Just nu i M3-nätverket
Jump to content

WinAntivirus Pro 2006 försvinner inte!! HJÄLP!


bjarne_oberg

Recommended Posts

HJÄLP!!

 

Kommer upp en ikon i aktivitetsfältet som är rött med ett ! i, klickar man på ikonen kan man välja open eller ignore.

står att programmet heter WinAntivirus Pro 2006.

 

Hur ska jag göra?

har SmitfraudFix, HJTsetup.exe, NoLop.exe, taskmanager17.exe, VundoFix.exe hemma. provat alla men inget verkar hjälpa.

 

Vad ska jag göra?

 

Link to comment
Share on other sites

[log]Logfile of HijackThis v1.99.1

Scan saved at 08:27:48, on 2007-02-14

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.5730.0011)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program\Nero\Nero 7\InCD\InCDsrv.exe

C:\Program\Sygate\SPF\smc.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\Program\Delade filer\Symantec Shared\ccSetMgr.exe

C:\WINDOWS\Explorer.EXE

C:\Program\Delade filer\Symantec Shared\ccEvtMgr.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program\Symantec AntiVirus\DefWatch.exe

C:\Program\Symantec AntiVirus\Rtvscan.exe

C:\Program\Delade filer\Symantec Shared\ccApp.exe

C:\Program\SYMANT~1\VPTray.exe

C:\WINDOWS\system32\RunDll32.exe

C:\Program\Delade filer\Real\Update_OB\realsched.exe

C:\Program\Nero\Nero 7\InCD\InCD.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program\Adobe\Acrobat 7.0\Reader\reader_sl.exe

C:\Program\Internet Explorer\iexplore.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Program\Hijackthis\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.aftonbladet.se/

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {29550550-CDA9-4E07-B5D9-59F8FF7099D7} - C:\WINDOWS\system32\vtutu.dll (file missing)

O2 - BHO: MSN Search Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program\MSN Toolbar Suite\TB\02.05.0000.1105\sv-se\msntb.dll

O3 - Toolbar: MSN Search Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program\MSN Toolbar Suite\TB\02.05.0000.1105\sv-se\msntb.dll

O4 - HKLM\..\Run: [smcService] C:\Program\Sygate\SPF\smc.exe -startgui

O4 - HKLM\..\Run: [ccApp] "C:\Program\Delade filer\Symantec Shared\ccApp.exe"

O4 - HKLM\..\Run: [vptray] C:\Program\SYMANT~1\VPTray.exe

O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd

O4 - HKLM\..\Run: [TkBellExe] "C:\Program\Delade filer\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [inCD] C:\Program\Nero\Nero 7\InCD\InCD.exe

O4 - HKLM\..\Run: [syswin] C:\WINDOWS\system32\v6.exe

O4 - HKLM\..\Run: [CTDrive] rundll32.exe C:\WINDOWS\system32\drvrok.dll,startup

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O4 - Global Startup: Microsoft Office.lnk = C:\Program\Microsoft Office\Office10\OSA.EXE

O4 - Global Startup: Windows Desktop Search.lnk = C:\Program\MSN Toolbar Suite\DS\02.05.0001.1119\sv-se\bin\WindowsSearch.exe

O8 - Extra context menu item: &MSN Search - res://C:\Program\MSN Toolbar Suite\TB\02.05.0000.1105\sv-se\msntb.dll/search.htm

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program\MICROS~2\Office10\EXCEL.EXE/3000

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe

O11 - Options group: [iNTERNATIONAL] International*

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\Program\MSNMES~1\msgrapp.dll" (file missing)

O20 - Winlogon Notify: NavLogon - C:\WINDOWS\system32\NavLogon.dll

O20 - Winlogon Notify: winubg32 - C:\WINDOWS\SYSTEM32\winubg32.dll

O20 - Winlogon Notify: xxyyayv - xxyyayv.dll (file missing)

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\ccEvtMgr.exe

O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\ccPwdSvc.exe

O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\ccSetMgr.exe

O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program\Symantec AntiVirus\DefWatch.exe

O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program\Nero\Nero 7\InCD\InCDsrv.exe

O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program\Symantec AntiVirus\SavRoam.exe

O23 - Service: Sygate Personal Firewall Pro (SmcService) - Sygate Technologies, Inc. - C:\Program\Sygate\SPF\smc.exe

O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\SNDSrvc.exe

O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\SPBBC\SPBBCSvc.exe

O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program\Symantec AntiVirus\Rtvscan.exe

[/log]

Link to comment
Share on other sites

har SmitfraudFix, HJTsetup.exe, NoLop.exe, taskmanager17.exe, VundoFix.exe hemma.

Om det är samma filer som i november så kan programmen ha kommit i nya versioner sedan dess.

 

Link to comment
Share on other sites

Zipp kommer att vägleda dig, jag menar bara att när Zipp skriver att du t ex ska använda VundoFix så ska du ladda ner det på nytt inte använda versionen som är från november.

 

Link to comment
Share on other sites

har tankat hem den nya och här är den filen.

 

[log]Logfile of HijackThis v1.99.1

Scan saved at 09:47:49, on 2007-02-14

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.5730.0011)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program\Nero\Nero 7\InCD\InCDsrv.exe

C:\Program\Sygate\SPF\smc.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\Program\Delade filer\Symantec Shared\ccSetMgr.exe

C:\Program\Delade filer\Symantec Shared\ccEvtMgr.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program\Symantec AntiVirus\DefWatch.exe

C:\Program\Symantec AntiVirus\Rtvscan.exe

C:\Program\Delade filer\Symantec Shared\ccApp.exe

C:\Program\SYMANT~1\VPTray.exe

C:\WINDOWS\system32\RunDll32.exe

C:\Program\Delade filer\Real\Update_OB\realsched.exe

C:\Program\Nero\Nero 7\InCD\InCD.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program\Outlook Express\msimn.exe

C:\WINDOWS\explorer.exe

C:\Program\uTorrent\utorrent.exe

C:\Program\Internet Explorer\iexplore.exe

C:\Program\MSN Toolbar Suite\SL\02.05.0001.1119\sv-se\msn_sl.exe

C:\Program\Hijackthis\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.aftonbladet.se/

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {29550550-CDA9-4E07-B5D9-59F8FF7099D7} - C:\WINDOWS\system32\vtutu.dll (file missing)

O2 - BHO: MSN Search Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program\MSN Toolbar Suite\TB\02.05.0000.1105\sv-se\msntb.dll

O3 - Toolbar: MSN Search Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program\MSN Toolbar Suite\TB\02.05.0000.1105\sv-se\msntb.dll

O4 - HKLM\..\Run: [smcService] C:\Program\Sygate\SPF\smc.exe -startgui

O4 - HKLM\..\Run: [ccApp] "C:\Program\Delade filer\Symantec Shared\ccApp.exe"

O4 - HKLM\..\Run: [vptray] C:\Program\SYMANT~1\VPTray.exe

O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd

O4 - HKLM\..\Run: [TkBellExe] "C:\Program\Delade filer\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [inCD] C:\Program\Nero\Nero 7\InCD\InCD.exe

O4 - HKLM\..\Run: [syswin] C:\WINDOWS\system32\v6.exe

O4 - HKLM\..\Run: [CTDrive] rundll32.exe C:\WINDOWS\system32\drvrok.dll,startup

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O4 - Global Startup: Microsoft Office.lnk = C:\Program\Microsoft Office\Office10\OSA.EXE

O4 - Global Startup: Windows Desktop Search.lnk = C:\Program\MSN Toolbar Suite\DS\02.05.0001.1119\sv-se\bin\WindowsSearch.exe

O8 - Extra context menu item: &MSN Search - res://C:\Program\MSN Toolbar Suite\TB\02.05.0000.1105\sv-se\msntb.dll/search.htm

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program\MICROS~2\Office10\EXCEL.EXE/3000

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe

O11 - Options group: [iNTERNATIONAL] International*

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\Program\MSNMES~1\msgrapp.dll" (file missing)

O20 - Winlogon Notify: NavLogon - C:\WINDOWS\system32\NavLogon.dll

O20 - Winlogon Notify: winubg32 - C:\WINDOWS\SYSTEM32\winubg32.dll

O20 - Winlogon Notify: xxyyayv - xxyyayv.dll (file missing)

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\ccEvtMgr.exe

O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\ccPwdSvc.exe

O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\ccSetMgr.exe

O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program\Symantec AntiVirus\DefWatch.exe

O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program\Nero\Nero 7\InCD\InCDsrv.exe

O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program\Symantec AntiVirus\SavRoam.exe

O23 - Service: Sygate Personal Firewall Pro (SmcService) - Sygate Technologies, Inc. - C:\Program\Sygate\SPF\smc.exe

O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\SNDSrvc.exe

O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\SPBBC\SPBBCSvc.exe

O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program\Symantec AntiVirus\Rtvscan.exe

[/log]

Link to comment
Share on other sites

 

Surfa hit och följ anvisningar på sidan

 

http://www.atribune.org/content/view/24/2/

 

skicka sen C:\vundofix.txt

 

Note: It is possible that VundoFix encountered a file it could not remove.

In this case, VundoFix will run on reboot, simply follow the above instructions starting from "Click the

Scan for Vundo button." when VundoFix appears at reboot.

 

 

 

Link to comment
Share on other sites

VundoFix V6.3.6

 

Checking Java version...

 

Sun Java not detected

Scan started at 13:23:31 2007-02-14

 

Listing files found while scanning....

 

No infected files were found.

 

 

Beginning removal...

