Just nu i M3-nätverket
Gå till innehåll

oxå problem med sweet-page


BeSon

Rekommendera Poster

Hej på forumet.

Min frus burk har oxå fått nämnda sida som start, skit jobbigt när jag använder hennes dator.

Men så kan hon inte ha det, burken en acer 5315 med xp, F-secure från IDG och bakom Dir 635.

Har läst hur ni rekommenderar så här kommmer dds.txt och attach.txt.

 

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 8.0.6001.18702
Run by Gull-Britt at 12:38:44 on 2014-02-02
Microsoft Windows XP Home Edition  5.1.2600.3.1252.46.1053.18.1014.437 [GMT 1:00]
.
AV: Computer Security *Enabled/Updated* {E7512ED5-4245-4B4D-AF3A-382D3F313F15}
.
============== Running Processes ================
.
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program\F-Secure\fshoster32.exe
C:\Program\F-Secure\apps\ComputerSecurity\Common\FSM32.EXE
C:\Program\Canon\MyPrinter\BJMyPrt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program\Personal\bin\Personal.exe
C:\Program\stickies\stickies.exe
C:\WINDOWS\system32\agrsmsvc.exe
C:\Program\F-Secure\fshoster32.exe
C:\Program\F-Secure\apps\CCF_Reputation\fsorsp.exe
C:\Program\F-Secure\apps\ComputerSecurity\Anti-Virus\FSGK32.EXE
C:\Program\Delade filer\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\alg.exe
C:\Program\F-Secure\apps\ComputerSecurity\Common\FSMA32.EXE
C:\Program\F-Secure\apps\ComputerSecurity\Anti-Virus\fssm32.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program\Internet Explorer\iexplore.exe
C:\Program\Internet Explorer\iexplore.exe
C:\Program\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxps://www.google.se/
uDefault_Page_URL = hxxp://www.sweet-page.com/?type=hp&ts=1389280838&from=cor&uid=HitachiXHTS541680J9SA00_SB2241KGE7ZKXEE7ZKXEX
mStart Page = hxxp://www.sweet-page.com/?type=hp&ts=1389280838&from=cor&uid=HitachiXHTS541680J9SA00_SB2241KGE7ZKXEE7ZKXEX
mSearch Page = hxxp://www.sweet-page.com/web/?type=ds&ts=1389280838&from=cor&uid=HitachiXHTS541680J9SA00_SB2241KGE7ZKXEE7ZKXEX&q={searchTerms}
mDefault_Page_URL = hxxp://www.sweet-page.com/?type=hp&ts=1389280838&from=cor&uid=HitachiXHTS541680J9SA00_SB2241KGE7ZKXEE7ZKXEX
mDefault_Search_URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1389280838&from=cor&uid=HitachiXHTS541680J9SA00_SB2241KGE7ZKXEE7ZKXEX&q={searchTerms}
mSearchAssistant = hxxp://www.sweet-page.com/web/?type=ds&ts=1389280838&from=cor&uid=HitachiXHTS541680J9SA00_SB2241KGE7ZKXEE7ZKXEX&q={searchTerms}
mCustomizeSearch = hxxp://www.sweet-page.com/web/?type=ds&ts=1389280838&from=cor&uid=HitachiXHTS541680J9SA00_SB2241KGE7ZKXEE7ZKXEX&q={searchTerms}
BHO: F-Secure Online Safety: {45BBE08D-81C5-4A67-AF20-B2A077C67747} - c:\program\f-secure\apps\onlinesafety\browser\install\fs_ie_https\fs_ie_https.dll
uRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe
uRun: [NextLive] c:\windows\system32\rundll32.exe "c:\documents and settings\gull-britt\application data\newnext.me\nengine.dll",EntryPoint -m l
mRun: [igfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [F-Secure Hoster (666)] "c:\program\f-secure\fshoster32.exe" -app -hosterid:1
mRun: [F-Secure Manager] "c:\program\f-secure\apps\computersecurity\common\FSM32.EXE" /splash
mRun: [CanonMyPrinter] c:\program\canon\myprinter\BJMyPrt.exe /logon
mRun: [CanonSolutionMenu] c:\program\canon\solutionmenu\CNSLMAIN.exe /logon
mRun: [Adobe ARM] "c:\program\delade filer\adobe\arm\1.0\AdobeARM.exe"
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
StartupFolder: c:\docume~1\gull-b~1\start-~1\program\autost~1\stickies.lnk - c:\program\stickies\stickies.exe
StartupFolder: c:\docume~1\alluse~1\start-~1\program\autost~1\bankid~1.lnk - c:\program\personal\bin\Personal.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: E&xportera till Microsoft Excel - d:\office11\EXCEL.EXE/3000
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program\messenger\msmsgs.exe
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1386184319718
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{13D8313D-669E-46DB-B436-C072DE7789A6} : DHCPNameServer = 192.168.0.1
Notify: igfxcui - igfxdev.dll
AppInit_DLLs= 
.
============= SERVICES / DRIVERS ===============
.
R0 fsbts;fsbts;c:\windows\system32\drivers\fsbts.sys [2013-12-4 44240]
R1 F-Secure HIPS;F-Secure HIPS Driver;c:\program\f-secure\apps\computersecurity\hips\drivers\fshs.sys [2013-12-11 73328]
R2 fshoster;F-Secure Dll Hoster;c:\program\f-secure\fshoster32.exe -hosterid:0 --> c:\program\f-secure\fshoster32.exe -hosterid:0 [?]
R2 FSORSPClient;F-Secure ORSP Client;c:\program\f-secure\apps\ccf_reputation\fsorsp.exe [2013-6-10 60352]
R3 F-Secure Gatekeeper;F-Secure Gatekeeper;c:\program\f-secure\apps\computersecurity\anti-virus\minifilter\fsgk.sys [2013-12-4 146472]
R3 fsni;fsni;c:\program\f-secure\apps\ccf_scanning\fsnixp32.sys [2013-7-3 50112]
R3 fsnitdi;fsnitdi;c:\program\f-secure\apps\ccf_scanning\fsnitdi32.sys [2013-7-3 24000]
.
=============== Created Last 30 ================
.
2014-01-09 15:23:18 -------- d-----w- c:\program\Mobogenie
2014-01-09 15:21:02 -------- d-----w- c:\documents and settings\all users\application data\WPM
2014-01-09 15:04:10 315392 ----a-w- c:\windows\HideWin.exe
2014-01-09 15:04:05 32768 ----a-w- c:\program\delade filer\installshield\professional\runtime\Objectps.dll
2014-01-09 15:04:00 204800 ----a-w- c:\program\delade filer\installshield\professional\runtime\11\50\intel32\iuser.dll
2014-01-09 15:03:58 274432 ----a-w- c:\program\delade filer\installshield\professional\runtime\11\50\intel32\iscript.dll
2014-01-09 15:03:57 69715 ----a-w- c:\program\delade filer\installshield\professional\runtime\11\50\intel32\ctor.dll
2014-01-09 15:03:53 757760 ----a-w- c:\program\delade filer\installshield\professional\runtime\11\50\intel32\iKernel.dll
2014-01-09 15:03:32 200836 ----a-w- c:\program\delade filer\installshield\professional\runtime\11\50\intel32\iGdi.dll
2014-01-09 15:03:09 331908 ----a-w- c:\program\delade filer\installshield\professional\runtime\11\50\intel32\setup.dll
2014-01-09 15:03:09 -------- d-----w- c:\program\delade filer\InstallShield
2014-01-08 17:01:55 -------- d-----w- c:\documents and settings\gull-britt\.android
2014-01-08 17:01:46 -------- d-----w- c:\documents and settings\gull-britt\application data\newnext.me
.
==================== Find3M  ====================
.
2014-02-02 10:38:18 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-02-02 10:38:18 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-12-06 10:10:35 558 ----a-w- c:\windows\uninstallstickies.bat
2013-12-04 20:15:55 44240 ----a-w- c:\windows\system32\drivers\fsbts.sys
2013-11-27 20:21:06 40960 ----a-w- c:\windows\system32\drivers\ndproxy.sys
2013-11-13 03:00:06 150528 ----a-w- c:\windows\system32\imagehlp.dll
2013-11-07 05:38:05 591360 ----a-w- c:\windows\system32\rpcrt4.dll
2013-11-06 01:36:45 7168 ----a-w- c:\windows\system32\xpsp4res.dll
.
============= FINISH: 12:39:20,84 ===============

 

Hoppas det blev rätt

Bertil

attach.txt

Länk till kommentar
Dela på andra webbplatser

Hej Bertil!

 

Spara AdwCleaner av Xplode på Skrivbordet: http://general-changelog-team.fr/fr/downloads/finish/20-outils-de-xplode/2-adwcleaner

 

Stäng alla program, inklusive webbläsare.

Dubbelklicka på AdwCleaner för att starta programmet.

 

Klicka på Scan-knappen.

Vänta tills sökningen är klar.

Klicka på Report-knappen.

En rapport kommer upp, kopiera innehållet och klistra in i ditt svar.

Om rapporten inte kommer upp, så finns den även som C:\AdwCleaner[R0].txt

Länk till kommentar
Dela på andra webbplatser

Hej.

Är det denna?

 

# AdwCleaner v3.018 - Report created 02/02/2014 at 20:57:11

# Updated 28/01/2014 by Xplode

# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)

# Username : Gull-Britt - GBS_HIMMABURK

# Running from : C:\Documents and Settings\Gull-Britt\Skrivbord\adwcleaner.exe

# Option : Scan

 

***** [ Services ] *****

 

 

***** [ Files / Folders ] *****

 

Folder Found C:\Documents and Settings\All Users\Application Data\BonanzaDealsLive

Folder Found C:\Documents and Settings\Gull-Britt\Lokala inställningar\Application Data\BonanzaDealsLive

Folder Found C:\Documents and Settings\Gull-Britt\Mina dokument\optimizer pro

 

***** [ Shortcuts ] *****

 

Shortcut Found : C:\Documents and Settings\Gull-Britt\Start-meny\Program\Internet Explorer.lnk ( hxxp://www.sweet-page.com/?type=sc&ts=1389280838&from=cor&uid=HitachiXHTS541680J9SA00_SB2241KGE7ZKXEE7ZKXEX )

Shortcut Found : C:\Documents and Settings\Gull-Britt\Start-meny\Program\Tillbehör\Systemverktyg\Internet Explorer (inga tillägg).lnk ( hxxp://www.sweet-page.com/?type=sc&ts=1389280838&from=cor&uid=HitachiXHTS541680J9SA00_SB2241KGE7ZKXEE7ZKXEX )

Shortcut Found : C:\Documents and Settings\Gull-Britt\Application Data\Microsoft\Internet Explorer\Quick Launch\Starta webbläsaren Internet Explorer.lnk ( hxxp://www.sweet-page.com/?type=sc&ts=1389280838&from=cor&uid=HitachiXHTS541680J9SA00_SB2241KGE7ZKXEE7ZKXEX )

 

***** [ Registry ] *****

 

Data Found : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command [(Default)] - C:\Program\Internet Explorer\iexplore.exe hxxp://www.sweet-page.com/?type=sc&ts=1389280838&from=cor&uid=HitachiXHTS541680J9SA00_SB2241KGE7ZKXEE7ZKXEX

Key Found : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}

Key Found : HKCU\Software\BonanzaDealsLive

Key Found : HKCU\Software\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff

Key Found : HKCU\Software\InstallCore

Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}

Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3004627E-F8E9-4E8B-909D-316753CBA923}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FE063412-BEA4-4D76-8ED3-183BE6220D17}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3004627E-F8E9-4E8B-909D-316753CBA923}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FE063412-BEA4-4D76-8ED3-183BE6220D17}

Key Found : HKCU\Software\UpdateStar

Key Found : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}

Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff

Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}

Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}

Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\BonanzaDealsLive.exe

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Optimizer Pro_is1

Key Found : HKLM\Software\mysearchdial

 

***** [ Browsers ] *****

 

-\\ Internet Explorer v8.0.6001.18702

 

Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://www.sweet-page.com/?type=hp&ts=1389280838&from=cor&uid=HitachiXHTS541680J9SA00_SB2241KGE7ZKXEE7ZKXEX

Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://www.sweet-page.com/?type=hp&ts=1389280838&from=cor&uid=HitachiXHTS541680J9SA00_SB2241KGE7ZKXEE7ZKXEX

Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://www.sweet-page.com/web/?type=ds&ts=1389280838&from=cor&uid=HitachiXHTS541680J9SA00_SB2241KGE7ZKXEE7ZKXEX&q={searchTerms}

Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [search Page] - hxxp://www.sweet-page.com/web/?type=ds&ts=1389280838&from=cor&uid=HitachiXHTS541680J9SA00_SB2241KGE7ZKXEE7ZKXEX&q={searchTerms}

Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [start Page] - hxxp://www.sweet-page.com/?type=hp&ts=1389280838&from=cor&uid=HitachiXHTS541680J9SA00_SB2241KGE7ZKXEE7ZKXEX

Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs] - hxxp://start.mysearchdial.com/?f=2&a=irmsd0101&cd=2XzuyEtN2Y1L1QzutDtDtC0BtAzzyC0CtA0CyCyBtCzytD0CtN0D0Tzu0CyByEtDtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1Czu1L1C1H1B1QtDtCtDtC&cr=418226373&ir=

Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [searchAssistant] - hxxp://www.sweet-page.com/web/?type=ds&ts=1389280838&from=cor&uid=HitachiXHTS541680J9SA00_SB2241KGE7ZKXEE7ZKXEX&q={searchTerms}

Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [CustomizeSearch] - hxxp://www.sweet-page.com/web/?type=ds&ts=1389280838&from=cor&uid=HitachiXHTS541680J9SA00_SB2241KGE7ZKXEE7ZKXEX&q={searchTerms}

 

*************************

 

AdwCleaner[R0].txt - [5694 octets] - [02/02/2014 20:48:58]

AdwCleaner[R1].txt - [5754 octets] - [02/02/2014 20:55:13]

AdwCleaner[R2].txt - [5674 octets] - [02/02/2014 20:57:11]

 

########## EOF - C:\AdwCleaner\AdwCleaner[R2].txt - [5734 octets] ##########

 

Någon AdCleaner[0].txt var där inte. R2 var på 6kb och R3 1kb

hoppas det blev rätt ändå.

 

Bertil

 

Hmmm? nu var jag in och kladdade i rutan som kom upp, hoppas du klurar ut det ändå!

Annars gör jag om det

Ha en bra da Bertil

Länk till kommentar
Dela på andra webbplatser

Stäng alla program, inklusive webbläsare.
Dubbelklicka på AdwCleaner för att starta programmet.

Klicka på Scan-knappen.
Vänta tills sökningen är klar.

Klicka på Clean-knappen.
Tryck på OK.
Tryck på OK fler gånger om det kommer upp meddelanden.

Datorn kommer att startas om.
En rapport kommer upp, kopiera innehållet och klistra in i ditt svar.
Om rapporten inte kommer upp, så finns den även som C:\AdwCleaner[s0].txt

 

Starta om datorn.

 

Kör DDS igen och klistra in DDS.txt (Attach.txt behövs inte).

Länk till kommentar
Dela på andra webbplatser

Stäng alla program, inklusive webbläsare.

Dubbelklicka på AdwCleaner för att starta programmet.

 

Klicka på Scan-knappen.

Vänta tills sökningen är klar.

 

Klicka på Clean-knappen.

Tryck på OK.

Tryck på OK fler gånger om det kommer upp meddelanden.

 

Datorn kommer att startas om.

En rapport kommer upp, kopiera innehållet och klistra in i ditt svar.

Om rapporten inte kommer upp, så finns den även som C:\AdwCleaner[s0].txt

 

Starta om datorn.

 

Kör DDS igen och klistra in DDS.txt (Attach.txt behövs inte).

 

 

# AdwCleaner v3.018 - Report created 03/02/2014 at 16:51:40

# Updated 28/01/2014 by Xplode

# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)

# Username : Gull-Britt - GBS_HIMMABURK

# Running from : C:\Documents and Settings\Gull-Britt\Skrivbord\adwcleaner.exe

# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702

*************************

AdwCleaner[R0].txt - [5694 octets] - [02/02/2014 20:48:58]

AdwCleaner[R1].txt - [5754 octets] - [02/02/2014 20:55:13]

AdwCleaner[R2].txt - [5814 octets] - [02/02/2014 20:57:11]

AdwCleaner[R3].txt - [907 octets] - [03/02/2014 14:41:39]

AdwCleaner[R4].txt - [966 octets] - [03/02/2014 15:13:44]

AdwCleaner[R5].txt - [1025 octets] - [03/02/2014 16:25:04]

AdwCleaner[R6].txt - [1146 octets] - [03/02/2014 16:50:10]

AdwCleaner[s0].txt - [4438 octets] - [02/02/2014 21:04:29]

AdwCleaner[s1].txt - [1087 octets] - [03/02/2014 16:36:05]

AdwCleaner[s2].txt - [1068 octets] - [03/02/2014 16:51:40]

########## EOF - C:\AdwCleaner\AdwCleaner[s2].txt - [1128 octets] ##########

 

skickar detta först DDS kommer

Länk till kommentar
Dela på andra webbplatser

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 8.0.6001.18702
Run by Gull-Britt at 7:28:48 on 2014-02-05
Microsoft Windows XP Home Edition  5.1.2600.3.1252.46.1053.18.1014.318 [GMT 1:00]
.
AV: Computer Security *Enabled/Updated* {E7512ED5-4245-4B4D-AF3A-382D3F313F15}
.
============== Running Processes ================
.
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program\F-Secure\fshoster32.exe
C:\Program\F-Secure\apps\ComputerSecurity\Common\FSM32.EXE
C:\Program\Canon\MyPrinter\BJMyPrt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program\Personal\bin\Personal.exe
C:\Program\stickies\stickies.exe
C:\WINDOWS\system32\agrsmsvc.exe
C:\Program\F-Secure\fshoster32.exe
C:\Program\F-Secure\apps\CCF_Reputation\fsorsp.exe
C:\Program\F-Secure\apps\ComputerSecurity\Anti-Virus\FSGK32.EXE
C:\Program\Delade filer\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\System32\alg.exe
C:\Program\F-Secure\apps\ComputerSecurity\Common\FSMA32.EXE
C:\Program\F-Secure\apps\ComputerSecurity\Anti-Virus\fssm32.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxps://www.google.se/
uDefault_Page_URL = hxxp://www.google.com
mStart Page = hxxp://www.google.com
mSearch Page = hxxp://www.google.com
mDefault_Page_URL = hxxp://www.google.com
mDefault_Search_URL = hxxp://www.google.com
mSearchAssistant = hxxp://www.google.com
mCustomizeSearch = hxxp://www.google.com
BHO: F-Secure Online Safety: {45BBE08D-81C5-4A67-AF20-B2A077C67747} - c:\program\f-secure\apps\onlinesafety\browser\install\fs_ie_https\fs_ie_https.dll
uRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe
uRun: [NextLive] c:\windows\system32\rundll32.exe "c:\documents and settings\gull-britt\application data\newnext.me\nengine.dll",EntryPoint -m l
mRun: [igfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [F-Secure Hoster (666)] "c:\program\f-secure\fshoster32.exe" -app -hosterid:1
mRun: [F-Secure Manager] "c:\program\f-secure\apps\computersecurity\common\FSM32.EXE" /splash
mRun: [CanonMyPrinter] c:\program\canon\myprinter\BJMyPrt.exe /logon
mRun: [CanonSolutionMenu] c:\program\canon\solutionmenu\CNSLMAIN.exe /logon
mRun: [Adobe ARM] "c:\program\delade filer\adobe\arm\1.0\AdobeARM.exe"
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
StartupFolder: c:\docume~1\gull-b~1\start-~1\program\autost~1\stickies.lnk - c:\program\stickies\stickies.exe
StartupFolder: c:\docume~1\alluse~1\start-~1\program\autost~1\bankid~1.lnk - c:\program\personal\bin\Personal.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: E&xportera till Microsoft Excel - d:\office11\EXCEL.EXE/3000
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program\messenger\msmsgs.exe
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1386184319718
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{13D8313D-669E-46DB-B436-C072DE7789A6} : DHCPNameServer = 192.168.0.1
Notify: igfxcui - igfxdev.dll
AppInit_DLLs= 
.
============= SERVICES / DRIVERS ===============
.
R0 fsbts;fsbts;c:\windows\system32\drivers\fsbts.sys [2013-12-4 44240]
R1 F-Secure HIPS;F-Secure HIPS Driver;c:\program\f-secure\apps\computersecurity\hips\drivers\fshs.sys [2013-12-11 73328]
R2 fshoster;F-Secure Dll Hoster;c:\program\f-secure\fshoster32.exe -hosterid:0 --> c:\program\f-secure\fshoster32.exe -hosterid:0 [?]
R2 FSORSPClient;F-Secure ORSP Client;c:\program\f-secure\apps\ccf_reputation\fsorsp.exe [2013-6-10 60352]
R3 F-Secure Gatekeeper;F-Secure Gatekeeper;c:\program\f-secure\apps\computersecurity\anti-virus\minifilter\fsgk.sys [2013-12-4 146472]
R3 fsni;fsni;c:\program\f-secure\apps\ccf_scanning\fsnixp32.sys [2013-7-3 50112]
R3 fsnitdi;fsnitdi;c:\program\f-secure\apps\ccf_scanning\fsnitdi32.sys [2013-7-3 24000]
.
=============== Created Last 30 ================
.
2014-02-02 19:48:53 -------- d-----w- C:\AdwCleaner
2014-01-09 15:23:18 -------- d-----w- c:\program\Mobogenie
2014-01-09 15:21:02 -------- d-----w- c:\documents and settings\all users\application data\WPM
2014-01-09 15:04:10 315392 ----a-w- c:\windows\HideWin.exe
2014-01-09 15:04:05 32768 ----a-w- c:\program\delade filer\installshield\professional\runtime\Objectps.dll
2014-01-09 15:04:00 204800 ----a-w- c:\program\delade filer\installshield\professional\runtime\11\50\intel32\iuser.dll
2014-01-09 15:03:58 274432 ----a-w- c:\program\delade filer\installshield\professional\runtime\11\50\intel32\iscript.dll
2014-01-09 15:03:57 69715 ----a-w- c:\program\delade filer\installshield\professional\runtime\11\50\intel32\ctor.dll
2014-01-09 15:03:53 757760 ----a-w- c:\program\delade filer\installshield\professional\runtime\11\50\intel32\iKernel.dll
2014-01-09 15:03:32 200836 ----a-w- c:\program\delade filer\installshield\professional\runtime\11\50\intel32\iGdi.dll
2014-01-09 15:03:09 331908 ----a-w- c:\program\delade filer\installshield\professional\runtime\11\50\intel32\setup.dll
2014-01-09 15:03:09 -------- d-----w- c:\program\delade filer\InstallShield
2014-01-08 17:01:55 -------- d-----w- c:\documents and settings\gull-britt\.android
2014-01-08 17:01:46 -------- d-----w- c:\documents and settings\gull-britt\application data\newnext.me
.
==================== Find3M  ====================
.
2014-02-02 10:38:18 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-02-02 10:38:18 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-12-06 10:10:35 558 ----a-w- c:\windows\uninstallstickies.bat
2013-12-04 20:15:55 44240 ----a-w- c:\windows\system32\drivers\fsbts.sys
2013-11-27 20:21:06 40960 ----a-w- c:\windows\system32\drivers\ndproxy.sys
2013-11-13 03:00:06 150528 ----a-w- c:\windows\system32\imagehlp.dll
.
============= FINISH:  7:31:05,40 ===============

 

Blev det rätt?

