Spywarefri Forum | Oprydning efter infektion

1 af 3

Oprydning efter infektion

[ Ignorer ] Photop
06.07.2012 22:43:43 Antal indlæg: 171	Sidder med et familiemedlems computer, der har været lammet af snavs (og måske noget andet også). - Computeren var håbløst bagud med opdateringer til såvel Windows som til den gratis sikkerhedsløsning bestående af Sunbelt Kerio Firewall og Avast Antivirus. - Outlook fungerede ikke længere. Computeren frøs når programmet blev forsøgt åbnet, og derefter kunne man ikke andet end at hardboote på powerknappen. - Computeren havde uTorrent installeret, og jeg kunne se at LimeWire tidligere havde været på den. - Alt, men opstarten i særdeleshed, foregik i et enormt sløvt tempo. Jeg har gennem en uges tid nu forsøgt at få ryddet op på den. Dels med afinstallering af alt hvad jeg synes så suspekt ud, dels med CCleaner og endelig en tur omkring msconfig for at deaktivere lidt i overfloden af opstarts-programmer. Derudover har jeg fået opdateret Windows, og skiftet de gamle sikkerhedsprogrammer ud med Comodo Internet Security (gratis version). Endelig har jeg været en tur igennem vejledningen her på siden, men scanningerne har taget adskillige timer, og fx SuperAntiSpyware var jeg nødt til at forsøge 3-4 gange, før det lykkedes at køre scanningen til ende. Computeren “virker nu”, men er stadig meget langsom. Opstarten er det værste - her bruger den vel 4-5 minutter fra Windows starter og til den er færdig med at indlæse Comodo, Secunia og SAS. Jeg har ikke kunnet downloade den der dds-scanner. Hverken på den måske-inficerede computer eller på min egen. Men jeg vedhæfter logs fra de øvrige scanninger. ESETSmartInstaller@High as downloader log: all ok # version=7 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.6583 # api_version=3.0.2 # EOSSerial=dfe97986a7a03c4387503c49a7b55187 # end=finished # remove_checked=false # archives_checked=true # unwanted_checked=true # unsafe_checked=true # antistealth_checked=true # utc_time=2012-07-04 01:57:41 # local_time=2012-07-04 03:57:41 (+0100, Rom, sommertid) # country=“Denmark” # lang=1033 # osver=6.0.6002 NT Service Pack 2 # compatibility_mode=256 16777215 100 0 86803364 86803364 0 0 # compatibility_mode=768 16777215 100 0 35383 35383 0 0 # compatibility_mode=3073 16777213 80 71 19930 17039999 0 0 # compatibility_mode=5892 16776574 100 100 2721 178883109 0 0 # compatibility_mode=8192 67108863 100 0 136 136 0 0 # scanned=197623 # found=0 # cleaned=0 # scan_time=16680 Malwarebytes Anti-Malware 1.61.0.1400 http://www.malwarebytes.org Database version: v2012.07.04.02 Windows Vista Service Pack 2 x86 NTFS Internet Explorer 8.0.6001.19088 Hjemme :: HJEMME-PC [administrator] 04-07-2012 07:38:25 mbam-log-2012-07-04 (07-38-25).txt Skanningstype: Fuldstændig skanning Skanningsmuligheder valgt: Hukommelse \| Opstart \| Registreringsdatabasen \| Filsystem \| Heuristics/Ekstra \| Heuristics/Shuriken \| PUP \| PUM Skanningsmuligheder som er deaktiverede: P2P Objekter skannet: 341055 Tid gået: 1 time(e), 8 minut(ter), 12 sekund(er) Hukommelses Processorer Inficeret: 0 (Ingen skadelige objekter blev fundet) Hukommelses Moduler Inficeret: 0 (Ingen skadelige objekter blev fundet) Registreringsdatabasenøgler Inficeret: 1 HKCU\SOFTWARE\CLASSES\CLSID\{42AEDC87-2188-41FD-B9A3-0C966FEABEC1}\INPROCSERVER32 (Trojan.Zaccess) -> Sat i karantæne og slettet succesfuldt. Registreringsdatabaseværdier Inficeret: 1 HKCU\SOFTWARE\CLASSES\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InprocServer32\| (Trojan.Zaccess) -> Data: C:\Users\Hjemme\AppData\Local\{4a7f59f7-3c11-88e8-767a-d1c334613446}\n. -> Sat i karantæne og slettet succesfuldt. Registreringsdatabasedata Objekter Inficeret: 0 (Ingen skadelige objekter blev fundet) Inficerede Mapper: 0 (Ingen skadelige objekter blev fundet) Inficerede Filer: 120 c:\program files\comodo\comodo internet security\quarantine\03041c8e-5c5f-49eb-a26c-c22a7f8d6ce9.data (Trojan.Sirefef) -> Bliver slettet ved genstart. c:\program files\comodo\comodo internet security\quarantine\04a38aec-985c-4f53-8c59-c6240d66950e.data (Trojan.Sirefef) -> Bliver slettet ved genstart. c:\program files\comodo\comodo internet security\quarantine\0537385d-308e-4287-9e4e-010a08819743.data (Trojan.Sirefef) -> Bliver slettet ved genstart. c:\program files\comodo\comodo internet security\quarantine\6bd09985-133a-4239-82c0-92ed2bf73665.data (Trojan.Sirefef) -> Bliver slettet ved genstart. c:\program files\comodo\comodo internet security\quarantine\6d5bb9da-a47d-4969-b280-e2905c66e50e.data (Trojan.Sirefef) -> Bliver slettet ved genstart. c:\program files\comodo\comodo internet security\quarantine\70beace0-556d-464f-97f9-82a1b6363f37.data (Trojan.Sirefef) -> Bliver slettet ved genstart. c:\program files\comodo\comodo internet security\quarantine\7129e942-36a2-4a7b-b746-7d243f6a45f6.data (Trojan.Sirefef) -> Bliver slettet ved genstart. c:\program files\comodo\comodo internet security\quarantine\7144022b-dd5f-469f-a78a-2d306801ae76.data (Trojan.Sirefef) -> Bliver slettet ved genstart. c:\program files\comodo\comodo internet security\quarantine\3b13dad1-6aab-4a2b-a7d9-1cd5b1a4e2f8.data (Trojan.Sirefef) -> Bliver slettet ved genstart. c:\program files\comodo\comodo internet security\quarantine\3d1d8c7f-fdc5-47f3-82ef-4d446863b53b.data (Trojan.Sirefef) -> Bliver slettet ved genstart. c:\program files\comodo\comodo internet security\quarantine\09807249-a618-4eaf-bcfe-ca39f93fd526.data (Trojan.Sirefef) -> Bliver slettet ved genstart. c:\program files\comodo\comodo internet security\quarantine\1c911051-6ef0-4f0a-ab8d-ac7af8f66227.data (Trojan.Sirefef) -> Bliver slettet ved genstart. c:\program files\comodo\comodo internet security\quarantine\42b4db79-766f-43c6-88db-59424b21b324.data (Trojan.Sirefef) -> Bliver slettet ved genstart. c:\program files\comodo\comodo internet security\quarantine\532a0213-8ff7-4e20-b94c-6cf7457d7089.data (Trojan.Sirefef) -> Bliver slettet ved genstart. c:\program files\comodo\comodo internet security\quarantine\a1d558f7-f6a0-49c1-998b-4e31eddc28f8.data (Trojan.Sirefef) -> Bliver slettet ved genstart. c:\program files\comodo\comodo internet security\quarantine\182f478e-0846-45eb-aad2-764e614b2d23.data (Trojan.Sirefef) -> Bliver slettet ved genstart. c:\program files\comodo\comodo internet security\quarantine\1bd048cf-d00a-4898-b273-5048a0b42c84.data (Trojan.Sirefef) -> Bliver slettet ved genstart. c:\program files\comodo\comodo internet security\quarantine\ae335b65-536a-404f-949c-18b47ba0c2f6.data (Trojan.Sirefef) -> Bliver slettet ved genstart. c:\program files\comodo\comodo internet security\quarantine\ae8f318e-21c5-488e-975e-b9170ab29da0.data (Trojan.Sirefef) -> Bliver slettet ved genstart. c:\program files\comodo\comodo internet security\quarantine\aefe2ea5-425d-495e-842a-aabb1552b86a.data (Trojan.Sirefef) -> Bliver slettet ved genstart. c:\program files\comodo\comodo internet security\quarantine\e631d629-92ee-4819-9a80-ba5b61e0c411.data (Trojan.Sirefef) -> Bliver slettet ved genstart. c:\program files\comodo\comodo internet security\quarantine\ed13ae65-8670-485c-8b65-30c0d0dde1b9.data (Trojan.Sirefef) -> Bliver slettet ved genstart. c:\program files\comodo\comodo internet security\quarantine\83d73b06-8063-4f16-8937-df6a48acbc3f.data (Trojan.Sirefef) -> Bliver slettet ved genstart. c:\program files\comodo\comodo internet security\quarantine\84d4b59b-00aa-42ec-a8e3-70d0c4aff86a.data (Trojan.Sirefef) -> Bliver slettet ved genstart. c:\program files\comodo\comodo internet security\quarantine\8717f25c-7133-4565-8bc9-bf671241d9f5.data (Trojan.Sirefef) -> Bliver slettet ved genstart. c:\program files\comodo\comodo internet security\quarantine\533dc9f7-3499-450b-a17a-7f37b21f2228.data (Trojan.Sirefef) -> Bliver slettet ved genstart. c:\program files\comodo\comodo internet security\quarantine\53d28c25-4260-4dc5-9719-bf5ec225fc66.data (Trojan.Sirefef) -> Bliver slettet ved genstart. c:\program files\comodo\comodo internet security\quarantine\54418a6a-3cd9-4600-9dc6-e9047085b2e3.data (Trojan.Sirefef) -> Bliver slettet ved genstart. c:\program files\comodo\comodo internet security\quarantine\549cdbea-3252-4049-b2bc-9f3716b1ada3.data (Trojan.Sirefef) -> Bliver slettet ved genstart. c:\program files\comodo\comodo internet security\quarantine\2d8e969b-17c4-417b-8911-d366506f2b42.data (Trojan.Sirefef) -> Bliver slettet ved genstart. c:\program files\comodo\comodo internet security\quarantine\2eed7e22-b1de-47c1-a5d9-34f6850af417.data (Trojan.Sirefef) -> Bliver slettet ved genstart. c:\program files\comodo\comodo internet security\quarantine\31496ad8-defd-4b15-818f-35f82a87f364.data (Trojan.Sirefef) -> Bliver slettet ved genstart. c:\program files\comodo\comodo internet security\quarantine\3188f08e-dcfe-4d40-b03e-5d82e974ca72.data (Trojan.Sirefef) -> Bliver slettet ved genstart. c:\program files\comodo\comodo internet security\quarantine\7afeec44-7047-44c6-9faa-4f48e6c995c4.data (Trojan.Sirefef) -> Bliver slettet ved genstart. c:\program files\comodo\comodo internet security\quarantine\7f35304e-5f01-4981-9d0c-2dc7f7d83953.data (Trojan.Sirefef) -> Bliver slettet ved genstart. c:\program files\comodo\comodo internet security\quarantine\ba55f96f-95db-4f7e-94f0-68104bafcc36.data (Trojan.Sirefef) -> Bliver slettet ved genstart. c:\program files\comodo\comodo internet security\quarantine\ba688f52-5e77-4412-9f44-3da8b960af0a.data (Trojan.Sirefef) -> Bliver slettet ved genstart. c:\program files\comodo\comodo internet security\quarantine\ba6d58ef-cb91-4111-afd1-d31e29ab594c.data (Trojan.Sirefef) -> Bliver slettet ved genstart. c:\program files\comodo\comodo internet security\quarantine\0ff2b9d5-0340-4e0c-a917-f0b337607c66.data (Trojan.Sirefef) -> Bliver slettet ved genstart. c:\program files\comodo\comodo internet security\quarantine\14165a9b-b100-42b4-a792-6ace9ea11fc6.data (Trojan.Sirefef) -> Bliver slettet ved genstart. c:\program files\comodo\comodo internet security\quarantine\158a6afb-1b87-4a83-b844-8500f6161dec.data (Trojan.Sirefef) -> Bliver slettet ved genstart. c:\program files\comodo\comodo internet security\quarantine\f7a3f3bf-e26d-47ea-8d00-f444021b8e7e.data (Trojan.Sirefef) -> Bliver slettet ved genstart. c:\program files\comodo\comodo internet security\quarantine\f9a6e1f2-a601-42c7-a2d7-870868025b73.data (Trojan.Sirefef) -> Bliver slettet ved genstart. c:\program files\comodo\comodo internet security\quarantine\49837a1b-c51b-48f2-a151-d756b6183e08.data (Trojan.Sirefef) -> Bliver slettet ved genstart. c:\program files\comodo\comodo internet security\quarantine\4b7f04f6-39e3-4254-ad27-9f5a2c7eed92.data (Trojan.Sirefef) -> Bliver slettet ved genstart. c:\program files\comodo\comodo internet security\quarantine\89fa60c3-6e46-4c82-a670-051a8174ac9f.data (Trojan.Sirefef) -> Bliver slettet ved genstart. c:\program files\comodo\comodo internet security\quarantine\8c39683d-50d3-48e2-a350-407b323644e4.data (Trojan.Sirefef) -> Bliver slettet ved genstart. c:\program files\comodo\comodo internet security\quarantine\8d500ac2-28d1-4565-a01b-a3805e981315.data (Trojan.Sirefef) -> Bliver slettet ved genstart. c:\program files\comodo\comodo internet security\quarantine\90246600-3fbf-4995-9162-eb7a44a6458c.data (Trojan.Sirefef) -> Bliver slettet ved genstart. c:\program files\comodo\comodo internet security\quarantine\90f27d09-9a35-4a35-97ee-3ecbd32ad3b5.data (Trojan.Sirefef) -> Bliver slettet ved genstart. c:\program files\comodo\comodo internet security\quarantine\328eb7e0-8c9f-4c07-bc25-fef24351616b.data (Trojan.Sirefef) -> Bliver slettet ved genstart. c:\program files\comodo\comodo internet security\quarantine\33dd47d3-2615-47d0-a957-782d22c996d1.data (Trojan.Sirefef) -> Bliver slettet ved genstart. c:\program files\comodo\comodo internet security\quarantine\34fe81f9-2f17-43c8-8176-7e01b11c72b3.data (Trojan.Sirefef) -> Bliver slettet ved genstart. c:\program files\comodo\comodo internet security\quarantine\9603aad4-fcf8-48d3-8446-34d4958e5d36.data (Trojan.Sirefef) -> Bliver slettet ved genstart. c:\program files\comodo\comodo internet security\quarantine\5b4e17ed-7675-486d-91ed-79d2dca29365.data (Trojan.Sirefef) -> Bliver slettet ved genstart. c:\program files\comodo\comodo internet security\quarantine\5cdd5410-f140-4fa3-9e85-38d682080550.data (Trojan.Sirefef) -> Bliver slettet ved genstart. c:\program files\comodo\comodo internet security\quarantine\78554901-1437-4505-8470-1f2afcc9a100.data (Trojan.Sirefef) -> Bliver slettet ved genstart. c:\program files\comodo\comodo internet security\quarantine\1d5aba9d-5a24-4eeb-acae-afcb25152bf3.data (Trojan.Sirefef) -> Bliver slettet ved genstart. c:\program files\comodo\comodo internet security\quarantine\1e082fa4-bf6e-4113-91a6-944d72bd4625.data (Trojan.Sirefef) -> Bliver slettet ved genstart. c:\program files\comodo\comodo internet security\quarantine\cbf473e3-2fe9-4df0-a2a0-f354a5c7109b.data (Trojan.Agent.MRGGen) -> Bliver slettet ved genstart. c:\program files\comodo\comodo internet security\quarantine\cd3b7028-8d8d-42fb-a80f-70dca9af3b17.data (Trojan.Sirefef) -> Bliver slettet ved genstart. c:\program files\comodo\comodo internet security\quarantine\cebaea26-1a43-4cb6-9503-0c35c77821f4.data (Trojan.Sirefef) -> Bliver slettet ved genstart. c:\program files\comodo\comodo internet security\quarantine\5db2e6fd-026f-4ae3-b68c-dced9fbc44fd.data (Trojan.Sirefef) -> Bliver slettet ved genstart. c:\program files\comodo\comodo internet security\quarantine\5e195377-072f-4f0e-a7f3-16dfd46c6283.data (Trojan.Sirefef) -> Bliver slettet ved genstart. c:\program files\comodo\comodo internet security\quarantine\83045a83-375d-4a97-99bc-55257c0468e0.data (Trojan.Sirefef) -> Bliver slettet ved genstart. c:\program files\comodo\comodo internet security\quarantine\456269e9-d576-424e-8ea9-dead56395a59.data (Trojan.Sirefef) -> Bliver slettet ved genstart. c:\program files\comodo\comodo internet security\quarantine\4668f93b-5503-4c91-84a7-52818e317264.data (Trojan.Sirefef) -> Bliver slettet ved genstart. c:\program files\comodo\comodo internet security\quarantine\47c22282-aae3-42e1-b0ca-8739e6266155.data (Trojan.Sirefef) -> Bliver slettet ved genstart. c:\program files\comodo\comodo internet security\quarantine\d62489ef-2691-49a8-9e39-178ac046f4f4.data (Trojan.Sirefef) -> Bliver slettet ved genstart. c:\program files\comodo\comodo internet security\quarantine\d7db7ef0-6c75-44a4-9238-2eb7e31d52ac.data (Trojan.Agent.MRGGen) -> Bliver slettet ved genstart. c:\program files\comodo\comodo internet security\quarantine\dafdb8d5-042a-48be-8435-86549888709e.data (Trojan.Sirefef) -> Bliver slettet ved genstart. c:\program files\comodo\comodo internet security\quarantine\b290ce60-e43d-453c-8e19-9faad7f55ec4.data (Trojan.Sirefef) -> Bliver slettet ved genstart. c:\program files\comodo\comodo internet security\quarantine\b63a3cd8-1b2f-4dc9-b803-ac807495ba97.data (Trojan.Sirefef) -> Bliver slettet ved genstart. c:\program files\comodo\comodo internet security\quarantine\b6c1b0fd-e294-484e-9de5-1feab0a48d68.data (Trojan.Sirefef) -> Bliver slettet ved genstart. c:\program files\comodo\comodo internet security\quarantine\b741270a-776b-42ed-9e97-f8feb21ac47d.data (Trojan.Sirefef) -> Bliver slettet ved genstart. c:\program files\comodo\comodo internet security\quarantine\b7de3660-fd39-42fa-bcaf-bf1dfb30eb75.data (Trojan.Sirefef) -> Bliver slettet ved genstart. c:\program files\comodo\comodo internet security\quarantine\a3a825ce-0ed2-4d05-b49f-1ef0c1a77563.data (Trojan.Sirefef) -> Bliver slettet ved genstart. c:\program files\comodo\comodo internet security\quarantine\a7221e97-ad2e-4357-afd2-a5cca4997582.data (Trojan.Sirefef) -> Bliver slettet ved genstart. c:\program files\comodo\comodo internet security\quarantine\a8157246-45c0-43c0-9d7d-674bb8312d5b.data (Trojan.Sirefef) -> Bliver slettet ved genstart. c:\program files\comodo\comodo internet security\quarantine\a99a934b-68fc-492f-8906-0ae12115cf32.data (Trojan.Sirefef) -> Bliver slettet ved genstart. c:\program files\comodo\comodo internet security\quarantine\aa677140-853f-4b5e-be85-327474459321.data (Trojan.Sirefef) -> Bliver slettet ved genstart. c:\program files\comodo\comodo internet security\quarantine\9fbe48b4-0a5c-4dfe-859a-5377ec22599a.data (Trojan.Sirefef) -> Bliver slettet ved genstart. c:\program files\comodo\comodo internet security\quarantine\a0c24941-e341-46e9-9261-101fce490532.data (Trojan.Sirefef) -> Bliver slettet ved genstart. c:\program files\comodo\comodo internet security\quarantine\f10b6d3b-0239-4065-b135-83fc26a24657.data (Trojan.Sirefef) -> Bliver slettet ved genstart. c:\program files\comodo\comodo internet security\quarantine\4ba6d6a3-8a86-476b-9418-3c5709c0a774.data (Trojan.Sirefef) -> Bliver slettet ved genstart. c:\program files\comodo\comodo internet security\quarantine\4ee6f008-da72-49a4-b3fb-a9b8f596af89.data (Trojan.Sirefef) -> Bliver slettet ved genstart. c:\program files\comodo\comodo internet security\quarantine\4f4b8405-11d8-49c5-9dde-f824aa09281d.data (Trojan.Sirefef) -> Bliver slettet ved genstart. c:\program files\comodo\comodo internet security\quarantine\3586e073-0068-44cc-be95-f50dd9838560.data (Trojan.Sirefef) -> Bliver slettet ved genstart. c:\program files\comodo\comodo internet security\quarantine\373f4196-3f93-4468-bd4f-10c635c3b72e.data (Trojan.Sirefef) -> Bliver slettet ved genstart. c:\program files\comodo\comodo internet security\quarantine\39ad14f3-f793-40cf-8ea3-2d6000a7f773.data (Trojan.Sirefef) -> Bliver slettet ved genstart. c:\program files\comodo\comodo internet security\quarantine\39b0d9dc-d562-43a5-82af-16f06dcc4435.data (Trojan.Sirefef) -> Bliver slettet ved genstart. c:\program files\comodo\comodo internet security\quarantine\72f43234-f5fd-4508-837d-139986b1cd07.data (Trojan.Sirefef) -> Bliver slettet ved genstart. c:\program files\comodo\comodo internet security\quarantine\748744d9-b8b9-4ea9-af39-23e4c2dbf920.data (Trojan.Sirefef) -> Bliver slettet ved genstart. c:\program files\comodo\comodo internet security\quarantine\7515cc36-6883-4a21-89ac-29db9ffa549e.data (Trojan.Sirefef) -> Bliver slettet ved genstart. c:\program files\comodo\comodo internet security\quarantine\28d8e4a1-a448-49e9-b378-8bcbbdaf9ae9.data (Trojan.Sirefef) -> Bliver slettet ved genstart. c:\program files\comodo\comodo internet security\quarantine\28dd16f7-4a65-46e5-830a-693c979b46b1.data (Trojan.Sirefef) -> Bliver slettet ved genstart. c:\program files\comodo\comodo internet security\quarantine\2a0b68ab-84f3-4c51-9269-329bb1cb6d6e.data (Trojan.Sirefef) -> Bliver slettet ved genstart. c:\program files\comodo\comodo internet security\quarantine\7f9fe8d2-2f2f-4b8d-b240-565b348dd79b.data (Trojan.Sirefef) -> Bliver slettet ved genstart. c:\program files\comodo\comodo internet security\quarantine\757e5761-c305-4bb3-9c31-bfe79b11a26e.data (Trojan.Sirefef) -> Bliver slettet ved genstart. c:\program files\comodo\comodo internet security\quarantine\7670880f-ef36-4b47-aeaa-1e676446783b.data (Trojan.Sirefef) -> Bliver slettet ved genstart. c:\program files\comodo\comodo internet security\quarantine\77a5fa9c-0336-483a-866d-83d70067e790.data (Trojan.Sirefef) -> Bliver slettet ved genstart. c:\program files\comodo\comodo internet security\quarantine\ca2645f1-0d9a-4562-addd-c5603687e333.data (Trojan.Sirefef) -> Bliver slettet ved genstart. c:\program files\comodo\comodo internet security\quarantine\992763ed-857d-40dc-aaaf-0e99d6ccc94b.data (Trojan.Sirefef) -> Bliver slettet ved genstart. c:\program files\comodo\comodo internet security\quarantine\9ab8370c-eb03-4467-89ef-ae23e7cb9075.data (Trojan.Sirefef) -> Bliver slettet ved genstart. c:\program files\comodo\comodo internet security\quarantine\664763de-fc1f-4513-b296-3afe650e8ef0.data (Trojan.Sirefef) -> Bliver slettet ved genstart. c:\program files\comodo\comodo internet security\quarantine\668a5cf2-81f4-4210-8e7b-2bf2d546beb5.data (Trojan.Sirefef) -> Bliver slettet ved genstart. c:\program files\comodo\comodo internet security\quarantine\d1619d1a-ca3f-4a52-9384-b4b7b7bd2273.data (Trojan.Sirefef) -> Bliver slettet ved genstart. c:\program files\comodo\comodo internet security\quarantine\d32ba867-3216-4c61-a2a6-d9a123c59a4a.data (Trojan.Sirefef) -> Bliver slettet ved genstart. c:\program files\comodo\comodo internet security\quarantine\e389a619-8400-4891-b6da-f85e52fad8f9.data (Trojan.Sirefef) -> Bliver slettet ved genstart. c:\program files\comodo\comodo internet security\quarantine\fc1e1cc9-b18b-402a-a7e3-56ae6c159830.data (Trojan.Sirefef) -> Bliver slettet ved genstart. c:\program files\comodo\comodo internet security\quarantine\fcff6795-4589-413a-9780-b9b54ee44aa9.data (Trojan.Sirefef) -> Bliver slettet ved genstart. C:\Users\Hjemme\AppData\Local\{4a7f59f7-3c11-88e8-767a-d1c334613446}\L\00000008.@ (Trojan.BitMiner) -> Sat i karantæne og slettet succesfuldt. C:\Users\Hjemme\AppData\Local\{4a7f59f7-3c11-88e8-767a-d1c334613446}\U\00000008.@ (Trojan.Dropper.BCMiner) -> Sat i karantæne og slettet succesfuldt. C:\Windows\assembly\GAC\Desktop.ini (Trojan.0access) -> Sat i karantæne og slettet succesfuldt. C:\Windows\Installer\{4a7f59f7-3c11-88e8-767a-d1c334613446}\L\00000008.@ (Trojan.BitMiner) -> Sat i karantæne og slettet succesfuldt. C:\Windows\Installer\{4a7f59f7-3c11-88e8-767a-d1c334613446}\U\00000008.@ (Trojan.Dropper.BCMiner) -> Sat i karantæne og slettet succesfuldt. C:\Users\Hjemme\AppData\Roaming\020000001ff397b6658C.manifest (Malware.Trace) -> Sat i karantæne og slettet succesfuldt. C:\Users\Hjemme\AppData\Roaming\020000001ff397b6658O.manifest (Malware.Trace) -> Sat i karantæne og slettet succesfuldt. C:\Users\Hjemme\AppData\Roaming\020000001ff397b6658P.manifest (Malware.Trace) -> Sat i karantæne og slettet succesfuldt. C:\Users\Hjemme\AppData\Roaming\020000001ff397b6658S.manifest (Malware.Trace) -> Sat i karantæne og slettet succesfuldt. (færdig) SUPERAntiSpyware Scan Log http://www.superantispyware.com Generated 07/05/2012 at 11:57 PM Application Version : 5.5.1006 Core Rules Database Version : 8845 Trace Rules Database Version: 6657 Scan type : Complete Scan Total Scan Time : 01:29:47 Operating System Information Windows Vista Home Premium 32-bit, Service Pack 2 (Build 6.00.6002) UAC On - Limited User (Administrator User) Memory items scanned : 605 Memory threats detected : 0 Registry items scanned : 35112 Registry threats detected : 0 File items scanned : 51681 File threats detected : 286 Adware.Tracking Cookie .adtech.de [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .doubleclick.net [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .adsby.webtraffic.se [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] ad1.emediate.dk [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .specificclick.net [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .invitemedia.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .adxpose.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .lfstmedia.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .lfstmedia.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .apmebf.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .atdmt.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .imrworldwide.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .imrworldwide.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .adbrite.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .ru4.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .unrulymedia.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .advertising.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .yieldmanager.net [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] ad2.adfarm1.adition.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .server.cpmstar.