002-01-01 09:29 . 2002-01-01 09:29 25600 c:\windows\assembly\NativeImages_v2.0.50727_32\Accessibility\e63d6d26b8a664cfdfbd4ad75e03c14d\Accessibility.ni.dll
- 2010-06-07 13:46 . 2010-06-07 13:46 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
+ 2002-01-01 01:47 . 2002-01-01 01:47 77824 c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
- 2010-06-07 13:43 . 2010-06-07 13:43 32768 c:\windows\assembly\GAC_MSIL\System.ServiceModel.WasHosting\3.0.0.0__b77a5c561934e089\System.ServiceModel.WasHosting.dll
+ 2002-01-01 01:37 . 2002-01-01 01:37 32768 c:\windows\assembly\GAC_MSIL\System.ServiceModel.WasHosting\3.0.0.0__b77a5c561934e089\System.ServiceModel.WasHosting.dll
- 2010-06-07 13:47 . 2010-06-07 13:47 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
+ 2002-01-01 01:47 . 2002-01-01 01:47 81920 c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
+ 2002-01-01 01:47 . 2002-01-01 01:47 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
- 2010-06-07 13:47 . 2010-06-07 13:47 81920 c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
+ 2002-01-01 01:47 . 2002-01-01 01:47 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
- 2010-06-07 13:47 . 2010-06-07 13:47 32768 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
- 2010-06-07 13:47 . 2010-06-07 13:47 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2002-01-01 01:47 . 2002-01-01 01:47 12800 c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2002-01-01 01:47 . 2002-01-01 01:47 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
- 2010-06-07 13:47 . 2010-06-07 13:47 28672 c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
- 2010-06-07 13:47 . 2010-06-07 13:47 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
+ 2002-01-01 01:47 . 2002-01-01 01:47 77824 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
- 2010-06-07 13:47 . 2010-06-07 13:47 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
+ 2002-01-01 01:47 . 2002-01-01 01:47 36864 c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
- 2010-06-07 13:47 . 2010-06-07 13:47 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
+ 2002-01-01 01:47 . 2002-01-01 01:47 77824 c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
+ 2002-01-01 01:47 . 2002-01-01 01:47 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
- 2010-06-07 13:47 . 2010-06-07 13:47 13312 c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
+ 2002-01-01 01:47 . 2002-01-01 01:47 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
- 2010-06-07 13:47 . 2010-06-07 13:47 10752 c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
- 2010-06-07 13:47 . 2010-06-07 13:47 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2002-01-01 01:47 . 2002-01-01 01:47 72192 c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2002-01-01 01:47 . 2002-01-01 01:47 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
- 2010-06-07 13:47 . 2010-06-07 13:47 69120 c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
+ 2002-01-01 01:39 . 2002-01-01 01:39 57344 c:\windows\assembly\GAC\System.Web.RegularExpressions\1.0.5000.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
- 2010-06-07 13:33 . 2010-06-07 13:33 57344 c:\windows\assembly\GAC\System.Web.RegularExpressions\1.0.5000.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
+ 2002-01-01 01:39 . 2002-01-01 01:39 77824 c:\windows\assembly\GAC\System.Security\1.0.5000.0__b03f5f7f11d50a3a\System.Security.dll
- 2010-06-07 13:33 . 2010-06-07 13:33 77824 c:\windows\assembly\GAC\System.Security\1.0.5000.0__b03f5f7f11d50a3a\System.Security.dll
+ 2002-01-01 01:39 . 2002-01-01 01:39 66560 c:\windows\assembly\GAC\System.EnterpriseServices\1.0.5000.0__b03f5f7f11d50a3a\System.EnterpriseServices.Thunk.dll
+ 2002-01-01 01:39 . 2002-01-01 01:39 90112 c:\windows\assembly\GAC\System.DirectoryServices\1.0.5000.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
- 2010-06-07 13:33 . 2010-06-07 13:33 32768 c:\windows\assembly\GAC\Regcode\1.0.5000.0__b03f5f7f11d50a3a\RegCode.dll
+ 2002-01-01 01:39 . 2002-01-01 01:39 32768 c:\windows\assembly\GAC\Regcode\1.0.5000.0__b03f5f7f11d50a3a\RegCode.dll
- 2010-06-07 13:33 . 2010-06-07 13:33 32768 c:\windows\assembly\GAC\IEHost\1.0.5000.0__b03f5f7f11d50a3a\IEHost.dll
+ 2002-01-01 01:39 . 2002-01-01 01:39 32768 c:\windows\assembly\GAC\IEHost\1.0.5000.0__b03f5f7f11d50a3a\IEHost.dll
+ 2002-01-01 01:47 . 2002-01-01 01:47 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
- 2010-06-07 13:47 . 2010-06-07 13:47 8192 c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
+ 2004-07-15 13:31 . 2004-07-15 13:31 8192 c:\windows\Microsoft.NET\Framework\v1.1.4322\IEExecRemote.dll
- 2010-06-07 13:47 . 2010-06-07 13:47 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
+ 2002-01-01 01:47 . 2002-01-01 01:47 7168 c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
+ 2002-01-01 01:47 . 2002-01-01 01:47 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
- 2010-06-07 13:47 . 2010-06-07 13:47 5632 c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
+ 2002-01-01 01:47 . 2002-01-01 01:47 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
- 2010-06-07 13:47 . 2010-06-07 13:47 6656 c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
+ 2002-01-01 01:47 . 2002-01-01 01:47 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
- 2010-06-07 13:47 . 2010-06-07 13:47 8192 c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
+ 2002-01-01 01:39 . 2002-01-01 01:39 8192 c:\windows\assembly\GAC\IEExecRemote\1.0.5000.0__b03f5f7f11d50a3a\IEExecRemote.dll
+ 2002-01-01 01:47 . 2002-01-01 01:47 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
- 2010-06-07 13:47 . 2010-06-07 13:47 113664 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
- 2010-06-07 13:47 . 2010-06-07 13:47 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
+ 2002-01-01 01:47 . 2002-01-01 01:47 258048 c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
- 2006-10-18 19:47 . 2006-10-18 19:47 295936 c:\windows\system32\wmpeffects.dll
+ 2006-10-18 19:47 . 2008-06-24 16:12 295936 c:\windows\system32\wmpeffects.dll
+ 2002-09-16 12:00 . 2007-10-25 07:28 222720 c:\windows\system32\wmasf.dll
- 2002-09-16 12:00 . 2001-12-31 21:17 487832 c:\windows\system32\perfh009.dat
+ 2002-09-16 12:00 . 2002-01-01 01:47 487832 c:\windows\system32\perfh009.dat
+ 2002-09-16 12:00 . 2002-01-01 01:47 525444 c:\windows\system32\perfh006.dat
- 2002-09-16 12:00 . 2001-12-31 21:17 525444 c:\windows\system32\perfh006.dat
+ 2002-09-16 12:00 . 2002-01-01 01:47 108292 c:\windows\system32\perfc006.dat
- 2002-09-16 12:00 . 2001-12-31 21:17 108292 c:\windows\system32\perfc006.dat
+ 2002-09-16 12:00 . 2010-05-06 10:34 206848 c:\windows\system32\occache.dll
- 2002-09-16 12:00 . 2010-02-25 06:18 206848 c:\windows\system32\occache.dll
- 2002-09-16 12:00 . 2010-02-25 06:18 611840 c:\windows\system32\mstime.dll
+ 2002-09-16 12:00 . 2010-05-06 10:34 611840 c:\windows\system32\mstime.dll
+ 2002-09-16 12:00 . 2006-12-04 14:21 414720 c:\windows\system32\msscp.dll
+ 2009-03-08 02:32 . 2010-05-06 10:34 599040 c:\windows\system32\msfeeds.dll
+ 2002-09-16 12:00 . 2010-05-06 10:34 184320 c:\windows\system32\iepeers.dll
- 2002-09-16 12:00 . 2010-02-25 06:17 184320 c:\windows\system32\iepeers.dll
+ 2002-09-16 12:00 . 2010-05-06 10:34 387584 c:\windows\system32\iedkcs32.dll
- 2002-09-16 12:00 . 2010-02-25 06:17 387584 c:\windows\system32\iedkcs32.dll
- 2002-09-16 12:00 . 2010-02-24 09:53 173056 c:\windows\system32\ie4uinit.exe
+ 2002-09-16 12:00 . 2010-05-05 13:30 173056 c:\windows\system32\ie4uinit.exe
+ 2010-06-01 12:43 . 2007-10-25 07:28 222720 c:\windows\system32\dllcache\wmasf.dll
+ 2010-02-26 05:42 . 2010-05-06 10:34 916480 c:\windows\system32\dllcache\wininet.dll
- 2010-02-26 05:42 . 2010-02-25 06:18 916480 c:\windows\system32\dllcache\wininet.dll
- 2009-03-08 02:34 . 2010-02-25 06:18 206848 c:\windows\system32\dllcache\occache.dll
+ 2009-03-08 02:34 . 2010-05-06 10:34 206848 c:\windows\system32\dllcache\occache.dll
- 2009-03-08 02:32 . 2010-02-25 06:18 611840 c:\windows\system32\dllcache\mstime.dll
+ 2009-03-08 02:32 . 2010-05-06 10:34 611840 c:\windows\system32\dllcache\mstime.dll
+ 2010-06-01 12:43 . 2006-12-04 14:21 414720 c:\windows\system32\dllcache\msscp.dll
- 2010-02-26 05:42 . 2010-02-25 06:17 184320 c:\windows\system32\dllcache\iepeers.dll
+ 2010-02-26 05:42 . 2010-05-06 10:34 184320 c:\windows\system32\dllcache\iepeers.dll
- 2009-03-08 12:09 . 2010-02-25 06:17 387584 c:\windows\system32\dllcache\iedkcs32.dll
+ 2009-03-08 12:09 . 2010-05-06 10:34 387584 c:\windows\system32\dllcache\iedkcs32.dll
+ 2009-03-08 02:32 . 2010-05-05 13:30 173056 c:\windows\system32\dllcache\ie4uinit.exe
- 2009-03-08 02:32 . 2010-02-24 09:53 173056 c:\windows\system32\dllcache\ie4uinit.exe
+ 2010-04-20 05:31 . 2010-04-20 05:31 285696 c:\windows\system32\dllcache\atmfd.dll
+ 2010-04-07 22:48 . 2010-04-07 22:48 970752 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\System.Runtime.Serialization.dll
- 2008-07-29 17:16 . 2008-07-29 17:16 110592 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMdiagnostics.dll
+ 2010-04-07 22:48 . 2010-04-07 22:48 110592 c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMdiagnostics.dll
+ 2010-03-23 04:31 . 2010-03-23 04:31 435024 c:\windows\Microsoft.NET\Framework\v2.0.50727\webengine.dll
+ 2010-02-09 11:22 . 2010-02-09 11:22 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Security.dll
- 2008-07-25 09:17 . 2008-07-25 09:17 258048 c:\windows\Microsoft.NET\Framework\v2.0.50727\System.Security.dll
+ 2009-08-07 22:51 . 2009-08-07 22:51 989016 c:\windows\Microsoft.NET\Framework\v2.0.50727\mscordacwks.dll
- 2003-02-21 09:20 . 2003-02-21 09:20 737280 c:\windows\Microsoft.NET\Framework\v1.1.4322\vbc.exe
+ 2004-07-15 10:23 . 2004-07-15 10:23 737280 c:\windows\Microsoft.NET\Framework\v1.1.4322\vbc.exe
+ 2004-07-15 13:31 . 2004-07-15 13:31 573440 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Web.Services.dll
- 2003-02-21 06:27 . 2003-02-21 06:27 819200 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Web.Mobile.dll
+ 2004-07-15 13:28 . 2004-07-15 13:28 819200 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Web.Mobile.dll
- 2003-02-21 06:27 . 2003-02-21 06:27 126976 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.ServiceProcess.dll
+ 2004-07-15 13:28 . 2004-07-15 13:28 126976 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.ServiceProcess.dll
+ 2004-07-15 13:31 . 2004-07-15 13:31 131072 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Runtime.Serialization.Formatters.Soap.dll
- 2003-02-21 06:26 . 2003-02-21 06:26 131072 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Runtime.Serialization.Formatters.Soap.dll
+ 2004-07-15 13:28 . 2004-07-15 13:28 323584 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Runtime.Remoting.dll
- 2003-02-21 06:26 . 2003-02-21 06:26 323584 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Runtime.Remoting.dll
+ 2004-07-15 13:31 . 2004-07-15 13:31 241664 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Messaging.dll
- 2003-02-21 06:26 . 2003-02-21 06:26 241664 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Messaging.dll
+ 2004-07-15 13:31 . 2004-07-15 13:31 372736 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Management.dll
- 2003-02-21 06:26 . 2003-02-21 06:26 241664 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.EnterpriseServices.dll
+ 2004-07-15 13:28 . 2004-07-15 13:28 241664 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.EnterpriseServices.dll
+ 2004-07-15 13:28 . 2004-07-15 13:28 466944 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Drawing.dll
- 2003-02-21 06:26 . 2003-02-21 06:26 466944 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Drawing.dll
+ 2004-07-15 13:31 . 2004-07-15 13:31 303104 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Data.OracleClient.dll
- 2003-02-20 18:09 . 2003-02-20 18:09 319488 c:\windows\Microsoft.NET\Framework\v1.1.4322\SOS.dll
+ 2004-07-14 23:35 . 2004-07-14 23:35 319488 c:\windows\Microsoft.NET\Framework\v1.1.4322\SOS.dll
+ 2004-08-10 15:20 . 2004-08-10 15:20 106496 c:\windows\Microsoft.NET\Framework\v1.1.4322\netfxupdate.exe
+ 2004-07-14 23:33 . 2004-07-14 23:33 143360 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorrc.dll
- 2003-02-20 18:09 . 2003-02-20 18:09 143360 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorrc.dll
+ 2004-07-14 23:33 . 2004-07-14 23:33 102400 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorld.dll
+ 2004-07-14 23:25 . 2004-07-14 23:25 315392 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll
- 2003-02-20 18:09 . 2003-02-20 18:09 233472 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscordbi.dll
+ 2004-07-14 23:32 . 2004-07-14 23:32 233472 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscordbi.dll
+ 2004-07-15 13:28 . 2004-07-15 13:28 299008 c:\windows\Microsoft.NET\Framework\v1.1.4322\Microsoft.VisualBasic.dll
- 2003-02-21 06:26 . 2003-02-21 06:26 299008 c:\windows\Microsoft.NET\Framework\v1.1.4322\Microsoft.VisualBasic.dll
+ 2004-07-15 13:28 . 2004-07-15 13:28 720896 c:\windows\Microsoft.NET\Framework\v1.1.4322\Microsoft.JScript.dll
+ 2004-07-14 23:35 . 2004-07-14 23:35 196608 c:\windows\Microsoft.NET\Framework\v1.1.4322\ilasm.exe
- 2003-02-20 18:09 . 2003-02-20 18:09 196608 c:\windows\Microsoft.NET\Framework\v1.1.4322\ilasm.exe
+ 2004-07-14 23:24 . 2004-07-14 23:24 282624 c:\windows\Microsoft.NET\Framework\v1.1.4322\fusion.dll