 

Link to comment
Share on other sites

[log]"Fam ™berg" - 07-02-14 14:09:37 Service Pack 2

ComboFix 07-02-11 - Running from: "G:\"

 

(((((((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

 

 

C:\WINDOWS\system32\GroupPolicy\Machine\Scripts\scripts.ini

C:\WINDOWS\system32\unsvchosts.exe

C:\WINDOWS\system32\unsvchosts.lzma

C:\WINDOWS\system32\vbzip11.dll

 

 

((((((((((((((((((((((((((((((( Files Created from 2007-01-14 to 2007-02-14 ))))))))))))))))))))))))))))))))))

 

 

2007-02-13 15:58 <KAT> d-------- C:\DOCUME~1\FAMBER~1\Application Data\ImgBurn

2007-02-13 15:55 <KAT> d-------- C:\Program\ImgBurn

2007-02-13 13:03 <KAT> d-------- C:\DOCUME~1\FAMBER~1\Application Data\Help

2007-02-13 12:59 <KAT> d-------- C:\Program\Security Task Manager

2007-02-13 12:59 <KAT> d-------- C:\DOCUME~1\ALLUSE~1\Application Data\SecTaskMan

2007-02-13 11:27 524,288 --ah----- C:\DOCUME~1\ADMINI~1\NTUSER.DAT

2007-02-13 11:27 <KAT> dr------- C:\DOCUME~1\ADMINI~1\Start-meny

2007-02-13 11:27 <KAT> d--h----- C:\DOCUME~1\ADMINI~1\Skrivare

2007-02-13 11:27 <KAT> d--h----- C:\DOCUME~1\ADMINI~1\N„tverket

2007-02-13 11:27 <KAT> d--h----- C:\DOCUME~1\ADMINI~1\Mallar

2007-02-13 11:27 <KAT> d--h----- C:\DOCUME~1\ADMINI~1\Lokala inst„llningar

2007-02-13 11:27 <KAT> d-------- C:\DOCUME~1\ADMINI~1\Skrivbord

2007-02-13 11:27 <KAT> d-------- C:\DOCUME~1\ADMINI~1\Mina dokument

2007-02-13 11:27 <KAT> d-------- C:\DOCUME~1\ADMINI~1\Favoriter

2007-02-13 10:59 212 --a------ C:\delete.bat

2007-02-13 10:59 <KAT> d-------- C:\VundoFix Backups

2007-02-13 10:58 <KAT> d-------- C:\Program\Hijackthis

2007-02-13 10:54 <KAT> dr------- C:\DOCUME~1\LOCALS~1\Favoriter

2007-02-13 08:55 93,696 --a------ C:\WINDOWS\system32\drvrok.dll

2007-02-13 08:54 20,480 --a------ C:\WINDOWS\system32\winubg32.dll

2007-02-12 18:30 <KAT> d-------- C:\Program\TPTEST5

2007-02-12 17:01 <KAT> d-------- C:\WINDOWS\vbSkinner

2007-02-04 14:56 <KAT> d-------- C:\WINDOWS\system32\appmgmt

2007-02-04 13:39 <KAT> d-------- C:\WINDOWS\Performance

2007-02-04 13:39 <KAT> d-------- C:\DOCUME~1\ALLUSE~1\Application Data\Microsoft Corporation

2007-02-04 13:34 <KAT> dr--s---- C:\WINDOWS\assembly

2007-02-04 13:33 <KAT> d-------- C:\WINDOWS\Microsoft.NET

2007-01-28 20:38 <KAT> d--h----- C:\WINDOWS\PIF

2007-01-27 23:50 <KAT> d-------- C:\DOCUME~1\FAMBER~1\Application Data\Ahead

2007-01-27 23:49 <KAT> d-------- C:\Program\Nero

2007-01-27 23:49 <KAT> d-------- C:\Program\Delade filer\Ahead

2007-01-22 13:35 43,520 --a------ C:\WINDOWS\system32\CmdLineExt03.dll

2007-01-21 18:33 <KAT> d-------- C:\Program\Advanced IP Scanner

2007-01-21 18:10 <KAT> d-------- C:\Program\Delade filer\Adobe

2007-01-21 18:10 <KAT> d-------- C:\DOCUME~1\ALLUSE~1\Application Data\Adobe

2007-01-21 18:01 <KAT> d-------- C:\DOCUME~1\FAMBER~1\Application Data\AdobeUM

2007-01-20 14:25 <KAT> d-------- C:\DOCUME~1\FAMBER~1\Application Data\Adobe

2007-01-19 14:12 <KAT> d--h----- C:\WINDOWS\system32\GroupPolicy

2007-01-18 11:42 <KAT> d-------- C:\Program\Delade filer\xing shared

2007-01-18 11:41 <KAT> d-------- C:\Program\Real

2007-01-18 11:41 <KAT> d-------- C:\Program\Delade filer\Real

2007-01-18 11:41 <KAT> d-------- C:\DOCUME~1\FAMBER~1\Application Data\Real

2007-01-18 11:39 <KAT> d-------- C:\My Downloads

2007-01-16 21:21 561 --a------ C:\WINDOWS\eReg.dat

2007-01-16 21:17 <KAT> d--h----- C:\Program\InstallShield Installation Information

2007-01-16 21:14 <KAT> d-------- C:\Program\Delade filer\InstallShield

2007-01-16 21:08 304,640 --a------ C:\WINDOWS\IsUn041d.exe

2007-01-16 21:08 <KAT> d-------- C:\DOCUME~1\FAMBER~1\WINDOWS

2007-01-16 20:03 <KAT> d-------- C:\WINDOWS\WBEM

2007-01-16 20:03 <KAT> d-------- C:\WINDOWS\system32\sv-se

2007-01-16 20:01 121,856 --------- C:\WINDOWS\system32\xmllite.dll

2007-01-16 20:01 <KAT> d--h-c--- C:\WINDOWS\ie7

2007-01-16 20:00 <KAT> d-------- C:\WINDOWS\network diagnostic

2007-01-16 18:57 82,944 --a------ C:\WINDOWS\system32\drivers\wdmaud.sys

2007-01-16 18:57 7,552 --a------ C:\WINDOWS\system32\drivers\MSKSSRV.sys

2007-01-16 18:57 60,800 --a------ C:\WINDOWS\system32\drivers\sysaudio.sys

2007-01-16 18:57 60,288 --a------ C:\WINDOWS\system32\drivers\drmk.sys

2007-01-16 18:57 6,400 --a------ C:\WINDOWS\system32\drivers\splitter.sys

2007-01-16 18:57 54,272 --a------ C:\WINDOWS\system32\drivers\swmidi.sys

2007-01-16 18:57 52,864 --a------ C:\WINDOWS\system32\drivers\DMusic.sys

2007-01-16 18:57 5,376 --a------ C:\WINDOWS\system32\drivers\MSPCLOCK.sys

2007-01-16 18:57 4,992 --a------ C:\WINDOWS\system32\drivers\MSPQM.sys

2007-01-16 18:57 4,096 --a------ C:\WINDOWS\system32\ksuser.dll

2007-01-16 18:57 2,944 --a------ C:\WINDOWS\system32\drivers\drmkaud.sys

2007-01-16 18:57 172,416 --a------ C:\WINDOWS\system32\drivers\kmixer.sys

2007-01-16 18:57 145,792 --a------ C:\WINDOWS\system32\drivers\portcls.sys

2007-01-16 18:57 142,464 --a------ C:\WINDOWS\system32\drivers\aec.sys

2007-01-16 17:44 5,248 --a------ C:\WINDOWS\system32\drivers\d347prt.sys

2007-01-16 17:44 155,136 --a------ C:\WINDOWS\system32\drivers\d347bus.sys

2007-01-16 17:44 <KAT> d-------- C:\Program\D-Tools

2007-01-16 17:39 <KAT> d-------- C:\WINDOWS\ShellNew

2007-01-16 17:39 <KAT> d-------- C:\WINDOWS\Downloaded Installations

2007-01-16 17:39 <KAT> d-------- C:\Program\Microsoft ActiveSync

2007-01-16 17:02 262,144 --a------ C:\DOCUME~1\ALLUSE~1\ntuser.dat

2007-01-16 17:01 <KAT> d-------- C:\Program\Lavasoft

2007-01-16 17:01 <KAT> d-------- C:\DOCUME~1\FAMBER~1\Application Data\Lavasoft

2007-01-16 16:46 <KAT> d-------- C:\DOCUME~1\ALLUSE~1\Application Data\Windows Genuine Advantage

