tobler0ne Skrevet 19. juni 2009 Del Skrevet 19. juni 2009 (endret) Heio. Føler at PCen har gått tregt etter at jeg lastet ned noe, som førte til at AVG rapporterte trojaner. Det fulgte med et dokument der det stod at AVG bladnt flere AV-programmer ville varsle om en false positive av akkurat denne trojaneren, så jeg lot det bare gå. I det siste har dog PCen virket litt treg, skjermspareren blitt endret en gang, og siste innskudd var at enkelte bokstavtaster på tastaturet ble byttet ut med tall når jeg brukte dem (fikset med systemgjennoppretting). Derfor tenkte jeg dere kunne ta en ny titt på logger fra PCen min? MBAM: Klikk for å se/fjerne innholdet nedenfor Malwarebytes' Anti-Malware 1.34Databaseversjon: 1773 Windows 6.0.6001 Service Pack 1 19.06.2009 21:11:18 mbam-log-2009-06-19 (21-11-18).txt Skanntype: Rask Skann Objekter skannet: 59499 Tid tilbakelagt: 5 minute(s), 44 second(s) Minneprosesser infisert: 0 Minnemoduler infisert: 0 Registernøkler infisert: 0 Registerverdier infisert: 0 Registerfiler infisert: 0 Mapper infisert: 0 Filer infisert: 0 Minneprosesser infisert: (Ingen mistenkelige filer funnet) Minnemoduler infisert: (Ingen mistenkelige filer funnet) Registernøkler infisert: (Ingen mistenkelige filer funnet) Registerverdier infisert: (Ingen mistenkelige filer funnet) Registerfiler infisert: (Ingen mistenkelige filer funnet) Mapper infisert: (Ingen mistenkelige filer funnet) Filer infisert: (Ingen mistenkelige filer funnet) ComboFix: Klikk for å se/fjerne innholdet nedenfor ComboFix 09-06-18.02 - Torbjørn 19.06.2009 21:38.5 - NTFSx86Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.47.1044.18.2046.1002 [GMT 2:00] Kjører fra: c:\users\Torbjørn\Desktop\ComboFix.exe AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF} SP: AVG Anti-Virus Free *enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF} SP: Lavasoft Ad-Watch Live! *disabled* (Updated) {67844DAE-4F77-4D69-9457-98E8CFFDAA22} SP: Spybot - Search and Destroy *enabled* (Updated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9} SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46} . ((((((((((((((((((((((((((( Filer Opprettet Fra 2009-05-19 til 2009-06-19 ))))))))))))))))))))))))))))))))) . 2009-06-11 19:20 . 2009-06-11 19:20 -------- d-----w- c:\program files\VstPlugins 2009-06-11 19:20 . 2006-06-20 08:56 225280 ----a-w- c:\windows\system32\rewire.dll 2009-06-11 19:19 . 2009-06-11 19:19 -------- d-----w- c:\program files\Outsim 2009-06-11 19:17 . 2009-06-11 19:20 -------- d-----w- c:\program files\Image-Line 2009-06-10 10:53 . 2009-04-21 11:55 2033152 ----a-w- c:\windows\system32\win32k.sys 2009-06-10 10:53 . 2009-04-23 12:42 636928 ----a-w- c:\windows\system32\localspl.dll 2009-06-10 10:53 . 2009-04-23 12:43 784896 ----a-w- c:\windows\system32\rpcrt4.dll 2009-06-08 13:57 . 2009-06-08 13:57 314200 ----a-w- c:\programdata\Lavasoft\Ad-Aware\Update\threatwork.exe 2009-06-08 13:56 . 2009-06-08 13:56 25440 ----a-w- c:\programdata\Lavasoft\Ad-Aware\Update\savapibridge.dll 2009-06-08 13:56 . 2009-06-08 13:56 15688 ----a-w- c:\programdata\Lavasoft\Ad-Aware\Update\lsdelete.exe 2009-06-08 13:56 . 2009-06-08 13:56 169312 ----a-w- c:\programdata\Lavasoft\Ad-Aware\Update\lavamessage.dll 2009-06-08 13:56 . 2009-06-08 13:56 348496 ----a-w- c:\programdata\Lavasoft\Ad-Aware\Update\lavalicense.dll 2009-06-08 13:56 . 2009-06-08 13:56 294240 ----a-w- c:\programdata\Lavasoft\Ad-Aware\Update\UpdateManager.dll 2009-06-08 13:56 . 2009-06-08 13:56 83808 ----a-w- c:\programdata\Lavasoft\Ad-Aware\Update\ShellExt.dll 2009-06-08 13:55 . 2009-06-08 13:55 1630048 ----a-w- c:\programdata\Lavasoft\Ad-Aware\Update\Resources.dll 2009-06-08 13:54 . 2009-06-08 13:54 212848 ----a-w- c:\programdata\Lavasoft\Ad-Aware\Update\RPAPI.dll 2009-06-08 13:54 . 2009-06-08 13:54 640360 ----a-w- c:\programdata\Lavasoft\Ad-Aware\Update\CEAPI.dll 2009-06-08 13:54 . 2009-06-08 13:54 40288 ----a-w- c:\programdata\Lavasoft\Ad-Aware\Update\PrivacyClean.dll 2009-06-08 13:54 . 2009-06-08 13:54 540536 ----a-w- c:\programdata\Lavasoft\Ad-Aware\Update\Ad-AwareCommand.exe 2009-06-08 13:54 . 2009-06-08 13:54 559464 ----a-w- c:\programdata\Lavasoft\Ad-Aware\Update\Ad-AwareAdmin.exe 2009-06-08 13:54 . 2009-06-08 13:54 2352456 ----a-w- c:\programdata\Lavasoft\Ad-Aware\Update\Ad-Aware.exe 2009-06-08 13:54 . 2009-06-08 13:54 627536 ----a-w- c:\programdata\Lavasoft\Ad-Aware\Update\AAWWSC.exe 2009-06-08 13:54 . 2009-06-08 13:54 518488 ----a-w- c:\programdata\Lavasoft\Ad-Aware\Update\AAWTray.exe 2009-06-08 13:53 . 2009-06-08 13:53 1005904 ----a-w- c:\programdata\Lavasoft\Ad-Aware\Update\AAWService.exe 2009-06-03 11:55 . 2009-06-03 11:55 -------- d-----w- c:\program files\QuickTime 2009-06-03 11:55 . 2009-06-03 11:55 -------- d-----w- c:\programdata\Apple Computer . (((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-06-19 18:57 . 2007-07-13 14:52 -------- d-----w- c:\program files\NewTech Infosystems 2009-06-19 18:57 . 2007-07-13 14:52 -------- d-----w- c:\program files\Common Files\muvee Technologies 2009-06-19 18:57 . 2007-07-13 14:52 -------- d-----w- c:\program files\Common Files\NewTech Infosystems 2009-06-19 18:57 . 2007-07-13 14:07 -------- d--h--w- c:\program files\InstallShield Installation Information 2009-06-18 21:24 . 2007-09-22 19:27 12 ----a-w- c:\windows\bthservsdp.dat 2009-06-17 21:05 . 2008-04-08 14:14 -------- d-----w- c:\program files\Garena 2009-06-16 12:11 . 2006-11-21 05:16 76478 ----a-w- c:\windows\system32\perfc014.dat 2009-06-16 12:11 . 2006-11-21 05:16 452334 ----a-w- c:\windows\system32\perfh014.dat 2009-06-14 00:36 . 2007-07-13 15:16 -------- d-----w- c:\programdata\Microsoft Help 2009-06-11 01:09 . 2007-07-13 15:18 -------- d-----w- c:\program files\Microsoft Works 2009-05-17 10:21 . 2008-04-26 14:45 11952 ----a-w- c:\windows\system32\avgrsstx.dll 2009-05-17 10:21 . 2008-04-26 14:45 325896 ----a-w- c:\windows\system32\drivers\avgldx86.sys 2009-05-17 10:21 . 2008-04-26 14:45 27784 ----a-w- c:\windows\system32\drivers\avgmfx86.sys 2009-05-13 21:07 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail 2009-05-09 21:44 . 2008-01-16 20:26 -------- d-----w- c:\program files\Common Files\Steam 2009-04-30 12:37 . 2009-06-13 22:33 293376 ----a-w- c:\windows\system32\psisdecd.dll 2009-04-30 12:37 . 2009-06-13 22:33 428544 ----a-w- c:\windows\system32\EncDec.dll 2009-04-28 15:17 . 2009-02-18 18:23 -------- d-----w- c:\program files\Common Files\Adobe 2009-04-27 13:59 . 2009-04-06 14:11 15688 ----a-w- c:\windows\system32\lsdelete.exe 2009-04-27 13:56 . 2009-05-04 13:52 64160 ----a-w- c:\windows\system32\drivers\Lbd.sys 2009-04-27 13:56 . 