- 2003-02-20 18:06 . 2003-02-20 18:06 282624 c:\windows\Microsoft.NET\Framework\v1.1.4322\fusion.dll
- 2003-02-21 09:21 . 2003-02-21 09:21 626688 c:\windows\Microsoft.NET\Framework\v1.1.4322\cscomp.dll
+ 2004-07-15 10:23 . 2004-07-15 10:23 626688 c:\windows\Microsoft.NET\Framework\v1.1.4322\cscomp.dll
+ 2004-07-15 00:49 . 2004-07-15 00:49 258048 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll
+ 2010-02-24 23:14 . 2010-02-24 23:14 543232 c:\windows\Installer\d4985a.msp
+ 2002-01-01 01:42 . 2010-02-25 06:18 916480 c:\windows\ie8updates\KB982381-IE8\wininet.dll
+ 2002-01-01 01:42 . 2010-02-22 14:21 394616 c:\windows\ie8updates\KB982381-IE8\spuninst\updspapi.dll
+ 2002-01-01 01:42 . 2008-07-08 13:00 232824 c:\windows\ie8updates\KB982381-IE8\spuninst\spuninst.exe
+ 2002-01-01 01:42 . 2010-02-25 06:18 206848 c:\windows\ie8updates\KB982381-IE8\occache.dll
+ 2002-01-01 01:42 . 2010-02-25 06:18 611840 c:\windows\ie8updates\KB982381-IE8\mstime.dll
+ 2002-01-01 01:42 . 2010-02-25 06:17 594432 c:\windows\ie8updates\KB982381-IE8\msfeeds.dll
+ 2002-01-01 01:42 . 2010-02-25 06:17 247808 c:\windows\ie8updates\KB982381-IE8\ieproxy.dll
+ 2002-01-01 01:42 . 2010-02-25 06:17 184320 c:\windows\ie8updates\KB982381-IE8\iepeers.dll
+ 2002-01-01 01:42 . 2009-03-08 02:35 742912 c:\windows\ie8updates\KB982381-IE8\iedvtool.dll
+ 2002-01-01 01:42 . 2010-02-25 06:17 387584 c:\windows\ie8updates\KB982381-IE8\iedkcs32.dll
+ 2002-01-01 01:42 . 2010-02-24 09:53 173056 c:\windows\ie8updates\KB982381-IE8\ie4uinit.exe
+ 2002-01-01 01:44 . 2002-01-01 01:44 835584 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_2778aa03\System.Drawing.dll
+ 2002-01-01 01:46 . 2002-01-01 01:46 192512 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_e3d92306\System.Drawing.Design.dll
+ 2002-01-01 01:46 . 2002-01-01 01:46 118784 c:\windows\assembly\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a_692d667b\CustomMarshalers.dll
+ 2002-01-01 09:29 . 2002-01-01 09:29 321536 c:\windows\assembly\NativeImages_v2.0.50727_32\WsatConfig\4d07b1ccecca66f320c1a0971dd614d1\WsatConfig.ni.exe
+ 2002-01-01 09:26 . 2002-01-01 09:26 240128 c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\a7c702f75d47bf841b9587e582c2d0b2\WindowsFormsIntegration.ni.dll
+ 2002-01-01 09:26 . 2002-01-01 09:26 187904 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\6f488b7644dc50a083868e91a4014466\UIAutomationTypes.ni.dll
+ 2002-01-01 09:26 . 2002-01-01 09:26 447488 c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClient\3a78043c85333d5af49a0d958912ae4a\UIAutomationClient.ni.dll
+ 2002-01-01 09:33 . 2002-01-01 09:33 400896 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\747e84d81d1de2041661f0f71b04734a\System.Xml.Linq.ni.dll
+ 2002-01-01 09:32 . 2002-01-01 09:32 129536 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\d51dfbd8d5431eb89181baaa24863e15\System.Web.Routing.ni.dll
+ 2002-01-01 09:32 . 2002-01-01 09:32 202240 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\436dde9611932489da3dc8a1be170843\System.Web.RegularExpressions.ni.dll
+ 2002-01-01 09:32 . 2002-01-01 09:32 859648 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\e8ef769b3e899e62b26daadee50b97ed\System.Web.Extensions.Design.ni.dll
+ 2002-01-01 09:32 . 2002-01-01 09:32 328704 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\ce3b446b7bee5c47949c994ec89b1649\System.Web.Entity.ni.dll
+ 2002-01-01 09:32 . 2002-01-01 09:32 301056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\ad04fe1182e55e7c01066b62a4bee6b5\System.Web.Entity.Design.ni.dll
+ 2002-01-01 09:32 . 2002-01-01 09:32 547328 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\20ba0d4d182a1a9c1f54c00d3bc29a68\System.Web.DynamicData.ni.dll
+ 2002-01-01 09:32 . 2002-01-01 09:32 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\c97ecf9250c2f0794262534f27f98b72\System.Web.Abstractions.ni.dll
+ 2002-01-01 09:31 . 2002-01-01 09:31 627200 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\9c56656c88979cf18de6cbcb6587ba8f\System.Transactions.ni.dll
+ 2002-01-01 09:31 . 2002-01-01 09:31 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\5adb0f89d469632511aed9d88cfe05c4\System.ServiceProcess.ni.dll
+ 2002-01-01 09:29 . 2002-01-01 09:29 679936 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Security\42b2ffb594dbd5652a576a0dce28722c\System.Security.ni.dll
+ 2002-01-01 09:31 . 2002-01-01 09:31 311296 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\3231473e2ec4451c8f218930fda80d19\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2002-01-01 09:31 . 2002-01-01 09:31 621056 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Net\f90965b9d9a6a6604c9a66f57c37c026\System.Net.ni.dll
+ 2002-01-01 09:31 . 2002-01-01 09:31 998400 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\16670b6870746e5a8dc4a73a76a90bed\System.Management.ni.dll
+ 2002-01-01 09:31 . 2002-01-01 09:31 330752 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.I#\e6bd59fec415e273c173170c6508180a\System.Management.Instrumentation.ni.dll
+ 2002-01-01 09:28 . 2002-01-01 09:28 381440 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IO.Log\e3eb86170cba4c80e6e22ca33c63c218\System.IO.Log.ni.dll
+ 2002-01-01 09:29 . 2002-01-01 09:29 212992 c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\cfa48936affc9a5fb89f0bf66cc52a47\System.IdentityModel.Selectors.ni.dll
+ 2002-01-01 09:31 . 2002-01-01 09:31 280064 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\e9edc5cd12ebb513b4a3c53cb4640771\System.EnterpriseServices.Wrapper.dll
+ 2002-01-01 09:31 . 2002-01-01 09:31 627712 c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\e9edc5cd12ebb513b4a3c53cb4640771\System.EnterpriseServices.ni.dll
+ 2002-01-01 09:25 . 2002-01-01 09:25 208384 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\aeba6820f20655dec7fe0fe05aaeb818\System.Drawing.Design.ni.dll
+ 2002-01-01 09:31 . 2002-01-01 09:31 455680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\9ef70079beca3a9982a3aa76ebc0ddd8\System.DirectoryServices.Protocols.ni.dll
+ 2002-01-01 09:31 . 2002-01-01 09:31 881152 c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\277619716d9136216065bea970365c65\System.DirectoryServices.AccountManagement.ni.dll
+ 2002-01-01 09:31 . 2002-01-01 09:31 939008 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\90b67e13866b176ae6cbdb23144f724d\System.Data.Services.Client.ni.dll
+ 2002-01-01 09:31 . 2002-01-01 09:31 354816 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\131a477d41a8669b15696128b94c2636\System.Data.Services.Design.ni.dll
+ 2002-01-01 09:31 . 2002-01-01 09:31 756736 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity.#\d4990681ce373d81a52b231ee4c4afea\System.Data.Entity.Design.ni.dll
+ 2002-01-01 09:29 . 2002-01-01 09:29 135680 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.DataSet#\9e9d66a3a0e16fceead505c25af569eb\System.Data.DataSetExtensions.ni.dll
+ 2002-01-01 09:29 . 2002-01-01 09:29 971264 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\631b3eba1ba5bd3c3f027f34011cadeb\System.Configuration.ni.dll
+ 2002-01-01 09:31 . 2002-01-01 09:31 141312 c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\39e4f9a276fb12125d8a1444d8b65a84\System.Configuration.Install.ni.dll
+ 2002-01-01 09:29 . 2002-01-01 09:29 633856 c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn\849916c5cb3ff7763d15a3976766c2f6\System.AddIn.ni.dll
+ 2002-01-01 09:29 . 2002-01-01 09:29 366080 c:\windows\assembly\NativeImages_v2.0.50727_32\SMSvcHost\f38a426b90e6c526dcb2c435c7380450\SMSvcHost.ni.exe
+ 2002-01-01 09:29 . 2002-01-01 09:29 256000 c:\windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\6cabc7d1700c224e8b41ff2f96a3087c\SMDiagnostics.ni.dll
+ 2002-01-01 09:29 . 2002-01-01 09:29 320512 c:\windows\assembly\NativeImages_v2.0.50727_32\ServiceModelReg\5c8f5ca36498f43980d64820d8186c8a\ServiceModelReg.ni.exe
+ 2002-01-01 09:24 . 2002-01-01 09:24 258048 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\ae733e4062edba3a33bb0a632bef66bf\PresentationFramework.Royale.ni.dll
+ 2002-01-01 09:24 . 2002-01-01 09:24 368128 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\3ffad524016f0aba7b11a8aa33301a65\PresentationFramework.Aero.ni.dll
+ 2002-01-01 09:24 . 2002-01-01 09:24 224768 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\201968d038a23a4688310fed1eeaddaa\PresentationFramework.Classic.ni.dll
+ 2002-01-01 09:24 . 2002-01-01 09:24 539648 c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\1ead87ca8eb84c595c77c70e3b2df88d\PresentationFramework.Luna.ni.dll
+ 2002-01-01 09:29 . 2002-01-01 09:29 133632 c:\windows\assembly\NativeImages_v2.0.50727_32\MSBuild\7700963610c1af364aa934c3c824b7b4\MSBuild.ni.exe
+ 2002-01-01 09:28 . 2002-01-01 09:28 386560 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\c74d4c69c49992dfb23ba512081dc3de\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2002-01-01 09:29 . 2002-01-01 09:29 530432 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\bcb654e06785eb51997a3fbfb882ab15\Microsoft.SqlServer.GridControl.ni.dll
+ 2002-01-01 09:29 . 2002-01-01 09:29 989184 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\9a137af3822978e604c5f15e64fa1465\Microsoft.SqlServer.WizardFrameworkLite.ni.dll
+ 2002-01-01 09:29 . 2002-01-01 09:29 355840 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\958aeaaed7f9cd02a73e59d6f6e77e65\Microsoft.SqlServer.Setup.ni.dll
+ 2002-01-01 09:29 . 2002-01-01 09:29 231936 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.NetEnterp#\712e6a5a867ba392f3448c4180462190\Microsoft.NetEnterpriseServers.ExceptionMessageBox.ni.dll
+ 2002-01-01 09:29 . 2002-01-01 09:29 144384 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\a6a9f24b1a8984eaafbabb1ee968e359\Microsoft.Build.Utilities.ni.dll
+ 2002-01-01 09:29 . 2002-01-01 09:29 175104 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\2fa81d363cb1496be2427d848a867409\Microsoft.Build.Utilities.v3.5.ni.dll
+ 2002-01-01 09:29 . 2002-01-01 09:29 839680 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\c4c360df9c1024ebc3f0de77f5cf8b1c\Microsoft.Build.Engine.ni.dll
+ 2002-01-01 09:29 . 2002-01-01 09:29 222720 c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Con#\c9386dcd89c2518a74115f3bfd861830\Microsoft.Build.Conversion.v3.5.ni.dll
+ 2002-01-01 09:29 . 2002-01-01 09:29 220672 c:\windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\77688ce14f221ed94a9f442ae4736123\CustomMarshalers.ni.dll
+ 2002-01-01 09:28 . 2002-01-01 09:28 410112 c:\windows\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\abb62e3ed74c974f0282bc7ea5d3f1c1\ComSvcConfig.ni.exe
+ 2002-01-01 09:29 . 2002-01-01 09:29 842240 c:\windows\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\6d34f00b6a782d15bec70d6cdb00b5e8\AspNetMMCExt.ni.dll
- 2010-06-07 13:46 . 2010-06-07 13:46 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
+ 2002-01-01 01:47 . 2002-01-01 01:47 839680 c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
- 2010-06-07 13:46 . 2010-06-07 13:46 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
+ 2002-01-01 01:47 . 2002-01-01 01:47 835584 c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
+ 2002-01-01 01:47 . 2002-01-01 01:47 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
- 2010-06-07 13:47 . 2010-06-07 13:47 114688 c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
- 2010-06-07 13:47 . 2010-06-07 13:47 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2002-01-01 01:47 . 2002-01-01 01:47 258048 c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2002-01-01 01:37 . 2002-01-01 01:37 970752 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll
+ 2002-01-01 01:47 . 2002-01-01 01:47 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
- 2010-06-07 13:47 . 2010-06-07 13:47 131072 c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
- 2010-06-07 13:47 . 2010-06-07 13:47 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2002-01-01 01:47 . 2002-01-01 01:47 303104 c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
- 2010-06-07 13:47 . 2010-06-07 13:47 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2002-01-01 01:47 . 2002-01-01 01:47 258048 c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
- 2010-06-07 13:47 . 2010-06-07 13:47 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2002-01-01 01:47 . 2002-01-01 01:47 372736 c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2002-01-01 01:37 . 2002-01-01 01:37 438272 c:\windows\assembly\GAC_MSIL\System.IdentityModel\3.0.0.0__b77a5c561934e089\System.IdentityModel.dll
+ 2002-01-01 01:47 . 2002-01-01 01:47 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
- 2010-06-07 13:47 . 2010-06-07 13:47 626688 c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2002-01-01 01:47 . 2002-01-01 01:47 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
- 2010-06-07 13:47 . 2010-06-07 13:47 401408 c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
- 2010-06-07 13:47 . 2010-06-07 13:47 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2002-01-01 01:47 . 2002-01-01 01:47 188416 c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
+ 2002-01-01 01:47 . 2002-01-01 01:47 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
- 2010-06-07 13:47 . 2010-06-07 13:47 970752 c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2002-01-01 01:47 . 2002-01-01 01:47 745472 c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
- 2010-06-07 13:47 . 2010-06-07 13:47 745472 c:\windows\assembly\GAC_MS

