Just nu i M3-nätverket
Gå till innehåll
drum_man32

Segt internet utan VPN-tjänsten på!

Rekommendera Poster

drum_man32

Skaffade Anonine i förra veckan efter att ha gjort misstaget att installera en gratis VPN-tjänst med delade meningar; PrivatizeVPN först. Avinstallerade den och ser inga synliga spår av den, men misstänker att det är nåt fel efter det ändå för innan någon av de här tjänsterna laddade jag ner med mitt Telia 8 mbit i ungefär 600-750 kb/s men nu är det bara ungefär max 350 kb/s och det är UTAN Anonine på/inloggat! Så kan någon spärr på hastigheten ligga kvar på routern från PrivatizeVPN eller nåt eller?

MED Anonine på är jag nere i 150-250 kb/s. :/

 

Och när jag surfar och kör Spotify samtidigt som jag laddar ner något så blir det för tungt, och detta utan att jag är inloggad på Anonine. Aldrig vart något innan VPN-programmen.

 

Jag har kört SpyBot, CCleaner, Malwarebytes, Registrybooster och gjort virusundersökning med AVG. Inga virus, men den hittade ett par trojaner som jag inte kommer ihåg vad dom hette, men dom togs väl bort antar jag och det har inte blivit bättre efter mina rensningar med dessa program.

Testar jag Bredbandskollen så får jag nedladdning på 3 mbit bara, vet dock inte vad det visat på den sidan innan detta problemet dök upp.

 

Någon som har tips eller idé på vad det kan vara, eller om den gamla VPN-tjänsten ligger kvar på nåt sätt och drar ner hastigheten?

 

Skickar med en logg här från DDS, och även Attach-filen är med, se om det kan hjälpa:

 

C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup

C:\WINDOWS\system32\svchost.exe -k NetworkService

C:\WINDOWS\system32\svchost.exe -k LocalService

C:\WINDOWS\system32\svchost.exe -k LocalService

C:\WINDOWS\system32\svchost.exe -k imgsvc

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.neogaf.com/forum/forumdisplay.php?f=2

mStart Page = hxxp://searchab.com/?aff=7&uid=b5f9c8f3-5110-11e2-84a0-0013463bf0f0

BHO: AcroIEHlprObj Class: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\program\adobe\acrobat 7.0\activex\AcroIEHelper.dll

BHO: EKortBrowserHelper Class: {1C900459-DEEF-4aa9-B260-1EF0F0C70A8D} - c:\program\ekort\Bhoekort.dll

BHO: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - c:\program\divx\divx plus web player\ie\divxhtml5\DivXHTML5.dll

BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - c:\program\avg\avg2012\avgssie.dll

BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - c:\program\spybot - search & destroy\SDHelper.dll

BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program\java\jre7\bin\ssv.dll

BHO: Windows Live inloggningshjälpen: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program\delade filer\microsoft shared\windows live\WindowsLiveLogin.dll

BHO: e-kort Helper Class: {9065E913-4F23-4B47-9B5D-B055D32DB1F3} - c:\program\ekort\EKortHelper.dll

BHO: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - c:\program\avg secure search\13.2.0.5\AVG Secure Search_toolbar.dll

BHO: {9f86bfbc-a58a-4427-a63d-ec6250ac4f04} - <orphaned>

BHO: {AE40EBA0-2D49-48C9-BA8D-E9F046240F5F} - <orphaned>

BHO: Trixie.Bho: {B0744341-96E0-4341-9ED2-8BC36CE0CCD0} -

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program\java\jre7\bin\jp2ssv.dll

TB: <No Name>: {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - LocalServer32 - <no file>

TB: e-kort Toolbar: {8DB2B2E8-579F-48A8-A496-18FEFCF8F4DF} - c:\program\ekort\EKortToolbar.dll

TB: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - c:\program\avg secure search\13.2.0.5\AVG Secure Search_toolbar.dll

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

uRun: [spotify Web Helper] "c:\program\spotify\data\SpotifyWebHelper.exe"

uRun: [spotimote] "c:\program\spotimote\spotimote.exe" c:\program\spotimote\

uRun: [Google Update] "c:\documents and settings\patric\lokala inställningar\application data\google\update\GoogleUpdate.exe" /c

mRun: [NvCplDaemon] "RUNDLL32.EXE" c:\windows\system32\NvCpl.dll,NvStartup

mRun: [iSUSScheduler] "c:\program\delade filer\installshield\updateservice\issch.exe" -start

mRun: [NvMediaCenter] "RUNDLL32.EXE" c:\windows\system32\NvMcTray.dll,NvTaskbarInit

mRun: [AVG_TRAY] "c:\program\avg\avg2012\avgtray.exe"

mRun: [DivXUpdate] "c:\program\divx\divx update\DivXUpdate.exe" /CHECKNOW

mRun: [sunJavaUpdateSched] "c:\program\delade filer\java\java update\jusched.exe"

mRun: [APSDaemon] "c:\program\delade filer\apple\apple application support\APSDaemon.exe"

mRun: [vProt] "c:\program\avg secure search\vprot.exe"

mRun: [ROC_ROC_NT] "c:\program\avg secure search\ROC_ROC_NT.exe" / /PROMPT /CMPID=ROC_NT

mRun: [QuickTime Task] "c:\program\k-lite codec pack\quicktime\QTTask.exe" -atboottime

dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE

uPolicies-Explorer: NoDriveTypeAutoRun = dword:145

uPolicies-Explorer: NoThemesTab = dword:0

uPolicies-System: NoDispAppearancePage = dword:0

uPolicies-System: NoColorChoice = dword:0

uPolicies-System: NoSizeChoice = dword:0

uPolicies-System: NoVisualStyleChoice = dword:0

mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1

mPolicies-Explorer: NoDriveTypeAutoRun = dword:145

IE: E&xportera till Microsoft Excel - c:\program\micros~3\office11\EXCEL.EXE/3000

IE: {20CCCFEC-D26F-4ffe-996B-388B39C8CCCA} - {20CCCFEC-D26F-4ffe-996B-388B39C8CCCA} - c:\windows\system32\mscoree.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}

IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program\spybot - search & destroy\SDHelper.dll

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program\messenger\msmsgs.exe

.

INFO: HKCU has more than 50 listed domains.

If you wish to scan all of them, select the 'Force scan all domains' option.

.

.

INFO: HKLM has more than 50 listed domains.

If you wish to scan all of them, select the 'Force scan all domains' option.

.

DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://www.apple.com/qtactivex/qtplugin.cab

DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - hxxp://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab

DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab

DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://go.microsoft.com/fwlink/?linkid=39204

DPF: {31435657-9980-0010-8000-00AA00389B71} - hxxp://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab

DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} - hxxp://gfx2.hotmail.com/mail/w2/pr02/resources/MSNPUpld.cab

DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab

DPF: {C36112BF-2FA3-4694-8603-3B510EA3B465} - hxxp://f012.mail.spray.se/app/uploader/FileUploader.cab

DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_11-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab

DPF: {D821DC4A-0814-435E-9820-661C543A4679} - hxxp://drmlicense.one.microsoft.com/crlupdate/en/crlocx.ocx

DPF: {DE22A7AB-A739-4C58-AD52-21F9CD6306B7} - hxxp://download.microsoft.com/download/7/E/6/7E6A8567-DFE4-4624-87C3-163549BE2704/clearadj.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

DPF: {F04A8AE2-A59D-11D2-8792-00C04F8EF29D} - hxxp://by16fd.bay16.hotmail.msn.com/activex/HMAtchmt.ocx

TCP: NameServer = 192.168.1.1

TCP: Interfaces\{8818FFC4-69A4-4D06-BB8B-09FC72B840C4} : DHCPNameServer = 192.168.1.1

Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program\avg\avg2012\avgpp.dll

Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program\delade filer\avg secure search\viprotocolinstaller\13.2.0\ViProtocol.dll

Name-Space Handler: HTTPS\ZDA - {5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E} - <orphaned>

Notify: !SASWinLogon - c:\program\superantispyware\SASWINLO.DLL

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

SEH: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - c:\program\superantispyware\SASSEH.DLL

LSA: Notification Packages = scecli c:\windows\system32\wijuyira.dll

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\documents and settings\patric\application data\mozilla\firefox\profiles\b17mrj79.default\

FF - prefs.js: browser.search.selectedEngine - Privitize VPN

FF - prefs.js: browser.startup.homepage - hxxp://searchab.com/?aff=7&uid=b5f9c8f3-5110-11e2-84a0-0013463bf0f0

FF - prefs.js: keyword.URL - hxxp://searchab.com/?aff=7&uid=b5f9c8f3-5110-11e2-84a0-0013463bf0f0&q=FF - component: c:\program\avg\avg2012\firefox\components\avgssff.dll

FF - component: c:\program\avg\avg2012\firefox4\components\avgssff10.dll

FF - component: c:\program\avg\avg2012\firefox4\components\avgssff11.dll

FF - component: c:\program\avg\avg2012\firefox4\components\avgssff12.dll

FF - component: c:\program\avg\avg2012\firefox4\components\avgssff13.dll

FF - component: c:\program\avg\avg2012\firefox4\components\avgssff5.dll

FF - component: c:\program\avg\avg2012\firefox4\components\avgssff6.dll

FF - component: c:\program\avg\avg2012\firefox4\components\avgssff7.dll

FF - component: c:\program\avg\avg2012\firefox4\components\avgssff8.dll

FF - component: c:\program\avg\avg2012\firefox4\components\avgssff9.dll

FF - component: c:\program\ekort\components\SlimOrbAddonEkort.dll

FF - plugin: c:\documents and settings\patric\lokala instã¤llningar\application data\google\update\1.3.21.123\npGoogleUpdate3.dll

FF - plugin: c:\program\delade filer\avg secure search\sitesafetyinstaller\13.2.0\npsitesafety.dll

FF - plugin: c:\program\divx\divx ovs helper\npovshelper.dll

FF - plugin: c:\program\divx\divx plus web player\npdivx32.dll

FF - plugin: c:\program\java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: c:\program\java\jre7\bin\plugin2\npjp2.dll

FF - plugin: c:\program\k-lite codec pack\quicktime\plugins\npqtplugin.dll

FF - plugin: c:\program\k-lite codec pack\quicktime\plugins\npqtplugin2.dll

FF - plugin: c:\program\k-lite codec pack\quicktime\plugins\npqtplugin3.dll

FF - plugin: c:\program\k-lite codec pack\quicktime\plugins\npqtplugin4.dll

FF - plugin: c:\program\k-lite codec pack\quicktime\plugins\npqtplugin5.dll

FF - plugin: c:\program\k-lite codec pack\real\browser\plugins\nppl3260.dll

FF - plugin: c:\program\k-lite codec pack\real\browser\plugins\nprpjplug.dll

FF - plugin: c:\program\microsoft silverlight\4.1.10329.0\npctrlui.dll

FF - plugin: c:\program\personal\bin\np_prsnl.dll

FF - plugin: c:\program\sony\media go\npmediago.dll

FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_5_502_135.dll

FF - plugin: c:\windows\system32\npDeployJava1.dll

FF - plugin: c:\windows\system32\npptools.dll

FF - plugin: c:\windows\system32\npwmsdrm.dll

FF - ExtSQL: !HIDDEN! 2010-07-17 17:40; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension

.

============= SERVICES / DRIVERS ===============

.

R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2012-4-19 24896]

R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2010-9-7 31952]

R0 d347bus;d347bus;c:\windows\system32\drivers\d347bus.sys [2005-8-15 155136]

R0 d347prt;d347prt;c:\windows\system32\drivers\d347prt.sys [2005-8-15 5248]

R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [2009-5-3 130936]

R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2010-9-7 237408]

R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2010-9-7 41040]

R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2010-11-9 301920]

R1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [2012-10-1 26984]

R1 SASDIFSV;SASDIFSV;c:\program\superantispyware\SASDIFSV.SYS [2006-10-10 12872]

R1 SASKUTIL;SASKUTIL;c:\program\superantispyware\SASKUTIL.SYS [2007-2-27 67656]

R2 AVGIDSAgent;AVGIDSAgent;c:\program\avg\avg2012\avgidsagent.exe [2012-8-13 5167736]

R2 avgwd;AVG WatchDog;c:\program\avg\avg2012\avgwdsvc.exe [2012-2-14 193288]

R2 vToolbarUpdater13.2.0;vToolbarUpdater13.2.0;c:\program\delade filer\avg secure search\vtoolbarupdater\13.2.0\ToolbarUpdater.exe [2012-11-8 711112]

R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2011-12-23 139856]

R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\avgidsfilterx.sys [2011-12-23 24144]

R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2011-12-23 17232]

S3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\drivers\ggflt.sys [2010-11-24 13224]

S3 hitmanpro3;Hitman Pro 3 Support Driver;\??\c:\windows\system32\drivers\hitmanpro3.sys --> c:\windows\system32\drivers\hitmanpro3.sys [?]

S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2005-8-2 32512]

S3 SASENUM;SASENUM;c:\program\superantispyware\SASENUM.SYS [2006-2-16 12872]

S3 Sony Ericsson PCCompanion;Sony Ericsson PCCompanion;c:\program\sony ericsson\sony ericsson pc companion\PCCService.exe [2010-7-14 155344]

S3 Tetris;Tetris driver; [x]

.

=============== Created Last 30 ================

.

2013-01-08 21:26:37 16369160 ----a-w- c:\windows\system32\FlashPlayerInstaller.exe

2013-01-01 18:20:13 -------- d-----w- c:\program\TAP-Windows

2013-01-01 17:46:46 -------- d-----w- c:\program\OpenVPN

2012-12-28 17:06:38 -------- d-----w- c:\documents and settings\all users\application data\WoW Worldwide Software LTD

2012-12-28 17:06:24 -------- d-----w- c:\documents and settings\all users\application data\Premium

2012-12-28 17:06:16 -------- d-----w- c:\program\ZoomEx

2012-12-28 17:06:01 -------- d-----w- c:\documents and settings\all users\application data\Zoomex

2012-12-28 17:05:56 -------- d-----w- c:\documents and settings\all users\application data\InstallMate

.

==================== Find3M ====================

.

2013-01-08 21:26:44 74248 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2013-01-08 21:26:44 697864 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2012-12-16 12:23:59 290560 ----a-w- c:\windows\system32\atmfd.dll

2012-12-14 15:49:28 21104 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-11-13 11:55:15 1866368 ----a-w- c:\windows\system32\win32k.sys

2012-11-08 17:08:22 26984 ----a-w- c:\windows\system32\drivers\avgtpx86.sys

2012-11-06 02:00:56 1371648 ----a-w- c:\windows\system32\msxml6.dll

2012-11-02 02:04:00 375296 ----a-w- c:\windows\system32\dpnet.dll

2012-11-01 12:13:01 916992 ----a-w- c:\windows\system32\wininet.dll

2012-11-01 12:13:01 43520 ----a-w- c:\windows\system32\licmgr10.dll

2012-11-01 12:13:01 1469440 ------w- c:\windows\system32\inetcpl.cpl

2012-11-01 00:35:48 385024 ----a-w- c:\windows\system32\html.iec

2012-10-25 02:12:26 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx

2012-10-25 02:12:26 69632 ----a-w- c:\windows\system32\QuickTime.qts

.

============= FINISH: 20:38:33,75 ===============

attach.txt

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser
Laston

Hej! Finns en del att åtgärda:

Trixie

http://www.systemlookup.com/CLSID/34866-mscoree_dll_MS_file.html

AVG Security Toolbar

http://www.systemlookup.com/CLSID/73582-AVG_Secure_Search_toolbar_dll.html

BHO: {AE40EBA0-2D49-48C9-BA8D-E9F046240F5F} - <orphaned>

http://www.systemlookup.com/CLSID/3262-hook_dll_DoubleHook_dll_Dh_dll.html

 

Gamla Java kan du också avinstallera

J2SE Runtime Environment 5.0 Update 11

Java 7 Update 9

Java Auto Updater

Java 6 Update 2

Java 6 Update 3

Java 6 Update 30

Java 6 Update 5

Java 6 Update 7

Java SE Runtime Environment 6 Update 1

 

Kör sen en onlinescan

 

Skanna datorn online på http://www.eset.com/onlinescan/

För att inte skannern ska ta för lång tid på sig stäng av ditt antivirusprogram under tiden.