2009-04-27 13:56 64160 ----a-w- c:\programdata\Lavasoft\Ad-Aware\Update\Drivers\32\lbd.sys 2009-04-26 15:31 . 2009-04-26 15:17 -------- d-----w- c:\program files\MAGIX 2009-04-26 15:19 . 2009-04-26 15:18 -------- d-----w- c:\programdata\MAGIX 2009-04-24 16:05 . 2009-06-10 10:52 827904 ----a-w- c:\windows\system32\wininet.dll 2009-04-24 16:02 . 2009-06-10 10:52 78336 ----a-w- c:\windows\system32\ieencode.dll 2009-04-24 13:44 . 2009-06-10 10:52 26624 ----a-w- c:\windows\system32\ieUnatt.exe 2009-04-24 12:22 . 2009-04-24 09:35 -------- d-----w- c:\program files\Common Files\AVSMedia 2009-04-24 12:22 . 2009-04-24 09:35 -------- d-----w- c:\program files\AVS4YOU 2009-04-24 09:36 . 2009-04-24 09:36 -------- d-----w- c:\programdata\AVS4YOU 2009-04-20 20:37 . 2009-04-20 20:37 -------- d-----w- c:\programdata\Digsby . ((((((((((((((((((((((((((((( SnapShot@2009-06-11_21.35.37 ))))))))))))))))))))))))))))))))))))))))) . + 2009-06-13 22:32 . 2009-04-30 12:00 18944 c:\windows\winsxs\x86_microsoft-windows-ehome-ehtrace_31bf3856ad364e35_6.0.6000.21051_none_372af3e22ffed0a6\ehtrace.dll + 2009-06-13 22:32 . 2009-04-30 12:42 18944 c:\windows\winsxs\x86_microsoft-windows-ehome-ehtrace_31bf3856ad364e35_6.0.6000.16856_none_36a6806716dc7c4d\ehtrace.dll + 2009-06-13 22:32 . 2009-04-30 12:00 21504 c:\windows\winsxs\x86_microsoft-windows-ehome-ehdebug_31bf3856ad364e35_6.0.6000.21051_none_2e4be1e29e60eb10\ehdebug.dll + 2009-06-13 22:32 . 2009-04-30 12:41 21504 c:\windows\winsxs\x86_microsoft-windows-ehome-ehdebug_31bf3856ad364e35_6.0.6000.16856_none_2dc76e67853e96b7\ehdebug.dll + 2009-06-13 22:33 . 2009-04-30 12:09 77824 c:\windows\winsxs\msil_ehiextens_31bf3856ad364e35_6.0.6000.21051_none_fc39e70a22fc10d2\ehiExtens.dll + 2009-06-13 22:33 . 2009-04-30 12:55 77824 c:\windows\winsxs\msil_ehiextens_31bf3856ad364e35_6.0.6000.16856_none_fbb5738f09d9bc79\ehiExtens.dll + 2007-07-13 14:08 . 2009-06-19 18:52 69948 c:\windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin + 2007-09-22 18:14 . 2009-06-19 19:02 17190 c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1279434503-2793533775-1124078756-1000_UserData.bin + 2007-09-22 23:40 . 2009-06-19 19:01 16384 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2007-09-22 23:40 . 2009-06-11 21:25 16384 c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2007-09-22 23:40 . 2009-06-19 19:01 32768 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2007-09-22 23:40 . 2009-06-11 21:25 32768 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2007-09-22 23:40 . 2009-06-11 21:25 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2007-09-22 23:40 . 2009-06-19 19:01 16384 c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat - 2007-11-09 17:26 . 2009-06-11 01:11 35088 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\oisicon.exe + 2007-11-09 17:26 . 2009-06-14 00:37 35088 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\oisicon.exe - 2007-11-09 17:26 . 2009-06-11 01:11 18704 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\mspicons.exe + 2007-11-09 17:26 . 2009-06-14 00:37 18704 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\mspicons.exe + 2007-11-09 17:26 . 2009-06-14 00:37 20240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\cagicon.exe - 2007-11-09 17:26 . 2009-06-11 01:11 20240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\cagicon.exe + 2006-10-26 19:55 . 2006-10-26 19:55 55056 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\SCANOST.EXE + 2006-10-26 19:55 . 2006-10-26 19:55 76576 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\RM.DLL + 2006-10-26 19:55 . 2006-10-26 19:55 39208 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\RECALL.DLL + 2006-10-26 19:55 . 2006-10-26 19:55 53048 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\OUTLVBA.DLL + 2006-10-26 19:55 . 2006-10-26 19:55 21312 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\MLSHEXT.DLL + 2006-10-26 19:55 . 2006-10-26 19:55 35160 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\DUMPSTER.DLL + 2009-06-13 22:32 . 2009-04-30 12:42 18944 c:\windows\ehome\ehtrace.dll - 2009-02-17 18:14 . 2008-12-05 04:29 18944 c:\windows\ehome\ehtrace.dll + 2009-06-13 22:32 . 2009-04-30 12:17 6656 c:\windows\winsxs\x86_microsoft-windows-ehome-devices-mcrmgr_31bf3856ad364e35_6.0.6001.22423_none_34a0ebecf3254d51\McrMgr.dll + 2008-05-01 11:51 . 2008-01-19 07:34 6656 c:\windows\winsxs\x86_microsoft-windows-ehome-devices-mcrmgr_31bf3856ad364e35_6.0.6001.18254_none_33f7ddc1da1f1d8a\McrMgr.dll + 2009-06-13 22:32 . 2009-04-30 12:02 6656 c:\windows\winsxs\x86_microsoft-windows-ehome-devices-mcrmgr_31bf3856ad364e35_6.0.6000.21051_none_3298132af61913a0\McrMgr.dll + 2009-06-13 22:32 . 2009-04-30 12:44 6656 c:\windows\winsxs\x86_microsoft-windows-ehome-devices-mcrmgr_31bf3856ad364e35_6.0.6000.16856_none_32139fafdcf6bf47\McrMgr.dll + 2009-06-19 19:00 . 2009-06-19 19:00 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat - 2009-06-11 21:25 . 2009-06-11 21:25 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat + 2009-06-19 19:00 . 2009-06-19 19:00 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat - 2009-06-11 21:25 . 2009-06-11 21:25 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat + 2009-06-13 22:33 . 2009-04-30 12:19 293376 c:\windows\winsxs\x86_microsoft-windows-v..e-filters-tvdigital_31bf3856ad364e35_6.0.6001.22423_none_dc743bad703abfa3\psisdecd.dll + 2009-06-13 22:33 . 2009-04-30 12:37 293376 c:\windows\winsxs\x86_microsoft-windows-v..e-filters-tvdigital_31bf3856ad364e35_6.0.6001.18254_none_dbcb2d8257348fdc\psisdecd.dll + 2009-06-13 22:33 . 2009-04-30 12:06 292352 c:\windows\winsxs\x86_microsoft-windows-v..e-filters-tvdigital_31bf3856ad364e35_6.0.6000.21051_none_da6b62eb732e85f2\psisdecd.dll + 2009-06-13 22:33 . 2009-04-30 12:52 292352 c:\windows\winsxs\x86_microsoft-windows-v..e-filters-tvdigital_31bf3856ad364e35_6.0.6000.16856_none_d9e6ef705a0c3199\psisdecd.dll + 2009-06-13 22:33 . 2009-04-30 12:19 428544 c:\windows\winsxs\x86_microsoft-windows-tvencdec_31bf3856ad364e35_6.0.6001.22423_none_e0ef19f3a791bbf8\EncDec.dll + 2009-06-13 22:33 . 2009-04-30 12:37 428544 c:\windows\winsxs\x86_microsoft-windows-tvencdec_31bf3856ad364e35_6.0.6001.18254_none_e0460bc88e8b8c31\EncDec.dll + 2009-06-13 22:33 . 2009-04-30 12:00 428032 c:\windows\winsxs\x86_microsoft-windows-tvencdec_31bf3856ad364e35_6.0.6000.21051_none_dee64131aa858247\EncDec.dll + 2009-06-13 22:33 . 2009-04-30 12:42 428032 c:\windows\winsxs\x86_microsoft-windows-tvencdec_31bf3856ad364e35_6.0.6000.16856_none_de61cdb691632dee\EncDec.dll + 2009-06-13 22:32 . 