Spywarefri Forum | win 7 anti spyware 2012 ... igen :-(

1 af 3

win 7 anti spyware 2012 ... igen :-(

[ Ignorer ] H-C
18.12.2011 23:15:21 Antal indlæg: 49	Troede jeg havde fået ordnet problemet, men åbenbart ikke godt nok. Derfor må jeg hellere følge jeres råd istedet! Computeren er igen begyndt med at komme frem med win7 anti spyware 2012 beskeder. Hvad kan jeg gøre for at rense computeren “korrekt” ? Mvh H-C
[ Ignorer ] [ # 1 ] H-C
19.12.2011 00:36:20 Antal indlæg: 49	Jeg har ny kørt en scanning med Spywareblaster S&D og fjernet alt den fandt. Nu kommer den ikke mere med pop ups, men kan jeg være sikker på det nu er væk?
[ Ignorer ] [ # 2 ] f-arn TeamSpywarefri
19.12.2011 07:19:13 Administrator Team Spywarefri Antal indlæg: 4202	Hej Til 32 bit Windows, hent Farbar Recovery Scan Tool og gem den på en USB nøgle. Til 64 bit Windows, hent Farbar Recovery Scan Tool x64 og gem den på en USB nøgle. Sæt USB nøglen i den inficerede PC. Start PCen op med “Advanced Boot Options” (Tryk F8 flere gange under opstart) Vælg “Repair Your Computer” Vælg sprog. Vælg Bruger konto. Så skal du vælge Kommando Prompt. Der skriver du notepad, og trykker <Enter> Vælg Fil menu -> Åbn og vælg “Computer”. Find drevbogstavet til din USB nøgle. Luk Notesblok. Ved Kommando prompten skriver du e:\frst.exe (64 bit Windows e:\frst64) Erstat e med det rigtige bogstav. Når Farbar Recovery Scan Tool er startet, klikker du på Scan. Den laver FRST.txt på USB nøglen. Kopier den herind i dit næste indlæg. Signatur Undlad venligst at vedhæfte logs, medmindre du bliver bedt om det !
[ Ignorer ] [ # 3 ] H-C
20.12.2011 06:53:04 Antal indlæg: 49	Her kommer loggen: Scan result of Farbars’s Recovery Tool (FRST written by farbar) Version 2.3.0 Ran by SYSTEM at 2011-12-19 22:47:25 Running from E:\ Windows 7 Home Premium (X64) OS Language: English(US) The current controlset is ControlSet001 ========================== Registry (Whitelisted) ============= HKLM\...\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [10134560 2010-03-19] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE3 [896032 2010-03-19] (Realtek Semiconductor) HKLM\...\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [2052392 2010-03-10] (Synaptics Incorporated) HKLM\...\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE [505696 2009-11-05] (TOSHIBA Corporation) HKLM\...\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe [508216 2009-07-28] (TOSHIBA Corporation) HKLM\...\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe [913720 2010-03-03] (TOSHIBA Corporation) HKLM\...\Run: [ThpSrv] C:\windows\system32\thpsrv /logon [x] HKLM\...\Run: [SmartFaceVWatcher] %ProgramFiles%\Toshiba\SmartFaceV\SmartFaceVWatcher.exe [238080 2009-10-19] (TOSHIBA Corporation) HKLM\...\Run: [Teco] “%ProgramFiles%\TOSHIBA\TECO\Teco.exe” /r [1489760 2010-04-06] (TOSHIBA Corporation) HKLM\...\Run: [TosWaitSrv] %ProgramFiles%\TOSHIBA\TPHM\TosWaitSrv.exe [705368 2010-02-23] (TOSHIBA Corporation) HKLM\...\Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA Corporation) HKLM\...\Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [709976 2010-02-05] (TOSHIBA Corporation) HKLM\...\Run: [TosNC] %ProgramFiles%\Toshiba\BulletinBoard\TosNcCore.exe [595816 2010-03-19] (TOSHIBA Corporation) HKLM\...\Run: [TosReelTimeMonitor] %ProgramFiles%\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [35672 2010-03-03] (TOSHIBA Corporation) HKLM-x32\...\Run: [TSleepSrv] %ProgramFiles(x86)%\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe [x] HKLM-x32\...\Run: [ToshibaAppPlace] “C:\Program Files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe” [552960 2010-06-11] (Toshiba) HKLM-x32\...\Run: [StartCCC] “C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe” MSRun [102400 2010-06-28] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [SVPWUTIL] C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL [352256 2010-02-22] (TOSHIBA CORPORATION) HKLM-x32\...\Run: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe hwSetUP [423936 2010-03-04] (TOSHIBA Electronics, Inc.) HKLM-x32\...