 

Avbocka alternativet "Remove found threats"

Bocka för "Scan Archives

 

Klicka på "Advanced Settings"

Bocka för:

Scan for potentially unwanted applications

Scan for potentially unsafe applications

Enable Anti-Stealth Technology

 

Tryck på Scan

 

När skanningen är klar skapas loggfilen C:\Program\Eset\Eset Online Scanner\log.txt. Öppna den i Anteckningar och klistra sedan in innehållet i ditt svar.

 

 

Mvh Laston

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser
drum_man32

Hej, och tack för ditt svar!

Hur tar jag bort de tre översta du skrev där då? (Trixie, AVG Security Toolbar och BHO) Via Spybot och liknande program? Har ju redan provat några såna, men har du nåt bra tips på program som hittar dom här?

 

Sen tog jag då bort det gamla Java, förutom Java Auto Updater som jag inte hittar?

 

Kör en onlinescan efter jag löst dom här problemena! Tack så länge!

/Patrik

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser
Cecilia
Hur tar jag bort de tre översta du skrev där då? (Trixie, AVG Security Toolbar och BHO)
Kolla i listan över program som kan avinstalleras i Kontrollpanelen. ZoomEx ska avinstalleras också.

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser
drum_man32

Tog ju bort de där Java-grejerna igår och idag när jag surfar (Google Chrome) så fungerar allt väldigt konstigt. Segt! Eller snarare att det laddar det det kan, sen står det i statusfältet längst ner "Skickar begäran..." och sen händer det inget mer och många bilder m.m. öppnas inte på sidan jag är inne på, t.ex. IMDb.com. Hur reparerar jag det här?

 

Zoomex gick inte ta bort, står bara "Setup Initialization Error....

 

BHO, vad det nu är, finns inte med i listan?

 

Trixie gick bra att ta bort.

 

Och är inte AVG Security bra? Den varnar ju för sidor på Google bl.a. om de är farliga osv. Varför ta bort den? Men jag tog bort det.

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser
drum_man32

Hej igen! Ah, precis, nej bra att ta bort den då. Men finns det något bra alternativ för o se varningar för farliga sidor på Google t.ex. istället för denna nu då?

 

Tack för erat engagemang!

Här är HiJackThis-loggen:

 

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 22:08:37, on 2013-01-10

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\Program\AVG\AVG2012\avgrsx.exe

C:\Program\AVG\AVG2012\avgcsrvx.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Documents and Settings\All Users\Application Data\Premium\ZoomEx\ZoomEx.exe

C:\WINDOWS\Explorer.EXE

C:\Program\Ad-Aware Antivirus\AdAwareService.exe

C:\Program\AVG\AVG2012\avgtray.exe

C:\Program\AVG\AVG2012\avgwdsvc.exe

C:\Program\DivX\DivX Update\DivXUpdate.exe

C:\Program\Delade filer\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\WINDOWS\system32\ctfmon.exe

C:\Program\Spotify\Data\SpotifyWebHelper.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\Program\spotimote\spotimote.exe

C:\Program\Ad-Aware Antivirus\SBAMSvc.exe

C:\Program\AD-AWA~1\AdAware.exe

C:\Program\AVG\AVG2012\avgnsx.exe

C:\Program\AVG\AVG2012\avgemcx.exe

C:\WINDOWS\system32\svchost.exe

C:\Program\AVG\AVG2012\AVGIDSAgent.exe

C:\Documents and Settings\Patric\Lokala inställningar\Application Data\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\Patric\Lokala inställningar\Application Data\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\Patric\Lokala inställningar\Application Data\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\Patric\Lokala inställningar\Application Data\Google\Chrome\Application\chrome.exe

C:\WINDOWS\system32\msiexec.exe

C:\Program\Trend Micro\HiJackThis\HiJackThis.exe

C:\Documents and Settings\Patric\Lokala inställningar\Application Data\Google\Chrome\Application\chrome.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.neogaf.com/forum/forumdisplay.php?f=2

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896'>http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://searchab.com/?aff=7&uid=b5f9c8f3-5110-11e2-84a0-0013463bf0f0

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: e-kort Browser Helper Object - {1C900459-DEEF-4aa9-B260-1EF0F0C70A8D} - C:\Program\ekort\Bhoekort.dll

O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program\AVG\AVG2012\avgssie.dll

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program\SPYBOT~1\SDHelper.dll

O2 - BHO: Windows Live inloggningshjälpen - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program\Delade filer\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: e-kort Helper Class - {9065E913-4F23-4B47-9B5D-B055D32DB1F3} - C:\Program\ekort\EKortHelper.dll

O2 - BHO: (no name) - {9f86bfbc-a58a-4427-a63d-ec6250ac4f04} - (no file)

O3 - Toolbar: e-kort Toolbar - {8DB2B2E8-579F-48A8-A496-18FEFCF8F4DF} - C:\Program\ekort\EKortToolbar.dll

O4 - HKLM\..\Run: [NvCplDaemon] "RUNDLL32.EXE" C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program\Delade filer\InstallShield\UpdateService\issch.exe" -start

O4 - HKLM\..\Run: [NvMediaCenter] "RUNDLL32.EXE" C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program\AVG\AVG2012\avgtray.exe"

O4 - HKLM\..\Run: [DivXUpdate] "C:\Program\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW

O4 - HKLM\..\Run: [APSDaemon] "C:\Program\Delade filer\Apple\Apple Application Support\APSDaemon.exe"

O4 - HKLM\..\Run: [ROC_ROC_NT] "C:\Program\AVG Secure Search\ROC_ROC_NT.exe" / /PROMPT /CMPID=ROC_NT

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program\K-Lite Codec Pack\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [Ad-Aware Antivirus] "C:\Program\Ad-Aware Antivirus\AdAwareLauncher" --windows-run

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [spotify Web Helper] "C:\Program\Spotify\Data\SpotifyWebHelper.exe"

O4 - HKCU\..\Run: [spotimote] "C:\Program\spotimote\spotimote.exe" C:\Program\spotimote\

O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Patric\Lokala inställningar\Application Data\Google\Update\GoogleUpdate.exe" /c

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKAL TJÄNST')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O8 - Extra context menu item: E&xportera till Microsoft Excel - res://C:\Program\MICROS~3\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: (no name) - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - (no file)

O9 - Extra button: Referensinformation - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program\MICROS~3\OFFICE11\REFIEBAR.DLL

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program\SPYBOT~1\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program\SPYBOT~1\SDHelper.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe

O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/pr02/resources/MSNPUpld.cab

O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab

O16 - DPF: {C36112BF-2FA3-4694-8603-3B510EA3B465} (Lycos File Upload Component) - http://f012.mail.spray.se/app/uploader/FileUploader.cab

O16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} (CRLDownloadWrapper Class) - http://drmlicense.one.microsoft.com/crlupdate/en/crlocx.ocx

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O16 - DPF: {F04A8AE2-A59D-11D2-8792-00C04F8EF29D} (Hotmail Attachments Control) - http://by16fd.bay16.hotmail.msn.com/activex/HMAtchmt.ocx

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program\AVG\AVG2012\avgpp.dll

O20 - Winlogon Notify: !SASWinLogon - C:\Program\SUPERAntiSpyware\SASWINLO.DLL

O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll

O23 - Service: Ad-Aware Service - Lavasoft Limited - C:\Program\Ad-Aware Antivirus\AdAwareService.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program\AVG\AVG2012\AVGIDSAgent.exe

O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program\AVG\AVG2012\avgwdsvc.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program\Delade filer\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: OpenVPN Service (OpenVPNService) - The OpenVPN Project - C:\Program\OpenVPN\bin\openvpnserv.exe

O23 - Service: Ad-Aware (SBAMSvc) - GFI Software - C:\Program\Ad-Aware Antivirus\SBAMSvc.exe

O23 - Service: ServiceLayer - Nokia. - C:\Program\PC Connectivity Solution\ServiceLayer.exe

O23 - Service: Sony Ericsson PCCompanion - Avanquest Software - C:\Program\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe

O23 - Service: VMnetDHCP - VMware, Inc. - C:\WINDOWS\system32\vmnetdhcp.exe

 

--

End of file - 9354 bytes

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser
Laston

Öppna HijackThis => klicka på Do a system scan only-knappen => Bocka för nedanstående detaljer => Stäng ner Webbläsaren => klicka på Fix Checked-knappen:

O2 - BHO: (no name) - {9f86bfbc-a58a-4427-a63d-ec6250ac4f04} - (no file)

O9 - Extra button: (no name) - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - (no file)

 

Sen att ha 2 antivirusprogram skapar ju en del problem som sämre säkerhet o oftast seghet i datorn

 

WOT är ett bra tillägg för att kolla sidors rykte på nätet

http://www.mywot.com/

 

Hur går det med onlinescan?

Uppdatera Malwarebytes o skanna igen,posta loggan om något hittas

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser
Cecilia

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://searchab.com/...a0-0013463bf0f0

Ska också fixas med HijackThis.

 

Det är meningen att Ad-Aware version 10.4 ska fungera ihop med andra antivirusprogram, därför att när installationsprogrammet upptäcker att där redan finns ett antivirusprogram i datorn kommer den att installera Ad-Aware som "on-demand" skanner, dvs de drivrutiner som kan krocka med andra antivirusprogram installeras inte och därmed är realtidsskyddet avstängt, men det går bra att göra genomsökningar när man så önskar, ungefär som gratis MBAM.

Se http://www.lavasoft.com/mylavasoft/company/blog/adaware-104-is-now-available

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser
drum_man32

Tack Cecilia, borttagen!

 

Laston: Inget hittades på Malwarebytes.

Och anledningen till att jag har två virusprogram är att Ad-Aware skaffade jag häromdan bara för att skanna datorn för spyware, och den hittade en hel del som dom andra inte gjorde faktiskt. Men är osäker på om jag kommer ha kvar det, kanske som du säger krockar med mitt redan befintliga AVG, även om Cecilia säger att det ska funka bra med den senaste Ad-Aware.

 

Online ska jag köra nu eller imorrn bitti, återkommer med resultat!

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser
drum_man32

Laston: Nu har jag skannat med Eset där och postar nu loggen. Får jag fråga varför jag inte skulle radera det den hittade? Får köra den en gång till sen då och ta bort dom eller?

 

ESETSmartInstaller@High as downloader log:

all ok

# version=8

# OnlineScannerApp.exe=1.0.0.1

# OnlineScanner.ocx=1.0.0.6844

# api_version=3.0.2

# EOSSerial=e251e4a7f7ed9a45b1a76f4173ac7227

# end=finished

# remove_checked=false

# archives_checked=true

# unwanted_checked=true

# unsafe_checked=true

# antistealth_checked=true

# utc_time=2013-01-12 02:14:48

# local_time=2013-01-12 03:14:48 (+0100, Västeuropa, normaltid)

# country="United States"

# lang=1033

# osver=5.1.2600 NT Service Pack 3

# compatibility_mode=1034 16777213 100 81 611021 47660498 0 0

# scanned=80987

# found=20

# cleaned=0

# scan_time=5515

C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\BrothersoftExtremeCT.zip Win32/Bagle.gen.zip worm (unable to clean) C39888D11C27EB411AA935AC3EA39CC6B334324E I

C:\Documents and Settings\All Users\Application Data\Zoomex\emiggmbjjhldihhcamndodbgkcgndbnb.crx Win32/Adware.MultiPlug.H application (unable to clean) 2979B9F62E1496F9A3B8C4C849C5CEF36BA89E69 I

C:\Documents and Settings\All Users\Application Data\Zoomex\settings.ini Win32/Adware.MultiPlug.F application (unable to clean) FBA8ACBF1835D6910DCD65A8E95A6321E2B52053 I

C:\Documents and Settings\Patric\Application Data\Mozilla\Firefox\Profiles\b17mrj79.default\extensions\50ddd5ef209ae@50ddd5ef209e7.com\content\bg.js Win32/Adware.MultiPlug.H application (unable to clean) DC2B381B70699DEF71B3C5A4F89E62D116524840 I

C:\Documents and Settings\Patric\Lokala inställningar\Application Data\Google\Chrome\User Data\Default\Extensions\emiggmbjjhldihhcamndodbgkcgndbnb\3.2_0\50ddd5ef209163.63177556.js Win32/Adware.MultiPlug.H application (unable to clean) 508A927F3FC7A21D763DE8BE96C033075A726012 I

C:\Documents and Settings\Patric\Mina dokument\Downloads\AVGSecureSearchInstaller.exe a variant of Win32/OpenInstall application (unable to clean) 67528C25D1DA5ED46424621513A0C2524706337B I

C:\Documents and Settings\Patric\Mina dokument\Downloads\Dredd.2012.Swesub.BDRip.Xvid.AC3-Haggebulle_secure.exe Win32/TopMedia.B application (unable to clean) 8A9736A4538395717491799B1D30F16AC1870532 I

C:\Documents and Settings\Patric\Mina dokument\Downloads\Greys_Anatomy_The_Complete_Season_8_[HDTV].exe Win32/Adware.1ClickDownload.G application (unable to clean) 5B06A01E75E617B6E27FB2ADCEC09614E5987E90 I

C:\Documents and Settings\Patric\Mina dokument\Downloads\Michael-Jackson-Bad-Tour-Live-At-Wembley-Stadium-1988-2012-divx.exe Win32/Adware.1ClickDownload.G application (unable to clean) 23C0203E6EAA8F350F5CA086CE57BCC87030D1E2 I

C:\Documents and Settings\Patric\Mina dokument\Downloads\Moonrise.Kingdom.2012.LiMiTED.SWESUB.BRRip.exe Win32/Adware.1ClickDownload.G application (unable to clean) 7354AD8CFC96D60207D0DD1FF251A303028D02FF I

C:\Documents and Settings\Patric\Mina dokument\Downloads\Spike_Lee's_Bad_25_(Michael_Jackson_documentary)_secure.exe Win32/TopMedia.B application (unable to clean) 97B0D5599B4C06C2E3A98C005E3E24B623EBEB47 I

C:\Documents and Settings\Patric\Mina dokument\Torrent\registryfix.exe a variant of Win32/Adware.ErrorClean application (unable to clean) 1A33A1A6413BBCB2D8827835DCBC8A9FC030089C I

C:\WINDOWS\system32\drivers\etc\hosts.20110312-002823.backup Win32/Qhost trojan (unable to clean) 6F3124BA4C09257B9231E53677DEABC6C9F5EAE8 I

C:\WINDOWS\system32\drivers\etc\hosts.20110312-103709.backup Win32/Qhost trojan (unable to clean) E57EFE070057D5520DA7377A28D4B778009621AF I

C:\WINDOWS\system32\drivers\etc\hosts.20121014-161733.backup Win32/Qhost trojan (unable to clean) E57EFE070057D5520DA7377A28D4B778009621AF I

C:\WINDOWS\system32\drivers\etc\hosts.20121014-181726.backup Win32/Qhost trojan (unable to clean) E57EFE070057D5520DA7377A28D4B778009621AF I

C:\WINDOWS\system32\drivers\etc\hosts.20121014-181812.backup Win32/Qhost trojan (unable to clean) D6E8A4B553A665E2830FBADBF2E70EA6A4AFE918 I

C:\WINDOWS\system32\drivers\etc\hosts.20121014-181905.backup Win32/Qhost trojan (unable to clean) D6E8A4B553A665E2830FBADBF2E70EA6A4AFE918 I

C:\WINDOWS\system32\drivers\etc\hosts.20130105-172244.backup Win32/Qhost trojan (unable to clean) D6E8A4B553A665E2830FBADBF2E70EA6A4AFE918 I

C:\WINDOWS\system32\drivers\etc\hosts.bak Win32/Qhost trojan (unable to clean) E57EFE070057D5520DA7377A28D4B778009621AF I

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser
Laston

Jo det hänger ihop med att vi inte använder standardinställningarna och vill inte att fel saker tas bort av misstag!