2009-04-30 10:34 253952 c:\windows\winsxs\x86_microsoft-windows-ehome-ehvid_31bf3856ad364e35_6.0.6001.22423_none_4bdfc1ce6de6cf39\ehvid.exe + 2009-06-13 22:32 . 2009-04-30 10:28 253952 c:\windows\winsxs\x86_microsoft-windows-ehome-ehvid_31bf3856ad364e35_6.0.6001.18254_none_4b36b3a354e09f72\ehvid.exe + 2009-06-13 22:33 . 2009-04-30 10:19 253952 c:\windows\winsxs\x86_microsoft-windows-ehome-ehvid_31bf3856ad364e35_6.0.6000.21051_none_49d6e90c70da9588\ehvid.exe + 2009-06-13 22:33 . 2009-04-30 10:42 253952 c:\windows\winsxs\x86_microsoft-windows-ehome-ehvid_31bf3856ad364e35_6.0.6000.16856_none_4952759157b8412f\ehvid.exe + 2009-06-13 22:33 . 2009-04-30 12:16 522240 c:\windows\winsxs\x86_microsoft-windows-ehome-ehui_31bf3856ad364e35_6.0.6001.22423_none_cf3b1fcee292dd5c\ehui.dll + 2009-06-13 22:33 . 2009-04-30 12:33 522240 c:\windows\winsxs\x86_microsoft-windows-ehome-ehui_31bf3856ad364e35_6.0.6001.18254_none_ce9211a3c98cad95\ehui.dll + 2009-06-13 22:33 . 2009-04-30 12:00 521728 c:\windows\winsxs\x86_microsoft-windows-ehome-ehui_31bf3856ad364e35_6.0.6000.21051_none_cd32470ce586a3ab\ehui.dll + 2009-06-13 22:33 . 2009-04-30 12:42 517632 c:\windows\winsxs\x86_microsoft-windows-ehome-ehui_31bf3856ad364e35_6.0.6000.16856_none_ccadd391cc644f52\ehui.dll + 2009-06-13 22:32 . 2009-04-30 12:16 105472 c:\windows\winsxs\x86_microsoft-windows-ehome-ehpresenter_31bf3856ad364e35_6.0.6001.22423_none_273f9b1b7b253f90\ehPresenter.dll + 2009-06-13 22:32 . 2009-04-30 12:33 105472 c:\windows\winsxs\x86_microsoft-windows-ehome-ehpresenter_31bf3856ad364e35_6.0.6001.18254_none_26968cf0621f0fc9\ehPresenter.dll + 2009-06-13 22:33 . 2009-04-30 12:00 105472 c:\windows\winsxs\x86_microsoft-windows-ehome-ehpresenter_31bf3856ad364e35_6.0.6000.21051_none_2536c2597e1905df\ehPresenter.dll + 2009-06-13 22:33 . 2009-04-30 12:41 105472 c:\windows\winsxs\x86_microsoft-windows-ehome-ehpresenter_31bf3856ad364e35_6.0.6000.16856_none_24b24ede64f6b186\ehPresenter.dll + 2009-06-13 22:33 . 2009-04-30 12:01 278528 c:\windows\winsxs\x86_microsoft-windows-ehome-ehplayer_31bf3856ad364e35_6.0.6002.22126_none_3019d864cf578034\ehPlayer.dll + 2009-06-13 22:33 . 2009-04-30 11:47 278528 c:\windows\winsxs\x86_microsoft-windows-ehome-ehplayer_31bf3856ad364e35_6.0.6002.18030_none_2f7f69f1b6476451\ehPlayer.dll + 2009-06-13 22:33 . 2009-04-30 12:16 278528 c:\windows\winsxs\x86_microsoft-windows-ehome-ehplayer_31bf3856ad364e35_6.0.6001.22423_none_2e30659ed233df0b\ehPlayer.dll + 2009-06-13 22:33 . 2009-04-30 12:33 278528 c:\windows\winsxs\x86_microsoft-windows-ehome-ehplayer_31bf3856ad364e35_6.0.6001.18254_none_2d875773b92daf44\ehPlayer.dll + 2009-06-13 22:33 . 2009-04-30 12:00 278528 c:\windows\winsxs\x86_microsoft-windows-ehome-ehplayer_31bf3856ad364e35_6.0.6000.21051_none_2c278cdcd527a55a\ehPlayer.dll + 2009-06-13 22:32 . 2009-04-30 12:16 373248 c:\windows\winsxs\x86_microsoft-windows-ehome-ehglid_31bf3856ad364e35_6.0.6001.22423_none_2fb2ddfc834d299c\ehglid.dll + 2009-06-13 22:32 . 2009-04-30 12:33 373248 c:\windows\winsxs\x86_microsoft-windows-ehome-ehglid_31bf3856ad364e35_6.0.6001.18254_none_2f09cfd16a46f9d5\ehglid.dll + 2009-06-13 22:33 . 2009-04-30 12:00 372736 c:\windows\winsxs\x86_microsoft-windows-ehome-ehglid_31bf3856ad364e35_6.0.6000.21051_none_2daa053a8640efeb\ehglid.dll + 2009-06-13 22:33 . 2009-04-30 12:41 372224 c:\windows\winsxs\x86_microsoft-windows-ehome-ehglid_31bf3856ad364e35_6.0.6000.16856_none_2d2591bf6d1e9b92\ehglid.dll + 2009-06-13 22:32 . 2009-04-30 11:47 173056 c:\windows\winsxs\x86_microsoft-windows-ehome-devices-mcrmgr_31bf3856ad364e35_6.0.6001.22423_none_34a0ebecf3254d51\McrMgr.exe + 2009-06-13 22:32 . 2009-04-30 12:00 173056 c:\windows\winsxs\x86_microsoft-windows-ehome-devices-mcrmgr_31bf3856ad364e35_6.0.6001.18254_none_33f7ddc1da1f1d8a\McrMgr.exe + 2009-06-13 22:33 . 2009-04-30 11:31 173056 c:\windows\winsxs\x86_microsoft-windows-ehome-devices-mcrmgr_31bf3856ad364e35_6.0.6000.21051_none_3298132af61913a0\McrMgr.exe + 2009-06-13 22:32 . 2009-04-30 12:09 173056 c:\windows\winsxs\x86_microsoft-windows-ehome-devices-mcrmgr_31bf3856ad364e35_6.0.6000.16856_none_32139fafdcf6bf47\McrMgr.exe + 2009-06-13 22:32 . 2009-04-30 12:16 254464 c:\windows\winsxs\x86_microsoft-windows-ehome-devices-ehreplay_31bf3856ad364e35_6.0.6001.22423_none_152e7b96b8dde8f3\ehReplay.dll + 2009-06-13 22:32 . 2009-04-30 12:33 254464 c:\windows\winsxs\x86_microsoft-windows-ehome-devices-ehreplay_31bf3856ad364e35_6.0.6001.18254_none_14856d6b9fd7b92c\ehReplay.dll + 2009-06-13 22:33 . 2009-04-30 12:00 254464 c:\windows\winsxs\x86_microsoft-windows-ehome-devices-ehreplay_31bf3856ad364e35_6.0.6000.21051_none_1325a2d4bbd1af42\ehReplay.dll + 2009-06-13 22:33 . 2009-04-30 12:41 252416 c:\windows\winsxs\x86_microsoft-windows-ehome-devices-ehreplay_31bf3856ad364e35_6.0.6000.16856_none_12a12f59a2af5ae9\ehReplay.dll + 2009-06-13 22:32 . 2009-04-30 12:19 180224 c:\windows\winsxs\x86_microsoft-windows-ehome-cbva_31bf3856ad364e35_6.0.6001.22423_none_ce9aa784e2f278f7\cbva.dll + 2009-06-13 22:32 . 2009-04-30 12:37 180224 c:\windows\winsxs\x86_microsoft-windows-ehome-cbva_31bf3856ad364e35_6.0.6001.18254_none_cdf19959c9ec4930\cbva.dll + 2009-06-13 22:33 . 2009-04-30 11:59 180224 c:\windows\winsxs\x86_microsoft-windows-ehome-cbva_31bf3856ad364e35_6.0.6000.21051_none_cc91cec2e5e63f46\cbva.dll + 2009-06-13 22:33 . 2009-04-30 12:40 180224 c:\windows\winsxs\x86_microsoft-windows-ehome-cbva_31bf3856ad364e35_6.0.6000.16856_none_cc0d5b47ccc3eaed\cbva.dll + 2009-06-13 22:33 . 2009-04-30 12:06 212992 c:\windows\winsxs\msil_microsoft.mediacenter_31bf3856ad364e35_6.0.6002.22126_none_27de1592e29b9884\Microsoft.MediaCenter.dll + 2009-06-13 22:33 . 2009-04-30 11:54 212992 c:\windows\winsxs\msil_microsoft.mediacenter_31bf3856ad364e35_6.0.6002.18030_none_2743a71fc98b7ca1\Microsoft.MediaCenter.dll + 2009-06-13 22:33 . 2009-04-30 12:21 212992 c:\windows\winsxs\msil_microsoft.mediacenter_31bf3856ad364e35_6.0.6001.22423_none_25f4a2cce577f75b\Microsoft.MediaCenter.dll + 2009-06-13 22:33 . 2009-04-30 12:42 212992 c:\windows\winsxs\msil_microsoft.mediacenter_31bf3856ad364e35_6.0.6001.18254_none_254b94a1cc71c794\Microsoft.MediaCenter.dll + 2009-06-13 22:33 . 2009-04-30 12:09 225280 c:\windows\winsxs\msil_microsoft.mediacenter_31bf3856ad364e35_6.0.6000.21051_none_23ebca0ae86bbdaa\Microsoft.MediaCenter.dll + 2009-06-13 22:33 . 2009-04-30 12:56 225280 c:\windows\winsxs\msil_microsoft.mediacenter_31bf3856ad364e35_6.0.6000.16856_none_2367568fcf496951\Microsoft.MediaCenter.dll + 2009-06-13 22:33 . 2009-04-30 12:06 188416 c:\windows\winsxs\msil_mcstore_31bf3856ad364e35_6.0.6002.22126_none_c7f9169954229812\mcstore.dll + 2009-06-13 22:33 . 