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .im.banner.t-online.de [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .hypestat.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .hypestat.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .hypestat.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] adserver.adreactor.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .zedo.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .realmedia.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .realmedia.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .ru4.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .ru4.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] network.realmedia.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .adbrite.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .ad.yieldmanager.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .technoratimedia.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] e2.emediate.se [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .toptoy.122.2o7.net [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .server.cpmstar.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .server.cpmstar.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .server.cpmstar.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .xm.xtendmedia.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .adserver.adtechus.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .eboks.112.2o7.net [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .revsci.net [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .ipcmedia.122.2o7.net [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .at.atwola.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] ads.musikmedia.de [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] stat.coop.dk [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .amazon-adsystem.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .amazon-adsystem.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] http://www.virginmedia.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] http://www.virginmedia.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .virginmedia.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] http://www.virginmedia.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .virginmedia.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .virginmedia.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .virginmedia.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .stepstone.112.2o7.net [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] eas8.emediate.eu [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .at.atwola.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .tacoda.at.atwola.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .tacoda.at.atwola.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .tacoda.at.atwola.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .tacoda.at.atwola.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .at.atwola.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .tacoda.at.atwola.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .tacoda.at.atwola.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .atwola.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .advertising.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .ar.atwola.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .histats.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .histats.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] eas4.emediate.eu [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .getclicky.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .static.getclicky.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] in.getclicky.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .tv2.122.2o7.net [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .apmebf.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .mediaplex.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] kristeligtdagblad.adservinginternational.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] nm.adservinginternational.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .tribalfusion.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .jv.adservinginternational.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] int.sitestat.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] int.sitestat.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] ubt.berlingskemedia.net [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] sundhedsguiden.adservinginternational.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .adfarm1.adition.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .adfarm1.adition.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] ad1.adfarm1.adition.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .tradedoubler.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] eas8.emediate.eu [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] eas8.emediate.eu [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] ad1.emediate.dk [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] eas.apm.emediate.eu [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .soomanystats.info [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .soomanystats.info [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .tradedoubler.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] track.adform.net [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .adbrite.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .adbrite.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .h2porn.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .h2porn.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .h2porn.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .h2porn.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .h2porn.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .h2porn.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .ero-advertising.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] h2porn.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .h2porn.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .h2porn.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .h2porn.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .exoclick.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .sexad.net [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .pornrabbit.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .pornrabbit.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .pornrabbit.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .track.gridlockparadise.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .track.gridlockparadise.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .track.gridlockparadise.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] cdn1.xlightmedia.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] ads2.zeusclicks.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .girlsteachsex.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] http://www.pornrabbit.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .enoratraffic.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] http://www.pornerbros.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] http://www.pornerbros.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] http://www.pornerbros.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] http://www.pornerbros.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .pornerbros.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .pornerbros.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .pornerbros.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] ads.pornerbros.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] sexybass.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .sexybass.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .sexybass.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .sexybass.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] http://www.pornerbros.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] http://www.pornerbros.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .adultfriendfinder.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .adxpansion.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .adultfriendfinder.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .adultfriendfinder.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .adultfriendfinder.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .adultfriendfinder.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .adultfriendfinder.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .exoclick.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .syndication.traffichaus.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .syndication.traffichaus.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .syndication.traffichaus.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .adultfriendfinder.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .adultfriendfinder.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .adultfriendfinder.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .banners.adultfriendfinder.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .advertising.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .advertising.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .advertising.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .serving-sys.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .zedo.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .tradedoubler.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .tradedoubler.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] eas8.emediate.eu [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .zanox.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] eas.apm.emediate.eu [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] eas.apm.emediate.eu [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .media6degrees.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .invitemedia.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .invitemedia.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] server.adformdsp.net [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .casalemedia.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .casalemedia.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .casalemedia.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .casalemedia.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .casalemedia.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .casalemedia.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .adbrite.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .adtech.de [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .bs.serving-sys.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] supremeadserver.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] supremeadserver.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .mediaplex.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .invitemedia.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .invitemedia.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .invitemedia.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .invitemedia.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .advertising.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .lucidmedia.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] ad.yieldmanager.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .zedo.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .zedo.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .zedo.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .zedo.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .zedo.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .statcounter.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] track.solocpm.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] ad.zanox.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] ad.yieldmanager.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .tradedoubler.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] supremeadserver.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] 7.rotator.wigetmedia.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] 7.rotator.wigetmedia.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] 7.rotator.wigetmedia.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] gottracked.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] e2.emediate.se [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] e2.emediate.se [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] watagame.adservinginternational.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] ad1.emediate.dk [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .adform.net [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .media6degrees.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] adserver3.openadex.dk [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] adserver3.openadex.dk [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .media6degrees.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .media6degrees.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .arlafoods.112.2o7.net [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] http://www.findeopskrifter.dk [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .findeopskrifter.dk [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .findeopskrifter.dk [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .findeopskrifter.dk [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] impr.adservicemedia.dk [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] impr.adservicemedia.dk [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] srv.clickfuse.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] srv.clickfuse.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] srv.clickfuse.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] ad.yieldmanager.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] ad.yieldmanager.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .clickfuse.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] track.solocpm.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] track.solocpm.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] track.solocpm.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] track.solocpm.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] track.solocpm.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .tradedoubler.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .tradedoubler.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .tradedoubler.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] track.solocpm.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] track.solocpm.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] track.solocpm.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] track.solocpm.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] track.solocpm.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] track.solocpm.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .files.bannersnack.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .files.bannersnack.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .serving-sys.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .serving-sys.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .serving-sys.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] jv.adservinginternational.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] accounts.google.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .fastclick.net [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .atdmt.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .h.atdmt.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .h.atdmt.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .atdmt.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .h.atdmt.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .h.atdmt.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] track.adform.net [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .invitemedia.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] ad1.emediate.dk [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .adtech.de [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .adtech.de [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .adformdsp.net [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] server.adformdsp.net [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] server.adformdsp.net [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .adformdsp.net [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .atdmt.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .c.atdmt.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .c.atdmt.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .c.atdmt.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .c.atdmt.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .adpeppermedia.net [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] ad.yieldmanager.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .collective-media.net [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .collective-media.net [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .legolas-media.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .legolas-media.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .legolas-media.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .adform.net [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] track.adform.net [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .adform.net [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] ad.yieldmanager.com [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .revsci.net [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .revsci.net [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .revsci.net [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .revsci.net [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .revsci.net [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] e2.emediate.se [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] e2.emediate.se [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] .adviva.net [ C:\USERS\HJEMME\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
[ Ignorer ] [ # 1 ] f-arn TeamSpywarefri
06.07.2012 23:18:25 Administrator Team Spywarefri Antal indlæg: 7125	Hej ZeroAccess er en rigtig led infektion, men la’ os gøre dette -> Hent og gem ComboFix på dit skrivebord. <- Vigtigt Kør så ComboFix og følg anvisningerne. Da ComboFix kan konflikte med dine sikkerhedsprogrammer, er det vigtigt at du deaktiverer dem. <- Vigtigt Du bør ikke klikke på vinduet imens værktøjet kører, idet det kan få din computer til at fryse. Når ComboFix er færdig, og efter det (muligvis) har genstartet, skulle der gerne åbnes en logfil: ComboFix.txt Indholdet af denne fil må du gerne lægge herind. Den kan findes her: C:\ComboFix.txt Får du noget der ligner denne fejl. Der blev forsøgt en ugyldig handling på en registreringsdatabasenøgle, som er blevet mærket til sletning Så genstart, en gang mere, det burde løse det. ——— Hvis ComboFix ikke vil køre, skal du *ikke* prøve igen, men melde tilbage i tråden her Signatur Undlad venligst at vedhæfte logs, medmindre du bliver bedt om det !
[ Ignorer ] [ # 2 ] Photop
07.07.2012 07:04:14 Antal indlæg: 171	Tak for svar (og undskyld jeg vedhæftede logs uden at være blevet bedt om det ) Jeg hentede ComboFix, deaktiverede netværk og sikkerhedsprogrammer og kørte programmet. Den fejlede på noget med at oprette en sikkerhedskopi af registreringsdatabasen (tror jeg det var. Blev bagefter i tvivl om, hvorvidt det var registreringsdatabasen, eller et systemgendannelsespunkt). Jeg sagde så ok, til at den måtte fortsætte uden, men den dør i en kommandoprompt med følgende fejlmelding: “c.bat blev ikke genkendt som en intern eller ekstern kommando, et program eller en batchfil”
[ Ignorer ] [ # 3 ] f-arn TeamSpywarefri
07.07.2012 07:09:51 Administrator Team Spywarefri Antal indlæg: 7125	Godmorgen Du vedhæftede ikke - du kopierede logs herind Kørte ComboFix, og lavede den en log Signatur Undlad venligst at vedhæfte logs, medmindre du bliver bedt om det !
[ Ignorer ] [ # 4 ] Photop
07.07.2012 07:22:24 Antal indlæg: 171	Nej desværre. Combofix døde uden at køre noget, og uden at lave en log.
[ Ignorer ] [ # 5 ] f-arn TeamSpywarefri
07.07.2012 07:40:28 Administrator Team Spywarefri Antal indlæg: 7125	Det frygtede jeg, men jeg har lige et lille spørgsmål. Brugte du Google Chrome, da du prøvede at hente DDS ——— Du skal helst downloade fra en anden PC ——— Til 32 bit Windows, hent Farbar Recovery Scan Tool og gem den på en USB nøgle. Sæt USB nøglen i den inficerede PC. Start PCen op med “Advanced Boot Options” (Tryk F8 flere gange under opstart) Vælg “Repair Your Computer” Vælg sprog. Vælg Bruger konto. Så skal du vælge Kommando Prompt. Der skriver du notepad, og trykker <Enter> Vælg Fil menu -> Åbn og vælg “Computer”. Find drevbogstavet til din USB nøgle. Luk Notesblok. Ved Kommando prompten skriver du e:\frst.exe Erstat e med det rigtige bogstav. Når Farbar Recovery Scan Tool er startet, klikker du på Scan. Den laver FRST.txt på USB nøglen. Kopier den herind i dit næste indlæg. Signatur Undlad venligst at vedhæfte logs, medmindre du bliver bedt om det !
[ Ignorer ] [ # 6 ] Photop
07.07.2012 07:44:54 Antal indlæg: 171	f-arn TeamSpywarefri - 07.07.2012 07:40:28 Brugte du Google Chrome, da du prøvede at hente DDS Ja, det gjorde jeg. Skal jeg prøve fra IE i stedet og/eller skal jeg bare fortsætte med de øvrige instrukser? Jeg vender først tilbage til tråden i aften en gang… Tak for hjælpen så vidt.
[ Ignorer ] [ # 7 ] f-arn TeamSpywarefri
07.07.2012 07:51:40 Administrator Team Spywarefri Antal indlæg: 7125	Photop - 07.07.2012 07:44:54 f-arn TeamSpywarefri - 07.07.2012 07:40:28 Brugte du Google Chrome, da du prøvede at hente DDS Ja, det gjorde jeg. Skal jeg prøve fra IE i stedet og/eller skal jeg bare fortsætte med de øvrige instrukser? Nej - bare fortsæt med Farbar Recovery Scan Tool, for jeg var bare nysgerrig Signatur Undlad venligst at vedhæfte logs, medmindre du bliver bedt om det !
[ Ignorer ] [ # 8 ] Photop