Synes godt om

f-arn Guru

12. juni 2010 - 12:58 #9

Højreklik på skrivebordet og vælg ny->tekstdokument og kopier det fremhævede ind og gem filen som CFScript

--------------

Killall::
Snapshot::

-------------

Da Combofix kan konflikte med dine sikkerhedsprogrammer er det vigtigt at du deaktiverer dem.

Tag så fat i den nye fil med musen, og før den hen over Combofix-filen, hvorefter du "giver slip" med musen.
http://www.fromsej.saknet.dk/billeder/cfscript.gif

Så skulle Combofix gerne give sig til at arbejde. Muligvis vil den kræve en genstart, hvilket du skal tillade. Du bør ikke klikke på vinduet imens værktøjet kører, idet det kan få din computer til at fryse.
Når Combofix er færdig, og efter det (muligvis) har genstartet, skulle der gerne åbnes en logfil: combofix.txt som ligger her C:\ Combofix.txt

Indholdet af denne fil må du gerne lægge herind.

Synes godt om

lasse0000 Novice

13. juni 2010 - 22:53 #10

Så fik jeg lavet lidt, Combofix, laver identisk log, prøvede et par gange, valgte så at køre en hijack, håber det giver samme udbytte. Maskinen kører egentlig stabilt, men blinker lidt uroligt indimellem, så der er nok et eller andet der ikke er som det skal være, jeg hentede en driver til mit pinnacle tunerkort via drivermax, og derefter har jeg haft balladen.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:46:36, on 13-06-2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmer\Alwil Software\Avast4\aswUpdSv.exe
C:\Programmer\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Programmer\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmer\Java\jre6\bin\jqs.exe
C:\Programmer\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Programmer\Alwil Software\Avast4\ashMaiSv.exe
C:\Programmer\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
F:\værktøj\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.dk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programmer\Fælles filer\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programmer\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: WOT Helper - {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Programmer\WOT\WOT.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmer\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programmer\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: WOT - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Programmer\WOT\WOT.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programmer\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programmer\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Programmer\Fælles filer\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [swg] "C:\Programmer\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\lars\Lokale indstillinger\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Google Sidewiki ... - res://C:\Programmer\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_2EC7709873947E87.dll/cmsidewiki.html
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1275397416390
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Programmer\WOT\WOT.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Programmer\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Programmer\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Programmer\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Programmer\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Tjenesten Google Update (gupdate) (gupdate) - Google Inc. - C:\Programmer\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Programmer\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programmer\Java\jre6\bin\jqs.exe
O23 - Service: TVService - Team MediaPortal - C:\Programmer\Team MediaPortal\MediaPortal TV Server\TVService.exe

--
End of file - 4719 bytes

Synes godt om

f-arn Guru

14. juni 2010 - 00:14 #11

Kom nu bare mmed den Combofix log lavet med et CFScript.
En HijackThis log gi'r bestemt ikke det samme.

Synes godt om

lasse0000 Novice

14. juni 2010 - 20:27 #12

Det troede jeg, men gør selvfølgelig, som der bliver anbefalet. Vedlægger en frisk Combofix log.

ComboFix 10-06-14.01 - lars 14-06-2010 20:12:57.5.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.45.1030.18.1023.736 [GMT 2:00]
Kører fra: c:\documents and settings\lars\Skrivebord\ComboFix.exe
Kommandoer benyttet :: c:\documents and settings\lars\Skrivebord\CFScript.txt
AV: avast! antivirus 4.8.1368 [VPS 100614-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
.

((((((((((((((((((((((((((((( Filer skabt fra 2010-05-14 til 2010-06-14 )))))))))))))))))))))))))))))))))))
.