2009-04-30 11:54 188416 c:\windows\winsxs\msil_mcstore_31bf3856ad364e35_6.0.6002.18030_none_c75ea8263b127c2f\mcstore.dll + 2009-06-13 22:33 . 2009-04-30 12:21 188416 c:\windows\winsxs\msil_mcstore_31bf3856ad364e35_6.0.6001.22423_none_c60fa3d356fef6e9\mcstore.dll + 2009-06-13 22:33 . 2009-04-30 12:42 188416 c:\windows\winsxs\msil_mcstore_31bf3856ad364e35_6.0.6001.18254_none_c56695a83df8c722\mcstore.dll + 2009-06-13 22:33 . 2009-04-30 12:09 212992 c:\windows\winsxs\msil_mcstore_31bf3856ad364e35_6.0.6000.21051_none_c406cb1159f2bd38\mcstore.dll + 2009-06-13 22:33 . 2009-04-30 12:55 212992 c:\windows\winsxs\msil_mcstore_31bf3856ad364e35_6.0.6000.16856_none_c382579640d068df\mcstore.dll + 2009-06-13 22:33 . 2009-04-30 12:06 532480 c:\windows\winsxs\msil_ehrecobj_31bf3856ad364e35_6.0.6002.22126_none_8d41cc615e8201b1\ehRecObj.dll + 2009-06-13 22:33 . 2009-04-30 11:54 532480 c:\windows\winsxs\msil_ehrecobj_31bf3856ad364e35_6.0.6002.18030_none_8ca75dee4571e5ce\ehRecObj.dll + 2009-06-13 22:33 . 2009-04-30 12:21 532480 c:\windows\winsxs\msil_ehrecobj_31bf3856ad364e35_6.0.6001.22423_none_8b58599b615e6088\ehRecObj.dll + 2009-06-13 22:33 . 2009-04-30 12:42 532480 c:\windows\winsxs\msil_ehrecobj_31bf3856ad364e35_6.0.6001.18254_none_8aaf4b70485830c1\ehRecObj.dll + 2009-06-13 22:33 . 2009-04-30 12:09 532480 c:\windows\winsxs\msil_ehrecobj_31bf3856ad364e35_6.0.6000.21051_none_894f80d9645226d7\ehRecObj.dll + 2009-06-13 22:33 . 2009-04-30 12:55 532480 c:\windows\winsxs\msil_ehrecobj_31bf3856ad364e35_6.0.6000.16856_none_88cb0d5e4b2fd27e\ehRecObj.dll + 2009-06-13 22:33 . 2009-04-30 12:09 135168 c:\windows\winsxs\msil_ehexthost_31bf3856ad364e35_6.0.6000.21051_none_bd56e025daf6b2dd\ehexthost.exe + 2009-06-13 22:33 . 2009-04-30 12:55 135168 c:\windows\winsxs\msil_ehexthost_31bf3856ad364e35_6.0.6000.16856_none_bcd26caac1d45e84\ehexthost.exe + 2009-06-13 22:33 . 2009-04-30 12:06 839680 c:\windows\winsxs\msil_ehepg_31bf3856ad364e35_6.0.6002.22126_none_de03aef7e5372a6c\ehepg.dll + 2009-06-13 22:33 . 2009-04-30 11:54 839680 c:\windows\winsxs\msil_ehepg_31bf3856ad364e35_6.0.6002.18030_none_dd694084cc270e89\ehepg.dll + 2009-06-13 22:33 . 2009-04-30 12:21 839680 c:\windows\winsxs\msil_ehepg_31bf3856ad364e35_6.0.6001.22423_none_dc1a3c31e8138943\ehepg.dll + 2009-06-13 22:33 . 2009-04-30 12:42 839680 c:\windows\winsxs\msil_ehepg_31bf3856ad364e35_6.0.6001.18254_none_db712e06cf0d597c\ehepg.dll + 2009-06-13 22:33 . 2009-04-30 12:09 876544 c:\windows\winsxs\msil_ehepg_31bf3856ad364e35_6.0.6000.21051_none_da11636feb074f92\ehepg.dll + 2009-06-13 22:33 . 2009-04-30 12:55 876544 c:\windows\winsxs\msil_ehepg_31bf3856ad364e35_6.0.6000.16856_none_d98ceff4d1e4fb39\ehepg.dll + 2008-05-10 17:29 . 2009-06-19 10:30 266684 c:\windows\System32\WDI\SuspendPerformanceDiagnostics_SystemData_S3.bin + 2006-11-02 13:05 . 2009-06-19 19:02 121020 c:\windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin - 2006-11-02 10:33 . 2009-05-24 21:43 587178 c:\windows\System32\perfh009.dat + 2006-11-02 10:33 . 2009-06-16 12:11 587178 c:\windows\System32\perfh009.dat + 2006-11-02 10:33 . 2009-06-16 12:11 101250 c:\windows\System32\perfc009.dat - 2006-11-02 10:33 . 2009-05-24 21:43 101250 c:\windows\System32\perfc009.dat + 2007-11-09 17:26 . 2009-06-14 00:37 888080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe - 2007-11-09 17:26 . 2009-06-11 01:11 888080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe + 2007-11-09 17:26 . 2009-06-14 00:37 272648 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pubs.exe - 2007-11-09 17:26 . 2009-06-11 01:11 272648 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pubs.exe - 2007-11-09 17:26 . 2009-06-11 01:11 922384 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe + 2007-11-09 17:26 . 2009-06-14 00:37 922384 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\pptico.exe - 2007-11-09 17:26 . 2009-06-11 01:10 845584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe + 2007-11-09 17:26 . 2009-06-14 00:37 845584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe + 2007-11-09 17:26 . 2009-06-14 00:37 217864 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe - 2007-11-09 17:26 . 2009-06-11 01:11 217864 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\misc.exe + 2007-11-09 17:26 . 2009-06-14 00:37 184080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\joticon.exe - 2007-11-09 17:26 . 2009-06-11 01:10 184080 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\joticon.exe + 2007-11-09 17:26 . 2009-06-14 00:37 159504 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\inficon.exe - 2007-11-09 17:26 . 2009-06-11 01:10 159504 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\inficon.exe + 2009-01-18 14:05 . 2009-01-18 14:05 675840 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA74401B7449A0100000010\9.1.0\JP2KLib.dll + 2006-10-27 14:16 . 2006-10-27 14:16 408880 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\RTFHTML.DLL + 2006-10-27 14:16 . 2006-10-27 14:16 138512 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\OUTLCTL.DLL + 2006-10-26 19:55 . 2006-10-26 19:55 254776 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\OLKFSTUB.DLL + 2006-10-26 19:55 . 2006-10-26 19:55 154960 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\ENVELOPE.DLL + 2006-10-26 19:55 . 2006-10-26 19:55 116544 c:\windows\Installer\$PatchCache$\Managed\00002109030000000000000000F01FEC\12.0.4518\EMABLT32.DLL + 2009-06-13 22:33 . 2009-04-30 12:42 212992 c:\windows\ehome\Microsoft.MediaCenter.dll + 2009-06-13 22:33 . 2009-04-30 12:42 188416 c:\windows\ehome\mcstore.dll + 2009-06-13 22:32 . 2009-04-30 12:00 173056 c:\windows\ehome\McrMgr.exe - 2009-02-17 18:14 . 2008-12-05 04:32 173056 c:\windows\ehome\McrMgr.exe + 2009-06-13 22:32 . 2009-04-30 10:28 253952 c:\windows\ehome\ehvid.exe - 2009-02-17 18:14 . 2008-12-05 04:31 253952 c:\windows\ehome\ehvid.exe + 2009-06-13 22:33 . 2009-04-30 12:33 522240 c:\windows\ehome\ehui.dll - 2009-02-17 18:14 . 2008-12-05 04:32 522240 c:\windows\ehome\ehui.dll + 2009-06-13 22:32 . 2009-04-30 12:33 254464 c:\windows\ehome\ehReplay.dll - 2009-02-17 18:14 . 2008-12-05 04:32 254464 c:\windows\ehome\ehReplay.dll + 2009-06-13 22:33 . 2009-04-30 12:42 532480 c:\windows\ehome\ehRecObj.dll + 2009-06-13 22:32 . 2009-04-30 12:33 105472 c:\windows\ehome\ehPresenter.dll - 2009-02-17 18:14 . 2008-12-05 04:32 105472 c:\windows\ehome\ehPresenter.dll + 2009-06-13 22:33 . 2009-04-30 12:33 278528 c:\windows\ehome\ehPlayer.dll - 2009-02-17 18:14 . 2008-12-05 04:32 373248 c:\windows\ehome\ehglid.dll + 2009-06-13 22:32 . 2009-04-30 12:33 373248 c:\windows\ehome\ehglid.dll + 2009-06-13 22:33 . 2009-04-30 12:42 839680 c:\windows\ehome\ehepg.dll - 2009-02-17 18:14 . 