Alltså shit vart laddar du film ifrån eftersom så många är infekterade??

 

Eftersom flera av dom skadliga filerna inte går att ta bort med eget så kör vi ett vassare verktyg!

 

Spara ComboFix på Skrivbordet: http://download.blee...Bs/ComboFix.exe

 

Stäng av alla program du ser inklusive antivirusprogram och antispionprogram, men lämna brandväggen på.

Hur? Se http://www.bleepingc...opic114351.html

Kör ComboFix och följ anvisningarna som visas.

Om det kommer upp en fråga om du vill installera återställningskonsolen så svara Ja.

Mer detaljerad vägledning finns på http://www.bleepingc...ix-ska-anvandas

 

Om det kommer upp något meddelande, t ex att ett rootkit har hittats, från ComboFix skriv ner det och skriv det sedan i ditt svar.

 

VIKTIGT! Klicka inte på ComboFix-fönstret med musen när det körs eftersom så det kan hänga upp sig då.

 

När ComboFix är färdig ska en logg komma upp, klistra in den i ditt svar. Kontrollera att antivirusprogram mm är igång innan du ansluter till internet.

 

Om du får problem med att komma ut på internet:

Kontrollpanelen - Nätverksanslutningar

högerklicka på din internetanslutning och välj Reparera och/eller starta om datorn.

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser
drum_man32

Vadå för standardinställningar menar du? Om jag hade använt denna scannern på egen hand hade jag tagit bort det den hittade direkt, för det är ju adware och skit den hittar så det är väl inget fel som kan tas bort där ändå?

Får prova combofix annars imorrn!

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser
Laston

I just ditt fall så finns inget som vi inte vill ta bort,du skulle ändå inte få bort dom för det står ju (unable to clean) på i stort sett alla som hittats

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser
drum_man32

Testade ESET-scannern igen fast lät "Remove found threats" vara ibockad, och den tog då bort alla. Så det kanske helt enkelt var därför det stod "Unable to clean" för att jag hade bockat av den. Så det var ju skönt.

Märker dock att trots alla dessa insatser laddar jag fortfarande ner filer långsamt gentemot förut så jag börjar misstänka att det inte är nån spyware eller virus som orsakar det. Kan det inte vara nåt med routern då eller nån inställning? Hm, konstigt.

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser
Laston

Ok fattar som att du inte vill rensa datorn mer utan är mer intresserad av att ladda ner nya saker i din dator,blir rätt ointressant att hjälpa till då för min del!

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser
drum_man32

Nej, jag fortsätter gärna rensa, menar bara att felet att mitt Internet är allmänt segt kanske inte verkar lösas av det här. Och nu fick jag ju bort felena som ESET hittade så det är ju bara positivt men rekommenderar du att köra ComboFix ändå alltså?

Nej jag hoppas inte du tar det så för jag är otroligt tacksam för all hjälp jag fått med min dator!

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser
Laston

Ja jag vill att du kör ComboFix!

Om du vill kolla om Routern inte fungerar ordentligt så testa att koppla in datorn direkt i internetutaget!

Sen ska du kanske plocka bort lite program från att autostarta med windows,dessa kanske kan suga en hel del av din bandbredd,tex

uRun: [spotify Web Helper] "c:\program\spotify\data\SpotifyWebHelper.exe"

uRun: [spotimote] "c:\program\spotimote\spotimote.exe" c:\program\spotimote\

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser
drum_man32

Här är loggen från ComboFix! Innan jag postar den så ska jag säga att det kom upp två meddelanden efter att ComboFix startade om datorn. Då kickade ju AVGs antivirus in igen vid omstarten och varnade först för C:\ComboFix\regt.3xe men jag antog att programmena inte samarbetar så bra så jag tog "Allow" och sen när loggen kom upp kom en varning till från AVG som löd C:\ComboFix\CF5994.3xe. Tog Allow på den med. Är det något riktigt hot eller bara programmen som krockar?

 

Sen provade jag som du sa med att koppla förbi routern så den gick direkt till modemet från telefonuttaget. Blev dock inte bättre hastighet ändå så...när det gäller det problemet kanske det är dags att ringa Telia? Eller kan det satt sig nån dum inställning på nätverkskortet eller nåt? :/

 

Här är loggen...

 

ComboFix 13-01-14.01 - Patric 2013-01-14 18:05:50.1.1 - x86

Microsoft Windows XP Home Edition 5.1.2600.3.1252.46.1053.18.1023.632 [GMT 1:00]

Körs från: c:\documents and settings\Patric\Skrivbord\ComboFix.exe

AV: AVG Anti-Virus Free Edition 2012 *Disabled/Outdated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}

AV: Lavasoft Ad-Aware *Disabled/Updated* {964FCE60-0B18-4D30-ADD6-EB178909041C}

FW: Lavasoft Ad-Aware *Disabled* {FF1CD5B7-1553-4625-A258-1775385CED33}

* Skapade en ny återställningspunkt

.

.

((((((((((((((((((((((((((((((((((((((( Andra raderingar ))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\documents and settings\All Users\Application Data\sacache

c:\documents and settings\All Users\Application Data\TEMP

c:\documents and settings\Patric\setup_Elgiganten_fotoservice.exe

c:\documents and settings\Patric\WINDOWS

c:\windows\system32\Cache

c:\windows\system32\Cache\272512937d9e61a4.fb

c:\windows\system32\Cache\287204568329e189.fb

c:\windows\system32\Cache\28bc8f716fd76a47.fb

c:\windows\system32\Cache\31a0997e9a5b5eb3.fb

c:\windows\system32\Cache\32c84fe32bb74d60.fb

c:\windows\system32\Cache\3917078cb68ec657.fb

c:\windows\system32\Cache\590ba23ce359fd0c.fb

c:\windows\system32\Cache\610289e025a3ee9a.fb

c:\windows\system32\Cache\651c5d3cdbfb8bd1.fb

c:\windows\system32\Cache\6c59ac5e7e7a3ad0.fb

c:\windows\system32\Cache\6d03dad1035885d3.fb

c:\windows\system32\Cache\a8556537add6dfc5.fb

c:\windows\system32\Cache\ad10a52aff5e038d.fb

c:\windows\system32\Cache\b5663e94897f1958.fb

c:\windows\system32\Cache\c1fa887b03019701.fb

c:\windows\system32\Cache\c4d28dca2e7648be.fb

c:\windows\system32\Cache\d201ef9910cd39de.fb

c:\windows\system32\Cache\d2e94710a5708128.fb

c:\windows\system32\Cache\d79b9dfe81484ec4.fb

c:\windows\system32\Cache\f998975c9cc711ee.fb

c:\windows\system32\Packet.dll

c:\windows\system32\URTTemp

c:\windows\system32\URTTemp\fusion.dll

c:\windows\system32\URTTemp\mscoree.dll

c:\windows\system32\URTTemp\mscoree.dll.local

c:\windows\system32\URTTemp\mscorsn.dll

c:\windows\system32\URTTemp\mscorwks.dll

c:\windows\system32\URTTemp\msvcr71.dll

c:\windows\system32\URTTemp\regtlib.exe

c:\windows\system32\WanPacket.dll

c:\windows\system32\wpcap.dll

.

.

((((((((((((((((((((((((((((((((((((((( Drivrutiner/Tjänster )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

-------\Service_NPF

.

.

(((((((((((((((((((((((( Filer skapade från 2012-12-14 till 2013-01-14 ))))))))))))))))))))))))))))))

.

.

2013-01-10 21:07 . 2013-01-10 21:07 388096 ----a-r- c:\documents and settings\Patric\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

2013-01-10 21:07 . 2013-01-10 21:07 -------- d-----w- c:\program\Trend Micro

2013-01-10 16:39 . 2012-12-17 05:43 33616 ----a-w- c:\windows\system32\drivers\gfiark.sys

2013-01-10 16:29 . 2013-01-10 22:46 -------- d-----w- c:\documents and settings\Patric\Application Data\Ad-Aware Antivirus

2013-01-10 16:29 . 2013-01-10 16:29 -------- d-----w- c:\documents and settings\All Users\Application Data\Ad-Aware Antivirus

2013-01-10 16:26 . 2012-09-12 19:19 66344 ----a-w- c:\windows\system32\drivers\sbapifs.sys

2013-01-10 16:26 . 2012-09-12 19:19 22064 ----a-w- c:\windows\system32\drivers\sbaphd.sys

2013-01-10 16:26 . 2013-01-10 16:26 -------- d-----w- c:\documents and settings\All Users\Application Data\Lavasoft

2013-01-10 16:26 . 2013-01-10 16:39 -------- d-----w- c:\program\Ad-Aware Antivirus

2013-01-10 16:26 . 2013-01-10 16:26 -------- d-----w- c:\windows\system32\drivers\VDD

2013-01-08 21:26 . 2013-01-08 21:26 16369160 ----a-w- c:\windows\system32\FlashPlayerInstaller.exe

2013-01-01 18:20 . 2013-01-01 18:20 -------- d-----w- c:\program\TAP-Windows

2013-01-01 17:46 . 2013-01-01 18:20 -------- d-----w- c:\program\OpenVPN

2012-12-28 17:06 . 2012-12-28 17:06 -------- d-----w- c:\documents and settings\All Users\Application Data\WoW Worldwide Software LTD

2012-12-28 17:06 . 2012-12-28 17:06 -------- d-----w- c:\documents and settings\All Users\Application Data\Premium

2012-12-28 17:06 . 2012-12-28 17:06 -------- d-----w- c:\program\ZoomEx

2012-12-28 17:06 . 2013-01-13 10:51 -------- d-----w- c:\documents and settings\All Users\Application Data\Zoomex

2012-12-28 17:05 . 2012-12-28 17:06 -------- d-----w- c:\documents and settings\All Users\Application Data\InstallMate

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))

.

2013-01-08 21:26 . 2012-04-04 13:44 697864 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2013-01-08 21:26 . 2011-12-12 18:40 74248 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2012-12-16 12:23 . 2004-08-04 12:00 290560 ----a-w- c:\windows\system32\atmfd.dll

2012-12-14 15:49 . 2009-10-27 17:20 21104 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-11-13 11:55 . 2004-08-04 12:00 1866368 ----a-w- c:\windows\system32\win32k.sys

2012-11-06 02:00 . 2008-08-29 19:06 1371648 ----a-w- c:\windows\system32\msxml6.dll

2012-11-02 02:04 . 2004-08-04 12:00 375296 ----a-w- c:\windows\system32\dpnet.dll

2012-11-01 12:13 . 2004-08-04 12:00 916992 ----a-w- c:\windows\system32\wininet.dll

2012-11-01 12:13 . 2004-08-04 12:00 43520 ----a-w- c:\windows\system32\licmgr10.dll

2012-11-01 12:13 . 2004-08-04 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl

2012-11-01 00:35 . 2004-08-04 12:00 385024 ----a-w- c:\windows\system32\html.iec

2012-10-25 02:12 . 2012-10-25 02:12 94208 ----a-w- c:\windows\system32\QuickTimeVR.qtx

2012-10-25 02:12 . 2012-10-25 02:12 69632 ----a-w- c:\windows\system32\QuickTime.qts

2006-05-06 16:42 . 2006-05-09 00:19 7260160 -c--a-w- c:\program\mozilla firefox\plugins\libvlc.dll

2012-07-14 00:17 . 2012-08-15 15:53 136672 ----a-w- c:\program\mozilla firefox\components\browsercomps.dll

2006-05-08 23:58 . 2005-12-16 17:04 60518 ----a-w- c:\program\mozilla firefox\components\jar50.dll

2006-05-08 23:58 . 2005-12-16 17:05 49248 ----a-w- c:\program\mozilla firefox\components\jsd3250.dll

2006-05-08 23:58 . 2005-12-16 17:04 165992 ----a-w- c:\program\mozilla firefox\components\xpinstal.dll

.

.

------- Sigcheck -------

Note: Unsigned files aren't necessarily malware.

.

[-] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB2509553\SP3QFE\tcpip.sys

[-] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys

[-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3GDR\tcpip.sys

[-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\tcpip.sys

[-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\system32\drivers\tcpip.sys

[-] 2008-06-20 . 2A5554FC5B1E04E131230E3CE035C3F9 . 360320 . . [5.1.2600.3394] . . c:\windows\$NtServicePackUninstall$\tcpip.sys

[-] 2008-06-20 . 744E57C99232201AE98C49168B918F48 . 360960 . . [5.1.2600.3394] . . c:\windows\$hf_mig$\KB951748\SP2QFE\tcpip.sys

[7] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB951748$\tcpip.sys

[7] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\tcpip.sys

[-] 2007-10-30 . 90CAFF4B094573449A0872A0F919B178 . 360064 . . [5.1.2600.3244] . . c:\windows\$NtUninstallKB951748_0$\tcpip.sys

[-] 2007-10-30 . 64798ECFA43D78C7178375FCDD16D8C8 . 360832 . . [5.1.2600.3244] . . c:\windows\$hf_mig$\KB941644\SP2QFE\tcpip.sys

[-] 2006-04-20 . B2220C618B42A2212A59D91EBD6FC4B4 . 360576 . . [5.1.2600.2892] . . c:\windows\$hf_mig$\KB917953\SP2QFE\tcpip.sys

[-] 2006-04-20 . 1DBF125862891817F374F407626967F4 . 359808 . . [5.1.2600.2892] . . c:\windows\$NtUninstallKB941644$\tcpip.sys

[-] 2006-01-13 . 5562CC0A47B2AEF06D3417B733F3C195 . 360448 . . [5.1.2600.2827] . . c:\windows\$hf_mig$\KB913446\SP2QFE\tcpip.sys

[-] 2006-01-13 . 583E063FDC888CA30D05C2724B0D7EF4 . 359808 . . [5.1.2600.2827] . . c:\windows\$NtUninstallKB917953$\tcpip.sys

[-] 2005-05-25 . 63FDFEA54EB53DE2D863EE454937CE1E . 359936 . . [5.1.2600.2685] . . c:\windows\$hf_mig$\KB893066\SP2QFE\tcpip.sys

[-] 2005-05-25 . 88763A98A4C26C409741B4AA162720C9 . 359808 . . [5.1.2600.2685] . . c:\windows\$NtUninstallKB913446$\tcpip.sys

[7] 2004-08-04 . 9F4B36614A0FC234525BA224957DE55C . 359040 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB893066$\tcpip.sys

.

[-] 2012-07-06 . 9EF2F9B552CE42DAB5F70A2DBE633316 . 78336 . . [5.1.2600.6260] . . c:\windows\system32\browser.dll

[-] 2012-07-06 . 9EF2F9B552CE42DAB5F70A2DBE633316 . 78336 . . [5.1.2600.6260] . . c:\windows\system32\dllcache\browser.dll

[-] 2012-07-06 . 0A33C4BDAF24CAFDBBDDB1B958C2C9C0 . 78336 . . [5.1.2600.6260] . . c:\windows\$hf_mig$\KB2705219\SP3QFE\browser.dll

[7] 2008-04-14 . E0D4A1CC49EFB58A32B5E9D35798C9DD . 77824 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB2705219$\browser.dll

[7] 2008-04-14 . E0D4A1CC49EFB58A32B5E9D35798C9DD . 77824 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\browser.dll

[7] 2004-08-04 . FEC7F081BB318697FB4EABCBF7E4AFF7 . 77312 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\browser.dll

.

