CIO Tech Eksperten IT-JOB IT-Kurser Events Podcast Søg
Cookie ikon
Avatar billede madtex Nybegynder
09. september 2013 - 16:30 Der er 44 kommentarer og
1 løsning

POLITIVIRUS/INTERPOLE VIRUS

Jeg har haft den i over en uge og har prøvet at flere at de forslag som er kommet her i andre indlæg. Som f.eks. Farbar Recovery Scab Tool og sfc/scannow, men jeg har den stadig.
Er der andre metoder som man kan prøve
Avatar billede Computer Hjælp (Gratis) Mester
09. september 2013 - 16:47 #1
Velkommen til E. ...

Du/I skal altid skrive hvilket Styresystem det drejer sig om!
Win98, ME, W2000, XP, Vista, Win7, Win8, OS/2, Unix, Linux, ... ?

---

Velkommen i [Ukash virus] klubben...

Fejlsikker tilstand - Systemgendannelse !!!
Som her ->
www.eksperten.dk/spm/970326#reply_7990002
Avatar billede 220661 Ekspert
09. september 2013 - 18:42 #2
Får du bluescreen, når du forsøger i fejlsikret tilstand?
Avatar billede f-arn Guru
09. september 2013 - 21:13 #3
Jeg ved ikke hvor sfc /scannow kommer ind (du mangler et mellemrum), men hvor går du i stå med Farbar Recovery Scan Tool ?

Hvis du trykker F8 under opstart, får du så ikke "Advanced Boot Options" og "Repair Your Computer" ?
Avatar billede madtex Nybegynder
09. september 2013 - 21:51 #4
For det første så bruger jeg Windows Vista, 32 bit som mit styresystem.

Jeg har prøvet rstrui.exe og den hjalp heller ikke, men for sfc /scannow så fandt jeg den via et link her.
Avatar billede f-arn Guru
09. september 2013 - 22:03 #5
Mit spørgsmål ang. Farbar Recovery Scan Tool ?
Avatar billede madtex Nybegynder
09. september 2013 - 22:17 #6
Ang. til #5

Jeg fulgt instuktion på siden og fik både scanet efter frst.exe og søgt efter services.exe, men da jeg skulle genstart min compurer kunne jeg stadig ikke komme ind på den.
Avatar billede f-arn Guru
09. september 2013 - 22:29 #7
Der står jo også at du skal kopiere loggen et sted hen *S*

Hvis du scanner igen, kopierer loggen herind, skal jeg nok lave en Fixlist til dig :)
Avatar billede madtex Nybegynder
09. september 2013 - 23:33 #8
Du skal have mange tak for det og jeg vil gøre det i morgen, da jeg vil sikker lave fejl hvis jeg gøre det nu.
Avatar billede madtex Nybegynder
10. september 2013 - 15:01 #9
Nu har jeg scanet min computer igen og her er frst.txt og services.txt, som jeg håber at jeg har gjort det rigtigt.



Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 06-09-2013
Ran by SYSTEM on MINWINPC on 10-09-2013 14:25:05
Running from K:\
Windows Vista (TM) Home Premium (X86) OS Language: Swedish
Internet Explorer Version 9
Boot Mode: Recovery

The current controlset is ControlSet001
ATTENTION!:=====> If the system is bootable FRST could be run from normal or Safe mode to create a complete log.

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Windows Defender] - C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-19] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] - C:\Windows\RtHDVCpl.exe [5369856 2008-03-26] (Realtek Semiconductor)
HKLM\...\Run: [SunJavaUpdateReg] - C:\Windows\system32\jureg.exe [54936 2007-04-07] (Sun Microsystems, Inc.)
HKLM\...\Run: [] -  [x]
HKLM\...\Run: [QuickTime Task] - "C:\Program Files\QuickTime\QTTask.exe" -atboottime [x]
HKLM\...\Run: [GrooveMonitor] - C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [F-Secure Manager] - C:\Program Files\F-Secure\Common\FSM32.EXE [303816 2011-08-30] (F-Secure Corporation)
HKLM\...\Run: [F-Secure TNB] - C:\Program Files\F-Secure\FSGUI\TNBUtil.exe [1655496 2011-08-30] (F-Secure Corporation)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.)
HKLM\...\Runonce: [AvgUninstallURL] - cmd.exe /c start http://www.avg.com/ww.special-uninstallation-feedback-appf?lic=OQBBAFYARgBSAEUARQAtAFYAMwBaAEMAOQAtAEUASwBBAFIAUwAtADYAUgBXAEcAQQAtAEEAQQBUAEMAVQAtAFYAUAA5AEYATgA"&"inst=NwA3AC0ANgA5ADcANwAxADIAOQA5ADkALQBGAEwAKwA5AC0ARABEAFQAKwAwAC0AWABPADkAKwAxAC0AWABPADMANgArADEA"&"prod=90"&"ver=9.0.902 [x]
HKU\Default\...\Run: [WindowsWelcomeCenter] - C:\Windows\System32\oobefldr.dll [ 2009-04-11] (Microsoft Corporation)
HKU\Default User\...\Run: [WindowsWelcomeCenter] - C:\Windows\System32\oobefldr.dll [ 2009-04-11] (Microsoft Corporation)
HKU\Per\...\Run: [EPSON Stylus DX4400 Series] - C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATICAE.EXE /FU "C:\Windows\TEMP\E_SA073.tmp" /EF "HKCU" [x]
HKU\Per\...\Run: [WMPNSCFG] - C:\Program Files\Windows Media Player\WMPNSCFG.exe [ 2008-01-19] (Microsoft Corporation)
HKU\Per\...\Winlogon: [Shell] explorer.exe,C:\Users\Per\AppData\Roaming\cache.dat [ 2013-07-09] () <==== ATTENTION
Startup: C:\Users\Per\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\runctf.lnk
ShortcutTarget: runctf.lnk -> C:\Users\Per\wgsdgsdgdsgsd.dll (No File)
Startup: C:\Users\Per\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Screen Clipper and Launcher til OneNote 2007.lnk
ShortcutTarget: Screen Clipper and Launcher til OneNote 2007.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
BootExecute: autocheck autochk * lsdelete

========================== Services (Whitelisted) =================

S2 aawservice; C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe [587096 2007-10-29] (Lavasoft AB)
S3 DfSdkS; C:\Program Files\Ashampoo\Ashampoo WinOptimizer 7\Dfsdks.exe [406016 2009-08-24] (mst software GmbH, Germany)
S2 F-Secure Gatekeeper Handler Starter; C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe [221896 2011-08-30] (F-Secure Corporation)
S3 F-Secure Network Request Broker; C:\Program Files\F-Secure\Common\FNRB32.EXE [189128 2011-08-30] (F-Secure Corporation)
S3 FSDFWD; C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe [582344 2011-08-30] (F-Secure Corporation)
S2 FSMA; C:\Program Files\F-Secure\Common\FSMA32.EXE [189128 2011-08-30] (F-Secure Corporation)
S3 FSORSPClient; C:\Program Files\F-Secure\ORSP Client\fsorsp.exe [60352 2013-06-06] (F-Secure Corporation)
S2 HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [65536 2007-09-19] (Hewlett-Packard)
S2 pbcswo; C:\Windows\system32\pbcswo.exe [x]

==================== Drivers (Whitelisted) ====================

S0 CLFS; C:\Windows\System32\CLFS.sys [245736 2009-04-11] (Microsoft Corporation)
S4 F-Secure Filter; C:\Program Files\F-Secure\Anti-Virus\Win2K\FSfilter.sys [42056 2011-08-30] ()
S3 F-Secure Gatekeeper; C:\Program Files\F-Secure\Anti-Virus\minifilter\fsgk.sys [145856 2013-07-10] (F-Secure Corporation)
S1 F-Secure HIPS; C:\Program Files\F-Secure\HIPS\drivers\fshs.sys [72552 2011-08-30] (F-Secure Corporation)
S4 F-Secure Recognizer; C:\Program Files\F-Secure\Anti-Virus\Win2K\FSrec.sys [27336 2011-08-30] ()
S0 fsbts; C:\Windows\System32\Drivers\fsbts.sys [44240 2012-08-15] ()
S1 FSES; C:\Windows\System32\drivers\fses.sys [37960 2011-08-30] (F-Secure Corporation)
S1 FSFW; C:\Windows\System32\drivers\fsdfw.sys [72904 2011-08-30] (F-Secure Corporation)
S1 fsvista; C:\Program Files\F-Secure\Anti-Virus\minifilter\fsvista.sys [14536 2011-08-30] ()
S0 pyjpbfzq; C:\Windows\System32\Drivers\pyjpbfzq.sys [1152 2011-09-03] ()
S3 USB_RNDIS; C:\Windows\System32\DRIVERS\usb8023.sys [15872 2013-02-12] (Microsoft Corporation)
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [x]
S3 EraserUtilDrv11113; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11113.sys [x]
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
S3 PCD5SRVC{BD6912E3-AC9D80E8-05040000}; \??\C:\PROGRA~1\PC-DOC~1\PCD5SRVC.pkms [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-09-09 13:20 - 2013-09-09 13:20 - 00000000 ____D C:\FRST
2013-08-29 07:43 - 2013-09-09 14:52 - 00000004 _____ C:\Users\Per\AppData\Roaming\cache.ini
2013-08-28 13:59 - 2013-08-28 15:53 - 735485184 _____ C:\Users\Per\Downloads\I Do (2012).avi
2013-08-28 13:59 - 2013-08-28 14:00 - 00000000 ____D C:\Users\Per\Downloads\THE SLAP Complete  English, Greek Subs
2013-08-28 13:58 - 2013-08-28 13:59 - 00000000 ____D C:\Users\Per\Downloads\Unconditional (2012).PsYbAbA
2013-08-28 07:19 - 2013-08-02 05:09 - 01548288 _____ (Microsoft Corporation) C:\Windows\System32\WMVDECOD.DLL
2013-08-23 14:18 - 2013-08-23 15:14 - 00000000 ____D C:\Users\Per\Downloads\MM Books 21 february 2013
2013-08-23 14:17 - 2013-08-23 15:29 - 00000000 ____D C:\Users\Per\Downloads\MM Books 8 March 2013
2013-08-23 14:15 - 2013-08-23 14:16 - 00000000 ____D C:\Users\Per\Downloads\MM Books 25 february 2013
2013-08-23 14:15 - 2013-08-23 14:15 - 00000000 ____D C:\Users\Per\Downloads\MM ebooks
2013-08-23 14:14 - 2013-08-23 14:15 - 10630914 _____ C:\Users\Per\Downloads\some mm.rar
2013-08-23 14:14 - 2013-08-23 14:15 - 00000000 ____D C:\Users\Per\Downloads\Several Books MM-167
2013-08-23 14:14 - 2013-08-23 14:14 - 00000000 ____D C:\Users\Per\Downloads\Several Books MM-228
2013-08-23 14:14 - 2013-08-23 14:14 - 00000000 ____D C:\Users\Per\Downloads\MM Books 20-08-2013
2013-08-23 14:13 - 2013-08-23 14:16 - 00000000 ____D C:\Users\Per\Downloads\MM Books 16-08-2013
2013-08-23 14:13 - 2013-08-23 14:15 - 00000000 ____D C:\Users\Per\Downloads\Several Books MM-230
2013-08-23 14:13 - 2013-08-23 14:14 - 00000000 ____D C:\Users\Per\Downloads\Several Books MM-229
2013-08-23 13:26 - 2013-08-23 13:27 - 00000000 ____D C:\Users\Per\Downloads\Several Books MM-225
2013-08-23 13:26 - 2013-08-23 13:27 - 00000000 ____D C:\Users\Per\Downloads\Several Books MM-224
2013-08-23 13:26 - 2013-08-23 13:27 - 00000000 ____D C:\Users\Per\Downloads\Several Books MM-223
2013-08-23 13:25 - 2013-08-23 13:28 - 00000000 ____D C:\Users\Per\Downloads\Several Books MM-226
2013-08-23 13:25 - 2013-08-23 13:26 - 00000000 ____D C:\Users\Per\Downloads\Several Books MM-227
2013-08-15 07:22 - 2013-07-25 03:40 - 12334080 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-08-15 07:22 - 2013-07-25 03:32 - 01800704 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-08-15 07:22 - 2013-07-25 03:30 - 09738752 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-08-15 07:22 - 2013-07-25 03:26 - 01129472 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-08-15 07:22 - 2013-07-25 03:26 - 01104384 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-08-15 07:22 - 2013-07-25 03:25 - 01427968 _____ (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2013-08-15 07:22 - 2013-07-25 03:24 - 00231936 _____ (Microsoft Corporation) C:\Windows\System32\url.dll
2013-08-15 07:22 - 2013-07-25 03:24 - 00065536 _____ (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-08-15 07:22 - 2013-07-25 03:23 - 01796096 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-08-15 07:22 - 2013-07-25 03:23 - 00717824 _____ (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-08-15 07:22 - 2013-07-25 03:23 - 00607744 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-08-15 07:22 - 2013-07-25 03:23 - 00420864 _____ (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2013-08-15 07:22 - 2013-07-25 03:23 - 00142848 _____ (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2013-08-15 07:22 - 2013-07-25 03:22 - 02382848 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-08-15 07:22 - 2013-07-25 03:22 - 00176640 _____ (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-08-15 07:22 - 2013-07-25 03:22 - 00073216 _____ (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2013-08-14 08:48 - 2013-07-05 05:53 - 00905664 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2013-08-14 08:48 - 2013-06-15 14:22 - 00015872 _____ (Microsoft Corporation) C:\Windows\System32\icaapi.dll
2013-08-14 08:48 - 2013-06-15 12:23 - 00024064 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\tssecsrv.sys
2013-08-14 08:47 - 2013-07-17 20:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\System32\tzres.dll
2013-08-14 08:46 - 2013-07-10 10:47 - 00783360 _____ (Microsoft Corporation) C:\Windows\System32\rpcrt4.dll
2013-08-14 08:46 - 2013-07-09 13:10 - 01205168 _____ (Microsoft Corporation) C:\Windows\System32\ntdll.dll
2013-08-14 08:46 - 2013-07-09 13:10 - 00088576 _____ C:\Users\Per\AppData\Roaming\cache.dat
2013-08-14 08:46 - 2013-07-08 05:55 - 03603904 _____ (Microsoft Corporation) C:\Windows\System32\ntkrnlpa.exe
2013-08-14 08:46 - 2013-07-08 05:55 - 03551680 _____ (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2013-08-14 08:46 - 2013-07-08 05:20 - 00172544 _____ (Microsoft Corporation) C:\Windows\System32\wintrust.dll
2013-08-14 08:46 - 2013-07-08 05:16 - 00992768 _____ (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2013-08-14 08:46 - 2013-07-08 05:16 - 00133120 _____ (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2013-08-14 08:46 - 2013-07-08 05:16 - 00098304 _____ (Microsoft Corporation) C:\Windows\System32\cryptnet.dll

==================== One Month Modified Files and Folders =======

2013-09-09 14:52 - 2013-08-29 07:43 - 00000004 _____ C:\Users\Per\AppData\Roaming\cache.ini
2013-09-09 14:52 - 2006-11-02 13:47 - 00003696 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-09 14:52 - 2006-11-02 13:47 - 00003696 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-09 14:14 - 2008-07-14 15:46 - 01216905 _____ C:\Windows\WindowsUpdate.log
2013-09-09 14:00 - 2008-07-14 16:20 - 00001356 _____ C:\Users\Per\Local Settings\Application Data\d3d9caps.dat
2013-09-09 14:00 - 2008-07-14 16:20 - 00001356 _____ C:\Users\Per\AppData\Local\d3d9caps.dat
2013-09-09 13:59 - 2013-09-09 13:59 - 00000000 ____D C:\Program Files\Microsoft Games
2013-09-09 13:20 - 2013-09-09 13:20 - 00000000 ____D C:\FRST
2013-08-29 07:35 - 2012-09-03 15:20 - 00000000 ____D C:\Users\Per\Documents\Bank
2013-08-29 07:33 - 2012-08-29 11:19 - 00708603 _____ C:\Users\Per\danid.log
2013-08-28 21:32 - 2008-07-15 12:18 - 00050176 _____ C:\Users\Per\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-08-28 21:32 - 2008-07-15 12:18 - 00050176 _____ C:\Users\Per\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-08-28 15:53 - 2013-08-28 13:59 - 735485184 _____ C:\Users\Per\Downloads\I Do (2012).avi
2013-08-28 15:53 - 2012-08-15 14:14 - 00000000 ____D C:\Users\Per\AppData\Roaming\uTorrent
2013-08-28 14:00 - 2013-08-28 13:59 - 00000000 ____D C:\Users\Per\Downloads\THE SLAP Complete  English, Greek Subs
2013-08-28 13:59 - 2013-08-28 13:58 - 00000000 ____D C:\Users\Per\Downloads\Unconditional (2012).PsYbAbA
2013-08-28 08:40 - 2011-09-17 09:19 - 00000000 ____D C:\Users\Per\Local Settings\Application Data\CrashDumps
2013-08-28 08:40 - 2011-09-17 09:19 - 00000000 ____D C:\Users\Per\AppData\Local\CrashDumps
2013-08-23 15:29 - 2013-08-23 14:17 - 00000000 ____D C:\Users\Per\Downloads\MM Books 8 March 2013
2013-08-23 15:14 - 2013-08-23 14:18 - 00000000 ____D C:\Users\Per\Downloads\MM Books 21 february 2013
2013-08-23 14:16 - 2013-08-23 14:15 - 00000000 ____D C:\Users\Per\Downloads\MM Books 25 february 2013
2013-08-23 14:16 - 2013-08-23 14:13 - 00000000 ____D C:\Users\Per\Downloads\MM Books 16-08-2013
2013-08-23 14:15 - 2013-08-23 14:15 - 00000000 ____D C:\Users\Per\Downloads\MM ebooks
2013-08-23 14:15 - 2013-08-23 14:14 - 10630914 _____ C:\Users\Per\Downloads\some mm.rar
2013-08-23 14:15 - 2013-08-23 14:14 - 00000000 ____D C:\Users\Per\Downloads\Several Books MM-167
2013-08-23 14:15 - 2013-08-23 14:13 - 00000000 ____D C:\Users\Per\Downloads\Several Books MM-230
2013-08-23 14:14 - 2013-08-23 14:14 - 00000000 ____D C:\Users\Per\Downloads\Several Books MM-228
2013-08-23 14:14 - 2013-08-23 14:14 - 00000000 ____D C:\Users\Per\Downloads\MM Books 20-08-2013
2013-08-23 14:14 - 2013-08-23 14:13 - 00000000 ____D C:\Users\Per\Downloads\Several Books MM-229
2013-08-23 13:28 - 2013-08-23 13:25 - 00000000 ____D C:\Users\Per\Downloads\Several Books MM-226
2013-08-23 13:27 - 2013-08-23 13:26 - 00000000 ____D C:\Users\Per\Downloads\Several Books MM-225
2013-08-23 13:27 - 2013-08-23 13:26 - 00000000 ____D C:\Users\Per\Downloads\Several Books MM-224
2013-08-23 13:27 - 2013-08-23 13:26 - 00000000 ____D C:\Users\Per\Downloads\Several Books MM-223
2013-08-23 13:26 - 2013-08-23 13:25 - 00000000 ____D C:\Users\Per\Downloads\Several Books MM-227
2013-08-23 13:24 - 2013-07-31 11:56 - 00000000 ____D C:\Users\Per\Downloads\It's Gonna Hurt - We got a screamer folks! (Video & Pictures)
2013-08-20 21:30 - 2012-08-15 13:54 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe
2013-08-20 21:30 - 2012-08-15 13:54 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl
2013-08-15 12:48 - 2012-08-22 08:21 - 00000000 ____D C:\Users\Per\Documents\Per
2013-08-15 12:39 - 2013-01-23 16:50 - 00000000 ____D C:\Users\Per\Documents\Books
2013-08-15 12:38 - 2012-08-26 15:06 - 00000000 ____D C:\Users\Per\Calibre bibliotek
2013-08-15 12:35 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\Microsoft.NET
2013-08-15 07:52 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\rescache
2013-08-15 07:30 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\System32\sv-SE
2013-08-15 07:27 - 2008-07-15 08:45 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-08-13 14:00 - 2013-07-31 12:10 - 733165569 _____ C:\Users\Per\Downloads\Glee The Concert Movie.avi