2008-12-05 04:32 180224 c:\windows\ehome\cbva.dll + 2009-06-13 22:32 . 2009-04-30 12:37 180224 c:\windows\ehome\cbva.dll + 2009-06-13 22:33 . 2009-04-30 12:42 212992 c:\windows\assembly\GAC_MSIL\Microsoft.MediaCenter\6.0.6000.0__31bf3856ad364e35\Microsoft.MediaCenter.dll + 2009-06-13 22:33 . 2009-04-30 12:42 188416 c:\windows\assembly\GAC_MSIL\mcstore\6.0.6000.0__31bf3856ad364e35\mcstore.dll + 2009-06-13 22:33 . 2009-04-30 12:42 532480 c:\windows\assembly\GAC_MSIL\ehRecObj\6.0.6000.0__31bf3856ad364e35\ehRecObj.dll + 2009-06-13 22:33 . 2009-04-30 12:42 839680 c:\windows\assembly\GAC_MSIL\ehepg\6.0.6000.0__31bf3856ad364e35\ehepg.dll + 2009-06-13 22:33 . 2009-04-30 12:02 1244672 c:\windows\winsxs\x86_microsoft-windows-m..mediadeliveryengine_31bf3856ad364e35_6.0.6000.21051_none_3d9893fe7ba30b35\mcmde.dll + 2009-06-13 22:33 . 2009-04-30 12:44 1244672 c:\windows\winsxs\x86_microsoft-windows-m..mediadeliveryengine_31bf3856ad364e35_6.0.6000.16856_none_3d1420836280b6dc\mcmde.dll + 2009-06-13 22:33 . 2009-04-30 12:00 1498112 c:\windows\winsxs\x86_microsoft-windows-ehome-ehuihlp_31bf3856ad364e35_6.0.6000.21051_none_3a793943475c584d\ehuihlp.dll + 2009-06-13 22:33 . 2009-04-30 12:42 1497088 c:\windows\winsxs\x86_microsoft-windows-ehome-ehuihlp_31bf3856ad364e35_6.0.6000.16856_none_39f4c5c82e3a03f4\ehuihlp.dll + 2009-06-13 22:33 . 2009-04-30 12:17 1384960 c:\windows\winsxs\x86_microsoft-windows-e..-devices-mcx2filter_31bf3856ad364e35_6.0.6001.22423_none_3685ee5032972d7f\Mcx2Filter.dll + 2009-06-13 22:33 . 2009-04-30 12:34 1384960 c:\windows\winsxs\x86_microsoft-windows-e..-devices-mcx2filter_31bf3856ad364e35_6.0.6001.18254_none_35dce0251990fdb8\Mcx2Filter.dll + 2009-06-13 22:33 . 2009-04-30 12:03 1384960 c:\windows\winsxs\x86_microsoft-windows-e..-devices-mcx2filter_31bf3856ad364e35_6.0.6000.21051_none_347d158e358af3ce\Mcx2Filter.dll + 2009-06-13 22:33 . 2009-04-30 12:44 1384960 c:\windows\winsxs\x86_microsoft-windows-e..-devices-mcx2filter_31bf3856ad364e35_6.0.6000.16856_none_33f8a2131c689f75\Mcx2Filter.dll + 2009-06-13 22:33 . 2009-04-30 12:06 1970176 c:\windows\winsxs\msil_microsoft.mediacenter.ui_31bf3856ad364e35_6.0.6002.22126_none_3582bc9f6d832c6e\Microsoft.MediaCenter.UI.dll + 2009-06-13 22:33 . 2009-04-30 11:54 1970176 c:\windows\winsxs\msil_microsoft.mediacenter.ui_31bf3856ad364e35_6.0.6002.18030_none_34e84e2c5473108b\Microsoft.MediaCenter.UI.dll + 2009-06-13 22:33 . 2009-04-30 12:21 1970176 c:\windows\winsxs\msil_microsoft.mediacenter.ui_31bf3856ad364e35_6.0.6001.22423_none_339949d9705f8b45\Microsoft.MediaCenter.UI.dll + 2009-06-13 22:33 . 2009-04-30 12:42 1970176 c:\windows\winsxs\msil_microsoft.mediacenter.ui_31bf3856ad364e35_6.0.6001.18254_none_32f03bae57595b7e\Microsoft.MediaCenter.UI.dll + 2009-06-13 22:33 . 2009-04-30 12:09 2363392 c:\windows\winsxs\msil_microsoft.mediacenter.ui_31bf3856ad364e35_6.0.6000.21051_none_3190711773535194\Microsoft.MediaCenter.UI.dll + 2009-06-13 22:33 . 2009-04-30 12:56 2355200 c:\windows\winsxs\msil_microsoft.mediacenter.ui_31bf3856ad364e35_6.0.6000.16856_none_310bfd9c5a30fd3b\Microsoft.MediaCenter.UI.dll + 2009-06-13 22:33 . 2009-04-30 12:06 1249280 c:\windows\winsxs\msil_microsoft.mediacenter.shell_31bf3856ad364e35_6.0.6002.22126_none_52f46defac2f2f5 \Microsoft.MediaCenter.Shell.dll + 2009-06-13 22:33 . 2009-04-30 11:54 1249280 c:\windows\winsxs\msil_microsoft.mediacenter.shell_31bf3856ad364e35_6.0.6002.18030_none_5259ff7c931f137 \Microsoft.MediaCenter.Shell.dll + 2009-06-13 22:33 . 2009-04-30 12:21 1249280 c:\windows\winsxs\msil_microsoft.mediacenter.shell_31bf3856ad364e35_6.0.6001.22423_none_510afb29af0b8e2 \Microsoft.MediaCenter.Shell.dll + 2009-06-13 22:33 . 2009-04-30 12:42 1253376 c:\windows\winsxs\msil_microsoft.mediacenter.shell_31bf3856ad364e35_6.0.6001.18254_none_5061ecfe96055e6 \Microsoft.MediaCenter.Shell.dll + 2009-06-13 22:33 . 2009-04-30 12:09 1282048 c:\windows\winsxs\msil_microsoft.mediacenter.shell_31bf3856ad364e35_6.0.6000.21051_none_4f022267b1ff547 \Microsoft.MediaCenter.Shell.dll + 2009-06-13 22:33 . 2009-04-30 12:56 1208320 c:\windows\winsxs\msil_microsoft.mediacenter.shell_31bf3856ad364e35_6.0.6000.16856_none_4e7daeec98dd002 \Microsoft.MediaCenter.Shell.dll + 2009-06-13 22:33 . 2009-04-30 12:06 4059136 c:\windows\winsxs\msil_ehshell_31bf3856ad364e35_6.0.6002.22126_none_8df6ca3857eab8be\ehshell.dll + 2009-06-13 22:33 . 2009-04-30 11:54 4059136 c:\windows\winsxs\msil_ehshell_31bf3856ad364e35_6.0.6002.18030_none_8d5c5bc53eda9cdb\ehshell.dll + 2009-06-13 22:33 . 2009-04-30 12:21 4059136 c:\windows\winsxs\msil_ehshell_31bf3856ad364e35_6.0.6001.22423_none_8c0d57725ac71795\ehshell.dll + 2009-06-13 22:33 . 2009-04-30 12:42 4059136 c:\windows\winsxs\msil_ehshell_31bf3856ad364e35_6.0.6001.18254_none_8b64494741c0e7ce\ehshell.dll + 2009-06-13 22:33 . 2009-04-30 12:09 4395008 c:\windows\winsxs\msil_ehshell_31bf3856ad364e35_6.0.6000.21051_none_8a047eb05dbadde4\ehshell.dll + 2009-06-13 22:33 . 2009-04-30 12:55 4382720 c:\windows\winsxs\msil_ehshell_31bf3856ad364e35_6.0.6000.16856_none_89800b354498898b\ehshell.dll - 2006-11-02 10:22 . 2009-06-11 19:55 6553600 c:\windows\System32\SMI\Store\Machine\schema.dat + 2006-11-02 10:22 . 2009-06-14 00:38 6553600 c:\windows\System32\SMI\Store\Machine\schema.dat - 2007-11-09 17:26 . 2009-06-11 01:10 1172240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe + 2007-11-09 17:26 . 2009-06-14 00:37 1172240 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe - 2007-11-09 17:26 . 2009-06-11 01:10 1165584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\accicons.exe + 2007-11-09 17:26 . 2009-06-14 00:37 1165584 c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\accicons.exe + 2008-12-18 14:48 . 2008-12-18 14:48 3645440 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA74401B7449A0100000010\9.1.0\authplay.dll + 2009-06-13 22:33 . 2009-04-30 12:42 1970176 c:\windows\ehome\Microsoft.MediaCenter.UI.dll + 2009-06-13 22:33 . 2009-04-30 12:42 1253376 c:\windows\ehome\Microsoft.MediaCenter.Shell.dll + 2009-06-13 22:33 . 2009-04-30 12:34 1384960 c:\windows\ehome\Mcx2Filter.dll - 2009-02-17 18:14 . 2008-12-05 04:32 1384960 c:\windows\ehome\Mcx2Filter.dll + 2009-06-13 22:33 . 2009-04-30 12:42 4059136 c:\windows\ehome\ehshell.dll + 2009-06-13 22:33 . 2009-04-30 12:42 1970176 c:\windows\assembly\GAC_MSIL\Microsoft.MediaCenter.UI\6.0.6000.0__31bf3856ad364e35\Microsoft.MediaCenter.UI.dll + 2009-06-13 22:33 . 2009-04-30 12:42 1253376 c:\windows\assembly\GAC_MSIL\Microsoft.MediaCenter.Shell\6.0.6000.0__31bf3856ad364e35\Microsoft.MediaCenter.Shell.dll + 2009-06-13 22:33 . 