2010-06-13 17:50 . 2010-06-13 18:19 -------- d-----w- c:\documents and settings\lars\Lokale indstillinger\Application Data\Adobe
2010-06-13 17:46 . 2010-06-13 17:47 -------- d-----w- c:\programmer\Fælles filer\Adobe
2010-06-12 23:09 . 2010-06-12 23:09 -------- d-----w- c:\documents and settings\lars\Application Data\Download Manager
2010-06-12 20:34 . 2010-06-12 20:34 133 ----a-w- c:\documents and settings\lars\Lokale indstillinger\Application Data\fusioncache.dat
2010-06-12 20:34 . 2010-06-12 20:47 -------- d-----w- c:\documents and settings\lars\Lokale indstillinger\Application Data\ApplicationHistory
2010-06-11 16:35 . 2010-05-06 10:34 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll
2010-06-11 11:08 . 2010-06-11 11:08 -------- d-----w- C:\32788R22FWJFW.1.tmp
2010-06-11 10:47 . 2010-06-11 10:47 -------- d-----w- c:\documents and settings\lars\Application Data\Windows Search
2010-06-11 08:57 . 2010-06-11 08:57 -------- d-----w- c:\documents and settings\lars\Application Data\MSN6
2010-06-11 08:57 . 2010-06-11 08:57 -------- d-----w- c:\documents and settings\All Users\Application Data\MSN6
2010-06-08 07:01 . 2010-06-08 07:01 -------- d-----w- c:\documents and settings\lars\DoctorWeb
2010-06-08 06:26 . 2008-04-14 07:05 26624 ----a-w- c:\documents and settings\LocalService\Application Data\Microsoft\UPnP Device Host\upnphost\udhisapi.dll
2010-06-07 19:37 . 2002-01-01 10:19 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2010-06-07 19:26 . 2010-06-07 19:26 57344 ----a-w- c:\documents and settings\All Users\Application Data\DivX\RunAsUser\RUNASUSERPROCESS.dll
2010-06-07 19:21 . 2010-06-07 19:21 57409 ----a-w- c:\documents and settings\All Users\Application Data\DivX\ControlPanel\Uninstaller.exe
2010-06-07 19:21 . 2010-06-07 19:21 52963 ----a-w- c:\documents and settings\All Users\Application Data\DivX\MSVC80CRTRedist\Uninstaller.exe
2010-06-07 19:21 . 2010-06-07 19:21 54073 ----a-w- c:\documents and settings\All Users\Application Data\DivX\Qt4.5\Uninstaller.exe
2010-06-07 19:21 . 2010-06-07 19:21 -------- d-----w- c:\programmer\Fælles filer\DivX Shared
2010-06-07 19:21 . 2010-06-07 19:21 56969 ----a-w- c:\documents and settings\All Users\Application Data\DivX\ASPEncoder\Uninstaller.exe
2010-06-07 19:20 . 2010-06-07 19:22 -------- d-----w- c:\programmer\DivX
2010-06-07 19:19 . 2010-06-07 19:22 -------- d-----w- c:\documents and settings\All Users\Application Data\DivX
2010-06-07 18:17 . 2010-06-07 18:17 -------- d-----w- c:\programmer\Microsoft.NET
2010-06-07 18:16 . 2010-06-07 18:16 -------- d-----w- c:\programmer\MSXML 6.0
2010-06-07 18:14 . 2010-06-07 18:19 -------- d-----w- c:\programmer\Microsoft SQL Server
2010-06-07 18:13 . 2010-06-07 18:20 -------- d-----w- c:\documents and settings\All Users\Application Data\Team MediaPortal
2010-06-07 18:12 . 2008-07-31 08:41 68616 ----a-w- c:\windows\system32\XAPOFX1_1.dll
2010-06-07 18:12 . 2008-07-31 08:40 509448 ----a-w- c:\windows\system32\XAudio2_2.dll
2010-06-07 18:12 . 2008-07-31 08:41 238088 ----a-w- c:\windows\system32\xactengine3_2.dll
2010-06-07 18:12 . 2008-07-12 06:18 1493528 ----a-w- c:\windows\system32\D3DCompiler_39.dll
2010-06-07 18:12 . 2008-07-12 06:18 467984 ----a-w- c:\windows\system32\d3dx10_39.dll
2010-06-07 18:12 . 2008-07-12 06:18 3851784 ----a-w- c:\windows\system32\D3DX9_39.dll
2010-06-07 18:12 . 2008-05-30 12:19 507400 ----a-w- c:\windows\system32\XAudio2_1.dll
2010-06-07 18:12 . 2008-05-30 12:17 65032 ----a-w- c:\windows\system32\XAPOFX1_0.dll
2010-06-07 18:10 . 2010-06-07 18:10 -------- d-----w- c:\windows\Logs
2010-06-07 17:17 . 2010-06-07 18:20 -------- d-----w- c:\programmer\Team MediaPortal
2010-06-07 16:37 . 2010-06-07 16:37 -------- d-----w- c:\documents and settings\lars\Application Data\Malwarebytes
2010-06-07 16:37 . 2010-04-29 13:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-06-07 16:37 . 2010-06-07 16:37 -------- d-----w- c:\programmer\Malwarebytes' Anti-Malware
2010-06-07 16:37 . 2010-06-07 16:37 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2010-06-07 16:37 . 2010-04-29 13:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-06-07 15:51 . 2010-06-12 20:48 -------- d-----w- c:\documents and settings\lars\Lokale indstillinger\Application Data\Temp
2010-06-07 15:38 . 2008-04-13 09:46 15232 -c--a-w- c:\windows\system32\dllcache\mpe.sys
2010-06-07 15:38 . 2008-04-13 09:46 15232 ----a-w- c:\windows\system32\drivers\MPE.sys
2010-06-07 15:37 . 2008-04-14 07:05 363520 -c--a-w- c:\windows\system32\dllcache\psisdecd.dll
2010-06-07 15:37 . 2008-04-14 07:05 363520 ----a-w- c:\windows\system32\PsisDecd.dll
2010-06-07 15:37 . 2008-04-13 09:46 11776 -c--a-w- c:\windows\system32\dllcache\bdasup.sys
2010-06-07 15:37 . 2008-04-13 09:46 11776 ----a-w- c:\windows\system32\drivers\BdaSup.sys
2010-06-07 15:37 . 2010-06-07 15:37 -------- dc----w- c:\windows\system32\DRVSTORE
2010-06-07 15:37 . 2006-12-18 15:53 1121536 ----a-w- c:\windows\system32\drivers\3xHybrid.sys
2010-06-07 15:37 . 2003-02-27 08:07 3072 ----a-w- c:\windows\system32\34CoInstaller.dll
2010-06-07 14:17 . 2010-06-07 14:17 -------- d-----w- c:\documents and settings\lars\Lokale indstillinger\Application Data\Innovative Solutions
2010-06-07 14:17 . 2010-06-07 14:17 -------- d-----w- c:\documents and settings\All Users\Application Data\Innovative Solutions
2010-06-07 14:00 . 2010-06-07 14:00 -------- d-----w- c:\programmer\Speccy
2010-06-07 13:57 . 2010-06-07 13:57 -------- d-----w- c:\programmer\CCleaner
2010-06-07 13:43 . 2010-06-07 13:43 -------- d-----w- c:\windows\system32\XPSViewer
2010-06-07 13:43 . 2010-06-07 13:43 -------- d-----w- c:\programmer\MSBuild
2010-06-07 13:43 . 2010-06-07 13:43 -------- d-----w- c:\programmer\Reference Assemblies
2010-06-07 13:42 . 2008-07-06 12:06 89088 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll
2010-06-07 13:42 . 2008-07-06 12:06 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2010-06-07 13:42 . 2008-07-06 12:06 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll
2010-06-07 13:42 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll
2010-06-07 13:42 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll
2010-06-07 13:42 . 2008-07-06 10:50 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2010-06-07 13:42 . 2008-07-06 10:50 597504 ------w- c:\windows\system32\Spool\prtprocs\w32x86\printfilterpipelinesvc.exe
2010-06-07 13:42 . 2008-07-06 12:06 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll
2010-06-07 13:42 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\xpssvcs.dll
2010-06-07 13:42 . 2010-06-07 13:42 -------- d-----w- C:\d48e3c61ea876d5c833a368f98
2010-06-07 13:38 . 2010-06-07 13:38 -------- d-----w- c:\documents and settings\lars\Lokale indstillinger\Application Data\Identities
2010-06-07 13:38 . 2010-06-07 13:38 -------- d-----w- c:\documents and settings\lars\Application Data\Windows Desktop Search
2010-06-07 13:38 . 2010-06-07 13:38 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache
2010-06-07 13:38 . 2010-06-12 20:35 -------- d-----w- c:\programmer\Windows Desktop Search
2010-06-07 13:38 . 2010-06-07 13:38 -------- d-----w- c:\windows\system32\GroupPolicy
2010-06-07 13:37 . 2008-03-07 17:02 98304 -c----w- c:\windows\system32\dllcache\nlhtml.dll
2010-06-07 13:37 . 2008-03-07 17:02 29696 -c----w- c:\windows\system32\dllcache\mimefilt.dll
2010-06-07 13:37 . 2008-03-07 17:02 192000 -c----w- c:\windows\system32\dllcache\offfilt.dll
2010-06-07 13:37 . 2010-06-07 13:37 -------- d-----w- c:\programmer\Windows Media Connect 2
2010-06-07 13:35 . 2010-06-07 13:36 -------- d-----w- c:\windows\system32\drivers\UMDF
2010-06-07 13:35 . 2010-06-07 13:35 -------- d-----w- c:\windows\system32\LogFiles
2010-06-07 13:33 . 2010-06-07 13:34 -------- d-----w- c:\windows\system32\URTTemp
2010-06-07 13:25 . 2010-06-07 13:25 -------- d-sh--w- c:\documents and settings\lars\IECompatCache
2010-06-07 13:24 . 2010-06-07 13:24 -------- d-sh--w- c:\documents and settings\lars\PrivacIE
2010-06-07 13:18 . 2010-06-07 13:18 -------- d-sh--w- c:\documents and settings\lars\IETldCache
2010-06-07 13:16 . 2010-04-16 11:43 41984 -c----w- c:\windows\system32\dllcache\iecompat.dll
2010-06-07 13:15 . 2002-01-01 01:42 -------- d-----w- c:\windows\ie8updates
2010-06-07 13:15 . 2010-05-06 10:34 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2010-06-07 13:15 . 2010-05-06 10:34 599040 -c----w- c:\windows\system32\dllcache\msfeeds.dll
2010-06-07 13:15 . 2010-05-06 10:34 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
2010-06-07 13:15 . 2010-05-06 10:34 1985536 -c----w- c:\windows\system32\dllcache\iertutil.dll
2010-06-07 13:15 . 2010-05-06 10:34 247808 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2010-06-07 13:15 . 2010-05-06 10:34 11076096 -c----w- c:\windows\system32\dllcache\ieframe.dll
2010-06-07 13:14 . 2010-06-07 13:15 -------- dc-h--w- c:\windows\ie8
2010-06-03 07:14 . 2008-04-14 07:05 221184 ----a-w- c:\windows\system32\wmpns.dll
2010-06-02 06:09 . 2010-04-08 00:50 1496064 ----a-w- c:\documents and settings\lars\Application Data\Mozilla\Firefox\Profiles\sd41e0ao.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll
2010-06-02 06:09 . 2010-04-08 00:50 43008 ----a-w- c:\documents and settings\lars\Application Data\Mozilla\Firefox\Profiles\sd41e0ao.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbarloader.dll
2010-06-02 06:09 . 2010-04-08 00:50 338944 ----a-w- c:\documents and settings\lars\Application Data\Mozilla\Firefox\Profiles\sd41e0ao.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\libraries\googletoolbar-ff2.dll
2010-06-02 06:09 . 2010-04-08 00:50 346112 ----a-w- c:\documents and settings\lars\Application Data\Mozilla\Firefox\Profiles\sd41e0ao.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\libraries\googletoolbar-ff3.dll
2010-06-02 06:08 . 2010-06-02 06:08 0 ----a-w- c:\windows\nsreg.dat
2010-06-02 06:08 . 2010-06-02 06:08 -------- d-----w- c:\documents and settings\lars\Lokale indstillinger\Application Data\Mozilla
2010-06-01 14:53 . 2010-06-01 14:53 -------- d-----w- c:\programmer\Fælles filer\Java
2010-06-01 14:53 . 2010-06-01 14:53 503808 ----a-w- c:\documents and settings\lars\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-2280a7a2-n\msvcp71.dll
2010-06-01 14:53 . 2010-06-01 14:53 499712 ----a-w- c:\documents and settings\lars\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-2280a7a2-n\jmc.dll
2010-06-01 14:53 . 2010-06-01 14:53 348160 ----a-w- c:\documents and settings\lars\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-2280a7a2-n\msvcr71.dll
2010-06-01 14:53 . 2010-06-01 14:53 61440 ----a-w- c:\documents and settings\lars\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-54f8b941-n\decora-sse.dll
2010-06-01 14:53 . 2010-06-01 14:53 12800 ----a-w- c:\documents and settings\lars\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-54f8b941-n\decora-d3d.dll
2010-06-01 14:52 . 2010-06-01 14:52 411368 ----a-w- c:\windows\system32\deployJava1.dll
2010-06-01 14:52 . 2010-06-01 14:52 -------- d-----w- c:\programmer\Java
2010-06-01 14:51 . 2010-06-01 14:51 -------- d-----w- c:\windows\system32\Adobe
2010-06-01 14:32 . 2010-06-01 14:32 -------- d-----w- c:\documents and settings\NetworkService\Lokale indstillinger\Application Data\Google
2010-06-01 14:28 . 2010-06-01 14:28 -------- d-----w- c:\programmer\WOT
2010-06-01 14:27 . 2010-06-01 14:27 -------- d-----w- c:\documents and settings\LocalService\Lokale indstillinger\Application Data\Google
2010-06-01 14:27 . 2010-06-14 10:23 -------- d-----w- c:\documents and settings\lars\Lokale indstillinger\Application Data\Google
2010-06-01 14:26 . 2010-06-09 13:16 -------- d-----w- c:\programmer\Google
2010-06-01 13:25 . 2010-02-12 10:03 293376 ------w- c:\windows\system32\browserchoice.exe
2010-06-01 13:24 . 2010-02-24 13:11 455680 -c----w- c:\windows\system32\dllcache\mrxsmb.sys
2010-06-01 13:23 . 2009-10-23 15:28 3558912 -c----w- c:\windows\system32\dllcache\moviemk.exe
2010-06-01 13:23 . 2009-12-31 16:50 353792 -c----w- c:\windows\system32\dllcache\srv.sys
2010-06-01 13:22 . 2009-10-15 16:32 81920 -c----w- c:\windows\system32\dllcache\fontsub.dll
2010-06-01 13:22 . 2009-10-15 16:32 119808 -c----w- c:\windows\system32\dllcache\t2embed.dll
2010-06-01 13:22 . 2009-11-21 15:58 471552 -c----w- c:\windows\system32\dllcache\aclayers.dll
2010-06-01 13:20 . 2009-06-21 21:48 153088 -c----w- c:\windows\system32\dllcache\triedit.dll
2010-06-01 13:17 . 2009-07-31 04:34 1172480 -c----w- c:\windows\system32\dllcache\msxml3.dll
2010-06-01 13:17 . 2008-10-15 16:37 337408 -c----w- c:\windows\system32\dllcache\netapi32.dll
2010-06-01 13:17 . 2008-05-01 14:36 331776 -c----w- c:\windows\system32\dllcache\msadce.dll
2010-06-01 13:17 . 2008-06-14 17:35 272256 -c----w- c:\windows\system32\dllcache\bthport.sys
2010-06-01 13:16 . 2008-05-08 14:02 203136 -c----w- c:\windows\system32\dllcache\rmcast.sys