Files to move or delete:
====================
C:\ProgramData\dsgsdgdsgdsgw.pad
C:\Users\Per\Ant_setup.exe
C:\Users\Per\AVSVideoConverter.exe
C:\Users\Per\DivXInstaller.exe
C:\Users\Per\AppData\Roaming\cache.dat
C:\Users\Per\AppData\Roaming\cache.ini
C:\Users\Per\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\runctf.lnk
C:\Users\Per\AppData\Local\Temp\068AD142.dll
C:\Users\Per\AppData\Local\Temp\068B423C.dll
C:\Users\Per\AppData\Local\Temp\186FEDDE.dll
C:\Users\Per\AppData\Local\Temp\1A5E1956.dll
C:\Users\Per\AppData\Local\Temp\24F74CB2.dll
C:\Users\Per\AppData\Local\Temp\2E4964C4.dll
C:\Users\Per\AppData\Local\Temp\2jfuweif.exe
C:\Users\Per\AppData\Local\Temp\48F8A90C.dll
C:\Users\Per\AppData\Local\Temp\50333294.dll
C:\Users\Per\AppData\Local\Temp\562449C8.dll
C:\Users\Per\AppData\Local\Temp\5E2261A2.dll
C:\Users\Per\AppData\Local\Temp\5F085D6B.dll
C:\Users\Per\AppData\Local\Temp\5F0B94EE.dll
C:\Users\Per\AppData\Local\Temp\5F0D1C4A.dll
C:\Users\Per\AppData\Local\Temp\657D1D3B.dll
C:\Users\Per\AppData\Local\Temp\71E4C1F1.dll
C:\Users\Per\AppData\Local\Temp\71E536B7.dll
C:\Users\Per\AppData\Local\Temp\7598230E.dll
C:\Users\Per\AppData\Local\Temp\76A70A1E.dll
C:\Users\Per\AppData\Local\Temp\821FB615.dll
C:\Users\Per\AppData\Local\Temp\89C4A350.dll
C:\Users\Per\AppData\Local\Temp\97235B61.dll
C:\Users\Per\AppData\Local\Temp\9E35F45F.dll
C:\Users\Per\AppData\Local\Temp\9E384804.dll
C:\Users\Per\AppData\Local\Temp\AdobeUpdater12345.exe
C:\Users\Per\AppData\Local\Temp\AFD05127.dll
C:\Users\Per\AppData\Local\Temp\AFD06505.dll
C:\Users\Per\AppData\Local\Temp\B0B436A8.dll
C:\Users\Per\AppData\Local\Temp\B5052C2F.dll
C:\Users\Per\AppData\Local\Temp\C8C689E7.dll
C:\Users\Per\AppData\Local\Temp\C9E5E8C2.dll
C:\Users\Per\AppData\Local\Temp\C9E6DFA5.dll
C:\Users\Per\AppData\Local\Temp\CEBAEF03.dll
C:\Users\Per\AppData\Local\Temp\CEF05BD7.dll
C:\Users\Per\AppData\Local\Temp\F5B48C10.dll
C:\Users\Per\AppData\Local\Temp\F9005930.dll
C:\Users\Per\AppData\Local\Temp\F903555C.dll
C:\Users\Per\AppData\Local\Temp\F90A0C18.dll
C:\Users\Per\AppData\Local\Temp\FF31641C.dll
C:\Users\Per\AppData\Local\Temp\FF3651B9.dll
C:\Users\Per\AppData\Local\Temp\FF37640F.dll
C:\Users\Per\AppData\Local\Temp\install_flashplayer11x32ax_aaa_aih.exe
C:\Users\Per\AppData\Local\Temp\jre-7u10-windows-i586-iftw.exe
C:\Users\Per\AppData\Local\Temp\jre-7u7-windows-i586-iftw.exe
C:\Users\Per\AppData\Local\Temp\ose00000.exe
C:\Users\Per\AppData\Local\Temp\qoyuoxdiqjcvocvxd.exe
C:\Users\Per\AppData\Local\Temp\Softonic_1.4.1f.exe
C:\Users\Per\AppData\Local\Temp\_is4088.exe
C:\Users\Per\AppData\Local\Temp\_is6CC6.exe
C:\Users\Per\AppData\Local\Temp\_is905C.exe
C:\Users\Per\AppData\Local\Temp\_isD90F.exe
C:\Users\Per\AppData\Local\Temp\_isFDDE.exe
C:\Users\Per\AppData\Local\Temp\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}_NIS_24855.exe
C:\Users\Per\AppData\Local\Temp\{DE3CCFF2-8D3E-4038-9C3D-9D91D34A9398}\ISSetup.dll
C:\Users\Per\AppData\Local\Temp\{DE3CCFF2-8D3E-4038-9C3D-9D91D34A9398}\_Setup.dll
C:\Users\Per\AppData\Local\Temp\{D610A4A6-C32C-479E-B00E-C1C5A4B7139F}\ISSetup.dll
C:\Users\Per\AppData\Local\Temp\{D610A4A6-C32C-479E-B00E-C1C5A4B7139F}\_Setup.dll
C:\Users\Per\AppData\Local\Temp\{A147E8FE-1202-446C-9B7D-2D690D80CE9A}\ISSetup.dll
C:\Users\Per\AppData\Local\Temp\{A147E8FE-1202-446C-9B7D-2D690D80CE9A}\_Setup.dll
C:\Users\Per\AppData\Local\Temp\{6F70CC21-48D2-4FAC-865C-1C962107BF32}\adobeshockwavextrabundle.exe
C:\Users\Per\AppData\Local\Temp\{4FC0A6ED-4987-49D9-8217-52BE98B01EEE}\ISSetup.dll
C:\Users\Per\AppData\Local\Temp\{4FC0A6ED-4987-49D9-8217-52BE98B01EEE}\_Setup.dll
C:\Users\Per\AppData\Local\Temp\Setup00000654\ose00000.exe
C:\Users\Per\AppData\Local\Temp\Setup00000654\OSETUP.DLL
C:\Users\Per\AppData\Local\Temp\Setup00000654\OSETUPUI.DLL
C:\Users\Per\AppData\Local\Temp\nso989C.tmp-2\APN_ATU3_.exe
C:\Users\Per\AppData\Local\Temp\codecstp9376\fmcodec.dll

==================== Known DLLs (Whitelisted) ============


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points  =========================

Restore point made on: 2013-07-30 07:57:48
Restore point made on: 2013-08-06 08:56:58
Restore point made on: 2013-08-13 07:36:22
Restore point made on: 2013-08-15 07:16:43
Restore point made on: 2013-08-20 09:16:55
Restore point made on: 2013-08-27 08:32:23
Restore point made on: 2013-08-29 07:27:48

==================== Memory info ===========================

Percentage of memory in use: 20%
Total physical RAM: 2941.88 MB
Available physical RAM: 2352.7 MB
Total Pagefile: 2629.11 MB
Available Pagefile: 2461.36 MB
Total Virtual: 2047.88 MB
Available Virtual: 1981.63 MB

==================== Drives ================================

Drive c: (System) (Fixed) (Total:224.97 GB) (Free:95.04 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (FACTORY_IMAGE) (Fixed) (Total:7.91 GB) (Free:1.28 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive f: (Datadisk) (Fixed) (Total:74.52 GB) (Free:54.9 GB) NTFS
Drive k: (NANO) (Removable) (Total:0.96 GB) (Free:0.95 GB) FAT
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 233 GB) (Disk ID: 1549F232)
Partition 1: (Active) - (Size=225 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=8 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 75 GB) (Disk ID: 4D6D93B4)
Partition 1: (Active) - (Size=75 GB) - (Type=07 NTFS)

========================================================
Disk: 6 (Size: 983 MB) (Disk ID: C3D065A7)
Partition 1: (Not Active) - (Size=983 MB) - (Type=0E)


LastRegBack: 2013-09-09 14:04

==================== End Of Log ============================


Farbar Recovery Scan Tool (x86) Version: 06-09-2013
Ran by SYSTEM at 2013-09-10 14:26:13
Running from K:\
Boot Mode: Recovery

================== Search: "services.exe" ===================

C:\WINDOWS\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6002.18005_none_d14b3973ca6acc56\services.exe
[2009-09-24 04:56] - [2009-04-11 07:27] - 0279552 ____A (Microsoft Corporation) D4E6D91C1349B7BFB3599A6ADA56851B

C:\WINDOWS\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6001.18000_none_cf5fc067cd49010a\services.exe
[2008-07-19 11:37] - [2008-01-19 08:33] - 0279040 ____A (Microsoft Corporation) 2B336AB6286D6C81FA02CBAB914E3C6C

C:\WINDOWS\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6000.16386_none_cd28fe6bd05df036\services.exe
[2006-11-02 09:35] - [2006-11-02 10:45] - 0279552 ____A (Microsoft Corporation) 329CF3C97CE4C19375C8ABCABAE258B0

C:\WINDOWS\System32\services.exe
[2009-09-24 04:56] - [2009-04-11 07:27] - 0279552 ____A (Microsoft Corporation) D4E6D91C1349B7BFB3599A6ADA56851B

=== End Of Search ===
Avatar billede f-arn Guru
10. september 2013 - 16:19 #10
Drop fildeling ->
http://www.spywarefri.dk/artikel/farerne-ved-fildeling/

------

Jeg kan se både Ad-Avare og F - Secure.

Hvilket benytter du ?

------

Åben Notepad, kopier det fremhævede  med fed ind, og gem filen som Fixlist på din USB nøgle ved siden af Farbar Recovery Scan Tool.


start
SHKU\Per\...\Winlogon: [Shell] explorer.exe,C:\Users\Per\AppData\Roaming\cache.dat [ 2013-07-09] () <==== ATTENTION
S2 pbcswo; C:\Windows\system32\pbcswo.exe [x]
C:\ProgramData\dsgsdgdsgdsgw.pad
C:\Users\Per\Ant_setup.exe
C:\Users\Per\AVSVideoConverter.exe
C:\Users\Per\DivXInstaller.exe
C:\Users\Per\AppData\Roaming\cache.dat
C:\Users\Per\AppData\Roaming\cache.ini
C:\Users\Per\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\runctf.lnk
cmd: del /a/f/q C:\Users\Per\AppData\Local\Temp\*.*
C:\Users\Per\AppData\Local\Temp\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}
C:\Users\Per\AppData\Local\Temp\{DE3CCFF2-8D3E-4038-9C3D-9D91D34A9398}
C:\Users\Per\AppData\Local\Temp\{D610A4A6-C32C-479E-B00E-C1C5A4B7139F}
C:\Users\Per\AppData\Local\Temp\{A147E8FE-1202-446C-9B7D-2D690D80CE9A}
C:\Users\Per\AppData\Local\Temp\{6F70CC21-48D2-4FAC-865C-1C962107BF32}
C:\Users\Per\AppData\Local\Temp\{4FC0A6ED-4987-49D9-8217-52BE98B01EEE}
cmd: Dir /b /a:l c:\ /s
end


Start PCen op med Kommando prompt. (Som før)

Ved Kommando prompten starter du FRST (Farbar Recovery Scan Tool) og klikker på FIX (og venter til den er færdig)

Den laver Fixlog.txt, som du skal kopiere herind i dit næste indlæg.

Luk Farbar Recovery Scan Tool, og genstart PCen.

------

Hent "Malwarebytes' Anti-Malware" her

eller her

Installer og start programmet, klik på fanen opdater, klik Tjek for opdatering, lav "Fuld system skan" under fanebladet "skanner"
Bagefter klik på "vis resultater", tryk på "Fjern det valgte" gem loggen og send den herind sammen med logs fra DDS.

Du kan også bruge denne DDS.

Den laver to logs,(DDS.txt og Attach.txt) gem dem på skrivebordet og kopier indholdet af begge herind.

OBS - DDS skal gemmes på computeren og ikke køres fra nettet.

Mht.: Vista og Windows 7/8 - Højreklik på filen - Kør som Administrator.

NB Når du opdaterer Malwarebytes, så klik på Tjek for opdatering til den skriver at der ikke er flere opdateringer.
Avatar billede madtex Nybegynder
10. september 2013 - 21:50 #11
Jeg bruger  F - Secure. på min computer.
En jeg kender lavet min computer sidste år da jeg have den første gang, og det var den person som sat det ind.


Skal man bruge Malwarebytes.
Avatar billede f-arn Guru
10. september 2013 - 22:06 #12
Har du fået kørt Fixlist så PCen kan starte ?
Avatar billede madtex Nybegynder
10. september 2013 - 23:02 #13
Jeg har lige kørt fixlist og min PC stå tændt lige ved siden af.
Avatar billede f-arn Guru
11. september 2013 - 08:07 #14
Hvis du ikke gør som jeg skriver, kommer vi ikke nogen vegne !!!!

Den laver Fixlog.txt, som du skal kopiere herind i dit næste indlæg.

Hvis den kan starte normalt, vil jeg gerne ha' du fortsætter med Malwarebytes og DDS.
Avatar billede madtex Nybegynder
11. september 2013 - 11:04 #15
Min computer starter normalt og her er min fixlog.txt.

Jeg har kørt Malwarebyte, men ikke DDS.

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 06-09-2013
Ran by SYSTEM at 2013-09-10 22:50:39 Run:1
Running from K:\
Boot Mode: Recovery

==============================================

Content of fixlist:
*****************
start
SHKU\Per\...\Winlogon: [Shell] explorer.exe,C:\Users\Per\AppData\Roaming\cache.dat [ 2013-07-09] () <==== ATTENTION
S2 pbcswo; C:\Windows\system32\pbcswo.exe [x]
C:\ProgramData\dsgsdgdsgdsgw.pad
C:\Users\Per\Ant_setup.exe
C:\Users\Per\AVSVideoConverter.exe
C:\Users\Per\DivXInstaller.exe
C:\Users\Per\AppData\Roaming\cache.dat
C:\Users\Per\AppData\Roaming\cache.ini
C:\Users\Per\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\runctf.lnk
cmd: del /a/f/q C:\Users\Per\AppData\Local\Temp\*.*
C:\Users\Per\AppData\Local\Temp\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}
C:\Users\Per\AppData\Local\Temp\{DE3CCFF2-8D3E-4038-9C3D-9D91D34A9398}
C:\Users\Per\AppData\Local\Temp\{D610A4A6-C32C-479E-B00E-C1C5A4B7139F}
C:\Users\Per\AppData\Local\Temp\{A147E8FE-1202-446C-9B7D-2D690D80CE9A}
C:\Users\Per\AppData\Local\Temp\{6F70CC21-48D2-4FAC-865C-1C962107BF32}
C:\Users\Per\AppData\Local\Temp\{4FC0A6ED-4987-49D9-8217-52BE98B01EEE}
cmd: Dir /b /a:l c:\ /s
end


*****************

HKU\SPer\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell => Value not found.
pbcswo => Service deleted successfully.
C:\ProgramData\dsgsdgdsgdsgw.pad => Moved successfully.
C:\Users\Per\Ant_setup.exe => Moved successfully.
C:\Users\Per\AVSVideoConverter.exe => Moved successfully.
C:\Users\Per\DivXInstaller.exe => Moved successfully.
C:\Users\Per\AppData\Roaming\cache.dat => Moved successfully.
C:\Users\Per\AppData\Roaming\cache.ini => Moved successfully.
C:\Users\Per\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\runctf.lnk => Moved successfully.

=========  del /a/f/q C:\Users\Per\AppData\Local\Temp\*.* =========


========= End of CMD: =========

"C:\Users\Per\AppData\Local\Temp\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}" => File/Directory not found.
C:\Users\Per\AppData\Local\Temp\{DE3CCFF2-8D3E-4038-9C3D-9D91D34A9398} => Moved successfully.
C:\Users\Per\AppData\Local\Temp\{D610A4A6-C32C-479E-B00E-C1C5A4B7139F} => Moved successfully.
C:\Users\Per\AppData\Local\Temp\{A147E8FE-1202-446C-9B7D-2D690D80CE9A} => Moved successfully.
C:\Users\Per\AppData\Local\Temp\{6F70CC21-48D2-4FAC-865C-1C962107BF32} => Moved successfully.
C:\Users\Per\AppData\Local\Temp\{4FC0A6ED-4987-49D9-8217-52BE98B01EEE} => Moved successfully.