2009-04-30 12:42 4059136 c:\windows\assembly\GAC_MSIL\ehshell\6.0.6000.0__31bf3856ad364e35\ehshell.dll + 2009-06-13 22:33 . 2009-04-30 12:02 10111488 c:\windows\winsxs\x86_microsoft-windows-ehome-ehres_31bf3856ad364e35_6.0.6002.22126_none_546c7a3e66c6e86b\ehres.dll + 2009-06-13 22:33 . 2009-04-30 11:47 10111488 c:\windows\winsxs\x86_microsoft-windows-ehome-ehres_31bf3856ad364e35_6.0.6002.18030_none_53d20bcb4db6cc88\ehres.dll + 2009-06-13 22:33 . 2009-04-30 12:16 10111488 c:\windows\winsxs\x86_microsoft-windows-ehome-ehres_31bf3856ad364e35_6.0.6001.22423_none_5283077869a34742\ehres.dll + 2009-06-13 22:33 . 2009-04-30 12:33 10111488 c:\windows\winsxs\x86_microsoft-windows-ehome-ehres_31bf3856ad364e35_6.0.6001.18254_none_51d9f94d509d177b\ehres.dll + 2009-06-13 22:33 . 2009-04-30 12:00 10111488 c:\windows\winsxs\x86_microsoft-windows-ehome-ehres_31bf3856ad364e35_6.0.6000.21051_none_507a2eb66c970d91\ehres.dll + 2009-06-13 22:33 . 2009-04-30 12:42 10101760 c:\windows\winsxs\x86_microsoft-windows-ehome-ehres_31bf3856ad364e35_6.0.6000.16856_none_4ff5bb3b5374b938\ehres.dll + 2009-05-05 22:15 . 2009-06-13 22:30 91573985 c:\windows\winsxs\ManifestCache\6.0.6002.18005_001c11ba_blobs.bin + 2009-02-27 14:37 . 2009-02-27 14:37 20403568 c:\windows\Installer\$PatchCache$\Managed\68AB67CA7DA74401B7449A0100000010\9.1.0\AcroRd32.dll + 2009-06-13 22:33 . 2009-04-30 12:33 10111488 c:\windows\ehome\ehres.dll . -- Snapshot resatt til dagens dato -- . (((((((((((((((((((((((((((((((( Oppstartspunkter I Registeret ))))))))))))))))))))))))))))))))))))))))))))) . . *Merk* tomme oppføringer & gyldige standardoppføringer vises ikke REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-19 1233920] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-05-09 865840] "PLFSet"="c:\windows\PLFSet.dll" [2007-04-24 45056] "IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2007-02-12 174872] "IaNvSrv"="c:\program files\Intel\Intel Matrix Storage Manager\OROM\IaNvSrv\IaNvSrv.exe" [2007-03-13 33048] "DeathAdder"="c:\program files\Razer\DeathAdder\razerhid.exe" [2007-09-07 159744] "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2007-08-24 33648] "AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-05-17 1947928] "NvSvc"="c:\windows\system32\nvsvc.dll" [2007-10-28 86016] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-10-28 8538656] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-10-28 81920] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-03-09 148888] "Ad-Watch"="c:\program files\Lavasoft\Ad-Aware\AAWTray.exe" [2009-06-08 518488] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-05-26 413696] "RtHDVCpl"="RtHDVCpl.exe" - c:\windows\RtHDVCpl.exe [2007-05-10 4468736] "Skytel"="Skytel.exe" - c:\windows\SkyTel.exe [2007-05-07 1826816] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\windows\System32\eNetHook.dll c:\windows\System32\avgrsstx.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "aux"=wdmaud.drv [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] @="Service" [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Acer VCM.lnk] path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Acer VCM.lnk backup=c:\windows\pss\Acer VCM.lnk.CommonStartup backupExtension=.CommonStartup [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk] path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk backup=c:\windows\pss\Adobe Reader Speed Launch.lnk.CommonStartup backupExtension=.CommonStartup [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^BTTray.lnk] path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\BTTray.lnk backup=c:\windows\pss\BTTray.lnk.CommonStartup backupExtension=.CommonStartup [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Empowering Technology Launcher.lnk] path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Empowering Technology Launcher.lnk backup=c:\windows\pss\Empowering Technology Launcher.lnk.CommonStartup backupExtension=.CommonStartup [HKLM\~\startupfolder\C:^Users^Torbjørn^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper og Launcher.lnk] path=c:\users\Torbjørn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper og Launcher.lnk backup=c:\windows\pss\OneNote 2007 Screen Clipper og Launcher.lnk.Startup backupExtension=.Startup [HKEY_LOCAL_MACHINE\software\microsoft\security center] "UacDisableNotify"=dword:00000001 "InternetSettingsDisableNotify"=dword:00000001 "AutoUpdateDisableNotify"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules] "{442166C5-7532-47B4-9D95-C8143712DBD6}"= c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\Acer Arcade Deluxe.exe:Acer Arcade Deluxe "{44E403BB-DA90-4FCF-8368-738932C9F9AA}"= c:\program files\Acer Arcade Deluxe\DVDivine\DVDivine.exe:DVDivine "{815FBA7C-F226-43D8-A01F-5452236EF031}"= c:\program files\Acer Arcade Deluxe\VideoMagician\VideoMagician.exe:VideoMagician "{9C4B4347-9175-4376-91C0-4DB1DA37E19D}"= c:\program files\Acer Arcade Deluxe\HomeMedia\HomeMedia.exe:HomeMedia "{51E2E278-0B99-4333-85DE-A2CF647F8985}"= c:\program files\Acer Arcade Deluxe\DV Wizard\DV Wizard.exe:DV Wizard "{67A418EB-89A9-410B-990F-F280965602E4}"= c:\program files\Acer Arcade Deluxe\Play Movie\PlayMovie.exe:Play Movie "{1722D150-B600-48D7-B66F-F789AB5FC18B}"= c:\program files\Acer Arcade Deluxe\Play Movie\PMVService.exe:Play Movie Resident Program "{BBBF1CB9-ECFE-4CED-93F2-E2A0F9DD524E}"= c:\program files\Acer\Acer VCM\VC.exe:Acer VCM "{F03A1E2A-63BB-4FB0-BCB6-C8567E2556DC}"= TCP:6004|c:\program files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook "{CF04669F-E3E8-4780-A79D-2E29B74FD18D}"= UDP:c:\program files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove "{FBAC63F5-AA75-440C-B408-7B4233261D40}"= TCP:c:\program files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove "{4D6DF4F8-5872-41FA-9399-1DF3F6CC6D3D}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote "{6BAC489D-8ACB-485D-B718-D6C03978EB5A}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote "TCP Query User{EC603E02-5597-4627-90C2-DAADF42C70EA}c:\\program files\\utorrent\\utorrent.exe"= UDP:c:\program files\utorrent\utorrent.exe:uTorrent "UDP Query User{68AB7DDF-A17E-467C-9561-E2A3327218EB}c:\\program files\\utorrent\\utorrent.exe"= TCP:c:\program files\utorrent\utorrent.exe:uTorrent "TCP Query User{BE9E83C7-1BDC-4954-8E9E-E8A668296F71}d:\\spill\\warcraft iii\\war3.exe"= UDP:d:\spill\warcraft iii\war3.exe:Warcraft III "UDP Query User{D57D9325-CD0B-42A0-956E-8FCE31019B56}d:\\spill\\warcraft iii\\war3.exe"= TCP:d:\spill\warcraft iii\war3.exe:Warcraft III "TCP Query User{9D338334-A96A-4C45-80BF-C3A1B7FF38D4}c:\\program files\\utorrent\\utorrent.exe"= UDP:c:\program