.
(((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-06-12 20:46 . 2002-09-16 12:00 525444 ----a-w- c:\windows\system32\perfh006.dat
2010-06-12 20:46 . 2002-09-16 12:00 108292 ----a-w- c:\windows\system32\perfc006.dat
2010-06-10 13:44 . 2010-06-07 19:22 -------- d-----w- c:\documents and settings\lars\Application Data\DivX
2010-06-01 14:39 . 2010-06-01 14:39 -------- d-----w- c:\programmer\Alwil Software
2010-06-01 12:47 . 2010-06-11 09:06 150070 ----a-w- c:\windows\PCHealth\HelpCtr\Config\Cache\Personal_32_1030.dat
2010-06-01 12:47 . 2010-06-01 11:52 76487 ----a-w- c:\windows\PCHealth\HelpCtr\OfflineCache\index.dat
2010-06-01 11:53 . 2010-06-01 11:53 -------- d-----w- c:\programmer\microsoft frontpage
2010-06-01 11:53 . 2010-06-01 11:53 558142 ----a-w- c:\windows\java\Packages\P77JZB5R.ZIP
2010-06-01 11:53 . 2010-06-01 11:53 2678 ----a-w- c:\windows\java\Packages\Data\0XBPZVRV.DAT
2010-06-01 11:53 . 2010-06-01 11:53 2678 ----a-w- c:\windows\java\Packages\Data\93XB9ZLV.DAT
2010-06-01 11:53 . 2010-06-01 11:53 155995 ----a-w- c:\windows\java\Packages\GOCDNJH7.ZIP
2010-06-01 11:53 . 2010-06-01 11:53 2678 ----a-w- c:\windows\java\Packages\Data\PRN7XJHJ.DAT
2010-06-01 11:53 . 2010-06-01 11:53 2678 ----a-w- c:\windows\java\Packages\Data\DRFF7ZL3.DAT
2010-06-01 11:53 . 2010-06-01 11:53 2678 ----a-w- c:\windows\java\Packages\Data\5JZ5FNDR.DAT
2010-06-01 11:52 . 2010-06-01 11:49 -------- d-----w- c:\programmer\Onlinetjenester
2010-06-01 11:51 . 2010-06-01 11:51 -------- d-----w- c:\programmer\Fælles filer\Tjenester
2010-06-01 11:50 . 2010-06-01 11:50 21644 ----a-w- c:\windows\system32\emptyregdb.dat
2010-05-06 10:34 . 2002-09-16 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2010-05-02 08:09 . 2002-09-16 12:00 1851264 ----a-w- c:\windows\system32\win32k.sys
2010-04-27 18:40 . 2010-06-07 19:22 9200 ------w- c:\windows\system32\drivers\cdralw2k.sys
2010-04-27 18:40 . 2010-06-07 19:22 9072 ------w- c:\windows\system32\drivers\cdr4_xp.sys
2010-04-27 18:40 . 2010-06-07 19:22 45648 ------w- c:\windows\system32\drivers\PxHelp20.sys
2010-04-27 18:40 . 2010-06-07 19:22 133616 ------w- c:\windows\system32\pxafs.dll
2010-04-27 18:40 . 2010-06-07 19:22 126448 ------w- c:\windows\system32\pxinsi64.exe
2010-04-27 18:40 . 2010-06-07 19:22 123888 ------w- c:\windows\system32\pxcpyi64.exe
2010-04-20 05:31 . 2002-09-16 12:00 285696 ----a-w- c:\windows\system32\atmfd.dll
.

((((((((((((((((((((((((((((( SnapShot_2002-01-01_11.16.40 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-06-14 17:56 . 2010-06-14 17:56 16384 c:\windows\Temp\Perflib_Perfdata_4c0.dat
- 2002-01-01 11:16 . 2002-01-01 11:16 16384 c:\windows\Temp\Perflib_Perfdata_4c0.dat
+ 2010-06-14 17:56 . 2010-06-14 17:56 16384 c:\windows\Temp\Perflib_Perfdata_3b4.dat
- 2002-09-16 12:00 . 2002-01-01 01:47 88702 c:\windows\system32\perfc009.dat
+ 2002-09-16 12:00 . 2010-06-12 20:46 88702 c:\windows\system32\perfc009.dat
+ 2009-11-05 20:17 . 2009-11-05 20:17 11600 c:\windows\system32\mui\0409\mscorees.dll
+ 2009-06-24 17:56 . 2009-06-24 17:56 73728 c:\windows\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe
+ 2010-04-01 09:42 . 2010-04-01 09:42 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Security.dll
+ 2010-03-31 12:51 . 2010-03-31 12:51 77824 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll
- 2003-02-20 18:09 . 2003-02-20 18:09 77824 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsn.dll
+ 2010-03-31 12:51 . 2010-03-31 12:51 86016 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorie.dll
- 2003-02-20 18:09 . 2003-02-20 18:09 86016 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorie.dll
- 2004-07-14 23:32 . 2004-07-14 23:32 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll
+ 2010-03-31 12:51 . 2010-03-31 12:51 81920 c:\windows\Microsoft.NET\Framework\v1.1.4322\CORPerfMonExt.dll
- 2004-07-15 00:49 . 2004-07-15 00:49 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe
+ 2010-03-31 13:32 . 2010-03-31 13:32 32768 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe
- 2003-02-20 18:19 . 2003-02-20 18:19 24576 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_filter.dll
+ 2010-03-31 13:32 . 2010-03-31 13:32 24576 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_filter.dll
+ 2010-06-12 20:45 . 2010-06-12 20:45 90112 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_c94ab093\System.Drawing.Design.dll
+ 2010-06-12 20:36 . 2010-06-12 20:36 61440 c:\windows\assembly\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a_f08558b8\CustomMarshalers.dll
+ 2010-06-12 20:34 . 2010-06-12 20:34 81920 c:\windows\assembly\GAC\System.Security\1.0.5000.0__b03f5f7f11d50a3a\System.Security.dll
+ 2002-09-16 12:00 . 2010-06-12 20:46 487832 c:\windows\system32\perfh009.dat
- 2002-09-16 12:00 . 2002-01-01 01:47 487832 c:\windows\system32\perfh009.dat
+ 2008-05-26 20:18 . 2009-05-24 22:24 350208 c:\windows\system32\mssph.dll
- 2008-05-26 20:18 . 2008-05-26 20:18 350208 c:\windows\system32\mssph.dll
+ 2010-06-01 12:43 . 2007-06-27 13:34 317952 c:\windows\system32\dllcache\unregmp2.exe
- 2004-07-14 23:33 . 2004-07-14 23:33 102400 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorld.dll
+ 2010-03-31 12:51 . 2010-03-31 12:51 102400 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorld.dll
- 2004-07-14 23:25 . 2004-07-14 23:25 315392 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll
+ 2010-03-31 12:49 . 2010-03-31 12:49 315392 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorjit.dll
+ 2010-03-31 13:32 . 2010-03-31 13:32 258048 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll
- 2004-07-15 00:49 . 2004-07-15 00:49 258048 c:\windows\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll
+ 2009-03-20 09:48 . 2009-03-20 09:48 183808 c:\windows\Installer\83a64d.msp
+ 2002-09-16 12:00 . 2007-06-27 13:34 317952 c:\windows\inf\unregmp2.exe
+ 2009-05-20 10:17 . 2009-05-20 10:17 689536 c:\windows\Downloaded Program Files\Manager.exe
+ 2010-06-12 20:46 . 2010-06-12 20:46 835584 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_cb738bc3\System.Drawing.dll
+ 2010-06-12 20:46 . 2010-06-12 20:46 192512 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing.Design\1.0.5000.0__b03f5f7f11d50a3a_073f1e56\System.Drawing.Design.dll
+ 2010-06-12 20:46 . 2010-06-12 20:46 118784 c:\windows\assembly\NativeImages1_v1.1.4322\CustomMarshalers\1.0.5000.0__b03f5f7f11d50a3a_4471f3f1\CustomMarshalers.dll
+ 2010-04-01 09:42 . 2010-04-01 09:42 1265664 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.Web.dll
+ 2010-04-01 09:42 . 2010-04-01 09:42 1232896 c:\windows\Microsoft.NET\Framework\v1.1.4322\System.dll
+ 2010-03-31 12:50 . 2010-03-31 12:50 2514944 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorwks.dll
+ 2010-03-31 12:50 . 2010-03-31 12:50 2527232 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorsvr.dll
+ 2010-04-01 09:42 . 2010-04-01 09:42 2142208 c:\windows\Microsoft.NET\Framework\v1.1.4322\mscorlib.dll
+ 2010-06-13 17:47 . 2010-06-13 17:47 3954688 c:\windows\Installer\1898e3.msi
+ 2010-06-12 20:46 . 2010-06-12 20:46 4792320 c:\windows\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_b8e9418d\System.dll
+ 2010-06-12 20:36 . 2010-06-12 20:36 1966080 c:\windows\assembly\NativeImages1_v1.1.4322\System\1.0.5000.0__b77a5c561934e089_2b018445\System.dll
+ 2010-06-12 20:45 . 2010-06-12 20:45 2088960 c:\windows\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_8e3d0750\System.Xml.dll
+ 2010-06-12 20:46 . 2010-06-12 20:46 5513216 c:\windows\assembly\NativeImages1_v1.1.4322\System.Xml\1.0.5000.0__b77a5c561934e089_3af909e6\System.Xml.dll
+ 2010-06-12 20:45 . 2010-06-12 20:45 3018752 c:\windows\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_c10c63f5\System.Windows.Forms.dll
+ 2010-06-12 20:46 . 2010-06-12 20:46 7884800 c:\windows\assembly\NativeImages1_v1.1.4322\System.Windows.Forms\1.0.5000.0__b77a5c561934e089_5b82b544\System.Windows.Forms.dll
+ 2010-06-12 20:46 . 2010-06-12 20:46 2244608 c:\windows\assembly\NativeImages1_v1.1.4322\System.Drawing\1.0.5000.0__b03f5f7f11d50a3a_3c4aa288\System.Drawing.dll
+ 2010-06-12 20:46 . 2010-06-12 20:46 3395584 c:\windows\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_a6183718\System.Design.dll
+ 2010-06-12 20:46 . 2010-06-12 20:46 1466368 c:\windows\assembly\NativeImages1_v1.1.4322\System.Design\1.0.5000.0__b03f5f7f11d50a3a_4fd05f04\System.Design.dll
+ 2010-06-12 20:47 . 2010-06-12 20:47 8908800 c:\windows\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_ea7a4824\mscorlib.dll
+ 2010-06-12 20:46 . 2010-06-12 20:46 3391488 c:\windows\assembly\NativeImages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_305b6d1d\mscorlib.dll
+ 2010-06-12 20:34 . 2010-06-12 20:34 1232896 c:\windows\assembly\GAC\System\1.0.5000.0__b77a5c561934e089\System.dll
+ 2010-06-12 20:34 . 2010-06-12 20:34 1265664 c:\windows\assembly\GAC\System.Web\1.0.5000.0__b03f5f7f11d50a3a\System.Web.dll
+ 2010-04-02 17:29 . 2010-04-02 17:29 11413504 c:\windows\Microsoft.NET\Framework\v1.1.4322\Updates\M979906\M979906Uninstall.msp
+ 2010-04-02 10:30 . 2010-04-02 10:30 17456640 c:\windows\Installer\83a66a.msp
.
-- Snapshot sat til dags dato --
.
((((((((((((((((((((((((((((((((((( Start steder i reg.basen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Bemærk* tomme linier & lovlige standard linier vises ikke
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\programmer\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-06-09 39408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
"Adobe Reader Speed Launcher"="c:\programmer\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-12-21 35760]
"Adobe ARM"="c:\programmer\Fælles filer\Adobe\ARM\1.0\AdobeARM.exe" [2010-03-24 952768]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\programmer\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [01-06-2010 16:39 114768]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [01-06-2010 16:39 20560]
R3 3xHybrid;Pinnacle PCTV 100i-110i-300i-310i-MCE;c:\windows\system32\drivers\3xHybrid.sys [07-06-2010 17:37 1121536]
S2 gupdate;Tjenesten Google Update (gupdate);c:\programmer\Google\Update\GoogleUpdate.exe [09-06-2010 15:16 136176]
S3 TVService;TVService;c:\programmer\Team MediaPortal\MediaPortal TV Server\TvService.exe [09-05-2009 00:36 192512]
.
Indhold af mappen 'Planlagte Opgaver'