07.07.2012 22:05:01 Antal indlæg: 171	f-arn TeamSpywarefri - 07.07.2012 07:40:28 Den laver FRST.txt på USB nøglen. Kopier den herind i dit næste indlæg. Den følger her: Scan result of Farbar Recovery Scan Tool (FRST written by Farbar) Version: 07-07-2012 03 Ran by SYSTEM at 07-07-2012 21:56:24 Running from G:\ Windows Vista (TM) Home Premium (X86) OS Language: English(US) The current controlset is ControlSet001 ========================== Registry (Whitelisted) ============= HKLM\...\Run: [RtHDVCpl] RtHDVCpl.exe [x] HKLM\...\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe [457216 2007-04-25] (HiTRUST) HKLM\...\Run: [eAudio] “C:\Acer\Empowering Technology\eAudio\eAudio.exe” [1286144 2007-06-11] (CyberLink) HKLM\...\Run: [Acer Tour] [x] HKLM\...\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe [752136 2007-06-27] (Dritek System Inc.) HKLM\...\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe [57344 2006-11-05] (Acer Inc.) HKLM\...\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe [159744 2007-06-06] (Alps Electric Co., Ltd.) HKLM\...\Run: [eRecoveryService] [x] HKLM\...\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe [151552 2007-05-22] (Acer Inc.) HKLM\...\Run: [Skytel] Skytel.exe [x] HKLM\...\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart [86016 2007-06-06] (NVIDIA Corporation) HKLM\...\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup [8433664 2007-06-06] (NVIDIA Corporation) HKLM\...\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit [81920 2007-06-06] (NVIDIA Corporation) HKLM\...\Run: [CPA] C:\Program Files\COMODO\COMODO GeekBuddy\VALA.exe [182584 2011-11-23] (COMODO) HKLM\...\Run: [COMODO Internet Security] “C:\Program Files\COMODO\COMODO Internet Security\cfp.exe” -h [6749512 2012-03-11] (COMODO) HKLM\...\Run: [SunJavaUpdateSched] “C:\Program Files\Common Files\Java\Java Update\jusched.exe” [254696 2012-01-18] (Sun Microsystems, Inc.) HKLM\...\Run: [APSDaemon] “C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe” [59280 2012-05-30] (Apple Inc.) HKLM\...\Run: [iTunesHelper] “C:\Program Files\iTunes\iTunesHelper.exe” [421776 2012-06-07] (Apple Inc.) HKLM\...\Run: [QuickTime Task] “C:\Program Files\QuickTime\QTTask.exe” -atboottime [421888 2012-04-18] (Apple Inc.) HKLM\...\Run: [Adobe Reader Speed Launcher] “C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe” [40368 2011-08-30] (Adobe Systems Incorporated) HKLM\...\Run: [Adobe ARM] “C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe” [937920 2011-03-29] (Adobe Systems Incorporated) HKU\Hjemme\...\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe [125952 2008-01-18] (Microsoft Corporation) HKU\Hjemme\...\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-18] (Microsoft Corporation) HKU\Hjemme\...\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [3906432 2012-06-26] (SUPERAntiSpyware.com) HKU\Hjemme\...\Run: [swg] “C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe” [39408 2010-05-23] (Google Inc.) Winlogon\Notify\!SASWinLogon: C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL [X] Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 AppInit_DLLs: ?½Ä½??Y?C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe C:\Windows\system32\guard32.dll Startup: C:\Users\All Users\Start Menu\Programs\Startup\Secunia PSI Tray.lnk ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files\Secunia\PSI\psi_tray.exe (Secunia) ================================ Services (Whitelisted) ================== 2 !SASCORE; “C:\Program Files\SUPERAntiSpyware\SASCORE.EXE” [116608 2011-08-11] (SUPERAntiSpyware.com) 2 CLPSLS; C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe [1052472 2011-11-23] (COMODO) 2 cmdAgent; “C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe” [1983232 2012-03-11] (COMODO) 2 eDataSecurity Service; “C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe” [457512 2007-04-25] (HiTRSUT) 2 eLockService; C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe [24576 2007-04-22] (Acer Inc.) 2 eNet Service; C:\Acer\Empowering Technology\eNet\eNet Service.exe [135168 2007-06-13] (Acer Inc.) 2 eRecoveryService; C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe [53248 2007-07-03] (Acer Inc.) 2 eSettingsService; C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe [24576 2007-06-28] () 2 Eventlog; C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted [21504 2008-01-18] (Microsoft Corporation) 2 MobilityService; C:\Acer\Mobility Center\MobilityService.exe -p [107008 2006-11-24] () 3 ose; “C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE” [89136 2003-07-28] (Microsoft Corporation) 2 RichVideo; “C:\Program Files\CyberLink\Shared Files\RichVideo.exe” [266343 2007-01-23] () 2 Secunia PSI Agent; “C:\Program Files\Secunia\PSI\PSIA.exe”—start-service [1326176 2012-06-26] (Secunia) 2 Secunia Update Agent; “C:\Program Files\Secunia\PSI\sua.exe”—start-service [681056 2012-06-26] (Secunia) 2 SkypeUpdate; “C:\Program Files\Skype\Updater\Updater.exe” [158856 2012-02-28] (Skype Technologies) 2 WMIService; C:\Acer\Empowering Technology\ePower\ePowerSvc.exe [167936 2007-06-13] (acer) ========================== Drivers (Whitelisted) ============= 3 Cam5607; C:\Windows\System32\Drivers\BisonC07.sys [767664 2007-05-27] (Bison Electronics. Inc. ) 1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [19600 2012-03-11] (COMODO) 1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [491816 2012-03-11] (COMODO) 1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [38616 2012-03-11] (COMODO) 3 DKbFltr; C:\Windows\System32\DRIVERS\DKbFltr.sys [21264 2006-11-02] (Dritek System Inc.) 1 DritekPortIO; \??\C:\PROGRA~1\LAUNCH~1\DPortIO.sys [20112 2006-11-02] (Dritek System Inc.) 1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [82400 2012-03-11] (COMODO) 2 int15; \??\C:\Acer\Empowering Technology\eRecovery\int15.sys [76584 2006-12-07] () 3 NTIDrvr; C:\Windows\System32\DRIVERS\NTIDrvr.sys [6144 2007-08-01] (NewTech Infosystems, Inc.) 3 nvsmu; C:\Windows\System32\DRIVERS\nvsmu.sys [12032 2007-05-16] (NVIDIA Corporation) 0 PSDFilter; C:\Windows\System32\DRIVERS\psdfilter.sys [20776 2007-04-25] (HiTRUST) 0 PSDNServ; C:\Windows\System32\drivers\PSDNServ.sys [16680 2007-04-25] (HiTRUST) 0 psdvdisk; C:\Windows\System32\drivers\psdvdisk.sys [60712 2007-04-25] (HiTRUST) 3 PSI; C:\Windows\System32\DRIVERS\psi_mf.sys [15544 2011-12-16] (Secunia) 1 SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com) 1 SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com) 2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796}; \??\C:\Program Files\Acer Arcade Deluxe\Play Movie\000.fcl [13560 2006-11-02] (Cyberlink Corp.) 4 blbdrive; C:\Windows\system32\drivers\blbdrive.sys [x] 3 IpInIp; C:\Windows\System32\DRIVERS\ipinip.sys [x] 3 NwlnkFlt; C:\Windows\System32\DRIVERS\nwlnkflt.sys [x] 3 NwlnkFwd; C:\Windows\System32\DRIVERS\nwlnkfwd.sys [x] 4 UIUSys; C:\Windows\System32\DRIVERS\UIUSYS.SYS [x] ========================== NetSvcs (Whitelisted) =========== Fortsættes i næste indlæg…
[ Ignorer ] [ # 9 ] Photop
07.07.2012 22:05:48 Antal indlæg: 171	Fortsat fra forrige indlæg… ============ One Month Created Files and Folders ============== 2012-07-06 20:54 - 2012-07-06 20:54 - 00000331 ____A C:\Start_.cmd 2012-07-06 20:54 - 2012-07-06 20:54 - 00000000 ____D C:\ComboFix 2012-07-06 20:53 - 2012-07-06 20:54 - 00000000 ___SD C:\32788R22FWJFW 2012-07-06 20:53 - 2012-07-06 20:53 - 00000000 ___HD C:\VritualRoot 2012-07-06 20:53 - 2012-07-06 20:53 - 00000000 ____D C:\Windows\erdnt 2012-07-06 20:53 - 2012-07-06 20:53 - 00000000 ____D C:\Qoobox 2012-07-06 20:48 - 2012-07-06 20:48 - 04573044 ____R (Swearware) C:\Users\Hjemme\Desktop\ComboFix.exe 2012-07-06 12:01 - 2012-07-06 12:03 - 00001891 ____A C:\Users\Public\Desktop\Adobe Reader 8.lnk 2012-07-06 12:01 - 2012-07-06 12:01 - 00000000 ____D C:\Program Files\Adobe 2012-07-06 11:56 - 2012-07-06 11:56 - 00001033 ____A C:\Users\Public\Desktop\OpenOffice.org 3.4.lnk 2012-07-06 11:19 - 2012-07-06 11:21 - 00000000 ____D C:\Users\Hjemme\AppData\Roaming\HpUpdate 2012-07-06 11:19 - 2012-07-06 11:19 - 00000000 ____D C:\Windows\Hewlett-Packard 2012-07-06 11:06 - 2012-07-06 11:06 - 00001730 ____A C:\Users\Public\Desktop\QuickTime Player.lnk 2012-07-06 11:05 - 2012-07-06 11:06 - 00000000 ____D C:\Program Files\QuickTime 2012-07-06 09:22 - 2012-07-06 09:22 - 00001668 ____A C:\Users\Public\Desktop\iTunes.lnk 2012-07-06 09:20 - 2012-07-06 09:22 - 00000000 ____D C:\Users\All Users\{429CAD59-35B1-4DBC-BB6D-1DB246563521} 2012-07-06 09:20 - 2012-07-06 09:22 - 00000000 ____D C:\Program Files\iTunes 2012-07-06 09:20 - 2012-07-06 09:20 - 00000000 ____D C:\Users\Hjemme\Desktop\OpenOffice.org 3.3 (da) Installation Files 2012-07-06 09:20 - 2012-07-06 09:20 - 00000000 ____D C:\Program Files\iPod 2012-07-06 09:16 - 2012-07-06 09:18 - 138422640 ____A C:\Users\Hjemme\Downloads\OOo_3.3.0_Win_x86_install_da.exe 2012-07-05 15:44 - 2012-07-05 15:44 - 00000863 ____A C:\Users\Public\Desktop\VLC media player.lnk 2012-07-05 15:44 - 2012-07-05 15:44 - 00000000 ____D C:\Program Files\Apple Software Update 2012-07-05 15:43 - 2012-07-05 15:43 - 00000000 ____D C:\Program Files\Bonjour 2012-07-05 15:25 - 2012-07-05 15:25 - 00000000 ____D C:\Users\Hjemme\AppData\Local\Secunia PSI 2012-07-05 15:22 - 2012-07-05 15:22 - 00000000 ____D C:\Program Files\Secunia 2012-07-05 15:21 - 2012-07-05 15:21 - 03281592 ____A (Secunia) C:\Users\Hjemme\Downloads\PSISetup.exe 2012-07-05 14:56 - 2012-07-05 14:56 - 00000000 ____D C:\Users\All Users\Sun 2012-07-05 14:56 - 2012-07-05 14:56 - 00000000 ____D C:\Program Files\Common Files\Java 2012-07-05 14:55 - 2012-07-05 14:55 - 00476936 ____A (Sun Microsystems, Inc.) C:\Windows\System32\npdeployJava1.dll 2012-07-05 14:55 - 2012-07-05 14:55 - 00472840 ____A (Sun Microsystems, Inc.) C:\Windows\System32\deployJava1.dll 2012-07-05 14:55 - 2012-07-05 14:55 - 00157448 ____A (Sun Microsystems, Inc.) C:\Windows\System32\javaws.exe 2012-07-05 14:55 - 2012-07-05 14:55 - 00149256 ____A (Sun Microsystems, Inc.) C:\Windows\System32\javaw.exe 2012-07-05 14:55 - 2012-07-05 14:55 - 00149256 ____A (Sun Microsystems, Inc.) C:\Windows\System32\java.exe 2012-07-05 14:48 - 2012-07-05 14:48 - 00000000 ____D C:\Users\All Users\McAfee 2012-07-05 12:58 - 2012-03-01 06:46 - 00219648 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1core.dll 2012-07-05 12:58 - 2012-03-01 06:46 - 00160768 ____A (Microsoft Corporation) C:\Windows\System32\d3d10_1.dll 2012-07-05 12:58 - 2012-02-29 06:08 - 01172480 ____A (Microsoft Corporation) C:\Windows\System32\d3d10warp.dll 2012-07-05 12:58 - 2012-02-29 05:44 - 00683008 ____A (Microsoft Corporation) C:\Windows\System32\d2d1.dll 2012-07-05 12:58 - 2012-02-29 05:41 - 01069056 ____A (Microsoft Corporation) C:\Windows\System32\DWrite.dll 2012-07-05 12:58 - 2011-03-12 13:55 - 00876032 ____A (Microsoft Corporation) C:\Windows\System32\XpsPrint.dll 2012-07-04 14:06 - 2012-07-04 14:06 - 00000000 ____D C:\Program Files\Windows Portable Devices 2012-07-04 13:56 - 2012-07-04 13:56 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_User_WpdMtpDr_01_07_00.Wdf 2012-07-04 13:55 - 2012-07-04 13:55 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_User_WpdFs_01_07_00.Wdf 2012-07-04 04:26 - 2009-09-09 18:01 - 03023360 ____A (Microsoft Corporation) C:\Windows\System32\UIRibbon.dll 2012-07-04 04:26 - 2009-09-09 18:00 - 01164800 ____A (Microsoft Corporation) C:\Windows\System32\UIRibbonRes.dll 2012-07-04 04:26 - 2009-09-09 18:00 - 00092672 ____A (Microsoft Corporation) C:\Windows\System32\UIAnimation.dll 2012-07-04 04:22 - 2009-09-30 17:02 - 02537472 ____A (Microsoft Corporation) C:\Windows\System32\wpdshext.dll 2012-07-04 04:22 - 2009-09-30 17:02 - 00334848 ____A (Microsoft Corporation) C:\Windows\System32\PortableDeviceApi.dll 2012-07-04 04:22 - 2009-09-30 17:02 - 00087552 ____A (Microsoft Corporation) C:\Windows\System32\WPDShServiceObj.dll 2012-07-04 04:22 - 2009-09-30 17:02 - 00031232 ____A (Microsoft Corporation) C:\Windows\System32\BthMtpContextHandler.dll 2012-07-04 04:22 - 2009-09-30 17:02 - 00030208 ____A (Microsoft Corporation) C:\Windows\System32\WPDShextAutoplay.exe 2012-07-04 04:22 - 2009-09-30 17:01 - 00546816 ____A (Microsoft Corporation) C:\Windows\System32\wpd_ci.dll 2012-07-04 04:22 - 2009-09-30 17:01 - 00350208 ____A (Microsoft Corporation) C:\Windows\System32\WPDSp.dll 2012-07-04 04:22 - 2009-09-30 17:01 - 00226816 ____A (Microsoft Corporation) C:\Windows\System32\WpdMtp.dll 2012-07-04 04:22 - 2009-09-30 17:01 - 00196608 ____A (Microsoft Corporation) C:\Windows\System32\PortableDeviceWMDRM.dll 2012-07-04 04:22 - 2009-09-30 17:01 - 00160256 ____A (Microsoft Corporation) C:\Windows\System32\PortableDeviceTypes.dll 2012-07-04 04:22 - 2009-09-30 17:01 - 00100864 ____A (Microsoft Corporation) C:\Windows\System32\PortableDeviceClassExtension.dll 2012-07-04 04:22 - 2009-09-30 17:01 - 00081920 ____A (Microsoft Corporation) C:\Windows\System32\wpdbusenum.dll 2012-07-04 04:22 - 2009-09-30 17:01 - 00061952 ____A (Microsoft Corporation) C:\Windows\System32\WpdMtpUS.dll 2012-07-04 04:22 - 2009-09-30 17:01 - 00060928 ____A (Microsoft Corporation) C:\Windows\System32\PortableDeviceConnectApi.dll 2012-07-04 04:22 - 2009-09-30 17:01 - 00040448 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\WpdUsb.sys 2012-07-04 04:22 - 2009-09-30 17:01 - 00033280 ____A (Microsoft Corporation) C:\Windows\System32\WpdConns.dll 2012-07-04 04:03 - 2012-02-29 07:11 - 00172032 ____A (Microsoft Corporation) C:\Windows\System32\wintrust.dll 2012-07-04 04:03 - 2012-02-29 07:11 - 00005120 ____A (Microsoft Corporation) C:\Windows\System32\wmi.dll 2012-07-04 04:03 - 2012-02-29 07:09 - 00157696 ____A (Microsoft Corporation) C:\Windows\System32\imagehlp.dll 2012-07-04 04:03 - 2012-02-29 05:32 - 00012800 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\fs_rec.sys 2012-07-04 03:43 - 2012-07-04 03:43 - 09737728 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll 2012-07-04 03:43 - 2012-07-04 03:43 - 01793024 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll 2012-07-04 03:43 - 2012-07-04 03:43 - 01129472 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll 2012-07-04 03:43 - 2012-07-04 03:43 - 01103872 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll 2012-07-04 03:43 - 2012-07-04 03:43 - 00367104 ____A (Microsoft Corporation) C:\Windows\System32\html.iec 2012-07-04 03:43 - 2012-07-04 03:43 - 00176640 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll 2012-07-04 03:43 - 2012-07-04 03:43 - 00162304 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll 2012-07-04 03:43 - 2012-07-04 03:43 - 00161792 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll 2012-07-04 03:43 - 2012-07-04 03:43 - 00086528 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll 2012-07-04 03:43 - 2012-07-04 03:43 - 00076800 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe 2012-07-04 03:43 - 2012-07-04 03:43 - 00074752 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe 2012-07-04 03:43 - 2012-07-04 03:43 - 00065024 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll 2012-07-04 03:43 - 2012-07-04 03:43 - 00063488 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx 2012-07-04 03:43 - 2012-07-04 03:43 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll 2012-07-04 03:42 - 2012-07-04 03:42 - 12314624 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll 2012-07-04 03:42 - 2012-07-04 03:42 - 03695416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat 2012-07-04 03:42 - 2012-07-04 03:42 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb 2012-07-04 03:42 - 2012-07-04 03:42 - 01800192 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll 2012-07-04 03:42 - 2012-07-04 03:42 - 01427968 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl 2012-07-04 03:42 - 2012-07-04 03:42 - 00716800 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll 2012-07-04 03:42 - 2012-07-04 03:42 - 00580608 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll 2012-07-04 03:42 - 2012-07-04 03:42 - 00434176 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll 2012-07-04 03:42 - 2012-07-04 03:42 - 00420864 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll 2012-07-04 03:42 - 2012-07-04 03:42 - 00353792 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll 2012-07-04 03:42 - 2012-07-04 03:42 - 00353584 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll 2012-07-04 03:42 - 2012-07-04 03:42 - 00231936 ____A (Microsoft Corporation) C:\Windows\System32\url.dll 2012-07-04 03:42 - 2012-07-04 03:42 - 00227840 ____A (Microsoft Corporation) C:\Windows\System32\ieaksie.dll 2012-07-04 03:42 - 2012-07-04 03:42 - 00223232 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll 2012-07-04 03:42 - 2012-07-04 03:42 - 00203776 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll 2012-07-04 03:42 - 2012-07-04 03:42 - 00163840 ____A (Microsoft Corporation) C:\Windows\System32\ieakui.dll 2012-07-04 03:42 - 2012-07-04 03:42 - 00152064 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe 2012-07-04 03:42 - 2012-07-04 03:42 - 00150528 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe 2012-07-04 03:42 - 2012-07-04 03:42 - 00142848 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe 2012-07-04 03:42 - 2012-07-04 03:42 - 00130560 ____A (Microsoft Corporation) C:\Windows\System32\ieakeng.dll 2012-07-04 03:42 - 2012-07-04 03:42 - 00123392 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll 2012-07-04 03:42 - 2012-07-04 03:42 - 00118784 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll 2012-07-04 03:42 - 2012-07-04 03:42 - 00114176 ____A (Microsoft Corporation) C:\Windows\System32\advpack.dll 2012-07-04 03:42 - 2012-07-04 03:42 - 00110592 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll 2012-07-04 03:42 - 2012-07-04 03:42 - 00101888 ____A (Microsoft Corporation) C:\Windows\System32\admparse.dll 2012-07-04 03:42 - 2012-07-04 03:42 - 00078848 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll 2012-07-04 03:42 - 2012-07-04 03:42 - 00074752 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll 2012-07-04 03:42 - 2012-07-04 03:42 - 00074240 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe 2012-07-04 03:42 - 2012-07-04 03:42 - 00073216 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll 2012-07-04 03:42 - 2012-07-04 03:42 - 00066048 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll 2012-07-04 03:42 - 2012-07-04 03:42 - 00054272 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll 2012-07-04 03:42 - 2012-07-04 03:42 - 00041472 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll 2012-07-04 03:42 - 2012-07-04 03:42 - 00035840 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll 2012-07-04 03:42 - 2012-07-04 03:42 - 00031744 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll 2012-07-04 03:42 - 2012-07-04 03:42 - 00023552 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll 2012-07-04 03:42 - 2012-07-04 03:42 - 00011776 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe 2012-07-04 03:42 - 2012-07-04 03:42 - 00010752 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe 2012-07-04 03:40 - 2012-07-04 03:40 - 02873344 ____A (Microsoft Corporation) C:\Windows\System32\mf.dll 2012-07-04 03:40 - 2012-07-04 03:40 - 01075712 ____A (Microsoft Corporation) C:\Windows\System32\shdocvw.dll 2012-07-04 03:40 - 2012-07-04 03:40 - 00979456 ____A (Microsoft Corporation) C:\Windows\System32\MFH264Dec.dll 2012-07-04 03:40 - 2012-07-04 03:40 - 00586240 ____A (Microsoft Corporation) C:\Windows\System32\stobject.dll 2012-07-04 03:40 - 2012-07-04 03:40 - 00357376 ____A (Microsoft Corporation) C:\Windows\System32\MFHEAACdec.dll 2012-07-04 03:40 - 2012-07-04 03:40 - 00302592 ____A (Microsoft Corporation) C:\Windows\System32\mfmp4src.dll 2012-07-04 03:40 - 2012-07-04 03:40 - 00261632 ____A (Microsoft Corporation) C:\Windows\System32\mfreadwrite.dll 2012-07-04 03:40 - 2012-07-04 03:40 - 00209920 ____A (Microsoft Corporation) C:\Windows\System32\mfplat.dll 2012-07-04 03:40 - 2012-07-04 03:40 - 00098816 ____A (Microsoft Corporation) C:\Windows\System32\mfps.dll 2012-07-04 03:39 - 2012-07-04 03:39 - 01554432 ____A (Microsoft Corporation) C:\Windows\System32\xpsservices.dll 2012-07-04 03:39 - 2012-07-04 03:39 - 01029120 ____A (Microsoft Corporation) C:\Windows\System32\d3d10.dll 2012-07-04 03:39 - 2012-07-04 03:39 - 00847360 ____A (Microsoft Corporation) C:\Windows\System32\OpcServices.dll 2012-07-04 03:39 - 2012-07-04 03:39 - 00667648 ____A (Microsoft Corporation) C:\Windows\System32\printfilterpipelinesvc.exe 2012-07-04 03:39 - 2012-07-04 03:39 - 00638336 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dxgkrnl.sys 2012-07-04 03:39 - 2012-07-04 03:39 - 00486400 ____A (Microsoft Corporation) C:\Windows\System32\d3d10level9.dll 2012-07-04 03:39 - 2012-07-04 03:39 - 00478720 ____A (Microsoft Corporation) C:\Windows\System32\dxgi.dll 2012-07-04 03:39 - 2012-07-04 03:39 - 00258048 ____A (Microsoft Corporation) C:\Windows\System32\winspool.drv 2012-07-04 03:39 - 2012-07-04 03:39 - 00189952 ____A (Microsoft Corporation) C:\Windows\System32\d3d10core.dll 2012-07-04 03:39 - 2012-07-04 03:39 - 00135680 ____A (Microsoft Corporation) C:\Windows\System32\XpsRasterService.dll 2012-07-04 03:39 - 2012-07-04 03:39 - 00037376 ____A (Microsoft Corporation) C:\Windows\System32\cdd.dll 2012-07-04 03:39 - 2012-07-04 03:39 - 00026112 ____A (Microsoft Corporation) C:\Windows\System32\printfilterpipelineprxy.dll 2012-07-04 03:36 - 2012-07-04 03:36 - 00974848 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll 2012-07-04 03:36 - 2012-07-04 03:36 - 00519680 ____A (Microsoft Corporation) C:\Windows\System32\d3d11.dll 2012-07-04 03:36 - 2012-07-04 03:36 - 00369664 ____A (Microsoft Corporation) C:\Windows\System32\WMPhoto.dll 2012-07-04 03:36 - 2012-07-04 03:36 - 00321024 ____A (Microsoft Corporation) C:\Windows\System32\PhotoMetadataHandler.dll 2012-07-04 03:36 - 2012-07-04 03:36 - 00252928 ____A (Microsoft Corporation) C:\Windows\System32\dxdiag.exe 2012-07-04 03:36 - 2012-07-04 03:36 - 00195584 ____A (Microsoft Corporation) C:\Windows\System32\dxdiagn.dll 2012-07-04 03:36 - 2012-07-04 03:36 - 00189440 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecsExt.dll 2012-07-04 03:32 - 2012-07-04 03:44 - 00004461 ____A C:\Windows\IE9_main.log 2012-07-04 02:45 - 2012-07-04 02:45 - 00001804 ____A C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk 2012-07-04 02:43 - 2012-07-04 02:44 - 18221120 ____A (SUPERAntiSpyware.com) C:\Users\Hjemme\Downloads\SUPERAntiSpyware.exe 2012-07-04 02:33 - 2012-07-06 20:44 - 00008242 ____A C:\Windows\PFRO.log 2012-07-04 01:58 - 2012-04-23 08:00 - 00984064 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll 2012-07-04 01:58 - 2012-04-23 08:00 - 00133120 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll 2012-07-04 01:58 - 2012-04-23 08:00 - 00098304 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll 2012-07-04 01:58 - 2011-11-18 12:23 - 01205064 ____A (Microsoft Corporation) C:\Windows\System32\ntdll.dll 2012-07-04 01:58 - 2011-10-14 08:03 - 00189952 ____A (Microsoft Corporation) C:\Windows\System32\winmm.dll 2012-07-04 01:58 - 2011-10-14 08:00 - 00023552 ____A (Microsoft Corporation) C:\Windows\System32\mciseq.dll 2012-07-04 01:58 - 2011-07-29 08:01 - 00293376 ____A (Microsoft Corporation) C:\Windows\System32\psisdecd.dll 2012-07-04 01:58 - 2011-07-29 08:01 - 00217088 ____A (Microsoft Corporation) C:\Windows\System32\psisrndr.ax 2012-07-04 01:58 - 2011-07-29 08:00 - 00069632 ____A (Microsoft Corporation) C:\Windows\System32\Mpeg2Data.ax 2012-07-04 01:58 - 2011-07-29 08:00 - 00057856 ____A (Microsoft Corporation) C:\Windows\System32\MSDvbNP.ax 2012-07-04 01:57 - 2012-03-30 04:39 - 00905600 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys 2012-07-04 01:57 - 2012-03-20 15:28 - 00053120 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\partmgr.sys 2012-07-04 01:57 - 2011-12-14 08:17 - 00680448 ____A (Microsoft Corporation) C:\Windows\System32\msvcrt.dll 2012-07-04 01:57 - 2011-11-25 07:59 - 00376320 ____A (Microsoft Corporation) C:\Windows\System32\winsrv.dll 2012-07-04 01:57 - 2011-11-18 09:47 - 00066560 ____A (Microsoft Corporation) C:\Windows\System32\packager.dll 2012-07-04 01:57 - 2011-10-14 08:02 - 00429056 ____A (Microsoft Corporation) C:\Windows\System32\EncDec.dll 2012-07-04 01:57 - 2011-02-22 06:13 - 00288768 ____A (Microsoft Corporation) C:\Windows\System32\XpsGdiConverter.dll 2012-07-04 01:57 - 2011-02-22 05:33 - 00797696 ____A (Microsoft Corporation) C:\Windows\System32\FntCache.dll 2012-07-04 01:56 - 2011-11-16 22:48 - 00440192 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ksecdd.sys 2012-07-04 01:56 - 2011-11-16 08:23 - 00377344 ____A (Microsoft Corporation) C:\Windows\System32\winhttp.dll 2012-07-04 01:56 - 2011-11-16 08:23 - 00278528 ____A (Microsoft Corporation) C:\Windows\System32\schannel.dll 2012-07-04 01:56 - 2011-11-16 08:23 - 00072704 ____A (Microsoft Corporation) C:\Windows\System32\secur32.dll 