[-] 2009-02-09 . 4538B0C2A67E774F4BB7D4AC1E1036A1 . 401408 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\rpcss.dll

[-] 2009-02-09 . 87DADC3F6E6CD5AAEB913E19CBFF922C . 401408 . . [5.1.2600.5755] . . c:\windows\system32\rpcss.dll

[-] 2009-02-09 . 87DADC3F6E6CD5AAEB913E19CBFF922C . 401408 . . [5.1.2600.5755] . . c:\windows\system32\dllcache\rpcss.dll

[7] 2008-04-14 . CA6C886E70BCD38C4891E26CB4ABD2EB . 399360 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\rpcss.dll

[7] 2008-04-14 . CA6C886E70BCD38C4891E26CB4ABD2EB . 399360 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\rpcss.dll

[-] 2005-07-26 . E12E49A86301548F86D9AD56AD8F499B . 397824 . . [5.1.2600.2726] . . c:\windows\$NtServicePackUninstall$\rpcss.dll

[-] 2005-07-26 . 5BC6EA614F1D21571D49F02221E22C65 . 398336 . . [5.1.2600.2726] . . c:\windows\$hf_mig$\KB902400\SP2QFE\rpcss.dll

[-] 2005-04-28 . 362CC541A52373E7F9631137F279CDB0 . 396288 . . [5.1.2600.2665] . . c:\windows\$hf_mig$\KB894391\SP2QFE\rpcss.dll

[-] 2005-04-28 . 7059858514752EE60172EE1B45BE64F6 . 395776 . . [5.1.2600.2665] . . c:\windows\$NtUninstallKB902400$\rpcss.dll

[-] 2005-01-14 . F6A9A9EF24527C69DDAA576D965EBC39 . 395776 . . [5.1.2600.2595] . . c:\windows\$NtUninstallKB894391$\rpcss.dll

[-] 2005-01-14 . E6DE001EEA4D32DBDE20E69C9842693A . 395776 . . [5.1.2600.2595] . . c:\windows\$hf_mig$\KB873333\SP2QFE\rpcss.dll

[7] 2004-08-04 . 94B83B61A9436F00E28E895AF8E55091 . 395776 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB873333$\rpcss.dll

.

[-] 2009-02-09 . 8870B0C4A094C1CE80CEA6F85FA38FF2 . 110592 . . [5.1.2600.5755] . . c:\windows\system32\services.exe

[-] 2009-02-09 . 8870B0C4A094C1CE80CEA6F85FA38FF2 . 110592 . . [5.1.2600.5755] . . c:\windows\system32\dllcache\services.exe

[-] 2009-02-09 . 5DD875F92626DC3C8F46AB3E6CC1C98E . 110592 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\services.exe

[7] 2008-04-14 . 9436FEE6DF0F12AABDE97BEA8501B538 . 108544 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\services.exe

[7] 2008-04-14 . 9436FEE6DF0F12AABDE97BEA8501B538 . 108544 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\services.exe

[7] 2004-08-04 . 0DF00535E2F5AEFAEAD3A800F75137AF . 108032 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\services.exe

.

[-] 2010-08-17 . 258DD5D4283FD9F9A7166BE9AE45CE73 . 58880 . . [5.1.2600.6024] . . c:\windows\$hf_mig$\KB2347290\SP3QFE\spoolsv.exe

[-] 2010-08-17 . 60784F891563FB1B767F70117FC2428F . 58880 . . [5.1.2600.6024] . . c:\windows\system32\spoolsv.exe

[-] 2010-08-17 . 60784F891563FB1B767F70117FC2428F . 58880 . . [5.1.2600.6024] . . c:\windows\system32\dllcache\spoolsv.exe

[7] 2008-04-14 . AC6A8CEAAF03081DA74EE70EA2124495 . 57856 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB2347290$\spoolsv.exe

[7] 2008-04-14 . AC6A8CEAAF03081DA74EE70EA2124495 . 57856 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\spoolsv.exe

[-] 2005-06-11 . AD3D9D191AEA7B5445FE1D82FFBB4788 . 57856 . . [5.1.2600.2696] . . c:\windows\$hf_mig$\KB896423\SP2QFE\spoolsv.exe

[-] 2005-06-10 . DA81EC57ACD4CDC3D4C51CF3D409AF9F . 57856 . . [5.1.2600.2696] . . c:\windows\$NtServicePackUninstall$\spoolsv.exe

[7] 2004-08-04 . 5770628BC7A7A3E49E7D4426EE60BEE6 . 57856 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB896423$\spoolsv.exe

.

[-] 2010-08-23 . 562F8B09C5200319845C15034343032B . 617472 . . [5.82] . . c:\windows\system32\comctl32.dll

[-] 2010-08-23 . 562F8B09C5200319845C15034343032B . 617472 . . [5.82] . . c:\windows\system32\dllcache\comctl32.dll

[-] 2010-08-23 . 5E79CE13261ED06F145A5929C804A679 . 1054208 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll

[7] 2008-04-14 . EBBEC1CFFA49A5442AD37AB4A619E831 . 617472 . . [5.82] . . c:\windows\$NtUninstallKB2296011$\comctl32.dll

[7] 2008-04-14 . EBBEC1CFFA49A5442AD37AB4A619E831 . 617472 . . [5.82] . . c:\windows\ServicePackFiles\i386\comctl32.dll

[7] 2008-04-14 . 4C3DAA3ACEFD864BB355379035005593 . 1054208 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll

[-] 2006-08-25 . AB90289C689425B99BF59E60B3A0B0DB . 617472 . . [5.82] . . c:\windows\$NtServicePackUninstall$\comctl32.dll

[-] 2006-08-25 . 0A32A7E627CA4980A9956F0F7E7BB280 . 1054208 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll

[7] 2004-08-04 . 5ED72EA9559BDC4CFF5122E7DFD41337 . 611328 . . [5.82] . . c:\windows\$NtUninstallKB923191$\comctl32.dll

[7] 2004-08-04 . AEF3D788DBF40C7C4D204EA45EB0C505 . 921088 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll

[7] 2004-08-04 . 94F53C3BEBF5D0D5EFA3A082E73E1B1F . 1050624 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll

.

[-] 2008-07-07 20:32 . CD4CA297537422B3C836F558EB1813C9 . 253952 . . [2001.12.4414.320] . . c:\windows\$NtServicePackUninstall$\es.dll

[-] 2008-07-07 20:29 . 01CEC6DE315F1A06CE5AA70009C6979E . 253952 . . [2001.12.4414.706] . . c:\windows\$hf_mig$\KB950974\SP3GDR\es.dll

[-] 2008-07-07 20:29 . 01CEC6DE315F1A06CE5AA70009C6979E . 253952 . . [2001.12.4414.706] . . c:\windows\system32\es.dll

[-] 2008-07-07 20:29 . 01CEC6DE315F1A06CE5AA70009C6979E . 253952 . . [2001.12.4414.706] . . c:\windows\system32\dllcache\es.dll

[-] 2008-07-07 20:25 . 66FD60CBE71E38FBF2EC6841D07AA5C3 . 253952 . . [2001.12.4414.706] . . c:\windows\$hf_mig$\KB950974\SP3QFE\es.dll

[-] 2008-07-07 20:23 . 2E8BB8E821E584DA53F6CEDA427BCA4E . 253952 . . [2001.12.4414.320] . . c:\windows\$hf_mig$\KB950974\SP2QFE\es.dll

[7] 2008-04-14 16:04 . 4EC63804DC5809DC0D0BE0AB1EFA0E9E . 246272 . . [2001.12.4414.701] . . c:\windows\$NtUninstallKB950974$\es.dll

[7] 2008-04-14 16:04 . 4EC63804DC5809DC0D0BE0AB1EFA0E9E . 246272 . . [2001.12.4414.701] . . c:\windows\ServicePackFiles\i386\es.dll

[-] 2005-07-26 04:42 . ACA3566EC6CB15B865AA06446FFA25FA . 243200 . . [2001.12.4414.308] . . c:\windows\$NtUninstallKB950974_0$\es.dll

[-] 2005-07-26 04:36 . 47CA2FBC71A0B94DE5B80688A7B8F403 . 243200 . . [2001.12.4414.308] . . c:\windows\$hf_mig$\KB902400\SP2QFE\es.dll

[7] 2004-08-04 12:00 . 40D5BBA450D4D639394B1B042C8DBA56 . 243200 . . [2001.12.4414.258] . . c:\windows\$NtUninstallKB902400$\es.dll

.

[-] 2012-10-03 . 0C9DDFC06BCA2EB0DF5A4A1AA30A34E7 . 1004032 . . [5.1.2600.6293] . . c:\windows\system32\kernel32.dll

[-] 2012-10-03 . 0C9DDFC06BCA2EB0DF5A4A1AA30A34E7 . 1004032 . . [5.1.2600.6293] . . c:\windows\system32\dllcache\kernel32.dll

[-] 2012-10-03 . 2929D3878575AE85A0E98310F1DF2168 . 1005568 . . [5.1.2600.6293] . . c:\windows\$hf_mig$\KB2758857\SP3QFE\kernel32.dll

[-] 2009-03-21 . 7F06ACEFD3A4B040BB59822DED9B5474 . 1003520 . . [5.1.2600.5781] . . c:\windows\$NtUninstallKB2758857$\kernel32.dll

[-] 2009-03-21 . 7140C1C1AA3814D9772E1E744EADFEF7 . 1005568 . . [5.1.2600.5781] . . c:\windows\$hf_mig$\KB959426\SP3QFE\kernel32.dll

[7] 2008-04-14 . 19563163BDBEA684ED7CACA71A0CC117 . 1003520 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB959426$\kernel32.dll

[7] 2008-04-14 . 19563163BDBEA684ED7CACA71A0CC117 . 1003520 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\kernel32.dll

[-] 2007-04-16 . 640B544B361CDFC99B853FD7FCE26442 . 999936 . . [5.1.2600.3119] . . c:\windows\$hf_mig$\KB935839\SP2QFE\kernel32.dll

[-] 2007-04-16 . 52FE0CA8B61F85DF3A8E40AC39662163 . 998400 . . [5.1.2600.3119] . . c:\windows\$NtServicePackUninstall$\kernel32.dll

[-] 2006-07-05 . 652FC5CEBDD1E96A3CEA13135741EE8C . 998912 . . [5.1.2600.2945] . . c:\windows\$hf_mig$\KB917422\SP2QFE\kernel32.dll

[-] 2006-07-05 . C4F2E5F3C6839E1338D4F3ADFA76227A . 997888 . . [5.1.2600.2945] . . c:\windows\$NtUninstallKB935839$\kernel32.dll

[7] 2004-08-04 . 673505731AA42D4F635968C3754BEBF1 . 997376 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB917422$\kernel32.dll

.

[-] 2012-11-12 . 7286259C0885484B2FBE78CC22E87E81 . 6008832 . . [8.00.6001.19393] . . c:\windows\system32\mshtml.dll

[-] 2012-11-12 . 7286259C0885484B2FBE78CC22E87E81 . 6008832 . . [8.00.6001.19393] . . c:\windows\system32\dllcache\mshtml.dll

[-] 2012-11-12 . 18FCFFF138F474B5D0470E5A9917C454 . 6010880 . . [8.00.6001.23461] . . c:\windows\$hf_mig$\KB2761465-IE8\SP3QFE\mshtml.dll

[-] 2012-08-28 . 0ED2623559C3415A4367EBE9E04E0AB5 . 6008832 . . [8.00.6001.19328] . . c:\windows\ie8updates\KB2761465-IE8\mshtml.dll

[-] 2012-08-28 . 6A26231CFAFC7B1F7D6F3572F551A0E8 . 6010368 . . [8.00.6001.23415] . . c:\windows\$hf_mig$\KB2744842-IE8\SP3QFE\mshtml.dll

[-] 2012-07-02 . CA5D92090A3417202B3F1D7F0E2B3395 . 6008320 . . [8.00.6001.19298] . . c:\windows\ie8updates\KB2744842-IE8\mshtml.dll

[-] 2012-07-02 . 00F771FDA543FA0EB8D5AEC4C0030BBA . 6010368 . . [8.00.6001.23385] . . c:\windows\$hf_mig$\KB2722913-IE8\SP3QFE\mshtml.dll

[-] 2012-05-11 . 7F217F917B410A944ADC5471E2DBB7B6 . 6007808 . . [8.00.6001.19258] . . c:\windows\ie8updates\KB2722913-IE8\mshtml.dll

[-] 2012-05-11 . 9CDA1B7572AD159224D938784946DB76 . 6009344 . . [8.00.6001.23345] . . c:\windows\$hf_mig$\KB2699988-IE8\SP3QFE\mshtml.dll

[-] 2012-03-01 . 61C2910038E803FBFF182AB1E20A1123 . 5978624 . . [8.00.6001.19222] . . c:\windows\ie8updates\KB2699988-IE8\mshtml.dll

[-] 2012-03-01 . 851A311A6E2E0BFF476A8E10615BA3B9 . 5980672 . . [8.00.6001.23318] . . c:\windows\$hf_mig$\KB2675157-IE8\SP3QFE\mshtml.dll

[-] 2011-12-17 . 8B15CC7C09006236CF0AD62256918C71 . 5979136 . . [8.00.6001.19190] . . c:\windows\ie8updates\KB2675157-IE8\mshtml.dll

[-] 2011-12-17 . BB381E164FB8B667606FAB2AA5272E8A . 5980160 . . [8.00.6001.23286] . . c:\windows\$hf_mig$\KB2647516-IE8\SP3QFE\mshtml.dll

[-] 2011-11-04 . 1E12EB191741746AB33A310EB909112A . 5978112 . . [8.00.6001.19170] . . c:\windows\ie8updates\KB2647516-IE8\mshtml.dll

[-] 2011-11-04 . 6FD0598DD1CDB5EF7C5745C6847AEC65 . 5978624 . . [8.00.6001.23266] . . c:\windows\$hf_mig$\KB2618444-IE8\SP3QFE\mshtml.dll

[-] 2011-10-03 . 7FC922AE3B3520C60DE9C50542514040 . 5971456 . . [8.00.6001.19154] . . c:\windows\ie8updates\KB2618444-IE8\mshtml.dll

[-] 2011-10-03 . 82BEB2A3AC15D1E277030075B2D97CD2 . 5972992 . . [8.00.6001.23250] . . c:\windows\$hf_mig$\KB2586448-IE8\SP3QFE\mshtml.dll

[-] 2011-07-25 . 55255BD1E59D5083433F2DAAE1B2E3DC . 5969920 . . [8.00.6001.19120] . . c:\windows\ie8updates\KB2586448-IE8\mshtml.dll

[-] 2011-07-25 . 39603A9CF4396C29E5973171558114E2 . 5971456 . . [8.00.6001.23216] . . c:\windows\$hf_mig$\KB2559049-IE8\SP3QFE\mshtml.dll

[-] 2011-05-30 . 942B4D75B3739EEEAE2DE87F61E1E456 . 5964800 . . [8.00.6001.19088] . . c:\windows\ie8updates\KB2559049-IE8\mshtml.dll

[-] 2011-05-30 . 65ABCDF7BD4956C87F763D389F9E1470 . 5967360 . . [8.00.6001.23181] . . c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\mshtml.dll

[-] 2011-02-22 . 3C7BB3AAB3D5608C2D15498EA2573B4C . 5964800 . . [8.00.6001.23141] . . c:\windows\$hf_mig$\KB2497640-IE8\SP3QFE\mshtml.dll

[-] 2011-02-22 . 996E895ACB7468477182B77FDB42CE0D . 5962240 . . [8.00.6001.19046] . . c:\windows\ie8updates\KB2530548-IE8\mshtml.dll

[-] 2010-12-20 . E70DD5D109E9E610A57BB7D8A2106789 . 5961216 . . [8.00.6001.19019] . . c:\windows\ie8updates\KB2497640-IE8\mshtml.dll

[-] 2010-12-20 . 2C291720968CD8B75BA390CADAC2FDF8 . 5962240 . . [8.00.6001.23111] . . c:\windows\$hf_mig$\KB2482017-IE8\SP3QFE\mshtml.dll

[-] 2010-11-06 . FB8065BF11A166FFDEAC1EC26E91407C . 5960704 . . [8.00.6001.23091] . . c:\windows\$hf_mig$\KB2416400-IE8\SP3QFE\mshtml.dll

[-] 2010-11-06 . 827E2C1FF4450F046712F78A33F1C3B9 . 5959168 . . [8.00.6001.18999] . . c:\windows\ie8updates\KB2482017-IE8\mshtml.dll

[-] 2010-09-10 . E4C8A11E1EA5DF30F7D22650982A6594 . 5957120 . . [8.00.6001.18975] . . c:\windows\ie8updates\KB2416400-IE8\mshtml.dll

[-] 2010-09-10 . 37FEF33F890FB081EBC223F01D8007F3 . 5958656 . . [8.00.6001.23067] . . c:\windows\$hf_mig$\KB2360131-IE8\SP3QFE\mshtml.dll

.