2010-06-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\programmer\Google\Update\GoogleUpdate.exe [2010-06-09 13:16]

2010-06-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\programmer\Google\Update\GoogleUpdate.exe [2010-06-09 13:16]
.
.
------- Yderligere scanning -------
.
uStart Page = hxxp://www.google.dk/
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Google Sidewiki ... - c:\programmer\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_2EC7709873947E87.dll/cmsidewiki.html
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\lars\Application Data\Mozilla\Firefox\Profiles\sd41e0ao.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.dk/
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?sourceid=navclient&hl=da&q=
FF - component: c:\documents and settings\lars\Application Data\Mozilla\Firefox\Profiles\sd41e0ao.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll
FF - plugin: c:\programmer\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: c:\programmer\Google\Update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: c:\programmer\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLITIKKER ----
c:\programmer\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\programmer\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\programmer\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\programmer\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\programmer\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\programmer\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\programmer\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\programmer\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".dk");
c:\programmer\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\programmer\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\programmer\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-06-14 20:17
Windows 5.1.2600 Service Pack 3 NTFS

scanner skjulte processer ...

scanner skjulte autostarter ...

scanner skjulte filer ...

scanning gennemført med succes
skjulte filer: 0

**************************************************************************
.
--------------------- DLLs startet under kørende Processer ---------------------

- - - - - - - > 'explorer.exe'(1924)
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Gennemført tid: 2010-06-14 20:19:24
ComboFix-quarantined-files.txt 2010-06-14 18:19
ComboFix2.txt 2002-01-01 19:14
ComboFix3.txt 2002-01-01 18:48
ComboFix4.txt 2002-01-01 11:21

Pre-Kørsel: 72.875.499.520 byte ledig
Post-Kørsel: 72.865.615.872 byte ledig

Current=3 Default=3 Failed=2 LastKnownGood=4 Sets=1,2,3,4
- - End Of File - - 1AFF592AE032F1BFB8E3BF44B6517ED2

Synes godt om

f-arn Guru

14. juni 2010 - 21:38 #13

Find og upload nedenstående hos Jotti eller Virustotal:

c:\windows\java\Packages\Data\5JZ5FNDR.DAT

http://virusscan.jotti.org/ - http://www.virustotal.com/en/indexf.html

Kopier resultatet herind

Synes godt om

lasse0000 Novice

14. juni 2010 - 22:03 #14

Additional info
File size: 2678 bytes
Filetype: Unknown
MD5: 06b53717bd93e7ca5b37a558dc02187e
SHA1: 205e4843abad547771bd8d1a3ce0e59df5bd25f9

--------------------------------------------------------------------------------

Filename: osp.cer
Status: Scan finished. 0 out of 21 scanners reported malware.
Scan taken on: Sun 9 Aug 2009 03:33:17 (CET) Permalink

Synes godt om

f-arn Guru

14. juni 2010 - 22:24 #15

Er du sikkker på du sendte den rigtige.

c:\windows\java\Packages\Data\5JZ5FNDR.DAT
Filename: osp.cer ?

Synes godt om

lasse0000 Novice

15. juni 2010 - 11:50 #16

Prøvede lige igen, det kunne jo være,

Jotti's malware scan
This file has been scanned before. The results for this previous scan are listed below.

--------------------------------------------------------------------------------

Filename: osp.cer
Status: Scan finished. 0 out of 21 scanners reported malware.
Scan taken on: Sun 9 Aug 2009 03:33:17 (CET) Permalink

--------------------------------------------------------------------------------
Additional info
File size: 2678 bytes
Filetype: Unknown
MD5: 06b53717bd93e7ca5b37a558dc02187e
SHA1: 205e4843abad547771bd8d1a3ce0e59df5bd25f9

Synes godt om

f-arn Guru

15. juni 2010 - 12:11 #17

Højreklik på skrivebordet og vælg ny->tekstdokument og kopier det fremhævede ind og gem filen som CFScript

Killall::
Snapshot::
File::
c:\windows\system32\pxinsi64.exe
c:\windows\system32\pxcpyi64.exe
Filelook::
c:\windows\system32\XAudio2_1.dll
Folder::
C:\32788R22FWJFW.1.tmp
Dirlook::
c:\documents and settings\lars\Application Data\MSN6
C:\d48e3c61ea876d5c833a368f98

Da Combofix kan konflikte med dine sikkerhedsprogrammer er det vigtigt at du deaktiverer dem.

Tag så fat i den nye fil med musen, og før den hen over Combofix-filen, hvorefter du "giver slip" med musen.
http://www.fromsej.saknet.dk/billeder/swfcombo.gif

Så skulle Combofix gerne give sig til at arbejde. Muligvis vil den kræve en genstart, hvilket du skal tillade. Du bør ikke klikke på vinduet imens værktøjet kører, idet det kan få din computer til at fryse.
Når Combofix er færdig, og efter det (muligvis) har genstartet, skulle der gerne åbnes en logfil combofix.txt som ligger her C:\Combofix.txt

Indholdet af denne fil må du gerne lægge herind.

Synes godt om

lasse0000 Novice

16. juni 2010 - 10:01 #18

Det gør jeg.

ComboFix 10-06-15.03 - lars 16-06-2010 9:48.7.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.45.1030.18.1023.600 [GMT 2:00]
Kører fra: c:\documents and settings\lars\Skrivebord\ComboFix.exe
Kommandoer benyttet :: c:\documents and settings\lars\Skrivebord\CFScript.txt
AV: avast! antivirus 4.8.1368 [VPS 100615-2] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

FILE ::
"c:\windows\system32\pxcpyi64.exe"
"c:\windows\system32\pxinsi64.exe"
.

((((((((((((((((((((((((((((((((((((((( Andet, der er slettet )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\32788R22FWJFW.1.tmp
c:\32788r22fwjfw.1.tmp\c.bat
c:\32788r22fwjfw.1.tmp\Combobatch.bat
c:\32788r22fwjfw.1.tmp\DelClsid.bat
c:\32788r22fwjfw.1.tmp\DelClsid64.bat
c:\32788r22fwjfw.1.tmp\FIND3M.bat
c:\32788r22fwjfw.1.tmp\FIXLSP.bat
c:\32788r22fwjfw.1.tmp\history.bat
c:\32788r22fwjfw.1.tmp\Lang.bat
c:\32788r22fwjfw.1.tmp\License\Curl - license.txt
c:\32788r22fwjfw.1.tmp\License\dumphive-license.txt
c:\32788r22fwjfw.1.tmp\License\EXTRACT.TXT
c:\32788r22fwjfw.1.tmp\License\UnxUtilsDist.html
c:\32788r22fwjfw.1.tmp\List-B.bat
c:\32788r22fwjfw.1.tmp\List-C.bat
c:\32788r22fwjfw.1.tmp\List-D.bat
c:\windows\system32\pxcpyi64.exe
c:\windows\system32\pxinsi64.exe

.
((((((((((((((((((((((((((((( Filer skabt fra 2010-05-16 til 2010-06-16 )))))))))))))))))))))))))))))))))))
.