2012-07-04 01:56 - 2011-11-16 08:21 - 01259008 ____A (Microsoft Corporation) C:\Windows\System32\lsasrv.dll 2012-07-04 01:56 - 2011-11-16 06:12 - 00009728 ____A (Microsoft Corporation) C:\Windows\System32\lsass.exe 2012-07-04 01:56 - 2011-11-08 06:42 - 00002048 ____A (Microsoft Corporation) C:\Windows\System32\tzres.dll 2012-07-04 01:56 - 2011-10-25 07:58 - 01314816 ____A (Microsoft Corporation) C:\Windows\System32\quartz.dll 2012-07-04 01:56 - 2011-10-25 07:58 - 00497152 ____A (Microsoft Corporation) C:\Windows\System32\qdvd.dll 2012-07-04 01:56 - 2011-10-25 07:56 - 00049152 ____A (Microsoft Corporation) C:\Windows\System32\csrsrv.dll 2012-07-04 01:55 - 2012-05-15 11:51 - 02045440 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys 2012-07-04 01:55 - 2012-05-01 06:03 - 00180736 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rdpwd.sys 2012-07-04 01:55 - 2012-04-03 00:16 - 03602816 ____A (Microsoft Corporation) C:\Windows\System32\ntkrnlpa.exe 2012-07-04 01:55 - 2012-04-03 00:16 - 03550080 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe 2012-07-04 01:55 - 2011-08-25 08:15 - 00555520 ____A (Microsoft Corporation) C:\Windows\System32\UIAutomationCore.dll 2012-07-04 01:55 - 2011-08-25 08:14 - 00563712 ____A (Microsoft Corporation) C:\Windows\System32\oleaut32.dll 2012-07-04 01:55 - 2011-08-25 08:14 - 00238080 ____A (Microsoft Corporation) C:\Windows\System32\oleacc.dll 2012-07-04 01:55 - 2011-08-25 05:31 - 00004096 ____A (Microsoft Corporation) C:\Windows\System32\oleaccrc.dll 2012-07-04 01:55 - 2011-06-15 08:12 - 00182784 ____A (Microsoft Corporation) C:\Windows\System32\xmllite.dll 2012-07-04 01:37 - 2012-01-09 07:54 - 00613376 ____A (Microsoft Corporation) C:\Windows\System32\rdpencom.dll 2012-07-04 01:24 - 2012-06-02 14:19 - 01933848 ____A (Microsoft Corporation) C:\Windows\System32\wuaueng.dll 2012-07-04 01:24 - 2012-06-02 14:19 - 00053784 ____A (Microsoft Corporation) C:\Windows\System32\wuauclt.exe 2012-07-04 01:24 - 2012-06-02 14:19 - 00045080 ____A (Microsoft Corporation) C:\Windows\System32\wups2.dll 2012-07-04 01:24 - 2012-06-02 14:12 - 02422272 ____A (Microsoft Corporation) C:\Windows\System32\wucltux.dll 2012-07-04 01:23 - 2012-06-02 14:19 - 00577048 ____A (Microsoft Corporation) C:\Windows\System32\wuapi.dll 2012-07-04 01:23 - 2012-06-02 14:19 - 00035864 ____A (Microsoft Corporation) C:\Windows\System32\wups.dll 2012-07-04 01:23 - 2012-06-02 14:12 - 00088576 ____A (Microsoft Corporation) C:\Windows\System32\wudriver.dll 2012-07-04 01:23 - 2012-06-02 05:19 - 00171904 ____A (Microsoft Corporation) C:\Windows\System32\wuwebv.dll 2012-07-04 01:23 - 2012-06-02 05:12 - 00033792 ____A (Microsoft Corporation) C:\Windows\System32\wuapp.exe 2012-07-03 21:36 - 2012-07-03 21:36 - 00000910 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2012-07-03 21:35 - 2012-07-03 21:36 - 00000000 ____D C:\Program Files\Malwarebytes’ Anti-Malware 2012-07-03 21:35 - 2012-07-03 21:35 - 06153352 ____A (Malwarebytes Corporation ) C:\Users\Hjemme\Downloads\mbam-setup.exe 2012-07-03 21:35 - 2012-04-04 05:56 - 00022344 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys 2012-07-03 13:17 - 2012-07-03 13:17 - 00000000 ____D C:\Program Files\ESET 2012-07-03 13:16 - 2012-07-03 13:17 - 02322184 ____A (ESET) C:\Users\Hjemme\Downloads\esetsmartinstaller_enu.exe 2012-07-03 12:33 - 2012-07-03 12:34 - 00000000 ____D C:\Windows\System32\vi-VN 2012-07-03 12:33 - 2012-07-03 12:34 - 00000000 ____D C:\Windows\System32\eu-ES 2012-07-03 12:33 - 2012-07-03 12:34 - 00000000 ____D C:\Windows\System32\ca-ES 2012-07-03 12:31 - 2012-07-03 12:31 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_User_WpdFs_01_00_00.Wdf 2012-07-03 12:30 - 2012-07-07 11:44 - 00015894 ____A C:\Windows\setupact.log 2012-07-03 12:30 - 2012-07-03 12:30 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_User_WpdMtpDr_01_00_00.Wdf 2012-07-03 12:30 - 2012-07-03 12:30 - 00000000 ____A C:\Windows\setuperr.log 2012-07-03 11:53 - 2012-07-03 11:53 - 00000000 ____D C:\Windows\System32\EventProviders 2012-07-03 09:08 - 2012-07-05 14:11 - 00000000 ____D C:\Users\Hjemme\Desktop\SWF 2012-07-03 09:02 - 2008-05-26 20:59 - 00018904 ____A C:\Windows\System32\StructuredQuerySchemaTrivial.bin 2012-07-03 09:02 - 2007-11-08 01:04 - 11967524 ____A C:\Windows\System32\korwbrkr.lex 2012-07-03 08:46 - 2009-11-08 00:55 - 01130824 ____A (Microsoft Corporation) C:\Windows\System32\dfshim.dll 2012-07-03 08:46 - 2009-11-08 00:55 - 00297808 ____A (Microsoft Corporation) C:\Windows\System32\mscoree.dll 2012-07-03 08:46 - 2009-11-08 00:55 - 00295264 ____A (Microsoft Corporation) C:\Windows\System32\PresentationHost.exe 2012-07-03 08:46 - 2009-11-08 00:55 - 00099176 ____A (Microsoft Corporation) C:\Windows\System32\PresentationHostProxy.dll 2012-07-03 08:46 - 2009-11-08 00:55 - 00049472 ____A (Microsoft Corporation) C:\Windows\System32\netfxperf.dll 2012-07-03 08:43 - 2012-07-03 08:43 - 00000000 ____D C:\Windows\System32\WindowsPowerShell 2012-07-03 08:41 - 2009-10-09 13:56 - 00041472 ____A (Microsoft Corporation) C:\Windows\System32\pwrshplugin.dll 2012-07-03 08:41 - 2009-10-09 13:56 - 00040448 ____A (Microsoft Corporation) C:\Windows\System32\winrs.exe 2012-07-03 08:41 - 2009-10-09 13:56 - 00020480 ____A (Microsoft Corporation) C:\Windows\System32\winrshost.exe 2012-07-03 08:41 - 2009-10-09 13:56 - 00012800 ____A (Microsoft Corporation) C:\Windows\System32\wsmprovhost.exe 2012-07-03 08:41 - 2009-10-09 13:56 - 00010240 ____A (Microsoft Corporation) C:\Windows\System32\wsmplpxy.dll 2012-07-03 08:41 - 2009-10-09 13:56 - 00010240 ____A (Microsoft Corporation) C:\Windows\System32\winrssrv.dll 2012-07-03 08:41 - 2009-10-09 13:56 - 00002048 ____A (Microsoft Corporation) C:\Windows\System32\winrsmgr.dll 2012-07-03 08:41 - 2009-10-09 13:55 - 00146944 ____A (Microsoft Corporation) C:\Windows\System32\wecsvc.dll 2012-07-03 08:41 - 2009-10-09 13:55 - 00081408 ____A (Microsoft Corporation) C:\Windows\System32\wevtfwd.dll 2012-07-03 08:41 - 2009-10-09 13:55 - 00079872 ____A (Microsoft Corporation) C:\Windows\System32\wecutil.exe 2012-07-03 08:41 - 2009-10-09 13:55 - 00056320 ____A (Microsoft Corporation) C:\Windows\System32\wecapi.dll 2012-07-03 08:41 - 2009-10-09 13:55 - 00054272 ____A (Microsoft Corporation) C:\Windows\System32\WsmRes.dll 2012-07-03 08:40 - 2009-10-09 13:56 - 01181696 ____A (Microsoft Corporation) C:\Windows\System32\WsmSvc.dll 2012-07-03 08:40 - 2009-10-09 13:56 - 00246272 ____A (Microsoft Corporation) C:\Windows\System32\WSManHTTPConfig.exe 2012-07-03 08:40 - 2009-10-09 13:56 - 00241152 ____A (Microsoft Corporation) C:\Windows\System32\winrscmd.dll 2012-07-03 08:40 - 2009-10-09 13:56 - 00214016 ____A (Microsoft Corporation) C:\Windows\System32\WsmWmiPl.dll 2012-07-03 08:40 - 2009-10-09 13:56 - 00145408 ____A (Microsoft Corporation) C:\Windows\System32\WsmAuto.dll 2012-07-03 08:40 - 2009-10-09 13:55 - 00252416 ____A (Microsoft Corporation) C:\Windows\System32\WSManMigrationPlugin.dll 2012-07-03 08:40 - 2009-07-31 22:27 - 00201184 ____A C:\Windows\System32\winrm.vbs 2012-07-03 08:40 - 2009-07-16 09:30 - 00004675 ____A C:\Windows\System32\wsmanconfig_schema.xml 2012-07-03 08:40 - 2009-07-16 09:30 - 00002426 ____A C:\Windows\System32\WsmTxt.xsl 2012-07-03 06:35 - 2009-04-10 22:32 - 00438744 ____A (Microsoft Corporation) C:\Windows\System32\mcupdate_GenuineIntel.dll 2012-07-03 06:35 - 2009-04-10 22:28 - 02241536 ____A (Microsoft Corporation) C:\Windows\System32\msi.dll 2012-07-03 06:35 - 2009-04-10 22:28 - 02134528 ____A (Microsoft Corporation) C:\Windows\System32\FunctionDiscoveryFolder.dll 2012-07-03 06:35 - 2009-04-10 22:28 - 01576960 ____A (Microsoft Corporation) C:\Windows\System32\tquery.dll 2012-07-03 06:35 - 2009-04-10 22:28 - 01480704 ____A (Microsoft Corporation) C:\Windows\System32\mssrch.dll 2012-07-03 06:35 - 2009-04-10 22:28 - 01459200 ____A (Microsoft Corporation) C:\Windows\System32\esent.dll 2012-07-03 06:35 - 2009-04-10 22:28 - 01216000 ____A (Microsoft Corporation) C:\Windows\System32\AuxiliaryDisplayCpl.dll 2012-07-03 06:35 - 2009-04-10 22:28 - 01081344 ____A (Microsoft Corporation) C:\Windows\System32\SLCExt.dll 2012-07-03 06:35 - 2009-04-10 22:28 - 00978432 ____A (Microsoft Corporation) C:\Windows\System32\drmv2clt.dll 2012-07-03 06:35 - 2009-04-10 22:28 - 00968192 ____A (Microsoft Corporation) C:\Windows\System32\wcnwiz2.dll 2012-07-03 06:35 - 2009-04-10 22:28 - 00928768 ____A (Microsoft Corporation) C:\Windows\System32\scavenge.dll 2012-07-03 06:35 - 2009-04-10 22:28 - 00729600 ____A (Microsoft Corporation) C:\Windows\System32\IMJP10K.DLL 2012-07-03 06:35 - 2009-04-10 22:28 - 00677376 ____A (Microsoft Corporation) C:\Windows\System32\imapi2fs.dll 2012-07-03 06:35 - 2009-04-10 22:28 - 00670720 ____A (Microsoft Corporation) C:\Windows\System32\mssvp.dll 2012-07-03 06:35 - 2009-04-10 22:28 - 00644608 ____A (Microsoft Corporation) C:\Windows\System32\p2psvc.dll 2012-07-03 06:35 - 2009-04-10 22:28 - 00613888 ____A (Microsoft Corporation) C:\Windows\System32\MSMPEG2VDEC.DLL 2012-07-03 06:35 - 2009-04-10 22:28 - 00558080 ____A (Microsoft Corporation) C:\Windows\System32\sysmain.dll 2012-07-03 06:35 - 2009-04-10 22:28 - 00478208 ____A (Microsoft Corporation) C:\Windows\System32\DevicePairing.dll 2012-07-03 06:35 - 2009-04-10 22:28 - 00378368 ____A (Microsoft Corporation) C:\Windows\System32\imapi2.dll 2012-07-03 06:35 - 2009-04-10 22:28 - 00351744 ____A (Microsoft Corporation) C:\Windows\System32\mssph.dll 2012-07-03 06:35 - 2009-04-10 22:28 - 00324608 ____A (Microsoft Corporation) C:\Windows\System32\sdohlp.dll 2012-07-03 06:35 - 2009-04-10 22:28 - 00291328 ____A (Microsoft Corporation) C:\Windows\System32\WscEapPr.dll 2012-07-03 06:35 - 2009-04-10 22:28 - 00289792 ____A (Microsoft Corporation) C:\Windows\System32\spinstall.exe 2012-07-03 06:35 - 2009-04-10 22:28 - 00203264 ____A (Microsoft Corporation) C:\Windows\System32\mssphtb.dll 2012-07-03 06:35 - 2009-04-10 22:28 - 00164352 ____A (Microsoft Corporation) C:\Windows\System32\spwizui.dll 2012-07-03 06:35 - 2009-04-10 22:28 - 00114176 ____A (Microsoft Corporation) C:\Windows\System32\EhStorShell.dll 2012-07-03 06:35 - 2009-04-10 22:28 - 00112640 ____A (Microsoft Corporation) C:\Windows\System32\spreview.exe 2012-07-03 06:35 - 2009-04-10 22:27 - 03408896 ____A (Microsoft Corporation) C:\Windows\System32\SLsvc.exe 2012-07-03 06:35 - 2009-04-10 22:27 - 00441344 ____A (Microsoft Corporation) C:\Windows\System32\SearchIndexer.exe 2012-07-03 06:35 - 2009-04-10 22:27 - 00065536 ____A (Microsoft Corporation) C:\Windows\System32\DevicePairingWizard.exe 2012-07-03 06:35 - 2009-04-10 21:03 - 12240896 ____A (Microsoft Corporation) C:\Windows\System32\NlsLexicons0007.dll 2012-07-03 06:35 - 2009-04-10 21:03 - 02644480 ____A (Microsoft Corporation) C:\Windows\System32\NlsLexicons0009.dll 2012-07-03 06:35 - 2009-04-10 20:42 - 00561152 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\hdaudbus.sys 2012-07-03 06:35 - 2009-04-10 18:52 - 00684032 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\spsys.sys 2012-07-03 06:35 - 2009-02-18 10:39 - 00779136 ____A (Microsoft Corporation) C:\Windows\System32\PresentationNative_v0300.dll 2012-07-03 06:35 - 2009-02-18 10:38 - 00619864 ____A (Microsoft Corporation) C:\Windows\System32\icardagt.exe 2012-07-03 06:35 - 2009-02-18 10:38 - 00035168 ____A (Microsoft Corporation) C:\Windows\System32\infocardcpl.cpl 2012-07-03 06:34 - 2009-04-10 22:33 - 00986600 ____A (Microsoft Corporation) C:\Windows\System32\winload.exe 2012-07-03 06:34 - 2009-04-10 22:33 - 00926184 ____A (Microsoft Corporation) C:\Windows\System32\winresume.exe 2012-07-03 06:34 - 2009-04-10 22:33 - 00614376 ____A (Microsoft Corporation) C:\Windows\System32\ci.dll 2012-07-03 06:34 - 2009-04-10 22:32 - 01083880 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ntfs.sys 2012-07-03 06:34 - 2009-04-10 22:32 - 00527848 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ndis.sys 2012-07-03 06:34 - 2009-04-10 22:32 - 00265688 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\acpi.sys 2012-07-03 06:34 - 2009-04-10 22:32 - 00245736 ____A (Microsoft Corporation) C:\Windows\System32\clfs.sys 2012-07-03 06:34 - 2009-04-10 22:32 - 00223208 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\netio.sys 2012-07-03 06:34 - 2009-04-10 22:32 - 00180712 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\msiscsi.sys 2012-07-03 06:34 - 2009-04-10 22:32 - 00149480 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\pci.sys 2012-07-03 06:34 - 2009-04-10 22:32 - 00125928 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\Classpnp.sys 2012-07-03 06:34 - 2009-04-10 22:32 - 00122344 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\Storport.sys 2012-07-03 06:34 - 2009-04-10 22:32 - 00109032 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ataport.sys 2012-07-03 06:34 - 2009-04-10 22:32 - 00053224 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\termdd.sys 2012-07-03 06:34 - 2009-04-10 22:32 - 00050664 ____A (Microsoft Corporation) C:\Windows\System32\PSHED.DLL 2012-07-03 06:34 - 2009-04-10 22:32 - 00035304 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\crashdmp.sys 2012-07-03 06:34 - 2009-04-10 22:28 - 03217408 ____A (Microsoft Corporation) C:\Windows\System32\WinSAT.exe 2012-07-03 06:34 - 2009-04-10 22:28 - 03174400 ____A (Microsoft Corporation) C:\Windows\System32\netshell.dll 2012-07-03 06:34 - 2009-04-10 22:28 - 02205184 ____A (Microsoft Corporation) C:\Windows\System32\SyncCenter.dll 2012-07-03 06:34 - 2009-04-10 22:28 - 02167808 ____A (Microsoft Corporation) C:\Windows\System32\mmcndmgr.dll 2012-07-03 06:34 - 2009-04-10 22:28 - 02012160 ____A (Microsoft Corporation) C:\Windows\System32\milcore.dll 2012-07-03 06:34 - 2009-04-10 22:28 - 01985024 ____A (Microsoft Corporation) C:\Windows\System32\authui.dll 2012-07-03 06:34 - 2009-04-10 22:28 - 01856512 ____A (Microsoft Corporation) C:\Windows\System32\dbgeng.dll 2012-07-03 06:34 - 2009-04-10 22:28 - 01823744 ____A (Microsoft Corporation) C:\Windows\System32\pnidui.dll 2012-07-03 06:34 - 2009-04-10 22:28 - 01788416 ____A (Microsoft Corporation) C:\Windows\System32\d3d9.dll 2012-07-03 06:34 - 2009-04-10 22:28 - 01730560 ____A (Microsoft Corporation) C:\Windows\System32\apds.dll 2012-07-03 06:34 - 2009-04-10 22:28 - 01671680 ____A (Microsoft Corporation) C:\Windows\System32\chsbrkr.dll 2012-07-03 06:34 - 2009-04-10 22:28 - 01591296 ____A (Microsoft Corporation) C:\Windows\System32\setupapi.dll 2012-07-03 06:34 - 2009-04-10 22:28 - 01589248 ____A (Microsoft Corporation) C:\Windows\System32\msjet40.dll 2012-07-03 06:34 - 2009-04-10 22:28 - 01533440 ____A (Microsoft Corporation) C:\Windows\System32\wcnwiz.dll 2012-07-03 06:34 - 2009-04-10 22:28 - 01524736 ____A (Microsoft Corporation) C:\Windows\System32\WindowsAnytimeUpgradeCPL.dll 2012-07-03 06:34 - 2009-04-10 22:28 - 01382912 ____A (Microsoft Corporation) C:\Windows\System32\WMVSDECD.DLL 2012-07-03 06:34 - 2009-04-10 22:28 - 01381376 ____A (Microsoft Corporation) C:\Windows\System32\Query.dll 2012-07-03 06:34 - 2009-04-10 22:28 - 01324032 ____A (Microsoft Corporation) C:\Windows\System32\browseui.dll 2012-07-03 06:34 - 2009-04-10 22:28 - 01209856 ____A (Microsoft Corporation) C:\Windows\System32\comsvcs.dll 2012-07-03 06:34 - 2009-04-10 22:28 - 01143296 ____A (Microsoft Corporation) C:\Windows\System32\wercon.exe 2012-07-03 06:34 - 2009-04-10 22:28 - 01112064 ____A (Microsoft Corporation) C:\Windows\System32\CertEnroll.dll 2012-07-03 06:34 - 2009-04-10 22:28 - 01107968 ____A (Microsoft Corporation) C:\Windows\System32\pidgenx.dll 2012-07-03 06:34 - 2009-04-10 22:28 - 01086464 ____A (Microsoft Corporation) C:\Windows\System32\NetProjW.dll 2012-07-03 06:34 - 2009-04-10 22:28 - 01078784 ____A (Microsoft Corporation) C:\Windows\System32\diagperf.dll 2012-07-03 06:34 - 2009-04-10 22:28 - 01077248 ____A (Microsoft Corporation) C:\Windows\System32\vssapi.dll 2012-07-03 06:34 - 2009-04-10 22:28 - 01055232 ____A (Microsoft Corporation) C:\Windows\System32\VSSVC.exe 2012-07-03 06:34 - 2009-04-10 22:28 - 01053696 ____A (Microsoft Corporation) C:\Windows\System32\msdtctm.dll 2012-07-03 06:34 - 2009-04-10 22:28 - 01020928 ____A (Microsoft Corporation) C:\Windows\System32\wdc.dll 2012-07-03 06:34 - 2009-04-10 22:28 - 01017856 ____A (Microsoft Corporation) C:\Windows\System32\wevtsvc.dll 2012-07-03 06:34 - 2009-04-10 22:28 - 00996352 ____A (Microsoft Corporation) C:\Windows\System32\WMNetMgr.dll 2012-07-03 06:34 - 2009-04-10 22:28 - 00950784 ____A (Microsoft Corporation) C:\Windows\System32\gpedit.dll 2012-07-03 06:34 - 2009-04-10 22:28 - 00880640 ____A (Microsoft Corporation) C:\Windows\System32\RacEngn.dll 2012-07-03 06:34 - 2009-04-10 22:28 - 00856064 ____A (Microsoft Corporation) C:\Windows\System32\mswdat10.dll 2012-07-03 06:34 - 2009-04-10 22:28 - 00807424 ____A (Microsoft Corporation) C:\Windows\System32\msctf.dll 2012-07-03 06:34 - 2009-04-10 22:28 - 00805376 ____A (Microsoft Corporation) C:\Windows\System32\NaturalLanguage6.dll 2012-07-03 06:34 - 2009-04-10 22:28 - 00800768 ____A (Microsoft Corporation) C:\Windows\System32\advapi32.dll 2012-07-03 06:34 - 2009-04-10 22:28 - 00758784 ____A (Microsoft Corporation) C:\Windows\System32\qmgr.dll 2012-07-03 06:34 - 2009-04-10 22:28 - 00757248 ____A (Microsoft Corporation) C:\Windows\System32\azroles.dll 2012-07-03 06:34 - 2009-04-10 22:28 - 00754688 ____A (Microsoft Corporation) C:\Windows\System32\propsys.dll 2012-07-03 06:34 - 2009-04-10 22:28 - 00643072 ____A (Microsoft Corporation) C:\Windows\System32\msrepl40.dll 2012-07-03 06:34 - 2009-04-10 22:28 - 00633856 ____A (Microsoft Corporation) C:\Windows\System32\CertEnrollUI.dll 2012-07-03 06:34 - 2009-04-10 22:28 - 00627712 ____A (Microsoft Corporation) C:\Windows\System32\user32.dll 2012-07-03 06:34 - 2009-04-10 22:28 - 00618496 ____A (Microsoft Corporation) C:\Windows\System32\mswstr10.dll 2012-07-03 06:34 - 2009-04-10 22:28 - 00592896 ____A (Microsoft Corporation) C:\Windows\System32\netlogon.dll 2012-07-03 06:34 - 2009-04-10 22:28 - 00582144 ____A (Microsoft Corporation) C:\Windows\System32\SLCommDlg.dll 2012-07-03 06:34 - 2009-04-10 22:28 - 00576512 ____A (Microsoft Corporation) C:\Windows\System32\gpsvc.dll 2012-07-03 06:34 - 2009-04-10 22:28 - 00564224 ____A (Microsoft Corporation) C:\Windows\System32\emdmgmt.dll 2012-07-03 06:34 - 2009-04-10 22:28 - 00560640 ____A (Microsoft Corporation) C:\Windows\System32\msdtcprx.dll 2012-07-03 06:34 - 2009-04-10 22:28 - 00550400 ____A (Microsoft Corporation) C:\Windows\System32\rpcss.dll 2012-07-03 06:34 - 2009-04-10 22:28 - 00524288 ____A (Microsoft Corporation) C:\Windows\System32\sqlsrv32.dll 2012-07-03 06:34 - 2009-04-10 22:28 - 00485888 ____A (Microsoft Corporation) C:\Windows\System32\evr.dll 2012-07-03 06:34 - 2009-04-10 22:28 - 00483328 ____A (Microsoft Corporation) C:\Windows\System32\samsrv.dll 2012-07-03 06:34 - 2009-04-10 22:28 - 00469504 ____A (Microsoft Corporation) C:\Windows\System32\newdev.dll 2012-07-03 06:34 - 2009-04-10 22:28 - 00467456 ____A (Microsoft Corporation) C:\Windows\System32\netapi32.dll 2012-07-03 06:34 - 2009-04-10 22:28 - 00466944 ____A (Microsoft Corporation) C:\Windows\System32\riched20.dll 2012-07-03 06:34 - 2009-04-10 22:28 - 00454656 ____A (Microsoft Corporation) C:\Windows\System32\msxbde40.dll 2012-07-03 06:34 - 2009-04-10 22:28 - 00454144 ____A (Microsoft) C:\Windows\System32\IasMigPlugin.dll 2012-07-03 06:34 - 2009-04-10 22:28 - 00450560 ____A (Microsoft Corporation) C:\Windows\System32\comdlg32.dll 2012-07-03 06:34 - 2009-04-10 22:28 - 00449024 ____A (Microsoft Corporation) C:\Windows\System32\termsrv.dll 2012-07-03 06:34 - 2009-04-10 22:28 - 00443392 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll 2012-07-03 06:34 - 2009-04-10 22:28 - 00438784 ____A (Microsoft Corporation) C:\Windows\System32\IKEEXT.DLL 2012-07-03 06:34 - 2009-04-10 22:28 - 00413696 ____A (Microsoft Corporation) C:\Windows\System32\wcncsvc.dll 2012-07-03 06:34 - 2009-04-10 22:28 - 00409600 ____A (Microsoft Corporation) C:\Windows\System32\msexch40.dll 2012-07-03 06:34 - 2009-04-10 22:28 - 00407552 ____A (Microsoft Corporation) C:\Windows\System32\MPSSVC.dll 2012-07-03 06:34 - 2009-04-10 22:28 - 00406528 ____A (Microsoft Corporation) C:\Windows\System32\msvcp60.dll 2012-07-03 06:34 - 2009-04-10 22:28 - 00396288 ____A (Microsoft Corporation) C:\Windows\System32\ipsmsnap.dll 2012-07-03 06:34 - 2009-04-10 22:28 - 00385536 ____A (Microsoft Corporation) C:\Windows\System32\vds.exe 2012-07-03 06:34 - 2009-04-10 22:28 - 00378368 ____A (Microsoft Corporation) C:\Windows\System32\devmgr.dll 2012-07-03 06:34 - 2009-04-10 22:28 - 00368640 ____A (Microsoft Corporation) C:\Windows\System32\mspbde40.dll 2012-07-03 06:34 - 2009-04-10 22:28 - 00364032 ____A (Microsoft Corporation) C:\Windows\System32\IPSECSVC.DLL 2012-07-03 06:34 - 2009-04-10 22:28 - 00361984 ____A (Microsoft Corporation) C:\Windows\System32\SLUI.exe 2012-07-03 06:34 - 2009-04-10 22:28 - 00344064 ____A (Microsoft Corporation) C:\Windows\System32\msrd3x40.dll 2012-07-03 06:34 - 2009-04-10 22:28 - 00339968 ____A (Microsoft Corporation) C:\Windows\System32\msexcl40.dll 2012-07-03 06:34 - 2009-04-10 22:28 - 00334848 ____A (Microsoft Corporation) C:\Windows\System32\BFE.DLL 2012-07-03 06:34 - 2009-04-10 22:28 - 00332800 ____A (Microsoft Corporation) C:\Windows\System32\msihnd.dll 2012-07-03 06:34 - 2009-04-10 22:28 - 00327168 ____A (Microsoft Corporation) C:\Windows\System32\P2PGraph.dll 2012-07-03 06:34 - 2009-04-10 22:28 - 00323584 ____A (Microsoft Corporation) C:\Windows\System32\certcli.dll 2012-07-03 06:34 - 2009-04-10 22:28 - 00319488 ____A (Microsoft Corporation) C:\Windows\System32\msrd2x40.dll 2012-07-03 06:34 - 2009-04-10 22:28 - 00315392 ____A (Microsoft Corporation) C:\Windows\System32\audiosrv.dll 2012-07-03 06:34 - 2009-04-10 22:28 - 00314368 ____A (Microsoft Corporation) C:\Windows\System32\winlogon.exe 2012-07-03 06:34 - 2009-04-10 22:28 - 00311808 ____A (Microsoft Corporation) C:\Windows\System32\swprv.dll 2012-07-03 06:34 - 2009-04-10 22:28 - 00310272 ____A (Microsoft Corporation) C:\Windows\System32\mtxclu.dll 2012-07-03 06:34 - 2009-04-10 22:28 - 00302592 ____A (Microsoft Corporation) C:\Windows\System32\QAGENTRT.DLL 2012-07-03 06:34 - 2009-04-10 22:28 - 00301568 ____A (Microsoft Corporation) C:\Windows\System32\srchadmin.dll 2012-07-03 06:34 - 2009-04-10 22:28 - 00297472 ____A (Microsoft Corporation) C:\Windows\System32\gdi32.dll 2012-07-03 06:34 - 2009-04-10 22:28 - 00293376 ____A (Microsoft Corporation) C:\Windows\System32\photowiz.dll 2012-07-03 06:34 - 2009-04-10 22:28 - 00290816 ____A (Microsoft Corporation) C:\Windows\System32\msjtes40.dll 2012-07-03 06:34 - 2009-04-10 22:28 - 00287744 ____A (Microsoft Corporation) C:\Windows\System32\Wldap32.dll 2012-07-03 06:34 - 2009-04-10 22:28 - 00282624 ____A (Microsoft Corporation) C:\Windows\System32\w32time.dll 2012-07-03 06:34 - 2009-04-10 22:28 - 00282624 ____A (Microsoft Corporation) C:\Windows\System32\mstext40.dll 2012-07-03 06:34 - 2009-04-10 22:28 - 00274432 ____A (Microsoft Corporation) C:\Windows\System32\bcrypt.dll 2012-07-03 06:34 - 2009-04-10 22:28 - 00268800 ____A (Microsoft Corporation) C:\Windows\System32\es.dll 2012-07-03 06:34 - 2009-04-10 22:28 - 00262144 ____A (Microsoft Corporation) C:\Windows\System32\rasmans.dll 2012-07-03 06:34 - 2009-04-10 22:28 - 00252928 ____A (Microsoft Corporation) C:\Windows\System32\iassdo.dll 2012-07-03 06:34 - 2009-04-10 22:28 - 00250368 ____A (Microsoft Corporation) C:\Windows\System32\wevtapi.dll 2012-07-03 06:34 - 2009-04-10 22:28 - 00242176 ____A (Microsoft Corporation) C:\Windows\System32\pdh.dll 2012-07-03 06:34 - 2009-04-10 22:28 - 00241664 ____A (Microsoft