=========  Dir /b /a:l c:\ /s =========

c:\Documents and Settings
c:\Program
c:\Documents and Settings\All Users
c:\Documents and Settings\Default User
c:\Documents and Settings\All Users\Application Data
c:\Documents and Settings\All Users\Dokument
c:\Documents and Settings\All Users\Favoriter
c:\Documents and Settings\All Users\Mallar
c:\Documents and Settings\All Users\Skrivbord
c:\Documents and Settings\All Users\Start-meny
c:\Documents and Settings\All Users\Application Data\Application Data
c:\Documents and Settings\All Users\Application Data\Dokument
c:\Documents and Settings\All Users\Application Data\Favoriter
c:\Documents and Settings\All Users\Application Data\Mallar
c:\Documents and Settings\All Users\Application Data\Skrivbord
c:\Documents and Settings\All Users\Application Data\Start-meny
c:\Documents and Settings\All Users\Application Data\Application Data\Application Data
c:\Documents and Settings\All Users\Application Data\Application Data\Dokument
c:\Documents and Settings\All Users\Application Data\Application Data\Favoriter
c:\Documents and Settings\All Users\Application Data\Application Data\Mallar
c:\Documents and Settings\All Users\Application Data\Application Data\Skrivbord
c:\Documents and Settings\All Users\Application Data\Application Data\Start-meny
c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data
c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Dokument
c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Favoriter
c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Mallar
c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Skrivbord
c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Start-meny
c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data
c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Dokument
c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Favoriter
c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Mallar
c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Skrivbord
c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Start-meny
c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Dokument
c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Favoriter
c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Mallar
c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Skrivbord
c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Start-meny
c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Dokument
c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Favoriter
c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Mallar
c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skrivbord
c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Start-meny
c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Dokument
c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Favoriter
c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Mallar
c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skrivbord
c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Start-meny
c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Dokument
c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Favoriter
c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Mallar
c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skrivbord
c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Start-meny
c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Dokument
c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Favoriter
c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Mallar
c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skrivbord
c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Start-meny
c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Dokument
c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Favoriter
c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Mallar
c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skrivbord
c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Start-meny
c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Dokument
c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Favoriter
c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Mallar
c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skrivbord
c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Start-meny
Katalognamnet c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Adobe\Acrobat\10.0\Replicate\Security ?r f?r l?ngt.
Katalognamnet c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Apple Computer\Installer Cache\QuickTime 7.55.90.70 ?r f?r l?ngt.
c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Dokument
c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Favoriter
c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Mallar
c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skrivbord
c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Start-meny
Katalognamnet c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Adobe\ARM\Reader_10.0.0 ?r f?r l?ngt.
Katalognamnet c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Apple Computer\Installer Cache ?r f?r l?ngt.
c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Dokument
c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Favoriter
c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Mallar
c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Skrivbord
c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Start-meny
Katalognamnet c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Adobe ?r f?r l?ngt.
Katalognamnet c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\AVG10\Chjw\2c88743c8874071c ?r f?r l?ngt.
Katalognamnet c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\AVG10\IDS\config\EN_US ?r f?r l?ngt.
Katalognamnet c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\AVG10\IDS\malwareprofile ?r f?r l?ngt.
Katalognamnet c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\AVG10\update\download ?r f?r l?ngt.
Katalognamnet c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\avg9\emc\Queue\ACTIVE ?r f?r l?ngt.
c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Dokument\Min musik
c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Dokument\Mina bilder
c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Dokument\Mina videoklipp
Katalognamnet c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Dokument\Mina bilder ?r f?r l?ngt.
Katalognamnet c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\EPSON\EPSON Stylus DX4400 Series ?r f?r l?ngt.
Katalognamnet c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\F-Secure\Daas2\revocation ?r f?r l?ngt.
Katalognamnet c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\F-Secure\Logs\ORSP Client ?r f?r l?ngt.
Katalognamnet c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\F4D562C8000027F9000B8416570F1C8B ?r f?r l?ngt.
c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Dokument\Min musik
c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Dokument\Mina bilder
c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Dokument\Mina videoklipp
Katalognamnet c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Dokument\Mina videoklipp\Sample Videos ?r f?r l?ngt.
Katalognamnet c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\F-Secure\Quarantine\Repository\Samples ?r f?r l?ngt.
Katalognamnet c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Hewlett-Packard\HP Software UI\Easy Internet Signup ?r f?r l?ngt.
Katalognamnet c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Assistance\Client\1.0\en-US ?r f?r l?ngt.
Katalognamnet c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\eHome\Packages\MCESpotlight ?r f?r l?ngt.
Katalognamnet c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\PlayReady\Cache\S-1-5-21-1880629876-3062925322-4099561893-1000 ?r f?r l?ngt.
Katalognamnet c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows ?r f?r l?ngt.
Katalognamnet c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\User Account Pictures\Default Pictures ?r f?r l?ngt.
Katalognamnet c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\GameExplorer\{00D8862B-6453-4957-A821-3D98D74C76BE} ?r f?r l?ngt.
c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Start Menu\Program
Katalognamnet c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Start Menu\Programs ?r f?r l?ngt.
Katalognamnet c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\WER\ReportQueue\Report00cf9433 ?r f?r l?ngt.
Katalognamnet c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows Defender\Definition Updates ?r f?r l?ngt.
Katalognamnet c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Norton\{086A63F0-6B13-4F29-9695-134E7A01E963} ?r f?r l?ngt.
Katalognamnet c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\NortonInstaller\Logs\2013-02-10-06h14m39s ?r f?r l?ngt.
c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Start-meny\Program
Katalognamnet c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Start-meny\Program\Accessories\Accessibility ?r f?r l?ngt.
Katalognamnet c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Start-meny\Program\Administrative Tools ?r f?r l?ngt.
Katalognamnet c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Start-meny\Programs\Accessories\Accessibility ?r f?r l?ngt.
Katalognamnet c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Start-meny\Programs\Administrative Tools ?r f?r l?ngt.
Katalognamnet c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Symantec\Definitions\SymcData\VirusDefs-2.5-E ?r f?r l?ngt.
Katalognamnet c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\{237893C1-591F-47E9-9771-FF1BC748C7F6} ?r f?r l?ngt.
c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Dokument\Min musik
c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Dokument\Mina bilder
c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Dokument\Mina videoklipp
Katalognamnet c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Hewlett-Packard\HP Software UI\Easy Internet Signup\offers ?r f?r l?ngt.
Katalognamnet c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\PlayReady\Cache\S-1-5-21-1880629876-3062925322-4099561893-1000 ?r f?r l?ngt.
Katalognamnet c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex ?r f?r l?ngt.
Katalognamnet c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\GameExplorer\{00D8862B-6453-4957-A821-3D98D74C76BE} ?r f?r l?ngt.
c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Start Menu\Program
Katalognamnet c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Start Menu\Program\Accessories\Accessibility ?r f?r l?ngt.
Katalognamnet c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Start Menu\Program\Administrative Tools ?r f?r l?ngt.
Katalognamnet c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility ?r f?r l?ngt.
Katalognamnet c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Start Menu\Programs\Administrative Tools ?r f?r l?ngt.
Katalognamnet c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows Defender\Definition Updates\{DA383411-F287-4093-A3EF-DC295908870C} ?r f?r l?ngt.
Katalognamnet c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows Defender\Scans\CleanStore\ResourceData ?r f?r l?ngt.
Katalognamnet c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows Defender\Scans\History\Results\Quick ?r f?r l?ngt.
c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Start-meny\Program
Katalognamnet c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Start-meny\Program\Ashampoo\Ashampoo Burning Studio 10 ?r f?r l?ngt.
Katalognamnet c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Start-meny\Program\EPSON Creativity Suite\Attach To Email ?r f?r l?ngt.
Katalognamnet c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Start-meny\Program\Microsoft Office\Microsoft Office-v?rkt?jer ?r f?r l?ngt.
Katalognamnet c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Start-meny\Programs\Ashampoo\Ashampoo Burning Studio 10 ?r f?r l?ngt.
Katalognamnet c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Start-meny\Programs\EPSON Creativity Suite\Attach To Email ?r f?r l?ngt.
Katalognamnet c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Start-meny\Programs\Microsoft Office\Microsoft Office-v?rkt?jer ?r f?r l?ngt.
Katalognamnet c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Symantec\Definitions\SymcData\VirusDefs-2.5-E\newdefs-trigger ?r f?r l?ngt.
c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Dokument\Min musik
c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Dokument\Mina bilder
c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Dokument\Mina videoklipp
Katalognamnet c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Hewlett-Packard\HP Software UI\Easy Internet Signup\offers\sv\offer_definitions ?r f?r l?ngt.
Katalognamnet c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\PlayReady\Cache\S-1-5-21-1880629876-3062925322-4099561893-1000 ?r f?r l?ngt.
Katalognamnet c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer ?r f?r l?ngt.
c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Start Menu\Program
Katalognamnet c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Start Menu\Program\Ashampoo\Ashampoo Burning Studio 10 ?r f?r l?ngt.
Katalognamnet c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Start Menu\Program\EPSON Creativity Suite\Attach To Email ?r f?r l?ngt.
Katalognamnet c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Start Menu\Program\Microsoft Office\Microsoft Office-v?rkt?jer ?r f?r l?ngt.
Katalognamnet c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Start Menu\Programs\Ashampoo\Ashampoo Burning Studio 10 ?r f?r l?ngt.
Katalognamnet c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Start Menu\Programs\EPSON Creativity Suite\Attach To Email ?r f?r l?ngt.
Katalognamnet c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office-v?rkt?jer ?r f?r l?ngt.
Katalognamnet c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows Defender\Definition Updates\{DA383411-F287-4093-A3EF-DC295908870C} ?r f?r l?ngt.
c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Start-meny\Program
c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Dokument\Min musik
c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Dokument\Mina bilder
c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Dokument\Mina videoklipp
Katalognamnet c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Hewlett-Packard\HP Software UI\Easy Internet Signup\offers\sv\content\tele2-svdia00007hpd19 ?r f?r l?ngt.
c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Start Menu\Program
c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Start-meny\Program
c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Dokument\Min musik
c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Dokument\Mina bilder
c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Dokument\Mina videoklipp
c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Start Menu\Program
c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Start-meny\Program
c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Dokument\Min musik
c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Dokument\Mina bilder
c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Dokument\Mina videoklipp
c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Start Menu\Program
c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Start-meny\Program
c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Dokument\Min musik
c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Dokument\Mina bilder
c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Dokument\Mina videoklipp
c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Start Menu\Program
c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Application Data\Start-meny\Program
c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Dokument\Min musik
c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Dokument\Mina bilder
c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Dokument\Mina videoklipp
c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Start Menu\Program
c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Application Data\Start-meny\Program
c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Dokument\Min musik
c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Dokument\Mina bilder
c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Dokument\Mina videoklipp
c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Microsoft\Windows\Start Menu\Program
c:\Documents and Settings\All Users\Application Data\Application Data\Application Data\Start-meny\Program
c:\Documents and Settings\All Users\Application Data\Application Data\Dokument\Min musik
c:\Documents and Settings\All Users\Application Data\Application Data\Dokument\Mina bilder
c:\Documents and Settings\All Users\Application Data\Application Data\Dokument\Mina videoklipp
c:\Documents and Settings\All Users\Application Data\Application Data\Microsoft\Windows\Start Menu\Program
c:\Documents and Settings\All Users\Application Data\Application Data\Start-meny\Program
c:\Documents and Settings\All Users\Application Data\Dokument\Min musik
c:\Documents and Settings\All Users\Application Data\Dokument\Mina bilder
c:\Documents and Settings\All Users\Application Data\Dokument\Mina videoklipp
c:\Documents and Settings\All Users\Application Data\Microsoft\Windows\Start Menu\Program
c:\Documents and Settings\All Users\Application Data\Start-meny\Program
c:\Documents and Settings\All Users\Dokument\Min musik
c:\Documents and Settings\All Users\Dokument\Mina bilder
c:\Documents and Settings\All Users\Dokument\Mina videoklipp
c:\Documents and Settings\All Users\Microsoft\Windows\Start Menu\Program
c:\Documents and Settings\All Users\Start-meny\Program
c:\Documents and Settings\Default\Application Data
c:\Documents and Settings\Default\Cookies
c:\Documents and Settings\Default\Local Settings
c:\Documents and Settings\Default\Mallar
c:\Documents and Settings\Default\Mina dokument
c:\Documents and Settings\Default\N?tverket
c:\Documents and Settings\Default\Recent
c:\Documents and Settings\Default\SendTo
c:\Documents and Settings\Default\Skrivare
c:\Documents and Settings\Default\Start-meny
c:\Documents and Settings\Default\AppData\Local\Application Data
c:\Documents and Settings\Default\AppData\Local\Temporary Internet Files
c:\Documents and Settings\Default\AppData\Local\Tidigare
c:\Documents and Settings\Default\AppData\Local\Application Data\Application Data
c:\Documents and Settings\Default\AppData\Local\Application Data\Temporary Internet Files
c:\Documents and Settings\Default\AppData\Local\Application Data\Tidigare
c:\Documents and Settings\Default\AppData\Local\Application Data\Application Data\Application Data
c:\Documents and Settings\Default\AppData\Local\Application Data\Application Data\Temporary Internet Files
c:\Documents and Settings\Default\AppData\Local\Application Data\Application Data\Tidigare
c:\Documents and Settings\Default\AppData\Local\Application Data\Application Data\Application Data\Application Data
c:\Documents and Settings\Default\AppData\Local\Application Data\Application Data\Application Data\Temporary Internet Files
c:\Documents and Settings\Default\AppData\Local\Application Data\Application Data\Application Data\Tidigare
c:\Documents and Settings\Default\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data
c:\Documents and Settings\Default\AppData\Local\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files
c:\Documents and Settings\Default\AppData\Local\Application Data\Application Data\Application Data\Application Data\Tidigare
c:\Documents and Settings\Default\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
c:\Documents and Settings\Default\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files
c:\Documents and Settings\Default\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Tidigare
c:\Documents and Settings\Default\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
c:\Documents and Settings\Default\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files
c:\Documents and Settings\Default\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Tidigare
c:\Documents and Settings\Default\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
c:\Documents and Settings\Default\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files
c:\Documents and Settings\Default\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Tidigare
c:\Documents and Settings\Default\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
c:\Documents and Settings\Default\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files
c:\Documents and Settings\Default\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Tidigare
c:\Documents and Settings\Default\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
c:\Documents and Settings\Default\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files
c:\Documents and Settings\Default\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Tidigare
c:\Documents and Settings\Default\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
c:\Documents and Settings\Default\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files
c:\Documents and Settings\Default\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Tidigare
c:\Documents and Settings\Default\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
c:\Documents and Settings\Default\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files
c:\Documents and Settings\Default\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Tidigare
c:\Documents and Settings\Default\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
c:\Documents and Settings\Default\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files
c:\Documents and Settings\Default\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Tidigare
Katalognamnet c:\Documents and Settings\Default\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data ?r f?r l?ngt.
Katalognamnet c:\Documents and Settings\Default\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\GameExplorer ?r f?r l?ngt.
Katalognamnet c:\Documents and Settings\Default\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files ?r f?r l?ngt.
Katalognamnet c:\Documents and Settings\Default\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5\H0X78URX ?r f?r l?ngt.
Katalognamnet c:\Documents and Settings\Default\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5\H0X78URX ?r f?r l?ngt.
c:\Documents and Settings\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Program
c:\Documents and Settings\Default\Application Data\Microsoft\Windows\Start Menu\Program
c:\Documents and Settings\Default\Documents\Min musik
c:\Documents and Settings\Default\Documents\Mina bilder
c:\Documents and Settings\Default\Documents\Mina videoklipp
c:\Documents and Settings\Default\Local Settings\Application Data
c:\Documents and Settings\Default\Local Settings\Temporary Internet Files
c:\Documents and Settings\Default\Local Settings\Tidigare
c:\Documents and Settings\Default\Local Settings\Application Data\Application Data
c:\Documents and Settings\Default\Local Settings\Application Data\Temporary Internet Files
c:\Documents and Settings\Default\Local Settings\Application Data\Tidigare
c:\Documents and Settings\Default\Local Settings\Application Data\Application Data\Application Data
c:\Documents and Settings\Default\Local Settings\Application Data\Application Data\Temporary Internet Files
c:\Documents and Settings\Default\Local Settings\Application Data\Application Data\Tidigare
c:\Documents and Settings\Default\Local Settings\Application Data\Application Data\Application Data\Application Data
c:\Documents and Settings\Default\Local Settings\Application Data\Application Data\Application Data\Temporary Internet Files
c:\Documents and Settings\Default\Local Settings\Application Data\Application Data\Application Data\Tidigare
c:\Documents and Settings\Default\Local Settings\Application Data\Application Data\Application Data\Application Data\Application Data
c:\Documents and Settings\Default\Local Settings\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files
c:\Documents and Settings\Default\Local Settings\Application Data\Application Data\Application Data\Application Data\Tidigare
c:\Documents and Settings\Default\Local Settings\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
c:\Documents and Settings\Default\Local Settings\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files
c:\Documents and Settings\Default\Local Settings\Application Data\Application Data\Application Data\Application Data\Application Data\Tidigare
c:\Documents and Settings\Default\Local Settings\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
c:\Documents and Settings\Default\Local Settings\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files
c:\Documents and Settings\Default\Local Settings\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Tidigare
c:\Documents and Settings\Default\Local Settings\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
c:\Documents and Settings\Default\Local Settings\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files
c:\Documents and Settings\Default\Local Settings\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Tidigare
c:\Documents and Settings\Default\Local Settings\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
c:\Documents and Settings\Default\Local Settings\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files
c:\Documents and Settings\Default\Local Settings\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Tidigare
c:\Documents and Settings\Default\Local Settings\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
c:\Documents and Settings\Default\Local Settings\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files
c:\Documents and Settings\Default\Local Settings\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Tidigare
c:\Documents and Settings\Default\Local Settings\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
c:\Documents and Settings\Default\Local Settings\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files
c:\Documents and Settings\Default\Local Settings\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Tidigare
c:\Documents and Settings\Default\Local Settings\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
c:\Documents and Settings\Default\Local Settings\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files
c:\Documents and Settings\Default\Local Settings\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Tidigare
c:\Documents and Settings\Default\Local Settings\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
c:\Documents and Settings\Default\Local Settings\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files
c:\Documents and Settings\Default\Local Settings\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Tidigare
Katalognamnet c:\Documents and Settings\Default\Local Settings\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data ?r f?r l?ngt.
Katalognamnet c:\Documents and Settings\Default\Local Settings\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\GameExplorer ?r f?r l?ngt.
Katalognamnet c:\Documents and Settings\Default\Local Settings\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files ?r f?r l?ngt.
Katalognamnet c:\Documents and Settings\Default\Local Settings\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files ?r f?r l?ngt.
Katalognamnet c:\Documents and Settings\Default\Local Settings\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Content.IE5\H0X78URX ?r f?r l?ngt.
Katalognamnet c:\Documents and Settings\Default\Local Settings\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Content.IE5\H0X78URX ?r f?r l?ngt.
c:\Documents and Settings\Default\Mina dokument\Min musik
c:\Documents and Settings\Default\Mina dokument\Mina bilder
c:\Documents and Settings\Default\Mina dokument\Mina videoklipp
c:\Documents and Settings\Default\Start-meny\Program
c:\Documents and Settings\Default User\Application Data
c:\Documents and Settings\Default User\Cookies
c:\Documents and Settings\Default User\Local Settings
c:\Documents and Settings\Default User\Mallar
c:\Documents and Settings\Default User\Mina dokument
c:\Documents and Settings\Default User\N?tverket
c:\Documents and Settings\Default User\Recent
c:\Documents and Settings\Default User\SendTo
c:\Documents and Settings\Default User\Skrivare
c:\Documents and Settings\Default User\Start-meny
c:\Documents and Settings\Default User\AppData\Local\Application Data
c:\Documents and Settings\Default User\AppData\Local\Temporary Internet Files
c:\Documents and Settings\Default User\AppData\Local\Tidigare
c:\Documents and Settings\Default User\AppData\Local\Application Data\Application Data
c:\Documents and Settings\Default User\AppData\Local\Application Data\Temporary Internet Files
c:\Documents and Settings\Default User\AppData\Local\Application Data\Tidigare
c:\Documents and Settings\Default User\AppData\Local\Application Data\Application Data\Application Data
c:\Documents and Settings\Default User\AppData\Local\Application Data\Application Data\Temporary Internet Files
c:\Documents and Settings\Default User\AppData\Local\Application Data\Application Data\Tidigare
c:\Documents and Settings\Default User\AppData\Local\Application Data\Application Data\Application Data\Application Data
c:\Documents and Settings\Default User\AppData\Local\Application Data\Application Data\Application Data\Temporary Internet Files
c:\Documents and Settings\Default User\AppData\Local\Application Data\Application Data\Application Data\Tidigare
c:\Documents and Settings\Default User\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data
c:\Documents and Settings\Default User\AppData\Local\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files
c:\Documents and Settings\Default User\AppData\Local\Application Data\Application Data\Application Data\Application Data\Tidigare
c:\Documents and Settings\Default User\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
c:\Documents and Settings\Default User\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files
c:\Documents and Settings\Default User\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Tidigare
c:\Documents and Settings\Default User\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data
c:\Documents and Settings\Default User\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files
c:\Documents and Settings\Default User\AppData\Local\Appl
Avatar billede madtex Nybegynder
11. september 2013 - 11:23 #16
Og Her er min sidste logs

Malwarebytes Anti-Malware (Prøveversion) 1.75.0.1300
www.malwarebytes.org

Database version: v2013.09.10.11

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Per :: PER-DATA [administrator]

Beskyttelse: Slået fra

10-09-2013 23:24:35
mbam-log-2013-09-10 (23-24-35).txt

Skanningstype: Fuldstændig skanning (C:\|D:\|F:\|G:\|)
Skanningsmuligheder valgt: Hukommelse | Opstart | Registreringsdatabasen | Filsystem | Heuristics/Ekstra | Heuristics/Shuriken | PUP | PUM
Skanningsmuligheder som er deaktiverede: P2P
Objekter skannet: 382769
Tid gået: 3 time(e), 27 minut(ter), 23 sekund(er)

Hukommelses Processorer Inficeret: 0
(Ingen skadelige objekter blev fundet)

Hukommelses Moduler Inficeret: 0
(Ingen skadelige objekter blev fundet)

Registreringsdatabasenøgler Inficeret: 3
HKCU\SOFTWARE\VB and VBA Program Settings\tm (Trojan.Downloader) -> Sat i karantæne og slettet succesfuldt.
HKCU\Software\avSofT (Trojan.Fraudpack) -> Sat i karantæne og slettet succesfuldt.
HKCU\Software\AVSuitE (Rogue.AntivirusSuite) -> Sat i karantæne og slettet succesfuldt.

Registreringsdatabaseværdier Inficeret: 2
HKCU\SOFTWARE|7bde84a2-f58f-46ec-9eac-f1f90fead080 (Malware.Trace) -> Data:  -> Sat i karantæne og slettet succesfuldt.
HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon|Shell (Trojan.Ransom) -> Data: explorer.exe,C:\Users\Per\AppData\Roaming\cache.dat -> Sat i karantæne og slettet succesfuldt.

Registreringsdatabasedata Objekter Inficeret: 0
(Ingen skadelige objekter blev fundet)

Inficerede Mapper: 2
C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-1455 (Worm.AutoRun) -> Sat i karantæne og slettet succesfuldt.
C:\RECYCLER\S-1-5-21-0243936033-3052116371-381863308-1811 (Trojan.Agent) -> Sat i karantæne og slettet succesfuldt.

Inficerede Filer: 10
C:\Users\Per\Program Files\oi_avg_free_stb_en_9_117_free.exe (PUP.BundleInstaller.OI) -> Ingen handling valgt.
C:\Users\Per\Program Files\YouTubeDownloaderSetup253b.exe (PUP.Dealio.TB) -> Ingen handling valgt.
G:\7ZipSetup.exe (PUP.Optional.Somoto) -> Ingen handling valgt.
C:\FRST\Quarantine\cache.dat (Trojan.Agent.ED) -> Sat i karantæne og slettet succesfuldt.
c:\programdata\f4d562c8000027f9000b8416570f1c8b\f4d562c8000027f9000b8416570f1c8b.exe (Trojan.Lameshield) -> Sat i karantæne og slettet succesfuldt.
c:\users\per\appdata\local\virtualstore\windows\system32\cooper.mine (Trojan.Downloader) -> Sat i karantæne og slettet succesfuldt.
c:\users\per\appdata\locallow\sun\java\deployment\cache\6.0\30\1ede2ede-25adbc10 (Trojan.FakeMS) -> Sat i karantæne og slettet succesfuldt.
C:\Users\Public\Desktop\MP3 Downloader.lnk (Rogue.Link) -> Sat i karantæne og slettet succesfuldt.
C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-1455\Desktop.ini (Worm.AutoRun) -> Sat i karantæne og slettet succesfuldt.
C:\RECYCLER\S-1-5-21-0243936033-3052116371-381863308-1811\Desktop.ini (Trojan.Agent) -> Sat i karantæne og slettet succesfuldt.

(færdig)


.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
.
==== Disk Partitions =========================
.
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
No restore point in system.
.
==== Installed Programs ======================
.
Ad-Aware 2007
Adobe Flash Player 11 ActiveX
Adobe Reader X (10.1.7) - Dansk
Adobe Shockwave Player 12.0
Ashampoo Burning Studio 10.0.4
Ashampoo WinOptimizer 7 v.7.24
aTube Catcher
AVS Update Manager 1.0
calibre
Camera RAW Plug-In for EPSON Creativity Suite
CDisplay 1.8
CX4300_5500_DX4400 manual
Digital Signatur
EPSON Attach To Email
EPSON Copy Utility 3
EPSON Easy Photo Print
EPSON File Manager
EPSON Printer Software
EPSON Scan
EPSON Scan Assistant
F-Secure Client Security - Browserbeskyttelse
F-Secure Client Security - DeepGuard
F-Secure Client Security - Internetskjold
F-Secure Client Security - Scanning af e-mail
F-Secure Client Security - Scanning af internettrafikken
F-Secure Client Security - Virus/spyware-beskyttelse
Hewlett-Packard Active Check
Hewlett-Packard Asset Agent for Health Check
High Quality Photo Resizer 1.60
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
HP Customer Experience Enhancements
HP Customer Feedback
HP On-Screen Cap/Num/Scroll Lock Indicator
HP Update
Java 7 Update 13
Java Auto Updater
Java(TM) 6 Update 31
Java(TM) SE Runtime Environment 6 Update 1
LADSPA_plugins-win-0.4.15
LAME v3.98.2 for Audacity
LightScribe System Software  1.10.23.1
Malwarebytes Anti-Malware version 1.75.0.1300
Microsoft .NET Framework 3.5 SP1
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (Danish) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (Danish) 2007
Microsoft Office Groove MUI (Danish) 2007
Microsoft Office InfoPath MUI (Danish) 2007
Microsoft Office OneNote MUI (Danish) 2007
Microsoft Office Outlook MUI (Danish) 2007
Microsoft Office PowerPoint MUI (Danish) 2007
Microsoft Office Proof (Danish) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (German) 2007
Microsoft Office Proofing (Danish) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (Danish) 2007
Microsoft Office Shared MUI (Danish) 2007
Microsoft Office Word MUI (Danish) 2007
Microsoft Silverlight
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
NVIDIA Drivers
OGA Notifier 2.0.0048.0
PhotoFiltre 7
PowerDirector
Python 2.5
QuickTime
RealPlayer
Realtek High Definition Audio Driver
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2840629)
Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687309) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2597971) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition
Stellarium 0.11.2
swMSM
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 (KB2768023) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2817642) 32-Bit Edition
VLC media player 1.1.9
Windows Movie Maker 2.6
WinRAR 4.20 (32-bit)
Yahoo! Toolbar
.
==== End Of File ===========================


DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 9.0.8112.16502  BrowserJavaVersion: 10.13.2
Run by Per at 11:08:28 on 2013-09-11
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\SLsvc.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
C:\Program Files\F-Secure\Common\FSMA32.EXE
C:\Program Files\F-Secure\Anti-Virus\FSGK32.EXE
c:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\F-Secure\Common\FSHDLL32.EXE
C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\WINDOWS\RtHDVCpl.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\F-Secure\common\FSM32.EXE
C:\Windows\system32\schtasks.exe
C:\Windows\system32\jusched.exe
C:\Program Files\F-Secure\ORSP Client\fsorsp.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\F-Secure\Common\FNRB32.EXE
C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe
C:\Program Files\F-Secure\Common\FIH32.EXE
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\F-Secure\Anti-Virus\fssm32.exe
C:\Program Files\F-Secure\Anti-Virus\fsav32.exe
c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://212.10.10.20/
uWindow Title = Windows Internet Explorer provided by Yahoo!
uDefault_Page_URL = hxxp://www.yahoo.com/?fr=fp-yie9
mDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=sv_dk&c=81&bd=Pavilion&pf=desktop
uURLSearchHooks: <No Name>:  - LocalServer32 - <no file>
uURLSearchHooks: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
BHO: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - LocalServer32 - <no file>
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Browsing Protection Class: {C6867EB7-8350-4856-877F-93CF8AE3DC9C} - c:\program files\f-secure\nrs\iescript\baselitmus.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
TB: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - c:\program files\yahoo!\companion\installs\cpn\yt.dll
TB: Browsing Protection Toolbar: {265EEE8E-3228-44D3-AEA5-F7FDF5860049} - c:\program files\f-secure\nrs\iescript\baselitmus.dll
uRun: [EPSON Stylus DX4400 Series] c:\windows\system32\spool\drivers\w32x86\3\e_faticae.exe /fu "c:\windows\temp\E_SA073.tmp" /EF "HKCU"
uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
mRun: [Windows Defender] c:\program files\windows defender\MSASCui.exe -hide
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [SunJavaUpdateReg] "c:\windows\system32\jureg.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [F-Secure Manager] "c:\program files\f-secure\common\FSM32.EXE" /splash
mRun: [F-Secure TNB] "c:\program files\f-secure\fsgui\TNBUtil.exe" /CHECKALL /WAITFORSW
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRunOnce: [AvgUninstallURL] cmd.exe /c start http://www.avg.com/ww.special-uninstallation-feedback-appf?lic=OQBBAFYARgBSAEUARQAtAFYAMwBaAEMAOQAtAEUASwBBAFIAUwAtADYAUgBXAEcAQQAtAEEAQQBUAEMAVQAtAFYAUAA5AEYATgA"&"inst=NwA3AC0ANgA5ADcANwAxADIAOQA5ADkALQBGAEwAKwA5AC0ARABEAFQAKwAwAC0AWABPADkAKwAxAC0AWABPADMANgArADEA"&"prod=90"&"ver=9.0.902
StartupFolder: c:\users\per\appdata\roaming\micros~1\windows\startm~1\programs\startup\screen~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE
mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&ksporter til Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
Trusted Zone: danid.dk
Trusted Zone: danid.dk
Trusted Zone: danid.dk
Trusted Zone: danid.dk
DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
TCP: NameServer = 212.10.10.4 212.10.24.252 212.10.10.5
TCP: Interfaces\{0BE6CBC9-F448-4AE5-A601-42FFAD0E35FB} : DHCPNameServer = 212.10.10.4 212.10.24.252 212.10.10.5
TCP: Interfaces\{87FABCE1-B383-4871-B013-870A07EA4525} : DHCPNameServer = 212.10.10.4 212.10.24.252 212.10.10.5
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
LSA: Security Packages =  kerberos msv1_0 schannel wdigest tspkg
mASetup: {A509B1FF-37FF-4bFF-8CFF-4F3A747040FF} - c:\windows\system32\rundll32.exe c:\windows\system32\advpack.dll,launchinfsectionex c:\program files\internet explorer\clrtour.inf,DefaultInstall.ResetTour,,12
.
============= SERVICES / DRIVERS ===============
.
.
=============== File Associations ===============
.
FileExt: .txt: Applications\WksWP.exe - HKCR\Unknown\Shell=c:\windows\system32\rundll32.exe c:\windows\system32\shell32.dll,OpenAs_RunDLL %1 [UserChoice] [default=openas]
.
=============== Created Last 30 ================
.
2013-09-11 00:08:55    7166848    ----a-w-    c:\programdata\microsoft\windows defender\definition updates\{62c2fd3b-19a5-4d92-b99a-8610043f0fc4}\mpengine.dll
2013-09-10 21:20:07    22856    ----a-w-    c:\windows\system32\drivers\mbam.sys
2013-09-10 21:20:07    --------    d-----w-    c:\program files\Malwarebytes' Anti-Malware
2013-09-10 21:16:56    --------    d-----w-    c:\users\per\appdata\roaming\Malwarebytes
2013-09-10 21:16:43    --------    d-----w-    c:\programdata\Malwarebytes
2013-09-09 12:59:30    --------    d-----w-    c:\program files\Microsoft Games
2013-09-09 12:20:46    --------    d-----w-    C:\FRST
2013-08-28 06:19:01    1548288    ----a-w-    c:\windows\system32\WMVDECOD.DLL
2013-08-14 07:48:10    905664    ----a-w-    c:\windows\system32\drivers\tcpip.sys
2013-08-14 07:48:05    24064    ----a-w-    c:\windows\system32\drivers\tssecsrv.sys
2013-08-14 07:48:05    15872    ----a-w-    c:\windows\system32\icaapi.dll
2013-08-14 07:47:16    2048    ----a-w-    c:\windows\system32\tzres.dll
2013-08-14 07:46:58    783360    ----a-w-    c:\windows\system32\rpcrt4.dll
2013-08-14 07:46:46    3551680    ----a-w-    c:\windows\system32\ntoskrnl.exe
2013-08-14 07:46:44    3603904    ----a-w-    c:\windows\system32\ntkrnlpa.exe
2013-08-14 07:46:43    1205168    ----a-w-    c:\windows\system32\ntdll.dll
2013-08-14 07:46:03    992768    ----a-w-    c:\windows\system32\crypt32.dll
2013-08-14 07:46:02    172544    ----a-w-    c:\windows\system32\wintrust.dll
2013-08-14 07:46:02    133120    ----a-w-    c:\windows\system32\cryptsvc.dll
2013-08-14 07:46:01    98304    ----a-w-    c:\windows\system32\cryptnet.dll
.
==================== Find3M  ====================
.
2013-09-10 21:30:20    71048    ----a-w-    c:\windows\system32\FlashPlayerCPLApp.cpl
2013-09-10 21:30:20    692616    ----a-w-    c:\windows\system32\FlashPlayerApp.exe
2013-08-07 02:22:04    238872    ------w-    c:\windows\system32\MpSigStub.exe
2013-07-25 02:32:35    1800704    ----a-w-    c:\windows\system32\jscript9.dll
2013-07-25 02:26:10    1129472    ----a-w-    c:\windows\system32\wininet.dll
2013-07-25 02:25:30    1427968    ----a-w-    c:\windows\system32\inetcpl.cpl
2013-07-25 02:23:59    142848    ----a-w-    c:\windows\system32\ieUnatt.exe
2013-07-25 02:23:58    420864    ----a-w-    c:\windows\system32\vbscript.dll
2013-07-25 02:22:35    2382848    ----a-w-    c:\windows\system32\mshtml.tlb
2013-06-15 13:22:11    15872    ----a-w-    c:\windows\system32\icaapi.dll
.
============= FINISH: 11:14:17,57 ===============
Avatar billede f-arn Guru
11. september 2013 - 15:34 #17
Afinstaller Ad-Aware 2007

------

Hent AdwCleaner af Xplode, og gem den på dit Skrivebord.