Bättre sent än aldrig hoppas jag.

B

Länk till kommentar
Dela på andra webbplatser

Visst är det rätt :)

 

1. Det är lite kvar som ska bort och för det behöver vi programmet FRST.

Ladda ner Farbar Recovery Scan Tool (FRST) och spara på skrivbordet.

http://download.bleepingcomputer.com/farbar/FRST.exe

 

Starta FRST.

Läs villkoren för programmet.

Klicka på Yes för att acceptera.

Klicka på Scan-knappen.

När det är klart kommer det att ha skapats två loggar FRST.txt och Addition.txt på skrivbordet.

Klistra in innehållet i FRST.txt direkt i ditt svar och bifoga Addition.txt.

Klicka på Använd fullständig editor för att se hur du bifogar filer.

 

2. Skanna datorn online på http://www.eset.com/onlinescan/

För att inte skannern ska ta för lång tid på sig stäng av ditt antivirusprogram under tiden.

 

Avbocka alternativet Remove found threats

Bocka för Scan Archives

 

Klicka på Advanced Settings

Bocka för:

Scan for potentially unwanted applications

Scan for potentially unsafe applications

Enable Anti-Stealth Technology

 

Klicka på Scan

 

När skanningen är klar klicka på List of threats found, följt av Export to a text file. Spara till en fil på skrivbordet, öppna filen, kopiera resultatet och klistra sedan in det i ditt svar.

Länk till kommentar
Dela på andra webbplatser

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 07-02-2014
Ran by Gull-Britt (ATTENTION: The logged in user is not administrator) on GBS_HIMMABURK on 08-02-2014 10:21:54
Running from C:\Documents and Settings\Gull-Britt\Skrivbord
Microsoft Windows XP Service Pack 3 (X86) OS Language: Swedish
Internet Explorer Version 8
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

ATTENTION: If processes are not listed WMI should be repaired.

==================== Processes (Whitelisted) ===================

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [F-Secure Hoster (666)] - C:\Program\F-Secure\fshoster32.exe [191528 2013-10-30] (F-Secure Corporation)
HKLM\...\Run: [F-Secure Manager] - C:\Program\F-Secure\apps\ComputerSecurity\Common\FSM32.EXE [310208 2013-09-25] (F-Secure Corporation)
HKLM\...\Run: [CanonMyPrinter] - C:\Program\Canon\MyPrinter\BJMyPrt.exe [1983816 2009-10-19] (CANON INC.)
HKLM\...\Run: [CanonSolutionMenu] - C:\Program\Canon\SolutionMenu\CNSLMAIN.exe [767312 2009-09-04] (CANON INC.)
HKLM\...\Run: [Adobe ARM] - C:\Program\Delade filer\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKU\S-1-5-21-1960408961-2147076873-725345543-1004\...\Run: [NextLive] - C:\WINDOWS\system32\rundll32.exe "C:\Documents and Settings\Gull-Britt\Application Data\newnext.me\nengine.dll",EntryPoint -m l
Startup: C:\Documents and Settings\All Users\Start-meny\Program\Autostart\BankID säkerhetsprogram.lnk
ShortcutTarget: BankID säkerhetsprogram.lnk -> C:\Program\Personal\bin\Personal.exe (Technology Nexus AB)
Startup: C:\Documents and Settings\Gull-Britt\Start-meny\Program\Autostart\Stickies.lnk
ShortcutTarget: Stickies.lnk -> C:\Program\stickies\stickies.exe (Zhorn Software)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.se/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {493A9FB3-9EFB-4375-B6D3-5C747C1F2088} URL = http://www.google.com/search?hl=sv&q={searchTerms}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {493A9FB3-9EFB-4375-B6D3-5C747C1F2088} URL = http://www.google.com/search?hl=sv&q={searchTerms}
BHO: F-Secure Online Safety - {45BBE08D-81C5-4A67-AF20-B2A077C67747} - C:\Program\F-Secure\apps\OnlineSafety\browser\install\fs_ie_https\fs_ie_https.dll (F-Secure Corporation)
Toolbar: HKCU - &Adress - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU - &Länkar - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1386184319718
Handler: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler: ipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program\Delade filer\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
Handler: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

========================== Services (Whitelisted) =================

R2 fshoster; C:\Program\F-Secure\fshoster32.exe [191528 2013-10-30] (F-Secure Corporation)
R3 FSMA; C:\Program\F-Secure\apps\ComputerSecurity\Common\FSMA32.EXE [216000 2013-09-25] (F-Secure Corporation)
R2 FSORSPClient; C:\Program\F-Secure\apps\CCF_Reputation\fsorsp.exe [60352 2013-06-10] (F-Secure Corporation)
R2 MDM; C:\Program\Delade filer\Microsoft Shared\VS7DEBUG\MDM.EXE [322120 2003-06-19] (Microsoft Corporation)
S3 ose; C:\Program\Delade filer\Microsoft Shared\Source Engine\OSE.EXE [89136 2003-07-28] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

S3 AR5211; C:\WINDOWS\System32\DRIVERS\ar5211.sys [547904 2007-07-26] (Atheros Communications, Inc.)
R3 F-Secure Gatekeeper; C:\Program\F-Secure\apps\ComputerSecurity\Anti-Virus\minifilter\fsgk.sys [146472 2013-12-11] (F-Secure Corporation)
R1 F-Secure HIPS; C:\Program\F-Secure\apps\ComputerSecurity\HIPS\drivers\fshs.sys [73328 2013-12-04] (F-Secure Corporation)
R0 fsbts; C:\WINDOWS\System32\Drivers\fsbts.sys [44240 2013-12-04] ()
R3 fsni; C:\Program\F-Secure\apps\CCF_Scanning\fsnixp32.sys [50112 2013-07-03] (F-Secure Corporation)
R3 fsnitdi; C:\Program\F-Secure\apps\CCF_Scanning\fsnitdi32.sys [24000 2013-07-03] (F-Secure Corporation)
S4 IntelIde; No ImagePath
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Corporation)
U1 WS2IFSL;

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-02-08 10:21 - 2014-02-08 10:22 - 00006192 _____ () C:\Documents and Settings\Gull-Britt\Skrivbord\FRST.txt
2014-02-08 10:19 - 2014-02-08 10:21 - 00000000 ____D () C:\FRST
2014-02-08 10:17 - 2014-02-08 10:17 - 01136640 _____ (Farbar) C:\Documents and Settings\Gull-Britt\Skrivbord\FRST.exe
2014-02-06 16:39 - 2014-02-06 16:39 - 01327296 _____ () C:\Documents and Settings\Gull-Britt\Mina dokument\Köttfärsgulasch  Recept ICA_se.mht
2014-02-05 07:53 - 2014-02-05 07:53 - 00011356 _____ () C:\Documents and Settings\Gull-Britt\Skrivbord\attach2.txt
2014-02-05 07:53 - 2014-02-05 07:53 - 00006708 _____ () C:\Documents and Settings\Gull-Britt\Skrivbord\dds2.txt
2014-02-03 16:49 - 2014-02-03 16:49 - 01166132 _____ () C:\Documents and Settings\Gull-Britt\Skrivbord\adwcleaner.exe
2014-02-03 16:20 - 2014-02-03 16:22 - 741343232 _____ () C:\Documents and Settings\Gull-Britt\Skrivbord\ubuntu-12.04.3-desktop-i386.iso
2014-02-02 20:48 - 2014-02-03 16:55 - 00000000 ____D () C:\AdwCleaner
2014-02-02 12:43 - 2014-02-02 12:43 - 00011274 _____ () C:\Documents and Settings\Gull-Britt\Mina dokument\attach.txt
2014-02-02 12:43 - 2014-02-02 12:43 - 00007564 _____ () C:\Documents and Settings\Gull-Britt\Mina dokument\dds.txt
2014-02-02 12:39 - 2014-02-05 07:31 - 00011356 _____ () C:\Documents and Settings\Gull-Britt\Skrivbord\attach.txt
2014-02-02 12:39 - 2014-02-05 07:31 - 00006708 _____ () C:\Documents and Settings\Gull-Britt\Skrivbord\dds.txt
2014-02-02 12:38 - 2014-02-02 12:38 - 00000000 ___RD () C:\Documents and Settings\Gull-Britt\Start-meny\Program\Administrationsverktyg
2014-02-02 12:38 - 2014-02-02 12:38 - 00000000 ___RD () C:\Documents and Settings\Gull-Britt\Mina dokument\Mina videoklipp
2014-02-02 12:38 - 2014-02-02 12:38 - 00000000 ___RD () C:\Documents and Settings\All Users\Dokument\Mina videoklipp
2014-02-02 12:37 - 2014-02-02 12:37 - 00688992 ____R (Swearware) C:\Documents and Settings\Gull-Britt\Skrivbord\dds.scr
2014-01-28 17:26 - 2014-01-28 17:26 - 00007680 ___SH () C:\WINDOWS\Thumbs.db
2014-01-28 17:26 - 2014-01-28 17:26 - 00003584 _____ () C:\Documents and Settings\Gull-Britt\Lokala inställningar\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-01-27 11:21 - 2014-01-27 12:02 - 00007770 _____ () C:\WINDOWS\setupapi.log
2014-01-26 15:49 - 2014-01-26 15:49 - 02916022 _____ () C:\Documents and Settings\Gull-Britt\Mina dokument\ccleaner 140125.txt
2014-01-15 19:20 - 2014-01-15 19:20 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2914368$
2014-01-09 16:24 - 2014-01-09 16:24 - 00000000 ____D () C:\Documents and Settings\Gull-Britt\Mina dokument\Mobogenie
2014-01-09 16:23 - 2014-01-09 16:27 - 00000000 ____D () C:\Program\Mobogenie
2014-01-09 16:21 - 2014-01-09 16:27 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\WPM
2014-01-09 16:04 - 2014-01-09 16:04 - 00315392 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\HideWin.exe
2014-01-09 16:03 - 2014-01-09 16:03 - 00000000 ____D () C:\Program\Delade filer\InstallShield
2014-01-09 14:54 - 2014-01-09 14:54 - 00003584 ___SH () C:\Documents and Settings\Gull-Britt\Mina dokument\Thumbs.db
2014-01-09 14:51 - 2014-01-09 14:51 - 00000495 _____ () C:\Documents and Settings\Gull-Britt\Mina dokument\för att hitta bilder håll ner 3d.sti
2014-01-09 14:51 - 2014-01-09 14:51 - 00000309 _____ () C:\Documents and Settings\Gull-Britt\Mina dokument\för att hitta böcker gör du lika.sti
2014-01-09 14:50 - 2014-01-09 14:50 - 00000414 _____ () C:\Documents and Settings\Gull-Britt\Mina dokument\för att skapa en ny fästis håll.sti

==================== One Month Modified Files and Folders =======

2014-02-08 10:22 - 2014-02-08 10:21 - 00006192 _____ () C:\Documents and Settings\Gull-Britt\Skrivbord\FRST.txt
2014-02-08 10:21 - 2014-02-08 10:19 - 00000000 ____D () C:\FRST
2014-02-08 10:21 - 2013-12-03 21:28 - 00000000 ____D () C:\Documents and Settings\Gull-Britt\Skrivbord
2014-02-08 10:18 - 2013-12-03 21:28 - 00000000 ___RD () C:\Documents and Settings\Gull-Britt\Favoriter
2014-02-08 10:17 - 2014-02-08 10:17 - 01136640 _____ (Farbar) C:\Documents and Settings\Gull-Britt\Skrivbord\FRST.exe
2014-02-08 10:03 - 2013-12-05 22:30 - 00000868 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-02-08 09:32 - 2013-12-03 21:23 - 01391020 _____ () C:\WINDOWS\WindowsUpdate.log
2014-02-08 09:30 - 2013-12-03 22:01 - 00729868 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-02-08 09:30 - 2004-08-04 13:00 - 00318396 _____ () C:\WINDOWS\system32\perfh01D.dat
2014-02-08 09:30 - 2004-08-04 13:00 - 00049310 _____ () C:\WINDOWS\system32\perfc01D.dat
2014-02-08 09:27 - 2013-12-04 11:30 - 00000418 ____H () C:\WINDOWS\Tasks\User_Feed_Synchronization-{62437744-79BB-4415-A4EF-559DCFECB16B}.job
2014-02-08 09:25 - 2014-01-08 18:01 - 00000000 ____D () C:\Documents and Settings\Gull-Britt\Application Data\newnext.me
2014-02-08 09:25 - 2013-12-06 11:05 - 00000000 ____D () C:\Documents and Settings\Gull-Britt\Application Data\stickies
2014-02-08 09:25 - 2013-12-03 22:04 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2014-02-08 09:25 - 2013-12-03 22:04 - 00000050 _____ () C:\WINDOWS\wiaservc.log
2014-02-08 09:24 - 2013-12-03 21:27 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-02-07 15:24 - 2013-12-03 21:28 - 00000304 ___SH () C:\Documents and Settings\Gull-Britt\ntuser.ini
2014-02-07 15:24 - 2013-12-03 21:27 - 00032518 _____ () C:\WINDOWS\SchedLgU.Txt
2014-02-07 09:48 - 2013-12-06 11:45 - 00000000 ____D () C:\Documents and Settings\Gull-Britt\Mina dokument\gamla doc
2014-02-07 09:45 - 2013-12-06 09:46 - 00000576 _____ () C:\Documents and Settings\Gull-Britt\intlname.ols
2014-02-07 09:31 - 2004-08-04 13:00 - 00013646 _____ () C:\WINDOWS\system32\wpa.dbl
2014-02-06 16:39 - 2014-02-06 16:39 - 01327296 _____ () C:\Documents and Settings\Gull-Britt\Mina dokument\Köttfärsgulasch  Recept ICA_se.mht
2014-02-06 16:39 - 2013-12-03 21:28 - 00000000 ___RD () C:\Documents and Settings\Gull-Britt\Mina dokument
2014-02-05 10:03 - 2013-12-05 22:30 - 00692616 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2014-02-05 10:03 - 2013-12-05 22:30 - 00071048 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2014-02-05 07:53 - 2014-02-05 07:53 - 00011356 _____ () C:\Documents and Settings\Gull-Britt\Skrivbord\attach2.txt
2014-02-05 07:53 - 2014-02-05 07:53 - 00006708 _____ () C:\Documents and Settings\Gull-Britt\Skrivbord\dds2.txt
2014-02-05 07:31 - 2014-02-02 12:39 - 00011356 _____ () C:\Documents and Settings\Gull-Britt\Skrivbord\attach.txt
2014-02-05 07:31 - 2014-02-02 12:39 - 00006708 _____ () C:\Documents and Settings\Gull-Britt\Skrivbord\dds.txt
2014-02-03 16:55 - 2014-02-02 20:48 - 00000000 ____D () C:\AdwCleaner
2014-02-03 16:49 - 2014-02-03 16:49 - 01166132 _____ () C:\Documents and Settings\Gull-Britt\Skrivbord\adwcleaner.exe
2014-02-03 16:22 - 2014-02-03 16:20 - 741343232 _____ () C:\Documents and Settings\Gull-Britt\Skrivbord\ubuntu-12.04.3-desktop-i386.iso
2014-02-02 21:04 - 2013-12-03 21:28 - 00000775 _____ () C:\Documents and Settings\Gull-Britt\Start-meny\Program\Internet Explorer.lnk
2014-02-02 21:04 - 2013-12-03 21:28 - 00000000 ___RD () C:\Documents and Settings\Gull-Britt\Start-meny\Program
2014-02-02 12:43 - 2014-02-02 12:43 - 00011274 _____ () C:\Documents and Settings\Gull-Britt\Mina dokument\attach.txt
2014-02-02 12:43 - 2014-02-02 12:43 - 00007564 _____ () C:\Documents and Settings\Gull-Britt\Mina dokument\dds.txt
2014-02-02 12:42 - 2013-12-03 16:41 - 00000211 ___SH () C:\boot.ini
2014-02-02 12:42 - 2004-08-04 13:00 - 00000573 _____ () C:\WINDOWS\win.ini
2014-02-02 12:42 - 2004-08-04 13:00 - 00000227 _____ () C:\WINDOWS\system.ini
2014-02-02 12:38 - 2014-02-02 12:38 - 00000000 ___RD () C:\Documents and Settings\Gull-Britt\Start-meny\Program\Administrationsverktyg
2014-02-02 12:38 - 2014-02-02 12:38 - 00000000 ___RD () C:\Documents and Settings\Gull-Britt\Mina dokument\Mina videoklipp
2014-02-02 12:38 - 2014-02-02 12:38 - 00000000 ___RD () C:\Documents and Settings\All Users\Dokument\Mina videoklipp
2014-02-02 12:38 - 2013-12-03 22:00 - 00000000 ___RD () C:\Documents and Settings\All Users\Dokument
2014-02-02 12:37 - 2014-02-02 12:37 - 00688992 ____R (Swearware) C:\Documents and Settings\Gull-Britt\Skrivbord\dds.scr
2014-02-02 11:39 - 2013-12-05 22:28 - 00000000 ____D () C:\Documents and Settings\Gull-Britt\Lokala inställningar\Application Data\Adobe
2014-01-28 17:26 - 2014-01-28 17:26 - 00007680 ___SH () C:\WINDOWS\Thumbs.db
2014-01-28 17:26 - 2014-01-28 17:26 - 00003584 _____ () C:\Documents and Settings\Gull-Britt\Lokala inställningar\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-01-28 15:53 - 2013-12-06 11:46 - 00000000 ____D () C:\Documents and Settings\Gull-Britt\Mina dokument\Sånger
2014-01-27 12:04 - 2013-12-03 22:01 - 00000000 ___RD () C:\Program
2014-01-27 12:02 - 2014-01-27 11:21 - 00007770 _____ () C:\WINDOWS\setupapi.log
2014-01-27 12:02 - 2013-12-04 08:12 - 00000000 ___HD () C:\Program\InstallShield Installation Information
2014-01-26 15:49 - 2014-01-26 15:49 - 02916022 _____ () C:\Documents and Settings\Gull-Britt\Mina dokument\ccleaner 140125.txt
2014-01-26 15:37 - 2013-12-04 18:40 - 00000000 ____D () C:\Program\CCleaner
2014-01-23 09:26 - 2013-12-03 21:28 - 00000000 ___HD () C:\Documents and Settings\Gull-Britt\Nätverket
2014-01-16 20:38 - 2014-01-08 18:06 - 00002289 _____ () C:\Documents and Settings\All Users\Start-meny\Program\Adobe Reader XI.lnk
2014-01-16 20:20 - 2013-12-03 22:00 - 00000000 ___RD () C:\Documents and Settings\All Users\Start-meny\Program
2014-01-15 19:42 - 2013-12-03 21:28 - 00000000 ____D () C:\Documents and Settings\Gull-Britt
2014-01-15 19:23 - 2013-12-05 20:15 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-01-15 19:21 - 2013-12-05 20:15 - 83425928 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-01-15 19:20 - 2014-01-15 19:20 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2914368$
2014-01-09 16:27 - 2014-01-09 16:23 - 00000000 ____D () C:\Program\Mobogenie
2014-01-09 16:27 - 2014-01-09 16:21 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\WPM
2014-01-09 16:27 - 2014-01-08 18:01 - 00000000 ____D () C:\Documents and Settings\Gull-Britt\Lokala inställningar\Application Data\Mobogenie
2014-01-09 16:24 - 2014-01-09 16:24 - 00000000 ____D () C:\Documents and Settings\Gull-Britt\Mina dokument\Mobogenie
2014-01-09 16:24 - 2014-01-08 18:01 - 00000000 ____D () C:\Documents and Settings\Gull-Britt\Lokala inställningar\Application Data\genienext
2014-01-09 16:24 - 2014-01-08 18:01 - 00000000 ____D () C:\Documents and Settings\Gull-Britt\Lokala inställningar\Application Data\cache
2014-01-09 16:04 - 2014-01-09 16:04 - 00315392 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\HideWin.exe
2014-01-09 16:03 - 2014-01-09 16:03 - 00000000 ____D () C:\Program\Delade filer\InstallShield
2014-01-09 16:03 - 2013-12-03 22:01 - 00000000 ____D () C:\Program\Delade filer
2014-01-09 15:33 - 2013-12-04 16:53 - 00366568 _____ () C:\Documents and Settings\Gull-Britt\Lokala inställningar\Application Data\mysearchdial-speeddial.crx
2014-01-09 15:30 - 2013-12-06 11:46 - 00000000 ____D () C:\Documents and Settings\Gull-Britt\Mina dokument\viktiga
2014-01-09 14:54 - 2014-01-09 14:54 - 00003584 ___SH () C:\Documents and Settings\Gull-Britt\Mina dokument\Thumbs.db
2014-01-09 14:51 - 2014-01-09 14:51 - 00000495 _____ () C:\Documents and Settings\Gull-Britt\Mina dokument\för att hitta bilder håll ner 3d.sti
2014-01-09 14:51 - 2014-01-09 14:51 - 00000309 _____ () C:\Documents and Settings\Gull-Britt\Mina dokument\för att hitta böcker gör du lika.sti
2014-01-09 14:50 - 2014-01-09 14:50 - 00000414 _____ () C:\Documents and Settings\Gull-Britt\Mina dokument\för att skapa en ny fästis håll.sti
2014-01-09 14:36 - 2013-12-03 22:00 - 00000000 ____D () C:\Documents and Settings\All Users\Skrivbord