Corporation) C:\Windows\System32\msltus40.dll 2012-07-03 06:34 - 2009-04-10 22:28 - 00228352 ____A (Microsoft Corporation) C:\Windows\System32\SLC.dll 2012-07-03 06:34 - 2009-04-10 22:28 - 00222720 ____A (Microsoft Corporation) C:\Windows\System32\umpnpmgr.dll 2012-07-03 06:34 - 2009-04-10 22:28 - 00204288 ____A (Microsoft Corporation) C:\Windows\System32\dhcpcsvc.dll 2012-07-03 06:34 - 2009-04-10 22:28 - 00203264 ____A (Microsoft Corporation) C:\Windows\System32\uDWM.dll 2012-07-03 06:34 - 2009-04-10 22:28 - 00199680 ____A (Microsoft Corporation) C:\Windows\System32\WebClnt.dll 2012-07-03 06:34 - 2009-04-10 22:28 - 00199168 ____A (Microsoft Corporation) C:\Windows\System32\adsldpc.dll 2012-07-03 06:34 - 2009-04-10 22:28 - 00190464 ____A (Microsoft Corporation) C:\Windows\System32\sperror.dll 2012-07-03 06:34 - 2009-04-10 22:28 - 00183808 ____A (Microsoft Corporation) C:\Windows\System32\eapphost.dll 2012-07-03 06:34 - 2009-04-10 22:28 - 00172032 ____A (Microsoft Corporation) C:\Windows\System32\scrrun.dll 2012-07-03 06:34 - 2009-04-10 22:28 - 00165376 ____A (Microsoft Corporation) C:\Windows\System32\WcnNetsh.dll 2012-07-03 06:34 - 2009-04-10 22:28 - 00163840 ____A (Microsoft Corporation) C:\Windows\System32\wevtutil.exe 2012-07-03 06:34 - 2009-04-10 22:28 - 00160768 ____A (Microsoft Corporation) C:\Windows\System32\spoolss.dll 2012-07-03 06:34 - 2009-04-10 22:28 - 00153088 ____A (Microsoft Corporation) C:\Windows\System32\profsvc.dll 2012-07-03 06:34 - 2009-04-10 22:28 - 00153088 ____A (Microsoft Corporation) C:\Windows\System32\fundisc.dll 2012-07-03 06:34 - 2009-04-10 22:28 - 00150528 ____A (Microsoft Corporation) C:\Windows\System32\MMDevAPI.dll 2012-07-03 06:34 - 2009-04-10 22:28 - 00143872 ____A (Microsoft Corporation) C:\Windows\System32\korwbrkr.dll 2012-07-03 06:34 - 2009-04-10 22:28 - 00136192 ____A (Microsoft Corporation) C:\Windows\System32\nlhtml.dll 2012-07-03 06:34 - 2009-04-10 22:28 - 00130560 ____A (Microsoft Corporation) C:\Windows\System32\dhcpcsvc6.dll 2012-07-03 06:34 - 2009-04-10 22:28 - 00126976 ____A (Microsoft Corporation) C:\Windows\System32\wersvc.dll 2012-07-03 06:34 - 2009-04-10 22:28 - 00122368 ____A (Microsoft Corporation) C:\Windows\System32\inetpp.dll 2012-07-03 06:34 - 2009-04-10 22:28 - 00120320 ____A (Microsoft Corporation) C:\Windows\System32\EhStorAPI.dll 2012-07-03 06:34 - 2009-04-10 22:28 - 00119296 ____A (Microsoft Corporation) C:\Windows\System32\iasrecst.dll 2012-07-03 06:34 - 2009-04-10 22:28 - 00117248 ____A C:\Windows\System32\EhStorAuthn.dll 2012-07-03 06:34 - 2009-04-10 22:28 - 00115200 ____A (Microsoft Corporation) C:\Windows\System32\AuxiliaryDisplayDriverLib.dll 2012-07-03 06:34 - 2009-04-10 22:28 - 00107520 ____A (Microsoft Corporation) C:\Windows\System32\imapi.dll 2012-07-03 06:34 - 2009-04-10 22:28 - 00102912 ____A (Microsoft Corporation) C:\Windows\System32\AuxiliaryDisplayServices.dll 2012-07-03 06:34 - 2009-04-10 22:28 - 00088064 ____A (Microsoft Corporation) C:\Windows\System32\fdBth.dll 2012-07-03 06:34 - 2009-04-10 22:28 - 00087040 ____A (Microsoft Corporation) C:\Windows\System32\mssitlb.dll 2012-07-03 06:34 - 2009-04-10 22:28 - 00084992 ____A (Microsoft Corporation) C:\Windows\System32\msctfp.dll 2012-07-03 06:34 - 2009-04-10 22:28 - 00071680 ____A (Microsoft Corporation) C:\Windows\System32\propdefs.dll 2012-07-03 06:34 - 2009-04-10 22:28 - 00067584 ____A (Microsoft Corporation) C:\Windows\System32\slwmi.dll 2012-07-03 06:34 - 2009-04-10 22:28 - 00061440 ____A (Microsoft Corporation) C:\Windows\System32\msjter40.dll 2012-07-03 06:34 - 2009-04-10 22:28 - 00061440 ____A (Microsoft Corporation) C:\Windows\System32\davclnt.dll 2012-07-03 06:34 - 2009-04-10 22:28 - 00060416 ____A (Microsoft Corporation) C:\Windows\System32\msscntrs.dll 2012-07-03 06:34 - 2009-04-10 22:28 - 00056320 ____A (Microsoft Corporation) C:\Windows\System32\xmlfilter.dll 2012-07-03 06:34 - 2009-04-10 22:28 - 00054784 ____A (Microsoft Corporation) C:\Windows\System32\DevicePairingProxy.dll 2012-07-03 06:34 - 2009-04-10 22:28 - 00043008 ____A (Microsoft Corporation) C:\Windows\System32\msstrc.dll 2012-07-03 06:34 - 2009-04-10 22:28 - 00041984 ____A (Microsoft Corporation) C:\Windows\System32\mimefilt.dll 2012-07-03 06:34 - 2009-04-10 22:28 - 00040960 ____A (Microsoft Corporation) C:\Windows\System32\bthserv.dll 2012-07-03 06:34 - 2009-04-10 22:28 - 00038400 ____A (Microsoft Corporation) C:\Windows\System32\rtffilt.dll 2012-07-03 06:34 - 2009-04-10 22:28 - 00037376 ____A (Microsoft Corporation) C:\Windows\System32\EhStorPwdMgr.dll 2012-07-03 06:34 - 2009-04-10 22:28 - 00035328 ____A (Microsoft Corporation) C:\Windows\System32\msscb.dll 2012-07-03 06:34 - 2009-04-10 22:28 - 00026112 ____A (Microsoft Corporation) C:\Windows\System32\hidserv.dll 2012-07-03 06:34 - 2009-04-10 22:28 - 00011776 ____A (Microsoft Corporation) C:\Windows\System32\msshooks.dll 2012-07-03 06:34 - 2009-04-10 22:28 - 00009728 ____A (Microsoft Corporation) C:\Windows\System32\fdBthProxy.dll 2012-07-03 06:34 - 2009-04-10 22:27 - 02926592 ____A (Microsoft Corporation) C:\Windows\explorer.exe 2012-07-03 06:34 - 2009-04-10 22:27 - 02092544 ____A (Microsoft Corporation) C:\Windows\System32\dfsr.exe 2012-07-03 06:34 - 2009-04-10 22:27 - 01792512 ____A (Microsoft Corporation) C:\Windows\System32\mmc.exe 2012-07-03 06:34 - 2009-04-10 22:27 - 01122304 ____A (Microsoft Corporation) C:\Windows\System32\appwiz.cpl 2012-07-03 06:34 - 2009-04-10 22:27 - 00950272 ____A (Microsoft Corporation) C:\Windows\System32\mblctr.exe 2012-07-03 06:34 - 2009-04-10 22:27 - 00799744 ____A (Microsoft Corporation) C:\Windows\System32\certutil.exe 2012-07-03 06:34 - 2009-04-10 22:27 - 00710144 ____A (Microsoft Corporation) C:\Windows\System32\Magnify.exe 2012-07-03 06:34 - 2009-04-10 22:27 - 00704512 ____A (Microsoft Corporation) C:\Windows\System32\PhotoScreensaver.scr 2012-07-03 06:34 - 2009-04-10 22:27 - 00640512 ____A (Microsoft Corporation) C:\Windows\System32\bthprops.cpl 2012-07-03 06:34 - 2009-04-10 22:27 - 00636416 ____A (Microsoft Corporation) C:\Windows\System32\autofmt.exe 2012-07-03 06:34 - 2009-04-10 22:27 - 00463872 ____A (Microsoft Corporation) C:\Windows\System32\IasMigReader.exe 2012-07-03 06:34 - 2009-04-10 22:27 - 00389632 ____A (Microsoft Corporation) C:\Windows\System32\sysmon.ocx 2012-07-03 06:34 - 2009-04-10 22:27 - 00279552 ____A (Microsoft Corporation) C:\Windows\System32\services.exe 2012-07-03 06:34 - 2009-04-10 22:27 - 00241128 ____A (Microsoft Corporation) C:\Windows\System32\rsaenh.dll 2012-07-03 06:34 - 2009-04-10 22:27 - 00205824 ____A (Microsoft Corporation) C:\Windows\System32\eudcedit.exe 2012-07-03 06:34 - 2009-04-10 22:27 - 00194048 ____A (Microsoft Corporation) C:\Windows\System32\drvinst.exe 2012-07-03 06:34 - 2009-04-10 22:27 - 00185344 ____A (Microsoft Corporation) C:\Windows\System32\SearchProtocolHost.exe 2012-07-03 06:34 - 2009-04-10 22:27 - 00167424 ____A (Microsoft Corporation) C:\Windows\System32\PresentationSettings.exe 2012-07-03 06:34 - 2009-04-10 22:27 - 00093696 ____A (Microsoft Corporation) C:\Windows\System32\Kswdmcap.ax 2012-07-03 06:34 - 2009-04-10 22:27 - 00087552 ____A (Microsoft Corporation) C:\Windows\System32\SearchFilterHost.exe 2012-07-03 06:34 - 2009-04-10 22:27 - 00073216 ____A (Microsoft Corporation) C:\Windows\System32\msiexec.exe 2012-07-03 06:34 - 2009-04-10 22:27 - 00061952 ____A (Microsoft Corporation) C:\Windows\System32\reg.exe 2012-07-03 06:34 - 2009-04-10 22:27 - 00057856 ____A (Microsoft Corporation) C:\Windows\System32\compcln.exe 2012-07-03 06:34 - 2009-04-10 22:23 - 00124928 ____A (Microsoft Corporation) C:\Windows\System32\quick.ime 2012-07-03 06:34 - 2009-04-10 22:23 - 00124928 ____A (Microsoft Corporation) C:\Windows\System32\qintlgnt.ime 2012-07-03 06:34 - 2009-04-10 22:23 - 00124928 ____A (Microsoft Corporation) C:\Windows\System32\phon.ime 2012-07-03 06:34 - 2009-04-10 22:22 - 00883712 ____A (Microsoft Corporation) C:\Windows\System32\IMJP10.IME 2012-07-03 06:34 - 2009-04-10 22:22 - 00124928 ____A (Microsoft Corporation) C:\Windows\System32\cintlgnt.ime 2012-07-03 06:34 - 2009-04-10 22:22 - 00124928 ____A (Microsoft Corporation) C:\Windows\System32\chajei.ime 2012-07-03 06:34 - 2009-04-10 20:48 - 00344698 ____A C:\Windows\System32\eaphost.tmf 2012-07-03 06:34 - 2009-04-10 20:46 - 00208966 ____A C:\Windows\System32\WFP.TMF 2012-07-03 06:34 - 2009-04-10 20:43 - 00442788 ____A C:\Windows\System32\dot3.tmf 2012-07-03 06:34 - 2009-04-10 20:43 - 00392170 ____A C:\Windows\System32\onex.tmf 2012-07-03 06:34 - 2009-04-10 20:43 - 00196096 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbhub.sys 2012-07-03 06:34 - 2009-04-10 20:42 - 00226304 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbport.sys 2012-07-03 06:34 - 2009-04-10 20:42 - 00065536 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\USBSTOR.SYS 2012-07-03 06:34 - 2009-04-10 20:14 - 00225280 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rdbss.sys 2012-07-03 06:34 - 2009-04-10 20:14 - 00114688 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mrxdav.sys 2012-07-03 06:34 - 2009-04-10 20:12 - 00617984 ____A (Microsoft Corporation) C:\Windows\System32\adtschema.dll 2012-07-03 06:34 - 2009-04-10 17:59 - 00107612 ____A C:\Windows\System32\StructuredQuerySchema.bin 2012-07-03 06:34 - 2009-04-10 17:54 - 03662128 ____A C:\Windows\System32\locale.nls 2012-07-03 06:34 - 2009-03-29 20:42 - 00080720 ____A (Microsoft Corporation) C:\Windows\System32\mscories.dll 2012-07-03 06:34 - 2009-03-06 17:11 - 00130008 ____A C:\Windows\System32\systemsf.ebd 2012-07-03 06:34 - 2009-02-19 16:20 - 00009239 ____A C:\Windows\System32\spcinstrumentation.man 2012-07-03 06:34 - 2009-02-18 10:39 - 00102816 ____A (Microsoft Corporation) C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll 2012-07-03 06:34 - 2009-02-18 10:39 - 00092918 ____A C:\Windows\System32\slmgr.vbs 2012-07-03 06:34 - 2009-02-18 10:39 - 00035680 ____A (Microsoft Corporation) C:\Windows\System32\TsWpfWrp.exe 2012-07-03 06:34 - 2009-02-18 10:38 - 00099680 ____A (Microsoft Corporation) C:\Windows\System32\infocardapi.dll 2012-07-03 06:34 - 2009-02-18 10:38 - 00009048 ____A (Microsoft Corporation) C:\Windows\System32\icardres.dll 2012-07-03 06:33 - 2009-04-10 22:33 - 00292840 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\volmgrx.sys 2012-07-03 06:33 - 2009-04-10 22:32 - 00226280 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\volsnap.sys 2012-07-03 06:33 - 2009-04-10 22:32 - 00190424 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\fltMgr.sys 2012-07-03 06:33 - 2009-04-10 22:32 - 00161752 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\msrpc.sys 2012-07-03 06:33 - 2009-04-10 22:32 - 00141288 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ecache.sys 2012-07-03 06:33 - 2009-04-10 22:32 - 00099816 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\FWPKCLNT.SYS 2012-07-03 06:33 - 2009-04-10 22:32 - 00053736 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\disk.sys 2012-07-03 06:33 - 2009-04-10 22:32 - 00048104 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\mup.sys 2012-07-03 06:33 - 2009-04-10 22:32 - 00043496 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\pciidex.sys 2012-07-03 06:33 - 2009-04-10 22:32 - 00027624 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\Dumpata.sys 2012-07-03 06:33 - 2009-04-10 22:32 - 00019944 ____A (Microsoft Corporation) C:\Windows\System32\kdusb.dll 2012-07-03 06:33 - 2009-04-10 22:32 - 00019944 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\atapi.sys 2012-07-03 06:33 - 2009-04-10 22:32 - 00017896 ____A (Microsoft Corporation) C:\Windows\System32\kd1394.dll 2012-07-03 06:33 - 2009-04-10 22:32 - 00017384 ____A (Microsoft Corporation) C:\Windows\System32\kdcom.dll 2012-07-03 06:33 - 2009-04-10 22:32 - 00014312 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\pciide.sys 2012-07-03 06:33 - 2009-04-10 22:28 - 06103040 ____A (Microsoft Corporation) C:\Windows\System32\chtbrkr.dll 2012-07-03 06:33 - 2009-04-10 22:28 - 03072000 ____A (Microsoft Corporation) C:\Windows\System32\networkmap.dll 2012-07-03 06:33 - 2009-04-10 22:28 - 02515968 ____A (Microsoft Corporation) C:\Windows\System32\accessibilitycpl.dll 2012-07-03 06:33 - 2009-04-10 22:28 - 02226688 ____A (Microsoft Corporation) C:\Windows\System32\networkexplorer.dll 2012-07-03 06:33 - 2009-04-10 22:28 - 02225664 ____A (Microsoft Corporation) C:\Windows\System32\netcenter.dll 2012-07-03 06:33 - 2009-04-10 22:28 - 02153472 ____A (Microsoft Corporation) C:\Windows\System32\oobefldr.dll 2012-07-03 06:33 - 2009-04-10 22:28 - 01671680 ____A (Microsoft Corporation) C:\Windows\System32\wlanpref.dll 2012-07-03 06:33 - 2009-04-10 22:28 - 01645568 ____A (Microsoft Corporation) C:\Windows\System32\connect.dll 2012-07-03 06:33 - 2009-04-10 22:28 - 01580544 ____A (Microsoft Corporation) C:\Windows\System32\wpccpl.dll 2012-07-03 06:33 - 2009-04-10 22:28 - 01575936 ____A (Microsoft Corporation) C:\Windows\System32\WMVENCOD.DLL 2012-07-03 06:33 - 2009-04-10 22:28 - 01544704 ____A (Microsoft Corporation) C:\Windows\System32\MSVidCtl.dll 2012-07-03 06:33 - 2009-04-10 22:28 - 01541120 ____A (Microsoft Corporation) C:\Windows\System32\onex.dll 2012-07-03 06:33 - 2009-04-10 22:28 - 01502720 ____A (Microsoft Corporation) C:\Windows\System32\certmgr.dll 2012-07-03 06:33 - 2009-04-10 22:28 - 01342464 ____A (Microsoft Corporation) C:\Windows\System32\brcpl.dll 2012-07-03 06:33 - 2009-04-10 22:28 - 01248768 ____A (Microsoft Corporation) C:\Windows\System32\PerfCenterCPL.dll 2012-07-03 06:33 - 2009-04-10 22:28 - 01224192 ____A (Microsoft Corporation) C:\Windows\System32\sud.dll 2012-07-03 06:33 - 2009-04-10 22:28 - 01152000 ____A (Microsoft Corporation) C:\Windows\System32\themecpl.dll 2012-07-03 06:33 - 2009-04-10 22:28 - 01123840 ____A (Microsoft Corporation) C:\Windows\System32\usercpl.dll 2012-07-03 06:33 - 2009-04-10 22:28 - 00971264 ____A (Microsoft Corporation) C:\Windows\System32\cryptui.dll 2012-07-03 06:33 - 2009-04-10 22:28 - 00876032 ____A (Microsoft Corporation) C:\Windows\System32\wer.dll 2012-07-03 06:33 - 2009-04-10 22:28 - 00869888 ____A (Microsoft Corporation) C:\Windows\System32\printui.dll 2012-07-03 06:33 - 2009-04-10 22:28 - 00860160 ____A (Microsoft Corporation) C:\Windows\System32\WerFaultSecure.exe 2012-07-03 06:33 - 2009-04-10 22:28 - 00852992 ____A (Microsoft Corporation) C:\Windows\System32\mcmde.dll 2012-07-03 06:33 - 2009-04-10 22:28 - 00842240 ____A (Microsoft Corporation) C:\Windows\System32\systemcpl.dll 2012-07-03 06:33 - 2009-04-10 22:28 - 00825856 ____A (Microsoft Corporation) C:\Windows\System32\rasdlg.dll 2012-07-03 06:33 - 2009-04-10 22:28 - 00777216 ____A (Microsoft Corporation) C:\Windows\System32\slcc.dll 2012-07-03 06:33 - 2009-04-10 22:28 - 00759296 ____A (Microsoft Corporation) C:\Windows\System32\ipsecsnp.dll 2012-07-03 06:33 - 2009-04-10 22:28 - 00723968 ____A (Microsoft Corporation) C:\Windows\System32\powercpl.dll 2012-07-03 06:33 - 2009-04-10 22:28 - 00657408 ____A (Microsoft Corporation) C:\Windows\System32\WMVXENCD.DLL 2012-07-03 06:33 - 2009-04-10 22:28 - 00642560 ____A (Microsoft Corporation) C:\Windows\System32\rasgcw.dll 2012-07-03 06:33 - 2009-04-10 22:28 - 00638976 ____A (Microsoft Corporation) C:\Windows\System32\Utilman.exe 2012-07-03 06:33 - 2009-04-10 22:28 - 00615424 ____A (Microsoft Corporation) C:\Windows\System32\themeui.dll 2012-07-03 06:33 - 2009-04-10 22:28 - 00595456 ____A (Microsoft Corporation) C:\Windows\System32\FWPUCLNT.DLL 2012-07-03 06:33 - 2009-04-10 22:28 - 00593408 ____A (Microsoft Corporation) C:\Windows\System32\comuid.dll 2012-07-03 06:33 - 2009-04-10 22:28 - 00564224 ____A (Microsoft Corporation) C:\Windows\System32\msftedit.dll 2012-07-03 06:33 - 2009-04-10 22:28 - 00551936 ____A (Microsoft Corporation) C:\Windows\System32\prnntfy.dll 2012-07-03 06:33 - 2009-04-10 22:28 - 00547840 ____A (Microsoft Corporation) C:\Windows\System32\wiaaut.dll 2012-07-03 06:33 - 2009-04-10 22:28 - 00542720 ____A (Microsoft Corporation) C:\Windows\System32\blackbox.dll 2012-07-03 06:33 - 2009-04-10 22:28 - 00542208 ____A (Microsoft Corporation) C:\Windows\System32\pnpui.dll 2012-07-03 06:33 - 2009-04-10 22:28 - 00533504 ____A (Microsoft Corporation) C:\Windows\System32\wmdrmsdk.dll 2012-07-03 06:33 - 2009-04-10 22:28 - 00532992 ____A (Microsoft Corporation) C:\Windows\System32\wpcao.dll 2012-07-03 06:33 - 2009-04-10 22:28 - 00516608 ____A (Microsoft Corporation) C:\Windows\System32\autoplay.dll 2012-07-03 06:33 - 2009-04-10 22:28 - 00507904 ____A (Microsoft Corporation) C:\Windows\System32\vdsdyn.dll 2012-07-03 06:33 - 2009-04-10 22:28 - 00505344 ____A (Microsoft Corporation) C:\Windows\System32\qedit.dll 2012-07-03 06:33 - 2009-04-10 22:28 - 00481792 ____A (Microsoft Corporation) C:\Windows\System32\cmdial32.dll 2012-07-03 06:33 - 2009-04-10 22:28 - 00464384 ____A (Microsoft Corporation) C:\Windows\System32\pcaui.dll 2012-07-03 06:33 - 2009-04-10 22:28 - 00453120 ____A (Microsoft Corporation) C:\Windows\System32\wiaservc.dll 2012-07-03 06:33 - 2009-04-10 22:28 - 00445952 ____A (Microsoft Corporation) C:\Windows\System32\ncryptui.dll 2012-07-03 06:33 - 2009-04-10 22:28 - 00444416 ____A (Microsoft Corporation) C:\Windows\System32\dsound.dll 2012-07-03 06:33 - 2009-04-10 22:28 - 00425472 ____A (Microsoft Corporation) C:\Windows\System32\shwebsvc.dll 2012-07-03 06:33 - 2009-04-10 22:28 - 00414208 ____A (Microsoft Corporation) C:\Windows\System32\msscp.dll 2012-07-03 06:33 - 2009-04-10 22:28 - 00399360 ____A (Microsoft Corporation) C:\Windows\System32\wlangpui.dll 2012-07-03 06:33 - 2009-04-10 22:28 - 00391680 ____A (Microsoft Corporation) C:\Windows\System32\mscms.dll 2012-07-03 06:33 - 2009-04-10 22:28 - 00378368 ____A (Microsoft Corporation) C:\Windows\System32\srcore.dll 2012-07-03 06:33 - 2009-04-10 22:28 - 00376832 ____A (Microsoft Corporation) C:\Windows\System32\rasplap.dll 2012-07-03 06:33 - 2009-04-10 22:28 - 00368640 ____A C:\Windows\System32\msjetoledb40.dll 2012-07-03 06:33 - 2009-04-10 22:28 - 00356864 ____A (Microsoft Corporation) C:\Windows\System32\MediaMetadataHandler.dll 2012-07-03 06:33 - 2009-04-10 22:28 - 00342528 ____A (Microsoft Corporation) C:\Windows\System32\zipfldr.dll 2012-07-03 06:33 - 2009-04-10 22:28 - 00340992 ____A (Microsoft Corporation) C:\Windows\System32\RelMon.dll 2012-07-03 06:33 - 2009-04-10 22:28 - 00324096 ____A (Microsoft Corporation) C:\Windows\System32\untfs.dll 2012-07-03 06:33 - 2009-04-10 22:28 - 00313344 ____A (Microsoft Corporation) C:\Windows\System32\thawbrkr.dll 2012-07-03 06:33 - 2009-04-10 22:28 - 00306176 ____A (Microsoft Corporation) C:\Windows\System32\scesrv.dll 2012-07-03 06:33 - 2009-04-10 22:28 - 00303616 ____A (Microsoft Corporation) C:\Windows\System32\wmpeffects.dll 2012-07-03 06:33 - 2009-04-10 22:28 - 00288256 ____A (Microsoft Corporation) C:\Windows\System32\modemui.dll 2012-07-03 06:33 - 2009-04-10 22:28 - 00286720 ____A (Microsoft Corporation) C:\Windows\System32\rasapi32.dll 2012-07-03 06:33 - 2009-04-10 22:28 - 00284672 ____A (Microsoft Corporation) C:\Windows\System32\drmmgrtn.dll 2012-07-03 06:33 - 2009-04-10 22:28 - 00281088 ____A (Microsoft Corporation) C:\Windows\System32\raschap.dll 2012-07-03 06:33 - 2009-04-10 22:28 - 00275968 ____A (Microsoft Corporation) C:\Windows\System32\SnippingTool.exe 2012-07-03 06:33 - 2009-04-10 22:28 - 00273920 ____A (Microsoft Corporation) C:\Windows\System32\wow32.dll 2012-07-03 06:33 - 2009-04-10 22:28 - 00259584 ____A (Microsoft Corporation) C:\Windows\System32\rasppp.dll 2012-07-03 06:33 - 2009-04-10 22:28 - 00245760 ____A (Microsoft Corporation) C:\Windows\System32\scansetting.dll 2012-07-03 06:33 - 2009-04-10 22:28 - 00244224 ____A (Microsoft Corporation) C:\Windows\System32\wisptis.exe 2012-07-03 06:33 - 2009-04-10 22:28 - 00242688 ____A (Microsoft Corporation) C:\Windows\System32\tapisrv.dll 2012-07-03 06:33 - 2009-04-10 22:28 - 00223744 ____A (Microsoft Corporation) C:\Windows\System32\wscntfy.dll 2012-07-03 06:33 - 2009-04-10 22:28 - 00223232 ____A (Microsoft Corporation) C:\Windows\System32\mswsock.dll 2012-07-03 06:33 - 2009-04-10 22:28 - 00218624 ____A (Microsoft Corporation) C:\Windows\System32\mscandui.dll 2012-07-03 06:33 - 2009-04-10 22:28 - 00217600 ____A (Microsoft Corporation) C:\Windows\System32\InkEd.dll 2012-07-03 06:33 - 2009-04-10 22:28 - 00217088 ____A (Microsoft Corporation) C:\Windows\System32\WerFault.exe 2012-07-03 06:33 - 2009-04-10 22:28 - 00216064 ____A (Microsoft Corporation) C:\Windows\System32\ntprint.dll 2012-07-03 06:33 - 2009-04-10 22:28 - 00204288 ____A (Microsoft Corporation) C:\Windows\System32\ncrypt.dll 2012-07-03 06:33 - 2009-04-10 22:28 - 00202752 ____A (Microsoft Corporation) C:\Windows\System32\wlanui.dll 2012-07-03 06:33 - 2009-04-10 22:28 - 00200704 ____A (Microsoft Corporation) C:\Windows\System32\input.dll 2012-07-03 06:33 - 2009-04-10 22:28 - 00197632 ____A (Microsoft Corporation) C:\Windows\System32\SndVol.exe 2012-07-03 06:33 - 2009-04-10 22:28 - 00194560 ____A (Microsoft Corporation) C:\Windows\System32\offfilt.dll 2012-07-03 06:33 - 2009-04-10 22:28 - 00187904 ____A (Microsoft Corporation) C:\Windows\System32\eapp3hst.dll 2012-07-03 06:33 - 2009-04-10 22:28 - 00185856 ____A (Microsoft Corporation) C:\Windows\System32\SLLUA.exe 2012-07-03 06:33 - 2009-04-10 22:28 - 00182272 ____A (Microsoft Corporation) C:\Windows\System32\iassam.dll 2012-07-03 06:33 - 2009-04-10 22:28 - 00181760 ____A (Microsoft Corporation) C:\Windows\System32\pnpsetup.dll 2012-07-03 06:33 - 2009-04-10 22:28 - 00180736 ____A (Microsoft Corporation) C:\Windows\System32\netplwiz.dll 2012-07-03 06:33 - 2009-04-10 22:28 - 00180224 ____A (Microsoft Corporation) C:\Windows\System32\scrobj.dll 2012-07-03 06:33 - 2009-04-10 22:28 - 00179712 ____A (Microsoft Corporation) C:\Windows\System32\msnetobj.dll 2012-07-03 06:33 - 2009-04-10 22:28 - 00178176 ____A (Microsoft Corporation) C:\Windows\System32\credui.dll 2012-07-03 06:33 - 2009-04-10 22:28 - 00177664 ____A (Microsoft Corporation) C:\Windows\System32\WSDMon.dll 2012-07-03 06:33 - 2009-04-10 22:28 - 00177152 ____A (Microsoft Corporation) C:\Windows\System32\scecli.dll 2012-07-03 06:33 - 2009-04-10 22:28 - 00175616 ____A (Microsoft Corporation) C:\Windows\System32\dot3svc.dll 2012-07-03 06:33 - 2009-04-10 22:28 - 00171008 ____A (Microsoft Corporation) C:\Windows\System32\apphelp.dll 2012-07-03 06:33 - 2009-04-10 22:28 - 00170496 ____A (Microsoft Corporation) C:\Windows\System32\tcpipcfg.dll 2012-07-03 06:33 - 2009-04-10 22:28 - 00166400 ____A (Microsoft Corporation) C:\Windows\System32\puiapi.dll 2012-07-03 06:33 - 2009-04-10 22:28 - 00163328 ____A (Microsoft Corporation) C:\Windows\System32\msutb.dll 2012-07-03 06:33 - 2009-04-10 22:28 - 00158208 ____A (Microsoft Corporation) C:\Windows\System32\iasrad.dll 2012-07-03 06:33 - 2009-04-10 22:28 - 00155648 ____A (Microsoft Corporation) C:\Windows\System32\wscript.exe 2012-07-03 06:33 - 2009-04-10 22:28 - 00155136 ____A (Microsoft Corporation) C:\Windows\System32\rasmontr.dll 2012-07-03 06:33 - 2009-04-10 22:28 - 00150528 ____A (Microsoft Corporation) C:\Windows\System32\iasnap.dll 2012-07-03 06:33 - 2009-04-10 22:28 - 00147456 ____A (Microsoft Corporation) C:\Windows\System32\Faultrep.dll 2012-07-03 06:33 - 2009-04-10 22:28 - 00142336 ____A (Microsoft Corporation) C:\Windows\System32\spp.dll 2012-07-03 06:33 - 2009-04-10 22:28 - 00142336 ____A (Microsoft Corporation) C:\Windows\System32\fo
[ Ignorer ] [ # 10 ] f-arn TeamSpywarefri
07.07.2012 22:21:49 Administrator Team Spywarefri Antal indlæg: 7125	OK - den må du hellere vedhæfte, så vi får det hele med Signatur Undlad venligst at vedhæfte logs, medmindre du bliver bedt om det !