Luk alle åbne programmer :exclaim:

Deaktiver dit sikkerhedprogram, mens du kører den :exclaim:

Start AdwCleaner og klik på "Delete"

Mht.: Vista og Windows 7/8 - Højreklik på filen - Kør som Administrator.

Programmet vil automatisk genstarte PCen, og åbne en logfil som du skal kopiere herind i næste indlæg.

Logfilen kan også findes her: C:\AdwCleaner[S1].txt

------

Hent Junkware Removal Tool af thisisu, og gem den på dit Skrivebord.

Deaktiver dit sikkerhedprogram, mens du kører den :exclaim:

Start JRT

Mht.: Vista og Windows 7/8 - Højreklik på filen - Kør som Administrator.

Vær tålmodig mens den kører, da det kan ta' noget tid.

Den laver en logfil (JRT.txt) på skrivebordet, som du skal kopiere herind i næste indlæg.
Avatar billede madtex Nybegynder
11. september 2013 - 16:13 #18
Jeg har fået lavet Junkware Removal Tool, men kom til af Afinstaller Ad-Aware uden brug af AdwCleaner
Avatar billede f-arn Guru
11. september 2013 - 19:30 #19
Jeg skriver jo også at du skal afinstallere Ad - Avare, køre AdwCleaner - og tilsidst skal du så køre Junkware Removal Tool.

Må jeg godt se logs fra AdwCleaner og Junkware Removal Tool.
Avatar billede madtex Nybegynder
11. september 2013 - 21:59 #20
Her er så de to logs

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.5.9 (09.07.2013:1)
OS: Windows Vista (TM) Home Premium x86
Ran by Per on 11-09-2013 at 16:04:48,00
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{96bd48dd-741b-41ae-ac4a-aff96ba00f7e}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{E1645955-726E-4D92-8AA6-B1FEF8C01432}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Successfully deleted: [Registry Key] "hkey_current_user\software\apn pip"
Successfully deleted: [Registry Key] "hkey_current_user\software\pip"



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 11-09-2013 at 16:08:08,64
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


# AdwCleaner v3.003 - Report created 11/09/2013 at 21:51:29
# Updated 07/09/2013 by Xplode
# Operating System : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Username : Per - PER-DATA
# Running from : C:\Users\Per\Desktop\adwcleaner.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Found C:\Users\Per\AppData\Local\PackageAware
Folder Found C:\Users\Per\AppData\LocalLow\AVG Security Toolbar

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF780F87-FF2B-4DF8-92D0-73DB16A1543A}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKLM\Software\PIP
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]

***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16502


-\\ Google Chrome v

[ File : C:\Users\Per\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [1684 octets] - [11/09/2013 21:51:29]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [1744 octets] ##########
Avatar billede f-arn Guru
11. september 2013 - 22:34 #21
Fjern Alle USB nøgler og Externe Harddiske før du kører programmet.

Hent og gem RogueKiller på dit skrivebord.

Den kan også hentes her

Husk at vælge den rigtige version. (32 bit)

Luk alle vinduer og kør "RogueKiller" (Hvis den blokeres, kør den flere gange)

Hvis den slet ikke vil køre, prøv at omdøbe den til winlogon.exe

Mht.: Vista og Windows 7/8 - Højreklik på filen - Kør som Administrator.

Lad det indledende scan køre.

Tryk SCAN.

Når den har scannet færdig, så luk programmet.

Den laver en log "RKreport[1].txt" på dit Skrivebord. Kopier den herind i dit næste indlæg.
Avatar billede madtex Nybegynder
11. september 2013 - 23:17 #22
Her den næste log.
Jeg vil gerne vide om det ikke snart er færdig med alle de forskellige virus programmer eller hvad de nu er.

RogueKiller V8.6.11 [Sep 11 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.adlice.com/forum/
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows Vista (6.0.6002 Service Pack 2) 32 bits version
Started in : Normal mode
User : Per [Admin rights]
Mode : Scan -- Date : 09/11/2013 23:14:52
| ARK || FAK || MBR |

¤¤¤ Bad processes : 1 ¤¤¤
[SUSP PATH] RogueKiller.exe -- C:\Users\Per\Desktop\RogueKiller.exe
  • -> KILLED [TermProc]

¤¤¤ Registry Entries : 5 ¤¤¤
[HJ POL] HKCU\[...]\System : DisableTaskMgr (0) -> FOUND
[HJ POL] HKCU\[...]\System : DisableRegistryTools (0) -> FOUND
[HJ POL] HKLM\[...]\System : EnableLUA (0) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Scheduled tasks : 1 ¤¤¤
[V2][SUSP PATH] ESTsoft RunAsStdUser 18340725Task : C:\Users\Per\Desktop\ALZip\ALZip.exe [x] -> FOUND

¤¤¤ Startup Entries : 0 ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [LOADED] ¤¤¤
[Address] IRP[IRP_MJ_CREATE] : C:\Windows\system32\drivers\CLASSPNP.SYS -> HOOKED ([Address] C:\Windows\system32\drivers\ataport.SYS @ 0x85371140)
[Address] IRP[IRP_MJ_CLOSE] : C:\Windows\system32\drivers\CLASSPNP.SYS -> HOOKED ([Address] C:\Windows\system32\drivers\ataport.SYS @ 0x85371140)
[Address] IRP[IRP_MJ_DEVICE_CONTROL] : C:\Windows\system32\drivers\CLASSPNP.SYS -> HOOKED ([Address] C:\Windows\system32\drivers\ataport.SYS @ 0x8535FA5A)
[Address] IRP[IRP_MJ_INTERNAL_DEVICE_CONTROL] : C:\Windows\system32\drivers\CLASSPNP.SYS -> HOOKED ([Address] C:\Windows\system32\drivers\ataport.SYS @ 0x8535FA2C)
[Address] IRP[IRP_MJ_POWER] : C:\Windows\system32\drivers\CLASSPNP.SYS -> HOOKED ([Address] C:\Windows\system32\drivers\ataport.SYS @ 0x8535FA88)
[Address] IRP[IRP_MJ_SYSTEM_CONTROL] : C:\Windows\system32\drivers\CLASSPNP.SYS -> HOOKED ([Address] C:\Windows\system32\drivers\ataport.SYS @ 0x8536CB70)
[Address] IRP[IRP_MJ_PNP] : C:\Windows\system32\drivers\CLASSPNP.SYS -> HOOKED ([Address] C:\Windows\system32\drivers\ataport.SYS @ 0x8536CB3C)

¤¤¤ External Hives: ¤¤¤

¤¤¤ Infection :  ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


::1            localhost


¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0:  +++++
--- User ---
[MBR] 59df9d050878fb76176b7364608d40d9
[BSP] 309fdfd200901d3359dd1e035123a213 : MBR Code unknown
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 230369 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 471796920 | Size: 8103 Mo
User = LL1 ... OK!
Error reading LL2 MBR!

+++++ PhysicalDrive1:  +++++
--- User ---
[MBR] 7557007fc2d34e6d88de3fc977d89f05
[BSP] 3a1bce44c6274253aacfa7c70605d13a : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 76308 Mo
User = LL1 ... OK!
Error reading LL2 MBR!

Finished : << RKreport[0]_S_09112013_231452.txt >>
Avatar billede f-arn Guru
12. september 2013 - 12:18 #23
Jeg vil gerne vide om det ikke snart er færdig med alle de forskellige virus programmer eller hvad de nu er.

Jeg har fundet rester af en ældre infektion, der ikke var fjernet ordentligt.

Vi skal også ha' opdateret Windows og nogle 3 parts programmer.

------


Hent og gem ComboFix på dit skrivebord.

Kør så ComboFix.exe og følg anvisningerne.

Vigtigt--> Da ComboFix kan konflikte med dine sikkerhedsprogrammer er det vigtigt at du deaktiverer dem.

Du bør ikke klikke på vinduet imens værktøjet kører, idet det kan få din computer til at fryse.
Når ComboFix er færdig, og efter det (muligvis) har genstartet, skulle der gerne åbnes en logfil: ComboFix.txt

Indholdet af denne fil må du gerne lægge herind.

Får du noget der ligner denne fejl.

Der blev forsøgt en ugyldig handling på en registreringsdatabasenøgle, som er blevet mærket til sletning

Så genstart, en gang mere, det burde løse det.

Den kan findes her:  C:\ComboFix.txt
Avatar billede madtex Nybegynder
12. september 2013 - 16:14 #24
Ok her er så ComboFix.txt