Some content of TEMP:
====================
C:\Documents and Settings\Gull-Britt\Lokala inställningar\Temp\Quarantine.exe

==================== Bamital & volsnap Check =================

C:\WINDOWS\explorer.exe
[2004-08-04 13:00] - [2008-04-14 21:35] - 1034240 ____A (Microsoft Corporation)

C:\WINDOWS\system32\winlogon.exe
[2004-08-04 13:00] - [2008-04-14 21:35] - 0507904 ____A (Microsoft Corporation)

C:\WINDOWS\system32\svchost.exe
[2004-08-04 13:00] - [2008-04-14 21:35] - 0014336 ____A (Microsoft Corporation)

C:\WINDOWS\system32\services.exe
[2004-08-04 13:00] - [2009-02-09 12:27] - 0110592 ____A (Microsoft Corporation)

C:\WINDOWS\system32\User32.dll
[2004-08-04 13:00] - [2008-04-14 21:34] - 0578560 ____A (Microsoft Corporation)

C:\WINDOWS\system32\userinit.exe
[2004-08-04 13:00] - [2008-04-14 21:35] - 0026112 ____A (Microsoft Corporation)

C:\WINDOWS\system32\rpcss.dll
[2004-08-04 13:00] - [2009-02-09 11:56] - 0401408 ____A (Microsoft Corporation)

ATTENTION ======> If the system is having audio adware rpcss.dll is patched. Google the MD5, if the MD5 is unique the file is infected.
C:\WINDOWS\system32\Drivers\volsnap.sys
[2004-08-04 13:00] - [2008-04-14 21:06] - 0052864 ____A (Microsoft Corporation)

==================== End Of Log ============================

Addition.txt

Länk till kommentar
Dela på andra webbplatser

Starta Anteckningar.

Kopiera alla rader i rutan:

HKU\S-1-5-21-1960408961-2147076873-725345543-1004\...\Run: [NextLive] - C:\WINDOWS\system32\rundll32.exe "C:\Documents and Settings\Gull-Britt\Application Data\newnext.me\nengine.dll",EntryPoint -m l
2014-01-09 16:23 - 2014-01-09 16:27 - 00000000 ____D () C:\Program\Mobogenie
2014-01-09 16:21 - 2014-01-09 16:27 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\WPM
2014-02-08 09:25 - 2014-01-08 18:01 - 00000000 ____D () C:\Documents and Settings\Gull-Britt\Application Data\newnext.me
2014-01-09 16:27 - 2014-01-08 18:01 - 00000000 ____D () C:\Documents and Settings\Gull-Britt\Lokala inställningar\Application Data\Mobogenie
2014-01-09 16:24 - 2014-01-09 16:24 - 00000000 ____D () C:\Documents and Settings\Gull-Britt\Mina dokument\Mobogenie
2014-01-09 16:24 - 2014-01-08 18:01 - 00000000 ____D () C:\Documents and Settings\Gull-Britt\Lokala inställningar\Application Data\genienext

och klistra in i Anteckningar. Kontrollera att inga filer har delats upp på två rader.

Spara filen på skrivbordet med namnet fixlist.txt.

 

Starta FRST som finns på skrivbordet.

Klicka på knappen Fix.

Vänta tills programmet är klart.

 

Programmet skapar en logg Fixlog.txt på skrivbordet.

Klistra in innehållet i den i ditt svar.

 

Starta om datorn.

 

Hur fungerar datorn nu?

Några fler frågor innan jag ger dig instruktionerna för att avinstallera FRST mm?

Länk till kommentar
Dela på andra webbplatser

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 09-02-2014 03
Ran by Gull-Britt at 2014-02-10 15:30:06 Run:1
Running from C:\Documents and Settings\Gull-Britt\Skrivbord
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
HKU\S-1-5-21-1960408961-2147076873-725345543-1004\...\Run: [NextLive] - C:\WINDOWS\system32\rundll32.exe "C:\Documents and Settings\Gull-Britt\Application Data\newnext.me\nengine.dll",EntryPoint -m l
2014-01-09 16:23 - 2014-01-09 16:27 - 00000000 ____D () C:\Program\Mobogenie
2014-01-09 16:21 - 2014-01-09 16:27 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\WPM
2014-02-08 09:25 - 2014-01-08 18:01 - 00000000 ____D () C:\Documents and Settings\Gull-Britt\Application Data\newnext.me
2014-01-09 16:27 - 2014-01-08 18:01 - 00000000 ____D () C:\Documents and Settings\Gull-Britt\Lokala inställningar\Application Data\Mobogenie
2014-01-09 16:24 - 2014-01-09 16:24 - 00000000 ____D () C:\Documents and Settings\Gull-Britt\Mina dokument\Mobogenie
2014-01-09 16:24 - 2014-01-08 18:01 - 00000000 ____D () C:\Documents and Settings\Gull-Britt\Lokala inställningar\Application Data\genienext

*****************

HKU\S-1-5-21-1960408961-2147076873-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Run\\NextLive => Value deleted successfully.
C:\Program\Mobogenie => Moved successfully.
C:\Documents and Settings\All Users\Application Data\WPM => Moved successfully.
C:\Documents and Settings\Gull-Britt\Application Data\newnext.me => Moved successfully.
C:\Documents and Settings\Gull-Britt\Lokala inställningar\Application Data\Mobogenie => Moved successfully.
C:\Documents and Settings\Gull-Britt\Mina dokument\Mobogenie => Moved successfully.
C:\Documents and Settings\Gull-Britt\Lokala inställningar\Application Data\genienext => Moved successfully.

==== End of Fixlog ====

 

Hej Cecilia.

 

Datorn verkar bättre, men den hackar när den laddar sidor i IE samt när jag scrollar.

Kan det vara linan vi har, fiber med Bredband2, 2 Mbit/s, "min" som jag använder trådlös har inte dessa hackningar.

Den känns inte så stabil som tidigare.

 

Tack o ha en bra da

 

Bertil

Länk till kommentar
Dela på andra webbplatser

Hej!

 

Det kan vara det här som spökar:

ATTENTION: If processes are not listed WMI should be repaired.

Det är något problem med Windows.

 

1. Spara RougueKiller på Skrivbordet: http://tigzy.geekstogo.com/Tools/RogueKiller.exe

 

Stäng av alla program.

Ta bort alla externa enheter, t ex USB-minnen och externa hårddiskar, utom tangentbord och mus. Låt dem vara bortkopplade medan rensningen pågår.

 

Kör RogueKiller (i Vista och Windows 7 högerklicka på programmet och välj "Kör som administratör). Om det inte går att köra så pröva flera gång, men om det fortfarande inte går så pröva med att döpa om programmet till winlogon.exe.

 

Vänta tills "Prescan" har avslutats.

Klicka på "Scan"-knappen uppe till höger.

Vänta tills skanningen är klar.

En rapport "RKreport.txt" ska då ha skapats på Skrivbordet. Klistra in innehållet i den i ditt svar.

 

2. Spara TDSSKiller på Skrivbordet: http://support.kaspersky.com/downloads/utils/tdsskiller.exe

 

Stäng av dina vanliga program, men du kan lämna antivirusprogram och liknande igång.

Kör programmet TDSSKiller.exe.

 

Klicka på Start Scan.

 

Om några malicious hittas så välj Cure och klicka på Continue. Om inte Cure finns så välj Skip. Om några suspicious hittas så välj Skip och klicka på Continue. Välj INTE Quarantine eller Delete. Eventuellt behöver datorn startas om.

 

Klistra in innehållet i loggen som du hittar i C:\ med namnet TDSSKiller följt av version och tidpunkt.

Länk till kommentar
Dela på andra webbplatser

Hej, det blev närapå midda. Den länken funkade så här är svaret, ska köra den andre länken om en stund. Ha de bra Bertil

 

RogueKiller V8.8.7 [Feb 11 2014] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Started in : Normal mode
User : Gull-Britt [Restricted rights]
Mode : Scan -- Date : 02/11/2014 10:02:33
| ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 96 ¤¤¤
[sHELL][HJNAME] HKLM\[...]\Winlogon : shell (Explorer.exe [x]) -> FOUND
[sERVICE][HJNAME] HKLM\[...]\CCSet\[...]\Services : AudioSrv (C:C:\WINDOWS\System32\svchost.exe -k netsvcs [x][x]) -> FOUND
[sERVICE][HJNAME] HKLM\[...]\CCSet\[...]\Services : Browser (C:C:\WINDOWS\system32\svchost.exe -k netsvcs [x][x]) -> FOUND
[sERVICE][HJNAME] HKLM\[...]\CCSet\[...]\Services : CryptSvc (C:C:\WINDOWS\system32\svchost.exe -k netsvcs [x][x]) -> FOUND
[sERVICE][HJNAME] HKLM\[...]\CCSet\[...]\Services : Dhcp (C:C:\WINDOWS\system32\svchost.exe -k netsvcs [x][x]) -> FOUND
[sERVICE][HJNAME] HKLM\[...]\CCSet\[...]\Services : Dnscache (C:C:\WINDOWS\system32\svchost.exe -k NetworkService [x][x]) -> FOUND
[sERVICE][HJNAME] HKLM\[...]\CCSet\[...]\Services : ERSvc (C:C:\WINDOWS\System32\svchost.exe -k netsvcs [x][x]) -> FOUND
[sERVICE][HJNAME] HKLM\[...]\CCSet\[...]\Services : Eventlog (C:C:\WINDOWS\system32\services.exe [x]) -> FOUND
[sERVICE][HJNAME] HKLM\[...]\CCSet\[...]\Services : helpsvc (C:C:\WINDOWS\System32\svchost.exe -k netsvcs [x][x]) -> FOUND
[sERVICE][HJNAME] HKLM\[...]\CCSet\[...]\Services : lanmanserver (C:C:\WINDOWS\system32\svchost.exe -k netsvcs [x][x]) -> FOUND
[sERVICE][HJNAME] HKLM\[...]\CCSet\[...]\Services : lanmanworkstation (C:C:\WINDOWS\system32\svchost.exe -k netsvcs [x][x]) -> FOUND
[sERVICE][HJNAME] HKLM\[...]\CCSet\[...]\Services : LmHosts (C:C:\WINDOWS\system32\svchost.exe -k LocalService [x][x]) -> FOUND
[sERVICE][HJNAME] HKLM\[...]\CCSet\[...]\Services : PlugPlay (C:C:\WINDOWS\system32\services.exe [x]) -> FOUND
[sERVICE][HJNAME] HKLM\[...]\CCSet\[...]\Services : PolicyAgent (C:C:\WINDOWS\system32\lsass.exe [x]) -> FOUND
[sERVICE][HJNAME] HKLM\[...]\CCSet\[...]\Services : ProtectedStorage (C:C:\WINDOWS\system32\lsass.exe [x]) -> FOUND
[sERVICE][HJNAME] HKLM\[...]\CCSet\[...]\Services : SamSs (C:C:\WINDOWS\system32\lsass.exe [x]) -> FOUND
[sERVICE][HJNAME] HKLM\[...]\CCSet\[...]\Services : Schedule (C:C:\WINDOWS\System32\svchost.exe -k netsvcs [x][x]) -> FOUND
[sERVICE][HJNAME] HKLM\[...]\CCSet\[...]\Services : seclogon (C:C:\WINDOWS\System32\svchost.exe -k netsvcs [x][x]) -> FOUND
[sERVICE][HJNAME] HKLM\[...]\CCSet\[...]\Services : SENS (C:C:\WINDOWS\system32\svchost.exe -k netsvcs [x][x]) -> FOUND
[sERVICE][HJNAME] HKLM\[...]\CCSet\[...]\Services : SharedAccess (C:C:\WINDOWS\system32\svchost.exe -k netsvcs [x][x]) -> FOUND
[sERVICE][HJNAME] HKLM\[...]\CCSet\[...]\Services : ShellHWDetection (C:C:\WINDOWS\System32\svchost.exe -k netsvcs [x][x]) -> FOUND
[sERVICE][HJNAME] HKLM\[...]\CCSet\[...]\Services : Spooler (C:C:\WINDOWS\system32\spoolsv.exe [x]) -> FOUND
[sERVICE][HJNAME] HKLM\[...]\CCSet\[...]\Services : srservice (C:C:\WINDOWS\system32\svchost.exe -k netsvcs [x][x]) -> FOUND
[sERVICE][HJNAME] HKLM\[...]\CCSet\[...]\Services : stisvc (C:C:\WINDOWS\system32\svchost.exe -k imgsvc [x][x]) -> FOUND
[sERVICE][HJNAME] HKLM\[...]\CCSet\[...]\Services : Themes (C:C:\WINDOWS\System32\svchost.exe -k netsvcs [x][x]) -> FOUND
[sERVICE][HJNAME] HKLM\[...]\CCSet\[...]\Services : TrkWks (C:C:\WINDOWS\system32\svchost.exe -k netsvcs [x][x]) -> FOUND
[sERVICE][HJNAME] HKLM\[...]\CCSet\[...]\Services : W32Time (C:C:\WINDOWS\System32\svchost.exe -k netsvcs [x][x]) -> FOUND
[sERVICE][HJNAME] HKLM\[...]\CCSet\[...]\Services : WebClient (C:C:\WINDOWS\system32\svchost.exe -k LocalService [x][x]) -> FOUND
[sERVICE][HJNAME] HKLM\[...]\CCSet\[...]\Services : winmgmt (C:C:\WINDOWS\system32\svchost.exe -k netsvcs [x][x]) -> FOUND
[sERVICE][HJNAME] HKLM\[...]\CCSet\[...]\Services : wscsvc (C:C:\WINDOWS\System32\svchost.exe -k netsvcs [x][x]) -> FOUND
[sERVICE][HJNAME] HKLM\[...]\CCSet\[...]\Services : wuauserv (C:C:\WINDOWS\System32\svchost.exe -k netsvcs [x][x]) -> FOUND
[sERVICE][HJNAME] HKLM\[...]\CCSet\[...]\Services : WZCSVC (C:C:\WINDOWS\System32\svchost.exe -k netsvcs [x][x]) -> FOUND
[sERVICE][HJNAME] HKLM\[...]\CS001\[...]\Services : AudioSrv (C:C:\WINDOWS\System32\svchost.exe -k netsvcs [x][x]) -> FOUND
[sERVICE][HJNAME] HKLM\[...]\CS001\[...]\Services : Browser (C:C:\WINDOWS\system32\svchost.exe -k netsvcs [x][x]) -> FOUND
[sERVICE][HJNAME] HKLM\[...]\CS001\[...]\Services : CryptSvc (C:C:\WINDOWS\system32\svchost.exe -k netsvcs [x][x]) -> FOUND
[sERVICE][HJNAME] HKLM\[...]\CS001\[...]\Services : Dhcp (C:C:\WINDOWS\system32\svchost.exe -k netsvcs [x][x]) -> FOUND
[sERVICE][HJNAME] HKLM\[...]\CS001\[...]\Services : Dnscache (C:C:\WINDOWS\system32\svchost.exe -k NetworkService [x][x]) -> FOUND
[sERVICE][HJNAME] HKLM\[...]\CS001\[...]\Services : ERSvc (C:C:\WINDOWS\System32\svchost.exe -k netsvcs [x][x]) -> FOUND
[sERVICE][HJNAME] HKLM\[...]\CS001\[...]\Services : Eventlog (C:C:\WINDOWS\system32\services.exe [x]) -> FOUND
[sERVICE][HJNAME] HKLM\[...]\CS001\[...]\Services : helpsvc (C:C:\WINDOWS\System32\svchost.exe -k netsvcs [x][x]) -> FOUND
[sERVICE][HJNAME] HKLM\[...]\CS001\[...]\Services : lanmanserver (C:C:\WINDOWS\system32\svchost.exe -k netsvcs [x][x]) -> FOUND
[sERVICE][HJNAME] HKLM\[...]\CS001\[...]\Services : lanmanworkstation (C:C:\WINDOWS\system32\svchost.exe -k netsvcs [x][x]) -> FOUND
[sERVICE][HJNAME] HKLM\[...]\CS001\[...]\Services : LmHosts (C:C:\WINDOWS\system32\svchost.exe -k LocalService [x][x]) -> FOUND
[sERVICE][HJNAME] HKLM\[...]\CS001\[...]\Services : PlugPlay (C:C:\WINDOWS\system32\services.exe [x]) -> FOUND
[sERVICE][HJNAME] HKLM\[...]\CS001\[...]\Services : PolicyAgent (C:C:\WINDOWS\system32\lsass.exe [x]) -> FOUND
[sERVICE][HJNAME] HKLM\[...]\CS001\[...]\Services : ProtectedStorage (C:C:\WINDOWS\system32\lsass.exe [x]) -> FOUND
[sERVICE][HJNAME] HKLM\[...]\CS001\[...]\Services : SamSs (C:C:\WINDOWS\system32\lsass.exe [x]) -> FOUND
[sERVICE][HJNAME] HKLM\[...]\CS001\[...]\Services : Schedule (C:C:\WINDOWS\System32\svchost.exe -k netsvcs [x][x]) -> FOUND
[sERVICE][HJNAME] HKLM\[...]\CS001\[...]\Services : seclogon (C:C:\WINDOWS\System32\svchost.exe -k netsvcs [x][x]) -> FOUND
[sERVICE][HJNAME] HKLM\[...]\CS001\[...]\Services : SENS (C:C:\WINDOWS\system32\svchost.exe -k netsvcs [x][x]) -> FOUND
[sERVICE][HJNAME] HKLM\[...]\CS001\[...]\Services : SharedAccess (C:C:\WINDOWS\system32\svchost.exe -k netsvcs [x][x]) -> FOUND
[sERVICE][HJNAME] HKLM\[...]\CS001\[...]\Services : ShellHWDetection (C:C:\WINDOWS\System32\svchost.exe -k netsvcs [x][x]) -> FOUND
[sERVICE][HJNAME] HKLM\[...]\CS001\[...]\Services : Spooler (C:C:\WINDOWS\system32\spoolsv.exe [x]) -> FOUND
[sERVICE][HJNAME] HKLM\[...]\CS001\[...]\Services : srservice (C:C:\WINDOWS\system32\svchost.exe -k netsvcs [x][x]) -> FOUND
[sERVICE][HJNAME] HKLM\[...]\CS001\[...]\Services : stisvc (C:C:\WINDOWS\system32\svchost.exe -k imgsvc [x][x]) -> FOUND
[sERVICE][HJNAME] HKLM\[...]\CS001\[...]\Services : Themes (C:C:\WINDOWS\System32\svchost.exe -k netsvcs [x][x]) -> FOUND
[sERVICE][HJNAME] HKLM\[...]\CS001\[...]\Services : TrkWks (C:C:\WINDOWS\system32\svchost.exe -k netsvcs [x][x]) -> FOUND
[sERVICE][HJNAME] HKLM\[...]\CS001\[...]\Services : W32Time (C:C:\WINDOWS\System32\svchost.exe -k netsvcs [x][x]) -> FOUND
[sERVICE][HJNAME] HKLM\[...]\CS001\[...]\Services : WebClient (C:C:\WINDOWS\system32\svchost.exe -k LocalService [x][x]) -> FOUND
[sERVICE][HJNAME] HKLM\[...]\CS001\[...]\Services : winmgmt (C:C:\WINDOWS\system32\svchost.exe -k netsvcs [x][x]) -> FOUND
[sERVICE][HJNAME] HKLM\[...]\CS001\[...]\Services : wscsvc (C:C:\WINDOWS\System32\svchost.exe -k netsvcs [x][x]) -> FOUND
[sERVICE][HJNAME] HKLM\[...]\CS001\[...]\Services : wuauserv (C:C:\WINDOWS\System32\svchost.exe -k netsvcs [x][x]) -> FOUND
[sERVICE][HJNAME] HKLM\[...]\CS001\[...]\Services : WZCSVC (C:C:\WINDOWS\System32\svchost.exe -k netsvcs [x][x]) -> FOUND
[sERVICE][HJNAME] HKLM\[...]\CS003\[...]\Services : AudioSrv (C:C:\WINDOWS\System32\svchost.exe -k netsvcs [x][x]) -> FOUND
[sERVICE][HJNAME] HKLM\[...]\CS003\[...]\Services : Browser (C:C:\WINDOWS\system32\svchost.exe -k netsvcs [x][x]) -> FOUND
[sERVICE][HJNAME] HKLM\[...]\CS003\[...]\Services : CryptSvc (C:C:\WINDOWS\system32\svchost.exe -k netsvcs [x][x]) -> FOUND
[sERVICE][HJNAME] HKLM\[...]\CS003\[...]\Services : Dhcp (C:C:\WINDOWS\system32\svchost.exe -k netsvcs [x][x]) -> FOUND
[sERVICE][HJNAME] HKLM\[...]\CS003\[...]\Services : Dnscache (C:C:\WINDOWS\system32\svchost.exe -k NetworkService [x][x]) -> FOUND
[sERVICE][HJNAME] HKLM\[...]\CS003\[...]\Services : ERSvc (C:C:\WINDOWS\System32\svchost.exe -k netsvcs [x][x]) -> FOUND
[sERVICE][HJNAME] HKLM\[...]\CS003\[...]\Services : Eventlog (C:C:\WINDOWS\system32\services.exe [x]) -> FOUND
[sERVICE][HJNAME] HKLM\[...]\CS003\[...]\Services : helpsvc (C:C:\WINDOWS\System32\svchost.exe -k netsvcs [x][x]) -> FOUND
[sERVICE][HJNAME] HKLM\[...]\CS003\[...]\Services : lanmanserver (C:C:\WINDOWS\system32\svchost.exe -k netsvcs [x][x]) -> FOUND
[sERVICE][HJNAME] HKLM\[...]\CS003\[...]\Services : lanmanworkstation (C:C:\WINDOWS\system32\svchost.exe -k netsvcs [x][x]) -> FOUND
[sERVICE][HJNAME] HKLM\[...]\CS003\[...]\Services : LmHosts (C:C:\WINDOWS\system32\svchost.exe -k LocalService [x][x]) -> FOUND
[sERVICE][HJNAME] HKLM\[...]\CS003\[...]\Services : PlugPlay (C:C:\WINDOWS\system32\services.exe [x]) -> FOUND
[sERVICE][HJNAME] HKLM\[...]\CS003\[...]\Services : PolicyAgent (C:C:\WINDOWS\system32\lsass.exe [x]) -> FOUND
[sERVICE][HJNAME] HKLM\[...]\CS003\[...]\Services : ProtectedStorage (C:C:\WINDOWS\system32\lsass.exe [x]) -> FOUND
[sERVICE][HJNAME] HKLM\[...]\CS003\[...]\Services : SamSs (C:C:\WINDOWS\system32\lsass.exe [x]) -> FOUND
[sERVICE][HJNAME] HKLM\[...]\CS003\[...]\Services : Schedule (C:C:\WINDOWS\System32\svchost.exe -k netsvcs [x][x]) -> FOUND
[sERVICE][HJNAME] HKLM\[...]\CS003\[...]\Services : seclogon (C:C:\WINDOWS\System32\svchost.exe -k netsvcs [x][x]) -> FOUND
[sERVICE][HJNAME] HKLM\[...]\CS003\[...]\Services : SENS (C:C:\WINDOWS\system32\svchost.exe -k netsvcs [x][x]) -> FOUND
[sERVICE][HJNAME] HKLM\[...]\CS003\[...]\Services : SharedAccess (C:C:\WINDOWS\system32\svchost.exe -k netsvcs [x][x]) -> FOUND
[sERVICE][HJNAME] HKLM\[...]\CS003\[...]\Services : ShellHWDetection (C:C:\WINDOWS\System32\svchost.exe -k netsvcs [x][x]) -> FOUND
[sERVICE][HJNAME] HKLM\[...]\CS003\[...]\Services : Spooler (C:C:\WINDOWS\system32\spoolsv.exe [x]) -> FOUND
[sERVICE][HJNAME] HKLM\[...]\CS003\[...]\Services : srservice (C:C:\WINDOWS\system32\svchost.exe -k netsvcs [x][x]) -> FOUND
[sERVICE][HJNAME] HKLM\[...]\CS003\[...]\Services : stisvc (C:C:\WINDOWS\system32\svchost.exe -k imgsvc [x][x]) -> FOUND
[sERVICE][HJNAME] HKLM\[...]\CS003\[...]\Services : Themes (C:C:\WINDOWS\System32\svchost.exe -k netsvcs [x][x]) -> FOUND
[sERVICE][HJNAME] HKLM\[...]\CS003\[...]\Services : TrkWks (C:C:\WINDOWS\system32\svchost.exe -k netsvcs [x][x]) -> FOUND
[sERVICE][HJNAME] HKLM\[...]\CS003\[...]\Services : W32Time (C:C:\WINDOWS\System32\svchost.exe -k netsvcs [x][x]) -> FOUND
[sERVICE][HJNAME] HKLM\[...]\CS003\[...]\Services : WebClient (C:C:\WINDOWS\system32\svchost.exe -k LocalService [x][x]) -> FOUND
[sERVICE][HJNAME] HKLM\[...]\CS003\[...]\Services : winmgmt (C:C:\WINDOWS\system32\svchost.exe -k netsvcs [x][x]) -> FOUND
[sERVICE][HJNAME] HKLM\[...]\CS003\[...]\Services : wscsvc (C:C:\WINDOWS\System32\svchost.exe -k netsvcs [x][x]) -> FOUND
[sERVICE][HJNAME] HKLM\[...]\CS003\[...]\Services : wuauserv (C:C:\WINDOWS\System32\svchost.exe -k netsvcs [x][x]) -> FOUND
[sERVICE][HJNAME] HKLM\[...]\CS003\[...]\Services : WZCSVC (C:C:\WINDOWS\System32\svchost.exe -k netsvcs [x][x]) -> FOUND
[HJ DESK][PUM] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Scheduled tasks : 0 ¤¤¤