[-] 2008-06-20 . BAA1DE3A083F4120840BA929A7366867 . 247296 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3GDR\mswsock.dll

[-] 2008-06-20 . BAA1DE3A083F4120840BA929A7366867 . 247296 . . [5.1.2600.5625] . . c:\windows\$NtUninstallKB2509553$\mswsock.dll

[-] 2008-06-20 . B19355968C355A918F9A3E0B12AA1523 . 247296 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB2509553\SP3QFE\mswsock.dll

[-] 2008-06-20 . B19355968C355A918F9A3E0B12AA1523 . 247296 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\mswsock.dll

[-] 2008-06-20 . D05ED17C8AF0F0124A616D9E40754976 . 247296 . . [5.1.2600.3394] . . c:\windows\$NtServicePackUninstall$\mswsock.dll

[-] 2008-06-20 . 158DE3426F164E76994B7B7967310787 . 247296 . . [5.1.2600.3394] . . c:\windows\$hf_mig$\KB951748\SP2QFE\mswsock.dll

[-] 2008-06-20 . D080A76F42DFE1E7AF0C069AE5BAD8FC . 247296 . . [5.1.2600.5625] . . c:\windows\system32\mswsock.dll

[-] 2008-06-20 . D080A76F42DFE1E7AF0C069AE5BAD8FC . 247296 . . [5.1.2600.5625] . . c:\windows\system32\dllcache\mswsock.dll

[7] 2008-04-14 . BABB92BC3369AC9E2DD47DB5976A11D0 . 247296 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB951748$\mswsock.dll

[7] 2008-04-14 . BABB92BC3369AC9E2DD47DB5976A11D0 . 247296 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\mswsock.dll

[7] 2004-08-04 . 85D58E28D38F3E3B6E6C6912BFB9562D . 247296 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB951748_0$\mswsock.dll

.

[-] 2012-11-01 . 87A7B4F2F699534536254C663441C1F8 . 916992 . . [8.00.6001.19389] . . c:\windows\system32\wininet.dll

[-] 2012-11-01 . 87A7B4F2F699534536254C663441C1F8 . 916992 . . [8.00.6001.19389] . . c:\windows\system32\dllcache\wininet.dll

[-] 2012-11-01 . 83190B0C663E6EE8C0433813B88F9B70 . 920064 . . [8.00.6001.23458] . . c:\windows\$hf_mig$\KB2761465-IE8\SP3QFE\wininet.dll

[-] 2012-08-28 . 37D767B12EB6BDEC360FBE087CED99AE . 916992 . . [8.00.6001.19328] . . c:\windows\ie8updates\KB2761465-IE8\wininet.dll

[-] 2012-08-28 . 67C536C69B093070A709DD0888F930B4 . 920064 . . [8.00.6001.23415] . . c:\windows\$hf_mig$\KB2744842-IE8\SP3QFE\wininet.dll

[-] 2012-07-02 . 92312219A2325314583B31258E4CB8F8 . 916992 . . [8.00.6001.19298] . . c:\windows\ie8updates\KB2744842-IE8\wininet.dll

[-] 2012-07-02 . 99FE5803F67275CA7867EC0E651898A6 . 920064 . . [8.00.6001.23385] . . c:\windows\$hf_mig$\KB2722913-IE8\SP3QFE\wininet.dll

[-] 2012-05-16 . 26F483005D59EB9FFB7A245AE47726AC . 916992 . . [8.00.6001.19272] . . c:\windows\ie8updates\KB2722913-IE8\wininet.dll

[-] 2012-05-16 . 5338C6E38F83257FD3F6D49FE75B0768 . 920064 . . [8.00.6001.23359] . . c:\windows\$hf_mig$\KB2699988-IE8\SP3QFE\wininet.dll

[-] 2012-03-01 . B0498F01E2E60CA7A58030FE5FB6D5A0 . 916992 . . [8.00.6001.19222] . . c:\windows\ie8updates\KB2699988-IE8\wininet.dll

[-] 2012-03-01 . C4CCD1F4BB0E3389F17DE5145E2BA285 . 919552 . . [8.00.6001.23318] . . c:\windows\$hf_mig$\KB2675157-IE8\SP3QFE\wininet.dll

[-] 2011-12-17 . BC3F468759F4F84DB8D365F70056E957 . 916992 . . [8.00.6001.19190] . . c:\windows\ie8updates\KB2675157-IE8\wininet.dll

[-] 2011-12-17 . F7209B0D7AA24ABAD233EA22834812E0 . 919552 . . [8.00.6001.23286] . . c:\windows\$hf_mig$\KB2647516-IE8\SP3QFE\wininet.dll

[-] 2011-11-04 . 604D0A010DA40B712F418EDC25C96E7A . 916992 . . [8.00.6001.19165] . . c:\windows\ie8updates\KB2647516-IE8\wininet.dll

[-] 2011-11-04 . 759916FBD440B001F018AA223EDD450C . 919552 . . [8.00.6001.23261] . . c:\windows\$hf_mig$\KB2618444-IE8\SP3QFE\wininet.dll

[-] 2011-08-22 . C937B6637A5F522140B7948D95BDD2A7 . 916480 . . [8.00.6001.19131] . . c:\windows\ie8updates\KB2618444-IE8\wininet.dll

[-] 2011-08-22 . 6349EDC6F534CE6981FC1D085FC782D7 . 919552 . . [8.00.6001.23227] . . c:\windows\$hf_mig$\KB2586448-IE8\SP3QFE\wininet.dll

[-] 2011-06-23 . F28B39394677C5998EFE5F8FF030CC2D . 916480 . . [8.00.6001.19098] . . c:\windows\ie8updates\KB2586448-IE8\wininet.dll

[-] 2011-06-23 . 07356D1E224F466B8E524CA7D9A184E3 . 919552 . . [8.00.6001.23192] . . c:\windows\$hf_mig$\KB2559049-IE8\SP3QFE\wininet.dll

[-] 2011-04-25 . C268139DD77048353A45CEA86047954D . 916480 . . [8.00.6001.19072] . . c:\windows\ie8updates\KB2559049-IE8\wininet.dll

[-] 2011-04-25 . B8348756FA8DF24501EC67FB6EB33B7C . 919552 . . [8.00.6001.23165] . . c:\windows\$hf_mig$\KB2530548-IE8\SP3QFE\wininet.dll

[-] 2011-02-22 . C7058599CFEE39517F1336F8652EB35D . 919552 . . [8.00.6001.23139] . . c:\windows\$hf_mig$\KB2497640-IE8\SP3QFE\wininet.dll

[-] 2011-02-22 . 32D3107C81C4F5348DFA6001618243B0 . 916480 . . [8.00.6001.19044] . . c:\windows\ie8updates\KB2530548-IE8\wininet.dll

[-] 2010-12-20 . 29AAC5A912480DAC0A84A8BA1195C09B . 916480 . . [8.00.6001.19019] . . c:\windows\ie8updates\KB2497640-IE8\wininet.dll

[-] 2010-12-20 . D234CEE02763AD1CA30DA471732A4C9D . 919552 . . [8.00.6001.23111] . . c:\windows\$hf_mig$\KB2482017-IE8\SP3QFE\wininet.dll

[-] 2010-11-06 . 016F748DDD309B98D3BA920BEA86769F . 919552 . . [8.00.6001.23084] . . c:\windows\$hf_mig$\KB2416400-IE8\SP3QFE\wininet.dll

[-] 2010-11-06 . 6FFDD4C07050B55AC5C7A71BDB3E9C61 . 916480 . . [8.00.6001.18992] . . c:\windows\ie8updates\KB2482017-IE8\wininet.dll

[-] 2010-09-10 . DC0C11C12E019E672751CE3CD1F989BC . 916480 . . [8.00.6001.18968] . . c:\windows\ie8updates\KB2416400-IE8\wininet.dll

[-] 2010-09-10 . B3193996106E14A1422C63A06F9BC037 . 919552 . . [8.00.6001.23060] . . c:\windows\$hf_mig$\KB2360131-IE8\SP3QFE\wininet.dll

[-] 2010-06-24 . F682D61A4B0147A5350113826EA44C47 . 919040 . . [8.00.6001.23037] . . c:\windows\$hf_mig$\KB2183461-IE8\SP3QFE\wininet.dll

[-] 2010-06-24 . 42711EBE7839DB4276A83E21D851CA56 . 916480 . . [8.00.6001.18939] . . c:\windows\ie8updates\KB2360131-IE8\wininet.dll

[-] 2010-05-06 . 1A0EA3EE4E8B93E7A5B8CC895A5B2EBA . 916480 . . [8.00.6001.18923] . . c:\windows\ie8updates\KB2183461-IE8\wininet.dll

[-] 2010-05-06 . D387F3E5A6A4E59B1EBFF8A3555A9C9C . 919040 . . [8.00.6001.23014] . . c:\windows\$hf_mig$\KB982381-IE8\SP3QFE\wininet.dll

[-] 2010-02-25 . CB24BF26D64160DD72D67FDBD4A4C723 . 916480 . . [8.00.6001.18904] . . c:\windows\ie8updates\KB982381-IE8\wininet.dll

[-] 2010-02-25 . 53F23297C2769CD3D335AE26C4E4D7A3 . 919040 . . [8.00.6001.22995] . . c:\windows\$hf_mig$\KB980182-IE8\SP3QFE\wininet.dll

[-] 2009-12-21 . 5697BB13923C753C54697FBDFFB6FB0E . 916480 . . [8.00.6001.18876] . . c:\windows\ie8updates\KB980182-IE8\wininet.dll

[-] 2009-12-21 . 493D1BB6DE014EC0558F61D5EE303260 . 916480 . . [8.00.6001.22967] . . c:\windows\$hf_mig$\KB978207-IE8\SP3QFE\wininet.dll

[-] 2009-10-29 . 36583A6EA9E90CA8154D98E12C56BA5B . 916480 . . [8.00.6001.18854] . . c:\windows\ie8updates\KB978207-IE8\wininet.dll

[-] 2009-10-29 . 12B2C000E7DFA661969BB79B145E5829 . 916480 . . [8.00.6001.22945] . . c:\windows\$hf_mig$\KB976325-IE8\SP3QFE\wininet.dll

[-] 2009-08-29 . AEEB8BE257696A60204489D173446754 . 916480 . . [8.00.6001.18828] . . c:\windows\ie8updates\KB976325-IE8\wininet.dll

[-] 2009-08-29 . 00F8442F558E57497BD7770E23C0CB37 . 916480 . . [8.00.6001.22918] . . c:\windows\$hf_mig$\KB974455-IE8\SP3QFE\wininet.dll

[-] 2009-08-29 . C3CC89AC97F6974A4DB17AF797801577 . 832512 . . [7.00.6000.16915] . . c:\windows\ie8\wininet.dll

[-] 2009-08-29 . 9B8B871463F8788744D9F9BD42F8AA1C . 840704 . . [7.00.6000.21115] . . c:\windows\$hf_mig$\KB974455-IE7\SP3QFE\wininet.dll

[-] 2009-06-29 . F021A0061DC81F19D65ED4284C77B8C8 . 828928 . . [7.00.6000.21073] . . c:\windows\$hf_mig$\KB972260-IE7\SP3QFE\wininet.dll

[-] 2009-06-29 . 142866074A14770AFA31AFFDF0ECF3B9 . 827392 . . [7.00.6000.16876] . . c:\windows\ie7updates\KB974455-IE7\wininet.dll

[-] 2009-05-13 . F141583C843A96E3D3A293317C71202A . 915456 . . [8.00.6001.22873] . . c:\windows\$hf_mig$\KB969897-IE8\SP3QFE\wininet.dll

[-] 2009-04-29 . BC630EB9588ECD233A8CB1F6F8814818 . 827392 . . [7.00.6000.16850] . . c:\windows\ie7updates\KB972260-IE7\wininet.dll

[-] 2009-04-29 . 6573A45D1638306D9DFE658FDAF8F0D1 . 828928 . . [7.00.6000.21045] . . c:\windows\$hf_mig$\KB969897-IE7\SP3QFE\wininet.dll

[7] 2009-03-08 . 6CE32F7778061CCC5814D5E0F282D369 . 914944 . . [8.00.6001.18702] . . c:\windows\ie8updates\KB974455-IE8\wininet.dll

[-] 2009-03-03 . F43B023F7B8787130195B8022D7C9AB8 . 828416 . . [7.00.6000.21020] . . c:\windows\$hf_mig$\KB963027-IE7\SP3QFE\wininet.dll

[-] 2009-03-03 . 24B9709F1470B436A6CD2E8A9FA90BFE . 826368 . . [7.00.6000.16827] . . c:\windows\ie7updates\KB969897-IE7\wininet.dll

[-] 2008-12-20 . 25760D831FB2C82B6C7D14E27A00F9F3 . 827904 . . [7.00.6000.20978] . . c:\windows\$hf_mig$\KB961260-IE7\SP2QFE\wininet.dll

[-] 2008-12-20 . 1AAB5F08D42E5C08F9614FF5EB1FF939 . 826368 . . [7.00.6000.16791] . . c:\windows\ie7updates\KB963027-IE7\wininet.dll

[-] 2008-10-16 . 046DA003D4E4664EBBF9EA40B79BDC28 . 826368 . . [7.00.6000.16762] . . c:\windows\ie7updates\KB961260-IE7\wininet.dll

[-] 2008-10-16 . E54A023EEB7DCF92ADD34940679078E2 . 827904 . . [7.00.6000.20935] . . c:\windows\$hf_mig$\KB958215-IE7\SP2QFE\wininet.dll

[-] 2008-08-26 . 27431705F27B772F4F7903E4BF96EFB2 . 827904 . . [7.00.6000.20900] . . c:\windows\$hf_mig$\KB956390-IE7\SP2QFE\wininet.dll

[-] 2008-08-26 . 91A76D98B206723D21612AECBC1D65CE . 826368 . . [7.00.6000.16735] . . c:\windows\ie7updates\KB958215-IE7\wininet.dll

[-] 2008-06-23 . CE365A16790EC5C5DDDC78820949C02E . 826368 . . [7.00.6000.16705] . . c:\windows\ie7updates\KB956390-IE7\wininet.dll

[-] 2008-06-23 . 763148C042469C197933AC956E566226 . 827904 . . [7.00.6000.20861] . . c:\windows\$hf_mig$\KB953838-IE7\SP2QFE\wininet.dll

[-] 2008-04-23 . F95A6BD811247A0A8AE2C8B99DECD873 . 826368 . . [7.00.6000.16674] . . c:\windows\ie7updates\KB953838-IE7\wininet.dll

[-] 2008-04-23 . 21FC0AE15F561EDC35D82C8DE85C2851 . 827392 . . [7.00.6000.20815] . . c:\windows\$hf_mig$\KB950759-IE7\SP2QFE\wininet.dll

[7] 2008-04-14 . B8D98F0CDF9B1429CD95497AD9995078 . 666624 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\wininet.dll

[-] 2008-03-01 . F51A84F3B4109769F91E6348D01E2AC1 . 826368 . . [7.00.6000.16640] . . c:\windows\ie7updates\KB950759-IE7\wininet.dll

[-] 2008-03-01 . 893312E4B19721A4DE83411C4BABAB61 . 827392 . . [7.00.6000.20772] . . c:\windows\$hf_mig$\KB947864-IE7\SP2QFE\wininet.dll

[-] 2007-12-07 . F8657486CE7494F9371057957642083A . 824832 . . [7.00.6000.16608] . . c:\windows\ie7updates\KB947864-IE7\wininet.dll