ComboFix 13-09-10.03 - Per 12-09-2013  15:39:44.1.2 - x86
Kører fra: c:\users\Per\Desktop\ComboFix.exe
* Dannede nyt systemgendannelsespunkt
.
.
(((((((((((((((((((((((((((((((((((((((  Andet, der er slettet  )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Per\AppData\Roaming\Microsoft\Windows\Recent\Comfy Cakes.ComfyCakesSave-ms.pif
c:\users\Per\AppData\Roaming\Poesx
c:\users\Per\AppData\Roaming\Poesx\kyul.wum
c:\users\Per\AppData\Roaming\Zyxoo
c:\users\Per\AppData\Roaming\Zyxoo\luut.isa
c:\users\Per\AppData\Roaming\Zyxoo\luut.tmp
c:\windows\system32\jucheck.exe
c:\windows\system32\jusched.exe
.
.
(((((((((((((((((((((((((((((  Filer skabt fra 2013-08-12 til 2013-09-12  )))))))))))))))))))))))))))))))))))
.
.
2013-09-12 13:48 . 2013-09-12 13:54    --------    d-----w-    c:\users\Per\AppData\Local\temp
2013-09-12 13:48 . 2013-09-12 13:48    --------    d-----w-    c:\users\Default\AppData\Local\temp
2013-09-11 19:50 . 2013-09-11 19:53    --------    d-----w-    C:\AdwCleaner
2013-09-11 13:57 . 2013-09-11 13:57    --------    d-----w-    c:\windows\ERUNT
2013-09-11 00:08 . 2013-08-06 07:28    7166848    ----a-w-    c:\programdata\Microsoft\Windows Defender\Definition Updates\{62C2FD3B-19A5-4D92-B99A-8610043F0FC4}\mpengine.dll
2013-09-10 21:20 . 2013-09-10 21:20    --------    d-----w-    c:\program files\Malwarebytes' Anti-Malware
2013-09-10 21:20 . 2013-04-04 12:50    22856    ----a-w-    c:\windows\system32\drivers\mbam.sys
2013-09-10 21:16 . 2013-09-10 21:16    --------    d-----w-    c:\users\Per\AppData\Roaming\Malwarebytes
2013-09-10 21:16 . 2013-09-10 21:16    --------    d-----w-    c:\programdata\Malwarebytes
2013-09-09 12:59 . 2013-09-09 12:59    --------    d-----w-    c:\program files\Microsoft Games
2013-09-09 12:20 . 2013-09-09 12:20    --------    d-----w-    C:\FRST
2013-08-28 06:19 . 2013-08-02 04:09    1548288    ----a-w-    c:\windows\system32\WMVDECOD.DLL
2013-08-14 07:48 . 2013-07-05 04:53    905664    ----a-w-    c:\windows\system32\drivers\tcpip.sys
2013-08-14 07:48 . 2013-06-15 13:22    15872    ----a-w-    c:\windows\system32\icaapi.dll
2013-08-14 07:48 . 2013-06-15 11:23    24064    ----a-w-    c:\windows\system32\drivers\tssecsrv.sys
2013-08-14 07:47 . 2013-07-17 19:41    2048    ----a-w-    c:\windows\system32\tzres.dll
2013-08-14 07:46 . 2013-07-10 09:47    783360    ----a-w-    c:\windows\system32\rpcrt4.dll
2013-08-14 07:46 . 2013-07-08 04:55    3551680    ----a-w-    c:\windows\system32\ntoskrnl.exe
2013-08-14 07:46 . 2013-07-08 04:55    3603904    ----a-w-    c:\windows\system32\ntkrnlpa.exe
2013-08-14 07:46 . 2013-07-09 12:10    1205168    ----a-w-    c:\windows\system32\ntdll.dll
2013-08-14 07:46 . 2013-07-08 04:16    992768    ----a-w-    c:\windows\system32\crypt32.dll
2013-08-14 07:46 . 2013-07-08 04:20    172544    ----a-w-    c:\windows\system32\wintrust.dll
2013-08-14 07:46 . 2013-07-08 04:16    133120    ----a-w-    c:\windows\system32\cryptsvc.dll
2013-08-14 07:46 . 2013-07-08 04:16    98304    ----a-w-    c:\windows\system32\cryptnet.dll
.
.
.
((((((((((((((((((((((((((((((((((((((((  Find3M Rapport  ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-09-10 21:30 . 2012-08-15 12:54    71048    ----a-w-    c:\windows\system32\FlashPlayerCPLApp.cpl
2013-09-10 21:30 . 2012-08-15 12:54    692616    ----a-w-    c:\windows\system32\FlashPlayerApp.exe
2013-08-07 02:22 . 2009-10-03 04:30    238872    ------w-    c:\windows\system32\MpSigStub.exe
2013-06-15 13:22 . 2013-08-14 07:48    15872    ----a-w-    c:\windows\system32\icaapi.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
.
.
.
.
[7] 2009-04-11 . 1357274D1883F68300AEADD15D7BBB42 . 527848 . . [6.0.6002.18005] . . c:\windows\System32\drivers\ndis.sys
[7] 2009-04-11 . 1357274D1883F68300AEADD15D7BBB42 . 527848 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6002.18005_none_a9b2a4d31930d864\ndis.sys
[7] 2008-01-19 . 9BDC71790FA08F0A0B5F10462B1BD0B1 . 529464 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6001.18000_none_a7c72bc71c0f0d18\ndis.sys
[7] 2006-11-02 . 227C11E1E7CF6EF8AFB2A238D209760C . 500840 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-ndis_31bf3856ad364e35_6.0.6000.16386_none_a59069cb1f23fc44\ndis.sys
.
[7] 2013-03-03 . 2C1121F2B87E9A6B12485DF53CD848C7 . 1082232 . . [6.0.6000.16386] . . c:\windows\System32\drivers\ntfs.sys
[7] 2013-03-03 . 2C1121F2B87E9A6B12485DF53CD848C7 . 1082232 . . [6.0.6002.18799] . . c:\windows\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.0.6002.18799_none_a7ff61ef1a52b1c5\ntfs.sys
[7] 2013-03-03 . ECB54A0E9C40B00CF8FEFE5F455A1EFB . 1083240 . . [6.0.6002.23070] . . c:\windows\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.0.6002.23070_none_a895760033686607\ntfs.sys
[7] 2009-04-11 . 6A4A98CEE84CF9E99564510DDA4BAA47 . 1083880 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.0.6002.18005_none_a85ca2c91a0d64df\ntfs.sys
[7] 2008-05-06 . 2620822A21B76375F5FD6E0986407CD1 . 1060920 . . [6.0.6000.16586] . . c:\windows\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.0.6000.16586_none_a43a6b8d2000830d\ntfs.sys
[7] 2008-05-06 . B5BE45B1F554DF9E1976CBC855365E60 . 1061432 . . [6.0.6000.20709] . . c:\windows\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.0.6000.20709_none_a51d8a7c38da8c7b\ntfs.sys
[7] 2008-01-19 . B4EFFE29EB4F15538FD8A9681108492D . 1081912 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.0.6001.18000_none_a67129bd1ceb9993\ntfs.sys
[7] 2006-11-02 . 3F379380A4A2637F559444E338CF1B51 . 1056360 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-ntfs_31bf3856ad364e35_6.0.6000.16386_none_a43a67c1200088bf\ntfs.sys
.
[7] 2008-01-19 . C5DBBCDA07D780BDA9B685DF333BB41E . 4608 . . [6.0.6001.18000] . . c:\windows\System32\drivers\null.sys
[7] 2008-01-19 . C5DBBCDA07D780BDA9B685DF333BB41E . 4608 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-null_31bf3856ad364e35_6.0.6001.18000_none_a965ed7d1afd0ac7\null.sys
[7] 2006-11-02 . EC5EFB3C60F1B624648344A328BCE596 . 4608 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-null_31bf3856ad364e35_6.0.6000.16386_none_a72f2b811e11f9f3\null.sys
.
[7] 2013-07-05 . D18D53974FD715D50FC76F9FFE1C830D . 905664 . . [6.0.6002.18880] . . c:\windows\System32\drivers\tcpip.sys
[7] 2013-07-05 . D18D53974FD715D50FC76F9FFE1C830D . 905664 . . [6.0.6002.18880] . . c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18880_none_b4ae19bc63cd564f\tcpip.sys
[7] 2013-07-05 . 6D0D344F643E28B31262AC2682109A3C . 914880 . . [6.0.6002.23152] . . c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.23152_none_b55a00e77cd1055d\tcpip.sys
[7] 2013-05-08 . 548E198BAE21EFC21F8B5F0C1728AD27 . 905576 . . [6.0.6002.18835] . . c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18835_none_b4e92aca63a0494d\tcpip.sys
[7] 2013-05-08 . 078218D74C4EFC2CE7E4C6DF22A94F2F . 914792 . . [6.0.6002.23106] . . c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.23106_none_b59411ab7ca4df04\tcpip.sys
[7] 2013-01-04 . 3535CD93F944C00F098E73E12EE7FEB6 . 914792 . . [6.0.6002.23013] . . c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.23013_none_b5863efb7cafb1c9\tcpip.sys
[7] 2013-01-04 . 74E2D020C47BB2B2FCCBA29A518A7EB4 . 905576 . . [6.0.6002.18764] . . c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18764_none_b4c7b8d663b986a2\tcpip.sys
[7] 2012-03-30 . 27D470DABC77BC60D0A3B0E4DEB6CB91 . 905600 . . [6.0.6002.18604] . . c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18604_none_b50896786388e1d5\tcpip.sys
[7] 2012-03-30 . EE7E10BED85C312C1D5D30C435BDDA9F . 914304 . . [6.0.6002.22828] . . c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22828_none_b58096797cb31c04\tcpip.sys
[7] 2011-09-20 . 814A1C66FBD4E1B310A517221F1456BF . 905088 . . [6.0.6002.18519] . . c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18519_none_b502c618638c7f52\tcpip.sys
[7] 2011-09-20 . 16731B631F28F63CD9F4CB60940E7DDD . 913280 . . [6.0.6002.22719] . . c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22719_none_b58c64c97caa1c43\tcpip.sys
[7] 2011-06-17 . 6647FCE6FC4970DAAFE5C64C794513D3 . 913296 . . [6.0.6002.22662] . . c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22662_none_b54f51417cd8f970\tcpip.sys
[7] 2011-06-17 . 2756186E287139310997090797E0182B . 905104 . . [6.0.6002.18484] . . c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18484_none_b4b2134c63c9c70f\tcpip.sys
[7] 2010-06-16 . 6A10AFCE0B38371064BE41C1FBFD3C6B . 912776 . . [6.0.6002.22425] . . c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22425_none_b57d8e037cb5db63\tcpip.sys
[7] 2010-06-16 . A474879AFA4A596B3A531F3E69730DBF . 905088 . . [6.0.6002.18272] . . c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18272_none_b4baded863c37e22\tcpip.sys
[7] 2010-06-16 . 782568AB6A43160A159B6215B70BCCE9 . 898952 . . [6.0.6001.18493] . . c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18493_none_b2bfcb7c66ac7d10\tcpip.sys
[7] 2010-06-16 . 6216A954ED7045B62880A92D6C9B9FC7 . 902032 . . [6.0.6001.22713] . . c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys
[7] 2010-02-18 . 93A5655CD9CD2F080EF1CB71A3666215 . 902024 . . [6.0.6001.22636] . . c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_b38d4a937f96be60\tcpip.sys
[7] 2010-02-18 . 2EAE4500984C2F8DACFB977060300A15 . 898952 . . [6.0.6001.18427] . . c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18427_none_b30f7c1866701ed5\tcpip.sys
[7] 2010-02-18 . D9F5DD5BBC8348E8F8220CCBF14C022E . 910216 . . [6.0.6002.22341] . . c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22341_none_b563eb1d7cc9b0c2\tcpip.sys
[7] 2010-02-18 . 48CBE6D53632D0067C2D6B20F90D84CA . 904576 . . [6.0.6002.18209] . . c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18209_none_b50d905263846bec\tcpip.sys
[7] 2010-02-18 . 4A82FA8F0DF67AA354580C3FAAF8BDE3 . 815104 . . [6.0.6000.17021] . . c:\windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.17021_none_5f8a957c924295b7\tcpip.sys
[7] 2010-02-18 . 2C1F7005AA3B62721BFDB307BD5F5010 . 818688 . . [6.0.6000.21226] . . c:\windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21226_none_6019359fab5bb15b\tcpip.sys
[7] 2009-12-08 . 1ACBB7A47E78F4CC82D2EFFB72901528 . 897624 . . [6.0.6001.18377] . . c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18377_none_b2d96a966698ad63\tcpip.sys
[7] 2009-12-08 . 5653230D480A9C54D169E1B080B72CF5 . 900696 . . [6.0.6001.22577] . . c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22577_none_b36309477fb64a54\tcpip.sys
[7] 2009-12-08 . 46E6685F3E92AEC743773ADD4CD54F57 . 907832 . . [6.0.6002.22283] . . c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22283_none_b53aaa1b7ce8560d\tcpip.sys
[7] 2009-12-08 . DA467E7619AE5F4588E6262C13C8940A . 904776 . . [6.0.6002.18160] . . c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18160_none_b4c3ac4a63bd325c\tcpip.sys
[7] 2009-12-08 . 8734BD051FFDCBF8425CF222141C3741 . 813568 . . [6.0.6000.16973] . . c:\windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16973_none_5f56ae52926920d8\tcpip.sys
[7] 2009-12-08 . CA3A5756672013A66BB9D547A5A62DCA . 816640 . . [6.0.6000.21175] . . c:\windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21175_none_5fe223d3ab852692\tcpip.sys
[7] 2009-08-15 . 2512B4D1353370D6688B1AF1F5AFA1CF . 816640 . . [6.0.6000.21108] . . c:\windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.21108_none_6030d425ab49af00\tcpip.sys
[7] 2009-08-14 . 8A7AD2A214233F684242F289ED83EBC3 . 897608 . . [6.0.6001.18311] . . c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18311_none_b3144862666d6db3\tcpip.sys
[7] 2009-08-14 . 2608E71AAD54564647D4BB984E1925AA . 900168 . . [6.0.6001.22497] . . c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22497_none_b34d67897fc6850f\tcpip.sys
[7] 2009-08-14 . FF71856BD4CD6D4367F9FD84BE79A874 . 905784 . . [6.0.6002.22200] . . c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.22200_none_b58e289d7caa2a80\tcpip.sys
[7] 2009-08-14 . 65877AA1B6A7CB797488E831698973E9 . 904776 . . [6.0.6002.18091] . . c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18091_none_b4a43aea63d4a25f\tcpip.sys
[7] 2009-08-14 . 300208927321066EA53761FDC98747C6 . 813568 . . [6.0.6000.16908] . . c:\windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16908_none_5fa75f38922bdbf4\tcpip.sys
[7] 2009-04-11 . 0E6B0885C3D5E4643ED2D043DE3433D8 . 897000 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6002.18005_none_b5098b5e63880c42\tcpip.sys
[7] 2008-05-06 . 5DF77458AA92FDB36FCE79C60F74AB5D . 803328 . . [6.0.6000.16627] . . c:\windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16627_none_5f90b964923d030a\tcpip.sys
[7] 2008-05-06 . 52A8BD6294F7D1443C6184C67AE13AF4 . 806400 . . [6.0.6000.20752] . . c:\windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.20752_none_5ff4e4f9ab7777f4\tcpip.sys
[7] 2008-05-06 . 028061C7F6D2D03068C72E2A27E4228A . 802816 . . [6.0.6000.16567] . . c:\windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16567_none_5f6577ce925d75a7\tcpip.sys
[7] 2008-05-06 . 43EAE40B50FE3E60D194DD9C97EBB1FD . 804352 . . [6.0.6000.20689] . . c:\windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.20689_none_5fdb7555ab898001\tcpip.sys
[7] 2008-04-26 . 82E266BEE5F0167E41C6ECFDD2A79C02 . 891448 . . [6.0.6001.18063] . . c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18063_none_b2e033a8669434a1\tcpip.sys
[7] 2008-04-26 . 01EC1E92595F839BEE70D439C46796E3 . 891448 . . [6.0.6001.22167] . . c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22167_none_b36dd19b7fae39c7\tcpip.sys
[7] 2008-01-19 . FC6E2835D667774D409C7C7021EAF9C4 . 891448 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_b31e1252666640f6\tcpip.sys
[7] 2006-11-02 . D944522B048A5FEB7700B5170D3D9423 . 802816 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-tcpip_31bf3856ad364e35_6.0.6000.16386_none_5f4ed3e0926e99e4\tcpip.sys
.
[7] 2008-01-19 . A3629A0C4226F9E9C72FAAEEBC3AD33C . 81920 . . [6.0.6000.16386] . . c:\windows\System32\browser.dll
[7] 2008-01-19 . A3629A0C4226F9E9C72FAAEEBC3AD33C . 81920 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-browserservice_31bf3856ad364e35_6.0.6001.18000_none_78e926b99dfe756d\browser.dll
[7] 2006-11-02 . BEB6470532B7461D7BB426E3FACB424F . 81408 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-browserservice_31bf3856ad364e35_6.0.6000.16386_none_76b264bda1136499\browser.dll
.
[7] 2012-06-01 . 613DEB66A91820F0A41915B40BB8833F . 9728 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22869_none_a882cf8373379c5f\lsass.exe
[7] 2011-11-16 . A3E186B4B935905B829219502557314E . 9728 . . [6.0.6000.16386] . . c:\windows\System32\lsass.exe
[7] 2011-11-16 . A3E186B4B935905B829219502557314E . 9728 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18541_none_a806cc745a10ffad\lsass.exe
[7] 2011-11-16 . A3E186B4B935905B829219502557314E . 9728 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18643_none_a808ceee5a0f2f82\lsass.exe
[7] 2011-11-16 . EBFAEB786C46B407930811F94F08877D . 9728 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22742_none_a8916b6f732db5f5\lsass.exe
[7] 2009-09-10 . D09A5DA84B7C9CA9B02EBCD7FAE41C8D . 7680 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21125_none_a4dd285578ce285b\lsass.exe
[7] 2009-09-10 . 2D3AC5E7AC01E905F3ABD2D745FE3A9B . 9728 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22223_none_a8a80213731ca5a7\lsass.exe
[7] 2009-09-09 . CB7E838C140B4087B2DA323F2D4523C5 . 9728 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22518_none_a6d1618975e9b345\lsass.exe
[7] 2009-06-15 . C731B1FE449D4E9CEA358C9D55B69BE9 . 7680 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16870_none_a418a0745fdd652a\lsass.exe
[7] 2009-06-15 . 6F1F23D3599EAE17734451936B7F17C6 . 9728 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22450_none_a69e1da376115b2a\lsass.exe
[7] 2009-06-15 . BA9A67672E025078C77967731BCFC560 . 7680 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21067_none_a4b3e75378eccda6\lsass.exe
[7] 2009-06-15 . A911ECAC81F94ADEAFBE8E3F7873EDB0 . 9728 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18272_none_a600dfae5d0228c9\lsass.exe
[7] 2009-06-15 . 203D86EBD6D8E4C8501B222421E81506 . 9728 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.22152_none_a886901f7335e2fc\lsass.exe
[7] 2009-06-15 . 3978F3540329E16C0AC3BCF677E5669F . 9728 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18051_none_a7fbf30a5a1929db\lsass.exe
[7] 2009-02-13 . F4C62B07E5BF96F1FDCA9DB393ECED22 . 9728 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.22376_none_a68e7da1761c2def\lsass.exe
[7] 2009-02-13 . 59DE082968FDD257FFF0D209B9A5B460 . 7680 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16820_none_a44eb0105fb4d975\lsass.exe
[7] 2009-02-13 . AFF8A58280863629CA4FFA9E0B259F1E . 7680 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.21010_none_a4e2f4e978ca9090\lsass.exe
[7] 2008-01-19 . DCF733788C7D088D814E5F80EB4B3E0F . 9728 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18000_none_a64a8ac25ccb3836\lsass.exe
[7] 2008-01-19 . DCF733788C7D088D814E5F80EB4B3E0F . 9728 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6001.18215_none_a644c0145ccecd28\lsass.exe
[7] 2008-01-19 . DCF733788C7D088D814E5F80EB4B3E0F . 9728 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6002.18005_none_a83603ce59ed0382\lsass.exe
[7] 2006-11-02 . 6A0E382E74280E4CC0DF17FE2661D003 . 7680 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-lsa_31bf3856ad364e35_6.0.6000.16386_none_a413c8c65fe02762\lsass.exe
.
[7] 2008-01-19 . C8052711DAECC48B982434C5116CA401 . 274432 . . [6.0.6000.16386] . . c:\windows\System32\netman.dll
[7] 2008-01-19 . C8052711DAECC48B982434C5116CA401 . 274432 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-netman_31bf3856ad364e35_6.0.6001.18000_none_0fbd1b9651cfd333\netman.dll
[7] 2006-11-02 . 90A4DAE28B94497F83BEA0F2A3B77092 . 273920 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-netman_31bf3856ad364e35_6.0.6000.16386_none_0d86599a54e4c25f\netman.dll
.
[7] 2008-01-19 . 4211249955AF9133E2E357CC92B54DFD . 1291264 . . [2001.12.6930.16386] . . c:\windows\System32\comres.dll
[7] 2008-01-19 . 4211249955AF9133E2E357CC92B54DFD . 1291264 . . [2001.12.6930.16386] . . c:\windows\winsxs\x86_microsoft-windows-com-complus.res_31bf3856ad364e35_6.0.6001.18000_none_2cb0dad7e631d923\comres.dll
[7] 2006-11-02 . 4843A1784BA6434DFF80F841DDC592C6 . 1236992 . . [2001.12.6930.16386] . . c:\windows\winsxs\x86_microsoft-windows-com-complus.res_31bf3856ad364e35_6.0.6000.16386_none_2a7a18dbe946c84f\comres.dll
.
[7] 2009-04-11 . 93952506C6D67330367F7E7934B6A02F . 758784 . . [7.0.6001.18000] . . c:\windows\System32\qmgr.dll
[7] 2009-04-11 . 93952506C6D67330367F7E7934B6A02F . 758784 . . [7.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-bits-client_31bf3856ad364e35_6.0.6002.18005_none_257c3df8f693d6d8\qmgr.dll
[7] 2008-05-06 . F1148566FA5173A4FD48AF8E8BC09401 . 750080 . . [7.0.6000.20647] . . c:\windows\winsxs\x86_microsoft-windows-bits-client_31bf3856ad364e35_6.0.6000.20647_none_220fe38215833e63\qmgr.dll
[7] 2008-05-06 . DA551697E34D2B9943C8B1C8EAFFE89A . 750080 . . [7.0.6000.16531] . . c:\windows\winsxs\x86_microsoft-windows-bits-client_31bf3856ad364e35_6.0.6000.16531_none_218b14e6fc62ea9e\qmgr.dll
[7] 2008-01-19 . 02ED7B4DBC2A3232A389106DA7515C3D . 758272 . . [7.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-bits-client_31bf3856ad364e35_6.0.6001.18000_none_2390c4ecf9720b8c\qmgr.dll
[7] 2006-11-02 . 733FB484A06B9D6A44DD9CA1D3BE937B . 749568 . . [7.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-bits-client_31bf3856ad364e35_6.0.6000.16386_none_215a02f0fc86fab8\qmgr.dll
.
[7] 2009-04-11 . 3B5B4D53FEC14F7476CA29A20CC31AC9 . 550400 . . [6.0.6000.16386] . . c:\windows\System32\rpcss.dll
[7] 2009-04-11 . 3B5B4D53FEC14F7476CA29A20CC31AC9 . 550400 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.0.6002.18005_none_6bb655083b01c988\rpcss.dll
[7] 2009-03-03 . 301AE00E12408650BADDC04DBC832830 . 551424 . . [6.0.6001.18226] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.0.6001.18226_none_69bb41ac3deac876\rpcss.dll
[7] 2009-03-03 . 4DFCBDEF3CCAA98F99038DED78945253 . 551424 . . [6.0.6001.22389] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.0.6001.22389_none_6a06ffcd57365beb\rpcss.dll
[7] 2009-03-03 . 7B981222A257D076885BFFB66F19B7CE . 549888 . . [6.0.6000.16830] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.0.6000.16830_none_67c4315e40d1bb6c\rpcss.dll
[7] 2009-03-03 . B1BB45E24717A7F790B4411C4446EF5E . 550400 . . [6.0.6000.21023] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.0.6000.21023_none_685b771559e4be8c\rpcss.dll
[7] 2008-01-19 . 33FB1F0193EE2051067441492D56113C . 547328 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.0.6001.18000_none_69cadbfc3ddffe3c\rpcss.dll
[7] 2006-11-02 . B46D8EA6DD30BAA49F674DACDC4C491F . 545792 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.0.6000.16386_none_67941a0040f4ed68\rpcss.dll
.
[7] 2009-04-11 . D4E6D91C1349B7BFB3599A6ADA56851B . 279552 . . [6.0.6000.16386] . . c:\windows\System32\services.exe
[7] 2009-04-11 . D4E6D91C1349B7BFB3599A6ADA56851B . 279552 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6002.18005_none_d14b3973ca6acc56\services.exe
[7] 2008-01-19 . 2B336AB6286D6C81FA02CBAB914E3C6C . 279040 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6001.18000_none_cf5fc067cd49010a\services.exe
[7] 2006-11-02 . 329CF3C97CE4C19375C8ABCABAE258B0 . 279552 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.0.6000.16386_none_cd28fe6bd05df036\services.exe
.
[7] 2010-08-17 . AAE98B295E88D439A6E0F6E8929424FB . 128000 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6002.22468_none_d882e000d7f61b4c\spoolsv.exe
[7] 2010-08-17 . 8554097E5136C3BF9F69FE578A1B35F4 . 128000 . . [6.0.6000.16386] . . c:\windows\System32\spoolsv.exe
[7] 2010-08-17 . 8554097E5136C3BF9F69FE578A1B35F4 . 128000 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6002.18294_none_d7d4d063bef46cd2\spoolsv.exe
[7] 2010-08-17 . 3665F79026A3F91FBCA63F2C65A09B19 . 126464 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6001.18511_none_d641dcfdc18fec21\spoolsv.exe
[7] 2010-08-17 . E807FC542C295BA256CE3567829E02A6 . 128000 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6001.22743_none_d6ad0c7edac40f93\spoolsv.exe
[7] 2009-04-11 . 524BFBEA40E6E404737CCBC754647A2E . 127488 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6002.18005_none_d8371c2dbeaa9062\spoolsv.exe
[7] 2008-01-19 . 846CDF9A3CF4DA9B306ADFB7D55EE4C2 . 125952 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6001.18000_none_d64ba321c188c516\spoolsv.exe
[7] 2006-11-02 . DA612EF2556776DF2630B68BF2D48935 . 124928 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.0.6000.16386_none_d414e125c49db442\spoolsv.exe
.
[7] 2009-04-11 . 898E7C06A350D4A1A64A9EA264D55452 . 314368 . . [6.0.6001.18000] . . c:\windows\System32\winlogon.exe
[7] 2009-04-11 . 898E7C06A350D4A1A64A9EA264D55452 . 314368 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[7] 2008-01-19 . C2610B6BDBEFC053BBDAB4F1B965CB24 . 314880 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
[7] 2006-11-02 . 9F75392B9128A91ABAFB044EA350BAAD . 308224 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_6d8c3f1ad8066b21\winlogon.exe
.
[7] 2012-06-02 . 2E0B0A051FFAA86E358465BB0880D453 . 53784 . . [7.6.7600.256] . . c:\windows\System32\wuauclt.exe
[7] 2012-06-02 . 2E0B0A051FFAA86E358465BB0880D453 . 53784 . . [7.6.7600.256] . . c:\windows\winsxs\x86_microsoft-windows-w..wsupdateclient-core_31bf3856ad364e35_7.6.7600.256_none_79d6786e99338140\wuauclt.exe
[7] 2009-08-07 . 62BB79160F86CD962F312C68C6239BFD . 53472 . . [7.4.7600.226] . . c:\windows\winsxs\x86_microsoft-windows-w..wsupdateclient-core_31bf3856ad364e35_7.4.7600.226_none_e979223d5b9c821b\wuauclt.exe
[7] 2008-10-16 . E654B78D2F1D791B30D0ED9A8195EC22 . 51224 . . [7.2.6001.788] . . c:\windows\winsxs\x86_microsoft-windows-w..wsupdateclient-core_31bf3856ad364e35_7.2.6001.788_none_2a6539a96682e474\wuauclt.exe
[7] 2008-07-14 . F3E9065EB617A7E3A832A7976BFA021B . 53080 . . [7.0.6000.381] . . c:\windows\winsxs\x86_microsoft-windows-w..wsupdateclient-core_31bf3856ad364e35_7.0.6000.381_none_981d19142bc9942c\wuauclt.exe
[7] 2008-01-19 . 8E93CDF0EA8EDBA63F07E2898A9B2147 . 43008 . . [7.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-w..wsupdateclient-core_31bf3856ad364e35_7.0.6001.18000_none_a052d92e34802200\wuauclt.exe
[7] 2008-01-19 . 8E93CDF0EA8EDBA63F07E2898A9B2147 . 43008 . . [7.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-w..wsupdateclient-core_31bf3856ad364e35_7.0.6002.18005_none_a23e523a31a1ed4c\wuauclt.exe
[7] 2006-11-02 . FF81090B6EF1A42A19DF226632711D25 . 41472 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-w..wsupdateclient-core_31bf3856ad364e35_6.0.6000.16386_none_acab9aecacae685d\wuauclt.exe
.
[7] 2009-04-11 . 76B06EB8A01FC8624D699E7045303E54 . 72192 . . [6.0.6002.18005] . . c:\windows\System32\drivers\tdx.sys
[7] 2009-04-11 . 76B06EB8A01FC8624D699E7045303E54 . 72192 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.0.6002.18005_none_ec294157d9377403\tdx.sys
[7] 2008-01-19 . D09276B1FAB033CE1D40DCBDF303D10F . 71680 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.0.6001.18000_none_ea3dc84bdc15a8b7\tdx.sys
[7] 2006-11-02 . AB4FDE8AF4A0270A46A001C08CBCE1C2 . 68096 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.0.6000.16386_none_e807064fdf2a97e3\tdx.sys
.
[7] 2010-09-02 . 542A806C74798410ADA0623B9E745C38 . 531968 . . [5.82] . . c:\windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.0.6002.22480_none_3bb5b9b7ee7c46da\comctl32.dll
[7] 2010-09-02 . 2429BBFFCE9EDB193232DE902F88C688 . 1686016 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.22480_none_45f1fca2222ab96c\comctl32.dll
[7] 2010-09-02 . 63A65EA959BD32B01F02E847CB16C63D . 531968 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.22480_none_8ada5c8366e90385\comctl32.dll
[7] 2010-09-01 . FFBE05ED8338B17940DEA55FA6BC6F03 . 531968 . . [5.82] . . c:\windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.0.6001.22755_none_39f4b905f1391c96\comctl32.dll
[7] 2010-09-01 . 168B034C75B85AFD667AC8D0C9003312 . 1685504 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.22755_none_4612924c21dcda90\comctl32.dll
[7] 2010-09-01 . 640C4514157B3C6FE1E05B135FCB95B4 . 531968 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6001.22755_none_8a5499024dc7b801\comctl32.dll
[7] 2010-08-31 . DC8891A9203810FC994E7FCCF76E94C8 . 531968 . . [5.82] . . c:\windows\System32\comctl32.dll
[7] 2010-08-31 . DC8891A9203810FC994E7FCCF76E94C8 . 531968 . . [5.82] . . c:\windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.0.6002.18305_none_3b879dbed519463b\comctl32.dll
[7] 2010-08-31 . BE3C082837866C4C291ADAF163C10EA6 . 1686016 . . [6.10] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
[7] 2010-08-31 . 35ACD5EA63D75E97DD0E9A1629E582B2 . 531968 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6002.18305_none_88f3a38569c2c436\comctl32.dll
[7] 2010-08-31 . 457366B876CEAB9E92DDF976B8520CB6 . 531968 . . [5.82] . . c:\windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.0.6001.18523_none_39898984d804f924\comctl32.dll
[7] 2010-08-31 . D702B4E30B31BFCAB7BD4E5965C1A5DC . 1684480 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18523_none_5cdd65e20837faf2\comctl32.dll
[7] 2010-08-31 . E402A6E79D1E4DBFEBA8B364C67A3158 . 531968 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6001.18523_none_886c608850a2f36f\comctl32.dll
[7] 2009-04-11 . 0C2236FB7195A1CF2A632D530349E673 . 1686016 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18005_none_5cb72f96088b0de0\comctl32.dll
[7] 2008-01-19 . 50CDFD99E606D172875E73B87C64053D . 531968 . . [5.82] . . c:\windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.0.6001.18000_none_399c1f00d7f7837a\comctl32.dll
[7] 2008-01-19 . A5BB4537004C8DCC096A952EF1E20FE9 . 1684480 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll
[7] 2008-01-19 . 58D3C1519096F3D9E07EEC5F5FC64885 . 531968 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6001.18000_none_886786f450a74a05\comctl32.dll
[7] 2006-11-02 . BB61FB941A382A197AC2989337BF6364 . 537088 . . [5.82] . . c:\windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.0.6000.16386_none_37655d04db0c72a6\comctl32.dll
[7] 2006-11-02 . B28A9B2300A250B703D44C1759AF2605 . 1648128 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6000.16386_none_5d07289e07e1d100\comctl32.dll