[ Ignorer ] [ # 11 ] Photop
07.07.2012 22:30:49 Antal indlæg: 171	f-arn TeamSpywarefri - 07.07.2012 22:21:49 OK - den må du hellere vedhæfte, så vi får det hele med Done Vedhæftede filer FRST.txt (Filstørrelse: 201 - Downloads: 33)
[ Ignorer ] [ # 12 ] f-arn TeamSpywarefri
08.07.2012 10:51:38 Administrator Team Spywarefri Antal indlæg: 7125	Jeg vedhæfter Fixlist.txt. Gem den på din USB nøgle. Start PCen op med Kommando prompt. Ved Kommando prompten starter du FRST (Farbar Recovery Scan Tool) og klikker på FIX (og venter til den er færdig) Den laver Fixlog.txt, som du skal kopiere herind i dit næste indlæg. Luk Farbar Recovery Scan Tool, og genstart PCen. ——— Start Malwarebytes, klik på fanen opdater, klik Tjek for opdatering, lav “Fuld system skan” under fanebladet “skanner” Bagefter klik på “vis resultater”, tryk på “Fjern det valgte” gem loggen og send den herind sammen med logs fra DDS. Du kan også prøve denne DDS. Den laver to logs,(DDS.txt og Attach.txt) gem dem på skrivebordet og kopier indholdet af begge herind. OBS - DDS skal gemmes på computeren og ikke køres fra nettet. Mht.: Vista og Windows 7 - Højreklik på filen - Kør som Administrator. NB Når du opdaterer Malwarebytes, så klik på Tjek for opdatering til den skriver at der ikke er flere opdateringer. Jeg vil gerne se: (Lavet i den rækkefølge) 1. Log fra Farbar Recovery Scan Tool. (Fixlog.txt) 2. Log fra Malwarebytes. (Opdateret) 3. Logs fra DDS. (DDS.txt og Attach.txt) Vedhæftede filer fixlist.txt (Filstørrelse: 1 - Downloads: 19) Signatur Undlad venligst at vedhæfte logs, medmindre du bliver bedt om det !
[ Ignorer ] [ # 13 ] Photop
08.07.2012 21:32:41 Antal indlæg: 171	f-arn TeamSpywarefri - 08.07.2012 10:51:38 Jeg vil gerne se: (Lavet i den rækkefølge) 1. Log fra Farbar Recovery Scan Tool. (Fixlog.txt) 2. Log fra Malwarebytes. (Opdateret) 3. Logs fra DDS. (DDS.txt og Attach.txt) Fix result of Farbar Recovery Tool (FRST written by Farbar) Version: 07-07-2012 03 Ran by SYSTEM at 2012-07-08 13:46:37 Run:1 Running from E:\ ============================================== C:\Windows\Installer\{4a7f59f7-3c11-88e8-767a-d1c334613446} moved successfully. C:\Users\Hjemme\AppData\Local\{4a7f59f7-3c11-88e8-767a-d1c334613446} moved successfully. ==== End of Fixlog ==== Malwarebytes Anti-Malware 1.61.0.1400 http://www.malwarebytes.org Database version: v2012.07.08.06 Windows Vista Service Pack 2 x86 NTFS Internet Explorer 9.0.8112.16421 Hjemme :: HJEMME-PC [administrator] 08-07-2012 19:37:45 mbam-log-2012-07-08 (19-37-45).txt Skanningstype: Fuldstændig skanning Skanningsmuligheder valgt: Hukommelse \| Opstart \| Registreringsdatabasen \| Filsystem \| Heuristics/Ekstra \| Heuristics/Shuriken \| PUP \| PUM Skanningsmuligheder som er deaktiverede: P2P Objekter skannet: 358545 Tid gået: 1 time(e), 34 minut(ter), 33 sekund(er) Hukommelses Processorer Inficeret: 0 (Ingen skadelige objekter blev fundet) Hukommelses Moduler Inficeret: 0 (Ingen skadelige objekter blev fundet) Registreringsdatabasenøgler Inficeret: 0 (Ingen skadelige objekter blev fundet) Registreringsdatabaseværdier Inficeret: 0 (Ingen skadelige objekter blev fundet) Registreringsdatabasedata Objekter Inficeret: 0 (Ingen skadelige objekter blev fundet) Inficerede Mapper: 0 (Ingen skadelige objekter blev fundet) Inficerede Filer: 0 (Ingen skadelige objekter blev fundet) (færdig) . DDS (Ver_2011-08-26.01) - NTFSx86 Internet Explorer: 9.0.8112.16421 Run by Hjemme at 21:20:20 on 2012-07-08 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.45.1030.18.2046.1128 [GMT 2:00] . AV: COMODO Antivirus Enabled/Updated {458BB331-2324-0753-3D5F-1472EB102AC0} SP: Windows Defender Enabled/Updated {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: COMODO Defense+ Enabled/Updated {FEEA52D5-051E-08DD-07EF-2F009097607D} FW: COMODO Firewall Enabled {7DB03214-694B-060B-1600-BD4715C36DBB} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLS.exe C:\Windows\system32\svchost.exe -k rpcss C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\SLsvc.exe C:\Windows\system32\svchost.exe -k LocalService C:\Windows\System32\spoolsv.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Program Files\SUPERAntiSpyware\SASCORE.EXE C:\Windows\Explorer.EXE C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe C:\Windows\RtHDVCpl.exe C:\Acer\Empowering Technology\eDataSecurity\eDSLoader.exe C:\Windows\system32\taskeng.exe C:\Acer\Empowering Technology\eAudio\eAudio.exe C:\Acer\Empowering Technology\eNet\eNet Service.exe C:\Windows\system32\svchost.exe -k hpdevmgmt C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\Acer\Mobility Center\MobilityService.exe C:\Program Files\CyberLink\Shared Files\RichVideo.exe C:\Program Files\Secunia\PSI\PSIA.exe C:\Users\Hjemme\AppData\Local\Temp\RtkBtMnt.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\System32\svchost.exe -k WerSvcGroup C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\DRIVERS\xaudio.exe C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe C:\Acer\Empowering Technology\ePower\ePowerSvc.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\Launch Manager\LManager.exe C:\Program Files\Apoint2K\Apoint.exe C:\Windows\System32\rundll32.exe C:\Program Files\COMODO\COMODO Internet Security\cfp.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Secunia\PSI\psi_tray.exe C:\Windows\System32\rundll32.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\Apoint2K\ApMsgFwd.exe C:\Program Files\Apoint2K\Apntex.exe C:\Windows\system32\conime.exe C:\Program Files\iPod\bin\iPodService.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\System32\svchost.exe -k secsvcs C:\Windows\system32\taskeng.exe C:\Windows\system32\wbem\wmiprvse.exe . ============== Pseudo HJT Report =============== . uSEARCH PAGE = hxxp://www.google.com uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7 uSearch Bar = hxxp://www.google.com/ie uStart Page = hxxp://da.intl.acer.yahoo.com/ uDefault_Search_URL = hxxp://www.google.com/ie mStart Page = hxxp://da.intl.acer.yahoo.com mDefault_Page_URL = hxxp://da.intl.acer.yahoo.com uInternet Settings,ProxyOverride = *.local uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s uURLSearchHooks: H - No File BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll BHO: ShowBarObj Class: {83a2f9b1-01a2-4aa5-87d1-45b6b8505e96} - c:\windows\system32\ActiveToolBand.dll BHO: Hjælp til tilmelding til Windows Live: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.7.7227.1100\swg.dll BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll TB: Acer eDataSecurity Management: {5cbe3b7c-1e47-477e-a7dd-396db0476e29} - c:\windows\system32\eDStoolbar.dll TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File TB: {687578B9-7132-4A7A-80E4-30EE31099E03} - No File uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe uRun: [swg] “c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe” mRun: [RtHDVCpl] RtHDVCpl.exe mRun: [eDataSecurity Loader] c:\acer\empowering technology\edatasecurity\eDSloader.exe mRun: [eAudio] “c:\acer\empowering technology\eaudio\eAudio.exe” mRun: [Acer Tour] mRun: [LManager] c:\progra~1\launch~1\LManager.exe mRun: [WarReg_PopUp] c:\acer\wr_popup\WarReg_PopUp.exe mRun: [Apoint] c:\program files\apoint2k\Apoint.exe mRun: [eRecoveryService] mRun: [Acer Tour Reminder] c:\acer\acertour\Reminder.exe mRun: [Skytel] Skytel.exe mRun: [NvSvc] RUNDLL32.EXE c:\windows\system32\nvsvc.dll,nvsvcStart mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit mRun: [CPA] c:\program files\comodo\comodo geekbuddy\VALA.exe mRun: [COMODO Internet Security] “c:\program files\comodo\comodo internet security\cfp.exe” -h mRun: [SunJavaUpdateSched] “c:\program files\common files\java\java update\jusched.exe” mRun: [APSDaemon] “c:\program files\common files\apple\apple application support\APSDaemon.exe” mRun: [iTunesHelper] “c:\program files\itunes\iTunesHelper.exe” mRun: [QuickTime Task] “c:\program files\quicktime\QTTask.exe” -atboottime mRun: [Adobe Reader Speed Launcher] “c:\program files\adobe\reader 8.0\reader\Reader_sl.exe” mRun: [Adobe ARM] “c:\program files\common files\adobe\arm\1.0\AdobeARM.exe” dRun: [Acer Tour Reminder] c:\acer\acertour\Reminder.exe StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\secuni~1.lnk - c:\program files\secunia\psi\psi_tray.exe mPolicies-explorer: EnableShellExecuteHooks = 1 (0x1) mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0) mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: Add to Google Photos Screensa&ver; - c:\windows\system32\GPhotos.scr/200 IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office11\REFIEBAR.DLL IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll Trusted Zone: danskebank.dk Trusted Zone: stinescenter.dk DPF: {888078C6-70B2-4F88-8EE7-1F50DDEA6120} - hxxps://as.photoprintit.de/ips-opdata/activex/ImageUploader6.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab TCP: DhcpNameServer = 192.168.1.1 TCP: Interfaces\{2C1E63C9-B4B8-4D9F-991B-B33D917046D2} : DhcpNameServer = 192.168.1.1 Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL AppInit_DLLs: ?½Ä½??Y?c:\program files\comodo\comodo internet security\cfpconfg.exe c:\windows\system32\guard32.dll SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL . ============= SERVICES / DRIVERS =============== . R1 cmderd;COMODO Internet Security Eradication Driver;c:\windows\system32\drivers\cmderd.sys [2012-3-11 19600] R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\drivers\cmdGuard.sys [2012-3-11 491816] R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [2012-3-11 38616] R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880] R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664] R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCore.exe [2011-8-12 116608] R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};{49DE1C67-83F8-4102-99E0-C16DCC7EEC796};c:\program files\acer arcade deluxe\play movie\000.fcl [2009-2-3 13560] R2 CLPSLS;COMODO livePCsupport Service;c:\program files\comodo\comodo geekbuddy\CLPSLS.exe [2011-11-23 1052472] R2 FontCache;Tjenesten Windows-skrifttypecache;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2012-7-2 21504] R3 enecir;ENE CIR Receiver;c:\windows\system32\drivers\enecir.sys [2007-8-2 32256] R3 PSI;PSI;c:\windows\system32\drivers\psi_mf.sys [2011-12-16 15544] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 gupdate;Tjenesten Google Update (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-5-27 136176] S3 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr.sys [2010-1-13 54632] S3 fsssvc;Windows Live-tjenesten Family Safety;c:\program files\windows live\family safety\fsssvc.exe [2009-8-5 704864] S3 gupdatem;Google Update Tjeneste (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-5-27 136176] S3 USBAAPL;Apple Mobile USB Driver;c:\windows\system32\drivers\usbaapl.sys [2009-8-28 40448] . =============== Created Last 30 ================ . 2012-07-08 17:48:19 6762896 ——a-w- c:\programdata\microsoft\windows defender\definition updates\{2abec6c4-7e13-4a07-9f79-d0b4fef7d0da}\mpengine.dll 2012-07-08 17:43:05 6762896 ———w- c:\programdata\microsoft\windows defender\definition updates\updates\mpengine.dll 2012-07-08 05:56:19 ———— d——-w- C:\FRST 2012-07-07 04:54:49 331 ——a-w- C:\Start_.cmd 2012-07-07 04:54:48 ———— d——-w- C:\ComboFix 2012-07-07 04:53:10 ———— d—h—w- C:\VritualRoot 2012-07-06 19:19:48 ———— d——-w- c:\users\hjemme\appdata\roaming\HpUpdate 2012-07-06 19:19:42 ———— d——-w- c:\windows\Hewlett-Packard 2012-07-06 19:06:40 159744 ——a-w- c:\program files\internet explorer\plugins\npqtplugin7.dll 2012-07-06 19:06:40 159744 ——a-w- c:\program files\internet explorer\plugins\npqtplugin6.dll 2012-07-06 19:06:40 159744 ——a-w- c:\program files\internet explorer\plugins\npqtplugin5.dll 2012-07-06 19:06:39 159744 ——a-w- c:\program files\internet explorer\plugins\npqtplugin4.dll 2012-07-06 19:06:39 159744 ——a-w- c:\program files\internet explorer\plugins\npqtplugin3.dll 2012-07-06 19:06:39 159744 ——a-w- c:\program files\internet explorer\plugins\npqtplugin2.dll 2012-07-06 19:06:39 159744 ——a-w- c:\program files\internet explorer\plugins\npqtplugin.dll 2012-07-06 17:20:30 ———— d——-w- c:\program files\iPod 2012-07-06 17:20:25 ———— d——-w- c:\programdata\{429CAD59-35B1-4DBC-BB6D-1DB246563521} 2012-07-06 17:20:25 ———— d——-w- c:\program files\iTunes 2012-07-05 23:43:13 ———— d——-w- c:\program files\Bonjour 2012-07-05 23:25:52 ———— d——-w- c:\users\hjemme\appdata\local\Secunia PSI 2012-07-05 23:22:13 ———— d——-w- c:\program files\Secunia 2012-07-05 22:55:59 476936 ——a-w- c:\windows\system32\npdeployJava1.dll 2012-07-05 22:55:59 472840 ——a-w- c:\windows\system32\deployJava1.dll 2012-07-05 20:58:55 876032 ——a-w- c:\windows\system32\XpsPrint.dll 2012-07-05 20:58:54 683008 ——a-w- c:\windows\system32\d2d1.dll 2012-07-05 20:58:54 219648 ——a-w- c:\windows\system32\d3d10_1core.dll 2012-07-05 20:58:54 160768 ——a-w- c:\windows\system32\d3d10_1.dll 2012-07-05 20:58:54 1172480 ——a-w- c:\windows\system32\d3d10warp.dll 2012-07-05 20:58:54 1069056 ——a-w- c:\windows\system32\DWrite.dll 2012-07-04 22:06:39 ———— d——-w- c:\program files\Windows Portable Devices 2012-07-04 12:26:32 92672 ——a-w- c:\windows\system32\UIAnimation.dll 2012-07-04 12:26:31 1164800 ——a-w- c:\windows\system32\UIRibbonRes.dll 2012-07-04 12:26:30 3023360 ——a-w- c:\windows\system32\UIRibbon.dll 2012-07-04 12:03:59 5120 ——a-w- c:\windows\system32\wmi.dll 2012-07-04 12:03:59 172032 ——a-w- c:\windows\system32\wintrust.dll 2012-07-04 12:03:59 157696 ——a-w- c:\windows\system32\imagehlp.dll 2012-07-04 12:03:59 12800 ——a-w- c:\windows\system32\drivers\fs_rec.sys 2012-07-04 11:40:31 979456 ——a-w- c:\windows\system32\MFH264Dec.dll 2012-07-04 11:40:29 357376 ——a-w- c:\windows\system32\MFHEAACdec.dll 2012-07-04 11:40:27 302592 ——a-w- c:\windows\system32\mfmp4src.dll 2012-07-04 11:40:24 261632 ——a-w- c:\windows\system32\mfreadwrite.dll 2012-07-04 11:40:23 2873344 ——a-w- c:\windows\system32\mf.dll 2012-07-04 11:40:21 98816 ——a-w- c:\windows\system32\mfps.dll 2012-07-04 11:40:15 209920 ——a-w- c:\windows\system32\mfplat.dll 2012-07-04 11:40:09 586240 ——a-w- c:\windows\system32\stobject.dll 2012-07-04 11:39:41 135680 ——a-w- c:\windows\system32\XpsRasterService.dll 2012-07-04 11:39:37 486400 ——a-w- c:\windows\system32\d3d10level9.dll 2012-07-04 11:39:34 189952 ——a-w- c:\windows\system32\d3d10core.dll 2012-07-04 11:39:33 478720 ——a-w- c:\windows\system32\dxgi.dll 2012-07-04 11:39:33 1029120 ——a-w- c:\windows\system32\d3d10.dll 2012-07-04 11:39:32 638336 ——a-w- c:\windows\system32\drivers\dxgkrnl.sys 2012-07-04 11:39:31 37376 ——a-w- c:\windows\system32\cdd.dll 2012-07-04 11:39:31 258048 ——a-w- c:\windows\system32\winspool.drv 2012-07-04 11:39:30 667648 ——a-w- c:\windows\system32\printfilterpipelinesvc.exe 2012-07-04 11:39:30 26112 ——a-w- c:\windows\system32\printfilterpipelineprxy.dll 2012-07-04 11:39:28 847360 ——a-w- c:\windows\system32\OpcServices.dll 2012-07-04 11:39:28 1554432 ——a-w- c:\windows\system32\xpsservices.dll 2012-07-04 11:36:52 369664 ——a-w- c:\windows\system32\WMPhoto.dll 2012-07-04 11:36:52 252928 ——a-w- c:\windows\system32\dxdiag.exe 2012-07-04 11:36:52 195584 ——a-w- c:\windows\system32\dxdiagn.dll 2012-07-04 11:36:51 519680 ——a-w- c:\windows\system32\d3d11.dll 2012-07-04 11:36:51 321024 ——a-w- c:\windows\system32\PhotoMetadataHandler.dll 2012-07-04 11:36:51 189440 ——a-w- c:\windows\system32\WindowsCodecsExt.dll 2012-07-04 11:36:50 974848 ——a-w- c:\windows\system32\WindowsCodecs.dll 2012-07-04 09:58:37 984064 ——a-w- c:\windows\system32\crypt32.dll 2012-07-04 09:58:37 98304 ——a-w- c:\windows\system32\cryptnet.dll 2012-07-04 09:58:37 133120 ——a-w- c:\windows\system32\cryptsvc.dll 2012-07-04 09:58:27 69632 ——a-w- c:\windows\system32\Mpeg2Data.ax 2012-07-04 09:58:27 57856 ——a-w- c:\windows\system32\MSDvbNP.ax 2012-07-04 09:58:27 293376 ——a-w- c:\windows\system32\psisdecd.dll 2012-07-04 09:58:27 217088 ——a-w- c:\windows\system32\psisrndr.ax 2012-07-04 09:58:14 23552 ——a-w- c:\windows\system32\mciseq.dll 2012-07-04 09:58:14 189952 ——a-w- c:\windows\system32\winmm.dll 2012-07-04 09:58:13 1205064 ——a-w- c:\windows\system32\ntdll.dll 2012-07-04 09:56:35 49152 ——a-w- c:\windows\system32\csrsrv.dll 2012-07-04 09:56:34 1314816 ——a-w- c:\windows\system32\quartz.dll 2012-07-04 09:56:33 497152 ——a-w- c:\windows\system32\qdvd.dll 2012-07-04 09:56:32 278528 ——a-w- c:\windows\system32\schannel.dll 2012-07-04 09:56:31 9728 ——a-w- c:\windows\system32\lsass.exe 2012-07-04 09:56:31 72704 ——a-w- c:\windows\system32\secur32.dll 2012-07-04 09:56:31 440192 ——a-w- c:\windows\system32\drivers\ksecdd.sys 2012-07-04 09:56:31 377344 ——a-w- c:\windows\system32\winhttp.dll 2012-07-04 09:56:31 1259008 ——a-w- c:\windows\system32\lsasrv.dll 2012-07-04 09:56:26 2048 ——a-w- c:\windows\system32\tzres.dll 