[-] 2007-12-07 . 520880D2467F57DD5325790F0C799B3E . 825344 . . [7.00.6000.20733] . . c:\windows\$hf_mig$\KB944533-IE7\SP2QFE\wininet.dll

[-] 2007-10-10 . 41669FAD846F6C003C1FFD8B747C6FA4 . 824832 . . [7.00.6000.16574] . . c:\windows\ie7updates\KB944533-IE7\wininet.dll

[-] 2007-10-10 . BDE874A25C35A9B2648B1BF510595F12 . 825344 . . [7.00.6000.20696] . . c:\windows\$hf_mig$\KB942615-IE7\SP2QFE\wininet.dll

[-] 2007-08-20 . A6595B9A6DA2527C3677F24FB3D9A5E1 . 824832 . . [7.00.6000.16544] . . c:\windows\ie7updates\KB942615-IE7\wininet.dll

[-] 2007-08-20 . 8D8A997682F862B5911D2415673509A0 . 825344 . . [7.00.6000.20661] . . c:\windows\$hf_mig$\KB939653-IE7\SP2QFE\wininet.dll

[-] 2007-06-27 . E91E48460C63A978BF7698E4D5BFC63C . 824320 . . [7.00.6000.20627] . . c:\windows\$hf_mig$\KB937143-IE7\SP2QFE\wininet.dll

[-] 2007-06-27 . 2BC70EE828BADCF36074F8790EBF21BF . 823808 . . [7.00.6000.16512] . . c:\windows\ie7updates\KB939653-IE7\wininet.dll

[-] 2007-04-25 . CE6CEECC6C03C19021B3FA79D46220D6 . 823808 . . [7.00.6000.20583] . . c:\windows\$hf_mig$\KB933566-IE7\SP2QFE\wininet.dll

[-] 2007-04-25 . 38301DA426800FBC32929C91031D436D . 822784 . . [7.00.6000.16473] . . c:\windows\ie7updates\KB937143-IE7\wininet.dll

[-] 2007-03-07 . A7260F689F6F2D14CE96EC5DDFDE62C6 . 822784 . . [7.00.6000.16441] . . c:\windows\ie7updates\KB933566-IE7\wininet.dll

[-] 2007-03-07 . 4A3CD2AF6ED72409E24C8BCE4884BD7C . 823296 . . [7.00.6000.20544] . . c:\windows\$hf_mig$\KB931768-IE7\SP2QFE\wininet.dll

[-] 2007-01-12 . BE43D00D802C92F01C8CC952C6F483F8 . 822784 . . [7.00.6000.16414] . . c:\windows\ie7updates\KB931768-IE7\wininet.dll

[7] 2006-11-07 . 92995334F993E6E49C25C6D02EC04401 . 818688 . . [7.00.5730.11] . . c:\windows\ie7updates\KB928090-IE7\wininet.dll

[-] 2006-10-23 . 43CD9445A02B0EFC6C08CB86443A16AE . 665088 . . [6.00.2900.3020] . . c:\windows\$hf_mig$\KB925454\SP2QFE\wininet.dll

[-] 2006-10-23 . 43CD9445A02B0EFC6C08CB86443A16AE . 665088 . . [6.00.2900.3020] . . c:\windows\ie7\wininet.dll

[-] 2006-10-23 . 19EA0693BA34D729A4A1921A746F3250 . 659456 . . [6.00.2900.3020] . . c:\windows\$NtUninstallKB925454$\wininet.dll

[-] 2006-09-14 . 87E6CD67BD79CF6C4C3FBD31C4686F88 . 659456 . . [6.00.2900.2995] . . c:\windows\$NtUninstallKB925454_0$\wininet.dll

[-] 2006-09-14 . 124B5B1D140B7A5DC8F23172B5125C81 . 665088 . . [6.00.2900.2995] . . c:\windows\$hf_mig$\KB922760\SP2QFE\wininet.dll

[-] 2006-06-23 . 466146844C05DD41E7DA573E2F52634A . 665088 . . [6.00.2900.2937] . . c:\windows\$hf_mig$\KB918899\SP2QFE\wininet.dll

[-] 2006-06-23 . 31E0E3C26DC271DF369C5AC9069FEEC4 . 659456 . . [6.00.2900.2937] . . c:\windows\$NtUninstallKB922760$\wininet.dll

[-] 2006-05-10 . 193EBB237B05182975EE44BDA3405AF1 . 664064 . . [6.00.2900.2904] . . c:\windows\$hf_mig$\KB916281\SP2QFE\wininet.dll

[-] 2006-05-10 . E9372769A6F16D88A5073A18D7271ECD . 658944 . . [6.00.2900.2904] . . c:\windows\$NtUninstallKB918899$\wininet.dll

[-] 2006-03-04 . 819E02A05620B87947B36B7116BE7D8C . 664064 . . [6.00.2900.2861] . . c:\windows\$hf_mig$\KB912812\SP2QFE\wininet.dll

[-] 2006-03-04 . F433A7566F00377CCCB60641D54EB454 . 658944 . . [6.00.2900.2861] . . c:\windows\$NtUninstallKB916281$\wininet.dll

[-] 2005-10-21 . 86BF3664B86C59C669D8FF99B150F105 . 658944 . . [6.00.2900.2781] . . c:\windows\$NtUninstallKB912812$\wininet.dll

[-] 2005-10-21 . D3B9F978B4927B4A674546896BF981EF . 662016 . . [6.00.2900.2781] . . c:\windows\$hf_mig$\KB905915\SP2QFE\wininet.dll

[-] 2005-09-02 . 858630D7DDA6BADADCE01CD2A5C38766 . 660992 . . [6.00.2900.2753] . . c:\windows\$hf_mig$\KB896688\SP2QFE\wininet.dll

[-] 2005-09-02 . 4D4137857D9DACC4164CA392E489E40B . 658944 . . [6.00.2900.2753] . . c:\windows\$NtUninstallKB905915$\wininet.dll

[-] 2005-07-03 . 9AC56896368DF693D6C6B1C49619F35B . 658944 . . [6.00.2900.2713] . . c:\windows\$NtUninstallKB896688$\wininet.dll

[-] 2005-07-03 . BA9782F552ECFBF018FE99E4F9CF7715 . 659968 . . [6.00.2900.2713] . . c:\windows\$hf_mig$\KB896727\SP2QFE\wininet.dll

[7] 2004-08-04 . 9F721BD834534E75661D8F9BD1EFDCD7 . 656896 . . [6.00.2900.2180] . . c:\windows\$NtUninstallKB896727$\wininet.dll

.

[-] 2011-11-01 . 7B56AE90D9230BDDC3D65CE71F5DB2CC . 1288192 . . [5.1.2600.6168] . . c:\windows\system32\ole32.dll

[-] 2011-11-01 . 7B56AE90D9230BDDC3D65CE71F5DB2CC . 1288192 . . [5.1.2600.6168] . . c:\windows\system32\dllcache\ole32.dll

[-] 2011-11-01 . 61664E961F37313E5E89ED815ED4846A . 1288704 . . [5.1.2600.6168] . . c:\windows\$hf_mig$\KB2624667\SP3QFE\ole32.dll

[-] 2010-07-16 . 431B63EE44CF124333A25A719904E9AA . 1287680 . . [5.1.2600.6010] . . c:\windows\$NtUninstallKB2624667$\ole32.dll

[-] 2010-07-16 . 737EE29A1F8682D41C152B6A3F5032EF . 1288704 . . [5.1.2600.6010] . . c:\windows\$hf_mig$\KB979687\SP3QFE\ole32.dll

[7] 2008-04-14 . 4B33B420A4F08C50AA4CFF9F6DED7C5C . 1287168 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB979687$\ole32.dll

[7] 2008-04-14 . 4B33B420A4F08C50AA4CFF9F6DED7C5C . 1287168 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ole32.dll

[-] 2005-07-26 . E54D5B4938CEA88A0170B4B962FEB057 . 1284608 . . [5.1.2600.2726] . . c:\windows\$NtServicePackUninstall$\ole32.dll

[-] 2005-07-26 . 3915469CB96DF287A202AED5B02F0A18 . 1285632 . . [5.1.2600.2726] . . c:\windows\$hf_mig$\KB902400\SP2QFE\ole32.dll

[-] 2005-04-28 . 2EE11A01AE64005B6E697BF6240E7A7C . 1286144 . . [5.1.2600.2665] . . c:\windows\$hf_mig$\KB894391\SP2QFE\ole32.dll

[-] 2005-04-28 . 79D76791982565DF36E57468A286B9E7 . 1284608 . . [5.1.2600.2665] . . c:\windows\$NtUninstallKB902400$\ole32.dll

[-] 2005-01-14 . 9A3E01BF53AE2BA0163EBED323DAC447 . 1284608 . . [5.1.2600.2595] . . c:\windows\$NtUninstallKB894391$\ole32.dll

[-] 2005-01-14 . 696FC586BD761D44CE966F6858DC9575 . 1284608 . . [5.1.2600.2595] . . c:\windows\$hf_mig$\KB873333\SP2QFE\ole32.dll

[7] 2004-08-04 . 4D9914A7733F18DE24DB196394DCBBCF . 1281024 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB873333$\ole32.dll

.

[-] 2010-04-16 . 16BB1D4E6F21C39D4FEF41CEC7ACB39E . 406016 . . [1.0420.2600.5969] . . c:\windows\system32\usp10.dll

[-] 2010-04-16 . 16BB1D4E6F21C39D4FEF41CEC7ACB39E . 406016 . . [1.0420.2600.5969] . . c:\windows\system32\dllcache\usp10.dll

[-] 2010-04-16 . 852BFF85CFD592C6A630696C9F18FD8D . 406016 . . [1.0420.2600.5969] . . c:\windows\$hf_mig$\KB981322\SP3QFE\usp10.dll

[7] 2008-04-14 . D36AD400FEBC1BD38CBA6F69187C3823 . 406016 . . [1.0420.2600.5512] . . c:\windows\$NtUninstallKB981322$\usp10.dll

[7] 2008-04-14 . D36AD400FEBC1BD38CBA6F69187C3823 . 406016 . . [1.0420.2600.5512] . . c:\windows\ServicePackFiles\i386\usp10.dll

[7] 2004-08-04 . 6C0C7ED2908BC01121FB8CFED00D9F27 . 406528 . . [1.0420.2600.2180] . . c:\windows\$NtServicePackUninstall$\usp10.dll

.

[-] 2009-07-27 . C5684B98920F9BA98D6A33701CA816E6 . 135168 . . [6.00.2900.5853] . . c:\windows\system32\shsvcs.dll

[-] 2009-07-27 . C5684B98920F9BA98D6A33701CA816E6 . 135168 . . [6.00.2900.5853] . . c:\windows\system32\dllcache\shsvcs.dll

[-] 2009-07-27 . 998E90D8481C90E58CC10E36D043B389 . 135168 . . [6.00.2900.5853] . . c:\windows\$hf_mig$\KB971029\SP3QFE\shsvcs.dll

[7] 2008-04-14 . 187CA499EBD287E7BBAC5B9B7AA9321E . 135168 . . [6.00.2900.5512] . . c:\windows\$NtUninstallKB971029$\shsvcs.dll

[7] 2008-04-14 . 187CA499EBD287E7BBAC5B9B7AA9321E . 135168 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\shsvcs.dll

[-] 2006-12-19 . 78540AE1B56906461A65933F044811DA . 134656 . . [6.00.2900.3051] . . c:\windows\$NtServicePackUninstall$\shsvcs.dll

[-] 2006-12-19 . 913E3CEA1A61BD60B370A2759638DE18 . 135168 . . [6.00.2900.3051] . . c:\windows\$hf_mig$\KB928255\SP2QFE\shsvcs.dll

[7] 2004-08-04 . 6004C5BFB151EC97A40118623F9AFCAD . 134656 . . [6.00.2900.2180] . . c:\windows\$NtUninstallKB928255$\shsvcs.dll

.

[-] 2010-12-09 . 5B1E95F0BFCA17B6BBC9C3680465901D . 722944 . . [5.1.2600.6055] . . c:\windows\$hf_mig$\KB2393802\SP3QFE\ntdll.dll

[-] 2010-12-09 . 5BC1993725DB00A08A1DB20A5F4A316B . 722944 . . [5.1.2600.6055] . . c:\windows\system32\ntdll.dll

[-] 2010-12-09 . 5BC1993725DB00A08A1DB20A5F4A316B . 722944 . . [5.1.2600.6055] . . c:\windows\system32\dllcache\ntdll.dll

[-] 2009-02-09 . 38C10EABECA5C309CDA8FC48CB1D258A . 719872 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntdll.dll

[-] 2009-02-09 . 03742DE0FEC03F6C24C8C8C4EBE2576B . 719360 . . [5.1.2600.5755] . . c:\windows\$NtUninstallKB2393802$\ntdll.dll

[7] 2008-04-14 . ABDED12ACB0B22F962BDA13438AC6F95 . 710656 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956572$\ntdll.dll

[7] 2008-04-14 . ABDED12ACB0B22F962BDA13438AC6F95 . 710656 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ntdll.dll

[7] 2004-08-04 . 62E427500BDE808E7B1A4FFFFAA8EE83 . 712704 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\ntdll.dll

.

[-] 2009-02-27 . 698E2BFCCDF0FBABD9C020C254E609B4 . 177152 . . [5.1.2600.5768] . . c:\windows\system32\msctfime.ime

[-] 2009-02-27 . 698E2BFCCDF0FBABD9C020C254E609B4 . 177152 . . [5.1.2600.5768] . . c:\windows\system32\dllcache\msctfime.ime

[-] 2009-02-27 . F3CD6995AC59BC969D6A34785EA24B0C . 177152 . . [5.1.2600.5768] . . c:\windows\$hf_mig$\KB961503\SP3QFE\msctfime.ime

[7] 2008-04-14 . 06005EACA50CFB8C8D2A1169F323EAA5 . 177152 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB961503$\msctfime.ime

[7] 2008-04-14 . 06005EACA50CFB8C8D2A1169F323EAA5 . 177152 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\msctfime.ime

[7] 2004-08-04 . 721B80470EAD67A29D144A906862B4AB . 177152 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\msctfime.ime

.

[-] 2010-09-18 07:18 . 65930F8E17C7345BD5EF051390AFEC53 . 953856 . . [4.1.6151] . . c:\windows\$hf_mig$\KB2387149\SP3QFE\mfc40u.dll

[-] 2010-09-18 06:53 . DA894D4B8624F84C98125D70ADF0E7F4 . 953856 . . [4.1.6151] . . c:\windows\system32\mfc40u.dll

[-] 2010-09-18 06:53 . DA894D4B8624F84C98125D70ADF0E7F4 . 953856 . . [4.1.6151] . . c:\windows\system32\dllcache\mfc40u.dll

[7] 2008-04-14 16:04 . DC16E39186F6B5D854FA8EB98E71268B . 927504 . . [4.1.0.61] . . c:\windows\$NtUninstallKB2387149$\mfc40u.dll

[7] 2008-04-14 16:04 . DC16E39186F6B5D854FA8EB98E71268B . 927504 . . [4.1.0.61] . . c:\windows\ServicePackFiles\i386\mfc40u.dll

[-] 2006-11-01 19:19 . EB6534E13E970E26571C3D07533BD386 . 927504 . . [4.1.0.61] . . c:\windows\$NtServicePackUninstall$\mfc40u.dll

[-] 2004-08-04 12:00 . 17A3CC1BC2399BBED2BE084295F410FB . 924432 . . [4.1.6140] . . c:\windows\$NtUninstallKB924667$\mfc40u.dll

.