2010-06-15 09:53 . 2010-06-15 09:53 -------- d-----w- c:\documents and settings\lars\Lokale indstillinger\Application Data\Børsen e-Learning
2010-06-15 09:53 . 2010-06-16 07:23 -------- d-----w- c:\programmer\Fælles filer\Børsen e-learning
2010-06-15 09:53 . 2010-06-16 07:23 -------- d-----w- c:\programmer\Børsen e-Learning
2010-06-15 09:24 . 2006-10-26 17:58 30512 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\mdippr.dll
2010-06-15 09:24 . 2006-10-26 17:58 30512 ----a-w- c:\windows\system32\mdimon.dll
2010-06-15 09:23 . 2010-06-15 09:23 -------- d-----w- c:\programmer\Microsoft Works
2010-06-15 09:19 . 2010-06-15 09:19 -------- d-----w- c:\windows\SHELLNEW
2010-06-15 09:19 . 2010-06-15 09:19 -------- d-----w- c:\documents and settings\lars\Lokale indstillinger\Application Data\Microsoft Help
2010-06-15 09:19 . 2010-06-15 09:24 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help
2010-06-15 09:18 . 2010-06-15 09:18 -------- d-----r- C:\MSOCache
2010-06-13 17:50 . 2010-06-13 18:19 -------- d-----w- c:\documents and settings\lars\Lokale indstillinger\Application Data\Adobe
2010-06-13 17:46 . 2010-06-13 17:47 -------- d-----w- c:\programmer\Fælles filer\Adobe
2010-06-12 23:09 . 2010-06-12 23:09 -------- d-----w- c:\documents and settings\lars\Application Data\Download Manager
2010-06-12 20:34 . 2010-06-12 20:34 133 ----a-w- c:\documents and settings\lars\Lokale indstillinger\Application Data\fusioncache.dat
2010-06-12 20:34 . 2010-06-12 20:47 -------- d-----w- c:\documents and settings\lars\Lokale indstillinger\Application Data\ApplicationHistory
2010-06-11 16:35 . 2010-05-06 10:34 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll
2010-06-11 10:47 . 2010-06-11 10:47 -------- d-----w- c:\documents and settings\lars\Application Data\Windows Search
2010-06-11 08:57 . 2010-06-11 08:57 -------- d-----w- c:\documents and settings\lars\Application Data\MSN6
2010-06-11 08:57 . 2010-06-11 08:57 -------- d-----w- c:\documents and settings\All Users\Application Data\MSN6
2010-06-08 07:01 . 2010-06-08 07:01 -------- d-----w- c:\documents and settings\lars\DoctorWeb
2010-06-08 06:26 . 2008-04-14 07:05 26624 ----a-w- c:\documents and settings\LocalService\Application Data\Microsoft\UPnP Device Host\upnphost\udhisapi.dll
2010-06-07 19:37 . 2002-01-01 10:19 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2010-06-07 19:26 . 2010-06-07 19:26 57344 ----a-w- c:\documents and settings\All Users\Application Data\DivX\RunAsUser\RUNASUSERPROCESS.dll
2010-06-07 19:21 . 2010-06-07 19:21 57409 ----a-w- c:\documents and settings\All Users\Application Data\DivX\ControlPanel\Uninstaller.exe
2010-06-07 19:21 . 2010-06-07 19:21 52963 ----a-w- c:\documents and settings\All Users\Application Data\DivX\MSVC80CRTRedist\Uninstaller.exe
2010-06-07 19:21 . 2010-06-07 19:21 54073 ----a-w- c:\documents and settings\All Users\Application Data\DivX\Qt4.5\Uninstaller.exe
2010-06-07 19:21 . 2010-06-07 19:21 -------- d-----w- c:\programmer\Fælles filer\DivX Shared
2010-06-07 19:21 . 2010-06-07 19:21 56969 ----a-w- c:\documents and settings\All Users\Application Data\DivX\ASPEncoder\Uninstaller.exe
2010-06-07 19:20 . 2010-06-07 19:22 -------- d-----w- c:\programmer\DivX
2010-06-07 19:19 . 2010-06-07 19:22 -------- d-----w- c:\documents and settings\All Users\Application Data\DivX
2010-06-07 18:17 . 2010-06-15 09:22 -------- d-----w- c:\programmer\Microsoft.NET
2010-06-07 18:16 . 2010-06-07 18:16 -------- d-----w- c:\programmer\MSXML 6.0
2010-06-07 18:14 . 2010-06-07 18:19 -------- d-----w- c:\programmer\Microsoft SQL Server
2010-06-07 18:13 . 2010-06-07 18:20 -------- d-----w- c:\documents and settings\All Users\Application Data\Team MediaPortal
2010-06-07 18:12 . 2008-07-31 08:41 68616 ----a-w- c:\windows\system32\XAPOFX1_1.dll
2010-06-07 18:12 . 2008-07-31 08:40 509448 ----a-w- c:\windows\system32\XAudio2_2.dll
2010-06-07 18:12 . 2008-07-31 08:41 238088 ----a-w- c:\windows\system32\xactengine3_2.dll
2010-06-07 18:12 . 2008-07-12 06:18 1493528 ----a-w- c:\windows\system32\D3DCompiler_39.dll
2010-06-07 18:12 . 2008-07-12 06:18 467984 ----a-w- c:\windows\system32\d3dx10_39.dll
2010-06-07 18:12 . 2008-07-12 06:18 3851784 ----a-w- c:\windows\system32\D3DX9_39.dll
2010-06-07 18:12 . 2008-05-30 12:19 507400 ----a-w- c:\windows\system32\XAudio2_1.dll
2010-06-07 18:12 . 2008-05-30 12:17 65032 ----a-w- c:\windows\system32\XAPOFX1_0.dll
2010-06-07 18:10 . 2010-06-07 18:10 -------- d-----w- c:\windows\Logs
2010-06-07 17:17 . 2010-06-07 18:20 -------- d-----w- c:\programmer\Team MediaPortal
2010-06-07 16:37 . 2010-06-07 16:37 -------- d-----w- c:\documents and settings\lars\Application Data\Malwarebytes
2010-06-07 16:37 . 2010-04-29 13:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-06-07 16:37 . 2010-06-07 16:37 -------- d-----w- c:\programmer\Malwarebytes' Anti-Malware
2010-06-07 16:37 . 2010-06-07 16:37 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2010-06-07 16:37 . 2010-04-29 13:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-06-07 15:51 . 2010-06-12 20:48 -------- d-----w- c:\documents and settings\lars\Lokale indstillinger\Application Data\Temp
2010-06-07 15:38 . 2008-04-13 09:46 15232 -c--a-w- c:\windows\system32\dllcache\mpe.sys
2010-06-07 15:38 . 2008-04-13 09:46 15232 ----a-w- c:\windows\system32\drivers\MPE.sys
2010-06-07 15:37 . 2008-04-14 07:05 363520 -c--a-w- c:\windows\system32\dllcache\psisdecd.dll
2010-06-07 15:37 . 2008-04-14 07:05 363520 ----a-w- c:\windows\system32\PsisDecd.dll
2010-06-07 15:37 . 2008-04-13 09:46 11776 -c--a-w- c:\windows\system32\dllcache\bdasup.sys
2010-06-07 15:37 . 2008-04-13 09:46 11776 ----a-w- c:\windows\system32\drivers\BdaSup.sys
2010-06-07 15:37 . 2010-06-07 15:37 -------- dc----w- c:\windows\system32\DRVSTORE
2010-06-07 15:37 . 2006-12-18 15:53 1121536 ----a-w- c:\windows\system32\drivers\3xHybrid.sys
2010-06-07 15:37 . 2003-02-27 08:07 3072 ----a-w- c:\windows\system32\34CoInstaller.dll
2010-06-07 14:17 . 2010-06-07 14:17 -------- d-----w- c:\documents and settings\lars\Lokale indstillinger\Application Data\Innovative Solutions
2010-06-07 14:17 . 2010-06-07 14:17 -------- d-----w- c:\documents and settings\All Users\Application Data\Innovative Solutions
2010-06-07 14:00 . 2010-06-07 14:00 -------- d-----w- c:\programmer\Speccy
2010-06-07 13:57 . 2010-06-07 13:57 -------- d-----w- c:\programmer\CCleaner
2010-06-07 13:43 . 2010-06-07 13:43 -------- d-----w- c:\windows\system32\XPSViewer
2010-06-07 13:43 . 2010-06-07 13:43 -------- d-----w- c:\programmer\MSBuild
2010-06-07 13:43 . 2010-06-07 13:43 -------- d-----w- c:\programmer\Reference Assemblies
2010-06-07 13:42 . 2008-07-06 12:06 89088 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll
2010-06-07 13:42 . 2008-07-06 12:06 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
2010-06-07 13:42 . 2008-07-06 12:06 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll
2010-06-07 13:42 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll
2010-06-07 13:42 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll
2010-06-07 13:42 . 2008-07-06 10:50 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
2010-06-07 13:42 . 2008-07-06 10:50 597504 ------w- c:\windows\system32\Spool\prtprocs\w32x86\printfilterpipelinesvc.exe
2010-06-07 13:42 . 2008-07-06 12:06 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll
2010-06-07 13:42 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\xpssvcs.dll
2010-06-07 13:42 . 2010-06-07 13:42 -------- d-----w- C:\d48e3c61ea876d5c833a368f98
2010-06-07 13:38 . 2010-06-07 13:38 -------- d-----w- c:\documents and settings\lars\Lokale indstillinger\Application Data\Identities
2010-06-07 13:38 . 2010-06-07 13:38 -------- d-----w- c:\documents and settings\lars\Application Data\Windows Desktop Search
2010-06-07 13:38 . 2010-06-07 13:38 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache
2010-06-07 13:38 . 2010-06-12 20:35 -------- d-----w- c:\programmer\Windows Desktop Search
2010-06-07 13:38 . 2010-06-07 13:38 -------- d-----w- c:\windows\system32\GroupPolicy
2010-06-07 13:37 . 2008-03-07 17:02 98304 -c----w- c:\windows\system32\dllcache\nlhtml.dll
2010-06-07 13:37 . 2008-03-07 17:02 29696 -c----w- c:\windows\system32\dllcache\mimefilt.dll
2010-06-07 13:37 . 2008-03-07 17:02 192000 -c----w- c:\windows\system32\dllcache\offfilt.dll
2010-06-07 13:37 . 2010-06-07 13:37 -------- d-----w- c:\programmer\Windows Media Connect 2
2010-06-07 13:35 . 2010-06-07 13:36 -------- d-----w- c:\windows\system32\drivers\UMDF
2010-06-07 13:35 . 2010-06-07 13:35 -------- d-----w- c:\windows\system32\LogFiles
2010-06-07 13:33 . 2010-06-07 13:34 -------- d-----w- c:\windows\system32\URTTemp
2010-06-07 13:25 . 2010-06-07 13:25 -------- d-sh--w- c:\documents and settings\lars\IECompatCache
2010-06-07 13:24 . 2010-06-07 13:24 -------- d-sh--w- c:\documents and settings\lars\PrivacIE
2010-06-07 13:18 . 2010-06-07 13:18 -------- d-sh--w- c:\documents and settings\lars\IETldCache
2010-06-07 13:16 . 2010-04-16 11:43 41984 -c----w- c:\windows\system32\dllcache\iecompat.dll
2010-06-07 13:15 . 2002-01-01 01:42 -------- d-----w- c:\windows\ie8updates
2010-06-07 13:15 . 2010-05-06 10:34 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
2010-06-07 13:15 . 2010-05-06 10:34 599040 -c----w- c:\windows\system32\dllcache\msfeeds.dll
2010-06-07 13:15 . 2010-05-06 10:34 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
2010-06-07 13:15 . 2010-05-06 10:34 1985536 -c----w- c:\windows\system32\dllcache\iertutil.dll
2010-06-07 13:15 . 2010-05-06 10:34 247808 -c----w- c:\windows\system32\dllcache\ieproxy.dll
2010-06-07 13:15 . 2010-05-06 10:34 11076096 -c----w- c:\windows\system32\dllcache\ieframe.dll
2010-06-07 13:14 . 2010-06-07 13:15 -------- dc-h--w- c:\windows\ie8
2010-06-03 07:14 . 2008-04-14 07:05 221184 ----a-w- c:\windows\system32\wmpns.dll
2010-06-02 06:09 . 2010-04-08 00:50 1496064 ----a-w- c:\documents and settings\lars\Application Data\Mozilla\Firefox\Profiles\sd41e0ao.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll
2010-06-02 06:09 . 2010-04-08 00:50 43008 ----a-w- c:\documents and settings\lars\Application Data\Mozilla\Firefox\Profiles\sd41e0ao.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbarloader.dll
2010-06-02 06:09 . 2010-04-08 00:50 338944 ----a-w- c:\documents and settings\lars\Application Data\Mozilla\Firefox\Profiles\sd41e0ao.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\libraries\googletoolbar-ff2.dll
2010-06-02 06:09 . 2010-04-08 00:50 346112 ----a-w- c:\documents and settings\lars\Application Data\Mozilla\Firefox\Profiles\sd41e0ao.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\libraries\googletoolbar-ff3.dll
2010-06-02 06:08 . 2010-06-02 06:08 0 ----a-w- c:\windows\nsreg.dat
2010-06-02 06:08 . 2010-06-02 06:08 -------- d-----w- c:\documents and settings\lars\Lokale indstillinger\Application Data\Mozilla
2010-06-01 14:53 . 2010-06-01 14:53 -------- d-----w- c:\programmer\Fælles filer\Java
2010-06-01 14:53 . 2010-06-01 14:53 503808 ----a-w- c:\documents and settings\lars\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-2280a7a2-n\msvcp71.dll
2010-06-01 14:53 . 2010-06-01 14:53 499712 ----a-w- c:\documents and settings\lars\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-2280a7a2-n\jmc.dll
2010-06-01 14:53 . 2010-06-01 14:53 348160 ----a-w- c:\documents and settings\lars\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-2280a7a2-n\msvcr71.dll
2010-06-01 14:53 . 2010-06-01 14:53 61440 ----a-w- c:\documents and settings\lars\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-54f8b941-n\decora-sse.dll
2010-06-01 14:53 . 2010-06-01 14:53 12800 ----a-w- c:\documents and settings\lars\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-54f8b941-n\decora-d3d.dll
2010-06-01 14:52 . 2010-06-01 14:52 411368 ----a-w- c:\windows\system32\deployJava1.dll
2010-06-01 14:52 . 2010-06-01 14:52 -------- d-----w- c:\programmer\Java
2010-06-01 14:51 . 2010-06-01 14:51 -------- d-----w- c:\windows\system32\Adobe
2010-06-01 14:32 . 2010-06-01 14:32 -------- d-----w- c:\documents and settings\NetworkService\Lokale indstillinger\Application Data\Google
2010-06-01 14:28 . 2010-06-01 14:28 -------- d-----w- c:\programmer\WOT
2010-06-01 14:27 . 2010-06-01 14:27 -------- d-----w- c:\documents and settings\LocalService\Lokale indstillinger\Application Data\Google
2010-06-01 14:27 . 2010-06-14 10:23 -------- d-----w- c:\documents and settings\lars\Lokale indstillinger\Application Data\Google
2010-06-01 14:26 . 2010-06-09 13:16 -------- d-----w- c:\programmer\Google
2010-06-01 13:25 . 2010-02-12 10:03 293376 ------w- c:\windows\system32\browserchoice.exe
2010-06-01 13:24 . 2010-02-24 13:11 455680 -c----w- c:\windows\system32\dllcache\mrxsmb.sys
2010-06-01 13:23 . 2009-10-23 15:28 3558912 -c----w- c:\windows\system32\dllcache\moviemk.exe
2010-06-01 13:23 . 2009-12-31 16:50 353792 -c----w- c:\windows\system32\dllcache\srv.sys