¤¤¤ Startup Entries : 0 ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED 0x2] ¤¤¤

¤¤¤ External Hives: ¤¤¤

¤¤¤ Infection :  ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

127.0.0.1       localhost

¤¤¤ MBR Check: ¤¤¤

Finished : << RKreport[0]_S_02112014_100233.txt >>

Länk till kommentar
Dela på andra webbplatser

10:13:31.0531 0x084c  TDSS rootkit removing tool 3.0.0.23 Feb 10 2014 23:32:41
10:13:40.0656 0x084c  ============================================================
10:13:40.0656 0x084c  Current date / time: 2014/02/11 10:13:40.0656
10:13:40.0656 0x084c  SystemInfo:
10:13:40.0656 0x084c 
10:13:40.0656 0x084c  OS Version: 5.1.2600 ServicePack: 3.0
10:13:40.0656 0x084c  Product type: Workstation
10:13:40.0656 0x084c  ComputerName: GBS_HIMMABURK
10:13:40.0656 0x084c  UserName: Gull-Britt
10:13:40.0656 0x084c  Windows directory: C:\WINDOWS
10:13:40.0656 0x084c  System windows directory: C:\WINDOWS
10:13:40.0656 0x084c  Processor architecture: Intel x86
10:13:40.0656 0x084c  Number of processors: 1
10:13:40.0656 0x084c  Page size: 0x1000
10:13:40.0656 0x084c  Boot type: Normal boot
10:13:40.0656 0x084c  ============================================================
10:13:44.0203 0x084c  KLMD registered as C:\WINDOWS\system32\drivers\37824900.sys
10:13:44.0703 0x084c  System UUID: {7F2698AB-33F0-9039-4C26-4442B170496D}
10:13:45.0640 0x084c  Drive \Device\Harddisk0\DR0 - Size: 0x12A1F16000 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
10:13:45.0671 0x084c  ============================================================
10:13:45.0671 0x084c  \Device\Harddisk0\DR0:
10:13:45.0671 0x084c  MBR partitions:
10:13:45.0703 0x084c  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F00, BlocksNum 0x548650E
10:13:45.0703 0x084c  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x548C000, BlocksNum 0x4083000
10:13:45.0703 0x084c  ============================================================
10:13:45.0765 0x084c  C: <-> \Device\Harddisk0\DR0\Partition2
10:13:45.0828 0x084c  D: <-> \Device\Harddisk0\DR0\Partition1
10:13:45.0828 0x084c  ============================================================
10:13:45.0828 0x084c  Initialize success
10:13:45.0828 0x084c  ============================================================
10:13:53.0015 0x0230  ============================================================
10:13:53.0015 0x0230  Scan started
10:13:53.0015 0x0230  Mode: Manual;
10:13:53.0015 0x0230  ============================================================
10:13:53.0015 0x0230  KSN ping started
10:13:55.0406 0x0230  KSN ping finished: true
10:13:56.0140 0x0230  ================ Scan system memory ========================
10:13:58.0421 0x0230  System memory - ok
10:13:58.0421 0x0230  ================ Scan services =============================
10:13:58.0500 0x0230  Abiosdsk - ok
10:13:58.0515 0x0230  abp480n5 - ok
10:13:58.0578 0x0230  [ 48547E29772BEFE3C554FF5E4855BF51, D4A75675F1E861FFAA3FD9F1A197C92649B836D6BD5B621B0D59F9C7068BD0FD ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys
10:13:58.0578 0x0230  ACPI - ok
10:13:58.0734 0x0230  [ DECEDC736CEF3C0FFF6E981B31E73A61, FEC00208A057956DE3EF335FC09C2B8EA58EC15D57FE69EB52BBE0AE735E2ECB ] ACPIEC          C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
10:13:58.0734 0x0230  ACPIEC - ok
10:13:58.0828 0x0230  [ C8C6C0D659734FDBF63F6F421A5416BC, 11C452D77D0A8A5E430D0D0C9949797FFC03D2E3DADB8FBB9B63EDA868AFF83C ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
10:13:58.0843 0x0230  AdobeFlashPlayerUpdateSvc - ok
10:13:58.0843 0x0230  adpu160m - ok
10:13:58.0906 0x0230  [ 1E44BC1E83D8FD2305F8D452DB109CF9, CF5EC07E0B589FA2A4701C6CFD69E893FC3ABF274AD57AE3C13FFE49063B02C8 ] AFD             C:\WINDOWS\System32\drivers\afd.sys
10:13:58.0906 0x0230  AFD - ok
10:13:58.0953 0x0230  [ 39E435C90C9C4F780FA0ED05CA3C3A1B, 0006CC8CBFB775CA9C4121B4DDC80560DE35CCBB276DEE7A9F5148743529758A ] AgereModemAudio C:\WINDOWS\system32\agrsmsvc.exe
10:13:58.0953 0x0230  AgereModemAudio - ok
10:13:59.0062 0x0230  [ D31D1A92479BD8C0D050A6FFBDD410D9, 3E69DF407574771E077A35085948925AB788D3021388394EBE67C806D45C86D7 ] AgereSoftModem  C:\WINDOWS\system32\DRIVERS\AGRSM.sys
10:13:59.0093 0x0230  AgereSoftModem - ok
10:13:59.0093 0x0230  Aha154x - ok
10:13:59.0109 0x0230  aic78u2 - ok
10:13:59.0109 0x0230  aic78xx - ok
10:13:59.0171 0x0230  [ 7E3C83703327499D0B98AE392FF07EDE, B4D28B5C516F7CD664F2DF211954A3076BDD11D102348199ADF0D7750E3EE2EF ] Alerter         C:\WINDOWS\system32\alrsvc.dll
10:13:59.0187 0x0230  Alerter - ok
10:13:59.0218 0x0230  [ 5DF46F9AD9C1D611A38AF2ABB9365B5B, B0F00A25D326AF4F83BFE23369F0543D60829B65696CB794E2216D1313CA2162 ] ALG             C:\WINDOWS\System32\alg.exe
10:13:59.0218 0x0230  ALG - ok
10:13:59.0218 0x0230  AliIde - ok
10:13:59.0234 0x0230  amsint - ok
10:13:59.0234 0x0230  AppMgmt - ok
10:13:59.0312 0x0230  [ 89873AEBBF0309393F0737E26D891209, B9A2580F84C2FD4CA50C50330DC9C853230CF6439E7876A067DD35626E7555E7 ] AR5211          C:\WINDOWS\system32\DRIVERS\ar5211.sys
10:13:59.0328 0x0230  AR5211 - ok
10:13:59.0328 0x0230  asc - ok
10:13:59.0343 0x0230  asc3350p - ok
10:13:59.0343 0x0230  asc3550 - ok
10:13:59.0390 0x0230  [ B153AFFAC761E7F5FCFA822B9C4E97BC, 7E60F572A6B3C6219E3C86225AA37243AFFD74337DB7F108B04778042E5CC959 ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
10:13:59.0390 0x0230  AsyncMac - ok
10:13:59.0421 0x0230  [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] atapi           C:\WINDOWS\system32\DRIVERS\atapi.sys
10:13:59.0421 0x0230  atapi - ok
10:13:59.0437 0x0230  Atdisk - ok
10:13:59.0484 0x0230  [ 9916C1225104BA14794209CFA8012159, 5D6F05F715C52A16D05CAE15C3DFE77A139A7F27F7AE710EC9A10F9EE05115A1 ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys
10:13:59.0484 0x0230  Atmarpc - ok
10:13:59.0531 0x0230  [ 73F7604CFB13A066A93442F431C62C4A, 9ED37AA5838FA765B2EE96932337672C753F43819ED3C296D455CAEE9DA034C1 ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll
10:13:59.0531 0x0230  AudioSrv - ok
10:13:59.0562 0x0230  [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys
10:13:59.0562 0x0230  audstub - ok
10:13:59.0625 0x0230  [ 71509C9DB1A4B2C05141563FBE3E18A0, E348D35B783C221B0E54BFCF76B5064336D85FBA7855941EF5290807015D9FA7 ] b57w2k          C:\WINDOWS\system32\DRIVERS\b57xp32.sys
10:13:59.0640 0x0230  b57w2k - ok
10:13:59.0703 0x0230  [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
10:13:59.0703 0x0230  Beep - ok
10:13:59.0765 0x0230  [ 9741942A86E579231D3C41AA51DE042F, 72E4EFEE04BD34D23245C8306052F4FFA8C4E34851C5837AE7CA22C564279803 ] BITS            C:\WINDOWS\system32\qmgr.dll
10:13:59.0781 0x0230  BITS - ok
10:13:59.0843 0x0230  [ 9EF2F9B552CE42DAB5F70A2DBE633316, 9E378758DD1EB820DC8F15396B81A18F66EED074F4F06781AF5D0A2FA33F7189 ] Browser         C:\WINDOWS\System32\browser.dll
10:13:59.0843 0x0230  Browser - ok
10:13:59.0890 0x0230  [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys
10:13:59.0890 0x0230  cbidf2k - ok
10:13:59.0890 0x0230  cd20xrnt - ok
10:13:59.0906 0x0230  [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys
10:13:59.0906 0x0230  Cdaudio - ok
10:13:59.0937 0x0230  [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys
10:13:59.0937 0x0230  Cdfs - ok
10:13:59.0953 0x0230  [ 1F4260CC5B42272D71F79E570A27A4FE, B51C2A3ED3C309953D0EA45869C8E464C10F2533DADE9E0286AF674979098D1D ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys
10:13:59.0953 0x0230  Cdrom - ok
10:13:59.0953 0x0230  Changer - ok
10:14:00.0015 0x0230  [ 359C676391504438F334478585FD6465, 801FDB406CBB30918C895C64280E678E903CCF011F27F1E147E72B9C03AFF7A7 ] CiSvc           C:\WINDOWS\system32\cisvc.exe
10:14:00.0015 0x0230  CiSvc - ok
10:14:00.0062 0x0230  [ B8345830C5D789D3DA21B91C0C94D086, 0B030B3212B5B6DCFD70C926A62A16E20E976D3B562CF53342A93DB98C64860C ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe
10:14:00.0062 0x0230  ClipSrv - ok
10:14:00.0078 0x0230  [ 0F6C187D38D98F8DF904589A5F94D411, DB987093446216CEE913AC27503BF7E23E5A62DF169B355730285DAB64F6ED28 ] CmBatt          C:\WINDOWS\system32\DRIVERS\CmBatt.sys
10:14:00.0078 0x0230  CmBatt - ok
10:14:00.0093 0x0230  CmdIde - ok
10:14:00.0093 0x0230  [ 6E4C9F21F0FAE8940661144F41B13203, 731202A0DD021FCF9287FEA631212603AAAC23F9E7F76B2882F913B18A971F1C ] Compbatt        C:\WINDOWS\system32\DRIVERS\compbatt.sys
10:14:00.0093 0x0230  Compbatt - ok
10:14:00.0109 0x0230  COMSysApp - ok
10:14:00.0125 0x0230  Cpqarray - ok
10:14:00.0156 0x0230  [ 04FD6585508A7320B2C7453CED231D6B, 5E6A148F38122509B6360EB6632D16EC2BE7495DE98A4F26B3B0F2C4BB9D19BA ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll
10:14:00.0156 0x0230  CryptSvc - ok
10:14:00.0156 0x0230  dac2w2k - ok
10:14:00.0171 0x0230  dac960nt - ok
10:14:00.0234 0x0230  [ 87DADC3F6E6CD5AAEB913E19CBFF922C, 5A954D2945D117CC52D8AC3412F0DF98E793DC4E7ABF61F9BEC8A90D8538D377 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
10:14:00.0250 0x0230  DcomLaunch - ok
10:14:00.0328 0x0230  [ 0CE3FA1C1A6803B34022D6C47273930D, CC0399141BA637B8383CF411AC57AE230BD383F094338F7C8685262B6BB8A927 ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll
10:14:00.0328 0x0230  Dhcp - ok
10:14:00.0343 0x0230  [ 044452051F3E02E7963599FC8F4F3E25, 584BDDB074618BE76454CF90E74829CFF588B5B5FAEB793E2F7AAD26352DD689 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys
10:14:00.0343 0x0230  Disk - ok
10:14:00.0359 0x0230  dmadmin - ok
10:14:00.0468 0x0230  [ 80008BD0C19D97B0B3F4D1D9CBF190A8, 7B8074B3A61EDEB25083076BF3D8794A2673C243259E394F3E5FB0765D034979 ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys
10:14:00.0484 0x0230  dmboot - ok
10:14:00.0546 0x0230  [ 41862731F82BE80F0CFBA5D0DA36B683, A5C26BFF20502567DF31CF2DD2686F1471AC85D72CDB1989E6B776D3ED711BB3 ] dmio            C:\WINDOWS\system32\drivers\dmio.sys
10:14:00.0546 0x0230  dmio - ok
10:14:00.0609 0x0230  [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload          C:\WINDOWS\system32\drivers\dmload.sys
10:14:00.0609 0x0230  dmload - ok
10:14:00.0656 0x0230  [ 77DB107FD2D8DE42B3ADC7FCE084F653, AC94DA19D0A0FD901EE751116D0E5AE71B1A9A5CFFCDB4E15B55E9A9512D0670 ] dmserver        C:\WINDOWS\System32\dmserver.dll
10:14:00.0656 0x0230  dmserver - ok
10:14:00.0703 0x0230  [ EFAC4D4C80CCD725CC5BD7D3DBF18C74, 3E0539C4233F3A6D5220B8D6AAC32DB544880D7C3243DAC0A7D3189E735C6F06 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
10:14:00.0703 0x0230  Dnscache - ok
10:14:00.0750 0x0230  [ C3C6CF67796ACDD8329CB0E44367A1EB, 92EAD268487D232E46381B0EA4E6C65C7C52DE42972CC8A86E5EA90FBF9B3466 ] Dot3svc         C:\WINDOWS\System32\dot3svc.dll
10:14:00.0750 0x0230  Dot3svc - ok
10:14:00.0765 0x0230  dpti2o - ok
10:14:00.0796 0x0230  [ D9CABE63AF4BC951302D9E508CB5599A, BC2D255DEF7209F620D5DC608A1916EB223EB4D3C5569F757E203F4ACF688CF7 ] EapHost         C:\WINDOWS\System32\eapsvc.dll
10:14:00.0812 0x0230  EapHost - ok
10:14:00.0828 0x0230  [ BC5287DC6DC7EBB13AA825CAA6482F94, 418DCCD7264762240CCD2F72B9ADDD077CAF40E81CA8339A1C8B646B07D4FD26 ] ERSvc           C:\WINDOWS\System32\ersvc.dll
10:14:00.0828 0x0230  ERSvc - ok
10:14:00.0875 0x0230  [ 8870B0C4A094C1CE80CEA6F85FA38FF2, DA4B702E4941B34AEB82E8A890D09D9718DFD255CBCDBC3DACA4165EA851DB2F ] Eventlog        C:\WINDOWS\system32\services.exe
10:14:00.0875 0x0230  Eventlog - ok
10:14:00.0921 0x0230  [ 01CEC6DE315F1A06CE5AA70009C6979E, ED38A8B4DE8AA0301E6883E5DCCE4A9541383CC7B579A76E1D510CCFF2EB7614 ] EventSystem     C:\WINDOWS\system32\es.dll
10:14:00.0937 0x0230  EventSystem - ok
10:14:01.0078 0x0230  [ BF69017DD8EBE8ECE6E2D23E1BAD9123, 2B1B56892DBE5F347B95A1A8C5D01D256EE564358E38B68CB146704F4951EB11 ] F-Secure Gatekeeper C:\Program\F-Secure\apps\ComputerSecurity\Anti-Virus\minifilter\fsgk.sys
10:14:01.0093 0x0230  F-Secure Gatekeeper - ok
10:14:01.0187 0x0230  [ 9AF7EBD49F40AABFAF6EC1FF44D509C9, 8E1B76723578590E1A06589118002BB463F53137345CD6F429462B47F7607A3F ] F-Secure HIPS   C:\Program\F-Secure\apps\ComputerSecurity\HIPS\drivers\fshs.sys
10:14:01.0187 0x0230  F-Secure HIPS - ok
10:14:01.0250 0x0230  [ 38D332A6D56AF32635675F132548343E, E6909DB836AF679B4F4D62C7396D6C82769CC7ABB8C919C2AABFE934FCE268F6 ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys
10:14:01.0250 0x0230  Fastfat - ok
10:14:01.0296 0x0230  [ C5684B98920F9BA98D6A33701CA816E6, 170B625762C1209B0CE791EE3435B9E1D204DBD223411A6BBC17076B0BCB3D7A ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
10:14:01.0296 0x0230  FastUserSwitchingCompatibility - ok
10:14:01.0312 0x0230  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] Fdc             C:\WINDOWS\system32\drivers\Fdc.sys
10:14:01.0328 0x0230  Fdc - ok
10:14:01.0328 0x0230  [ B66DDB75642F6722468707840C67A394, 267D9702E0C47FFDCE4D1384273D9C14E4362F776259A27BDC6131BE25A71B1C ] Fips            C:\WINDOWS\system32\drivers\Fips.sys
10:14:01.0328 0x0230  Fips - ok
10:14:01.0343 0x0230  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] Flpydisk        C:\WINDOWS\system32\drivers\Flpydisk.sys
10:14:01.0343 0x0230  Flpydisk - ok
10:14:01.0375 0x0230  [ B2CF4B0786F8212CB92ED2B50C6DB6B0, 280F5CF8A90F7BEDE73ADD0DD0F8952088133A7CA9A3D3B7041957E33B36845D ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
10:14:01.0375 0x0230  FltMgr - ok
10:14:01.0390 0x0230  [ 18DA737DD5122A475DA4948ED4643675, D8CB47E6376217C69D348B117225D567317B755518337C5A37C99511B32378FE ] fsbts           C:\WINDOWS\system32\Drivers\fsbts.sys
10:14:01.0406 0x0230  fsbts - ok
10:14:01.0406 0x0230  fshoster - ok
10:14:01.0437 0x0230  [ 494D3590E9684FF660AD0A0E9473BCC7, 034EB9E8950E92F3266BF225BF349D0E3E63E7FE4B7169E8A1DD1C1977525991 ] FSMA            C:\Program\F-Secure\apps\ComputerSecurity\Common\FSMA32.EXE
10:14:01.0453 0x0230  FSMA - ok
10:14:01.0500 0x0230  [ 9A7102DE6C147132DC5A13E5BB33078D, D21906F4307E33C6A09A2F16C1D8E81548A616C9BA699DA4E427CDB4775A562B ] fsni            C:\Program\F-Secure\apps\CCF_Scanning\fsnixp32.sys
10:14:01.0500 0x0230  fsni - ok
10:14:01.0515 0x0230  [ B281A0167EAC1DBB2FF990205210983D, 1662BA2BA0AFB098C898016C1E9CA1B4443664CFA336438A639EA34A3968CACD ] fsnitdi         C:\Program\F-Secure\apps\CCF_Scanning\fsnitdi32.sys
10:14:01.0515 0x0230  fsnitdi - ok
10:14:01.0578 0x0230  [ EB3E03B60279515BD7FDF18392A79DFD, CAF7066F58B96CC0068A63F9E76EE2053C9889E0757C036864BAE1F30A66EE65 ] FSORSPClient    C:\Program\F-Secure\apps\CCF_Reputation\fsorsp.exe
10:14:01.0593 0x0230  FSORSPClient - ok
10:14:01.0593 0x0230  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
10:14:01.0593 0x0230  Fs_Rec - ok
10:14:01.0609 0x0230  [ 45FC410CFE68FF036AD232A141E69C19, BA3FE71BECB4557B5FFF63B320AE3E9C1F14F7607AAD1281B4543C0A95A25EC0 ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys
10:14:01.0609 0x0230  Ftdisk - ok