2007-01-16 16:38 <KAT> d-------- C:\Program\MSN Messenger

2007-01-16 16:12 3,072 --a------ C:\WINDOWS\system32\drivers\audstub.sys

2007-01-16 16:11 6,400 --a------ C:\WINDOWS\system32\drivers\enum1394.sys

2007-01-16 16:11 58,112 --a------ C:\WINDOWS\system32\drivers\redbook.sys

2007-01-16 16:11 20,992 --a------ C:\WINDOWS\system32\drivers\rtl8139.sys

2007-01-16 16:10 75,264 --a------ C:\WINDOWS\system32\usbui.dll

2007-01-16 16:09 9,936 --a------ C:\WINDOWS\system\LZEXPAND.DLL

2007-01-16 16:09 9,072 --a------ C:\WINDOWS\system\VER.DLL

2007-01-16 16:09 85,020 --a------ C:\WINDOWS\system32\dgsetup.dll

2007-01-16 16:09 82,944 --a------ C:\WINDOWS\system\OLECLI.DLL

2007-01-16 16:09 8,704 --a------ C:\WINDOWS\system32\batt.dll

2007-01-16 16:09 8,192 -ra------ C:\WINDOWS\system32\kbdhept.dll

2007-01-16 16:09 75,264 --a------ C:\WINDOWS\system32\storprop.dll

2007-01-16 16:09 70,128 --a------ C:\WINDOWS\system\AVICAP.DLL

2007-01-16 16:09 7,168 -ra------ C:\WINDOWS\system32\kbdcz.dll

2007-01-16 16:09 69,632 --a------ C:\WINDOWS\notepad.exe

2007-01-16 16:09 69,072 --a------ C:\WINDOWS\system\mmsystem.dll

2007-01-16 16:09 6,656 -ra------ C:\WINDOWS\system32\kbdycl.dll

2007-01-16 16:09 6,656 -ra------ C:\WINDOWS\system32\kbdsl1.dll

2007-01-16 16:09 6,656 -ra------ C:\WINDOWS\system32\kbdsl.dll

2007-01-16 16:09 6,656 -ra------ C:\WINDOWS\system32\kbdpl.dll

2007-01-16 16:09 6,656 -ra------ C:\WINDOWS\system32\kbdhu.dll

2007-01-16 16:09 6,656 -ra------ C:\WINDOWS\system32\kbdhela3.dll

2007-01-16 16:09 6,656 -ra------ C:\WINDOWS\system32\kbdcz2.dll

2007-01-16 16:09 6,656 -ra------ C:\WINDOWS\system32\kbdcz1.dll

2007-01-16 16:09 6,656 -ra------ C:\WINDOWS\system32\kbdcr.dll

2007-01-16 16:09 6,656 -ra------ C:\WINDOWS\system32\KBDAL.DLL

2007-01-16 16:09 6,144 -ra------ C:\WINDOWS\system32\kbdtuq.dll

2007-01-16 16:09 6,144 -ra------ C:\WINDOWS\system32\kbdtuf.dll

2007-01-16 16:09 6,144 -ra------ C:\WINDOWS\system32\kbdlv1.dll

2007-01-16 16:09 6,144 -ra------ C:\WINDOWS\system32\kbdlv.dll

2007-01-16 16:09 6,144 -ra------ C:\WINDOWS\system32\kbdhela2.dll

2007-01-16 16:09 6,144 -ra------ C:\WINDOWS\system32\kbdgkl.dll

2007-01-16 16:09 6,144 -ra------ C:\WINDOWS\system32\kbdest.dll

2007-01-16 16:09 5,632 -ra------ C:\WINDOWS\system32\kbdro.dll

2007-01-16 16:09 5,632 -ra------ C:\WINDOWS\system32\kbdpl1.dll

2007-01-16 16:09 5,632 -ra------ C:\WINDOWS\system32\kbdmon.dll

2007-01-16 16:09 5,632 -ra------ C:\WINDOWS\system32\kbdlt1.dll

2007-01-16 16:09 5,632 -ra------ C:\WINDOWS\system32\kbdlt.dll

2007-01-16 16:09 5,632 -ra------ C:\WINDOWS\system32\kbdkyr.dll

2007-01-16 16:09 5,632 -ra------ C:\WINDOWS\system32\kbdhu1.dll

2007-01-16 16:09 5,632 -ra------ C:\WINDOWS\system32\kbdhe319.dll

2007-01-16 16:09 5,632 -ra------ C:\WINDOWS\system32\kbdhe220.dll

2007-01-16 16:09 5,632 -ra------ C:\WINDOWS\system32\kbdhe.dll

2007-01-16 16:09 5,632 -ra------ C:\WINDOWS\system32\kbdazel.dll

2007-01-16 16:09 5,120 --a------ C:\WINDOWS\system\SHELL.DLL

2007-01-16 16:09 33,008 --a------ C:\WINDOWS\system\COMMDLG.DLL

2007-01-16 16:09 24,661 --a------ C:\WINDOWS\system32\spxcoins.dll

2007-01-16 16:09 24,064 --a------ C:\WINDOWS\system\OLESVR.DLL

2007-01-16 16:09 19,200 --a------ C:\WINDOWS\system\TAPI.DLL

2007-01-16 16:09 176,157 --a------ C:\WINDOWS\system32\dgrpsetu.dll

2007-01-16 16:09 15,360 --a------ C:\WINDOWS\TASKMAN.EXE

2007-01-16 16:09 13,312 --a------ C:\WINDOWS\system32\irclass.dll

2007-01-16 16:09 126,928 --a------ C:\WINDOWS\system\MSVIDEO.DLL

2007-01-16 16:09 11,264 --a------ C:\WINDOWS\system32\drivers\irenum.sys

2007-01-16 16:09 109,504 --a------ C:\WINDOWS\system\AVIFILE.DLL

2007-01-16 16:09 103,424 --a------ C:\WINDOWS\system32\EqnClass.Dll

2007-01-16 16:09 <KAT> dr-h----- C:\DOCUME~1\DEFAUL~1\Lokala inst„llningar

2007-01-16 16:09 <KAT> dr------- C:\Program

2007-01-16 16:09 <KAT> dr------- C:\DOCUME~1\DEFAUL~1\Start-meny

2007-01-16 16:09 <KAT> dr------- C:\DOCUME~1\ALLUSE~1\Start-meny

2007-01-16 16:09 <KAT> dr------- C:\DOCUME~1\ALLUSE~1\Dokument

2007-01-16 16:09 <KAT> d--h----- C:\DOCUME~1\DEFAUL~1\Skrivare

2007-01-16 16:09 <KAT> d--h----- C:\DOCUME~1\DEFAUL~1\N„tverket

2007-01-16 16:09 <KAT> d--h----- C:\DOCUME~1\DEFAUL~1\Mallar

2007-01-16 16:09 <KAT> d--h----- C:\DOCUME~1\ALLUSE~1\Mallar

2007-01-16 16:09 <KAT> d-------- C:\Program\Delade filer\SpeechEngines

2007-01-16 16:09 <KAT> d-------- C:\Program\Delade filer\ODBC

2007-01-16 16:09 <KAT> d-------- C:\DOCUME~1\DEFAUL~1\Skrivbord

2007-01-16 16:09 <KAT> d-------- C:\DOCUME~1\DEFAUL~1\Mina dokument

2007-01-16 16:09 <KAT> d-------- C:\DOCUME~1\DEFAUL~1\Favoriter

2007-01-16 16:09 <KAT> d-------- C:\DOCUME~1\ALLUSE~1\Skrivbord

2007-01-16 16:09 <KAT> d-------- C:\DOCUME~1\ALLUSE~1\Favoriter

2007-01-16 16:08 <KAT> d-------- C:\WINDOWS\system32\CatRoot2

2007-01-16 16:08 <KAT> d-------- C:\WINDOWS\system32\CatRoot

2007-01-16 16:08 <KAT> d-------- C:\Documents and Settings

2007-01-16 16:07 91,856 --a------ C:\WINDOWS\system32\S32EVNT1.DLL

2007-01-16 16:07 123,488 --a------ C:\WINDOWS\system32\drivers\SYMEVENT.SYS

2007-01-16 16:06 <KAT> d-------- C:\Program\Symantec AntiVirus

2007-01-16 16:06 <KAT> d-------- C:\Program\Symantec

2007-01-16 16:06 <KAT> d-------- C:\Program\Delade filer\Symantec Shared

2007-01-16 16:06 <KAT> d-------- C:\DOCUME~1\ALLUSE~1\Application Data\Symantec

2007-01-16 16:03 <KAT> dr-hsc--- C:\WINDOWS\system32\dllcache

2007-01-16 16:03 <KAT> dr--s---- C:\WINDOWS\Fonts

2007-01-16 16:03 <KAT> dr------- C:\WINDOWS\Web

2007-01-16 16:03 <KAT> d--h----- C:\WINDOWS\inf

2007-01-16 16:03 <KAT> d-------- C:\WINDOWS\WinSxS

2007-01-16 16:03 <KAT> d-------- C:\WINDOWS\twain_32

2007-01-16 16:03 <KAT> d-------- C:\WINDOWS\system32\wins

2007-01-16 16:03 <KAT> d-------- C:\WINDOWS\system32\wbem

2007-01-16 16:03 <KAT> d-------- C:\WINDOWS\system32\usmt

2007-01-16 16:03 <KAT> d-------- C:\WINDOWS\system32\spool

2007-01-16 16:03 <KAT> d-------- C:\WINDOWS\system32\ShellExt

2007-01-16 16:03 <KAT> d-------- C:\WINDOWS\system32\Setup

2007-01-16 16:03 <KAT> d-------- C:\WINDOWS\system32\ras

2007-01-16 16:03 <KAT> d-------- C:\WINDOWS\system32\oobe

2007-01-16 16:03 <KAT> d-------- C:\WINDOWS\system32\npp

2007-01-16 16:03 <KAT> d-------- C:\WINDOWS\system32\mui

2007-01-16 16:03 <KAT> d-------- C:\WINDOWS\system32\inetsrv

2007-01-16 16:03 <KAT> d-------- C:\WINDOWS\system32\IME

2007-01-16 16:03 <KAT> d-------- C:\WINDOWS\system32\icsxml

2007-01-16 16:03 <KAT> d-------- C:\WINDOWS\system32\ias

2007-01-16 16:03 <KAT> d-------- C:\WINDOWS\system32\export

2007-01-16 16:03 <KAT> d-------- C:\WINDOWS\system32\drivers\etc

2007-01-16 16:03 <KAT> d-------- C:\WINDOWS\system32\drivers\disdn

2007-01-16 16:03 <KAT> d-------- C:\WINDOWS\system32\drivers

2007-01-16 16:03 <KAT> d-------- C:\WINDOWS\system32\dhcp

2007-01-16 16:03 <KAT> d-------- C:\WINDOWS\system32\config

2007-01-16 16:03 <KAT> d-------- C:\WINDOWS\system32\3com_dmi

2007-01-16 16:03 <KAT> d-------- C:\WINDOWS\system32\3076

2007-01-16 16:03 <KAT> d-------- C:\WINDOWS\system32\2052

2007-01-16 16:03 <KAT> d-------- C:\WINDOWS\system32\1054

2007-01-16 16:03 <KAT> d-------- C:\WINDOWS\system32\1053

2007-01-16 16:03 <KAT> d-------- C:\WINDOWS\system32\1042

2007-01-16 16:03 <KAT> d-------- C:\WINDOWS\system32\1041

2007-01-16 16:03 <KAT> d-------- C:\WINDOWS\system32\1037

2007-01-16 16:03 <KAT> d-------- C:\WINDOWS\system32\1033

2007-01-16 16:03 <KAT> d-------- C:\WINDOWS\system32\1031

2007-01-16 16:03 <KAT> d-------- C:\WINDOWS\system32\1028

2007-01-16 16:03 <KAT> d-------- C:\WINDOWS\system32\1025

2007-01-16 16:03 <KAT> d-------- C:\WINDOWS\system32

2007-01-16 16:03 <KAT> d-------- C:\WINDOWS\system

2007-01-16 16:03 <KAT> d-------- C:\WINDOWS\security

2007-01-16 16:03 <KAT> d-------- C:\WINDOWS\Resources

2007-01-16 16:03 <KAT> d-------- C:\WINDOWS\repair

2007-01-16 16:03 <KAT> d-------- C:\WINDOWS\mui

2007-01-16 16:03 <KAT> d-------- C:\WINDOWS\msapps

2007-01-16 16:03 <KAT> d-------- C:\WINDOWS\msagent

2007-01-16 16:03 <KAT> d-------- C:\WINDOWS\Media

2007-01-16 16:03 <KAT> d-------- C:\WINDOWS\java

2007-01-16 16:03 <KAT> d-------- C:\WINDOWS\ime

2007-01-16 16:03 <KAT> d-------- C:\WINDOWS\Help

2007-01-16 16:03 <KAT> d-------- C:\WINDOWS\Driver Cache

2007-01-16 16:03 <KAT> d-------- C:\WINDOWS\Debug

2007-01-16 16:03 <KAT> d-------- C:\WINDOWS\Cursors

2007-01-16 16:03 <KAT> d-------- C:\WINDOWS\Connection Wizard

2007-01-16 16:03 <KAT> d-------- C:\WINDOWS\Config

2007-01-16 16:03 <KAT> d-------- C:\WINDOWS\AppPatch

2007-01-16 16:03 <KAT> d-------- C:\WINDOWS\addins

2007-01-16 16:03 <KAT> d-------- C:\WINDOWS

2007-01-16 16:01 <KAT> d--h----- C:\WINDOWS\$hf_mig$

2007-01-16 16:01 <KAT> d-------- C:\WINDOWS\system32\PreInstall

2007-01-16 15:59 <KAT> d--hs---- C:\DOCUME~1\FAMBER~1\UserData

2007-01-16 15:57 <KAT> dr------- C:\DOCUME~1\NETWOR~1\Favoriter

2007-01-16 15:57 <KAT> d-------- C:\WINDOWS\system32\SoftwareDistribution

2007-01-16 15:53 <KAT> d-------- C:\Program\MSN Toolbar Suite

2007-01-16 15:53 <KAT> d-------- C:\DOCUME~1\ALLUSE~1\Application Data\MSN Search Toolbar

2007-01-16 15:52 <KAT> d-------- C:\Program\uTorrent

2007-01-16 15:52 <KAT> d-------- C:\DOCUME~1\FAMBER~1\Application Data\uTorrent

2007-01-16 15:51 77,824 --a------ C:\WINDOWS\system32\SSSensor.dll

2007-01-16 15:51 55,888 --a------ C:\WINDOWS\system32\drivers\Teefer.sys

2007-01-16 15:51 18,515 --a------ C:\WINDOWS\system32\drivers\wpsdrvnt.sys

2007-01-16 15:51 11,914 --a------ C:\WINDOWS\system32\drivers\wg3n.sys

2007-01-16 15:51 <KAT> d-------- C:\Program\Sygate

2007-01-16 15:51 <KAT> d-------- C:\Program\Delade filer\Wise Installation Wizard