[-] 2012-08-23 . 44AE3D2F42041B3378C8E5D0DE6471BE . 2070400 . . [5.1.2600.6284] . . c:\windows\Driver Cache\i386\ntkrnlpa.exe

[-] 2012-08-23 . 44AE3D2F42041B3378C8E5D0DE6471BE . 2070400 . . [5.1.2600.6284] . . c:\windows\system32\ntkrnlpa.exe

[-] 2012-08-23 . 44AE3D2F42041B3378C8E5D0DE6471BE . 2070400 . . [5.1.2600.6284] . . c:\windows\system32\dllcache\ntkrnlpa.exe

[-] 2012-08-23 . 8BBC1990299B82655616AB4BB23DD24F . 2070400 . . [5.1.2600.6284] . . c:\windows\$hf_mig$\KB2724197\SP3QFE\ntkrnlpa.exe

[-] 2012-05-05 . 467023E098F0D82A535BE48096BB0139 . 2069888 . . [5.1.2600.6223] . . c:\windows\$NtUninstallKB2724197$\ntkrnlpa.exe

[-] 2012-05-05 . 74897FD5EB3462BDA2CC0A26B98B5B23 . 2069888 . . [5.1.2600.6223] . . c:\windows\$hf_mig$\KB2707511\SP3QFE\ntkrnlpa.exe

[-] 2012-04-11 . D0195F8822D77348065A08E3D4147A76 . 2069888 . . [5.1.2600.6206] . . c:\windows\$NtUninstallKB2707511$\ntkrnlpa.exe

[-] 2012-04-11 . 660C06D91D6DD52040DA61E973B3E85E . 2069888 . . [5.1.2600.6206] . . c:\windows\$hf_mig$\KB2676562\SP3QFE\ntkrnlpa.exe

[-] 2011-10-26 . DFD92451DB3FBE376299275FD1044319 . 2070144 . . [5.1.2600.6165] . . c:\windows\$NtUninstallKB2676562$\ntkrnlpa.exe

[-] 2011-10-26 . 7DFF931ADB672D01B8C9B76E779CBCA5 . 2070144 . . [5.1.2600.6165] . . c:\windows\$hf_mig$\KB2633171\SP3QFE\ntkrnlpa.exe

[-] 2010-12-09 . 2DDA992BE16169D512B3508678306BEB . 2070144 . . [5.1.2600.6055] . . c:\windows\$hf_mig$\KB2393802\SP3QFE\ntkrnlpa.exe

[-] 2010-12-09 . 6D91CD8258E43A265CC1B7C7CBC61E51 . 2070144 . . [5.1.2600.6055] . . c:\windows\$NtUninstallKB2633171$\ntkrnlpa.exe

[-] 2010-04-28 . D7D77FCFC8F1E32F333223E1AE6D504B . 2067712 . . [5.1.2600.5973] . . c:\windows\$hf_mig$\KB981852\SP3QFE\ntkrnlpa.exe

[-] 2010-04-28 . 945D4BAE71F6E2984B902DB7B78CD2EF . 2067584 . . [5.1.2600.5973] . . c:\windows\$NtUninstallKB2393802$\ntkrnlpa.exe

[-] 2010-02-16 . 98F44909395DBBA201CC3D8CC6B806FF . 2067584 . . [5.1.2600.5938] . . c:\windows\$NtUninstallKB981852$\ntkrnlpa.exe

[-] 2010-02-16 . C09CEBB151A9C533BC5083F3AEDAD0A0 . 2067712 . . [5.1.2600.5938] . . c:\windows\$hf_mig$\KB979683\SP3QFE\ntkrnlpa.exe

[-] 2009-12-09 . 343D35310C693845A6F0FBFCCEE6F6ED . 2066944 . . [5.1.2600.5913] . . c:\windows\$hf_mig$\KB977165\SP3QFE\ntkrnlpa.exe

[-] 2009-12-09 . 25318C35A78B1BF74EE31B2783DD6458 . 2066816 . . [5.1.2600.5913] . . c:\windows\$NtUninstallKB979683$\ntkrnlpa.exe

[-] 2009-08-04 . 6568FBFE68FA181B3062896882FFECC0 . 2066944 . . [5.1.2600.5857] . . c:\windows\$hf_mig$\KB971486\SP3QFE\ntkrnlpa.exe

[-] 2009-08-04 . 4BFD69ACC0613A10C1DFC40035C11C14 . 2066816 . . [5.1.2600.5857] . . c:\windows\$NtUninstallKB977165$\ntkrnlpa.exe

[-] 2009-02-10 . 81C4A213E88283B5C1989BE75E333815 . 2066816 . . [5.1.2600.5755] . . c:\windows\$NtUninstallKB971486$\ntkrnlpa.exe

[-] 2009-02-09 . 4F791E49AE659E3A0E148F88D887401D . 2066944 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntkrnlpa.exe

[-] 2008-08-14 . 238671F196B8CDBC299AF346BF4F3E22 . 2066816 . . [5.1.2600.5657] . . c:\windows\$hf_mig$\KB956841\SP3QFE\ntkrnlpa.exe

[-] 2008-08-14 . 897CC962A35C98418683D098A271A916 . 2058496 . . [5.1.2600.3427] . . c:\windows\$NtServicePackUninstall$\ntkrnlpa.exe

[-] 2008-08-14 . 4FEC2C19D1B0E3DC34B8964D52E4CA96 . 2063744 . . [5.1.2600.3427] . . c:\windows\$hf_mig$\KB956841\SP2QFE\ntkrnlpa.exe

[-] 2008-08-14 . C459BEF10516F38C623AFF19896FD6A4 . 2066816 . . [5.1.2600.5657] . . c:\windows\$hf_mig$\KB956841\SP3GDR\ntkrnlpa.exe

[-] 2008-08-14 . C459BEF10516F38C623AFF19896FD6A4 . 2066816 . . [5.1.2600.5657] . . c:\windows\$NtUninstallKB956572$\ntkrnlpa.exe

[7] 2008-04-14 . 559891E5A025A92AC648D4A85EA757C5 . 2066688 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956841$\ntkrnlpa.exe

[7] 2008-04-14 . 559891E5A025A92AC648D4A85EA757C5 . 2066688 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ntkrnlpa.exe

[-] 2007-02-28 . 80691B07CAC39B56DFB2DF5ABE78F18E . 2060160 . . [5.1.2600.3093] . . c:\windows\$hf_mig$\KB931784\SP2QFE\ntkrnlpa.exe

[-] 2007-02-28 . 4FEFD3871A8FC2B3B1CA780ABAAA9DC3 . 2058368 . . [5.1.2600.3093] . . c:\windows\$NtUninstallKB956841_0$\ntkrnlpa.exe

[-] 2006-12-19 . 629B04AA1544239F6A40F07658F858EA . 2060160 . . [5.1.2600.3051] . . c:\windows\$hf_mig$\KB929338\SP2QFE\ntkrnlpa.exe

[-] 2006-12-19 . 43CCAAAA3943CAA583F67A3BFF56E1F6 . 2058368 . . [5.1.2600.3051] . . c:\windows\$NtUninstallKB931784$\ntkrnlpa.exe

[-] 2005-03-02 . 31D7044BCD9ABEBC6082E5ACAD95ADBB . 2057728 . . [5.1.2600.2622] . . c:\windows\$hf_mig$\KB890859\SP2QFE\ntkrnlpa.exe

[-] 2005-03-02 . 659D508859419CD1C5000E82337BE48E . 2057600 . . [5.1.2600.2622] . . c:\windows\$NtUninstallKB929338$\ntkrnlpa.exe

[7] 2004-08-04 . ACF426AC8F877FF7662C88338638F47F . 2057600 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB890859$\ntkrnlpa.exe

.

[-] 2012-08-23 . 2074A38959C8AC05F73F52BC43E73EFD . 2193664 . . [5.1.2600.6284] . . c:\windows\Driver Cache\i386\ntoskrnl.exe

[-] 2012-08-23 . 2074A38959C8AC05F73F52BC43E73EFD . 2193664 . . [5.1.2600.6284] . . c:\windows\system32\ntoskrnl.exe

[-] 2012-08-23 . 2074A38959C8AC05F73F52BC43E73EFD . 2193664 . . [5.1.2600.6284] . . c:\windows\system32\dllcache\ntoskrnl.exe

[-] 2012-08-23 . 8489951701C4BF3B23D776AE145AC2FD . 2193792 . . [5.1.2600.6284] . . c:\windows\$hf_mig$\KB2724197\SP3QFE\ntoskrnl.exe

[-] 2012-05-05 . 4C4D0E0BCF493F2742287BD0CE48980C . 2193408 . . [5.1.2600.6223] . . c:\windows\$NtUninstallKB2724197$\ntoskrnl.exe

[-] 2012-05-05 . B647074F7A64377AFE0F951FD55EA2B8 . 2193408 . . [5.1.2600.6223] . . c:\windows\$hf_mig$\KB2707511\SP3QFE\ntoskrnl.exe

[-] 2012-04-11 . 04CCF06E7C7952567F76035E5568AE02 . 2193408 . . [5.1.2600.6206] . . c:\windows\$NtUninstallKB2707511$\ntoskrnl.exe

[-] 2012-04-11 . F664C180A547F9D29BE5B498B8E872BB . 2193408 . . [5.1.2600.6206] . . c:\windows\$hf_mig$\KB2676562\SP3QFE\ntoskrnl.exe

[-] 2011-10-26 . 1C621D7F8BE00DEB4A82B990CEA162C8 . 2193536 . . [5.1.2600.6165] . . c:\windows\$NtUninstallKB2676562$\ntoskrnl.exe

[-] 2011-10-26 . 1366097E5DAE8EBC141C44D082832D02 . 2193536 . . [5.1.2600.6165] . . c:\windows\$hf_mig$\KB2633171\SP3QFE\ntoskrnl.exe

[-] 2010-12-09 . BA0C225987DB410F562007EE260CB846 . 2193536 . . [5.1.2600.6055] . . c:\windows\$hf_mig$\KB2393802\SP3QFE\ntoskrnl.exe

[-] 2010-12-09 . DE80E0213637C84C31D61D2AB73DDE5F . 2193536 . . [5.1.2600.6055] . . c:\windows\$NtUninstallKB2633171$\ntoskrnl.exe

[-] 2010-04-28 . 30663D0B0630CC784B0693B8BE9FD491 . 2190720 . . [5.1.2600.5973] . . c:\windows\$NtUninstallKB2393802$\ntoskrnl.exe

[-] 2010-04-28 . 60D5FD1F930768CB59206E2B45303A95 . 2190848 . . [5.1.2600.5973] . . c:\windows\$hf_mig$\KB981852\SP3QFE\ntoskrnl.exe

[-] 2010-02-17 . B1AAA4585EE147BF28C3C8B5E81A43BF . 2190720 . . [5.1.2600.5938] . . c:\windows\$NtUninstallKB981852$\ntoskrnl.exe

[-] 2010-02-16 . D3FFE35F0B525CBDDB8F84124BB75B7D . 2190848 . . [5.1.2600.5938] . . c:\windows\$hf_mig$\KB979683\SP3QFE\ntoskrnl.exe

[-] 2009-12-09 . C1D460C98586653DE8F3DF4487B1C40A . 2190080 . . [5.1.2600.5913] . . c:\windows\$hf_mig$\KB977165\SP3QFE\ntoskrnl.exe

[-] 2009-12-09 . 5455BC01E754F1E1E1EA0C61586F1A18 . 2189952 . . [5.1.2600.5913] . . c:\windows\$NtUninstallKB979683$\ntoskrnl.exe

[-] 2009-08-04 . 53165A6B9BFE84A494F5C31EC00689FD . 2189952 . . [5.1.2600.5857] . . c:\windows\$NtUninstallKB977165$\ntoskrnl.exe

[-] 2009-08-04 . A6C4211F1A258869C05378DC60B97E61 . 2190080 . . [5.1.2600.5857] . . c:\windows\$hf_mig$\KB971486\SP3QFE\ntoskrnl.exe

[-] 2009-02-10 . A9B77A48089BA2B465243F757EDB3691 . 2189952 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntoskrnl.exe

[-] 2009-02-09 . 9997BBBC842F134DB32321E1618572C8 . 2189824 . . [5.1.2600.5755] . . c:\windows\$NtUninstallKB971486$\ntoskrnl.exe

[-] 2008-08-14 . 1A43A9EF689A90E3D914FAC8BB71C084 . 2189952 . . [5.1.2600.5657] . . c:\windows\$hf_mig$\KB956841\SP3QFE\ntoskrnl.exe

[-] 2008-08-14 . 03678CFD07852F871A030412F7BB6162 . 2181120 . . [5.1.2600.3427] . . c:\windows\$NtServicePackUninstall$\ntoskrnl.exe

[-] 2008-08-14 . 9B622D448C4B361652AEBB55D7E43960 . 2186752 . . [5.1.2600.3427] . . c:\windows\$hf_mig$\KB956841\SP2QFE\ntoskrnl.exe

[-] 2008-08-14 . C42BA728A89A8394B8F21B7133635D18 . 2189952 . . [5.1.2600.5657] . . c:\windows\$hf_mig$\KB956841\SP3GDR\ntoskrnl.exe

[-] 2008-08-14 . C42BA728A89A8394B8F21B7133635D18 . 2189952 . . [5.1.2600.5657] . . c:\windows\$NtUninstallKB956572$\ntoskrnl.exe

[7] 2008-04-14 . 141A27527788DD5CE5C3D85BB937EE5E . 2189824 . . [5.1.2600.5512] . . c:\windows\$NtUninstallKB956841$\ntoskrnl.exe

[7] 2008-04-14 . 141A27527788DD5CE5C3D85BB937EE5E . 2189824 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\ntoskrnl.exe

[-] 2007-02-28 . 7BD1227FC18FADAF2433E72A20F65536 . 2182912 . . [5.1.2600.3093] . . c:\windows\$hf_mig$\KB931784\SP2QFE\ntoskrnl.exe

[-] 2007-02-28 . 34F0C0B294EFC4B1CDA85631841A2582 . 2181120 . . [5.1.2600.3093] . . c:\windows\$NtUninstallKB956841_0$\ntoskrnl.exe

[-] 2006-12-19 . 2E12AE64594FB5EBDD5AB63403CE2F62 . 2182784 . . [5.1.2600.3051] . . c:\windows\$hf_mig$\KB929338\SP2QFE\ntoskrnl.exe

[-] 2006-12-19 . 9D60A3B2B71FDABE2F639EED64F56FD2 . 2181120 . . [5.1.2600.3051] . . c:\windows\$NtUninstallKB931784$\ntoskrnl.exe

.

(((((((((((((((((((((((((((((((((( Startpunkter i registret )))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Not* tomma poster & legitima standardposter visas inte.

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Spotify Web Helper"="c:\program\Spotify\Data\SpotifyWebHelper.exe" [2012-10-28 1199576]

"spotimote"="c:\program\spotimote\spotimote.exe" [2012-07-05 1155584]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Ad-Aware Antivirus"="c:\program\Ad-Aware Antivirus\AdAwareLauncher --windows-run" [X]

"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2005-10-10 7286784]

"ISUSScheduler"="c:\program\Delade filer\InstallShield\UpdateService\issch.exe" [2005-02-16 81920]

"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2005-10-10 86016]

"AVG_TRAY"="c:\program\AVG\AVG2012\avgtray.exe" [2012-07-31 2596984]

"DivXUpdate"="c:\program\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]

"APSDaemon"="c:\program\Delade filer\Apple\Apple Application Support\APSDaemon.exe" [2012-10-11 59280]

"QuickTime Task"="c:\program\K-Lite Codec Pack\QuickTime\QTTask.exe" [2012-10-25 421888]

.

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

.

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]

"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program\SUPERAntiSpyware\SASSEH.DLL" [2011-03-06 77824]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]

2011-03-06 20:29 548352 ----a-w- c:\program\SUPERAntiSpyware\SASWINLO.DLL

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]

BootExecute REG_MULTI_SZ autocheck autochk *\0bootdelete\0c:\program\AVG\AVG2012\avgrsx.exe /sync /restart

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ad-Aware Service]

@="Ad-Aware Service"

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer]

@="Service"

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SBAMSvc]

@="Service"

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice]

@=""

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice]

@=""

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

@="Driver"

.