10:14:01.0656 0x0230  [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys
10:14:01.0656 0x0230  Gpc - ok
10:14:01.0718 0x0230  [ 573C7D0A32852B48F3058CFD8026F511, BC384BBA394AFDCDA1A9ABC858C692AA84A1F0A31AF3DDF7F38D120C027927FB ] HDAudBus        C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
10:14:01.0734 0x0230  HDAudBus - ok
10:14:01.0812 0x0230  [ 202C95F334C53A5A8BD0D8465512B3F4, 5A154E233884070CDFF9A7EA245C60D99741D0633EEE9A641F4EDA4FCDECD8D2 ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
10:14:01.0812 0x0230  helpsvc - ok
10:14:01.0828 0x0230  HidServ - ok
10:14:01.0843 0x0230  [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EEAA6335D6A126EC ] HidUsb          C:\WINDOWS\system32\DRIVERS\hidusb.sys
10:14:01.0843 0x0230  HidUsb - ok
10:14:01.0890 0x0230  [ 98580E101404565700FD12E03F7EE056, D4E02D9E17000AFB1C0D38001FA0DE0A2940B278DD8AF14C282D4512E8A0F0F6 ] hkmsvc          C:\WINDOWS\System32\kmsvc.dll
10:14:01.0890 0x0230  hkmsvc - ok
10:14:01.0890 0x0230  hpn - ok
10:14:01.0953 0x0230  [ F80A415EF82CD06FFAF0D971528EAD38, 524D9E9201572929522F6805011783711B7C0F76308B924C89CF75F4B7A1FDF3 ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys
10:14:01.0968 0x0230  HTTP - ok
10:14:01.0984 0x0230  [ F504D07CB25D62AB8D079C1F868651AE, 243C62264982934E12EAE6A1831DB361B47F48044F02A8FFE2EFC66B0D9B4A6F ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll
10:14:01.0984 0x0230  HTTPFilter - ok
10:14:02.0000 0x0230  i2omgmt - ok
10:14:02.0000 0x0230  i2omp - ok
10:14:02.0015 0x0230  [ 82E56CD09B2CE1EDEC3FBA9111C7EE3A, 0B0818B7F52E2E1167D7D915B13FB30AE9E3D009EB1676AA43467D4DBEBC39DD ] i8042prt        C:\WINDOWS\system32\DRIVERS\i8042prt.sys
10:14:02.0015 0x0230  i8042prt - ok
10:14:02.0453 0x0230  [ C4018896856A1A1F1F3A0A6EE7206551, DD7F27655E56296E6A5EBFB3B91047201C0D76E6271E1ACE1037DCCC2BFCB6BC ] ialm            C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
10:14:02.0609 0x0230  ialm - ok
10:14:02.0640 0x0230  [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys
10:14:02.0640 0x0230  Imapi - ok
10:14:02.0687 0x0230  [ 891B69C3DE6C55A7868B3BB52BC131AA, 52D6B365B1F5CEBFB50781103522FCBB092EFAC1F158E6409CC4752A4B1262D7 ] ImapiService    C:\WINDOWS\system32\imapi.exe
10:14:02.0703 0x0230  ImapiService - ok
10:14:02.0703 0x0230  ini910u - ok
10:14:02.0718 0x0230  IntelIde - ok
10:14:02.0750 0x0230  [ 02431778E84A525D29929D14BAB71D53, 2734D67C4A76580240F641563A5275A77AAAB5F4E9389189BA27FB1ED0E07AAC ] intelppm        C:\WINDOWS\system32\DRIVERS\intelppm.sys
10:14:02.0750 0x0230  intelppm - ok
10:14:02.0781 0x0230  [ 3BB22519A194418D5FEC05D800A19AD0, F6662F440950596DC1382DD1DB5D7891CCEA30A6062BEA942C18445B5F0D8B16 ] Ip6Fw           C:\WINDOWS\system32\drivers\ip6fw.sys
10:14:02.0781 0x0230  Ip6Fw - ok
10:14:02.0812 0x0230  [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
10:14:02.0812 0x0230  IpFilterDriver - ok
10:14:02.0828 0x0230  [ B87AB476DCF76E72010632B5550955F5, E6E74D3A86A7917A8BAED44F8E97CCD2EB171E4E4B27E9907F60D1523FAF319A ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys
10:14:02.0828 0x0230  IpInIp - ok
10:14:02.0875 0x0230  [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys
10:14:02.0875 0x0230  IpNat - ok
10:14:02.0906 0x0230  [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys
10:14:02.0906 0x0230  IPSec - ok
10:14:02.0937 0x0230  [ C93C9FF7B04D772627A3646D89F7BF89, 805FA48E7A46D4F10240BF880A2468F53DEA36E83004399228AB70DB7D20544A ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys
10:14:02.0937 0x0230  IRENUM - ok
10:14:02.0968 0x0230  [ 48F97C77DAF8811598CFAE21368EACB6, 82E9A6ABEE1FB71C2270EB01F830626A11176CC97801DA34FABE78FDAAFB2C8A ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys
10:14:02.0984 0x0230  isapnp - ok
10:14:03.0000 0x0230  [ D655CA94C8E2E0223C1BC28BCD95723A, 1EAC16FB555C8E28B440652E6FC943C6E8C10BFB34EE71F6AF9A8717C0D516A3 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys
10:14:03.0000 0x0230  Kbdclass - ok
10:14:03.0031 0x0230  [ B467646C54CC746128904E1654C750C1, 3BD71BE3663EA23463D236D8A2A2E42DFA10C502BDB4B6E131FAF0FBA748219E ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys
10:14:03.0031 0x0230  KSecDD - ok
10:14:03.0078 0x0230  [ 2C633A578D5ADAAA821C675D65F959C5, 8A7D546AD85AFB63CB16C75F43F10FA261D63FA2E4987FDE9255E16E1007A8FD ] lanmanserver    C:\WINDOWS\System32\srvsvc.dll
10:14:03.0078 0x0230  lanmanserver - ok
10:14:03.0140 0x0230  [ EAA41D225B9DA1314E0977C774864430, C112AE85BE3C171FFA07703A6DC20658A2101E58EF7EF25E8E75AC41748166A5 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
10:14:03.0156 0x0230  lanmanworkstation - ok
10:14:03.0156 0x0230  lbrtfdc - ok
10:14:03.0218 0x0230  [ EE155CF65CDC8BE1B4EFFA24A69FC924, 5AE0AC908A9933B54DADF42F0B1FC66C3C6511CBC3978C3453320923F0BF531A ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll
10:14:03.0218 0x0230  LmHosts - ok
10:14:03.0296 0x0230  [ 11F714F85530A2BD134074DC30E99FCA, BDB5FD3B2DF4ADD19B31965B3E789768B59E872B3EA85912B1FFB32B2AF9D5D8 ] MDM             C:\Program\Delade filer\Microsoft Shared\VS7DEBUG\MDM.EXE
10:14:03.0312 0x0230  MDM - ok
10:14:03.0343 0x0230  [ 363E8EBAE26BB8B4987C91B4D3CE0F54, 5911BD3F4DD8B64E66D5B96FD957CEA6D667FAAFB06D0EA2F2174030CC374BD7 ] Messenger       C:\WINDOWS\System32\msgsvc.dll
10:14:03.0343 0x0230  Messenger - ok
10:14:03.0390 0x0230  [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys
10:14:03.0390 0x0230  mnmdd - ok
10:14:03.0453 0x0230  [ 2BC41300B822562AC0A524DCDD2DA027, 5C094C2B0C55E3D734C76B5AB7FD23DA1051497DDE3EB62CB3E560FEF85E6B8B ] mnmsrvc         C:\WINDOWS\system32\mnmsrvc.exe
10:14:03.0453 0x0230  mnmsrvc - ok
10:14:03.0468 0x0230  [ 42CE19726D9C410DFF75D3FF1CC79DB2, F051B694D4EBA94216CF3F8F9513A4126F511D5729AB6089589B5DBD50F86EEC ] Modem           C:\WINDOWS\system32\drivers\Modem.sys
10:14:03.0468 0x0230  Modem - ok
10:14:03.0484 0x0230  [ E0C4C36573BCF0C0D2A1578CAA791F7D, 7DEFEAC3B49CB886DC14AA2E1A594A0C93CC413C0DAAAF62353D1D06D2F9C9F7 ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys
10:14:03.0484 0x0230  Mouclass - ok
10:14:03.0531 0x0230  [ 98E474ECF11F1DB62FB072157A95EA83, 3EB7C1F4FD5456F6283E40F1F82C0D2AAF7BB1FCCF7E9F3C5F36E61D5F668ACA ] mouhid          C:\WINDOWS\system32\DRIVERS\mouhid.sys
10:14:03.0531 0x0230  mouhid - ok
10:14:03.0546 0x0230  [ A80B9A0BAD1B73637DBCBBA7DF72D3FD, 2A5E15ED2C24C6C65EF2F7E1FD93374774076C9D8D451E4422561F4D269C012F ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys
10:14:03.0546 0x0230  MountMgr - ok
10:14:03.0562 0x0230  mraid35x - ok
10:14:03.0578 0x0230  [ 11D42BB6206F33FBB3BA0288D3EF81BD, 76ABCFB62C5AC549F58C231F72A99882CDEB74928104B77FE52554765C2B1A22 ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys
10:14:03.0578 0x0230  MRxDAV - ok
10:14:03.0640 0x0230  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0, DB9B186F7076D7B94F45041AF7B77C1AD2CAB504D683B459C6CB1C22840ED170 ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
10:14:03.0656 0x0230  MRxSmb - ok
10:14:03.0703 0x0230  [ 7A73FDEEF6CF45D27EDD73220EAF1C8F, 83374C15875264E8E5595172B9690711928B1A27A4736506A9A8B21821FD8E53 ] MSDTC           C:\WINDOWS\system32\msdtc.exe
10:14:03.0703 0x0230  MSDTC - ok
10:14:03.0718 0x0230  [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
10:14:03.0718 0x0230  Msfs - ok
10:14:03.0718 0x0230  MSIServer - ok
10:14:03.0781 0x0230  [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys
10:14:03.0781 0x0230  mssmbios - ok
10:14:03.0812 0x0230  [ DE6A75F5C270E756C5508D94B6CF68F5, FCC972DDC36C2C44D836913F10004C2C33B11C54DEFFF0C63E0FDF901D2F9261 ] Mup             C:\WINDOWS\system32\drivers\Mup.sys
10:14:03.0812 0x0230  Mup - ok
10:14:03.0875 0x0230  [ 28D11A2ECDFCB280624BD7006D85C38E, E9F79F75945644353F3CF550D67925D63D695C0D6AE7592C8E1E8BCE9E7E2230 ] napagent        C:\WINDOWS\System32\qagentrt.dll
10:14:03.0890 0x0230  napagent - ok
10:14:03.0937 0x0230  [ 1DF7F42665C94B825322FAE71721130D, FE0DCB728471465B39A42A7511F4133021FBA5DF88F88BCB5FE2FF34CFD713F9 ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys
10:14:03.0937 0x0230  NDIS - ok
10:14:03.0984 0x0230  [ 0109C4F3850DFBAB279542515386AE22, 4F6DB1E499AC853FD36FD603FBB6D3AC9BDCEB298C7FE1FB59A9236CB46729B2 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
10:14:03.0984 0x0230  NdisTapi - ok
10:14:04.0031 0x0230  [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
10:14:04.0031 0x0230  Ndisuio - ok
10:14:04.0046 0x0230  [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
10:14:04.0046 0x0230  NdisWan - ok
10:14:04.0093 0x0230  [ 2F597BB467E05B1FE3830EABD821B8E0, 141497F5A49D47CCE3C9289644F4BD838DCB238F6D8E847FC006652E21FE02AC ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
10:14:04.0093 0x0230  NDProxy - ok
10:14:04.0109 0x0230  [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
10:14:04.0109 0x0230  NetBIOS - ok
10:14:04.0140 0x0230  [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
10:14:04.0140 0x0230  NetBT - ok
10:14:04.0187 0x0230  [ 5A922C8E35BF372F3DD3EC61345634B7, 6CD456DCD4ACDFBB14F386F22038255C1F8125EBCB5CEA1C7FE1493E92233465 ] NetDDE          C:\WINDOWS\system32\netdde.exe
10:14:04.0187 0x0230  NetDDE - ok
10:14:04.0203 0x0230  [ 5A922C8E35BF372F3DD3EC61345634B7, 6CD456DCD4ACDFBB14F386F22038255C1F8125EBCB5CEA1C7FE1493E92233465 ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe
10:14:04.0203 0x0230  NetDDEdsdm - ok
10:14:04.0250 0x0230  [ FF1805D5DAF41625AF5282750D4A3700, E4EE950A8FE3DA7F486459D30BD2F9EB06D96B188BD6B9BA505E465625F74A2D ] Netlogon        C:\WINDOWS\system32\lsass.exe
10:14:04.0250 0x0230  Netlogon - ok
10:14:04.0281 0x0230  [ 7F791C1C9D3FEC5D3F519C9DB19465D3, B45BF12BF2CA2112DDE4B978CED937AE0846561FEAFD14BDA08B6DF016858044 ] Netman          C:\WINDOWS\System32\netman.dll
10:14:04.0281 0x0230  Netman - ok
10:14:04.0343 0x0230  [ D080A76F42DFE1E7AF0C069AE5BAD8FC, 8AEDA4487B7E41D273B3551488CE031242922CDAB773CAF967A02A45D704DED6 ] Nla             C:\WINDOWS\System32\mswsock.dll
10:14:04.0343 0x0230  Nla - ok
10:14:04.0359 0x0230  [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
10:14:04.0359 0x0230  Npfs - ok
10:14:04.0437 0x0230  [ 78A08DD6A8D65E697C18E1DB01C5CDCA, E0E6F3ED05068E32F1D5C2D2B38CDEF4536B8656DB6756C66CF6B40B60C8F3DA ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
10:14:04.0453 0x0230  Ntfs - ok
10:14:04.0484 0x0230  [ FF1805D5DAF41625AF5282750D4A3700, E4EE950A8FE3DA7F486459D30BD2F9EB06D96B188BD6B9BA505E465625F74A2D ] NtLmSsp         C:\WINDOWS\system32\lsass.exe
10:14:04.0484 0x0230  NtLmSsp - ok
10:14:04.0562 0x0230  [ 5FD9F539BAF23288D131F1B709A62807, 7CCFD7E2C9BF28CFF2CD52C243BC75030B92AE25984328EBD2F161451EC4FCA9 ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll
10:14:04.0578 0x0230  NtmsSvc - ok
10:14:04.0609 0x0230  [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] Null            C:\WINDOWS\system32\drivers\Null.sys
10:14:04.0609 0x0230  Null - ok
10:14:04.0656 0x0230  [ B305F3FAD35083837EF46A0BBCE2FC57, 9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8ED72A367720464 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
10:14:04.0656 0x0230  NwlnkFlt - ok
10:14:04.0671 0x0230  [ C99B3415198D1AAB7227F2C88FD664B9, DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09A67337A4E73F55 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
10:14:04.0671 0x0230  NwlnkFwd - ok
10:14:04.0734 0x0230  [ 7A56CF3E3F12E8AF599963B16F50FB6A, 882C82BAE96D263138D4C0D6C425458B770B7B9C8E9C1D28AC918BF6BE94A5C2 ] ose             C:\Program\Delade filer\Microsoft Shared\Source Engine\OSE.EXE
10:14:04.0734 0x0230  ose - ok
10:14:04.0765 0x0230  [ 19E28ED86E7244D76FDA792C2810188E, F6642AFC7EA9D7CD720FF8EE19D5D3C0EE824231795E39F07F03DB230656DA24 ] Parport         C:\WINDOWS\system32\drivers\Parport.sys
10:14:04.0765 0x0230  Parport - ok
10:14:04.0812 0x0230  [ BEB3BA25197665D82EC7065B724171C6, 7E71C13BA30CD95CEE8A9CC85E6F48A01F30EDEAADEE69D80AE828BF97E5A5CA ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys
10:14:04.0812 0x0230  PartMgr - ok
10:14:04.0859 0x0230  [ 5CF71E14A108C492C1FB07543D579AF5, F371FEB55E48AF6C72A1387261942DFD161FCFEFFCE109B35E6F0DFD234A13C3 ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys
10:14:04.0875 0x0230  ParVdm - ok
10:14:04.0875 0x0230  [ 8A185F0112CF5B42FF1AAFF31B8B3091, 486B98DB8EE21AA8A41DEC39F4CA5AE0DE337DB16548F05E576226303C2840AA ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys
10:14:04.0875 0x0230  PCI - ok
10:14:04.0890 0x0230  PCIDump - ok
10:14:04.0921 0x0230  [ 239DE4275EE40FDF9912761467025244, F8B4C89B6E10A903E430C68972CB4B212B389DF3755B66933F833148DD914407 ] PCIIde          C:\WINDOWS\system32\DRIVERS\pciide.sys
10:14:04.0937 0x0230  PCIIde - ok
10:14:04.0984 0x0230  [ 904053AA6E251C77CF85371CE644CFD7, 20DFDCF6CFD34635BF0335657E9CCB5FAEB612594A9C35554727BEF708D01316 ] Pcmcia          C:\WINDOWS\system32\drivers\Pcmcia.sys
10:14:04.0984 0x0230  Pcmcia - ok
10:14:04.0984 0x0230  PDCOMP - ok
10:14:05.0000 0x0230  PDFRAME - ok
10:14:05.0000 0x0230  PDRELI - ok
10:14:05.0015 0x0230  PDRFRAME - ok
10:14:05.0031 0x0230  perc2 - ok
10:14:05.0031 0x0230  perc2hib - ok
10:14:05.0078 0x0230  [ 8870B0C4A094C1CE80CEA6F85FA38FF2, DA4B702E4941B34AEB82E8A890D09D9718DFD255CBCDBC3DACA4165EA851DB2F ] PlugPlay        C:\WINDOWS\system32\services.exe
10:14:05.0078 0x0230  PlugPlay - ok
10:14:05.0093 0x0230  [ FF1805D5DAF41625AF5282750D4A3700, E4EE950A8FE3DA7F486459D30BD2F9EB06D96B188BD6B9BA505E465625F74A2D ] PolicyAgent     C:\WINDOWS\system32\lsass.exe
10:14:05.0093 0x0230  PolicyAgent - ok
10:14:05.0109 0x0230  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
10:14:05.0109 0x0230  PptpMiniport - ok
10:14:05.0125 0x0230  [ FF1805D5DAF41625AF5282750D4A3700, E4EE950A8FE3DA7F486459D30BD2F9EB06D96B188BD6B9BA505E465625F74A2D ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
10:14:05.0125 0x0230  ProtectedStorage - ok
10:14:05.0140 0x0230  [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys
10:14:05.0140 0x0230  PSched - ok
10:14:05.0171 0x0230  [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys
10:14:05.0171 0x0230  Ptilink - ok
10:14:05.0171 0x0230  ql1080 - ok
10:14:05.0187 0x0230  Ql10wnt - ok
10:14:05.0187 0x0230  ql12160 - ok
10:14:05.0203 0x0230  ql1240 - ok
10:14:05.0218 0x0230  ql1280 - ok
10:14:05.0234 0x0230  [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
10:14:05.0234 0x0230  RasAcd - ok
10:14:05.0281 0x0230  [ 15D787DFFCE46CFC4C7F567095CE8323, 6CD8A852068BCE35B69435B100058B98284CCDC7A2C4FE276912667467C9531F ] RasAuto         C:\WINDOWS\System32\rasauto.dll
10:14:05.0296 0x0230  RasAuto - ok
10:14:05.0328 0x0230  [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
10:14:05.0328 0x0230  Rasl2tp - ok