2007-01-16 15:48 <KAT> d--hs---- C:\RECYCLER

2007-01-16 15:47 <KAT> d-------- C:\DOCUME~1\LOCALS~1\Start-meny

2007-01-16 15:45 <KAT> d-------- C:\WINDOWS\SoftwareDistribution

2007-01-16 15:45 <KAT> d-------- C:\WINDOWS\Prefetch

2007-01-16 15:40 95,424 --------- C:\WINDOWS\system32\drivers\slnthal.sys

2007-01-16 15:40 937,984 --------- C:\WINDOWS\system32\winbrand.dll

2007-01-16 15:40 9,728 --------- C:\WINDOWS\system32\comsdupd.exe

2007-01-16 15:40 88,064 --------- C:\WINDOWS\system32\p2pnetsh.dll

2007-01-16 15:40 870,784 --------- C:\WINDOWS\system32\ati3d1ag.dll

2007-01-16 15:40 860,480 --a------ C:\WINDOWS\system32\ativvaxx.dll

2007-01-16 15:40 86,016 --------- C:\WINDOWS\system32\p2pgasvc.dll

2007-01-16 15:40 86,016 --------- C:\WINDOWS\system32\mdmxsdk.dll

2007-01-16 15:40 8,192 --------- C:\WINDOWS\system32\smbinst.exe

2007-01-16 15:40 8,192 --------- C:\WINDOWS\system32\bitsprx2.dll

2007-01-16 15:40 78,464 --------- C:\WINDOWS\system32\drivers\usbvideo.sys

2007-01-16 15:40 78,336 --a------ C:\WINDOWS\system32\ieencode.dll

2007-01-16 15:40 75,776 --------- C:\WINDOWS\system32\strmfilt.dll

2007-01-16 15:40 73,832 --------- C:\WINDOWS\system32\slcoinst.dll

2007-01-16 15:40 73,796 --------- C:\WINDOWS\system32\slserv.exe

2007-01-16 15:40 73,216 --------- C:\WINDOWS\system32\drivers\atintuxx.sys

2007-01-16 15:40 71,680 --------- C:\WINDOWS\system32\blastcln.exe

2007-01-16 15:40 7,680 --------- C:\WINDOWS\system32\kbdsmsno.dll

2007-01-16 15:40 7,680 --------- C:\WINDOWS\system32\kbdsmsfi.dll

2007-01-16 15:40 7,168 --------- C:\WINDOWS\system32\kbdukx.dll

2007-01-16 15:40 7,168 --------- C:\WINDOWS\system32\kbdno1.dll

2007-01-16 15:40 7,168 --------- C:\WINDOWS\system32\kbdfi1.dll

2007-01-16 15:40 7,168 --------- C:\WINDOWS\system32\hccoin.dll

2007-01-16 15:40 7,168 --------- C:\WINDOWS\system32\bitsprx3.dll

2007-01-16 15:40 685,056 --------- C:\WINDOWS\system32\drivers\hsfcxts2.sys

2007-01-16 15:40 67,584 --------- C:\WINDOWS\system32\drivers\sdbus.sys

2007-01-16 15:40 63,663 --------- C:\WINDOWS\system32\drivers\ati1rvxx.sys

2007-01-16 15:40 63,488 --------- C:\WINDOWS\system32\drivers\atinxsxx.sys

2007-01-16 15:40 60,416 --------- C:\WINDOWS\system32\fwcfg.dll

2007-01-16 15:40 6,656 --------- C:\WINDOWS\system32\kbdinmal.dll

2007-01-16 15:40 6,656 --------- C:\WINDOWS\system32\kbdinben.dll

2007-01-16 15:40 6,144 --------- C:\WINDOWS\system32\kbdmlt48.dll

2007-01-16 15:40 6,144 --------- C:\WINDOWS\system32\kbdmlt47.dll

2007-01-16 15:40 6,144 --------- C:\WINDOWS\system32\kbdinbe1.dll

2007-01-16 15:40 6,016 --------- C:\WINDOWS\system32\drivers\smbali.sys

2007-01-16 15:40 59,648 --------- C:\WINDOWS\system32\drivers\rfcomm.sys

2007-01-16 15:40 57,856 --------- C:\WINDOWS\system32\drivers\atinbtxx.sys

2007-01-16 15:40 56,623 --------- C:\WINDOWS\system32\drivers\ati1btxx.sys

2007-01-16 15:40 537,088 --------- C:\WINDOWS\system32\msftedit.dll

2007-01-16 15:40 526,848 --------- C:\WINDOWS\system32\p2psvc.dll

2007-01-16 15:40 52,224 --------- C:\WINDOWS\system32\mspmsnsv.dll

2007-01-16 15:40 52,224 --------- C:\WINDOWS\system32\drivers\atinraxx.sys

2007-01-16 15:40 50,688 --------- C:\WINDOWS\system32\btpanui.dll

2007-01-16 15:40 5,632 --------- C:\WINDOWS\system32\kbdmaori.dll

2007-01-16 15:40 49,152 --------- C:\WINDOWS\system32\powercfg.exe

2007-01-16 15:40 484,864 --------- C:\WINDOWS\system32\wmspdmod.dll

2007-01-16 15:40 48,640 --------- C:\WINDOWS\system32\pnrpnsp.dll

2007-01-16 15:40 46,464 --------- C:\WINDOWS\system32\drivers\gagp30kx.sys

2007-01-16 15:40 452,736 --------- C:\WINDOWS\system32\drivers\mtxparhm.sys

2007-01-16 15:40 44,928 --------- C:\WINDOWS\system32\drivers\agpcpq.sys

2007-01-16 15:40 44,672 --------- C:\WINDOWS\system32\drivers\uagp35.sys

2007-01-16 15:40 44,032 --------- C:\WINDOWS\system32\twext.dll

2007-01-16 15:40 43,008 --------- C:\WINDOWS\system32\drivers\amdagp.sys

2007-01-16 15:40 42,752 --------- C:\WINDOWS\system32\drivers\alim1541.sys

2007-01-16 15:40 42,368 --------- C:\WINDOWS\system32\drivers\agp440.sys

2007-01-16 15:40 42,240 --------- C:\WINDOWS\system32\drivers\viaagp.sys

2007-01-16 15:40 41,344 --------- C:\WINDOWS\system32\drivers\amdk7.sys

2007-01-16 15:40 41,088 --------- C:\WINDOWS\system32\drivers\sisagp.sys

2007-01-16 15:40 404,990 --------- C:\WINDOWS\system32\drivers\slntamr.sys

2007-01-16 15:40 40,832 --------- C:\WINDOWS\system32\drivers\irbus.sys

2007-01-16 15:40 40,064 --------- C:\WINDOWS\system32\drivers\intelppm.sys

2007-01-16 15:40 4,274,816 --------- C:\WINDOWS\system32\nv4_disp.dll

2007-01-16 15:40 4,255 --------- C:\WINDOWS\system32\drivers\adv01nt5.dll

2007-01-16 15:40 4,096 --------- C:\WINDOWS\system32\dsprpres.dll

2007-01-16 15:40 398,336 --------- C:\WINDOWS\system32\xpob2res.dll

2007-01-16 15:40 397,056 --------- C:\WINDOWS\system32\s3gnb.dll

2007-01-16 15:40 384,512 --------- C:\WINDOWS\system32\mp4sdmod.dll

2007-01-16 15:40 38,016 --------- C:\WINDOWS\system32\drivers\bthmodem.sys

2007-01-16 15:40 377,984 --------- C:\WINDOWS\system32\ati2dvaa.dll

2007-01-16 15:40 36,463 --------- C:\WINDOWS\system32\drivers\ati1tuxx.sys

2007-01-16 15:40 351,232 --------- C:\WINDOWS\system32\winhttp.dll

2007-01-16 15:40 35,456 --------- C:\WINDOWS\system32\drivers\bthprint.sys

2007-01-16 15:40 34,735 --------- C:\WINDOWS\system32\drivers\ati1xsxx.sys

2007-01-16 15:40 327,040 --------- C:\WINDOWS\system32\drivers\ati2mtaa.sys

2007-01-16 15:40 32,866 --------- C:\WINDOWS\system32\slrundll.exe

2007-01-16 15:40 32,768 --------- C:\WINDOWS\system32\ativtmxx.dll

2007-01-16 15:40 32,768 --------- C:\WINDOWS\system32\asr_pfu.exe

2007-01-16 15:40 32,285 --------- C:\WINDOWS\system32\hsfcisp2.dll

2007-01-16 15:40 312,320 --------- C:\WINDOWS\system32\p2pgraph.dll

2007-01-16 15:40 310,272 --------- C:\WINDOWS\system32\mp43dmod.dll

2007-01-16 15:40 31,744 --------- C:\WINDOWS\system32\drivers\atinxbxx.sys

2007-01-16 15:40 30,671 --------- C:\WINDOWS\system32\drivers\ati1raxx.sys

2007-01-16 15:40 30,208 --------- C:\WINDOWS\system32\bthserv.dll

2007-01-16 15:40 30,080 --------- C:\WINDOWS\system32\drivers\rndismpx.sys

2007-01-16 15:40 3,967 --------- C:\WINDOWS\system32\drivers\adv02nt5.dll

2007-01-16 15:40 3,901 --------- C:\WINDOWS\system32\drivers\siint5.dll

2007-01-16 15:40 3,775 --------- C:\WINDOWS\system32\drivers\adv11nt5.dll

2007-01-16 15:40 3,711 --------- C:\WINDOWS\system32\drivers\adv09nt5.dll

2007-01-16 15:40 3,647 --------- C:\WINDOWS\system32\drivers\adv07nt5.dll

2007-01-16 15:40 3,615 --------- C:\WINDOWS\system32\drivers\adv05nt5.dll