\Run: [KeNotify] C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe [34160 2009-12-25] (TOSHIBA CORPORATION) HKLM-x32\...\Run: [ToshibaServiceStation] “C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe” /hide:60 [1294136 2009-10-06] (TOSHIBA Corporation) HKLM-x32\...\Run: [NortonOnlineBackupReminder] “C:\Program Files (x86)\Toshiba\Toshiba Online Backup\Activation\TOBuActivation.exe” UNATTENDED [3218792 2010-06-02] (Toshiba) HKLM-x32\...\Run: [avast] “C:\Program Files\AVAST Software\Avast\avastUI.exe” /nogui [3744552 2011-11-28] (AVAST Software) HKLM-x32\...\Run: [stup.exe] C:\PROGRA~1\TENCENT\SSPlus\Stup.exe [85832 2009-09-01] (??) HKLM-x32\...\Run: [ QQPCTray] “C:\Program Files (x86)\Tencent\QQPCMgr\5.0.1415.205\QQPCTray.exe” /regrun [2319736 2011-09-05] (Tencent) HKLM-x32\...\Run: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [58656 2011-04-20] (Apple Inc.) HKLM-x32\...\Run: [Anti-phishing Domain Advisor] “C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe” [217256 2011-07-29] (Visicom Media Inc. (Powered by Panda Security)) HKLM-x32\...\Run: [APSDaemon] “C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe” [59240 2011-11-01] (Apple Inc.) HKU\sun\...\Run: [DW6] “C:\Program Files (x86)\The Weather Channel FW\Desktop\DesktopWeather.exe” [x] HKU\sun\...\Run: [Akamai NetSession Interface] “C:\Users\sun\AppData\Local\Akamai\netsession_win.exe” [3305760 2011-12-12] (Akamai Technologies, Inc) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 ==================== Services (Whitelisted) ====== 2 avast! Antivirus; “C:\Program Files\AVAST Software\Avast\AvastSvc.exe” [44768 2011-11-28] (AVAST Software) 2 KSDSVC; C:\Program Files (x86)\Kingsoft\PowerWord PE\ksdsvc.exe [25240 2009-10-29] (Kingsoft Corporation) 2 Norton PC Checkup Application Launcher; C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.3.198\SymcPCCULaunchSvc.exe /s [135608 2011-12-09] (Symantec Corporation) 2 PCCUJobMgr; “C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.3.198\ccSvcHst.exe” /s “PCCUJobMgr” /m “C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.3.198\diMaster.dll” /prefetch:1 [132984 2009-08-29] (Symantec Corporation) 2 QQPCRTP; C:\Program Files (x86)\Tencent\QQPCMgr\5.0.1415.205\QQPCRtp.exe -r [890360 2011-07-15] (Tencent) 2 Thpsrv; C:\windows\system32\ThpSrv.exe [531520 2009-10-21] (TOSHIBA Corporation) 2 Updater Service for StartNow Toolbar; C:\Program Files (x86)\StartNow Toolbar\ToolbarUpdaterService.exe [244960 2011-10-25] () ========================== Drivers (Whitelisted) ============= 2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [24408 2011-11-28] (AVAST Software) 2 aswMonFlt; \??\C:\windows\system32\drivers\aswMonFlt.sys [66904 2011-11-28] (AVAST Software) 1 aswRdr; C:\Windows\System32\Drivers\aswRdr.sys [42328 2011-11-28] (AVAST Software) 1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [591192 2011-11-28] (AVAST Software) 1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [304472 2011-11-28] (AVAST Software) 1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [58712 2011-11-28] (AVAST Software) 3 QQSysMon; \??\C:\Program Files (x86)\Tencent\QQPCMgr\5.0.1415.205\QQSysMon.sys [61568 2011-06-06] (Tencent) 3 TcHardWare; \??\C:\Program Files (x86)\Tencent\QQPCMgr\5.0.1415.205\QQPCHW-x64.sys [36992 2011-06-06] (Tencent) 1 TCSafeBox; \??\C:\Program Files (x86)\Tencent\QQPCMgr\5.0.1415.205\TCSafebox64.sys [31872 2011-06-06] (Tencent) 1 TSKSP; \??