10:14:05.0390 0x0230  [ 1E86DE6B0DF33953CF9CE449DD6E8442, A55EBA9F1A1E8052598442678A17FEF04891A09B8F1C65F3C14438F49463B855 ] RasMan          C:\WINDOWS\System32\rasmans.dll
10:14:05.0390 0x0230  RasMan - ok
10:14:05.0406 0x0230  [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
10:14:05.0406 0x0230  RasPppoe - ok
10:14:05.0406 0x0230  [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys
10:14:05.0406 0x0230  Raspti - ok
10:14:05.0437 0x0230  [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
10:14:05.0453 0x0230  Rdbss - ok
10:14:05.0453 0x0230  [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
10:14:05.0453 0x0230  RDPCDD - ok
10:14:05.0515 0x0230  [ 43AF5212BD8FB5BA6EED9754358BD8F7, AF330F61CECA4AFA359CEABC5EB3227E6B56A9A2DCE50701381D665122D7356D ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys
10:14:05.0531 0x0230  RDPWD - ok
10:14:05.0562 0x0230  [ FE7C16FA5CBC560579C9728534FBAF6F, C7D10BAB959D6C175C7A4942755C32A0580BB25599A5B8AFEEE67DD252953C45 ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe
10:14:05.0578 0x0230  RDSessMgr - ok
10:14:05.0593 0x0230  [ 97130D37842819FA39FD5F1E90A5D676, 029C107A643A17B78A94AF1174F8D2E88853BA65B2A02C821FD73E706DD91487 ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys
10:14:05.0593 0x0230  redbook - ok
10:14:05.0640 0x0230  [ FCD42D82C6F5E0E1506ECA01D692DDE7, 08465F8FB45008203CDD4383A96969F6C6B8B4D0F8F73C2018FDD111C6E4A278 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
10:14:05.0656 0x0230  RemoteAccess - ok
10:14:05.0671 0x0230  [ 2CFB81B412A5D3CBD55CEFACCB5E2CEE, 03B7A77E4CDEE9707362741F60AC204E0FAE5D31A2B2E587A173AAFBCE4E2262 ] RpcLocator      C:\WINDOWS\system32\locator.exe
10:14:05.0687 0x0230  RpcLocator - ok
10:14:05.0750 0x0230  [ 87DADC3F6E6CD5AAEB913E19CBFF922C, 5A954D2945D117CC52D8AC3412F0DF98E793DC4E7ABF61F9BEC8A90D8538D377 ] RpcSs           C:\WINDOWS\system32\rpcss.dll
10:14:05.0750 0x0230  RpcSs - ok
10:14:05.0781 0x0230  [ 72407E48F912ED57213AE474B8A6798B, 004820B04F4D69814CA1E3CEEF775CE860741F89CB4630F4A9C1367E5D63F120 ] RSVP            C:\WINDOWS\system32\rsvp.exe
10:14:05.0781 0x0230  RSVP - ok
10:14:05.0828 0x0230  [ FF1805D5DAF41625AF5282750D4A3700, E4EE950A8FE3DA7F486459D30BD2F9EB06D96B188BD6B9BA505E465625F74A2D ] SamSs           C:\WINDOWS\system32\lsass.exe
10:14:05.0828 0x0230  SamSs - ok
10:14:05.0828 0x0230  [ D339F34D824A7D42FF4D61F1D9D06029, FE45018505A2E19A5B52D36CC09DD0B49177DE40A8E284BA4DF2BBDAEED2ED99 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe
10:14:05.0843 0x0230  SCardSvr - ok
10:14:05.0890 0x0230  [ C7DC69A9D8C9AB2FBCA3238C989D598F, 5E64A370F0B8C4701C1165FDE96F4BDC5A4ED2114B2ACCEE0F279235F6295163 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
10:14:05.0890 0x0230  Schedule - ok
10:14:05.0937 0x0230  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys
10:14:05.0953 0x0230  Secdrv - ok
10:14:05.0984 0x0230  [ ED70EB06F13062366B126B1C7475C127, 33439BB04A3003E46885044F75CD852DDBF83FE7F1CC8E0F4AB4424ECC82F486 ] seclogon        C:\WINDOWS\System32\seclogon.dll
10:14:05.0984 0x0230  seclogon - ok
10:14:05.0984 0x0230  [ EA7B436A948C875DC94C6062FCBBC2D9, 093402C6410D11EF10A3597AC2BCFE476215624FA585DD9AE0419BDBFDAEBBAE ] SENS            C:\WINDOWS\system32\sens.dll
10:14:06.0000 0x0230  SENS - ok
10:14:06.0031 0x0230  [ F7D35464062EDC08909E568BCD8AE77D, 937E6E68E5B704B155259558476D39EA24F66DF05DEB9387C68EB1E356C7A306 ] Serial          C:\WINDOWS\system32\drivers\Serial.sys
10:14:06.0031 0x0230  Serial - ok
10:14:06.0046 0x0230  [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] Sfloppy         C:\WINDOWS\system32\drivers\Sfloppy.sys
10:14:06.0046 0x0230  Sfloppy - ok
10:14:06.0125 0x0230  [ 30E1A46734BDF836C8770949C86B42A4, 80A839D8E324FBE62211B1973AA7A12DEF28E24E8A8FF009C2AF363E480588C9 ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
10:14:06.0140 0x0230  SharedAccess - ok
10:14:06.0171 0x0230  [ C5684B98920F9BA98D6A33701CA816E6, 170B625762C1209B0CE791EE3435B9E1D204DBD223411A6BBC17076B0BCB3D7A ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
10:14:06.0171 0x0230  ShellHWDetection - ok
10:14:06.0171 0x0230  Simbad - ok
10:14:06.0187 0x0230  Sparrow - ok
10:14:06.0218 0x0230  [ 60784F891563FB1B767F70117FC2428F, E0B07F08E60FFBAD36C2E58180F4B2A16DCA47716044CBE0213DF7B74D742F1F ] Spooler         C:\WINDOWS\system32\spoolsv.exe
10:14:06.0234 0x0230  Spooler - ok
10:14:06.0265 0x0230  [ 1193EF00869F6367367E6E7CB96BE325, A4BD2B3EAD59A242B4DEBE57BF8A11F05E2197364459149E0F6BA40297034CF3 ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys
10:14:06.0265 0x0230  sr - ok
10:14:06.0328 0x0230  [ 25EDB60132F9D82CB1B7961C1D0D13F2, 3CF74855705838FFF9ACD265068F220071853300459AB5B91DCA2BA94962D9EE ] srservice       C:\WINDOWS\system32\srsvc.dll
10:14:06.0328 0x0230  srservice - ok
10:14:06.0375 0x0230  [ 47DDFC2F003F7F9F0592C6874962A2E7, 17C643BD4EB09B5666FE41817DC785BE04A6E491CE79E8E5A702CDBD98E1BDD7 ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys
10:14:06.0390 0x0230  Srv - ok
10:14:06.0453 0x0230  [ 53FFC29DC150E0107F28F0A622FF8D1A, 01BCBF2DE168BDF2A7290F4832FA13135AA29A76B4EFE6F8D4A7094E132A4ADF ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
10:14:06.0468 0x0230  SSDPSRV - ok
10:14:06.0484 0x0230  [ 5835D4AD35905215E1059A973B022EA1, 1E4F0914BF740876F1258CFBBAFF7A4C4DD40C9942FB494B669019E39D515093 ] stisvc          C:\WINDOWS\system32\wiaservc.dll
10:14:06.0500 0x0230  stisvc - ok
10:14:06.0515 0x0230  [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys
10:14:06.0515 0x0230  swenum - ok
10:14:06.0531 0x0230  SwPrv - ok
10:14:06.0546 0x0230  symc810 - ok
10:14:06.0546 0x0230  symc8xx - ok
10:14:06.0562 0x0230  sym_hi - ok
10:14:06.0562 0x0230  sym_u3 - ok
10:14:06.0609 0x0230  [ 71A08EEC00A703445A2CBC0E91EF0952, 48E582F1C3EDFFB06FAF24E869DB208A88570E295909169823FE2185FA2915C9 ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe
10:14:06.0609 0x0230  SysmonLog - ok
10:14:06.0640 0x0230  [ 18261106524F7A93CECEACDC03A5B989, 0C0B40ECCA7885C696ABFAC078FC2D3AA081E0C7390B354817C784A8A0D8FFFE ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
10:14:06.0656 0x0230  TapiSrv - ok
10:14:06.0734 0x0230  [ 9AEFA14BD6B182D61E3119FA5F436D3D, EA29E49434585409272E7901AF89771FE9D6E911A7DC44AB3C7020CFF8A44552 ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys
10:14:06.0734 0x0230  Tcpip - ok
10:14:06.0765 0x0230  [ 6471A66807F5E104E4885F5B67349397, F35CBFFB8BB235CCE30EF94A5273333900DD49FD506BF9D55D99A320B8A53A5A ] TDPIPE          C:\WINDOWS\system32\drivers\TDPIPE.sys
10:14:06.0765 0x0230  TDPIPE - ok
10:14:06.0796 0x0230  [ C56B6D0402371CF3700EB322EF3AAF61, 7743FA4C734BCE38EFB1CA69BC17364D8421E2CD172F856F7E38E7AE1EE93F2F ] TDTCP           C:\WINDOWS\system32\drivers\TDTCP.sys
10:14:06.0796 0x0230  TDTCP - ok
10:14:06.0828 0x0230  [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys
10:14:06.0828 0x0230  TermDD - ok
10:14:06.0890 0x0230  [ F89C53D455420DF4D66E45842FB3A46E, A8FC82681DB6AA0E897778F20A991D3E5CF6CBAD1816038F3C9E1FA33EA23AB0 ] TermService     C:\WINDOWS\System32\termsrv.dll
10:14:06.0890 0x0230  TermService - ok
10:14:06.0921 0x0230  [ C5684B98920F9BA98D6A33701CA816E6, 170B625762C1209B0CE791EE3435B9E1D204DBD223411A6BBC17076B0BCB3D7A ] Themes          C:\WINDOWS\System32\shsvcs.dll
10:14:06.0921 0x0230  Themes - ok
10:14:06.0937 0x0230  TosIde - ok
10:14:06.0968 0x0230  [ 548867E040CB81A82B5DF09D074F95F8, B3D488051473D15C35CFD7B5536488D6C2CF6C139F0AB94173E176B61E83E85F ] TrkWks          C:\WINDOWS\system32\trkwks.dll
10:14:06.0984 0x0230  TrkWks - ok
10:14:07.0031 0x0230  [ 5787B80C2E3C5E2F56C2A233D91FA2C9, 3774905CF77954DFCECDA5BCC7CDE3D0ED72712BFAAD85ADAE5246306447E46C ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys
10:14:07.0031 0x0230  Udfs - ok
10:14:07.0046 0x0230  ultra - ok
10:14:07.0078 0x0230  [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] Update          C:\WINDOWS\system32\DRIVERS\update.sys
10:14:07.0093 0x0230  Update - ok
10:14:07.0125 0x0230  [ B1222A2302480D56A32C5343150BB16D, 1ACF8302ACA3B4B798433F5489C5629476E1DE328A7CACBEA0B361287A34F129 ] upnphost        C:\WINDOWS\System32\upnphost.dll
10:14:07.0125 0x0230  upnphost - ok
10:14:07.0156 0x0230  [ 7B07AF3D4545AD6FEE34B5F2EB247C8F, 31165F1C5C96250441CB41C9331FB8DAD00E73A80D103FEBFE2D7F989F7267AA ] UPS             C:\WINDOWS\System32\ups.exe
10:14:07.0156 0x0230  UPS - ok
10:14:07.0187 0x0230  [ 1B611611C28D2DF25BC057D79C6F13FC, B0D86F63E44B40413BBAE6402CC088046CFAE082D41BBC2ED5A916293356B846 ] usbccgp         C:\WINDOWS\system32\DRIVERS\usbccgp.sys
10:14:07.0187 0x0230  usbccgp - ok
10:14:07.0234 0x0230  [ 4BAC8DF07F1D8434FC640E677A62204E, 76C1351AF6752224BF59DEEE0F8665FE699F3DFD679F5BCD01C7D9383E6402A4 ] usbehci         C:\WINDOWS\system32\DRIVERS\usbehci.sys
10:14:07.0234 0x0230  usbehci - ok
10:14:07.0281 0x0230  [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys
10:14:07.0281 0x0230  usbhub - ok
10:14:07.0312 0x0230  [ A717C8721046828520C9EDF31288FC00, 1530BBE832EDBB0974AD89D723A03FF7A0094B368992D73C2C3E62A181DF1E0A ] usbprint        C:\WINDOWS\system32\DRIVERS\usbprint.sys
10:14:07.0312 0x0230  usbprint - ok
10:14:07.0328 0x0230  [ F8EDE2B6928970DCE3D5614C27D9E7F6, 6E5EBBC8B70C1D593634DAF0C190DEADFDA18C3CBC8F552A76F156F3869EF05B ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
10:14:07.0328 0x0230  usbscan - ok
10:14:07.0375 0x0230  [ A32426D9B14A089EAA1D922E0C5801A9, ED1DC52EE45F8EAD3AEC4B1F817BB25634141CF48295494C5947DCE6CF7A9817 ] USBSTOR         C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
10:14:07.0375 0x0230  USBSTOR - ok
10:14:07.0390 0x0230  [ 26496F9DEE2D787FC3E61AD54821FFE6, 8BE7FF647470B9A951CBB478FAF83D657A15CC78037F42348A6B738F21D523DA ] usbuhci         C:\WINDOWS\system32\DRIVERS\usbuhci.sys
10:14:07.0390 0x0230  usbuhci - ok
10:14:07.0406 0x0230  [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys
10:14:07.0421 0x0230  VgaSave - ok
10:14:07.0421 0x0230  ViaIde - ok
10:14:07.0437 0x0230  [ 57187EC04878147E1F4F2D9224B12205, 1EA6307EE44298E14D2E67214BD9B45BC13A077C908C34221E0F10EFBEF0566E ] VolSnap         C:\WINDOWS\system32\drivers\VolSnap.sys
10:14:07.0437 0x0230  VolSnap - ok
10:14:07.0500 0x0230  [ 940950DC9E34B05986BBBB1D1A33B74F, 014C791A4255DE9781413E885DFFA9E764A3AC43E44C7630E67352273823A994 ] VSS             C:\WINDOWS\System32\vssvc.exe
10:14:07.0515 0x0230  VSS - ok
10:14:07.0578 0x0230  [ 4BF06A1DCD6A91C482E79340FEE527CA, 914B31F39D76F36A35E9E5C253F77E70FFE61892C9BDAEB46CE27ED9ACD11ED0 ] W32Time         C:\WINDOWS\system32\w32time.dll
10:14:07.0578 0x0230  W32Time - ok
10:14:07.0640 0x0230  [ E20B95BAEDB550F32DD489265C1DA1F6, 5589B2067E6C9FBA290D8C5EADDC198EBAF39C50C3CD7D2BC5CDA7CBFBC445E5 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
10:14:07.0640 0x0230  Wanarp - ok
10:14:07.0640 0x0230  WDICA - ok
10:14:07.0703 0x0230  [ E6DFCADF5089A68ECD288E9A803A892C, 2E443588131654CE13BF699B8C3B7D88AF53EE2D12692B1D98DC015ABE36AAF8 ] WebClient       C:\WINDOWS\System32\webclnt.dll
10:14:07.0703 0x0230  WebClient - ok
10:14:07.0796 0x0230  [ CF4E2A27495F7EA6B3128D9A731B3716, 95AABB127D3FD4F0C7B5EE637930CF586E1F6E40E9C57A3DACA8048C972F0D35 ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
10:14:07.0796 0x0230  winmgmt - ok
10:14:07.0859 0x0230  [ CF8E2625AF439A3F336C499ADE0C4BEC, B011C79737570D5D88466A1736C979AB698042C4148F0592CA1BD855B6872D8D ] WmdmPmSN        C:\WINDOWS\system32\mspmsnsv.dll
10:14:07.0859 0x0230  WmdmPmSN - ok
10:14:07.0906 0x0230  [ C42584FD66CE9E17403AEBCA199F7BDB, E3F2E1066F36AE5D33D4482239B2E556BE0C137923C9A120DFB36EC82F2E77B0 ] WmiAcpi         C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
10:14:07.0906 0x0230  WmiAcpi - ok
10:14:07.0937 0x0230  [ 9BFADC02A9E27BFDFF59E61302F92517, 6AD8E23334FEC70DD3D19E68BD9B8792C132B74036D79BDB5D87BEFAE94B8493 ] WmiApSrv        C:\WINDOWS\system32\wbem\wmiapsrv.exe
10:14:07.0937 0x0230  WmiApSrv - ok
10:14:08.0000 0x0230  [ 4AC32513FA47C8219448269BF895FC34, C7154BC13A2C2E880A316EEF2788C302D26977905815F29A512286B4539F55AB ] wscsvc          C:\WINDOWS\system32\wscsvc.dll
10:14:08.0000 0x0230  wscsvc - ok
10:14:08.0015 0x0230  [ 4CEAF29D35C2608C6463E80574DDCA10, 3A3D6BF5E32FCA2EC8ABAB8D41D3C594A0EFFAB6B1E2ED7F714FB3AF3C8CCCBB ] wuauserv        C:\WINDOWS\system32\wuauserv.dll
10:14:08.0015 0x0230  wuauserv - ok
10:14:08.0078 0x0230  [ 5EC7D7F83640A921B5C616D9650520FD, 4545B5DF6F65C83DFF0D53B307DDFFEECD202DD436C3B3E0FAC968AAF57111D5 ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll
10:14:08.0093 0x0230  WZCSVC - ok
10:14:08.0156 0x0230  [ 5B3D475AA8629320686FBFFBE67AB492, 2EC52D7EE8B95625B9412EA92414918C8B838187B4C80922E8D3C48197005691 ] xmlprov         C:\WINDOWS\System32\xmlprov.dll
10:14:08.0156 0x0230  xmlprov - ok
10:14:08.0171 0x0230  ================ Scan global ===============================
10:14:08.0218 0x0230  [ FCCF29A7B803601E170EE8E6C57BFB84, 5D182CA4E9A1F5D84D478678BB69ABD624CC6BD95EE78B13CD1218415D65D9F6 ] C:\WINDOWS\system32\basesrv.dll
10:14:08.0281 0x0230  [ A4301EF1CE982498F3BF42F71870B813, AB8D8DA2C75CC3836790F3A1FE69246DCECA818A476871D798CFE75534525FC0 ] C:\WINDOWS\system32\winsrv.dll
10:14:08.0312 0x0230  [ A4301EF1CE982498F3BF42F71870B813, AB8D8DA2C75CC3836790F3A1FE69246DCECA818A476871D798CFE75534525FC0 ] C:\WINDOWS\system32\winsrv.dll
10:14:08.0328 0x0230  [ 8870B0C4A094C1CE80CEA6F85FA38FF2, DA4B702E4941B34AEB82E8A890D09D9718DFD255CBCDBC3DACA4165EA851DB2F ] C:\WINDOWS\system32\services.exe
10:14:08.0343 0x0230  [ Global ] - ok
10:14:08.0343 0x0230  ================ Scan MBR ==================================
10:14:08.0375 0x0230  [ C8919AE61419C5625F9EF0AEF12523A8 ] \Device\Harddisk0\DR0
10:14:08.0625 0x0230  \Device\Harddisk0\DR0 - ok
10:14:08.0625 0x0230  ================ Scan VBR ==================================
10:14:08.0640 0x0230  [ 8CE81EBADA5A60C7204E6B77F3A33624 ] \Device\Harddisk0\DR0\Partition1
10:14:08.0656 0x0230  \Device\Harddisk0\DR0\Partition1 - ok
10:14:08.0656 0x0230  [ ACCE1172FACA37021410947EF2144081 ] \Device\Harddisk0\DR0\Partition2
10:14:08.0656 0x0230  \Device\Harddisk0\DR0\Partition2 - ok
10:14:08.0656 0x0230  Waiting for KSN requests completion. In queue: 134
10:14:09.0656 0x0230  Waiting for KSN requests completion. In queue: 134
10:14:10.0656 0x0230  Waiting for KSN requests completion. In queue: 134
10:14:11.0734 0x0230  AV detected via SS1: Computer Security, , enabled, updated
10:14:11.0734 0x0230  Win FW state via NFM: enabled
10:14:14.0031 0x0230  ============================================================
10:14:14.0031 0x0230  Scan finished
10:14:14.0031 0x0230  ============================================================
10:14:14.0031 0x0c80  Detected object count: 0
10:14:14.0031 0x0c80  Actual detected object count: 0