2012-07-04 09:55:59 2409784 ——a-w- c:\program files\windows mail\OESpamFilter.dat 2012-07-04 09:55:55 563712 ——a-w- c:\windows\system32\oleaut32.dll 2012-07-04 09:55:55 555520 ——a-w- c:\windows\system32\UIAutomationCore.dll 2012-07-04 09:55:55 4096 ——a-w- c:\windows\system32\oleaccrc.dll 2012-07-04 09:55:55 238080 ——a-w- c:\windows\system32\oleacc.dll 2012-07-04 09:55:25 180736 ——a-w- c:\windows\system32\drivers\rdpwd.sys 2012-07-04 09:55:23 2045440 ——a-w- c:\windows\system32\win32k.sys 2012-07-04 09:55:20 3550080 ——a-w- c:\windows\system32\ntoskrnl.exe 2012-07-04 09:55:19 3602816 ——a-w- c:\windows\system32\ntkrnlpa.exe 2012-07-04 09:55:17 707584 ——a-w- c:\program files\common files\system\wab32.dll 2012-07-04 09:37:34 613376 ——a-w- c:\windows\system32\rdpencom.dll 2012-07-04 09:24:18 2422272 ——a-w- c:\windows\system32\wucltux.dll 2012-07-04 09:23:57 88576 ——a-w- c:\windows\system32\wudriver.dll 2012-07-04 09:23:48 33792 ——a-w- c:\windows\system32\wuapp.exe 2012-07-04 09:23:48 171904 ——a-w- c:\windows\system32\wuwebv.dll 2012-07-04 05:35:38 22344 ——a-w- c:\windows\system32\drivers\mbam.sys 2012-07-04 05:35:38 ———— d——-w- c:\program files\Malwarebytes’ Anti-Malware 2012-07-03 21:17:25 ———— d——-w- c:\program files\ESET 2012-07-03 20:33:47 ———— d——-w- c:\windows\system32\eu-ES 2012-07-03 20:33:47 ———— d——-w- c:\windows\system32\ca-ES 2012-07-03 20:33:46 ———— d——-w- c:\windows\system32\vi-VN 2012-07-03 19:53:25 ———— d——-w- c:\windows\system32\EventProviders 2012-07-03 17:02:28 18904 ——a-w- c:\windows\system32\StructuredQuerySchemaTrivial.bin 2012-07-03 16:46:01 99176 ——a-w- c:\windows\system32\PresentationHostProxy.dll 2012-07-03 16:46:01 49472 ——a-w- c:\windows\system32\netfxperf.dll 2012-07-03 16:46:01 297808 ——a-w- c:\windows\system32\mscoree.dll 2012-07-03 16:46:01 295264 ——a-w- c:\windows\system32\PresentationHost.exe 2012-07-03 16:46:01 1130824 ——a-w- c:\windows\system32\dfshim.dll 2012-07-03 16:41:16 2048 ——a-w- c:\windows\system32\winrsmgr.dll 2012-07-03 16:41:05 40448 ——a-w- c:\windows\system32\winrs.exe 2012-07-03 16:41:05 20480 ——a-w- c:\windows\system32\winrshost.exe 2012-07-03 16:41:05 12800 ——a-w- c:\windows\system32\wsmprovhost.exe 2012-07-03 16:41:04 10240 ——a-w- c:\windows\system32\wsmplpxy.dll 2012-07-03 16:41:04 10240 ——a-w- c:\windows\system32\winrssrv.dll 2012-07-03 16:41:03 81408 ——a-w- c:\windows\system32\wevtfwd.dll 2012-07-03 16:41:03 79872 ——a-w- c:\windows\system32\wecutil.exe 2012-07-03 16:41:03 56320 ——a-w- c:\windows\system32\wecapi.dll 2012-07-03 16:41:03 54272 ——a-w- c:\windows\system32\WsmRes.dll 2012-07-03 16:41:03 41472 ——a-w- c:\windows\system32\pwrshplugin.dll 2012-07-03 16:41:03 146944 ——a-w- c:\windows\system32\wecsvc.dll 2012-07-03 16:40:59 201184 ——a-w- c:\windows\system32\winrm.vbs 2012-07-03 16:40:58 252416 ——a-w- c:\windows\system32\WSManMigrationPlugin.dll 2012-07-03 16:40:58 246272 ——a-w- c:\windows\system32\WSManHTTPConfig.exe 2012-07-03 16:40:58 241152 ——a-w- c:\windows\system32\winrscmd.dll 2012-07-03 16:40:58 214016 ——a-w- c:\windows\system32\WsmWmiPl.dll 2012-07-03 16:40:58 145408 ——a-w- c:\windows\system32\WsmAuto.dll 2012-07-03 16:40:57 1181696 ——a-w- c:\windows\system32\WsmSvc.dll 2012-07-03 14:34:59 190464 ——a-w- c:\windows\system32\sperror.dll 2012-07-03 14:33:59 60928 ——a-w- c:\windows\system32\SLUINotify.dll 2012-07-03 14:32:35 83968 ——a-w- c:\windows\system32\wbem\wmiutils.dll 2012-07-03 14:32:35 30208 ——a-w- c:\windows\system32\wbem\wbemprox.dll 2012-07-03 14:32:35 265728 ——a-w- c:\windows\system32\wbem\esscli.dll 2012-07-03 14:32:35 189440 ——a-w- c:\windows\system32\wbem\mofd.dll 2012-07-03 14:32:34 744448 ——a-w- c:\windows\system32\wbem\wbemcore.dll 2012-07-03 14:32:34 614912 ——a-w- c:\windows\system32\wbem\fastprox.dll 2012-07-03 14:32:34 265728 ——a-w- c:\windows\system32\wbem\repdrvfs.dll 2012-07-03 14:32:27 705536 ——a-w- c:\windows\system32\SmiEngine.dll 2012-07-03 14:32:10 218624 ——a-w- c:\windows\system32\wdscore.dll 2012-07-03 14:32:10 130560 ——a-w- c:\windows\system32\PkgMgr.exe 2012-07-03 14:31:30 247808 ——a-w- c:\windows\system32\drvstore.dll 2012-07-03 13:09:32 677888 ——a-w- c:\windows\system32\mstsc.exe 2012-07-03 13:09:32 2067968 ——a-w- c:\windows\system32\mstscax.dll 2012-07-03 13:09:31 63488 ——a-w- c:\windows\system32\tscupgrd.exe 2012-07-03 13:09:04 168960 ——a-w- c:\program files\windows media player\wmplayer.exe 2012-07-03 13:09:03 8147456 ——a-w- c:\windows\system32\wmploc.DLL 2012-07-03 13:07:03 125952 ——a-w- c:\windows\system32\srvsvc.dll 2012-07-03 13:07:02 17920 ——a-w- c:\windows\system32\netevent.dll 2012-07-03 13:05:36 502272 ——a-w- c:\windows\system32\usp10.dll 2012-07-03 13:05:21 515584 ——a-w- c:\program files\windows mail\wab.exe 2012-07-03 13:05:19 66048 ——a-w- c:\program files\windows mail\wabmig.exe 2012-07-03 13:05:19 33280 ——a-w- c:\program files\windows mail\wabfind.dll 2012-07-03 13:05:00 72704 ——a-w- c:\windows\system32\fontsub.dll 2012-07-03 13:05:00 292864 ——a-w- c:\windows\system32\atmfd.dll 2012-07-03 13:04:59 34304 ——a-w- c:\windows\system32\atmlib.dll 2012-07-03 13:04:51 413696 ——a-w- c:\windows\system32\odbc32.dll 2012-07-03 13:04:50 708608 ——a-w- c:\program files\common files\system\ado\msado15.dll 2012-07-03 13:04:49 253952 ——a-w- c:\program files\common files\system\ado\msadox.dll 2012-07-03 13:04:49 241664 ——a-w- c:\program files\common files\system\ado\msadomd.dll 2012-07-03 13:04:48 57344 ——a-w- c:\program files\common files\system\msadc\msadcs.dll 2012-07-03 13:04:48 180224 ——a-w- c:\program files\common files\system\msadc\msadco.dll 2012-07-03 13:04:30 69632 ——a-w- c:\windows\system32\drivers\bowser.sys 2012-07-03 13:04:15 75264 ——a-w- c:\windows\system32\drivers\dfsc.sys 2012-07-03 13:03:37 1162240 ——a-w- c:\windows\system32\mfc42u.dll 2012-07-03 13:03:37 1136640 ——a-w- c:\windows\system32\mfc42.dll 2012-07-03 13:03:32 1616384 ——a-w- c:\program files\windows mail\msoe.dll 2012-07-03 13:03:28 81920 ——a-w- c:\windows\system32\iccvid.dll 2012-07-03 13:03:23 214016 ——a-w- c:\windows\system32\drivers\mrxsmb10.sys 2012-07-03 13:03:22 79872 ——a-w- c:\windows\system32\drivers\mrxsmb20.sys 2012-07-03 13:03:22 106496 ——a-w- c:\windows\system32\drivers\mrxsmb.sys 2012-07-03 13:03:14 305152 ——a-w- c:\windows\system32\drivers\srv.sys 2012-07-03 13:02:46 86528 ——a-w- c:\windows\system32\dnsrslvr.dll 2012-07-03 13:02:46 25088 ——a-w- c:\windows\system32\dnscacheugc.exe 2012-07-03 13:02:41 67072 ——a-w- c:\windows\system32\asycfilt.dll 2012-07-03 13:02:35 1316864 ——a-w- c:\windows\system32\ole32.dll 2012-07-03 13:02:34 339968 ——a-w- c:\program files\windows nt\accessories\wordpad.exe 2012-07-03 13:02:25 128000 ——a-w- c:\windows\system32\spoolsv.exe 2012-07-03 13:02:16 157184 ——a-w- c:\windows\system32\t2embed.dll 2012-07-03 13:01:48 273408 ——a-w- c:\windows\system32\drivers\afd.sys 2012-07-03 13:00:31 1169408 ——a-w- c:\windows\system32\sdclt.exe 2012-07-03 13:00:21 10926592 ——a-w- c:\program files\movie maker\MOVIEMK.dll 2012-07-03 13:00:16 150016 ——a-w- c:\program files\movie maker\MOVIEMK.exe 2012-07-03 13:00:11 146432 ——a-w- c:\windows\system32\drivers\srv2.sys 2012-07-03 13:00:11 102400 ——a-w- c:\windows\system32\drivers\srvnet.sys 2012-07-03 13:00:02 317952 ——a-w- c:\windows\system32\MP4SDECD.DLL 2012-07-03 12:59:34 954752 ——a-w- c:\windows\system32\mfc40.dll 2012-07-03 12:59:34 954288 ——a-w- c:\windows\system32\mfc40u.dll 2012-07-03 12:59:23 36864 ——a-w- c:\windows\system32\rtutils.dll 2012-07-03 12:59:06 1696256 ——a-w- c:\windows\system32\gameux.dll 2012-07-03 12:59:05 28672 ——a-w- c:\windows\system32\Apphlpdm.dll 2012-07-03 12:59:04 4240384 ——a-w- c:\windows\system32\GameUXLegacyGDFs.dll 2012-07-03 12:58:49 231424 ——a-w- c:\windows\system32\msshsq.dll 2012-07-03 12:58:42 867328 ——a-w- c:\windows\system32\wmpmde.dll 2012-07-03 12:58:38 322560 ——a-w- c:\windows\system32\sbe.dll 2012-07-03 12:58:38 177664 ——a-w- c:\windows\system32\mpg2splt.ax 2012-07-03 12:58:38 153088 ——a-w- c:\windows\system32\sbeio.dll 2012-07-03 12:57:31 601600 ——a-w- c:\windows\system32\schedsvc.dll 2012-07-03 12:57:31 352768 ——a-w- c:\windows\system32\taskschd.dll 2012-07-03 12:57:30 345600 ——a-w- c:\windows\system32\wmicmiplugin.dll 2012-07-03 12:57:30 171520 ——a-w- c:\windows\system32\taskeng.exe 2012-07-03 12:57:29 270336 ——a-w- c:\windows\system32\taskcomp.dll 2012-07-03 12:57:19 739328 ——a-w- c:\windows\system32\inetcomm.dll 2012-07-03 12:57:10 1248768 ——a-w- c:\windows\system32\msxml3.dll 2012-07-03 12:56:58 81920 ——a-w- c:\windows\system32\consent.exe 2012-07-03 12:53:25 531968 ——a-w- c:\windows\system32\comctl32.dll 2012-07-03 11:57:34 ———— d——-w- c:\windows\pss 2012-07-03 11:54:16 ———— d——-w- c:\programdata\CPA_VA 2012-07-03 11:50:17 1474832 ——a-w- c:\windows\system32\drivers\sfi.dat 2012-07-03 11:45:26 ———— d——-w- c:\programdata\Comodo 2012-07-03 11:45:22 ———— d——-w- c:\program files\COMODO 2012-07-02 08:53:01 2730536 ——a-w- c:\programdata\microsoft\windows defender\definition updates\default\MpEngine.dll 2012-07-02 08:51:59 56320 ——a-w- c:\windows\system32\uexfat.dll 2012-07-02 08:50:59 523776 ——a-w- c:\windows\system32\clbcatq.dll 2012-07-02 08:49:59 82944 ——a-w- c:\windows\system32\sdchange.exe 2012-07-02 08:48:58 40960 ——a-w- c:\program files\common files\microsoft shared\ink\da\Microsoft.Ink.Resources.dll 2012-07-02 08:48:09 102400 ——a-w- c:\windows\system32\wbem\mofinstall.dll 2012-07-02 08:48:08 357888 ——a-w- c:\windows\system32\wbemcomn.dll 2012-07-02 08:47:31 129536 ——a-w- c:\windows\system32\sqmapi.dll 2012-07-02 08:47:30 139264 ——a-w- c:\windows\system32\SmiInstaller.dll 2012-07-02 08:45:14 35328 ——a-w- c:\windows\system32\mspatcha.dll 2012-07-02 08:45:14 305152 ——a-w- c:\windows\system32\msdelta.dll 2012-07-02 08:45:14 258560 ——a-w- c:\windows\system32\dpx.dll 2012-07-02 08:44:40 6656 ——a-w- c:\windows\system32\kbd106.dll 2012-07-02 06:35:56 ———— d——-w- c:\program files\AVAST Software 2012-07-02 06:35:26 ———— d——-w- c:\programdata\AVAST Software 2012-07-02 06:04:52 ———— d——-w- C:\PerfLogs 2012-07-02 05:31:28 ———— d——-w- C:\90c133aae7e1638de3 2012-06-22 08:46:12 426184 ——a-w- c:\windows\system32\FlashPlayerApp.exe . ==================== Find3M ==================== . 2012-07-04 11:43:24 161792 ——a-w- c:\windows\system32\msls31.dll 2012-07-04 11:43:23 1129472 ——a-w- c:\windows\system32\wininet.dll 2012-07-04 11:43:14 74752 ——a-w- c:\windows\system32\RegisterIEPKEYs.exe 2012-07-04 11:43:13 76800 ——a-w- c:\windows\system32\SetIEInstalledDate.exe 2012-07-04 11:43:12 48640 ——a-w- c:\windows\system32\mshtmler.dll 2012-07-04 11:43:11 86528 ——a-w- c:\windows\system32\iesysprep.dll 2012-07-04 11:43:05 63488 ——a-w- c:\windows\system32\tdc.ocx 2012-07-04 11:43:00 367104 ——a-w- c:\windows\system32\html.iec 2012-07-04 11:36:55 4096 ——a-w- c:\windows\system32\drivers\da-dk\dxgkrnl.sys.mui 2012-07-02 09:24:53 101888 ——a-w- c:\windows\system32\ifxcardm.dll 2012-07-02 09:24:48 82432 ——a-w- c:\windows\system32\axaltocm.dll 2012-06-22 08:46:12 70344 ——a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-05-31 10:25:14 237072 ———w- c:\windows\system32\MpSigStub.exe 2012-04-18 18:56:30 94208 ——a-w- c:\windows\system32\QuickTimeVR.qtx 2012-04-18 18:56:30 69632 ——a-w- c:\windows\system32\QuickTime.qts . ============= FINISH: 21:23:39,26 =============== . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-08-26.01) . Microsoft® Windows Vista™ Home Premium Boot Device: \Device\HarddiskVolume2 Install Date: 03-02-2009 16:58:23 System Uptime: 08-07-2012 17:28:07 (4 hours ago) . Motherboard: Acer \| \| Fuquene Processor: AMD Turion(tm) 64 X2 Mobile Technology TL-58 \| Socket A \| 1800/200mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 70 GiB total, 17,044 GiB free. D: is FIXED (NTFS) - 149 GiB total, 148,887 GiB free. E: is FIXED (NTFS) - 70 GiB total, 69,426 GiB free. F: is CDROM () . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP1201: 06-07-2012 21:37:44 - Installed Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 RP1202: 06-07-2012 21:43:28 - Installed OpenOffice.org 3.4 . ==== Installed Programs ====================== . 32 Bit HP CIO Components Installer Acer Arcade Deluxe Acer Crystal Eye webcam Acer eAudio Management Acer eDataSecurity Management Acer eLock Management Acer Empowering Technology Acer eNet Management Acer ePower Management Acer ePresentation Management Acer eSettings Management Acer GridVista Acer Mobility Center Plug-In Acer ScreenSaver Acer Tour Adobe Flash Player 11 ActiveX Adobe Reader 8.3.1 AIO_Scan ALPS Touch Pad Driver Apple Application Support Apple Mobile Device Support Apple Software Update Big Kahuna Reef 2 Bilka fotoservice Bonjour BufferChm C4400 C4400_Help Cake Mania Cards_Calendar_OrderGift_DoMorePlugout CCleaner (remove only) COMODO GeekBuddy COMODO Internet Security Compatibility Pack for the 2007 Office system Copy CustomerResearchQFolder Destination Component DeviceDiscovery DJ_AIO_Software DJ_AIO_Software_min DocProc DocProcQFolder Dynasty e-Logomærket til Outlook 2002-2010 e-Safekey ESET Online Scanner v3 Galapago Google Chrome Google Toolbar for Internet Explorer Google Update Helper GPBaseService GPBaseService2 HDAUDIO Soft Data Fax Modem with SmartCP Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) HP Customer Participation Program 10.0 HP Deskjet All-In-One Software 9.0 HP Imaging Device Functions 10.0 HP Photosmart C4400 All-In-One Driver Software 10.0 Rel .3 HP Photosmart Essential 2.5 HP Smart Web Printing HP Solution Center 13.0 HP Update HPPhotoSmartPhotobookWebPack1 HPProductAssistant HPSSupply iTunes Java Auto Updater Java(TM) 6 Update 33 Junk Mail filter update Launch Manager LightScribe 1.4.142.1 Lost Via Domus Luxor 2 Malwarebytes Anti-Malware version 1.61.0.1400 MarketResearch Microsoft .NET Framework 3.5 Language Pack SP1 - dan Microsoft .NET Framework 3.5 SP1 Microsoft .NET Framework 4 Client Profile Microsoft .NET Framework 4 Client Profile DAN Language Pack Microsoft .NET Framework 4 Client Profile DAN sprogpakke Microsoft Application Error Reporting Microsoft Choice Guard Microsoft Office File Validation Add-In Microsoft Office Live Add-in 1.3 Microsoft Office Small Business Edition 2003 Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Sync Framework Runtime Native v1.0 (x86) Microsoft Sync Framework Services Native v1.0 (x86) Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 MSVCRT MSVCSetup MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) Mystery Case Files - Prime Suspects Mystery Case Files Ravenhearst NTI Backup NOW! 4.7 NTI CD & DVD-Maker NVIDIA Drivers OCR Software by I.R.I.S. 10.0 OGA Notifier 2.0.0048.0 OpenOffice.org 3.4 Overførselsværktøj til Windows Live PanoStandAlone Picasa 3 PowerProducer 3.72 Project64 1.6 PS_AIO_03_C4400_ProductContext PS_AIO_03_C4400_Software PS_AIO_03_C4400_Software_Min PSSWCORE QuickTime Realtek High Definition Audio Driver RICOH R5C83x/84x Flash Media Controller Driver Ver.3.51.01 Scan Secunia PSI (3.0.0.2004) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Shop for HP Supplies Skype Click to Call Skype™ 5.8 SmartWebPrintingOC SolutionCenter Sony Ericsson PC Companion 1.60.13 Sprogpakke til Microsoft .NET Framework 3.5 SP1 - dansk Star Defender 3 Status SUPERAntiSpyware Tilmeldingsassistent til Windows Live Toolbox TrayApp Treasures of the Deep UnloadSupport Update for Microsoft .NET Framework 3.5 SP1 (KB963707) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) VideoToolkit01 VLC media player 2.0.1 WebReg Windows Live Communications Platform Windows Live Essentials Windows Live Family Safety Windows Live Mail Windows Live Messenger Windows Live Movie Maker Windows Live Photo Gallery Windows Live Sync Windows Live Writer Xfire (remove only) Zuma Deluxe . ==== End Of File ===========================
[ Ignorer ] [ # 14 ] f-arn TeamSpywarefri
09.07.2012 09:50:22 Administrator Team Spywarefri Antal indlæg: 7125	Afinstaller SUPERAntiSpyware. —————————————————— OBS OBS OBS OBS ————————————————- COMODO skal deaktiveres *før* du henter ComboFix ——— Slet den ComboFix du har, og hent en ny. Hent og gem ComboFix på dit skrivebord. <- Vigtigt Kør så ComboFix og følg anvisningerne. Da ComboFix kan konflikte med dine sikkerhedsprogrammer, er det vigtigt at du deaktiverer dem. <- Vigtigt Du bør ikke klikke på vinduet imens værktøjet kører, idet det kan få din computer til at fryse. Når ComboFix er færdig, og efter det (muligvis) har genstartet, skulle der gerne åbnes en logfil: ComboFix.txt Indholdet af denne fil må du gerne lægge herind. Den kan findes her: C:\ComboFix.txt Får du noget der ligner denne fejl. Der blev forsøgt en ugyldig handling på en registreringsdatabasenøgle, som er blevet mærket til sletning Så genstart, en gang mere, det burde løse det. Signatur Undlad venligst at vedhæfte logs, medmindre du bliver bedt om det !