files\utorrent\utorrent.exe:uTorrent "UDP Query User{11525292-021D-46DE-8336-811F3E72657A}c:\\program files\\utorrent\\utorrent.exe"= TCP:c:\program files\utorrent\utorrent.exe:uTorrent "TCP Query User{1F211958-5065-4407-A0AF-0901A638A74B}d:\\spill\\warcraft iii\\war3.exe"= UDP:d:\spill\warcraft iii\war3.exe:Warcraft III "UDP Query User{7A1ED75D-28C7-4C31-AC4F-14AAE48595E0}d:\\spill\\warcraft iii\\war3.exe"= TCP:d:\spill\warcraft iii\war3.exe:Warcraft III "TCP Query User{2B3B576F-0796-44B6-B206-F6A82DBF84C4}c:\\program files\\opera\\opera.exe"= UDP:c:\program files\opera\opera.exe:Opera Internet Browser "UDP Query User{5E448F4E-9F70-478B-B2F6-E7C8057B3CE5}c:\\program files\\opera\\opera.exe"= TCP:c:\program files\opera\opera.exe:Opera Internet Browser "TCP Query User{0816D5B8-DBF4-4F6C-AB9A-2EA9557451C6}d:\\spill\\steam\\steamapps\\wardeen\\team fortress 2\\hl2.exe"= UDP:d:\spill\steam\steamapps\wardeen\team fortress 2\hl2.exe:hl2 "UDP Query User{9F0C1CF2-0A80-4DE8-A08F-9EEAC66C6D0E}d:\\spill\\steam\\steamapps\\wardeen\\team fortress 2\\hl2.exe"= TCP:d:\spill\steam\steamapps\wardeen\team fortress 2\hl2.exe:hl2 "TCP Query User{31A4724C-3AA7-43A8-8DDF-9E5E682C67B5}c:\\program files\\hamachi\\hamachi.exe"= UDP:c:\program files\hamachi\hamachi.exe:Hamachi Client "UDP Query User{3FD6C1A4-B654-4D09-A7E5-E33C580BE344}c:\\program files\\hamachi\\hamachi.exe"= TCP:c:\program files\hamachi\hamachi.exe:Hamachi Client "TCP Query User{86461A9F-A7A4-46E5-97D8-57A6F5A36851}c:\\program files\\garena\\garena.exe"= UDP:c:\program files\garena\garena.exe:Garena "UDP Query User{FF167EFD-F0BF-462F-9D3C-CD9A488F9655}c:\\program files\\garena\\garena.exe"= TCP:c:\program files\garena\garena.exe:Garena "TCP Query User{463C3EA0-F277-46B6-B5F1-9E2484602747}c:\\program files\\skype\\phone\\skype.exe"= UDP:c:\program files\skype\phone\skype.exe:Skype. Take a deep breath "UDP Query User{42B8468A-538C-4D8E-8985-05D0CB22E92B}c:\\program files\\skype\\phone\\skype.exe"= TCP:c:\program files\skype\phone\skype.exe:Skype. Take a deep breath "{634C1158-C10C-4EFF-86E4-BAD680F7AC4D}"= c:\program files\AVG\AVG8\avgupd.exe:avgupd.exe "TCP Query User{1F952847-0AD4-45A3-A638-C1AE3479E3B3}c:\\program files\\internet explorer\\iexplore.exe"= UDP:c:\program files\internet explorer\iexplore.exe:Internet Explorer "UDP Query User{C5343624-0C0E-4AE5-9AB8-4F50F94C4B05}c:\\program files\\internet explorer\\iexplore.exe"= TCP:c:\program files\internet explorer\iexplore.exe:Internet Explorer "TCP Query User{0AEA8F5A-C3CD-47A4-9B87-5B93F9452646}d:\\spill\\warcraft iii\\listchecker\\pickup.listchecker.exe"= UDP:d:\spill\warcraft iii\listchecker\pickup.listchecker.exe:pickup.listchecker "UDP Query User{7F600146-8D2E-4114-90E6-2D0C6364409F}d:\\spill\\warcraft iii\\listchecker\\pickup.listchecker.exe"= TCP:d:\spill\warcraft iii\listchecker\pickup.listchecker.exe:pickup.listchecker "TCP Query User{AE9AD3FB-71F6-4566-89B8-BE856D36B297}d:\\spill\\warcraft iii\\listchecker\\pickup.listchecker.exe"= UDP:d:\spill\warcraft iii\listchecker\pickup.listchecker.exe:pickup.listchecker "UDP Query User{E062B83D-9E20-49DB-879F-C30D624FA315}d:\\spill\\warcraft iii\\listchecker\\pickup.listchecker.exe"= TCP:d:\spill\warcraft iii\listchecker\pickup.listchecker.exe:pickup.listchecker "TCP Query User{23FDBEAC-2483-4EFA-8F2E-B1F8A55C270B}c:\\program files\\skype\\phone\\skype.exe"= UDP:c:\program files\skype\phone\skype.exe:Skype. Take a deep breath "UDP Query User{28BC8BA1-DACB-4D1D-B8A1-81C561D02F14}c:\\program files\\skype\\phone\\skype.exe"= TCP:c:\program files\skype\phone\skype.exe:Skype. Take a deep breath "TCP Query User{46CAFB9A-9A11-42FC-84E1-F79EAB66CDE1}d:\\spill\\steam\\steamapps\\wardeen\\team fortress 2\\hl2.exe"= UDP:d:\spill\steam\steamapps\wardeen\team fortress 2\hl2.exe:hl2 "UDP Query User{33F3D160-1349-4E91-9CD6-949248231B64}d:\\spill\\steam\\steamapps\\wardeen\\team fortress 2\\hl2.exe"= TCP:d:\spill\steam\steamapps\wardeen\team fortress 2\hl2.exe:hl2 "{2D2C5581-6F9E-408B-AB47-3BDA4606ABC6}"= UDP:c:\program files\uTorrent\uTorrent.exe:µTorrent (TCP-In) "{E2CF229E-8D19-4D46-AF27-F82D35062FF5}"= TCP:c:\program files\uTorrent\uTorrent.exe:µTorrent (UDP-In) "TCP Query User{9F06E215-AF51-4787-B48E-AF0BDABC16EB}c:\\program files\\spotify\\spotify.exe"= UDP:c:\program files\spotify\spotify.exe:Spotify "UDP Query User{3E95CDD6-5C75-4047-9291-683EEAE47C61}c:\\program files\\spotify\\spotify.exe"= TCP:c:\program files\spotify\spotify.exe:Spotify "TCP Query User{1DA93760-9C74-4B4E-8395-3D2BDD464CFE}c:\\program files\\spotify\\spotify.exe"= UDP:c:\program files\spotify\spotify.exe:Spotify "UDP Query User{5B345665-C139-4521-BCD4-C15590735CF0}c:\\program files\\spotify\\spotify.exe"= TCP:c:\program files\spotify\spotify.exe:Spotify "{4AA6846C-38B8-41DD-968B-9BD42F3E6045}"= c:\program files\Skype\Phone\Skype.exe:Skype "TCP Query User{EB5F18DE-DE10-48EE-A1A3-ABF172AEC869}d:\\spill\\counter-strike 1.6\\hl.exe"= UDP:d:\spill\counter-strike 1.6\hl.exe:Half-Life Launcher "UDP Query User{0DEE7933-2DDC-489C-B3AC-5E6200A74322}d:\\spill\\counter-strike 1.6\\hl.exe"= TCP:d:\spill\counter-strike 1.6\hl.exe:Half-Life Launcher "TCP Query User{E203FBD5-6328-40C2-9F33-617262484E7B}g:\\spill\\cod\\codmp.exe"= UDP:g:\spill\cod\codmp.exe:CoDMP "UDP Query User{E08E2684-7A9B-481E-AA3A-B1D4219DB38E}g:\\spill\\cod\\codmp.exe"= TCP:g:\spill\cod\codmp.exe:CoDMP "TCP Query User{73D47DD9-168F-4B83-AACC-C761A8A6E8EA}d:\\spill\\red alert 2\\game.exe"= UDP:d:\spill\red alert 2\game.exe:Main executable for Red Alert 2 "UDP Query User{E649DD6F-16A6-4859-9D13-569FC520BB2D}d:\\spill\\red alert 2\\game.exe"= TCP:d:\spill\red alert 2\game.exe:Main executable for Red Alert 2 "TCP Query User{68C78DEF-299E-456F-9CE2-1207826575F8}d:\\spill\\cod\\codmp.exe"= UDP:d:\spill\cod\codmp.exe:CoDMP "UDP Query User{D8750075-A44D-4D16-8689-F1C23506D0A8}d:\\spill\\cod\\codmp.exe"= TCP:d:\spill\cod\codmp.exe:CoDMP "{DDC4B843-FFFA-478E-B590-E931BB572E20}"= UDP:c:\program files\Ventrilo\Ventrilo.exe:Ventrilo.exe "{9788D75F-A029-452D-B5FE-14C2992626B5}"= TCP:c:\program files\Ventrilo\Ventrilo.exe:Ventrilo.exe "TCP Query User{8AA5371E-38D2-4818-BA4F-7E7F05E9CC19}c:\\users\\torbjørn\\desktop\\red alert 2\\game.exe"= UDP:c:\users\torbjørn\desktop\red alert 2\game.exe:game.exe "UDP Query User{EF26FEF0-8502-407A-92E5-7713B15B8711}c:\\users\\torbjørn\\desktop\\red alert 2\\game.exe"= TCP:c:\users\torbjørn\desktop\red alert 2\game.exe:game.exe "TCP Query User{B35BE4CD-3B7F-4B17-99E8-D6251758ADB4}c:\\users\\torbjørn\\desktop\\visualboyadvance.exe"= UDP:c:\users\torbjørn\desktop\visualboyadvance.exe:visualboyadvance.exe "UDP Query