\C:\Program Files (x86)\Tencent\QQPCMgr\5.0.1415.205\TSKsp.sys [164216 2011-12-15] (Tencent) 0 TSysCare; C:\Windows\System32\Drivers\TSysCare64.sys [22456 2011-05-25] (Tencent) 1 TSDefenseBt; C:\Windows\System32\DRIVERS\TSDefenseBt.sys [x] ========================== NetSvcs (Whitelisted) =========== ============ One Month Created Files and Folders ============== 2011-12-19 22:46 - 2011-12-19 22:47 - 0000000 ____D C:\FRST 2011-12-18 14:39 - 2011-12-19 01:25 - 0000000 ____D C:\Program Files (x86)\Malwarebytes’ Anti-Malware 2011-12-16 10:55 - 2011-12-19 01:25 - 0000000 ____D C:\Users\All Users\Spybot - Search & Destroy 2011-12-16 10:55 - 2011-12-19 01:25 - 0000000 ____D C:\ProgramData\Spybot - Search & Destroy 2011-12-16 10:55 - 2011-12-19 01:25 - 0000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2011-12-15 18:02 - 2011-12-15 18:02 - 0000000 ____D C:\Users\sun\AppData\Roaming\Malwarebytes 2011-12-15 18:02 - 2011-12-15 18:02 - 0000000 ____D C:\Users\All Users\Malwarebytes 2011-12-15 18:02 - 2011-12-15 18:02 - 0000000 ____D C:\ProgramData\Malwarebytes 2011-12-15 17:25 - 2011-12-15 17:25 - 3552208 ____A (Piriform Ltd) C:\Users\sun\Downloads\ccsetup313.exe 2011-12-14 21:36 - 2011-12-19 01:25 - 0000000 ____D C:\12 2011-12-14 21:34 - 2011-11-10 22:41 - 12370944 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll 2011-12-14 21:34 - 2011-11-04 21:23 - 9332736 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll 2011-12-14 21:34 - 2011-11-04 20:34 - 5997568 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2011-12-14 21:33 - 2011-11-23 21:00 - 3141632 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys 2011-12-14 21:33 - 2011-11-10 22:41 - 0247808 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll 2011-12-14 21:33 - 2011-11-10 21:50 - 10990080 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2011-12-14 21:33 - 2011-11-10 21:50 - 0176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2011-12-14 21:33 - 2011-11-04 21:26 - 1501184 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll 2011-12-14 21:33 - 2011-11-04 21:26 - 1197568 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll 2011-12-14 21:33 - 2011-11-04 21:26 - 0134144 ____A (Microsoft Corporation) C:\Windows\System32\url.dll 2011-12-14 21:33 - 2011-11-04 21:23 - 1026560 ____A (Microsoft Corporation) C:\Windows\System32\mstime.dll 2011-12-14 21:33 - 2011-11-04 21:23 - 0703488 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll 2011-12-14 21:33 - 2011-11-04 21:23 - 0097280 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll 2011-12-14 21:33 - 2011-11-04 21:23 - 0082944 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll 2011-12-14 21:33 - 2011-11-04 21:23 - 0057856 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll 2011-12-14 21:33 - 2011-11-04 21:22 - 2458624 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll 2011-12-14 21:33 - 2011-11-04 21:22 - 0445952 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll 2011-12-14 21:33 - 2011-11-04 21:22 - 0256000 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll 2011-12-14 21:33 - 2011-11-04 21:22 - 0064512 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll 2011-12-14 21:33 - 2011-11-04 21:19 - 0012288 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe 2011-12-14 21:33 - 2011-11-04 21:17 - 0002048 ____A (Microsoft Corporation) C:\Windows\System32\tzres.dll 2011-12-14 21:33 - 2011-11-04 20:35 - 1230336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2011-12-14 21:33 - 2011-11-04 20:35 - 0981504 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2011-12-14 21:33 - 2011-11-04 20:35 - 0132096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll 2011-12-14 21:33 - 2011-11-04 20:34 - 2072576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2011-12-14 21:33 - 2011-11-04 20:34 - 0606208 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mstime.dll 2011-12-14 21:33 - 2011-11-04 20:34 - 0599552 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2011-12-14 21:33 - 2011-11-04 20:34 - 0185856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll 2011-12-14 21:33 - 2011-11-04 20:34 - 0067072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2011-12-14 21:33 - 2011-11-04 20:34 - 0064512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll 2011-12-14 21:33 - 2011-11-04 20:34 - 0048128 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2011-12-14 21:33 - 2011-11-04 20:34 - 0044544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll 2011-12-14 21:33 - 2011-11-04 20:33 - 