2007-01-16 15:40 3,135 --------- C:\WINDOWS\system32\drivers\adv08nt5.dll

2007-01-16 15:40 29,455 --------- C:\WINDOWS\system32\drivers\ati1xbxx.sys

2007-01-16 15:40 29,184 --------- C:\WINDOWS\system32\sdhcinst.dll

2007-01-16 15:40 29,056 --------- C:\WINDOWS\system32\drivers\ip6fw.sys

2007-01-16 15:40 286,792 --------- C:\WINDOWS\system32\slextspk.dll

2007-01-16 15:40 28,672 --------- C:\WINDOWS\system32\drivers\atinsnxx.sys

2007-01-16 15:40 274,304 --------- C:\WINDOWS\system32\drivers\bthport.sys

2007-01-16 15:40 270,848 --------- C:\WINDOWS\system32\sbe.dll

2007-01-16 15:40 262,784 --------- C:\WINDOWS\system32\drivers\http.sys

2007-01-16 15:40 26,624 --------- C:\WINDOWS\system32\drivers\usbehci.sys

2007-01-16 15:40 26,367 --------- C:\WINDOWS\system32\drivers\ati1snxx.sys

2007-01-16 15:40 258,048 --a------ C:\WINDOWS\system32\ati2cqag.dll

2007-01-16 15:40 256,512 --a------ C:\WINDOWS\system32\ati2dvag.dll

2007-01-16 15:40 25,600 --------- C:\WINDOWS\system32\drivers\hidbth.sys

2007-01-16 15:40 25,471 --------- C:\WINDOWS\system32\drivers\watv10nt.sys

2007-01-16 15:40 25,471 --------- C:\WINDOWS\system32\drivers\atv04nt5.dll

2007-01-16 15:40 24,576 --------- C:\WINDOWS\system32\httpapi.dll

2007-01-16 15:40 233,472 --------- C:\WINDOWS\system32\wmpdxm.dll

2007-01-16 15:40 23,040 --a------ C:\WINDOWS\system32\fltmc.exe

2007-01-16 15:40 220,032 --------- C:\WINDOWS\system32\drivers\hsfbs2s2.sys

2007-01-16 15:40 22,271 --------- C:\WINDOWS\system32\drivers\watv06nt.sys

2007-01-16 15:40 21,343 --------- C:\WINDOWS\system32\drivers\ati1ttxx.sys

2007-01-16 15:40 21,183 --------- C:\WINDOWS\system32\drivers\atv01nt5.dll

2007-01-16 15:40 20,992 --------- C:\WINDOWS\system32\bthci.dll

2007-01-16 15:40 20,480 --------- C:\WINDOWS\system32\encapi.dll

2007-01-16 15:40 2,917,888 --------- C:\WINDOWS\system32\xpsp2res.dll

2007-01-16 15:40 2,636,672 --a------ C:\WINDOWS\system32\ati3duag.dll

2007-01-16 15:40 2,113,536 --------- C:\WINDOWS\system32\dxdiagn.dll

2007-01-16 15:40 193,024 --------- C:\WINDOWS\system32\fsquirt.exe

2007-01-16 15:40 188,928 --------- C:\WINDOWS\system32\xpsp1res.dll

2007-01-16 15:40 188,508 --------- C:\WINDOWS\system32\slgen.dll

2007-01-16 15:40 186,368 --------- C:\WINDOWS\system32\encdec.dll

2007-01-16 15:40 180,360 --------- C:\WINDOWS\system32\drivers\ntmtlfax.sys

2007-01-16 15:40 18,944 --------- C:\WINDOWS\system32\drivers\bthusb.sys

2007-01-16 15:40 175,616 --------- C:\WINDOWS\system32\wmerror.dll

2007-01-16 15:40 17,408 --------- C:\WINDOWS\system32\winshfhc.dll

2007-01-16 15:40 17,279 --------- C:\WINDOWS\system32\drivers\atv10nt5.dll

2007-01-16 15:40 17,024 --------- C:\WINDOWS\system32\drivers\bthenum.sys

2007-01-16 15:40 166,912 --------- C:\WINDOWS\system32\drivers\s3gnbm.sys

2007-01-16 15:40 16,896 --a------ C:\WINDOWS\system32\fltlib.dll

2007-01-16 15:40 159,232 --------- C:\WINDOWS\system32\sbeio.dll

2007-01-16 15:40 151,552 --------- C:\WINDOWS\system32\wmidx.dll

2007-01-16 15:40 15,872 --------- C:\WINDOWS\system32\w3ssl.dll

2007-01-16 15:40 15,488 --------- C:\WINDOWS\system32\drivers\mssmbios.sys

2007-01-16 15:40 15,423 --------- C:\WINDOWS\system32\drivers\ch7xxnt5.dll

2007-01-16 15:40 15,104 --------- C:\WINDOWS\system32\drivers\hidir.sys

2007-01-16 15:40 14,336 --------- C:\WINDOWS\system32\drivers\atinpdxx.sys

2007-01-16 15:40 14,336 --------- C:\WINDOWS\system32\auditusr.exe

2007-01-16 15:40 14,143 --------- C:\WINDOWS\system32\drivers\atv06nt5.dll

2007-01-16 15:40 134,656 --------- C:\WINDOWS\system32\mssap.dll

2007-01-16 15:40 13,824 --------- C:\WINDOWS\system32\drivers\atinttxx.sys

2007-01-16 15:40 13,824 --------- C:\WINDOWS\system32\drivers\atinmdxx.sys

2007-01-16 15:40 13,824 --------- C:\WINDOWS\system32\cmsetacl.dll

2007-01-16 15:40 13,776 --------- C:\WINDOWS\system32\drivers\recagent.sys

2007-01-16 15:40 13,568 --------- C:\WINDOWS\system32\drivers\wacompen.sys

2007-01-16 15:40 13,240 --------- C:\WINDOWS\system32\drivers\slwdmsup.sys

2007-01-16 15:40 129,535 --------- C:\WINDOWS\system32\drivers\slnt7554.sys

2007-01-16 15:40 128,896 --------- C:\WINDOWS\system32\drivers\fltmgr.sys

2007-01-16 15:40 126,686 --------- C:\WINDOWS\system32\drivers\mtlmnt5.sys

2007-01-16 15:40 12,800 --------- C:\WINDOWS\system32\spiisupd.exe

2007-01-16 15:40 12,672 --------- C:\WINDOWS\system32\drivers\usb8023x.sys

2007-01-16 15:40 12,672 --------- C:\WINDOWS\system32\drivers\mutohpen.sys

2007-01-16 15:40 12,416 --------- C:\WINDOWS\system32\drivers\tunmp.sys

2007-01-16 15:40 12,047 --------- C:\WINDOWS\system32\drivers\ati1pdxx.sys

2007-01-16 15:40 118,784 --------- C:\WINDOWS\system32\msdadiag.dll

2007-01-16 15:40 116,224 --------- C:\WINDOWS\system32\p2p.dll

2007-01-16 15:40 114,688 --------- C:\WINDOWS\system32\wmpasf.dll

2007-01-16 15:40 11,935 --------- C:\WINDOWS\system32\drivers\wadv11nt.sys

2007-01-16 15:40 11,871 --------- C:\WINDOWS\system32\drivers\wadv09nt.sys

2007-01-16 15:40 11,868 --------- C:\WINDOWS\system32\drivers\mdmxsdk.sys

2007-01-16 15:40 11,807 --------- C:\WINDOWS\system32\drivers\wadv07nt.sys

2007-01-16 15:40 11,615 --------- C:\WINDOWS\system32\drivers\ati1mdxx.sys

2007-01-16 15:40 11,359 --------- C:\WINDOWS\system32\drivers\atv02nt5.dll

2007-01-16 15:40 11,325 --------- C:\WINDOWS\system32\drivers\vchnt5.dll

2007-01-16 15:40 11,295 --------- C:\WINDOWS\system32\drivers\wadv08nt.sys

2007-01-16 15:40 11,136 --------- C:\WINDOWS\system32\drivers\sffdisk.sys

2007-01-16 15:40 104,960 --------- C:\WINDOWS\system32\drivers\atinrvxx.sys

2007-01-16 15:40 100,992 --------- C:\WINDOWS\system32\drivers\bthpan.sys

2007-01-16 15:40 10,240 --------- C:\WINDOWS\system32\drivers\sffp_sd.sys

2007-01-16 15:40 1,897,408 --------- C:\WINDOWS\system32\drivers\nv4_mini.sys

2007-01-16 15:40 1,737,856 --------- C:\WINDOWS\system32\mtxparhd.dll

2007-01-16 15:40 1,689,088 --------- C:\WINDOWS\system32\d3d9.dll

2007-01-16 15:40 1,505,792 --a------ C:\WINDOWS\system32\drivers\ati2mtag.sys

2007-01-16 15:40 1,309,184 --------- C:\WINDOWS\system32\drivers\mtlstrm.sys

2007-01-16 15:40 1,119,744 --------- C:\WINDOWS\system32\wmsdmoe2.dll

2007-01-16 15:40 1,041,536 --------- C:\WINDOWS\system32\drivers\hsfdpsp2.sys

2007-01-16 15:39 896,512 --------- C:\WINDOWS\system32\wmspdmoe.dll

2007-01-16 15:39 81,408 --------- C:\WINDOWS\system32\wscsvc.dll

2007-01-16 15:39 50,176 --------- C:\WINDOWS\system32\xmlprovi.dll

2007-01-16 15:39 465,176 --a------ C:\WINDOWS\system32\wuapi.dll