User{AE85F984-0094-4453-AADF-D5659D82FB14}c:\\users\\torbjørn\\desktop\\visualboyadvance.exe"= TCP:c:\users\torbjørn\desktop\visualboyadvance.exe:visualboyadvance.exe R0 iaNvStor;Intel® Turbo Memory Technology NAND Controller;c:\windows\System32\drivers\iaNvStor.sys [22.09.2007 19:47 210432] R0 Lbd;Lbd;c:\windows\System32\drivers\Lbd.sys [04.05.2009 15:52 64160] R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\System32\drivers\avgldx86.sys [26.04.2008 16:45 325896] R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};{49DE1C67-83F8-4102-99E0-C16DCC7EEC796};c:\program files\Acer Arcade Deluxe\Play Movie\000.fcl [22.09.2007 19:56 13560] R2 avg8wd;AVG8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [26.04.2008 16:45 298776] R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\System32\drivers\b57nd60x.sys [14.07.2007 00:44 179712] R3 DAdderFltr;DeathAdder Mouse;c:\windows\System32\drivers\dadder.sys [09.11.2007 16:35 22784] R3 NETw5v32;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\System32\drivers\NETw5v32.sys [17.11.2008 08:40 3668480] R3 winbondcir;Winbond IR Transceiver;c:\windows\System32\drivers\winbondcir.sys [14.07.2007 00:44 43008] S2 RPCER;Remote Procedure Call (HNM);c:\program files\Common Files\ODBC\comp.exe --> c:\program files\Common Files\ODBC\comp.exe [?] S3 CyUsb;Cypress Generic USB Driver;c:\windows\System32\drivers\CYUSB.sys [09.11.2007 16:35 31104] S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files\MAGIX\Common\Database\bin\fbserver.exe [26.04.2009 17:19 1527900] S3 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [09.03.2009 21:06 1005904] S3 NPF;NetGroup Packet Filter Driver;c:\windows\System32\drivers\npf.sys [06.11.2007 22:22 34064] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] bthsvcs REG_MULTI_SZ BthServ . Innholdet i mappen 'Scheduled Tasks' (planlagte oppgaver) 2009-06-15 c:\windows\Tasks\Ad-Aware Update (Weekly).job - c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-03-09 13:54] . . ------- Tilleggsskanning ------- . uStart Page = hxxp://www.www.daemon-search.com/default uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7 mStart Page = hxxp://no.intl.acer.yahoo.com uInternet Settings,ProxyServer = hydra.stfk.no:8080 uSearchURL,(Default) = hxxp://uk.rd.yahoo.com/customize/ycomp/defaults/su/*http://uk.yahoo.com IE: E&ksporter til Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-06-19 21:42 Windows 6.0.6001 Service Pack 1 NTFS skanner skjulte prosesser ... skanner skjulte autostart-oppføringer ... skanner skjulte filer ... skanning vellykket skjulte filer: 0 ************************************************************************** [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\{49DE1C67-83F8-4102-99E0-C16DCC7EEC796}] "ImagePath"="\??\c:\program files\Acer Arcade Deluxe\Play Movie\000.fcl" . --------------------- LÅSTE REGISTERNØKLER --------------------- [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . Tidspunkt ferdig: 2009-06-19 21:44 ComboFix-quarantined-files.txt 2009-06-19 19:44 ComboFix2.txt 2009-06-11 21:37 ComboFix3.txt 2009-04-06 14:00 Pre-Run: 11 441 217 536 byte ledig Post-Run: 11 086 573 568 byte ledig 469 --- E O F --- 2009-06-15 23:45 På forhånd takk! Endret 21. juni 2009 av Tobye Lenke til kommentar
raWrz Skrevet 19. juni 2009 Del Skrevet 19. juni 2009 Hei Start MBAM - klikk på fanen oppdater og oppdater MBAm til nyeste verson. kjør en ny skann og hvis den finner noe da så lager du en ny combofix logg Lenke til kommentar
tobler0ne Skrevet 19. juni 2009 Forfatter Del Skrevet 19. juni 2009 Ante meg at jeg kanskje burde oppdatere den . Uansett, den fant ikke noe nytt :/. Klikk for å se/fjerne innholdet nedenfor Malwarebytes' Anti-Malware 1.38Databaseversjon: 2309 Windows 6.0.6001 Service Pack 1 20.06.2009 00:27:03 mbam-log-2009-06-20 (00-27-03).txt Skanntype: Rask Skann Objekter skannet: 79742 Tid tilbakelagt: 6 minute(s), 17 second(s) Minneprosesser infisert: 0 Minnemoduler infisert: 0 Registernøkler infisert: 0 Registerverdier infisert: 0 Registerfiler infisert: 0 Mapper infisert: 0 Filer infisert: 0 Minneprosesser infisert: (Ingen mistenkelige filer funnet) Minnemoduler infisert: (Ingen mistenkelige filer funnet) Registernøkler infisert: (Ingen mistenkelige filer funnet) Registerverdier infisert: (Ingen mistenkelige filer funnet) Registerfiler infisert: (Ingen mistenkelige filer funnet) Mapper infisert: (Ingen mistenkelige filer funnet) Filer infisert: (Ingen mistenkelige filer funnet) Lenke til kommentar
snippsat Skrevet 20. juni 2009 Del Skrevet 20. juni 2009 (endret) Combofix loggen ser grei ut. Du kan godt fjerne ad-adware og spybot og beholde MBAM. Last ned kjør CCleaner 'Valg'->'Avansert'. Fjern avkryssingen framfor: "bare slett midlertidige filer som er eldere enn 48 t. Kjør register-renser "svar ja til og reparere" --> backup svar ja når du blir spørt. Kjør register-renser et par ganger til alle feil er borte. Auslogics Disk Defrag(gratis) http://www.auslogics.com/en/software/disk-defrag Oppdatere avg og ta en scann. Se om pcen er blitt litt raskere etter dette. Endret 20. juni 2009 av SNIPPSAT Lenke til kommentar
tobler0ne Skrevet 20. juni 2009 Forfatter Del Skrevet 20. juni 2009 Spybot installerte jeg for lenge siden bare for å prøve det. Jeg avinstallerte det ikke lenge etter, så jeg vet ikke hvorfor det er spor etter det på PCen enda. Merket den selv da jeg skulle kjøre CF. CCleaner bruker jeg støtt og stadig med de innstillingene, så den er grei . Kjører Disc Defrag nå (er den som er med i operativsystemet dårlig, altsp?) og tar en ny AVG-scan etterpå, så får vi se . Lenke til kommentar
tobler0ne Skrevet 20. juni 2009 Forfatter Del Skrevet 20. juni 2009 AVG finner fremdeles denne "trojaneren" da. Det står bl.a.: Object name: C:\Program Files\Image-Line\Toxic Biohazard\Toxic Biohazard.dll Detection name: Trojan horse BackDoor.Hupigon4.RCG Men dette kan jeg bare ignorere, en false positive? Lenke til kommentar
snippsat Skrevet 20. juni 2009 Del Skrevet 20. juni 2009 (endret) Men dette kan jeg bare ignorere, en false positive? Kan nok være det scann filen her virustotal Edit:Denne filen har blitt sjekket av AVG. Dem har har konkludert at det er en falsk posetiv. Endret 20. juni 2009 av SNIPPSAT Lenke til kommentar
tobler0ne Skrevet 21. juni 2009 Forfatter Del Skrevet 21. juni 2009 Ok, takker for all hjelp! Lenke til kommentar
Anbefalte innlegg
Opprett en konto eller logg inn for å kommentere
Du må være et medlem for å kunne skrive en kommentar
Opprett konto
Det er enkelt å melde seg inn for å starte en ny konto!
Start en kontoLogg inn
Har du allerede en konto? Logg inn her.
Logg inn nå