 

Hoppas det blev rätt :)

Bertil

Länk till kommentar
Dela på andra webbplatser

Har en fråga om drivrutiner, såg att det fanns något om det i loggen.

Efter ominstallationen kan jag inte få ljud i burken, det fanns förut.

Har kollat Acers hemsida, laddat ner anvisad drivis men det hjälpte inte.

 

Om det blir ett nytt ämne kan du Cecilia radera detta så får jag fixa det senare!

 

Ha fortsatt bra da

Bertil

Länk till kommentar
Dela på andra webbplatser

Jari Karivainio

Hej!

Du bör kunna hitta audiodrivern till Acer Aspire 5315 för win xp här. Den heter

Audio  Realtek  Audio Driver 6.0.1.5413  36.7 MB

 2008/12/03.

 

/ Jari

Länk till kommentar
Dela på andra webbplatser

User : Gull-Britt [Restricted rights]

Det verkar som att du använder ett konto som inte är ett administratörskonto.

Har du möjlighet att byta till ett administratörskonto?

För det är svårt att få ordning på en dator om man inte har rätt att göra allt.

Kör sedan FRST igen och klistra in den nya FRST.txt.

Länk till kommentar
Dela på andra webbplatser

Ja du, var ser jag det mer än vid användarkontot? trodde man automatiskt var datoradministratör.

 

Hur ändrar jag det om Gull-Britt inte är boss såattsäga, finns två kto "Gull-Britt datoradministratör" och gäst kto.

Har inget lösenord, det är vi två pensionärer som använder våra datorer/plattor, då är jag nog inte boss på den datorn jag använder.

Så helt plötsligt är det andra frågor som gäller.

Nåväl, hur ändrar jag så att GB blir administratör?

Har försökt vi kontrollpanelen användarkonto, får endast fåga ändra konton?

 

Tur ni finns

en stor kram till er alla

Länk till kommentar
Dela på andra webbplatser

Försök så här:

 

Starta om datorn i felsäkert läge genom att trycka F8 upprepade gånger under uppstarten och välja "felsäkert läge" i menyn som kommer upp. Förhoppningsvis dyker det då upp ett till konto, normalt heter det "Administratör", som det går att logga in på och därifrån köra Användarkonto i Kontrollpanelen och göra om kontot Gull-Britt till ett administratörskonto.

Länk till kommentar
Dela på andra webbplatser

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 12-02-2014 01
Ran by Gull-Britt (administrator) on GBS_HIMMABURK on 13-02-2014 16:25:25
Running from C:\Documents and Settings\Gull-Britt\Skrivbord
Microsoft Windows XP Home Edition Service Pack 3 (X86) OS Language: Swedish
Internet Explorer Version 8
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe
(Intel Corporation) C:\WINDOWS\system32\hkcmd.exe
(Intel Corporation) C:\WINDOWS\system32\igfxpers.exe
(F-Secure Corporation) C:\Program\F-Secure\fshoster32.exe
(F-Secure Corporation) C:\Program\F-Secure\apps\ComputerSecurity\Common\FSM32.EXE
(CANON INC.) C:\Program\Canon\MyPrinter\BJMyPrt.exe
(Technology Nexus AB) C:\Program\Personal\bin\Personal.exe
(Zhorn Software) C:\Program\stickies\stickies.exe
(Agere Systems) C:\WINDOWS\system32\agrsmsvc.exe
(F-Secure Corporation) C:\Program\F-Secure\fshoster32.exe
(F-Secure Corporation) C:\Program\F-Secure\apps\CCF_Reputation\fsorsp.exe
(F-Secure Corporation) C:\Program\F-Secure\apps\ComputerSecurity\Anti-Virus\FSGK32.EXE
(Microsoft Corporation) C:\Program\Delade filer\Microsoft Shared\VS7DEBUG\MDM.EXE
(F-Secure Corporation) C:\Program\F-Secure\apps\ComputerSecurity\Common\FSMA32.EXE
(F-Secure Corporation) C:\Program\F-Secure\apps\ComputerSecurity\Anti-Virus\fssm32.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [F-Secure Hoster (666)] - C:\Program\F-Secure\fshoster32.exe [191528 2013-10-30] (F-Secure Corporation)
HKLM\...\Run: [F-Secure Manager] - C:\Program\F-Secure\apps\ComputerSecurity\Common\FSM32.EXE [310208 2013-09-25] (F-Secure Corporation)
HKLM\...\Run: [CanonMyPrinter] - C:\Program\Canon\MyPrinter\BJMyPrt.exe [1983816 2009-10-19] (CANON INC.)
HKLM\...\Run: [CanonSolutionMenu] - C:\Program\Canon\SolutionMenu\CNSLMAIN.exe [767312 2009-09-04] (CANON INC.)
HKLM\...\Run: [Adobe ARM] - C:\Program\Delade filer\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
Startup: C:\Documents and Settings\All Users\Start-meny\Program\Autostart\BankID säkerhetsprogram.lnk
ShortcutTarget: BankID säkerhetsprogram.lnk -> C:\Program\Personal\bin\Personal.exe (Technology Nexus AB)
Startup: C:\Documents and Settings\Gull-Britt\Start-meny\Program\Autostart\Stickies.lnk
ShortcutTarget: Stickies.lnk -> C:\Program\stickies\stickies.exe (Zhorn Software)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.se/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {493A9FB3-9EFB-4375-B6D3-5C747C1F2088} URL = http://www.google.com/search?hl=sv&q={searchTerms}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {493A9FB3-9EFB-4375-B6D3-5C747C1F2088} URL = http://www.google.com/search?hl=sv&q={searchTerms}
BHO: F-Secure Online Safety - {45BBE08D-81C5-4A67-AF20-B2A077C67747} - C:\Program\F-Secure\apps\OnlineSafety\browser\install\fs_ie_https\fs_ie_https.dll (F-Secure Corporation)
Toolbar: HKCU - &Adress - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU - &Länkar - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1386184319718
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
Handler: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler: ipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program\Delade filer\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
Handler: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program\Delade filer\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

========================== Services (Whitelisted) =================

R2 fshoster; C:\Program\F-Secure\fshoster32.exe [191528 2013-10-30] (F-Secure Corporation)
R3 FSMA; C:\Program\F-Secure\apps\ComputerSecurity\Common\FSMA32.EXE [216000 2013-09-25] (F-Secure Corporation)
R2 FSORSPClient; C:\Program\F-Secure\apps\CCF_Reputation\fsorsp.exe [60352 2013-06-10] (F-Secure Corporation)
R2 MDM; C:\Program\Delade filer\Microsoft Shared\VS7DEBUG\MDM.EXE [322120 2003-06-19] (Microsoft Corporation)
S3 ose; C:\Program\Delade filer\Microsoft Shared\Source Engine\OSE.EXE [89136 2003-07-28] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

S3 AR5211; C:\WINDOWS\System32\DRIVERS\ar5211.sys [547904 2007-07-26] (Atheros Communications, Inc.)
R3 F-Secure Gatekeeper; C:\Program\F-Secure\apps\ComputerSecurity\Anti-Virus\minifilter\fsgk.sys [146472 2013-12-11] (F-Secure Corporation)
R1 F-Secure HIPS; C:\Program\F-Secure\apps\ComputerSecurity\HIPS\drivers\fshs.sys [73328 2013-12-04] (F-Secure Corporation)
R0 fsbts; C:\WINDOWS\System32\Drivers\fsbts.sys [44240 2013-12-04] ()
R3 fsni; C:\Program\F-Secure\apps\CCF_Scanning\fsnixp32.sys [50112 2013-07-03] (F-Secure Corporation)
R3 fsnitdi; C:\Program\F-Secure\apps\CCF_Scanning\fsnitdi32.sys [24000 2013-07-03] (F-Secure Corporation)
S4 IntelIde; No ImagePath
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Corporation)
U1 WS2IFSL;

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-02-13 16:25 - 2014-02-13 16:25 - 00006992 _____ () C:\Documents and Settings\Gull-Britt\Skrivbord\FRST.txt
2014-02-12 09:52 - 2014-02-12 09:52 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2916036$
2014-02-12 09:50 - 2014-02-12 09:52 - 00018546 _____ () C:\WINDOWS\FaxSetup.log
2014-02-12 09:50 - 2014-02-12 09:52 - 00008868 _____ () C:\WINDOWS\ocgen.log
2014-02-12 09:50 - 2014-02-12 09:52 - 00007077 _____ () C:\WINDOWS\tsoc.log
2014-02-12 09:50 - 2014-02-12 09:52 - 00006144 _____ () C:\WINDOWS\comsetup.log
2014-02-12 09:50 - 2014-02-12 09:52 - 00003741 _____ () C:\WINDOWS\ntdtcsetup.log
2014-02-12 09:50 - 2014-02-12 09:52 - 00003223 _____ () C:\WINDOWS\updspapi.log
2014-02-12 09:50 - 2014-02-12 09:52 - 00002940 _____ () C:\WINDOWS\iis6.log
2014-02-12 09:50 - 2014-02-12 09:52 - 00001374 _____ () C:\WINDOWS\imsins.log
2014-02-12 09:50 - 2014-02-12 09:52 - 00001158 _____ () C:\WINDOWS\ocmsn.log
2014-02-12 09:50 - 2014-02-12 09:52 - 00000927 _____ () C:\WINDOWS\msgsocm.log
2014-02-12 09:50 - 2014-02-12 09:50 - 00011366 _____ () C:\WINDOWS\KB2909921-IE8.log
2014-02-12 09:50 - 2014-02-12 09:50 - 00001374 _____ () C:\WINDOWS\imsins.BAK
2014-02-12 09:50 - 2014-02-12 09:50 - 00000000 _____ () C:\WINDOWS\setuperr.log
2014-02-12 09:50 - 2014-02-12 09:50 - 00000000 _____ () C:\WINDOWS\setupact.log
2014-02-12 09:49 - 2014-02-12 09:50 - 00004133 _____ () C:\WINDOWS\KB2909210-IE8.log
2014-02-12 09:48 - 2014-02-12 09:52 - 00012989 _____ () C:\WINDOWS\KB2916036.log
2014-02-12 09:48 - 2014-02-12 09:48 - 00005267 _____ () C:\Documents and Settings\Gull-Britt\Skrivbord\RKreport[0]_S_02122014_094827.txt
2014-02-11 16:58 - 2014-02-11 16:58 - 00012705 _____ () C:\Documents and Settings\Gull-Britt\Skrivbord\RKreport[0]_S_02112014_165845.txt
2014-02-11 10:09 - 2014-02-11 10:10 - 02237968 _____ (Kaspersky Lab ZAO) C:\Documents and Settings\Gull-Britt\Skrivbord\tdsskiller.exe
2014-02-11 10:02 - 2014-02-11 10:02 - 00012672 _____ () C:\Documents and Settings\Gull-Britt\Skrivbord\RKreport[0]_S_02112014_100233.txt
2014-02-11 09:59 - 2014-02-12 09:48 - 00000000 ____D () C:\Documents and Settings\Gull-Britt\Skrivbord\RK_Quarantine
2014-02-11 09:57 - 2014-02-11 09:57 - 03813376 _____ () C:\Documents and Settings\Gull-Britt\Skrivbord\RogueKiller.exe
2014-02-10 15:30 - 2014-02-10 15:30 - 00000000 ____D () C:\Documents and Settings\Gull-Britt\Application Data\newnext.me
2014-02-10 15:28 - 2014-02-13 16:21 - 00000000 ____D () C:\Documents and Settings\Gull-Britt\Skrivbord\FRST-OlderVersion
2014-02-08 10:40 - 2014-02-08 10:40 - 00000000 ____D () C:\Program\ESET
2014-02-08 10:22 - 2014-02-08 10:22 - 00025566 _____ () C:\Documents and Settings\Gull-Britt\Skrivbord\Addition.txt
2014-02-08 10:21 - 2014-02-12 09:44 - 00019803 _____ () C:\Documents and Settings\Gull-Britt\Skrivbord\old FRST.txt
2014-02-08 10:19 - 2014-02-13 16:25 - 00000000 ____D () C:\FRST
2014-02-08 10:17 - 2014-02-13 16:21 - 01141248 _____ (Farbar) C:\Documents and Settings\Gull-Britt\Skrivbord\FRST.exe
2014-02-06 16:39 - 2014-02-06 16:39 - 01327296 _____ () C:\Documents and Settings\Gull-Britt\Mina dokument\Köttfärsgulasch  Recept ICA_se.mht
2014-02-05 07:53 - 2014-02-05 07:53 - 00011356 _____ () C:\Documents and Settings\Gull-Britt\Skrivbord\attach2.txt
2014-02-05 07:53 - 2014-02-05 07:53 - 00006708 _____ () C:\Documents and Settings\Gull-Britt\Skrivbord\dds2.txt
2014-02-03 16:49 - 2014-02-03 16:49 - 01166132 _____ () C:\Documents and Settings\Gull-Britt\Skrivbord\adwcleaner.exe
2014-02-03 16:20 - 2014-02-03 16:22 - 741343232 _____ () C:\Documents and Settings\Gull-Britt\Skrivbord\ubuntu-12.04.3-desktop-i386.iso
2014-02-02 20:48 - 2014-02-03 16:55 - 00000000 ____D () C:\AdwCleaner
2014-02-02 12:43 - 2014-02-02 12:43 - 00011274 _____ () C:\Documents and Settings\Gull-Britt\Mina dokument\attach.txt
2014-02-02 12:43 - 2014-02-02 12:43 - 00007564 _____ () C:\Documents and Settings\Gull-Britt\Mina dokument\dds.txt
2014-02-02 12:39 - 2014-02-05 07:31 - 00011356 _____ () C:\Documents and Settings\Gull-Britt\Skrivbord\attach.txt
2014-02-02 12:39 - 2014-02-05 07:31 - 00006708 _____ () C:\Documents and Settings\Gull-Britt\Skrivbord\dds.txt
2014-02-02 12:38 - 2014-02-02 12:38 - 00000000 ___RD () C:\Documents and Settings\Gull-Britt\Start-meny\Program\Administrationsverktyg
2014-02-02 12:38 - 2014-02-02 12:38 - 00000000 ___RD () C:\Documents and Settings\Gull-Britt\Mina dokument\Mina videoklipp
2014-02-02 12:38 - 2014-02-02 12:38 - 00000000 ___RD () C:\Documents and Settings\All Users\Dokument\Mina videoklipp
2014-02-02 12:37 - 2014-02-02 12:37 - 00688992 ____R (Swearware) C:\Documents and Settings\Gull-Britt\Skrivbord\dds.scr
2014-01-28 17:26 - 2014-01-28 17:26 - 00007680 ___SH () C:\WINDOWS\Thumbs.db
2014-01-28 17:26 - 2014-01-28 17:26 - 00003584 _____ () C:\Documents and Settings\Gull-Britt\Lokala inställningar\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-01-27 11:21 - 2014-02-12 17:46 - 00013072 _____ () C:\WINDOWS\setupapi.log
2014-01-26 15:49 - 2014-01-26 15:49 - 02916022 _____ () C:\Documents and Settings\Gull-Britt\Mina dokument\ccleaner 140125.txt
2014-01-15 19:20 - 2014-01-15 19:20 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2914368$