2007-01-16 15:39 41,240 --a------ C:\WINDOWS\system32\wups.dll

2007-01-16 15:39 32,866 --------- C:\WINDOWS\slrundll.exe

2007-01-16 15:39 194,328 --a------ C:\WINDOWS\system32\wuaueng1.dll

2007-01-16 15:39 173,536 --a------ C:\WINDOWS\system32\wuweb.dll

2007-01-16 15:39 173,336 --a------ C:\WINDOWS\system32\wuauclt1.exe

2007-01-16 15:39 13,824 --------- C:\WINDOWS\system32\wscntfy.exe

2007-01-16 15:39 129,536 --------- C:\WINDOWS\system32\xmlprov.dll

2007-01-16 15:39 127,768 --a------ C:\WINDOWS\system32\wucltui.dll

2007-01-16 15:39 108,032 --------- C:\WINDOWS\system32\wshbth.dll

2007-01-16 15:39 1,001,472 --------- C:\WINDOWS\system32\wmvdmoe2.dll

2007-01-16 15:39 <KAT> d-------- C:\WINDOWS\provisioning

2007-01-16 15:39 <KAT> d-------- C:\WINDOWS\peernet

2007-01-16 15:38 <KAT> d-------- C:\WINDOWS\ServicePackFiles

2007-01-16 15:35 22,752 --a------ C:\WINDOWS\system32\spupdsvc.exe

2007-01-16 15:35 <KAT> d-------- C:\WINDOWS\system32\ReinstallBackups

2007-01-16 15:33 <KAT> d-------- C:\WINDOWS\EHome

2007-01-16 15:31 <KAT> d-------- C:\WINDOWS\system32\NtmsData

2007-01-16 15:24 552 --a------ C:\WINDOWS\system32\d3d8caps.dat

2007-01-16 15:23 2,621,440 --ah----- C:\DOCUME~1\FAMBER~1\NTUSER.DAT

2007-01-16 15:23 <KAT> dr------- C:\DOCUME~1\FAMBER~1\Start-meny

2007-01-16 15:23 <KAT> dr------- C:\DOCUME~1\FAMBER~1\Mina dokument

2007-01-16 15:23 <KAT> dr------- C:\DOCUME~1\FAMBER~1\Favoriter

2007-01-16 15:23 <KAT> d--hs---- C:\WINDOWS\Installer

2007-01-16 15:23 <KAT> d--h----- C:\DOCUME~1\FAMBER~1\Skrivare

2007-01-16 15:23 <KAT> d--h----- C:\DOCUME~1\FAMBER~1\N„tverket

2007-01-16 15:23 <KAT> d--h----- C:\DOCUME~1\FAMBER~1\Mallar

2007-01-16 15:23 <KAT> d--h----- C:\DOCUME~1\FAMBER~1\Lokala inst„llningar

2007-01-16 15:23 <KAT> d-------- C:\DOCUME~1\FAMBER~1\Skrivbord

2007-01-16 15:22 262,144 --ah----- C:\DOCUME~1\NETWOR~1\NTUSER.DAT

2007-01-16 15:22 233,472 --ah----- C:\DOCUME~1\LOCALS~1\NTUSER.DAT

2007-01-16 15:22 <KAT> d--hs---- C:\System Volume Information

2007-01-16 15:22 <KAT> d--h----- C:\DOCUME~1\NETWOR~1\Lokala inst„llningar

2007-01-16 15:22 <KAT> d--h----- C:\DOCUME~1\LOCALS~1\Lokala inst„llningar

2007-01-16 15:19 233,472 ---h----- C:\DOCUME~1\DEFAUL~1\NTUSER.DAT

2007-01-16 15:19 0 -rahs---- C:\MSDOS.SYS

2007-01-16 15:19 0 -rahs---- C:\IO.SYS

2007-01-16 15:19 0 --a------ C:\CONFIG.SYS

2007-01-16 15:19 0 --a------ C:\AUTOEXEC.BAT

2007-01-16 15:19 <KAT> d-------- C:\WINDOWS\system32\xircom

2007-01-16 15:19 <KAT> d-------- C:\Program\microsoft frontpage

2007-01-16 15:18 112,128 --a------ C:\WINDOWS\system32\mapi32.dll

2007-01-16 15:18 <KAT> dr------- C:\WINDOWS\Offline Web Pages

2007-01-16 15:18 <KAT> d--hs---- C:\DOCUME~1\ALLUSE~1\DRM

2007-01-16 15:18 <KAT> d---s---- C:\WINDOWS\Downloaded Program Files

2007-01-16 15:17 81,920 --a------ C:\WINDOWS\system32\ils.dll

2007-01-16 15:17 73,344 --a------ C:\WINDOWS\system32\drivers\sr.sys

2007-01-16 15:17 69,632 --a------ C:\WINDOWS\system32\msconf.dll

2007-01-16 15:17 67,584 --a------ C:\WINDOWS\system32\srclient.dll

2007-01-16 15:17 64,512 --a------ C:\WINDOWS\system32\acctres.dll

2007-01-16 15:17 45,568 --a------ C:\WINDOWS\system32\safrslv.dll

2007-01-16 15:17 43,520 --a------ C:\WINDOWS\system32\safrcdlg.dll

2007-01-16 15:17 43,520 --a------ C:\WINDOWS\system32\racpldlg.dll

2007-01-16 15:17 382,464 --a------ C:\WINDOWS\system32\qmgr.dll

2007-01-16 15:17 34,560 --a------ C:\WINDOWS\system32\mnmdd.dll

2007-01-16 15:17 32,768 --a------ C:\WINDOWS\system32\mnmsrvc.exe

2007-01-16 15:17 32,768 --a------ C:\WINDOWS\system32\isrdbg32.dll

2007-01-16 15:17 29,696 --a------ C:\WINDOWS\system32\safrdm.dll

2007-01-16 15:17 28,672 --a------ C:\WINDOWS\system32\nmmkcert.dll

2007-01-16 15:17 252,928 --a------ C:\WINDOWS\system32\msoeacct.dll

2007-01-16 15:17 240,640 --a------ C:\WINDOWS\system32\srrstr.dll

2007-01-16 15:17 18,944 --a------ C:\WINDOWS\system32\qmgrprxy.dll

2007-01-16 15:17 170,496 --a------ C:\WINDOWS\system32\srsvc.dll

2007-01-16 15:17 12,288 --a------ C:\WINDOWS\system32\nmevtmsg.dll

2007-01-16 15:17 11,264 --a------ C:\WINDOWS\system32\atrace.dll

2007-01-16 15:17 105,984 --a------ C:\WINDOWS\system32\msoert2.dll

2007-01-16 15:17 <KAT> d-------- C:\WINDOWS\system32\Restore

2007-01-16 15:17 <KAT> d-------- C:\WINDOWS\system32\Macromed

2007-01-16 15:17 <KAT> d-------- C:\WINDOWS\system32\DirectX

2007-01-16 15:17 <KAT> d-------- C:\WINDOWS\srchasst

2007-01-16 15:17 <KAT> d-------- C:\WINDOWS\PCHEALTH

2007-01-16 15:17 <KAT> d-------- C:\Program\Movie Maker

2007-01-16 15:16 81,920 --a------ C:\WINDOWS\system32\isign32.dll

2007-01-16 15:16 73,728 --a------ C:\WINDOWS\system32\icwdial.dll

2007-01-16 15:16 679,424 --a------ C:\WINDOWS\system32\inetcomm.dll

2007-01-16 15:16 65,536 --a------ C:\WINDOWS\system32\icwphbk.dll

2007-01-16 15:16 48,640 --a------ C:\WINDOWS\system32\inetres.dll

2007-01-16 15:16 277,504 --a------ C:\WINDOWS\system32\mstask.dll

2007-01-16 15:16 274,432 --a------ C:\WINDOWS\system32\inetcfg.dll

2007-01-16 15:16 21,700 --a------ C:\WINDOWS\system32\emptyregdb.dat

2007-01-16 15:16 191,488 --a------ C:\WINDOWS\system32\schedsvc.dll

2007-01-16 15:16 16,384 --a------ C:\WINDOWS\system32\icfgnt5.dll

2007-01-16 15:16 12,288 --a------ C:\WINDOWS\system32\mstinit.exe

2007-01-16 15:16 <KAT> d---s---- C:\WINDOWS\Tasks

2007-01-16 15:16 <KAT> d-------- C:\WINDOWS\Registration

2007-01-16 15:16 <KAT> d-------- C:\Program\Delade filer\MSSoap

2007-01-16 15:15 97,792 --a------ C:\WINDOWS\system32\comrepl.dll

2007-01-16 15:15 956,416 --a------ C:\WINDOWS\system32\msdtctm.dll

2007-01-16 15:15 94,208 --a------ C:\WINDOWS\system32\tscfgwmi.dll

2007-01-16 15:15 91,136 --a------ C:\WINDOWS\system32\mtxoci.dll

2007-01-16 15:15 9,728 --a------ C:\WINDOWS\system32\reset.exe

2007-01-16 15:15 87,176 --a------ C:\WINDOWS\system32\rdpwsx.dll

2007-01-16 15:15 85,504 --a------ C:\WINDOWS\system32\catsrvps.dll

2007-01-16 15:15 80,896 --a------ C:\WINDOWS\system32\charmap.exe

2007-01-16 15:15 73,216 --a------ C:\WINDOWS\system32\avwav.dll

2007-01-16 15:15 67,072 --a------ C:\WINDOWS\system32\rdshost.exe

2007-01-16 15:15 655,360 --a------ C:\WINDOWS\system32\mstscax.dll

2007-01-16 15:15 625,152 --a------ C:\WINDOWS\system32\catsrvut.dll

2007-01-16 15:15 62,464 --a------ C:\WINDOWS\system32\rdpclip.exe

2007-01-16 15:15 605,696 --a------ C:\WINDOWS\system32\getuname.dll

2007-01-16 15:15 60,928 --a------ C:\WINDOWS\system32\remotepg.dll

2007-01-16 15:15 60,416 --a------ C:\WINDOWS\system32\colbact.dll

2007-01-16 15:15 6,656 --a------ C:\WINDOWS\system32\wuauserv.dll