[7] 2006-11-02 . 4A05089F43041903A3C523A3C16E3350 . 537088 . . [5.82] . . c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6000.16386_none_87e0cb09378714f1\comctl32.dll
.
[7] 2013-07-08 . 684C130BBC6DB681BAD4920A4C944AA5 . 133120 . . [6.0.6000.16386] . . c:\windows\System32\cryptsvc.dll
[7] 2013-07-08 . 684C130BBC6DB681BAD4920A4C944AA5 . 133120 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18881_none_7790a11898357c99\cryptsvc.dll
[7] 2013-07-08 . 828805E2E7F529B24849AD52740288DA . 135168 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.23154_none_783d888db13844fe\cryptsvc.dll
[7] 2013-04-24 . 3EDE4C1F9672C972479201544969ADCB . 133120 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18831_none_77c6b0b4980cf0e4\cryptsvc.dll
[7] 2013-04-24 . FBE051C07C3D2B9011ECB1C7A73120C1 . 135168 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.23101_none_7870974bb1126d44\cryptsvc.dll
[7] 2012-06-02 . DD9CCF40ED80DD0D62F1B607A1EA4449 . 135168 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.22869_none_7837de25b13bb212\cryptsvc.dll
[7] 2012-06-02 . F1E8C34892336D33EDDCDFE44E474F64 . 133120 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18643_none_77bddd9098134535\cryptsvc.dll
[7] 2012-04-23 . 75C6A297E364014840B48ECCD7525E30 . 133120 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18618_none_77e34ec697f67015\cryptsvc.dll
[7] 2012-04-23 . C979AEA8C4D8F875CD25507D08980006 . 135168 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.22840_none_78447b63b1339621\cryptsvc.dll
[7] 2009-04-11 . FB27772BEAF8E1D28CCD825C09DA939B . 129024 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6002.18005_none_77eb127097f11935\cryptsvc.dll
[7] 2008-01-19 . 6DE363F9F99334514C46AEC02D3E3678 . 128000 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6001.18000_none_75ff99649acf4de9\cryptsvc.dll
[7] 2006-11-02 . 1C26FB097170A2A91066D1E3A24366E3 . 123392 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.0.6000.16386_none_73c8d7689de43d15\cryptsvc.dll
.
[7] 2009-04-11 . 67058C46504BC12D821F38CF99B7B28F . 268800 . . [2001.12.6932.18005] . . c:\windows\System32\es.dll
[7] 2009-04-11 . 67058C46504BC12D821F38CF99B7B28F . 268800 . . [2001.12.6932.18005] . . c:\windows\winsxs\x86_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6002.18005_none_0ed918294edf6b75\es.dll
[7] 2008-04-19 . 131B7E46A7ACD49CB56BB03917A76DE3 . 268800 . . [2001.12.6930.20818] . . c:\windows\winsxs\x86_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6000.20818_none_0b8e318c6db592d2\es.dll
[7] 2008-04-19 . 7B4971C3D43525175A4EA0D143E0412E . 268800 . . [2001.12.6930.16677] . . c:\windows\winsxs\x86_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6000.16677_none_0ac2b30954c98430\es.dll
[7] 2008-04-18 . 3CB3343D720168B575133A0A20DC2465 . 269312 . . [2001.12.6931.18057] . . c:\windows\winsxs\x86_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6001.18057_none_0cbe918751dfdd3f\es.dll
[7] 2008-04-18 . 776D75AF432C598068CC933C7421171B . 269312 . . [2001.12.6931.22162] . . c:\windows\winsxs\x86_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6001.22162_none_0d385cf46b0a1a47\es.dll
[7] 2008-01-19 . F4BF4FA769DB51B106D2B4B35256988B . 262144 . . [2001.12.6931.18000] . . c:\windows\winsxs\x86_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6001.18000_none_0ced9f1d51bda029\es.dll
[7] 2006-11-02 . DFB250BAC1A9108ABD777EA181E32015 . 259584 . . [2001.12.6930.16386] . . c:\windows\winsxs\x86_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.0.6000.16386_none_0ab6dd2154d28f55\es.dll
.
[7] 2009-04-11 . C8BDCECEE082B54F0BAC838BF0A34597 . 114688 . . [6.0.6002.18005] . . c:\windows\System32\imm32.dll
[7] 2009-04-11 . C8BDCECEE082B54F0BAC838BF0A34597 . 114688 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-imm32_31bf3856ad364e35_6.0.6002.18005_none_5e419722778cc84e\imm32.dll
[7] 2008-01-19 . EC17194A193CD8E90D27CFB93DFA9A2E . 114688 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-imm32_31bf3856ad364e35_6.0.6001.18000_none_5c561e167a6afd02\imm32.dll
[7] 2006-11-02 . EE12864398F1C3BF5BEE91F6AF9842E1 . 115200 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-imm32_31bf3856ad364e35_6.0.6000.16386_none_5a1f5c1a7d7fec2e\imm32.dll
.
[7] 2012-09-28 . DC3105CC925A0D47F61B54E66AB730FC . 892928 . . [6.0.6001.18000] . . c:\windows\System32\kernel32.dll
[7] 2012-09-28 . DC3105CC925A0D47F61B54E66AB730FC . 892928 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.18704_none_95a86b4d536e26b4\kernel32.dll
[7] 2012-09-28 . A9204E65A74AF0E801EA46F5A92C87A2 . 893440 . . [6.0.6002.22942] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.22942_none_9604c9ba6cae00bb\kernel32.dll
[7] 2009-04-11 . BB8509089E7DF514310814E1B2593FFC . 891392 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6002.18005_none_95a95e4d536d53fa\kernel32.dll
[7] 2009-02-13 . DB6E3731E6F5C8AE2843F80B5787F7C6 . 888832 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.18215_none_93b81a93564f1da0\kernel32.dll
[7] 2009-02-13 . 1987D817D08F5EAF0B7F334026FDDB79 . 890880 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.22376_none_9401d8206f9c7e67\kernel32.dll
[7] 2009-02-13 . B82C7AC1D559F0FD088792171D64C7F3 . 875520 . . [6.0.6000.16820] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6000.16820_none_91c20a8f593529ed\kernel32.dll
[7] 2009-02-13 . BB792054BD990EC05D9E260D50FEAD39 . 875520 . . [6.0.6000.21010] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6000.21010_none_92564f68724ae108\kernel32.dll
[7] 2008-01-19 . DC2338093F91BA4E0512208E60206DDD . 888320 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6001.18000_none_93bde541564b88ae\kernel32.dll
[7] 2006-11-02 . 1E36AE445E4DA83B82D51FEB2D4F8772 . 874496 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-kernel32_31bf3856ad364e35_6.0.6000.16386_none_91872345596077da\kernel32.dll
.
[7] 2006-11-02 . 24F90AEFEBE601D427CB4511E74CDCB6 . 22016 . . [6.0.6000.16386] . . c:\windows\System32\linkinfo.dll
[7] 2006-11-02 . 24F90AEFEBE601D427CB4511E74CDCB6 . 22016 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-linkinfo_31bf3856ad364e35_6.0.6000.16386_none_362e7020a86900de\linkinfo.dll
.
[7] 2012-12-16 . 883A634FF496FE2D22BA3D441EED0ED0 . 23552 . . [6.0.6002.23004] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.23004_none_ac47155770c6cb85\lpk.dll
[7] 2011-02-16 . 08F5BC2DC64C4D97931A28058F238D80 . 23552 . . [6.0.6002.22589] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22589_none_abf5b7af710301e2\lpk.dll
[7] 2011-02-16 . 0F1AF051D2B58411341B70360852AA36 . 23552 . . [6.0.6001.22854] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22854_none_aa2ab41973c8da38\lpk.dll
[7] 2011-01-08 . 9259B5AD10104BB0847013A70A0A6F32 . 23552 . . [6.0.6002.22566] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22566_none_ac0856a970f57dfb\lpk.dll
[7] 2011-01-08 . 53B04A1B4BB0C84B063AA7219083FC16 . 23552 . . [6.0.6001.22830] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22830_none_aa3c52c973bc3cfa\lpk.dll
[7] 2010-10-28 . 52212E87A6E94FB997728259D836D605 . 23552 . . [6.0.6002.22514] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22514_none_ac3c65b170cebf98\lpk.dll
[7] 2010-10-28 . 61112C628C7883DD7F63D2DF6C6FF108 . 23552 . . [6.0.6001.22787] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22787_none_aa0d434d73de7ce9\lpk.dll
[7] 2010-05-26 . A58A8CF30FBDB8969C24B0820B0F2976 . 23552 . . [6.0.6002.22412] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22412_none_ac3a633770d08fc3\lpk.dll
[7] 2010-05-26 . 021F8740EFF00B65889FD1AD4C634498 . 23552 . . [6.0.6001.22700] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22700_none_aa5cc0a773a3ec00\lpk.dll
[7] 2009-10-19 . 7BE32E67440BB5B2205C5402A2FBDE25 . 24064 . . [6.0.6000.16939] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6000.16939_none_a7d5725a5d6ffbb2\lpk.dll
[7] 2009-10-19 . 1C8BB8BB211F8ADB8E51FC2FF5C411D6 . 24064 . . [6.0.6000.21142] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6000.21142_none_a84d1555769c394e\lpk.dll
[7] 2009-10-19 . 6223ACDEE46548B706EE8E8C51A985B0 . 23552 . . [6.0.6001.22544] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22544_none_aa357e5373c0c6d2\lpk.dll
[7] 2009-10-19 . 7ABEC59B0338BAA1261190B89B2B90E6 . 23552 . . [6.0.6002.22247] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22247_none_ac1ef11970e467fb\lpk.dll
[7] 2009-06-15 . D78588659CD9CD55F9D242AAC3466F96 . 24064 . . [6.0.6000.16870] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6000.16870_none_a7a12e2a5d988a40\lpk.dll
[7] 2009-06-15 . F1A7B85B64B75F49B728CF8D41BD2AB0 . 23552 . . [6.0.6001.22450] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.22450_none_aa26ab5973cc8040\lpk.dll
[7] 2009-06-15 . 829B85E6DC808A386C9BDF81A0273581 . 24064 . . [6.0.6000.21067] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6000.21067_none_a83c750976a7f2bc\lpk.dll
[7] 2009-06-15 . 6B0D35336B0AFED33BA4A42B5ABD3A3A . 23552 . . [6.0.6002.22152] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.22152_none_ac0f1dd570f10812\lpk.dll
[7] 2009-06-15 . EB0E02749CE5C488741C9A0ABEAB5DEC . 23552 . . [6.0.6002.18051] . . c:\windows\System32\lpk.dll
[7] 2009-06-15 . EB0E02749CE5C488741C9A0ABEAB5DEC . 23552 . . [6.0.6002.18051] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18051_none_ab8480c057d44ef1\lpk.dll
[7] 2009-06-15 . EB0E02749CE5C488741C9A0ABEAB5DEC . 23552 . . [6.0.6002.18051] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18124_none_aba7f34857b9444a\lpk.dll
[7] 2009-06-15 . EB0E02749CE5C488741C9A0ABEAB5DEC . 23552 . . [6.0.6002.18051] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18262_none_ab7ab4ea57db7e87\lpk.dll
[7] 2009-06-15 . EB0E02749CE5C488741C9A0ABEAB5DEC . 23552 . . [6.0.6002.18051] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18336_none_ab9f27bc57bf8d37\lpk.dll
[7] 2009-06-15 . EB0E02749CE5C488741C9A0ABEAB5DEC . 23552 . . [6.0.6002.18051] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18371_none_ab6ee69a57e47e48\lpk.dll
[7] 2009-06-15 . EB0E02749CE5C488741C9A0ABEAB5DEC . 23552 . . [6.0.6002.18051] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18405_none_abbe991c57a81d34\lpk.dll
[7] 2009-06-15 . EB0E02749CE5C488741C9A0ABEAB5DEC . 23552 . . [6.0.6002.18051] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18725_none_aba8fef657b84c8b\lpk.dll
[7] 2009-06-15 . EB0E02749CE5C488741C9A0ABEAB5DEC . 23552 . . [6.0.6002.18051] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18755_none_ab888f3257d0a05e\lpk.dll
[7] 2008-01-19 . DD496299B7351E16E602FC4299345A33 . 23552 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18000_none_a9d318785a865d4c\lpk.dll
[7] 2008-01-19 . DD496299B7351E16E602FC4299345A33 . 23552 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18272_none_a9896d645abd4ddf\lpk.dll
[7] 2008-01-19 . DD496299B7351E16E602FC4299345A33 . 23552 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18344_none_a9abdfa25aa329e1\lpk.dll
[7] 2008-01-19 . DD496299B7351E16E602FC4299345A33 . 23552 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18482_none_a97ea1445ac5641e\lpk.dll
[7] 2008-01-19 . DD496299B7351E16E602FC4299345A33 . 23552 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18547_none_a9aee44c5aa07034\lpk.dll
[7] 2008-01-19 . DD496299B7351E16E602FC4299345A33 . 23552 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18579_none_a990751c5ab6f6b5\lpk.dll
[7] 2008-01-19 . DD496299B7351E16E602FC4299345A33 . 23552 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6001.18599_none_a97ad5445ac72e97\lpk.dll
[7] 2008-01-19 . DD496299B7351E16E602FC4299345A33 . 23552 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6002.18005_none_abbe918457a82898\lpk.dll
[7] 2006-11-02 . 6D832E5314A2445D3F644C71FAF32BDC . 24064 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-gdi_31bf3856ad364e35_6.0.6000.16386_none_a79c567c5d9b4c78\lpk.dll
.
[7] 2013-07-31 . 6DB41C70A74B420A0ADC55A9862DDAD9 . 12335104 . . [9.00.8112.16506] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16506_none_d350f0bc5ff90526\mshtml.dll
[7] 2013-07-31 . DCC51F3466767C3B418E23F5A467D6E5 . 12335616 . . [9.00.8112.20617] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20617_none_d3d0bde5791dda38\mshtml.dll
[7] 2013-07-25 . 0E2B5CB2193B6B0057F7D8B3FE02777E . 12334080 . . [9.00.8112.20613] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20613_none_d3ccbcbd792174dc\mshtml.dll
[7] 2013-07-25 . 7161E761E81356C8EF6383CB1AE41B8D . 12334080 . . [9.00.8112.16421] . . c:\windows\System32\mshtml.dll
[7] 2013-07-25 . 7161E761E81356C8EF6383CB1AE41B8D . 12334080 . . [9.00.8112.16502] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16502_none_d34cef945ffc9fca\mshtml.dll
[7] 2013-05-29 . 4ACB8A0EA4A1BEAA4FA92680BB71C542 . 12335104 . . [9.00.8112.20606] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20606_none_d3da8d877916a4f0\mshtml.dll
[7] 2013-05-29 . 7BD6A6DFA75B665FA8F21BB21E59EC11 . 12333568 . . [9.00.8112.16496] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16496_none_d2ef9f8a60420378\mshtml.dll
[7] 2013-05-16 . A6F5B25905CD01AE714990E02C7205A5 . 12329984 . . [9.00.8112.16490] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16490_none_d2e99dce60476b6e\mshtml.dll
[7] 2013-05-16 . 097654708FE5F07278A1E36D9F78CA94 . 12330496 . . [9.00.8112.20600] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20600_none_d3d48bcb791c0ce6\mshtml.dll
[7] 2013-05-05 . 1152DE9D7FE16EC92A12165D1CBE8406 . 12325888 . . [9.00.8112.20594] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20594_none_d3773bc179617094\mshtml.dll
[7] 2013-05-05 . 26F30066B9FA78C97A0E92803D496211 . 12324864 . . [9.00.8112.16484] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16484_none_d2f86ee2603bb4d9\mshtml.dll
[7] 2013-04-04 . 79B0D843B26BEA808EA89BA2D8A026F2 . 12324864 . . [9.00.8112.16483] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16483_none_d2f76e98603c9b82\mshtml.dll
[7] 2013-04-04 . 4EBF337D1F52EA9202072348BA41CA95 . 12325376 . . [9.00.8112.20593] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20593_none_d3763b777962573d\mshtml.dll
[7] 2013-02-22 . 474D43D76E2A33FEE21C6F4BB7C4A3B7 . 12324864 . . [9.00.8112.20586] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20586_none_d3840c4179578751\mshtml.dll
[7] 2013-02-22 . 658EBC74BD38D16805648C4775F7FA82 . 12324352 . . [9.00.8112.16476] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16476_none_d3053f626031cb96\mshtml.dll
[7] 2013-02-02 . 88C27474E61271B49677F22CEE76FB3E . 12322304 . . [9.00.8112.20580] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20580_none_d37e0a85795cef47\mshtml.dll
[7] 2013-02-02 . 263963D93A3CA8F685EFA5966F1E6581 . 12321792 . . [9.00.8112.16470] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16470_none_d2ff3da66037338c\mshtml.dll
[7] 2013-01-08 . C97434C851C4821BD92D2831FDF1ECBE . 12321280 . . [9.00.8112.16464] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16464_none_d30e0eba602b7cf7\mshtml.dll
[7] 2013-01-08 . B6AD225B3BCC07332FBB2C2824315534 . 12322304 . . [9.00.8112.20573] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20573_none_d38bdb4f79521f5b\mshtml.dll
[7] 2012-11-14 . 07F649CD36F266BBE33B814FA678AA43 . 12320256 . . [9.00.8112.16457] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16457_none_d31bdf846020ad0b\mshtml.dll
[7] 2012-11-14 . 8021EF27048F9ECE5286EA8C8EED23B8 . 12321280 . . [9.00.8112.20565] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20565_none_d398abcf79483618\mshtml.dll
[7] 2012-10-08 . 8D1BB1E5A033E8817EF94A9047630165 . 12320768 . . [9.00.8112.16455] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16455_none_d319def060227a5d\mshtml.dll
[7] 2012-10-08 . F7B251DA2FA89933771289793DCAA08B . 12321280 . . [9.00.8112.20562] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20562_none_d395aaf1794aea13\mshtml.dll
[7] 2012-08-24 . 975D1EA99A0FE8104B72440995B3C20B . 12319744 . . [9.00.8112.20557] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20557_none_d3a57c4f793e4cd5\mshtml.dll
[7] 2012-08-24 . BB197F54A8F69EEA8356B7F70E6D3A20 . 12319744 . . [9.00.8112.16450] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16450_none_d314dd7e6026fbaa\mshtml.dll
[7] 2012-06-29 . 5E8E869E1342308752A37A2C90CCA79D . 12317184 . . [9.00.8112.16448] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16448_none_d327afba6017aa71\mshtml.dll
[7] 2012-06-28 . AEC51857AEC2F5CE4520366240AFC671 . 12317184 . . [9.00.8112.20554] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20554_none_d3a27b71794100d0\mshtml.dll
[7] 2012-05-17 . 9FB58F71104107D44540AF1195F7A14D . 12314624 . . [9.00.8112.16446] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16446_none_d325af26601977c3\mshtml.dll
[7] 2012-05-17 . 761D9111F5A2619CB5060661D36FBFFF . 12314624 . . [9.00.8112.20551] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20551_none_d39f7a937943b4cb\mshtml.dll
[7] 2012-02-28 . F82BF2CB075B49E9FAB5FF213C45C020 . 12281856 . . [9.00.8112.16443] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16443_none_d322ae48601c2bbe\mshtml.dll
[7] 2012-02-28 . B9E083B14B1994F1255983F2DF31C7DF . 12281856 . . [9.00.8112.20548] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20548_none_d3b14c8579354a3b\mshtml.dll
[7] 2011-12-14 . 497C9C3DB953A60EC4F43A097E15F75E . 12282368 . . [9.00.8112.16441] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16441_none_d320adb4601df910\mshtml.dll
[7] 2011-12-14 . A29CFD4B9F6F2BBE06C8D64B6D07F1D4 . 12282368 . . [9.00.8112.20546] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20546_none_d3af4bf17937178d\mshtml.dll
[7] 2011-11-03 . A21B983E40578D0E6CFA9864AC4E1219 . 12279808 . . [9.00.8112.20544] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20544_none_d3ad4b5d7938e4df\mshtml.dll
[7] 2011-11-03 . 66C0AEE61D1C5C35BF1B4642A153B114 . 12279808 . . [9.00.8112.16440] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16440_none_d31fad6a601edfb9\mshtml.dll
[7] 2011-09-11 . E6D5C7E4AAC0C682169AA5021386EFF3 . 12273664 . . [9.00.8112.16434] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16434_none_d32e7e7e60132924\mshtml.dll
[7] 2011-09-01 . 04E0CD31A63DFC0D73725A3D1768FB5A . 12275200 . . [9.00.8112.16437] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.16437_none_d3317f5c60107529\mshtml.dll
[7] 2011-09-01 . 8C93AED0A332209434B62162D03C38C9 . 12275200 . . [9.00.8112.20537] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.1.8112.20537_none_d3bb1c27792e14f3\mshtml.dll
[7] 2011-07-23 . 8DF22BFA121C76BF1EE346AB9F12F360 . 5971456 . . [8.00.6001.18702] . . c:\windows\winsxs\x86_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.6001.23216_none_f6b0e0d151173747\mshtml.dll
.
[7] 2011-12-14 . 17AF64D727545F2804F6E6D998327E3F . 680448 . . [7.0.6002.18551] . . c:\windows\System32\msvcrt.dll
[7] 2011-12-14 . 17AF64D727545F2804F6E6D998327E3F . 680448 . . [7.0.6002.18551] . . c:\windows\winsxs\x86_microsoft-windows-msvcrt_31bf3856ad364e35_6.0.6002.18551_none_d306a7e69c340115\msvcrt.dll
[7] 2011-12-14 . A807F65718C263442F0C3613F9BFD267 . 680448 . . [7.0.6002.22755] . . c:\windows\winsxs\x86_microsoft-windows-msvcrt_31bf3856ad364e35_6.0.6002.22755_none_d39447bfb54e0362\msvcrt.dll
[7] 2009-04-11 . F5E991236960137B1F5449C5E5DF4656 . 679936 . . [7.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-msvcrt_31bf3856ad364e35_6.0.6002.18005_none_d340af2c9c07e8f9\msvcrt.dll
[7] 2008-01-19 . 04CBEAA089B6A752B3EB660BEE8C4964 . 680448 . . [7.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-msvcrt_31bf3856ad364e35_6.0.6001.18000_none_d15536209ee61dad\msvcrt.dll
[7] 2006-11-02 . 75287677BB8BC9A16C32CE8A72F485A0 . 681472 . . [7.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-msvcrt_31bf3856ad364e35_6.0.6000.16386_none_cf1e7424a1fb0cd9\msvcrt.dll
  • 2004-08-05 . 351B1AD22FD0EC70D889766E0B4F72ED . 343040 . . [7.0.2600.2180] . . c:\windows\SMINST\msvcrt.dll
.
[7] 2009-04-11 . 8617350C9B590B63E620881092751BCB . 223232 . . [6.0.6000.16386] . . c:\windows\System32\mswsock.dll
[7] 2009-04-11 . 8617350C9B590B63E620881092751BCB . 223232 . . [6.0.6002.18005] . . c:\windows\winsxs\x86_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.0.6002.18005_none_ba3ed0122a6d89da\mswsock.dll
[7] 2008-01-19 . 89FD0595EEA4E505CABEFCF7008F2612 . 223232 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.0.6001.18000_none_b85357062d4bbe8e\mswsock.dll
[7] 2006-11-02 . 54E9576169A248AD62A1EB9773225826 . 227328 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.0.6000.16386_none_b61c950a3060adba\mswsock.dll
.
[7] 2009-04-11 . 95DAECF0FB120A7B5DA679CC54E37DDE . 592896 . . [6.0.6001.18000] . . c:\windows\System32\netlogon.dll
[7] 2009-04-11 . 95DAECF0FB120A7B5DA679CC54E37DDE . 592896 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[7] 2008-01-19 . A8EFC0B6E75B789F7FD3BA5025D4E37F . 592384 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll
[7] 2006-11-02 . 889A2C9F2AACCD8F64EF50AC0B3D553B . 559616 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6000.16386_none_fb80f5473b0ed783\netlogon.dll
.
[7] 2009-04-11 . 9A7F4B2EDACD11444D048AA19CBB26AF . 98816 . . [6.0.6001.18000] . . c:\windows\System32\powrprof.dll
[7] 2009-04-11 . 9A7F4B2EDACD11444D048AA19CBB26AF . 98816 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-userpowermanagement_31bf3856ad364e35_6.0.6002.18005_none_a505176cf9fa2abd\powrprof.dll
[7] 2008-01-19 . 51832219A52C3535BF4771C375E63F9B . 97280 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-userpowermanagement_31bf3856ad364e35_6.0.6001.18000_none_a3199e60fcd85f71\powrprof.dll
[7] 2006-11-02 . 3CDEC51291F735C5C276B957239017A3 . 96768 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-userpowermanagement_31bf3856ad364e35_6.0.6000.16386_none_a0e2dc64ffed4e9d\powrprof.dll
.
[7] 2009-04-11 . 8FC182167381E9915651267044105EE1 . 177152 . . [6.0.6000.16386] . . c:\windows\System32\scecli.dll
[7] 2009-04-11 . 8FC182167381E9915651267044105EE1 . 177152 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll
[7] 2008-01-19 . 28B84EB538F7E8A0FE8B9299D591E0B9 . 177152 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[7] 2006-11-02 . 80E2839D05CA5970A86D7BE2A08BFF61 . 176640 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6000.16386_none_35d7205fdc305e3e\scecli.dll
.
[7] 2006-11-02 . F4E1AA5D59C849A4AB47E895DC76B9C8 . 4608 . . [6.0.6000.16386] . . c:\windows\System32\sfc.dll
[7] 2006-11-02 . F4E1AA5D59C849A4AB47E895DC76B9C8 . 4608 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-sfc_31bf3856ad364e35_6.0.6000.16386_none_a4ff01505f4694a4\sfc.dll
[7] 2006-11-02 . F4E1AA5D59C849A4AB47E895DC76B9C8 . 4608 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-sfc_31bf3856ad364e35_6.0.6001.18000_none_a735c34c5c31a578\sfc.dll
.
[7] 2008-01-19 . 3794B461C45882E06856F282EEF025AF . 21504 . . [6.0.6000.16386] . . c:\windows\System32\svchost.exe
[7] 2008-01-19 . 3794B461C45882E06856F282EEF025AF . 21504 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6001.18000_none_b5bb59a1054dbde5\svchost.exe
[7] 2006-11-02 . 10DA15933D582D2FEDCF705EFE394B09 . 22016 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.0.6000.16386_none_b38497a50862ad11\svchost.exe
.
[7] 2009-04-11 . D7673E4B38CE21EE54C59EEEB65E2483 . 242688 . . [6.0.6000.16386] . . c:\windows\System32\tapisrv.dll
[7] 2009-04-11 . D7673E4B38CE21EE54C59EEEB65E2483 . 242688 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-tapiservice_31bf3856ad364e35_6.0.6002.18005_none_e52851e7e21463cb\tapisrv.dll
[7] 2008-01-19 . 680916BB09EE0F3A6ACA7C274B0D633F . 242688 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-tapiservice_31bf3856ad364e35_6.0.6001.18000_none_e33cd8dbe4f2987f\tapisrv.dll
[7] 2006-11-02 . EF3DD33C740FC2F82E7E4622F1C49289 . 242688 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-tapiservice_31bf3856ad364e35_6.0.6000.16386_none_e10616dfe80787ab\tapisrv.dll
.
[7] 2009-04-11 . 75510147B94598407666F4802797C75A . 627712 . . [6.0.6001.18000] . . c:\windows\System32\user32.dll
[7] 2009-04-11 . 75510147B94598407666F4802797C75A . 627712 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_cf23e54d6a7e4a7e\user32.dll
[7] 2008-05-06 . 9D9F061EDA75425FC67F0365E3467C86 . 633856 . . [6.0.6000.20537] . . c:\windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6000.20537_none_cbc258dc896598f1\user32.dll
[7] 2008-05-06 . 63B4F59D7C89B1BF5277F1FFEFD491CD . 633856 . . [6.0.6000.16438] . . c:\windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6000.16438_none_cb39bc5b7047127e\user32.dll
[7] 2008-01-19 . B974D9F06DC7D1908E825DC201681269 . 627200 . . [6.0.6001.18000] . . c:\windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_cd386c416d5c7f32\user32.dll
[7] 2006-11-02 . E698A5437B89A285ACA3FF022356810A . 633856 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6000.16386_none_cb01aa4570716e5e\user32.dll
.
[7] 2008-01-19 . 0E135526E9785D085BCD9AEDE6FBCBF9 . 25088 . . [6.0.6000.16386] . . c:\windows\System32\userinit.exe
[7] 2008-01-19 . 0E135526E9785D085BCD9AEDE6FBCBF9 . 25088 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
[7] 2006-11-02 . 22027835939F86C3E47AD8E3FBDE3D11 . 24576 . . [6.0.6000.16386] . . c:\windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6000.16386_none_d9f1f819d4c4e737\userinit.exe
.
[7] 2013-07-31 . 21A5424935A32080A58DD40F2712212C . 1129472 . . [9.00.8112.16506] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16506_none_c1f6d19ddfa29bf0\wininet.dll
[7] 2013-07-31 . 99991FC7D1430A61F27B48AC3D43B028 . 1129984 . . [9.00.8112.20617] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20617_none_c2769ec6f8c77102\wininet.dll
[7] 2013-07-25 . EFA69C15A411D9794131CBCF6B59EA08 . 1129984 . . [9.00.8112.20613] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20613_none_c2729d9ef8cb0ba6\wininet.dll
[7] 2013-07-25 . 6839F14A2507D9273BD13565DD880377 . 1129472 . . [9.00.8112.16421] . . c:\windows\System32\wininet.dll
[7] 2013-07-25 . 6839F14A2507D9273BD13565DD880377 . 1129472 . . [9.00.8112.16502] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16502_none_c1f2d075dfa63694\wininet.dll
[7] 2013-05-29 . 745410A5E043E8F880C932007034F8B6 . 1129984 . . [9.00.8112.20606] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20606_none_c2806e68f8c03bba\wininet.dll
[7] 2013-05-29 . EA952A5C277CABCBA69EA806146BB984 . 1129472 . . [9.00.8112.16496] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16496_none_c195806bdfeb9a42\wininet.dll
[7] 2013-05-16 . 6A25377A76479A0C0BF3DB6FC42FE09A . 1129472 . . [9.00.8112.16490] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16490_none_c18f7eafdff10238\wininet.dll
[7] 2013-05-16 . CC25EA1287613DC45D25A26037B4DBDD . 1129984 . . [9.00.8112.20600] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20600_none_c27a6cacf8c5a3b0\wininet.dll
[7] 2013-04-04 . 2C96B3921B4CDE10DBAED5AAD760DB67 . 1129472 . . [9.00.8112.16483] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16483_none_c19d4f79dfe6324c\wininet.dll
[7] 2013-04-04 . 28B2DD8DBAEE306290A74ED03DB3768F . 1129984 . . [9.00.8112.20593] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20593_none_c21c1c58f90bee07\wininet.dll
[7] 2013-02-22 . C5B6468422DB1C8AA36C32CBB0197E5E . 1129472 . . [9.00.8112.16476] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16476_none_c1ab2043dfdb6260\wininet.dll
[7] 2013-02-22 . 490E24D5E427DFA55B1C1182F0DB861C . 1129984 . . [9.00.8112.20586] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20586_none_c229ed22f9011e1b\wininet.dll
[7] 2013-02-02 . 1284D72C04B553ED5382EA14303D66DB . 1129472 . . [9.00.8112.20580] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20580_none_c223eb66f9068611\wininet.dll
[7] 2013-02-02 . 03728C624D05C2F157BBD46F6B7F6EA0 . 1129472 . . [9.00.8112.16470] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16470_none_c1a51e87dfe0ca56\wininet.dll
[7] 2013-01-08 . B49B56B64F57699A1A663D2CF7D0A56F . 1129472 . . [9.00.8112.16464] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16464_none_c1b3ef9bdfd513c1\wininet.dll
[7] 2013-01-08 . 16C45E6881449C6330567E51C13920FA . 1129472 . . [9.00.8112.20573] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.20573_none_c231bc30f8fbb625\wininet.dll
[7] 2012-11-14 . 7FA3A810F383588D46220967DE8B64FF . 1129472 . . [9.00.8112.16457] . . c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.1.8112.16457_none_c1c1c065dfca43d5\wininet
Avatar billede f-arn Guru
13. september 2013 - 09:40 #25
Det ser underligt ud. men jeg vil også gerne se det nederste af loggen.