.
(((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-06-12 20:46 . 2002-09-16 12:00 525444 ----a-w- c:\windows\system32\perfh006.dat
2010-06-12 20:46 . 2002-09-16 12:00 108292 ----a-w- c:\windows\system32\perfc006.dat
2010-06-10 13:44 . 2010-06-07 19:22 -------- d-----w- c:\documents and settings\lars\Application Data\DivX
2010-06-01 14:39 . 2010-06-01 14:39 -------- d-----w- c:\programmer\Alwil Software
2010-06-01 12:47 . 2010-06-11 09:06 150070 ----a-w- c:\windows\PCHealth\HelpCtr\Config\Cache\Personal_32_1030.dat
2010-06-01 12:47 . 2010-06-01 11:52 76487 ----a-w- c:\windows\PCHealth\HelpCtr\OfflineCache\index.dat
2010-06-01 11:53 . 2010-06-01 11:53 -------- d-----w- c:\programmer\microsoft frontpage
2010-06-01 11:53 . 2010-06-01 11:53 558142 ----a-w- c:\windows\java\Packages\P77JZB5R.ZIP
2010-06-01 11:53 . 2010-06-01 11:53 2678 ----a-w- c:\windows\java\Packages\Data\0XBPZVRV.DAT
2010-06-01 11:53 . 2010-06-01 11:53 2678 ----a-w- c:\windows\java\Packages\Data\93XB9ZLV.DAT
2010-06-01 11:53 . 2010-06-01 11:53 155995 ----a-w- c:\windows\java\Packages\GOCDNJH7.ZIP
2010-06-01 11:53 . 2010-06-01 11:53 2678 ----a-w- c:\windows\java\Packages\Data\PRN7XJHJ.DAT
2010-06-01 11:53 . 2010-06-01 11:53 2678 ----a-w- c:\windows\java\Packages\Data\DRFF7ZL3.DAT
2010-06-01 11:53 . 2010-06-01 11:53 2678 ----a-w- c:\windows\java\Packages\Data\5JZ5FNDR.DAT
2010-06-01 11:52 . 2010-06-01 11:49 -------- d-----w- c:\programmer\Onlinetjenester
2010-06-01 11:51 . 2010-06-01 11:51 -------- d-----w- c:\programmer\Fælles filer\Tjenester
2010-06-01 11:50 . 2010-06-01 11:50 21644 ----a-w- c:\windows\system32\emptyregdb.dat
2010-05-06 10:34 . 2002-09-16 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
2010-05-02 08:09 . 2002-09-16 12:00 1851264 ----a-w- c:\windows\system32\win32k.sys
2010-04-27 18:40 . 2010-06-07 19:22 9200 ------w- c:\windows\system32\drivers\cdralw2k.sys
2010-04-27 18:40 . 2010-06-07 19:22 9072 ------w- c:\windows\system32\drivers\cdr4_xp.sys
2010-04-27 18:40 . 2010-06-07 19:22 45648 ------w- c:\windows\system32\drivers\PxHelp20.sys
2010-04-27 18:40 . 2010-06-07 19:22 133616 ------w- c:\windows\system32\pxafs.dll
2010-04-20 05:31 . 2002-09-16 12:00 285696 ----a-w- c:\windows\system32\atmfd.dll
.

(((((((((((((((((((((((((((((((((((((((((((( Look )))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.

--- c:\windows\system32\XAudio2_1.dll ---
Company: Microsoft Corporation
File Description: XAudio2 Game Audio API
File Version: 9.23 (DXSDK_JUN08.080530-1349)
Product Name: Microsoft® DirectX for Windows®
Copyright: Copyright (c) Microsoft Corporation. All rights reserved.
Original Filename: xaudio2_1.dll
File size: 507400
Created time: 2010-06-07 18:12
Modified time: 2008-05-30 12:19
MD5: E34FF0115B1EE3B4E03D22AE9840EE03
SHA1: 746E6E84FF7F630643FF9381B9DFF1F40A49CA16

---- Directory of C:\d48e3c61ea876d5c833a368f98 ----

2010-06-07 13:42 . 2008-06-19 05:33 2204 ------w- c:\d48e3c61ea876d5c833a368f98\i386\msxpsdrv.inf
2010-06-07 13:42 . 2008-06-19 09:03 73 ------w- c:\d48e3c61ea876d5c833a368f98\i386\msxpsinc.gpd
2010-06-07 13:42 . 2008-06-19 05:33 72 ------w- c:\d48e3c61ea876d5c833a368f98\i386\msxpsinc.ppd
2010-06-07 13:42 . 2008-06-19 05:33 72 ------w- c:\d48e3c61ea876d5c833a368f98\amd64\msxpsinc.ppd
2010-06-07 13:42 . 2008-06-19 05:33 2204 ------w- c:\d48e3c61ea876d5c833a368f98\amd64\msxpsdrv.inf
2010-06-07 13:42 . 2008-07-06 12:06 10929 ------w- c:\d48e3c61ea876d5c833a368f98\amd64\msxpsdrv.cat
2010-06-07 13:42 . 2008-07-06 12:06 10929 ------w- c:\d48e3c61ea876d5c833a368f98\i386\msxpsdrv.cat
2010-06-07 13:42 . 2008-07-06 12:06 147456 ------w- c:\d48e3c61ea876d5c833a368f98\amd64\filterpipelineprintproc.dll
2010-06-07 13:42 . 2008-07-06 12:06 89088 ------w- c:\d48e3c61ea876d5c833a368f98\i386\filterpipelineprintproc.dll
2010-06-07 13:42 . 2008-07-06 12:06 765440 ------w- c:\d48e3c61ea876d5c833a368f98\i386\mxdwdrv.dll
2010-06-07 13:42 . 2008-07-06 12:06 1676288 ------w- c:\d48e3c61ea876d5c833a368f98\i386\xpssvcs.dll
2010-06-07 13:42 . 2008-07-06 12:06 748032 ------w- c:\d48e3c61ea876d5c833a368f98\amd64\mxdwdrv.dll
2008-07-06 15:36 . 2008-07-06 15:36 2936832 ------w- c:\d48e3c61ea876d5c833a368f98\amd64\xpssvcs.dll
2008-06-19 09:03 . 2008-06-19 09:03 73 ------w- c:\d48e3c61ea876d5c833a368f98\amd64\msxpsinc.gpd

---- Directory of c:\documents and settings\lars\Application Data\MSN6 ----

2010-06-11 08:58 . 2010-06-11 08:58 622 ---ha-w- c:\documents and settings\lars\Application Data\MSN6\msndata.dat

((((((((((((((((((((((((((((((((((( Start steder i reg.basen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Bemærk* tomme linier & lovlige standard linier vises ikke
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\programmer\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-06-09 39408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
"Adobe Reader Speed Launcher"="c:\programmer\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-12-21 35760]
"Adobe ARM"="c:\programmer\Fælles filer\Adobe\ARM\1.0\AdobeARM.exe" [2010-03-24 952768]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\programmer\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Programmer\\Microsoft Office\\Office12\\OUTLOOK.EXE"=

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [01-06-2010 16:39 114768]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [01-06-2010 16:39 20560]
R3 3xHybrid;Pinnacle PCTV 100i-110i-300i-310i-MCE;c:\windows\system32\drivers\3xHybrid.sys [07-06-2010 17:37 1121536]
S2 gupdate;Tjenesten Google Update (gupdate);c:\programmer\Google\Update\GoogleUpdate.exe [09-06-2010 15:16 136176]
S3 TVService;TVService;c:\programmer\Team MediaPortal\MediaPortal TV Server\TvService.exe [09-05-2009 00:36 192512]
.
Indhold af mappen 'Planlagte Opgaver'

2010-06-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\programmer\Google\Update\GoogleUpdate.exe [2010-06-09 13:16]

2010-06-16 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\programmer\Google\Update\GoogleUpdate.exe [2010-06-09 13:16]
.
.
------- Yderligere scanning -------
.
uStart Page = hxxp://www.google.dk/
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: E&ksporter til Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
IE: Google Sidewiki ... - c:\programmer\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_2EC7709873947E87.dll/cmsidewiki.html
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\lars\Application Data\Mozilla\Firefox\Profiles\sd41e0ao.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.dk/
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?sourceid=navclient&hl=da&q=
FF - component: c:\documents and settings\lars\Application Data\Mozilla\Firefox\Profiles\sd41e0ao.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll
FF - plugin: c:\programmer\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: c:\programmer\Google\Update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: c:\programmer\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLITIKKER ----
c:\programmer\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\programmer\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\programmer\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\programmer\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\programmer\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\programmer\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\programmer\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\programmer\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".dk");
c:\programmer\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\programmer\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\programmer\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-06-16 09:54
Windows 5.1.2600 Service Pack 3 NTFS

scanner skjulte processer ...

scanner skjulte autostarter ...

scanner skjulte filer ...

scanning gennemført med succes
skjulte filer: 0

**************************************************************************
.
--------------------- DLLs startet under kørende Processer ---------------------

- - - - - - - > 'explorer.exe'(2460)
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Andre kørende processer ------------------------
.
c:\programmer\Alwil Software\Avast4\aswUpdSv.exe
c:\programmer\Alwil Software\Avast4\ashServ.exe
c:\programmer\Java\jre6\bin\jqs.exe
c:\programmer\Fælles filer\Microsoft Shared\VS7DEBUG\mdm.exe
c:\programmer\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
c:\programmer\Microsoft SQL Server\90\Shared\sqlbrowser.exe
c:\programmer\Microsoft SQL Server\90\Shared\sqlwriter.exe
c:\windows\system32\SearchIndexer.exe
c:\programmer\Alwil Software\Avast4\ashMaiSv.exe
c:\programmer\Alwil Software\Avast4\ashWebSv.exe
.
**************************************************************************
.
Gennemført tid: 2010-06-16 09:57:24 - maskinen blev genstartet
ComboFix-quarantined-files.txt 2010-06-16 07:57
ComboFix2.txt 2010-06-14 18:19
ComboFix3.txt 2002-01-01 19:14
ComboFix4.txt 2002-01-01 18:48
ComboFix5.txt 2010-06-16 07:25

Pre-Kørsel: 71.807.180.800 byte ledig
Post-Kørsel: 71.785.422.848 byte ledig

Current=3 Default=3 Failed=2 LastKnownGood=4 Sets=1,2,3,4
- - End Of File - - 7545D49CC7853AD8DD7E9D431790837B

Synes godt om

f-arn Guru

16. juni 2010 - 16:14 #19

Slet C:\d48e3c61ea876d5c833a368f98 manuelt. Der er ikke nogen grund til at spilde det store krudt på den.

------

Klik start, kør og kopier dettte: combofix /uninstall
Tryk enter
Det vil fjerne Combofix og nulstille urets indstillinger.
Nulstille systemgendannelsen.
Skjule filtypenavne hvis det kræves.
Skjule System/skjulte filer hvis det kræves

Synes godt om

Ny bruger Nybegynder

Din løsning...

Tilladte BB-code-tags: [b]fed[/b] [i]kursiv[/i] [u]understreget[/u] Web- og emailadresser omdannes automatisk til links. Der sættes "nofollow" på alle links.

Følg dette spørgsmål

Opret Preview

Se alle it-kurser fra Computerworld Kurser

IT-kurser om Microsoft 365, sikkerhed, personlig vækst, udvikling, digital markedsføring, grafisk design, SAP og forretningsanalyse.

Se alle it-kurser

Flere spørgsmål fra Virus kategorien

Titel	Indlæg	Oprettet	Seneste aktivitet
Er gratis Bitdefender værd at installere ? Af Ikke-ekspert i Virus	6	I går 19:08	I går 22:39
Ukendte filer på min Pc Af jonpet i Virus	10	03/02/202514:20	04/02/202511:05
mulig ukendt virus Af jackie18 i Virus	3	18/01/202514:07	18/01/202516:39
virus popper op med jævne mellemrum Af Malm i Virus	13	18/01/202511:40	20/01/202517:53
Total AV Af Malm i Virus	10	16/01/202516:48	17/01/202520:47

Se alle spørgsmål i kategorien Opret spørgsmål

Log ind eller opret profil

Hov!

For at kunne deltage på Computerworld Eksperten skal du være logget ind.

Det er heldigvis nemt at oprette en bruger: Det tager to minutter og du kan vælge at bruge enten e-mail, Facebook eller Google som login.

Du kan også logge ind via nedenstående tjenester

Alle kategorier på Eksperten

Seneste artiklerRSS