2007-01-16 15:15 6,144 --a------ C:\WINDOWS\system32\msdtc.exe

2007-01-16 15:15 58,880 --a------ C:\WINDOWS\system32\msdtclog.dll

2007-01-16 15:15 58,880 --a------ C:\WINDOWS\system32\licwmi.dll

2007-01-16 15:15 56,832 --a------ C:\WINDOWS\system32\sol.exe

2007-01-16 15:15 56,320 --a------ C:\WINDOWS\system32\servdeps.dll

2007-01-16 15:15 55,296 --a------ C:\WINDOWS\system32\freecell.exe

2007-01-16 15:15 540,160 --a------ C:\WINDOWS\system32\comuid.dll

2007-01-16 15:15 54,272 --a------ C:\WINDOWS\system32\stclient.dll

2007-01-16 15:15 538,624 --a------ C:\WINDOWS\system32\spider.exe

2007-01-16 15:15 5,632 --a------ C:\WINDOWS\system32\write.exe

2007-01-16 15:15 5,120 --a------ C:\WINDOWS\system32\dcomcnfg.exe

2007-01-16 15:15 498,688 --a------ C:\WINDOWS\system32\clbcatq.dll

2007-01-16 15:15 44,544 --a------ C:\WINDOWS\system32\tscupgrd.exe

2007-01-16 15:15 44,544 --a------ C:\WINDOWS\system32\hticons.dll

2007-01-16 15:15 426,496 --a------ C:\WINDOWS\system32\msdtcprx.dll

2007-01-16 15:15 406,528 --a------ C:\WINDOWS\system32\mstsc.exe

2007-01-16 15:15 40,840 --a------ C:\WINDOWS\system32\drivers\termdd.sys

2007-01-16 15:15 4,096 --a------ C:\WINDOWS\system32\rdpcfgex.dll

2007-01-16 15:15 4,096 --a------ C:\WINDOWS\system32\mtxex.dll

2007-01-16 15:15 38,912 --a------ C:\WINDOWS\system32\cfgbkend.dll

2007-01-16 15:15 35,328 --a------ C:\WINDOWS\system32\winchat.exe

2007-01-16 15:15 349,696 --a------ C:\WINDOWS\system32\hypertrm.dll

2007-01-16 15:15 343,552 --a------ C:\WINDOWS\system32\mspaint.exe

2007-01-16 15:15 33,792 --a------ C:\WINDOWS\system32\regini.exe

2007-01-16 15:15 295,424 --a------ C:\WINDOWS\system32\termsrv.dll

2007-01-16 15:15 25,600 --a------ C:\WINDOWS\system32\comaddin.dll

2007-01-16 15:15 25,088 --a------ C:\WINDOWS\system32\mtxlegih.dll

2007-01-16 15:15 228,352 --a------ C:\WINDOWS\system32\avtapi.dll

2007-01-16 15:15 225,792 --a------ C:\WINDOWS\system32\catsrv.dll

2007-01-16 15:15 22,528 --a------ C:\WINDOWS\system32\qwinsta.exe

2007-01-16 15:15 22,016 --a------ C:\WINDOWS\system32\msg.exe

2007-01-16 15:15 21,896 --a------ C:\WINDOWS\system32\drivers\tdtcp.sys

2007-01-16 15:15 20,480 --a------ C:\WINDOWS\system32\qprocess.exe

2007-01-16 15:15 20,480 --a------ C:\WINDOWS\system32\mtxdm.dll

2007-01-16 15:15 196,864 --a------ C:\WINDOWS\system32\drivers\rdpdr.sys

2007-01-16 15:15 19,968 --a------ C:\WINDOWS\system32\rdpsnd.dll

2007-01-16 15:15 185,856 --a------ C:\WINDOWS\system32\cmprops.dll

2007-01-16 15:15 184,320 --a------ C:\WINDOWS\system32\accwiz.exe

2007-01-16 15:15 17,408 --a------ C:\WINDOWS\system32\tsshutdn.exe

2007-01-16 15:15 17,408 --a------ C:\WINDOWS\system32\mmfutil.dll

2007-01-16 15:15 161,280 --a------ C:\WINDOWS\system32\msdtcuiu.dll

2007-01-16 15:15 16,896 --a------ C:\WINDOWS\system32\qappsrv.exe

2007-01-16 15:15 16,384 --a------ C:\WINDOWS\system32\tskill.exe

2007-01-16 15:15 16,384 --a------ C:\WINDOWS\system32\rwinsta.exe

2007-01-16 15:15 16,384 --a------ C:\WINDOWS\system32\avmeter.dll

2007-01-16 15:15 15,872 --a------ C:\WINDOWS\system32\cdmodem.dll

2007-01-16 15:15 15,360 --a------ C:\WINDOWS\system32\tscon.exe

2007-01-16 15:15 15,360 --a------ C:\WINDOWS\system32\logoff.exe

2007-01-16 15:15 147,968 --a------ C:\WINDOWS\system32\rdchost.dll

2007-01-16 15:15 147,456 --a------ C:\WINDOWS\system32\comsnap.dll

2007-01-16 15:15 140,800 --a------ C:\WINDOWS\system32\sessmgr.exe

2007-01-16 15:15 14,848 --a------ C:\WINDOWS\system32\tsdiscon.exe

2007-01-16 15:15 14,848 --a------ C:\WINDOWS\system32\shadow.exe

2007-01-16 15:15 139,528 --a------ C:\WINDOWS\system32\drivers\rdpwd.sys

2007-01-16 15:15 139,264 --a------ C:\WINDOWS\system32\sndvol32.exe

2007-01-16 15:15 131,584 --a------ C:\WINDOWS\system32\sndrec32.exe

2007-01-16 15:15 13,824 --a------ C:\WINDOWS\system32\rdsaddin.exe

2007-01-16 15:15 127,488 --a------ C:\WINDOWS\system32\mshearts.exe

2007-01-16 15:15 124,184 --a------ C:\WINDOWS\system32\wuauclt.exe

2007-01-16 15:15 123,904 --a------ C:\WINDOWS\system32\mplay32.exe

2007-01-16 15:15 12,040 --a------ C:\WINDOWS\system32\drivers\tdpipe.sys

2007-01-16 15:15 119,808 --a------ C:\WINDOWS\system32\winmine.exe

2007-01-16 15:15 114,688 --a------ C:\WINDOWS\system32\calc.exe

2007-01-16 15:15 110,080 --a------ C:\WINDOWS\system32\clbcatex.dll

2007-01-16 15:15 11,776 --a------ C:\WINDOWS\system32\xolehlp.dll

2007-01-16 15:15 11,264 --a------ C:\WINDOWS\system32\icaapi.dll

2007-01-16 15:15 102,912 --a------ C:\WINDOWS\system32\clipbrd.exe

2007-01-16 15:15 1,343,768 --a------ C:\WINDOWS\system32\wuaueng.dll

2007-01-16 15:15 1,267,200 --a------ C:\WINDOWS\system32\comsvcs.dll

2007-01-16 15:15 1,161 --a------ C:\WINDOWS\system32\usrlogon.cmd

2007-01-16 15:15 <KAT> d--h----- C:\Program\WindowsUpdate

2007-01-16 15:15 <KAT> d-------- C:\WINDOWS\system32\MsDtc

2007-01-16 15:15 <KAT> d-------- C:\WINDOWS\system32\Com

2007-01-16 15:15 <KAT> d-------- C:\Program\Windows NT

2007-01-16 15:15 <KAT> d-------- C:\Program\Onlinetj„nster

2007-01-16 15:15 <KAT> d-------- C:\Program\MSN Gaming Zone

2007-01-16 15:15 <KAT> d-------- C:\Program\Messenger

 

 

(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))

 

 

2007-02-10 17:10 -------- d-------- C:\DOCUME~1\FAMBER~1\Application Data\macromedia

2007-02-08 12:28 -------- d---s---- C:\DOCUME~1\FAMBER~1\Application Data\microsoft

2007-02-05 09:59 69608 --a------ C:\WINDOWS\system32\perfc01d.dat

2007-02-05 09:59 395520 --a------ C:\WINDOWS\system32\perfh01d.dat

2007-01-17 13:33 163644 --a------ C:\WINDOWS\system32\drivers\secdrv.sys

2007-01-16 16:09 62 --ahs---- C:\DOCUME~1\FAMBER~1\Application Data\desktop.ini

2007-01-16 15:23 -------- d-------- C:\DOCUME~1\FAMBER~1\Application Data\identities

2006-12-07 17:02 2174976 --a------ C:\WINDOWS\system32\wmvcore.dll

 

 

(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))

 

*Note* empty entries & legit default entries are not shown

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]

"Steam"=""

"ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe"

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]

"SmcService"="C:\\Program\\Sygate\\SPF\\smc.exe -startgui"

"ccApp"="\"C:\\Program\\Delade filer\\Symantec Shared\\ccApp.exe\""

"vptray"="C:\\Program\\SYMANT~1\\VPTray.exe"

"Cmaudio"="RunDll32 cmicnfg.cpl,CMICtrlWnd"

"TkBellExe"="\"C:\\Program\\Delade filer\\Real\\Update_OB\\realsched.exe\" -osboot"

"NeroFilterCheck"="C:\\WINDOWS\\system32\\NeroCheck.exe"

"InCD"="C:\\Program\\Nero\\Nero 7\\InCD\\InCD.exe"