[ Ignorer ] [ # 15 ] Photop
09.07.2012 10:52:26 Antal indlæg: 171	ComboFix 12-07-08.01 - Hjemme 09-07-2012 10:25:09.1.2 - x86 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.45.1030.18.2046.1127 [GMT 2:00] Kører fra: c:\users\Hjemme\Desktop\ComboFix.exe AV: COMODO Antivirus Disabled/Updated {458BB331-2324-0753-3D5F-1472EB102AC0} FW: COMODO Firewall Disabled {7DB03214-694B-060B-1600-BD4715C36DBB} SP: COMODO Defense+ Disabled/Updated {FEEA52D5-051E-08DD-07EF-2F009097607D} SP: Windows Defender Disabled/Updated {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((((( Andet, der er slettet ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\drv\TVtuner\Liteon\Resources\_desktop.ini c:\users\Hjemme\AppData\Local\assembly\tmp c:\windows\Installer\{4a7f59f7-3c11-88e8-767a-d1c334613446}\@ c:\windows\Installer\{4a7f59f7-3c11-88e8-767a-d1c334613446}\L\00000004.@ c:\windows\Installer\{4a7f59f7-3c11-88e8-767a-d1c334613446}\U\00000004.@ c:\windows\Installer\{4a7f59f7-3c11-88e8-767a-d1c334613446}\U\000000cb.@ c:\windows\system32\fg5IB.vbs D:\install.exe . . ((((((((((((((((((((((((((((( Filer skabt fra 2012-06-09 til 2012-07-09 ))))))))))))))))))))))))))))))))))) . . 2012-07-08 17:48 . 2012-05-31 03:41 6762896 ——a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{2ABEC6C4-7E13-4A07-9F79-D0B4FEF7D0DA}\mpengine.dll 2012-07-08 05:56 . 2012-07-08 05:56 ———— d——-w- C:\FRST 2012-07-07 04:53 . 2012-07-07 04:53 ———— d——-w- C:\VritualRoot 2012-07-06 19:19 . 2012-07-06 19:21 ———— d——-w- c:\users\Hjemme\AppData\Roaming\HpUpdate 2012-07-06 19:19 . 2012-07-06 19:19 ———— d——-w- c:\windows\Hewlett-Packard 2012-07-06 19:06 . 2012-07-06 19:06 159744 ——a-w- c:\program files\Internet Explorer\Plugins\npqtplugin7.dll 2012-07-06 19:06 . 2012-07-06 19:06 159744 ——a-w- c:\program files\Internet Explorer\Plugins\npqtplugin6.dll 2012-07-06 19:06 . 2012-07-06 19:06 159744 ——a-w- c:\program files\Internet Explorer\Plugins\npqtplugin5.dll 2012-07-06 19:06 . 2012-07-06 19:06 159744 ——a-w- c:\program files\Internet Explorer\Plugins\npqtplugin4.dll 2012-07-06 19:06 . 2012-07-06 19:06 159744 ——a-w- c:\program files\Internet Explorer\Plugins\npqtplugin3.dll 2012-07-06 19:06 . 2012-07-06 19:06 159744 ——a-w- c:\program files\Internet Explorer\Plugins\npqtplugin2.dll 2012-07-06 19:06 . 2012-07-06 19:06 159744 ——a-w- c:\program files\Internet Explorer\Plugins\npqtplugin.dll 2012-07-06 19:05 . 2012-07-06 19:06 ———— d——-w- c:\program files\QuickTime 2012-07-06 17:20 . 2012-07-06 17:20 ———— d——-w- c:\program files\iPod 2012-07-06 17:20 . 2012-07-06 17:22 ———— d——-w- c:\programdata\{429CAD59-35B1-4DBC-BB6D-1DB246563521} 2012-07-06 17:20 . 2012-07-06 17:22 ———— d——-w- c:\program files\iTunes 2012-07-05 23:44 . 2012-07-05 23:44 ———— d——-w- c:\program files\Apple Software Update 2012-07-05 23:43 . 2012-07-05 23:43 ———— d——-w- c:\program files\Bonjour 2012-07-05 23:25 . 2012-07-05 23:25 ———— d——-w- c:\users\Hjemme\AppData\Local\Secunia PSI 2012-07-05 23:22 . 2012-07-05 23:22 ———— d——-w- c:\program files\Secunia 2012-07-05 22:56 . 2012-07-05 22:56 ———— d——-w- c:\program files\Common Files\Java 2012-07-05 22:55 . 2012-07-05 22:55 476936 ——a-w- c:\windows\system32\npdeployJava1.dll 2012-07-05 22:55 . 2012-07-05 22:55 472840 ——a-w- c:\windows\system32\deployJava1.dll 2012-07-05 22:48 . 2012-07-05 22:48 ———— d——-w- c:\programdata\McAfee 2012-07-05 20:58 . 2011-03-12 21:55 876032 ——a-w- c:\windows\system32\XpsPrint.dll 2012-07-05 20:58 . 2012-03-01 14:46 219648 ——a-w- c:\windows\system32\d3d10_1core.dll 2012-07-05 20:58 . 2012-03-01 14:46 160768 ——a-w- c:\windows\system32\d3d10_1.dll 2012-07-05 20:58 . 2012-02-29 14:08 1172480 ——a-w- c:\windows\system32\d3d10warp.dll 2012-07-05 20:58 . 2012-02-29 13:44 683008 ——a-w- c:\windows\system32\d2d1.dll 2012-07-05 20:58 . 2012-02-29 13:41 1069056 ——a-w- c:\windows\system32\DWrite.dll 2012-07-04 22:06 . 2012-07-04 22:06 ———— d——-w- c:\program files\Windows Portable Devices 2012-07-04 12:26 . 2009-09-10 02:00 92672 ——a-w- c:\windows\system32\UIAnimation.dll 2012-07-04 12:26 . 2009-09-10 02:00 1164800 ——a-w- c:\windows\system32\UIRibbonRes.dll 2012-07-04 12:26 . 2009-09-10 02:01 3023360 ——a-w- c:\windows\system32\UIRibbon.dll 2012-07-04 12:03 . 2012-02-29 15:11 5120 ——a-w- c:\windows\system32\wmi.dll 2012-07-04 12:03 . 2012-02-29 15:11 172032 ——a-w- c:\windows\system32\wintrust.dll 2012-07-04 12:03 . 2012-02-29 15:09 157696 ——a-w- c:\windows\system32\imagehlp.dll 2012-07-04 12:03 . 2012-02-29 13:32 12800 ——a-w- c:\windows\system32\drivers\fs_rec.sys 2012-07-04 11:40 . 2012-07-04 11:40 979456 ——a-w- c:\windows\system32\MFH264Dec.dll 2012-07-04 11:40 . 2012-07-04 11:40 357376 ——a-w- c:\windows\system32\MFHEAACdec.dll 2012-07-04 11:40 . 2012-07-04 11:40 302592 ——a-w- c:\windows\system32\mfmp4src.dll 2012-07-04 11:40 . 2012-07-04 11:40 261632 ——a-w- c:\windows\system32\mfreadwrite.dll 2012-07-04 11:40 . 2012-07-04 11:40 2873344 ——a-w- c:\windows\system32\mf.dll 2012-07-04 11:40 . 2012-07-04 11:40 98816 ——a-w- c:\windows\system32\mfps.dll 2012-07-04 11:40 . 2012-07-04 11:40 209920 ——a-w- c:\windows\system32\mfplat.dll 2012-07-04 11:40 . 2012-07-04 11:40 586240 ——a-w- c:\windows\system32\stobject.dll 2012-07-04 11:39 . 2012-07-04 11:39 135680 ——a-w- c:\windows\system32\XpsRasterService.dll 2012-07-04 11:39 . 2012-07-04 11:39 486400 ——a-w- c:\windows\system32\d3d10level9.dll 2012-07-04 11:39 . 2012-07-04 11:39 189952 ——a-w- c:\windows\system32\d3d10core.dll 2012-07-04 11:39 . 2012-07-04 11:39 478720 ——a-w- c:\windows\system32\dxgi.dll 2012-07-04 11:39 . 2012-07-04 11:39 1029120 ——a-w- c:\windows\system32\d3d10.dll 2012-07-04 11:39 . 2012-07-04 11:39 638336 ——a-w- c:\windows\system32\drivers\dxgkrnl.sys 2012-07-04 11:39 . 2012-07-04 11:39 37376 ——a-w- c:\windows\system32\cdd.dll 2012-07-04 11:39 . 2012-07-04 11:39 258048 ——a-w- c:\windows\system32\winspool.drv 2012-07-04 11:39 . 2012-07-04 11:39 667648 ——a-w- c:\windows\system32\printfilterpipelinesvc.exe 2012-07-04 11:39 . 2012-07-04 11:39 26112 ——a-w- c:\windows\system32\printfilterpipelineprxy.dll 2012-07-04 11:39 . 2012-07-04 11:39 847360 ——a-w- c:\windows\system32\OpcServices.dll 2012-07-04 11:39 . 2012-07-04 11:39 1554432 ——a-w- c:\windows\system32\xpsservices.dll 2012-07-04 11:36 . 2012-07-04 11:36 369664 ——a-w- c:\windows\system32\WMPhoto.dll 2012-07-04 11:36 . 2012-07-04 11:36 252928 ——a-w- c:\windows\system32\dxdiag.exe 2012-07-04 11:36 . 2012-07-04 11:36 195584 ——a-w- c:\windows\system32\dxdiagn.dll 2012-07-04 11:36 . 2012-07-04 11:36 519680 ——a-w- c:\windows\system32\d3d11.dll 2012-07-04 11:36 . 2012-07-04 11:36 321024 ——a-w- c:\windows\system32\PhotoMetadataHandler.dll 2012-07-04 11:36 . 2012-07-04 11:36 189440 ——a-w- c:\windows\system32\WindowsCodecsExt.dll 2012-07-04 11:36 . 2012-07-04 11:36 974848 ——a-w- c:\windows\system32\WindowsCodecs.dll 2012-07-04 09:58 . 2012-04-23 16:00 984064 ——a-w- c:\windows\system32\crypt32.dll 2012-07-04 09:58 . 2012-04-23 16:00 98304 ——a-w- c:\windows\system32\cryptnet.dll 2012-07-04 09:58 . 2012-04-23 16:00 133120 ——a-w- c:\windows\system32\cryptsvc.dll 2012-07-04 09:58 . 2011-07-29 16:01 293376 ——a-w- c:\windows\system32\psisdecd.dll 2012-07-04 09:58 . 2011-07-29 16:01 217088 ——a-w- c:\windows\system32\psisrndr.ax 2012-07-04 09:58 . 2011-07-29 16:00 57856 ——a-w- c:\windows\system32\MSDvbNP.ax 2012-07-04 09:58 . 2011-07-29 16:00 69632 ——a-w- c:\windows\system32\Mpeg2Data.ax 2012-07-04 09:58 . 2011-10-14 16:03 189952 ——a-w- c:\windows\system32\winmm.dll 2012-07-04 09:58 . 2011-10-14 16:00 23552 ——a-w- c:\windows\system32\mciseq.dll 2012-07-04 09:58 . 2011-11-18 20:23 1205064 ——a-w- c:\windows\system32\ntdll.dll 2012-07-04 09:56 . 2011-10-25 15:56 49152 ——a-w- c:\windows\system32\csrsrv.dll 2012-07-04 09:56 . 2011-10-25 15:58 1314816 ——a-w- c:\windows\system32\quartz.dll 2012-07-04 09:56 . 2011-10-25 15:58 497152 ——a-w- c:\windows\system32\qdvd.dll 2012-07-04 09:56 . 2011-11-16 16:23 278528 ——a-w- c:\windows\system32\schannel.dll 2012-07-04 09:56 . 2011-11-17 06:48 440192 ——a-w- c:\windows\system32\drivers\ksecdd.sys 2012-07-04 09:56 . 2011-11-16 16:23 377344 ——a-w- c:\windows\system32\winhttp.dll 2012-07-04 09:56 . 2011-11-16 16:23 72704 ——a-w- c:\windows\system32\secur32.dll 2012-07-04 09:56 . 2011-11-16 16:21 1259008 ——a-w- c:\windows\system32\lsasrv.dll 2012-07-04 09:56 . 2011-11-16 14:12 9728 ——a-w- c:\windows\system32\lsass.exe 2012-07-04 09:56 . 2011-11-08 14:42 2048 ——a-w- c:\windows\system32\tzres.dll 2012-07-04 09:55 . 2012-03-01 11:01 2409784 ——a-w- c:\program files\Windows Mail\OESpamFilter.dat 2012-07-04 09:55 . 2011-08-25 16:15 555520 ——a-w- c:\windows\system32\UIAutomationCore.dll 2012-07-04 09:55 . 2011-08-25 16:14 563712 ——a-w- c:\windows\system32\oleaut32.dll 2012-07-04 09:55 . 2011-08-25 16:14 238080 ——a-w- c:\windows\system32\oleacc.dll 2012-07-04 09:55 . 2011-08-25 13:31 4096 ——a-w- c:\windows\system32\oleaccrc.dll 2012-07-04 09:55 . 2012-05-01 14:03 180736 ——a-w- c:\windows\system32\drivers\rdpwd.sys 2012-07-04 09:55 . 2012-05-15 19:51 2045440 ——a-w- c:\windows\system32\win32k.sys 2012-07-04 09:55 . 2012-04-03 08:16 3550080 ——a-w- c:\windows\system32\ntoskrnl.exe 2012-07-04 09:55 . 2012-04-03 08:16 3602816 ——a-w- c:\windows\system32\ntkrnlpa.exe 2012-07-04 09:55 . 2011-09-30 15:57 707584 ——a-w- c:\program files\Common Files\System\wab32.dll 2012-07-04 09:37 . 2012-01-09 15:54 613376 ——a-w- c:\windows\system32\rdpencom.dll 2012-07-04 09:24 . 2012-06-02 22:19 53784 ——a-w- c:\windows\system32\wuauclt.exe 2012-07-04 09:24 . 2012-06-02 22:19 45080 ——a-w- c:\windows\system32\wups2.dll 2012-07-04 09:24 . 2012-06-02 22:19 1933848 ——a-w- c:\windows\system32\wuaueng.dll 2012-07-04 09:24 . 2012-06-02 22:12 2422272 ——a-w- c:\windows\system32\wucltux.dll 2012-07-04 09:23 . 2012-06-02 22:19 35864 ——a-w- c:\windows\system32\wups.dll 2012-07-04 09:23 . 2012-06-02 22:19 577048 ——a-w- c:\windows\system32\wuapi.dll 2012-07-04 09:23 . 2012-06-02 22:12 88576 ——a-w- c:\windows\system32\wudriver.dll 2012-07-04 09:23 . 2012-06-02 13:19 171904 ——a-w- c:\windows\system32\wuwebv.dll 2012-07-04 09:23 . 2012-06-02 13:12 33792 ——a-w- c:\windows\system32\wuapp.exe 2012-07-04 05:35 . 2012-07-04 05:36 ———— d——-w- c:\program files\Malwarebytes’ Anti-Malware 2012-07-04 05:35 . 2012-04-04 13:56 22344 ——a-w- c:\windows\system32\drivers\mbam.sys 2012-07-03 21:17 . 2012-07-03 21:17 ———— d——-w- c:\program files\ESET 2012-07-03 20:33 . 2012-07-03 20:34 ———— d——-w- c:\windows\system32\ca-ES 2012-07-03 20:33 . 2012-07-03 20:34 ———— d——-w- c:\windows\system32\eu-ES 2012-07-03 20:33 . 2012-07-03 20:34 ———— d——-w- c:\windows\system32\vi-VN 2012-07-03 19:53 . 2012-07-03 19:53 ———— d——-w- c:\windows\system32\EventProviders 2012-07-03 17:02 . 2008-05-27 04:59 18904 ——a-w- c:\windows\system32\StructuredQuerySchemaTrivial.bin 2012-07-03 16:46 . 2009-11-08 08:55 99176 ——a-w- c:\windows\system32\PresentationHostProxy.dll 2012-07-03 16:46 . 2009-11-08 08:55 49472 ——a-w- c:\windows\system32\netfxperf.dll 2012-07-03 16:46 . 2009-11-08 08:55 297808 ——a-w- c:\windows\system32\mscoree.dll 2012-07-03 16:46 . 2009-11-08 08:55 295264 ——a-w- c:\windows\system32\PresentationHost.exe 2012-07-03 16:46 . 2009-11-08 08:55 1130824 ——a-w- c:\windows\system32\dfshim.dll 2012-07-03 16:41 . 2009-10-09 21:56 2048 ——a-w- c:\windows\system32\winrsmgr.dll 2012-07-03 16:41 . 2009-10-09 21:56 12800 ——a-w- c:\windows\system32\wsmprovhost.exe 2012-07-03 16:41 . 2009-10-09 21:56 20480 ——a-w- c:\windows\system32\winrshost.exe 2012-07-03 16:41 . 2009-10-09 21:56 40448 ——a-w- c:\windows\system32\winrs.exe 2012-07-03 16:41 . 2009-10-09 21:56 10240 ——a-w- c:\windows\system32\wsmplpxy.dll 2012-07-03 16:41 . 2009-10-09 21:56 10240 ——a-w- c:\windows\system32\winrssrv.dll 2012-07-03 16:41 . 2009-10-09 21:56 41472 ——a-w- c:\windows\system32\pwrshplugin.dll . . (((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-07-04 11:36 . 2012-07-04 11:36 4096 ——a-w- c:\windows\system32\drivers\da-DK\dxgkrnl.sys.mui 2012-07-02 09:24 . 2006-11-02 10:32 101888 ——a-w- c:\windows\system32\ifxcardm.dll 2012-07-02 09:24 . 2006-11-02 10:32 82432 ——a-w- c:\windows\system32\axaltocm.dll 2012-06-22 08:46 . 2011-12-28 13:36 70344 ——a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-05-31 10:25 . 2009-10-03 19:54 237072 ———w- c:\windows\system32\MpSigStub.exe 2012-04-18 18:56 . 2012-04-18 18:56 94208 ——a-w- c:\windows\system32\QuickTimeVR.qtx 2012-04-18 18:56 . 2012-04-18 18:56 69632 ——a-w- c:\windows\system32\QuickTime.qts . . ((((((((((((((((((((((((((((((((((( Start steder i reg.basen )))))))))))))))))))))))))))))))))))))))))))))))) . . Bemærk tomme linier & lovlige standard linier vises ikke REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] “ehTray.exe”=“c:\windows\ehome\ehTray.exe” [2008-01-19 125952] “WMPNSCFG”=“c:\program files\Windows Media Player\WMPNSCFG.exe” [2008-01-19 202240] “swg”=“c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe” [2010-05-23 39408] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] “RtHDVCpl”=“RtHDVCpl.exe” [2007-05-18 4468736] “eDataSecurity Loader”=“c:\acer\Empowering Technology\eDataSecurity\eDSloader.exe” [2007-04-25 457216] “eAudio”=“c:\acer\Empowering Technology\eAudio\eAudio.exe” [2007-06-11 1286144] “LManager”=“c:\progra~1\LAUNCH~1\LManager.exe” [2007-06-27 752136] “WarReg_PopUp”=“c:\acer\WR_PopUp\WarReg_PopUp.exe” [2006-11-05 57344] “Apoint”=“c:\program files\Apoint2K\Apoint.exe” [2007-06-06 159744] “Acer Tour Reminder”=“c:\acer\AcerTour\Reminder.exe” [2007-05-22 151552] “Skytel”=“Skytel.exe” [2007-05-18 1826816] “NvSvc”=“c:\windows\system32\nvsvc.dll” [2007-06-06 86016] “NvCplDaemon”=“c:\windows\system32\NvCpl.dll” [2007-06-06 8433664] “NvMediaCenter”=“c:\windows\system32\NvMcTray.dll” [2007-06-06 81920] “CPA”=“c:\program files\COMODO\COMODO GeekBuddy\VALA.exe” [2011-11-23 182584] “COMODO Internet Security”=“c:\program files\COMODO\COMODO Internet Security\cfp.exe” [2012-03-11 6749512] “SunJavaUpdateSched”=“c:\program files\Common Files\Java\Java Update\jusched.exe” [2012-01-18 254696] “APSDaemon”=“c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe” [2012-05-30 59280] “iTunesHelper”=“c:\program files\iTunes\iTunesHelper.exe” [2012-06-07 421776] “QuickTime Task”=“c:\program files\QuickTime\QTTask.exe” [2012-04-18 421888] “Adobe Reader Speed Launcher”=“c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe” [2011-08-31 40368] “Adobe ARM”=“c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe” [2011-03-29 937920] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] “Acer Tour Reminder”=“c:\acer\AcerTour\Reminder.exe” [2007-05-22 151552] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Secunia PSI Tray.lnk - c:\program files\Secunia\PSI\psi_tray.exe [2012-6-27 572000] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] “ConsentPromptBehaviorAdmin”= 0 (0x0) “EnableUIADesktopToggle”= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer] “EnableShellExecuteHooks”= 1 (0x1) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] “AppInit_DLLs”=c:\windows\System32\guard32.dll . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CLPSLS] @=“Service” . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @=“Driver” . [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk] path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk backup=c:\windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup backupExtension=.CommonStartup . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] 2011-08-31 01:57 40368 ——a-w- c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\COMODO] 2011-11-23 10:27 208184 ——a-w- c:\program files\COMODO\COMODO GeekBuddy\CLPSLA.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpqSRMon] 2007-08-22 15:31 80896 ——a-w- c:\program files\HP\Digital Imaging\bin\HpqSRmon.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] 2012-06-07 17:33 421776 ——a-w- c:\program files\iTunes\iTunesHelper.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PlayMovie] 2007-05-24 12:38 206952 ———w- c:\program files\Acer Arcade Deluxe\Play Movie\PMVService.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] 2012-04-18 18:56 421888 ——a-w- c:\program files\QuickTime\QTTask.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Companion] 2009-12-08 12:51 774144 ——a-w- c:\program files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg] 2010-05-23 12:04 39408 ——a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] “DisableMonitoring”=dword:00000001 . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] “DisableMonitoring”=dword:00000001 . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] “DisableMonitoring”=dword:00000001 . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc] “FirewallOverride”=dword:00000001 . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache . Indhold af mappen ‘Planlagte Opgaver’ . 2012-07-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-05-27 13:50] . 2012-07-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-05-27 13:50] . . ———- Yderligere scanning———- . uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7 uStart Page = hxxp://da.intl.acer.yahoo.com/ uDefault_Search_URL = hxxp://www.google.com/ie mStart Page = hxxp://da.intl.acer.yahoo.com uInternet Settings,ProxyOverride = .local uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: Add to Google Photos Screensa&ver; - c:\windows\system32\GPhotos.scr/200 Trusted Zone: danskebank.dk Trusted Zone: stinescenter.dk TCP: DhcpNameServer = 192.168.1.1 DPF: {888078C6-70B2-4F88-8EE7-1F50DDEA6120} - hxxps://as.photoprintit.de/ips-opdata/activex/ImageUploader6.cab . - - - - TOMME GENVEJE FJERNET - - - - . URLSearchHooks-{687578b9-7132-4a7a-80e4-30ee31099e03} - (no file) WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file) WebBrowser-{687578B9-7132-4A7A-80E4-30EE31099E03} - (no file) HKLM-Run-Acer Tour - (no file) HKLM-Run-eRecoveryService - (no file) ShellExecuteHooks-{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - c:\program files\SUPERAntiSpyware\SASSEH.DLL Notify-!SASWinLogon - c:\program files\SUPERAntiSpyware\SASWINLO.DLL MSConfigStartUp-HP Software Update - c:\program files\HP\HP Software Update\HPWuSchd2.exe MSConfigStartUp-Symantec PIF AlertEng - c:\program files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe . . . *********************************************************************** scanner skjulte processer ... . scanner skjulte autostarter ... . scanner skjulte filer ... . scanning gennemført med succes skjulte filer: . ********************************************************************** . [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\{49DE1C67-83F8-4102-99E0-C16DCC7EEC796}] “ImagePath”=”\??\c:\program files\Acer Arcade Deluxe\Play Movie\000.fcl” . ——————————- LÅSTE REGISTRERINGS NØGLER——————————- . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) “BlindDial”=dword:00000000 . ——————————- DLLs startet under kørende Processer——————————- . - - - - - - - > ‘lsass.exe’(732) c:\windows\system32\guard32.dll . - - - - - - - > ‘Explorer.exe’(792) c:\windows\system32\guard32.dll . ————————————Andre kørende processer———————————— . c:\program files\COMODO\COMODO GeekBuddy\CLPSLS.exe c:\program files\COMODO\COMODO Internet Security\cmdagent.exe c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe c:\program files\Bonjour\mDNSResponder.exe c:\acer\Empowering Technology\eDataSecurity\eDSService.exe c:\acer\Empowering Technology\eLock\Service\eLockServ.exe c:\acer\Empowering Technology\eNet\eNet Service.exe c:\program files\Common Files\LightScribe\LSSrvc.exe c:\acer\Mobility Center\MobilityService.exe c:\program files\CyberLink\Shared Files\RichVideo.exe c:\program files\Secunia\PSI\PSIA.exe c:\windows\system32\DRIVERS\xaudio.exe c:\acer\Empowering Technology\eRecovery\eRecoveryService.exe c:\acer\Empowering Technology\eSettings\Service\capuserv.exe c:\acer\Empowering Technology\ePower\ePowerSvc.exe c:\windows\system32\wbem\unsecapp.exe c:\windows\system32\conime.exe c:\windows\servicing\TrustedInstaller.exe . ************************************************************************ . Gennemført tid: 2012-07-09 10:47:39 - maskinen blev genstartet ComboFix-quarantined-files.txt 2012-07-09 08:46 . Pre-Kørsel: 17.365.823.488 byte ledig Post-Kørsel: 17.315.340.288 byte ledig . - - End Of File - - 07D919E0CF1DA413EE09610E869E915C

1 af 3

Næste