==================== One Month Modified Files and Folders =======

2014-02-13 16:25 - 2014-02-13 16:25 - 00006992 _____ () C:\Documents and Settings\Gull-Britt\Skrivbord\FRST.txt
2014-02-13 16:25 - 2014-02-08 10:19 - 00000000 ____D () C:\FRST
2014-02-13 16:25 - 2013-12-03 21:28 - 00000000 ____D () C:\Documents and Settings\Gull-Britt\Skrivbord
2014-02-13 16:21 - 2014-02-10 15:28 - 00000000 ____D () C:\Documents and Settings\Gull-Britt\Skrivbord\FRST-OlderVersion
2014-02-13 16:21 - 2014-02-08 10:17 - 01141248 _____ (Farbar) C:\Documents and Settings\Gull-Britt\Skrivbord\FRST.exe
2014-02-13 16:21 - 2013-12-04 11:30 - 00000418 ____H () C:\WINDOWS\Tasks\User_Feed_Synchronization-{62437744-79BB-4415-A4EF-559DCFECB16B}.job
2014-02-13 10:38 - 2013-12-03 21:23 - 01521919 _____ () C:\WINDOWS\WindowsUpdate.log
2014-02-13 10:21 - 2013-12-06 09:46 - 00000576 _____ () C:\Documents and Settings\Gull-Britt\intlname.ols
2014-02-13 10:03 - 2013-12-05 22:30 - 00000868 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-02-13 09:53 - 2013-12-03 22:01 - 00729868 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-02-13 09:53 - 2004-08-04 13:00 - 00318396 _____ () C:\WINDOWS\system32\perfh01D.dat
2014-02-13 09:53 - 2004-08-04 13:00 - 00049310 _____ () C:\WINDOWS\system32\perfc01D.dat
2014-02-13 09:48 - 2013-12-06 11:05 - 00000000 ____D () C:\Documents and Settings\Gull-Britt\Application Data\stickies
2014-02-13 09:48 - 2013-12-03 22:04 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2014-02-13 09:48 - 2013-12-03 22:04 - 00000050 _____ () C:\WINDOWS\wiaservc.log
2014-02-13 09:48 - 2013-12-03 21:27 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-02-12 17:48 - 2013-12-03 21:28 - 00000304 ___SH () C:\Documents and Settings\Gull-Britt\ntuser.ini
2014-02-12 17:48 - 2013-12-03 21:27 - 00032518 _____ () C:\WINDOWS\SchedLgU.Txt
2014-02-12 17:46 - 2014-01-27 11:21 - 00013072 _____ () C:\WINDOWS\setupapi.log
2014-02-12 09:52 - 2014-02-12 09:52 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2916036$
2014-02-12 09:52 - 2014-02-12 09:50 - 00018546 _____ () C:\WINDOWS\FaxSetup.log
2014-02-12 09:52 - 2014-02-12 09:50 - 00008868 _____ () C:\WINDOWS\ocgen.log
2014-02-12 09:52 - 2014-02-12 09:50 - 00007077 _____ () C:\WINDOWS\tsoc.log
2014-02-12 09:52 - 2014-02-12 09:50 - 00006144 _____ () C:\WINDOWS\comsetup.log
2014-02-12 09:52 - 2014-02-12 09:50 - 00003741 _____ () C:\WINDOWS\ntdtcsetup.log
2014-02-12 09:52 - 2014-02-12 09:50 - 00003223 _____ () C:\WINDOWS\updspapi.log
2014-02-12 09:52 - 2014-02-12 09:50 - 00002940 _____ () C:\WINDOWS\iis6.log
2014-02-12 09:52 - 2014-02-12 09:50 - 00001374 _____ () C:\WINDOWS\imsins.log
2014-02-12 09:52 - 2014-02-12 09:50 - 00001158 _____ () C:\WINDOWS\ocmsn.log
2014-02-12 09:52 - 2014-02-12 09:50 - 00000927 _____ () C:\WINDOWS\msgsocm.log
2014-02-12 09:52 - 2014-02-12 09:48 - 00012989 _____ () C:\WINDOWS\KB2916036.log
2014-02-12 09:52 - 2013-12-05 20:15 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-02-12 09:50 - 2014-02-12 09:50 - 00011366 _____ () C:\WINDOWS\KB2909921-IE8.log
2014-02-12 09:50 - 2014-02-12 09:50 - 00001374 _____ () C:\WINDOWS\imsins.BAK
2014-02-12 09:50 - 2014-02-12 09:50 - 00000000 _____ () C:\WINDOWS\setuperr.log
2014-02-12 09:50 - 2014-02-12 09:50 - 00000000 _____ () C:\WINDOWS\setupact.log
2014-02-12 09:50 - 2014-02-12 09:49 - 00004133 _____ () C:\WINDOWS\KB2909210-IE8.log
2014-02-12 09:50 - 2013-12-05 20:15 - 85946576 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-02-12 09:48 - 2014-02-12 09:48 - 00005267 _____ () C:\Documents and Settings\Gull-Britt\Skrivbord\RKreport[0]_S_02122014_094827.txt
2014-02-12 09:48 - 2014-02-11 09:59 - 00000000 ____D () C:\Documents and Settings\Gull-Britt\Skrivbord\RK_Quarantine
2014-02-12 09:44 - 2014-02-08 10:21 - 00019803 _____ () C:\Documents and Settings\Gull-Britt\Skrivbord\old FRST.txt
2014-02-11 16:58 - 2014-02-11 16:58 - 00012705 _____ () C:\Documents and Settings\Gull-Britt\Skrivbord\RKreport[0]_S_02112014_165845.txt
2014-02-11 10:10 - 2014-02-11 10:09 - 02237968 _____ (Kaspersky Lab ZAO) C:\Documents and Settings\Gull-Britt\Skrivbord\tdsskiller.exe
2014-02-11 10:02 - 2014-02-11 10:02 - 00012672 _____ () C:\Documents and Settings\Gull-Britt\Skrivbord\RKreport[0]_S_02112014_100233.txt
2014-02-11 09:57 - 2014-02-11 09:57 - 03813376 _____ () C:\Documents and Settings\Gull-Britt\Skrivbord\RogueKiller.exe
2014-02-10 15:42 - 2013-12-06 11:45 - 00000000 ____D () C:\Documents and Settings\Gull-Britt\Mina dokument\gamla doc
2014-02-10 15:42 - 2013-12-03 21:28 - 00000000 ___RD () C:\Documents and Settings\Gull-Britt\Mina dokument
2014-02-10 15:30 - 2014-02-10 15:30 - 00000000 ____D () C:\Documents and Settings\Gull-Britt\Application Data\newnext.me
2014-02-10 15:30 - 2013-12-03 22:01 - 00000000 ___RD () C:\Program
2014-02-10 09:17 - 2004-08-04 13:00 - 00013646 _____ () C:\WINDOWS\system32\wpa.dbl
2014-02-08 10:40 - 2014-02-08 10:40 - 00000000 ____D () C:\Program\ESET
2014-02-08 10:22 - 2014-02-08 10:22 - 00025566 _____ () C:\Documents and Settings\Gull-Britt\Skrivbord\Addition.txt
2014-02-08 10:18 - 2013-12-03 21:28 - 00000000 ___RD () C:\Documents and Settings\Gull-Britt\Favoriter
2014-02-06 16:39 - 2014-02-06 16:39 - 01327296 _____ () C:\Documents and Settings\Gull-Britt\Mina dokument\Köttfärsgulasch  Recept ICA_se.mht
2014-02-06 04:38 - 2004-08-04 13:00 - 00920064 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wininet.dll
2014-02-06 04:38 - 2004-08-04 13:00 - 00920064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-02-06 00:08 - 2013-12-05 19:24 - 11113472 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ieframe.dll
2014-02-06 00:08 - 2013-12-05 19:24 - 02006016 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iertutil.dll
2014-02-06 00:08 - 2013-12-05 19:24 - 00743424 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iedvtool.dll
2014-02-06 00:08 - 2013-12-05 19:24 - 00630272 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msfeeds.dll
2014-02-06 00:08 - 2013-12-05 19:24 - 00522240 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\jsdbgui.dll
2014-02-06 00:08 - 2013-12-05 19:24 - 00247808 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ieproxy.dll
2014-02-06 00:08 - 2013-12-05 19:24 - 00055296 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msfeedsbs.dll
2014-02-06 00:08 - 2013-12-05 19:24 - 00012800 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\xpshims.dll
2014-02-06 00:08 - 2013-12-03 21:21 - 00759296 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\vgx.dll
2014-02-06 00:08 - 2009-03-08 04:39 - 11113472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-02-06 00:08 - 2009-03-08 04:32 - 02006016 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-02-06 00:08 - 2009-03-08 04:32 - 00630272 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-02-06 00:08 - 2009-03-08 04:31 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedsbs.dll
2014-02-06 00:08 - 2004-08-04 13:00 - 06021120 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mshtml.dll
2014-02-06 00:08 - 2004-08-04 13:00 - 06021120 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-02-06 00:08 - 2004-08-04 13:00 - 01469440 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\inetcpl.cpl
2014-02-06 00:08 - 2004-08-04 13:00 - 01469440 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-02-06 00:08 - 2004-08-04 13:00 - 01216000 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\urlmon.dll
2014-02-06 00:08 - 2004-08-04 13:00 - 01216000 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-02-06 00:08 - 2004-08-04 13:00 - 00611840 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mstime.dll
2014-02-06 00:08 - 2004-08-04 13:00 - 00611840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstime.dll
2014-02-06 00:08 - 2004-08-04 13:00 - 00387584 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iedkcs32.dll
2014-02-06 00:08 - 2004-08-04 13:00 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-02-06 00:08 - 2004-08-04 13:00 - 00206848 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\occache.dll
2014-02-06 00:08 - 2004-08-04 13:00 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\occache.dll
2014-02-06 00:08 - 2004-08-04 13:00 - 00184320 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iepeers.dll
2014-02-06 00:08 - 2004-08-04 13:00 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2014-02-06 00:08 - 2004-08-04 13:00 - 00105984 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\url.dll
2014-02-06 00:08 - 2004-08-04 13:00 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\url.dll
2014-02-06 00:08 - 2004-08-04 13:00 - 00067072 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mshtmled.dll
2014-02-06 00:08 - 2004-08-04 13:00 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-02-06 00:08 - 2004-08-04 13:00 - 00043520 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\licmgr10.dll
2014-02-06 00:08 - 2004-08-04 13:00 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\licmgr10.dll
2014-02-06 00:08 - 2004-08-04 13:00 - 00025600 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\jsproxy.dll
2014-02-06 00:08 - 2004-08-04 13:00 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-02-06 00:08 - 2004-08-04 13:00 - 00018944 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\corpol.dll
2014-02-06 00:08 - 2004-08-04 13:00 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\corpol.dll
2014-02-05 23:29 - 2004-08-04 13:00 - 00385024 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2014-02-05 23:29 - 2004-08-04 13:00 - 00174592 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ie4uinit.exe
2014-02-05 23:29 - 2004-08-04 13:00 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-02-05 10:03 - 2013-12-05 22:30 - 00692616 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2014-02-05 10:03 - 2013-12-05 22:30 - 00071048 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2014-02-05 07:53 - 2014-02-05 07:53 - 00011356 _____ () C:\Documents and Settings\Gull-Britt\Skrivbord\attach2.txt
2014-02-05 07:53 - 2014-02-05 07:53 - 00006708 _____ () C:\Documents and Settings\Gull-Britt\Skrivbord\dds2.txt
2014-02-05 07:31 - 2014-02-02 12:39 - 00011356 _____ () C:\Documents and Settings\Gull-Britt\Skrivbord\attach.txt
2014-02-05 07:31 - 2014-02-02 12:39 - 00006708 _____ () C:\Documents and Settings\Gull-Britt\Skrivbord\dds.txt
2014-02-03 16:55 - 2014-02-02 20:48 - 00000000 ____D () C:\AdwCleaner
2014-02-03 16:49 - 2014-02-03 16:49 - 01166132 _____ () C:\Documents and Settings\Gull-Britt\Skrivbord\adwcleaner.exe
2014-02-03 16:22 - 2014-02-03 16:20 - 741343232 _____ () C:\Documents and Settings\Gull-Britt\Skrivbord\ubuntu-12.04.3-desktop-i386.iso
2014-02-02 21:04 - 2013-12-03 21:28 - 00000775 _____ () C:\Documents and Settings\Gull-Britt\Start-meny\Program\Internet Explorer.lnk
2014-02-02 21:04 - 2013-12-03 21:28 - 00000000 ___RD () C:\Documents and Settings\Gull-Britt\Start-meny\Program
2014-02-02 12:43 - 2014-02-02 12:43 - 00011274 _____ () C:\Documents and Settings\Gull-Britt\Mina dokument\attach.txt
2014-02-02 12:43 - 2014-02-02 12:43 - 00007564 _____ () C:\Documents and Settings\Gull-Britt\Mina dokument\dds.txt
2014-02-02 12:42 - 2013-12-03 16:41 - 00000211 ___SH () C:\boot.ini
2014-02-02 12:42 - 2004-08-04 13:00 - 00000573 _____ () C:\WINDOWS\win.ini
2014-02-02 12:42 - 2004-08-04 13:00 - 00000227 _____ () C:\WINDOWS\system.ini
2014-02-02 12:38 - 2014-02-02 12:38 - 00000000 ___RD () C:\Documents and Settings\Gull-Britt\Start-meny\Program\Administrationsverktyg
2014-02-02 12:38 - 2014-02-02 12:38 - 00000000 ___RD () C:\Documents and Settings\Gull-Britt\Mina dokument\Mina videoklipp
2014-02-02 12:38 - 2014-02-02 12:38 - 00000000 ___RD () C:\Documents and Settings\All Users\Dokument\Mina videoklipp
2014-02-02 12:38 - 2013-12-03 22:00 - 00000000 ___RD () C:\Documents and Settings\All Users\Dokument
2014-02-02 12:37 - 2014-02-02 12:37 - 00688992 ____R (Swearware) C:\Documents and Settings\Gull-Britt\Skrivbord\dds.scr
2014-02-02 11:39 - 2013-12-05 22:28 - 00000000 ____D () C:\Documents and Settings\Gull-Britt\Lokala inställningar\Application Data\Adobe
2014-01-28 17:26 - 2014-01-28 17:26 - 00007680 ___SH () C:\WINDOWS\Thumbs.db
2014-01-28 17:26 - 2014-01-28 17:26 - 00003584 _____ () C:\Documents and Settings\Gull-Britt\Lokala inställningar\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-01-28 15:53 - 2013-12-06 11:46 - 00000000 ____D () C:\Documents and Settings\Gull-Britt\Mina dokument\Sånger
2014-01-27 12:02 - 2013-12-04 08:12 - 00000000 ___HD () C:\Program\InstallShield Installation Information
2014-01-26 15:49 - 2014-01-26 15:49 - 02916022 _____ () C:\Documents and Settings\Gull-Britt\Mina dokument\ccleaner 140125.txt
2014-01-26 15:37 - 2013-12-04 18:40 - 00000000 ____D () C:\Program\CCleaner
2014-01-23 09:26 - 2013-12-03 21:28 - 00000000 ___HD () C:\Documents and Settings\Gull-Britt\Nätverket
2014-01-16 20:38 - 2014-01-08 18:06 - 00002289 _____ () C:\Documents and Settings\All Users\Start-meny\Program\Adobe Reader XI.lnk
2014-01-16 20:20 - 2013-12-03 22:00 - 00000000 ___RD () C:\Documents and Settings\All Users\Start-meny\Program
2014-01-15 19:42 - 2013-12-03 21:28 - 00000000 ____D () C:\Documents and Settings\Gull-Britt
2014-01-15 19:20 - 2014-01-15 19:20 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2914368$

Some content of TEMP:
====================
C:\Documents and Settings\Gull-Britt\Lokala inställningar\Temp\ntdll_dump.dll
C:\Documents and Settings\Gull-Britt\Lokala inställningar\Temp\Quarantine.exe

==================== Bamital & volsnap Check =================

C:\WINDOWS\explorer.exe
[2004-08-04 13:00] - [2008-04-14 21:35] - 1034240 ____A (Microsoft Corporation) 74bb7dcd2bfdcc0e52869db3582ca781

C:\WINDOWS\system32\winlogon.exe
[2004-08-04 13:00] - [2008-04-14 21:35] - 0507904 ____A (Microsoft Corporation) abd2d070be76a9386a0a283a332e3862

C:\WINDOWS\system32\svchost.exe
[2004-08-04 13:00] - [2008-04-14 21:35] - 0014336 ____A (Microsoft Corporation) 6ccef19d7301d9861f90e299c798ad3f

C:\WINDOWS\system32\services.exe
[2004-08-04 13:00] - [2009-02-09 12:27] - 0110592 ____A (Microsoft Corporation) 8870b0c4a094c1ce80cea6f85fa38ff2

C:\WINDOWS\system32\User32.dll
[2004-08-04 13:00] - [2008-04-14 21:34] - 0578560 ____A (Microsoft Corporation) e3cf0ec59316ea8e856db1e1f442cd57

C:\WINDOWS\system32\userinit.exe
[2004-08-04 13:00] - [2008-04-14 21:35] - 0026112 ____A (Microsoft Corporation) 317799a2e42b5ea048a8a70f482cba9f

C:\WINDOWS\system32\rpcss.dll
[2004-08-04 13:00] - [2009-02-09 11:56] - 0401408 ____A (Microsoft Corporation) 87dadc3f6e6cd5aaeb913e19cbff922c

ATTENTION ======> If the system is having audio adware rpcss.dll is patched. Google the MD5, if the MD5 is unique the file is infected.
C:\WINDOWS\system32\Drivers\volsnap.sys
[2004-08-04 13:00] - [2008-04-14 21:06] - 0052864 ____A (Microsoft Corporation) 57187ec04878147e1f4f2d9224b12205

==================== End Of Log ============================

 

Hej. Hoppas hon blivet datoradministratör, ursäkta sent svar och loggen blev som den skulle.

 

Ha en bra da Bertil

Länk till kommentar
Dela på andra webbplatser

Tack detsamma! :)

 

Det här ser ju bra ut:

Ran by Gull-Britt (administrator)

 

Hur fungerar datorn numera?

 

Om det fortfarande är problem:

Stäng av alla program.

Ta bort alla externa enheter, t ex USB-minnen och externa hårddiskar, utom tangentbord och mus. Låt dem vara bortkopplade medan rensningen pågår.

 

Kör RogueKiller (i Vista och Windows 7 högerklicka på programmet och välj "Kör som administratör). Om det inte går att köra så pröva flera gång, men om det fortfarande inte går så pröva med att döpa om programmet till winlogon.exe.

 

Vänta tills "Prescan" har avslutats.

Klicka på "Scan"-knappen uppe till höger.

Vänta tills skanningen är klar.

En rapport "RKreport.txt" ska då ha skapats på Skrivbordet. Klistra in innehållet i den i ditt svar.

Länk till kommentar
Dela på andra webbplatser

Hej!

Du bör kunna hitta audiodrivern till Acer Aspire 5315 för win xp här. Den heter

Audio  Realtek  Audio Driver 6.0.1.5413  36.7 MB

 2008/12/03.

 

/ Jari

 

Hej o tack för länken.

Tyvärr det blir felmeddelande att det int går, kan det vara detta som spökar, kopierade från??? här på sidan

 

ATTENTION ======> If the system is having audio adware rpcss.dll is patched. Google the MD5, if the MD5 is unique the file is infected.

Har provat frlera gånger tidigar med andra länkar men det vill sig inte.

Hoppas det löser sig om det går att få bort skiten som tydligen finns i burken.

 

BeSon/Bertil

Länk till kommentar
Dela på andra webbplatser

C:\WINDOWS\system32\rpcss.dll

[2004-08-04 13:00] - [2009-02-09 11:56] - 0401408 ____A (Microsoft Corporation)

ATTENTION ======> If the system is having audio adware rpcss.dll is patched. Google the MD5, if the MD5 is unique the file is infected.

 

 

Ovanstående är normalt i en svensk XP-dator eftersom filen är översatt och då inte stämmer exakt med det som FRST känner till. Filen har funnit i datorn sedan 2009.

Länk till kommentar
Dela på andra webbplatser

Arkiverat

Det här ämnet är nu arkiverat och är stängt för ytterligare svar.

×
×
  • Skapa nytt...