Åbn C:\ComboFix.txt, find linien med ->

(((((((((((((((((((((((((((((((((((  Start steder i reg.basen  ))))))))))))))))))))))))))))))))))))))))))))))))

Og kopier resten herind.

------

Hent og kør Rkill.com - http://download.bleepingcomputer.com/grinler/rkill.com

Der vil nu åbnes en logfil. Kopier den herind.
Avatar billede madtex Nybegynder
13. september 2013 - 11:11 #26
Ok Her er resten af Combofix.txt

(((((((((((((((((((((((((((((((((((  Start steder i reg.basen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Bemærk* tomme linier & lovlige standard linier vises ikke 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="RtHDVCpl.exe" [2008-03-26 5369856]
"SunJavaUpdateReg"="c:\windows\system32\jureg.exe" [2007-04-07 54936]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"F-Secure Manager"="c:\program files\F-Secure\Common\FSM32.EXE" [2011-08-30 303816]
"F-Secure TNB"="c:\program files\F-Secure\FSGUI\TNBUtil.exe" [2011-08-30 1655496]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"AvgUninstallURL"="start http://www.avg.com/ww.special-uninstallation-feedback-appf?lic=OQBBAFYARgBSAEUARQAtAFYAMwBaAEMAOQAtAEUASwBBAFIAUwAtADYAUgBXAEcAQQAtAEEAQQBUAEMAVQAtAFYAUAA5AEYATgA&inst=NwA3AC0ANgA5ADcANwAxADIAOQA5ADkALQBGAEwAKwA5AC0ARABEAFQAKwAwAC0AWABPADkAKwAxAC0AWABPADMANgArADEA&prod=90&ver=9.0.902" [?]
.
c:\users\Per\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Screen Clipper and Launcher til OneNote 2007.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE /tsr [2009-2-26 97680]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WinZip Quick Pick.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Quick Pick.lnk
backup=c:\windows\pss\WinZip Quick Pick.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^Users^Per^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Screen Clipper and Launcher til OneNote 2007.lnk]
path=c:\users\Per\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Screen Clipper and Launcher til OneNote 2007.lnk
backup=c:\windows\pss\Screen Clipper and Launcher til OneNote 2007.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2013-04-04 21:06    958576    ----a-w-    c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray.exe]
2008-01-19 07:33    125952    ----a-w-    c:\windows\ehome\ehtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON Stylus DX4400 Series]
2007-03-01 06:01    180736    ----a-w-    c:\windows\System32\spool\drivers\w32x86\3\E_FATICAE.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpsysdrv]
2007-04-18 15:01    65536    ----a-w-    c:\hp\support\hpsysdrv.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2007-12-12 08:20    8497696    ----a-w-    c:\windows\System32\nvcpl.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2007-12-12 08:20    81920    ----a-w-    c:\windows\System32\nvmctray.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvSvc]
2007-12-12 08:20    86016    ----a-w-    c:\windows\System32\nvsvc.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OsdMaestro]
2007-02-15 11:59    118784    ----a-w-    c:\program files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2012-07-03 07:04    252848    ----a-w-    c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2008-11-05 05:05    185872    ----a-w-    c:\program files\Common Files\Real\Update_OB\realsched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
--- Andre Services/Drivers i Hukommelsen ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation    REG_MULTI_SZ      FontCache
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{A509B1FF-37FF-4bFF-8CFF-4F3A747040FF}]
2011-09-11 11:02    114176    ----a-w-    c:\windows\System32\advpack.dll
.
Indhold af mappen 'Planlagte Opgaver'
.
2013-09-12 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-15 21:30]
.
.
------- Yderligere scanning -------
.
uStart Page = hxxp://212.10.10.20/
mStart Page = hxxp://www.google.com
IE: E&ksporter til Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
Trusted Zone: danid.dk
Trusted Zone: danid.dk
TCP: DhcpNameServer = 212.10.10.4 212.10.24.252 212.10.10.5
.
- - - - TOMME GENVEJE FJERNET - - - -
.
Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
HKLM-Run-QuickTime Task - c:\program files\QuickTime\QTTask.exe
MSConfigStartUp-Adobe Reader Speed Launcher - c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe
MSConfigStartUp-HP Health Check Scheduler - [ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
MSConfigStartUp-HP Software Update - c:\program files\HP\HP Software Update\HPWuSchd2.exe
MSConfigStartUp-KBD - c:\hp\KBD\KbdStub.EXE
MSConfigStartUp-qeuom - c:\users\Per\qeuom.exe
MSConfigStartUp-Regedit32 - c:\windows\system32\regedit.exe
MSConfigStartUp-rxxain - c:\users\Per\rxxain.exe
MSConfigStartUp-vaager - c:\users\Per\vaager.exe
MSConfigStartUp-WUDFPlatform - c:\users\Per\AppData\Local\Microsoft\Windows\3809\WUDFPlatform.exe
AddRemove-CDisplay_is1 - c:\program files\CDisplay\unins000.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-09-12 15:54
Windows 6.0.6002 Service Pack 2 NTFS
.
scanner skjulte processer ... 
.
scanner skjulte autostarter ...
.
scanner skjulte filer ... 
.
scanning gennemført med succes
skjulte filer: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\PCD5SRVC{BD6912E3-AC9D80E8-05040000}]
"ImagePath"="\??\c:\progra~1\PC-DOC~1\PCD5SRVC.pkms"
.
--------------------- LÅSTE REGISTRERINGS NØGLER ---------------------
.
[HKEY_USERS\S-1-5-21-1880629876-3062925322-4099561893-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*2*0*3¾„^\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-1880629876-3062925322-4099561893-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*2*$¹‡[]
@Class="Shell"
.
[HKEY_USERS\S-1-5-21-1880629876-3062925322-4099561893-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*2*$¹‡[\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-1880629876-3062925322-4099561893-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*c*o*m*-*B*u*s*i*n*e*s*m*a*n*_*F*u*r"x\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-1880629876-3062925322-4099561893-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*c*o*m*-*B*u*s*i*n*e*s*m*a*n*_*F*u*wÈ#Y\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-1880629876-3062925322-4099561893-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*c*o*m*-*S*p*e*r*m*a*_*F*o*o*d*_*A*¥2Ë}\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-1880629876-3062925322-4099561893-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*c*o*m*-*u*s*e*d*_*c*o*n*d*o*m*_*kX"x\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-1880629876-3062925322-4099561893-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*D*V*D*R*AhbY\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-1880629876-3062925322-4099561893-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*D*V*D*¶y>\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-1880629876-3062925322-4099561893-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*L**x>]
@Class="Shell"
@Allowed: (Read) (RestrictedCode)
.
[HKEY_USERS\S-1-5-21-1880629876-3062925322-4099561893-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*L**x>\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-1880629876-3062925322-4099561893-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*m*p*4*í&oh\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-1880629876-3062925322-4099561893-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*n*i*b*ƒ~ùl\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-1880629876-3062925322-4099561893-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*n*i*b*dùl\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-1880629876-3062925322-4099561893-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*n*i*b*‹Ûe\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-1880629876-3062925322-4099561893-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*T*a*r*g*e*t*E*x*t*e*n*s*—¢¤D\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
------------------------ Andre kørende processer ------------------------
.
c:\windows\servicing\TrustedInstaller.exe
c:\program files\F-Secure\Anti-Virus\fsgk32st.exe
c:\program files\F-Secure\Common\FSMA32.EXE
c:\program files\F-Secure\Anti-Virus\FSGK32.EXE
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe
c:\program files\F-Secure\Common\FSHDLL32.EXE
c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe
c:\program files\F-Secure\Common\FNRB32.EXE
c:\program files\F-Secure\Anti-Virus\fssm32.exe
c:\program files\F-Secure\ORSP Client\fsorsp.exe
c:\program files\F-Secure\FWES\Program\fsdfwd.exe
c:\program files\F-Secure\Common\FIH32.EXE
c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe
c:\program files\F-Secure\Anti-Virus\fsav32.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\RtHDVCpl.exe
c:\windows\system32\schtasks.exe
c:\program files\Microsoft Office\Office12\ONENOTEM.EXE
c:\program files\Hewlett-Packard\HP Health Check\hphc_service.exe
c:\windows\system32\msiexec.exe
c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe
.
**************************************************************************
.
Gennemført tid: 2013-09-12  16:11:17 - maskinen blev genstartet
ComboFix-quarantined-files.txt  2013-09-12 14:11
.
Pre-Kørsel: 116.174.909.440 byte ledigt
Post-Kørsel: 116.278.726.656 byte ledigt
.
- - End Of File - - D7C0136DB6CB79C8E09016A79B425D01
03BA8F890B47C0BE359A4D5A636D214D
Avatar billede madtex Nybegynder
13. september 2013 - 11:26 #27
Her er Rkill log

Rkill 2.6.1 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 09/13/2013 11:19:50 AM in x86 mode.
Windows Version: Windows Vista (TM) Home Premium Service Pack 2

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* Windows Firewall Disabled

  [HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
  "EnableFirewall" = dword:00000000

Checking Windows Service Integrity:

* Windows Defender (WinDefend) is not Running.
  Startup Type set to: Manual

* Windows Update (wuauserv) is not Running.
  Startup Type set to: Automatic (Delayed Start)

* Windows Update (AFD) is not Running.
  Startup Type set to: Automatic (Delayed Start)

* agp440 [Missing Service]

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* HOSTS file entries found:

  127.0.0.1      localhost

Program finished at: 09/13/2013 11:23:29 AM
Execution time: 0 hours(s), 3 minute(s), and 39 seconds(s)
Avatar billede f-arn Guru
13. september 2013 - 17:44 #28
Jeg tror de Sigcheck filer var en fejl, så jeg vil gerne se en ny log fra ComboFix.

------

Slet den ComboFix du har (Højreklik -> Slet), og hent en ny.

Hent og gem ComboFix på dit skrivebord. <- Vigtigt

Kør så ComboFix og følg anvisningerne.

Da ComboFix kan konflikte med dine sikkerhedsprogrammer, er det vigtigt at du deaktiverer dem. <- Vigtigt

Du bør ikke klikke på vinduet imens værktøjet kører, idet det kan få din computer til at fryse.
Når ComboFix er færdig, og efter det (muligvis) har genstartet, skulle der gerne åbnes en logfil: ComboFix.txt
Indholdet af denne fil må du gerne lægge herind.

Den kan findes her: C:\ComboFix.txt

Får du noget der ligner denne fejl.

Der blev forsøgt en ugyldig handling på en registreringsdatabasenøgle, som er blevet mærket til sletning

Så genstart, en gang mere, det burde løse det.
Avatar billede madtex Nybegynder
14. september 2013 - 12:26 #29
Ok her er så et nyt log fra ComboFix