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start-meny^Program^Autostart^Kör Registreringsverktyg för Nintendo Wi-Fi USB Connector.lnk]

path=c:\documents and settings\All Users\Start-meny\Program\Autostart\Kör Registreringsverktyg för Nintendo Wi-Fi USB Connector.lnk

backup=c:\windows\pss\Kör Registreringsverktyg för Nintendo Wi-Fi USB Connector.lnkCommon Startup

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSuiteTrayApplication

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PhilipsDM

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PhilipsLime

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]

2008-04-14 16:05 15360 ----a-w- c:\windows\system32\ctfmon.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\e-kort]

2008-12-11 12:14 377856 ----a-w- c:\program\ekort\ekort.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISTray]

2008-12-08 11:33 1173384 -c--a-w- c:\program\Spyware Doctor\pctsTray.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes Anti-Malware (reboot)]

2012-12-14 15:49 824232 ----a-w- c:\program\Malwarebytes' Anti-Malware\mbam.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]

2008-04-14 16:05 1695232 ------w- c:\program\Messenger\msmsgs.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NVMixerTray]

2004-06-03 18:51 131072 -c--a-w- c:\program\NVIDIA Corporation\NvMixer\NvMixerTray.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]

2005-10-10 19:49 1519616 ----a-w- c:\windows\system32\nwiz.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

2012-10-25 02:12 421888 ----a-w- c:\program\K-Lite Codec Pack\QuickTime\QTTask.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Companion]

2010-11-04 16:30 423632 ----a-w- c:\program\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Uniblue RegistryBooster 2]

2008-07-23 11:16 1927448 ----a-w- c:\program\Uniblue\RegistryBooster 2\RegistryBooster.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]

"iPod Service"=3 (0x3)

"Bonjour Service"=2 (0x2)

"Apple Mobile Device"=2 (0x2)

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"c:\\Program\\spotimote\\spotimote.exe"=

"c:\\Documents and Settings\\Patric\\Application Data\\uTorrent\\uTorrent.exe"=

"c:\\Program\\uTorrent\\uTorrent.exe"=

"c:\\Program\\Spotify\\spotify.exe"=

.

R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2012-04-19 24896]

R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2010-09-07 31952]

R0 d347bus;d347bus;c:\windows\system32\drivers\d347bus.sys [2005-08-15 155136]

R0 d347prt;d347prt;c:\windows\system32\drivers\d347prt.sys [2005-08-15 5248]

R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [2009-05-03 130936]

R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2010-09-07 237408]

R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2010-11-09 301920]

R1 SASDIFSV;SASDIFSV;c:\program\SUPERAntiSpyware\SASDIFSV.SYS [2006-10-10 12872]

R1 SASKUTIL;SASKUTIL;c:\program\SUPERAntiSpyware\SASKUTIL.SYS [2007-02-27 67656]

R1 sbaphd;sbaphd;c:\windows\system32\drivers\sbaphd.sys [2013-01-10 22064]

R2 Ad-Aware Service;Ad-Aware Service;c:\program\Ad-Aware Antivirus\AdAwareService.exe [2012-12-14 1236968]

R2 AVGIDSAgent;AVGIDSAgent;c:\program\AVG\AVG2012\avgidsagent.exe [2012-08-13 5167736]

R2 avgwd;AVG WatchDog;c:\program\AVG\AVG2012\avgwdsvc.exe [2012-02-14 193288]

R2 SBAMSvc;Ad-Aware;c:\program\Ad-Aware Antivirus\SBAMSvc.exe [2012-09-20 3677000]

R2 sbapifs;sbapifs;c:\windows\system32\drivers\sbapifs.sys [2013-01-10 66344]

R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2011-12-23 139856]

R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\avgidsfilterx.sys [2011-12-23 24144]

R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2011-12-23 17232]

S3 gfiark;gfiark;c:\windows\system32\drivers\gfiark.sys [2013-01-10 33616]

S3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\drivers\ggflt.sys [2010-11-24 13224]

S3 hitmanpro3;Hitman Pro 3 Support Driver;\??\c:\windows\system32\drivers\hitmanpro3.sys --> c:\windows\system32\drivers\hitmanpro3.sys [?]

S3 SASENUM;SASENUM;c:\program\SUPERAntiSpyware\SASENUM.SYS [2006-02-16 12872]

S3 Sony Ericsson PCCompanion;Sony Ericsson PCCompanion;c:\program\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe [2010-07-14 155344]

S3 Tetris;Tetris driver; [x]

.

--- Övriga tjänster/drivrutiner i minnet ---

.

*NewlyCreated* - WS2IFSL

.

Innehåll i mappen 'Schemalagda aktiviteter':

.

2013-01-10 c:\windows\Tasks\Ad-Aware Antivirus Scheduled Scan.job

- c:\program\AD-AWA~1\AdAwareLauncher.exe [2012-12-14 19:38]

.

2013-01-14 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-04 21:26]

.

2012-12-10 c:\windows\Tasks\AppleSoftwareUpdate.job

- c:\program\Apple Software Update\SoftwareUpdate.exe [2011-06-01 15:57]

.

.

------- Extra genomsökning -------

.

uStart Page = hxxp://www.neogaf.com/forum/forumdisplay.php?f=2

IE: E&xportera till Microsoft Excel - c:\program\MICROS~3\OFFICE11\EXCEL.EXE/3000

TCP: DhcpNameServer = 192.168.1.1

DPF: {C36112BF-2FA3-4694-8603-3B510EA3B465} - hxxp://f012.mail.spray.se/app/uploader/FileUploader.cab

FF - ProfilePath - c:\documents and settings\Patric\Application Data\Mozilla\Firefox\Profiles\b17mrj79.default\

FF - prefs.js: browser.search.selectedEngine - Privitize VPN

FF - prefs.js: browser.startup.homepage - hxxp://searchab.com/?aff=7&uid=b5f9c8f3-5110-11e2-84a0-0013463bf0f0

FF - prefs.js: keyword.URL - hxxp://searchab.com/?aff=7&uid=b5f9c8f3-5110-11e2-84a0-0013463bf0f0&q=

FF - ExtSQL: 2013-01-10 17:43; 50ddd5ef209ae@50ddd5ef209e7.com; c:\documents and settings\Patric\Application Data\Mozilla\Firefox\Profiles\b17mrj79.default\extensions\50ddd5ef209ae@50ddd5ef209e7.com

FF - ExtSQL: !HIDDEN! 2010-07-17 17:40; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension

.

- - - - FÖRÄLDRALÖSA POSTER SOM TAGITS BORT - - - -

.

HKLM-Run-ROC_ROC_NT - c:\program\AVG Secure Search\ROC_ROC_NT.exe

MSConfigStartUp-SunJavaUpdateSched - c:\program\Java\jre1.6.0_07\bin\jusched.exe

.

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2013-01-14 18:16

Windows 5.1.2600 Service Pack 3 NTFS

.

scanning hidden processes ...

.

scanning hidden autostart entries ...

.

scanning hidden files ...

.

scan completed successfully

hidden files: 0

.

**************************************************************************

.

--------------------- LÅSTA REGISTERNYCKLAR ---------------------

.

[HKEY_USERS\S-1-5-21-2503852333-4071263462-3290426511-1005\Software\Microsoft\SystemCertificates\AddressBook*]

@Allowed: (Read) (RestrictedCode)

@Allowed: (Read) (RestrictedCode)

.

[HKEY_USERS\S-1-5-21-2503852333-4071263462-3290426511-1005\Software\SecuROM\License information*]

"datasecu"=hex:22,4c,9f,f4,7c,52,a9,88,ed,35,3a,b0,17,6d,e1,4d,d5,cf,34,99,61,

97,df,f7,4c,f0,aa,96,e1,fb,2e,9c,fb,02,ff,e2,e6,d2,6a,e1,df,b2,01,bc,6e,f3,\

"rkeysecu"=hex:70,da,eb,38,80,0c,6e,ab,7d,59,fb,e6,64,1a,9a,a3

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\€–€|ÿÿÿÿÀ•€|ù•6~*]

"D140210900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"

.

--------------------- DLL'er som "laddats" under processer som körs ---------------------

.

- - - - - - - > 'winlogon.exe'(1120)

c:\program\SUPERAntiSpyware\SASWINLO.DLL

.

- - - - - - - > 'explorer.exe'(1784)

c:\program\spotimote\msgdll.dll

c:\windows\system32\msi.dll

c:\windows\system32\webcheck.dll

c:\windows\system32\WPDShServiceObj.dll

c:\windows\system32\PortableDeviceTypes.dll

c:\windows\system32\PortableDeviceApi.dll

.

------------------------ Andra processer som körs ------------------------

.

c:\program\AVG\AVG2012\avgrsx.exe

c:\program\AVG\AVG2012\avgcsrvx.exe

c:\program\Delade filer\Microsoft Shared\VS7DEBUG\MDM.EXE

c:\windows\system32\nvsvc32.exe

c:\program\AVG\AVG2012\avgnsx.exe

c:\program\AVG\AVG2012\avgemcx.exe

c:\program\AD-AWA~1\AdAware.exe

.

**************************************************************************

.

Sluttid: 2013-01-14 18:35:41 - datorn startades om.

ComboFix-quarantined-files.txt 2013-01-14 17:35

.

Före genomsökningen: 11 791 147 008 byte ledigt

Efter genomsökningen: 12 230 336 512 byte ledigt

.

WindowsXP-KB310994-SP2-Home-BootDisk-SVE.exe

[boot loader]

timeout=2

default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS

[operating systems]

c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons

UnsupportedDebug="do not select this" /debug

multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect

.

- - End Of File - - 0DEF8AA6A744EA5EBA09383DF1F35054

Redigerad av drum_man32

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser
Laston

Hej! Trodde nog att AVG skulle ha lärt sig om ComboFix,du gjorde helt rätt!!

Ok ser att ditt system är i väldigt dåligt skick trots allt som nu ComboFix åtgärdade,tveksamt att det går att rädda tyvärr!

 

Vi kollar med ett annat verktyg också:

 

Spara aswMBR på skrivbordet: http://public.avast.com/~gmerek/aswMBR.exe

Starta om datorn och låt bli att starta några program.

Dubbel-klicka på aswMBR.exe för att köra programmet.

Klicka på Scan-knappen för att börja genomsökningen.

När den är klar så spara (Save) loggen på skrivbordet.

Klistra in loggen i ditt svar här.

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser
drum_man32

På vilket sätt är det i dåligt skick? Att den är slö? För spyware o sån annan skit har den väl fått bort det mesta nu.

Postar nya loggen här inom kort.

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser
Laston

Jo det finns poster där som tyder på mer infektioner eller andra problem med en hel del systemfiler

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser
drum_man32

Okej! Jag litar på dig! :)

Här är loggen:

 

aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software

Run date: 2013-01-14 19:45:16

-----------------------------

19:45:16.921 OS Version: Windows 5.1.2600 Service Pack 3

19:45:16.921 Number of processors: 1 586 0xC00

19:45:16.921 ComputerName: MAGNUM UserName: Patric

19:45:18.296 Initialize success

19:49:29.312 AVAST engine defs: 13011401

19:54:46.375 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000007f

19:54:46.390 Disk 0 Vendor: HDS728080PLA380 PF2OA50D Size: 78533MB BusType: 3

19:54:46.390 Device \Driver\nvatabus -> MajorFunction 868d5930

19:54:46.406 Disk 0 MBR read successfully

19:54:46.421 Disk 0 MBR scan

19:54:46.546 Disk 0 Windows XP default MBR code

19:54:46.562 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 78520 MB offset 63

19:54:46.593 Disk 0 scanning sectors +160810650

19:54:46.703 Disk 0 scanning C:\WINDOWS\system32\drivers

19:55:19.687 Service scanning

19:55:55.359 Modules scanning

19:56:11.234 Module: C:\WINDOWS\system32\ntdll.dll **SUSPICIOUS**

19:56:11.265 Disk 0 trace - called modules:

19:56:11.296 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll >>UNKNOWN [0x868d5930]<<

19:56:11.312 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86c9aab8]

19:56:11.328 3 CLASSPNP.SYS[f767cfd7] -> nt!IofCallDriver -> \Device\00000080[0x86d7df18]

19:56:11.343 5 ACPI.sys[f74cd620] -> nt!IofCallDriver -> \Device\0000007f[0x86d7d030]

19:56:11.359 \Driver\nvatabus[0x86d7ec30] -> IRP_MJ_CREATE -> 0x868d5930

19:56:14.390 AVAST engine scan C:\WINDOWS

19:56:35.234 AVAST engine scan C:\WINDOWS\system32

20:04:05.812 AVAST engine scan C:\WINDOWS\system32\drivers

20:04:35.031 AVAST engine scan C:\Documents and Settings\Patric

20:19:49.921 AVAST engine scan C:\Documents and Settings\All Users

20:25:22.109 Scan finished successfully

20:27:18.625 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Patric\Skrivbord\MBR.dat"

20:27:18.640 The log file has been saved successfully to "C:\Documents and Settings\Patric\Skrivbord\aswMBR.txt"

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser
Laston

Även detta verktyg larmar om vissa filer som misstänkta :(

 

1.Gå till nedanstående sida:

http://www.virustotal.com/

 

t_LgwChUDoT.gif

1: Kopiera/Klistra in ett av följande filnamn i text-fältet bredvid Bläddra-knappen

(ELLER använd Bläddra-knappen och navigera dig fram enligt nedanstående sökväg/sökvägar)

 

C:\WINDOWS\system32\ntdll.dll

c:\windows\system32\services.exe

c:\windows\system32\browser.dll

 

t_SyNnkiqad.gif

2: Klicka på Skicka Fil och vänta tills resultatet är klart (Närvarande status blir genomförd).

3: Klistra in resultatet från de olika antivirusprogrammen (inkl. filstorlek) här till din tråd (dock ej Övrig information)

Upprepa med nästa filnamn

 

2.Spara TDSSKiller på Skrivbordet:

http://support.kaspe.../tdsskiller.exe

Stäng av dina vanliga program, men du kan lämna antivirusprogram och liknande igång.

Kör programmet TDSSKiller.exe.

 

Klicka på Start Scan.

 

Om några malicious hittas så välj Cure och klicka på Continue. Om inte Cure finns så välj Skip. Om några suspicious hittas så välj Skip och klicka på Continue. Välj INTE Quarantine eller Delete. Eventuellt behöver datorn startas om.

 

Klistra in innehållet i loggen som du hittar i C:\ med namnet TDSSKiller följt av version och tidpunkt.

Redigerad av Laston

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser
drum_man32

C:\WINDOWS\system32\ntdll.dll

SHA256: 9c04d5b238a464a1a7d8b9f10ed19a35bfe67d02c0db057a8b82e7505d33541a

SHA1: ee79329f6c68ea0743c373fd4c91ba81c421206b

MD5: 5bc1993725db00a08a1db20a5f4a316b

File size: 706.0 kB ( 722944 bytes )

File name: ntdll.dll

File type: Win32 DLL

Detection ratio: 0 / 46

Analysis date: 2013-01-16 18:31:31 UTC ( 0 minuter ago )

 

c:\windows\system32\services.exe

SHA256: da4b702e4941b34aeb82e8a890d09d9718dfd255cbcdbc3daca4165ea851db2f

File name: services.exe

Detection ratio: 0 / 46

Analysis date: 2013-01-16 18:35:11 UTC ( 0 minuter ago )

 

c:\windows\system32\browser.dll

SHA256: 9e378758dd1eb820dc8f15396b81a18f66eed074f4f06781af5d0a2fa33f7189

File name: browser.dll

Detection ratio: 0 / 46

Analysis date: 2013-01-16 18:36:25 UTC ( 0 minuter ago )

 

TDSSKiller hittade inget alls.

Redigerad av drum_man32

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

Skapa ett konto eller logga in för att kommentera

Du måste vara medlem för att kunna kommentera

Skapa ett konto

Skapa ett nytt konto på vårt forum. Det är lätt!

Registrera ett nytt konto

Logga in

Redan medlem? Logga in här.

Logga in nu×
×
  • Skapa nytt...