"syswin"="C:\\WINDOWS\\system32\\v6.exe"

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]

"Installed"="1"

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]

"Installed"="1"

"NoChange"="1"

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]

"Installed"="1"

 

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]

"{010FF400-8DFB-439D-987B-DCDE5195F4D8}"=""

 

HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\winubg32

HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\xxyyayv

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]

"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"

 

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost]

LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0

NetworkService REG_MULTI_SZ DnsCache\0\0

rpcss REG_MULTI_SZ RpcSs\0\0

imgsvc REG_MULTI_SZ StiSvc\0\0

termsvcs REG_MULTI_SZ TermService\0\0

HTTPFilter REG_MULTI_SZ HTTPFilter\0\0

DcomLaunch REG_MULTI_SZ DcomLaunch\0TermService\0\0

 

*newlycreated* - HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\LEGACY_ERASERUTILDRV10710

 

 

Contents of the 'Scheduled Tasks' folder

C:\WINDOWS\tasks\User_Feed_Synchronization-{946C8BE2-4186-41A1-A0D1-C8051D500E97}.job

 

 

********************************************************************

 

catchme 0.1 W2K/XP - userland rootkit detector by Gmer, 17 October 2006

http://www.gmer.net

 

scanning hidden processes ...

 

scanning hidden services ...

 

scanning hidden autostart entries ...

 

scanning hidden files ...

 

scan completed successfully

hidden processes: 0

hidden services: 0

hidden files: 0

 

********************************************************************

 

Completion time: 07-02-14 14:11:17[/log]

 

[inlägget ändrat 2007-02-14 14:22:24 av Erik Junesjö]

Link to comment
Share on other sites

 

Ladda ner KillBox

 

http://www.downloads.subratam.org/KillBox.zip

 

unzippa öppna och bocka i Delete on Reboot

Klicka på All Files

Sen kopiera alla rader nedan på en gång

 

C:\WINDOWS\system32\drvrok.dll

C:\WINDOWS\system32\winubg32.dll

 

Sen i KillBox > File > Paste from Clipboard

Efter det klicka på Delete (röd med vit X )

Svara ja på frågor och om inte datorn startar om automatiskt så starta om den.

 

Scanna och skicka en ny Hijack logg efter det.

 

Link to comment
Share on other sites

[log]Logfile of HijackThis v1.99.1

Scan saved at 14:50:16, on 2007-02-14

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.5730.0011)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program\Nero\Nero 7\InCD\InCDsrv.exe

C:\Program\Sygate\SPF\smc.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\Explorer.EXE

C:\Program\Delade filer\Symantec Shared\ccSetMgr.exe

C:\Program\Delade filer\Symantec Shared\ccEvtMgr.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program\Delade filer\Symantec Shared\ccApp.exe

C:\Program\SYMANT~1\VPTray.exe

C:\WINDOWS\system32\RunDll32.exe

C:\Program\Delade filer\Real\Update_OB\realsched.exe

C:\Program\Nero\Nero 7\InCD\InCD.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program\Adobe\Acrobat 7.0\Reader\reader_sl.exe

C:\Program\Symantec AntiVirus\DefWatch.exe

C:\Program\Symantec AntiVirus\Rtvscan.exe

C:\Program\Outlook Express\msimn.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Program\Internet Explorer\iexplore.exe

C:\Program\Hijackthis\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {29550550-CDA9-4E07-B5D9-59F8FF7099D7} - C:\WINDOWS\system32\vtutu.dll (file missing)

O2 - BHO: MSN Search Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program\MSN Toolbar Suite\TB\02.05.0000.1105\sv-se\msntb.dll

O3 - Toolbar: MSN Search Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program\MSN Toolbar Suite\TB\02.05.0000.1105\sv-se\msntb.dll

O4 - HKLM\..\Run: [smcService] C:\Program\Sygate\SPF\smc.exe -startgui

O4 - HKLM\..\Run: [ccApp] "C:\Program\Delade filer\Symantec Shared\ccApp.exe"

O4 - HKLM\..\Run: [vptray] C:\Program\SYMANT~1\VPTray.exe

O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd

O4 - HKLM\..\Run: [TkBellExe] "C:\Program\Delade filer\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [inCD] C:\Program\Nero\Nero 7\InCD\InCD.exe

O4 - HKLM\..\Run: [syswin] C:\WINDOWS\system32\v6.exe

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O4 - Global Startup: Microsoft Office.lnk = C:\Program\Microsoft Office\Office10\OSA.EXE

O4 - Global Startup: Windows Desktop Search.lnk = C:\Program\MSN Toolbar Suite\DS\02.05.0001.1119\sv-se\bin\WindowsSearch.exe

O8 - Extra context menu item: &MSN Search - res://C:\Program\MSN Toolbar Suite\TB\02.05.0000.1105\sv-se\msntb.dll/search.htm

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program\MICROS~2\Office10\EXCEL.EXE/3000

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe

O11 - Options group: [iNTERNATIONAL] International*

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\Program\MSNMES~1\msgrapp.dll" (file missing)

O20 - Winlogon Notify: NavLogon - C:\WINDOWS\system32\NavLogon.dll

O20 - Winlogon Notify: winubg32 - winubg32.dll (file missing)

O20 - Winlogon Notify: xxyyayv - xxyyayv.dll (file missing)

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\ccEvtMgr.exe

O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\ccPwdSvc.exe

O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\ccSetMgr.exe

O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program\Symantec AntiVirus\DefWatch.exe

O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program\Nero\Nero 7\InCD\InCDsrv.exe

O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program\Symantec AntiVirus\SavRoam.exe

O23 - Service: Sygate Personal Firewall Pro (SmcService) - Sygate Technologies, Inc. - C:\Program\Sygate\SPF\smc.exe

O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\SNDSrvc.exe

O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\SPBBC\SPBBCSvc.exe

O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program\Symantec AntiVirus\Rtvscan.exe

[/log]

Link to comment
Share on other sites

 

 

Scanna med Hijack bocka i följande rader stäng Web-läsaren och klicka Fix checked

 

O2 - BHO: (no name) - {29550550-CDA9-4E07-B5D9-59F8FF7099D7} - C:\WINDOWS\system32\vtutu.dll (file missing)

O4 - HKLM\..\Run: [syswin] C:\WINDOWS\system32\v6.exe

O20 - Winlogon Notify: winubg32 - winubg32.dll (file missing)

O20 - Winlogon Notify: xxyyayv - xxyyayv.dll (file missing)

 

sen ta bort om hittas = C:\WINDOWS\system32\v6.exe

Är problemet kvar eller?

 

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.



×
×
  • Create New...