ComboFix 13-09-13.03 - Per 14-09-2013  11:53:24.2.2 - x86
Microsoft® Windows Vista™ Home Premium  6.0.6002.2.1252.45.1053.18.2942.1592 [GMT 2:00]
Kører fra: c:\users\Per\Desktop\ComboFix.exe
AV: F-Secure Client Security 9.20 *Disabled/Updated* {15414183-282E-D62C-CA37-EF24860A2F17}
FW: F-Secure Client Security 9.20 *Disabled* {2D7AC0A6-6241-D774-E168-461178D9686C}
SP: F-Secure Client Security 9.20 *Disabled/Updated* {AE20A067-0E14-D9A2-F087-D456FD8D65AA}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((((  Andet, der er slettet  )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
Inficeret kopi af c:\windows\system32\ntdll.dll blev fundet og desinficeret
Genskabt kopi fra - c:\windows\winsxs\x86_microsoft-windows-ntdll_31bf3856ad364e35_6.0.6002.23154_none_5b14cd6b1296a32b\ntdll.dll
.
.
(((((((((((((((((((((((((((((  Filer skabt fra 2013-08-14 til 2013-09-14  )))))))))))))))))))))))))))))))))))
.
.
2013-09-14 10:02 . 2013-09-14 10:10    --------    d-----w-    c:\users\Per\AppData\Local\temp
2013-09-14 10:02 . 2013-09-14 10:02    --------    d-----w-    c:\users\Default\AppData\Local\temp
2013-09-13 09:40 . 2013-08-06 07:28    7166848    ----a-w-    c:\programdata\Microsoft\Windows Defender\Definition Updates\{BFCE870C-F5BA-477E-ABB0-DBF47D211890}\mpengine.dll
2013-09-11 19:50 . 2013-09-11 19:53    --------    d-----w-    C:\AdwCleaner
2013-09-11 13:57 . 2013-09-11 13:57    --------    d-----w-    c:\windows\ERUNT
2013-09-10 21:20 . 2013-09-10 21:20    --------    d-----w-    c:\program files\Malwarebytes' Anti-Malware
2013-09-10 21:20 . 2013-04-04 12:50    22856    ----a-w-    c:\windows\system32\drivers\mbam.sys
2013-09-10 21:16 . 2013-09-10 21:16    --------    d-----w-    c:\users\Per\AppData\Roaming\Malwarebytes
2013-09-10 21:16 . 2013-09-10 21:16    --------    d-----w-    c:\programdata\Malwarebytes
2013-09-09 12:59 . 2013-09-09 12:59    --------    d-----w-    c:\program files\Microsoft Games
2013-09-09 12:20 . 2013-09-09 12:20    --------    d-----w-    C:\FRST
2013-09-03 13:53 . 2013-09-03 13:53    187248    ----a-w-    c:\program files\Internet Explorer\PLUGINS\nppdf32.dll
2013-08-28 06:19 . 2013-08-02 04:09    1548288    ----a-w-    c:\windows\system32\WMVDECOD.DLL
.
.
.
((((((((((((((((((((((((((((((((((((((((  Find3M Rapport  ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-09-10 21:30 . 2012-08-15 12:54    71048    ----a-w-    c:\windows\system32\FlashPlayerCPLApp.cpl
2013-09-10 21:30 . 2012-08-15 12:54    692616    ----a-w-    c:\windows\system32\FlashPlayerApp.exe
2013-08-07 02:22 . 2009-10-03 04:30    238872    ------w-    c:\windows\system32\MpSigStub.exe
2013-07-25 02:32 . 2013-08-15 06:22    1800704    ----a-w-    c:\windows\system32\jscript9.dll
2013-07-25 02:26 . 2013-08-15 06:22    1129472    ----a-w-    c:\windows\system32\wininet.dll
2013-07-25 02:25 . 2013-08-15 06:22    1427968    ----a-w-    c:\windows\system32\inetcpl.cpl
2013-07-25 02:23 . 2013-08-15 06:22    142848    ----a-w-    c:\windows\system32\ieUnatt.exe
2013-07-25 02:23 . 2013-08-15 06:22    420864    ----a-w-    c:\windows\system32\vbscript.dll
2013-07-25 02:22 . 2013-08-15 06:22    2382848    ----a-w-    c:\windows\system32\mshtml.tlb
2013-07-17 19:41 . 2013-08-14 07:47    2048    ----a-w-    c:\windows\system32\tzres.dll
2013-07-10 09:47 . 2013-08-14 07:46    783360    ----a-w-    c:\windows\system32\rpcrt4.dll
2013-07-09 12:10 . 2013-08-14 07:46    1205680    ----a-w-    c:\windows\system32\ntdll.dll
2013-07-08 04:55 . 2013-08-14 07:46    3551680    ----a-w-    c:\windows\system32\ntoskrnl.exe
2013-07-08 04:55 . 2013-08-14 07:46    3603904    ----a-w-    c:\windows\system32\ntkrnlpa.exe
2013-07-08 04:20 . 2013-08-14 07:46    172544    ----a-w-    c:\windows\system32\wintrust.dll
2013-07-08 04:16 . 2013-08-14 07:46    133120    ----a-w-    c:\windows\system32\cryptsvc.dll
2013-07-08 04:16 . 2013-08-14 07:46    98304    ----a-w-    c:\windows\system32\cryptnet.dll
2013-07-08 04:16 . 2013-08-14 07:46    992768    ----a-w-    c:\windows\system32\crypt32.dll
2013-07-05 04:53 . 2013-08-14 07:48    905664    ----a-w-    c:\windows\system32\drivers\tcpip.sys
.
.
(((((((((((((((((((((((((((((((((((  Start steder i reg.basen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Bemærk* tomme linier & lovlige standard linier vises ikke 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="RtHDVCpl.exe" [2008-03-26 5369856]
"SunJavaUpdateReg"="c:\windows\system32\jureg.exe" [2007-04-07 54936]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"F-Secure Manager"="c:\program files\F-Secure\Common\FSM32.EXE" [2011-08-30 303816]
"F-Secure TNB"="c:\program files\F-Secure\FSGUI\TNBUtil.exe" [2011-08-30 1655496]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"AvgUninstallURL"="start http://www.avg.com/ww.special-uninstallation-feedback-appf?lic=OQBBAFYARgBSAEUARQAtAFYAMwBaAEMAOQAtAEUASwBBAFIAUwAtADYAUgBXAEcAQQAtAEEAQQBUAEMAVQAtAFYAUAA5AEYATgA&inst=NwA3AC0ANgA5ADcANwAxADIAOQA5ADkALQBGAEwAKwA5AC0ARABEAFQAKwAwAC0AWABPADkAKwAxAC0AWABPADMANgArADEA&prod=90&ver=9.0.902" [?]
.
c:\users\Per\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Screen Clipper and Launcher til OneNote 2007.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE /tsr [2009-2-26 97680]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WinZip Quick Pick.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Quick Pick.lnk
backup=c:\windows\pss\WinZip Quick Pick.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^Users^Per^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Screen Clipper and Launcher til OneNote 2007.lnk]
path=c:\users\Per\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Screen Clipper and Launcher til OneNote 2007.lnk
backup=c:\windows\pss\Screen Clipper and Launcher til OneNote 2007.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2013-04-04 21:06    958576    ----a-w-    c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray.exe]
2008-01-19 07:33    125952    ----a-w-    c:\windows\ehome\ehtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EPSON Stylus DX4400 Series]
2007-03-01 06:01    180736    ----a-w-    c:\windows\System32\spool\drivers\w32x86\3\E_FATICAE.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpsysdrv]
2007-04-18 15:01    65536    ----a-w-    c:\hp\support\hpsysdrv.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2007-12-12 08:20    8497696    ----a-w-    c:\windows\System32\nvcpl.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2007-12-12 08:20    81920    ----a-w-    c:\windows\System32\nvmctray.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvSvc]
2007-12-12 08:20    86016    ----a-w-    c:\windows\System32\nvsvc.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OsdMaestro]
2007-02-15 11:59    118784    ----a-w-    c:\program files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2012-07-03 07:04    252848    ----a-w-    c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2008-11-05 05:05    185872    ----a-w-    c:\program files\Common Files\Real\Update_OB\realsched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation    REG_MULTI_SZ      FontCache
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{A509B1FF-37FF-4bFF-8CFF-4F3A747040FF}]
2011-09-11 11:02    114176    ----a-w-    c:\windows\System32\advpack.dll
.
Indhold af mappen 'Planlagte Opgaver'
.
2013-09-13 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-15 21:30]
.
.
------- Yderligere scanning -------
.
uStart Page = hxxp://212.10.10.20/
mStart Page = hxxp://www.google.com
IE: E&ksporter til Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
Trusted Zone: danid.dk
Trusted Zone: danid.dk
TCP: DhcpNameServer = 212.10.10.4 212.10.24.252 212.10.10.5
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-09-14 12:10
Windows 6.0.6002 Service Pack 2 NTFS
.
scanner skjulte processer ... 
.
scanner skjulte autostarter ...
.
scanner skjulte filer ... 
.
scanning gennemført med succes
skjulte filer: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\PCD5SRVC{BD6912E3-AC9D80E8-05040000}]
"ImagePath"="\??\c:\progra~1\PC-DOC~1\PCD5SRVC.pkms"
.
--------------------- LÅSTE REGISTRERINGS NØGLER ---------------------
.
[HKEY_USERS\S-1-5-21-1880629876-3062925322-4099561893-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*2*0*3¾„^\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-1880629876-3062925322-4099561893-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*2*$¹‡[]
@Class="Shell"
.
[HKEY_USERS\S-1-5-21-1880629876-3062925322-4099561893-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*2*$¹‡[\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-1880629876-3062925322-4099561893-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*c*o*m*-*B*u*s*i*n*e*s*m*a*n*_*F*u*r"x\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-1880629876-3062925322-4099561893-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*c*o*m*-*B*u*s*i*n*e*s*m*a*n*_*F*u*wÈ#Y\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-1880629876-3062925322-4099561893-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*c*o*m*-*S*p*e*r*m*a*_*F*o*o*d*_*A*¥2Ë}\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-1880629876-3062925322-4099561893-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*c*o*m*-*u*s*e*d*_*c*o*n*d*o*m*_*kX"x\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-1880629876-3062925322-4099561893-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*D*V*D*R*AhbY\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-1880629876-3062925322-4099561893-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*D*V*D*¶y>\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-1880629876-3062925322-4099561893-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*L**x>]
@Class="Shell"
@Allowed: (Read) (RestrictedCode)
.
[HKEY_USERS\S-1-5-21-1880629876-3062925322-4099561893-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*L**x>\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-1880629876-3062925322-4099561893-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*m*p*4*í&oh\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-1880629876-3062925322-4099561893-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*n*i*b*ƒ~ùl\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-1880629876-3062925322-4099561893-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*n*i*b*dùl\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-1880629876-3062925322-4099561893-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*n*i*b*‹Ûe\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-1880629876-3062925322-4099561893-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*T*a*r*g*e*t*E*x*t*e*n*s*—¢¤D\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
------------------------ Andre kørende processer ------------------------
.
c:\windows\servicing\TrustedInstaller.exe
c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files\F-Secure\Anti-Virus\fsgk32st.exe
c:\program files\F-Secure\Common\FSMA32.EXE
c:\program files\F-Secure\Anti-Virus\FSGK32.EXE
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe
c:\program files\F-Secure\Common\FSHDLL32.EXE
c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe
c:\program files\F-Secure\Anti-Virus\fssm32.exe
c:\program files\F-Secure\Common\FNRB32.EXE
c:\program files\F-Secure\ORSP Client\fsorsp.exe
c:\program files\F-Secure\FWES\Program\fsdfwd.exe
c:\program files\F-Secure\Common\FIH32.EXE
c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe
c:\program files\F-Secure\Anti-Virus\fsav32.exe
c:\program files\Hewlett-Packard\HP Health Check\hphc_service.exe
c:\\?\c:\windows\system32\wbem\WMIADAP.EXE
c:\program files\Windows Media Player\wmpnetwk.exe
.
**************************************************************************
.
Gennemført tid: 2013-09-14  12:14:22 - maskinen blev genstartet
ComboFix-quarantined-files.txt  2013-09-14 10:14
ComboFix2.txt  2013-09-12 14:11
.
Pre-Kørsel: 114.827.902.976 byte ledigt
Post-Kørsel: 114.468.323.328 byte ledigt
.
- - End Of File - - 248F65B94C14BB6939E0FB9E571C1747
03BA8F890B47C0BE359A4D5A636D214D
Avatar billede f-arn Guru
14. september 2013 - 18:06 #30
Det ser bedre ud, men hvordan kører PCen ?

-------

1. Hent dette lille værktøj:

http://jpshortstuff.247fixes.com/SystemLook.exe
http://images.malwareremoval.com/jpshortstuff/SystemLook.exe (alternativ adresse)

2. Dobbeltklik på systemlook.exe - nu dukker der et lille vindue op, hvor du skal kopiere HELE indholdet med fed skrift ind:


:filefind
ntdll.dll*


3. Luk så alle andre vinduer og klik på knappen Look. Programmet vil nu lede på din computer.

4. Når programmet er færdig med at lede, vil der dukke et notepad-vindue op, med en log fra SystemLook. Den skal du kopiere herind i forum i dit næste svar. Log'en kan også findes på dit Skrivebord med navnet: SystemLook.txt.

Vista og Windows 7 - højreklik på filen - Kør som Administrator.
Avatar billede f-arn Guru
17. september 2013 - 06:59 #31
Gik du i stå eller ?
Avatar billede madtex Nybegynder
17. september 2013 - 14:07 #32
Hej bigen nej jeg er ikke gå istå, men har haft et par dårlig dage.
men her er SystemLook.txt

SystemLook 30.07.11 by jpshortstuff
Log created at 14:01 on 17/09/2013 by Per
Administrator - Elevation successful

========== filefind ==========

Searching for "ntdll.dll*"
C:\Qoobox\Quarantine\C\WINDOWS\System32\ntdll.dll.vir    --a---- 1205168 bytes    [07:46 14/08/2013]    [12:10 09/07/2013] B9FDFF876B0E7B4FECBAA5708C6ED616
C:\WINDOWS\System32\ntdll.dll    --a---- 1205680 bytes    [07:46 14/08/2013]    [12:10 09/07/2013] 17C738B51C86D078CEB91692435DADBE
C:\WINDOWS\System32\sv-SE\ntdll.dll.mui    --a---- 356352 bytes    [10:38 19/07/2008]    [12:00 19/01/2008] B188FF0A6BBE58A6419F844814BDB808
C:\WINDOWS\winsxs\x86_microsoft-windows-ntdll.resources_31bf3856ad364e35_6.0.6000.16386_sv-se_4b79f342a764e8c7\ntdll.dll.mui    --a---- 315392 bytes    [07:49 06/05/2008]    [07:49 06/05/2008] 6031336451BA71F9B2725B71316D2397
C:\WINDOWS\winsxs\x86_microsoft-windows-ntdll.resources_31bf3856ad364e35_6.0.6001.18000_sv-se_4db0b53ea44ff99b\ntdll.dll.mui    --a---- 356352 bytes    [10:38 19/07/2008]    [12:00 19/01/2008] B188FF0A6BBE58A6419F844814BDB808
C:\WINDOWS\winsxs\x86_microsoft-windows-ntdll_31bf3856ad364e35_6.0.6000.16386_none_56a01c45ff429b42\ntdll.dll    --a---- 1162656 bytes    [08:31 02/11/2006]    [09:47 02/11/2006] 04E4C2069D7254E3FBB90D5B519AB53C
C:\WINDOWS\winsxs\x86_microsoft-windows-ntdll_31bf3856ad364e35_6.0.6001.18000_none_58d6de41fc2dac16\ntdll.dll    --a---- 1203792 bytes    [10:38 19/07/2008]    [07:38 19/01/2008] 172E1B9EB61167AD232291A6761501BF
C:\WINDOWS\winsxs\x86_microsoft-windows-ntdll_31bf3856ad364e35_6.0.6001.18538_none_58be7a4bfc3ebc64\ntdll.dll    --a---- 1205080 bytes    [21:53 09/02/2011]    [13:48 15/10/2010] 89D0E06D6165C98E47065722CE703FAD
C:\WINDOWS\winsxs\x86_microsoft-windows-ntdll_31bf3856ad364e35_6.0.6001.22777_none_591bd903157dafc2\ntdll.dll    --a---- 1205592 bytes    [21:53 09/02/2011]    [13:48 15/10/2010] C9BBF79621B518A0501A904927AF399C
C:\WINDOWS\winsxs\x86_microsoft-windows-ntdll_31bf3856ad364e35_6.0.6002.18005_none_5ac2574df94f7762\ntdll.dll    --a---- 1202168 bytes    [03:57 24/09/2009]    [06:27 11/04/2009] 40DB2EBA3CD1433D1C90BD262ECE1543
C:\WINDOWS\winsxs\x86_microsoft-windows-ntdll_31bf3856ad364e35_6.0.6002.18327_none_5aaebdbbf95dd967\ntdll.dll    --a---- 1205080 bytes    [21:53 09/02/2011]    [13:48 15/10/2010] 708FB84003732E220C23CDF207F5A329
C:\WINDOWS\winsxs\x86_microsoft-windows-ntdll_31bf3856ad364e35_6.0.6002.18541_none_5a931ff3f973738d\ntdll.dll    --a---- 1205064 bytes    [11:19 11/01/2012]    [20:23 18/11/2011] DDA770BBD7C2ED024D6F50E279D90E5B
C:\WINDOWS\winsxs\x86_microsoft-windows-ntdll_31bf3856ad364e35_6.0.6002.18881_none_5a67e5f5f993dac6\ntdll.dll    --a---- 1205168 bytes    [07:46 14/08/2013]    [12:10 09/07/2013] B9FDFF876B0E7B4FECBAA5708C6ED616
C:\WINDOWS\winsxs\x86_microsoft-windows-ntdll_31bf3856ad364e35_6.0.6002.22505_none_5b4bfbb1126d0bc8\ntdll.dll    --a---- 1206104 bytes    [21:53 09/02/2011]    [13:48 15/10/2010] EEBEEDBEA66092A4E182A111F7582DFE
C:\WINDOWS\winsxs\x86_microsoft-windows-ntdll_31bf3856ad364e35_6.0.6002.22742_none_5b1dbeef129029d5\ntdll.dll    --a---- 1205576 bytes    [11:19 11/01/2012]    [20:23 18/11/2011] B9940B8D1B0BC5F675A99E6D1E2F0835
C:\WINDOWS\winsxs\x86_microsoft-windows-ntdll_31bf3856ad364e35_6.0.6002.23154_none_5b14cd6b1296a32b\ntdll.dll    --a---- 1205680 bytes    [07:46 14/08/2013]    [12:10 09/07/2013] 17C738B51C86D078CEB91692435DADBE

-= EOF =-
Avatar billede f-arn Guru
17. september 2013 - 14:43 #33
Hvordan kører PCen ?

------

For at undgå infektioner, er det vigtigt du holder både Windows og dine programmer opdaterede.

Hent Security Check af screen317

Start den og følg instruktionerne.

Kopier loggen herind.
Avatar billede madtex Nybegynder
17. september 2013 - 14:57 #34
PCen kører fint.

Kan jeg fjerne nogen af de anti-virus eller hvad de er, som er blevet brugt
Avatar billede madtex Nybegynder
17. september 2013 - 15:02 #35
Ok her er loggen fra Security Check

Results of screen317's Security Check version 0.99.73 
Windows Vista Service Pack 2 x86 (UAC is enabled) 
Internet Explorer 9 
Internet Explorer 8 
``````````````Antivirus/Firewall Check:``````````````
F-Secure Client Security 9.20 
Antivirus up to date! 
`````````Anti-malware/Other Utilities Check:`````````
F-Secure Client Security - Virus/spyware-beskyttelse
Malwarebytes Anti-Malware version 1.75.0.1300 
Java(TM) 6 Update 31 
Java 7 Update 40 
Java(TM) SE Runtime Environment 6 Update 1
Java version out of Date!
Adobe Reader 10.1.8 Adobe Reader out of Date! 
````````Process Check: objlist.exe by Laurent```````` 
Malwarebytes Anti-Malware mbamservice.exe 
Malwarebytes Anti-Malware mbamgui.exe 
F-Secure Anti-Virus fsgk32st.exe 
F-Secure Anti-Virus FSGK32.EXE 
F-Secure Anti-Virus fssm32.exe 
F-Secure Anti-Virus fsav32.exe 
Malwarebytes' Anti-Malware mbamscheduler.exe 
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:  %
````````````````````End of Log``````````````````````
Avatar billede f-arn Guru
17. september 2013 - 15:22 #36
I Kontrolpanelet skal du afinstallere:

Java(TM) 6 Update 31 

Java(TM) SE Runtime Environment 6 Update 1

Du skal også afinstallere Adobe Reader 10.1.8

Hent en ny her.
http://get.adobe.com/reader/  (husk at fraklikke Toolbars og andet skrammel)

Kan det passe du har to versioner af Internet Explorer ?

------

Start AdwCleaner og klik Uninstall

Slet Farbar Recovery Scan Tool og Mappen C:\frst

------

Tast  <Windows> + <R> samtidig og kopier dette ind: combofix /uninstall
Tryk enter
Det vil fjerne Combofix og nulstille urets indstillinger.
Nulstille Systemgendannelsen.
Skjule filtypenavne hvis det kræves.
Skjule System/skjulte filer hvis det kræves.

Hvis der efterlades noget, må du slette det manuelt.
Avatar billede madtex Nybegynder
17. september 2013 - 16:11 #37
Nu har jeg afinstallere

Java(TM) 6 Update 31 

Java(TM) SE Runtime Environment 6 Update 1

Adobe Reader 10.1.8

AdwCleaner

combofix

samt slettet Farbar Recovery Scan Tool of mappe C:\frst

Hvordan kan jeg finde ud af om jeg har to Internet Explorer
Avatar billede f-arn Guru
17. september 2013 - 19:55 #38
Det er ikke helt nemt at få to versioner af IE (Internet Explorer) til at køre samtidig, så når du spørger på den måde - har du nok ikke :)

Det må være en fejl i programmet.
Avatar billede madtex Nybegynder
17. september 2013 - 22:20 #39
Jeg ved ikke om det er en fejl, men da jeg kørte et af de de anti-virus eller hvad de er kom der på mit skrivbord The Internet, men det er ikke den jeg går under for det er Internet Explorer genvej som ligger der
Avatar billede f-arn Guru
18. september 2013 - 07:54 #40
De programmer jeg bad dig køre, er absolut ikke "Antivirus programmer" - det er log programmer, så jeg kan se hvad der sker på PCen.

Det du beskriver, lyder som ComboFix der har genoprettet et "Standard Skrivebord"

Den genvej kan du bare slette.
Avatar billede madtex Nybegynder
24. oktober 2013 - 11:21 #41
Mange tak for hjælpen
Avatar billede f-arn Guru
24. oktober 2013 - 12:26 #42
Hvorfor afviser du mit svar ?
Avatar billede madtex Nybegynder
24. oktober 2013 - 13:02 #43
Det er ikke min menige at afvise dit svar ? eller fornærme dig tideligere.


Du må meget undskyld hvis der stavfejl, men jeg er ordblind.
Avatar billede f-arn Guru
24. oktober 2013 - 13:34 #44
Du afviser mit svar i #36, og lægger selv et svar som du accepterer.

For en anden gangs skyld, kan du her se hvad du burde ha' gjort ->

http://www.youtube.com/watch?v=s26DGiuvXBo
Avatar billede madtex Nybegynder
24. oktober 2013 - 13:51 #45
Ok det skal jeg nok.

Hermed slutter jeg så for denne gang og håber at jeg kan undgå en virus i fremtiden
Avatar billede Ny bruger Nybegynder

Din løsning...

Tilladte BB-code-tags: [b]fed[/b] [i]kursiv[/i] [u]understreget[/u] Web- og emailadresser omdannes automatisk til links. Der sættes "nofollow" på alle links.

Loading billede Opret Preview

Flere spørgsmål fra Virus kategorien

Titel Indlæg Oprettet Seneste aktivitet
Anbefaling af antivirusprogram med firewall Af OnePlusFan i Virus 23 07/05/202421:02 13/05/202419:48
trusler Af gerhardpet i Virus 4 26/01/202410:02 27/01/202408:32
Kan ikke fjerne virus Af mik28 i Virus 16 09/01/202416:37 10/01/202419:59
virusscanning Af JetteD i Virus 2 10/11/202312:55 10/11/202316:36
Google ser ud til at være malware, lyder advarsel på alle vore mobiler! Af vbr i Virus 9 30/10/202312:12 15/12/202310:17
Se alle spørgsmål i kategorien Opret spørgsmål

Log ind eller opret profil

Hov!

For at kunne deltage på Computerworld Eksperten skal du være logget ind.

Det er heldigvis nemt at oprette en bruger: Det tager to minutter og du kan vælge at bruge enten e-mail, Facebook eller Google som login.

Opret Log ind

Du kan også logge ind via nedenstående tjenester



Alle kategorier på Eksperten
Seneste spørgsmål Seneste aktivitet
I dag 09:13 Antivirus til en Linux Mint computer? Af Polle i Linux
I går 15:30 signalforstærker til trådløs rutrer tænkes brugt til pc næt pc -og MÅSKE TV 4 m borte eller begge Af Novice-1 i Routere & Switches
I går 11:43 Hvilket styresystem på en gammel Pc ??? Af Jan Post i Andre styresystemer
I går 07:44 Virus advarsler - falske Af jdann i Backup- & Antivirus
17/0519:32 Formler der blev væk Af Klaus W i Excel
White papers
Flere white papers »


Premium
Teaser billede
Her er de nye medlemmer af Statens It-råd: Skal vurdere it-projekter på over 15 millioner kroner
Læs mere »
Antallet af anmeldelser af ulovligt indhold på beskedtjenester stiger: Regeringen skubber ansvaret videre til EU og Belgien
Efter masser af kritik af store prisstigninger: VMware åbner for gratis licenser - ændrer i licens-strukturen
Seks store selskaber med på årets image-liste for første gang: Kæmper alle med lav kendskabsgrad
Se alle »
Computerworld
Teaser billede
Nyopdaget sårbarhed rammer næsten alle VPN'er: Gør dem usikre og nærmest ubrugelige
Læs mere »
Om under en uge går det løs: Pc’en bliver aldrig den samme igen
VPN-test fra virkeligheden: To tjenester som glimrer på hver deres måde
Test: Samsungs nyeste laptop er noget af det tætteste du kommer på en Windows-Macbook
Se alle »
CIO
Teaser billede
Nu begynder den største GDPR-retssag mod dansk myndighed nogensinde: Står over for million-bøde
Læs mere »
Lukker it-systemerne ned i to uger på grund af implementering: Den bedste måde at sikre, at ingen data går tabt
Sådan har Coop sagt farvel til mainframen - sparer et to-cifret millionbeløb årligt på licenser
Hundredevis af selskaber klager over Microsofts licens-policy: Vi er låst fast og bundet
Se alle »
Job & Karriere
Teaser billede
Her er Danmarks fem bedste CIO’er lige nu: Se de fem nominerede til prisen som Årets CIO 2024
Læs mere »
Medarbejderne fik udleveret badetøfler ved indflytningen: Kom med inden for i IBM Danmarks nye topmoderne hovedkontor
Så meget tjener dine kollegaer: Her er alle data fra Computerworlds store it-lønstatistik for 2024
Får du den løn, du fortjener? Få overblikket over hvor meget dine kolleger tjener hver måned
Se alle »
White paper
Teaser billede
Opdag fordelene ved cloud-baseret backup og recovery
Læs mere »
MDR: Transparent sikkerhed og overvågning i realtid
Cybersikkerhed: Skær antallet af alarmer ned fra tusindvis til blot en håndfuld
Det behøver ikke at gøre ondt: Sådan gør du livet lettere for kunder med multicloud
Se alle »

Events
Flere events »
White papers
Flere white papers »
IT-Kurser
Se alle vores it-kurser »