0381440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2011-12-14 21:33 - 2011-11-04 20:32 - 0012800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe 2011-12-14 21:33 - 2011-11-04 20:30 - 0002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll 2011-12-14 21:33 - 2011-11-04 20:07 - 0482816 ____A (Microsoft Corporation) C:\Windows\System32\html.iec 2011-12-14 21:33 - 2011-11-04 19:28 - 0386048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2011-12-14 21:33 - 2011-11-04 19:25 - 1638912 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb 2011-12-14 21:33 - 2011-11-04 18:55 - 1638912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2011-12-14 21:33 - 2011-10-25 21:19 - 0043520 ____A (Microsoft Corporation) C:\Windows\System32\csrsrv.dll 2011-12-14 21:33 - 2011-10-14 22:25 - 0723456 ____A (Microsoft Corporation) C:\Windows\System32\EncDec.dll 2011-12-14 21:33 - 2011-10-14 21:48 - 0534528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\EncDec.dll 2011-12-13 01:11 - 2011-02-20 07:58 - 0972800 ____A C:\Users\sun\Desktop\XP Anti-Spyware 2011 Removal Tool.exe 2011-12-12 23:27 - 2011-12-12 23:27 - 0389120 ____A C:\Users\sun\Documents\0gemJm04.exe 2011-12-12 02:25 - 2011-12-12 02:26 - 7890272 ____A (Mozilla) C:\Users\sun\Downloads\Firefox Setup 3.6.24.exe 2011-12-08 02:13 - 2011-12-08 02:13 - 0001856 ____A C:\Users\Public\Desktop\QuickTime Player.lnk 2011-12-08 02:13 - 2011-12-08 02:13 - 0000000 ____D C:\Program Files (x86)\QuickTime 2011-12-08 02:10 - 2011-12-08 02:10 - 0001794 ____A C:\Users\Public\Desktop\iTunes.lnk 2011-12-08 02:10 - 2011-12-08 02:10 - 0000000 ____D C:\Program Files\iTunes 2011-12-08 02:10 - 2011-12-08 02:10 - 0000000 ____D C:\Program Files\iPod 2011-12-08 02:10 - 2011-12-08 02:10 - 0000000 ____D C:\Program Files (x86)\iTunes 2011-12-07 00:31 - 2011-12-07 00:31 - 0046983 ____A C:\Users\sun\Downloads\hc.jpg 2011-12-05 19:56 - 2011-12-05 19:56 - 288473463 ____A C:\Windows\MEMORY.DMP 2011-12-05 19:56 - 2011-12-05 19:56 - 0274680 ____A C:\Windows\Minidump\120511-38407-01.dmp 2011-12-01 00:39 - 2011-12-01 00:39 - 0147018 ____A C:\Users\sun\Downloads\UniversityOfChicagoGraduateApplication.pdf 2011-11-28 22:06 - 2011-11-28 22:06 - 0000000 ____D C:\Users\All Users\regid.1986-12.com.adobe 2011-11-28 22:06 - 2011-11-28 22:06 - 0000000 ____D C:\ProgramData\regid.1986-12.com.adobe 2011-11-28 21:51 - 2011-11-28 21:51 - 0030208 ____A C:\Users\sun\Downloads\Sequencing Protocol(1).doc 2011-11-28 20:55 - 2011-12-19 19:57 - 0000000 ____D C:\Users\sun\AppData\Local\Akamai 2011-11-28 20:53 - 2011-11-28 20:54 - 8482536 ____A C:\Users\sun\Downloads\Adobe_Acrobat_X_Pro-AkamaiDLM.exe 2011-11-28 10:11 - 2011-12-19 20:30 - 0000000 ____D C:\Users\All Users\Anti-phishing Domain Advisor 2011-11-28 10:11 - 2011-12-19 20:30 - 0000000 ____D C:\ProgramData\Anti-phishing Domain Advisor 2011-11-28 10:11 - 2011-11-28 10:12 - 0000000 ____D C:\Users\sun\AppData\Roaming\SumatraPDF 2011-11-28 10:11 - 2011-11-28 10:11 - 0000000 ____D C:\Users\sun\AppData\Local\antiphishing-vmninternethelper1_1dn 2011-11-28 10:11 - 2011-11-28 10:11 - 0000000 ____D C:\Users\All Users\Tarma Installer 2011-11-28 10:11 - 2011-11-28 10:11 - 0000000 ____D C:\ProgramData\Tarma Installer 2011-11-28 10:11 - 2011-11-28 10:11 - 0000000 ____D C:\Program Files (x86)\Yontoo Layers Runtime 2011-11-28 10:10 - 2011-11-28 10:11 - 0000237 ____A C:\user.js 2011-11-28 10:10 - 2011-11-28 10:10 - 0000000 ____D C:\Users\sun\AppData\Roaming\Babylon 2011-11-28 10:10 - 2011-11-28 10:10 - 0000000 ____D C:\Users\sun\AppData\Local\Babylon 2011-11-28 10:10 - 2011-11-28 10:10 - 0000000 ____D C:\Users\All Users\Babylon 2011-11-28 10:10 - 2011-11-28 10:10 - 0000000 ____D C:\ProgramData\Babylon 2011-11-28 10:10 - 2011-11-28 10:10 - 0000000 ____D C:\Program Files (x86)\SumatraPDF 2011-11-28 10:09 - 2011-11-28 10:10 - 0172616 ____A (AirInstaller) C:\Users\sun\Downloads\Sumatra_PDF_setup.exe 2011-11-28 09:18 - 2011-11-28 09:18 - 0002515 ____A C:\Users\Public\Desktop\Skype.lnk 2011-11-28 09:09 - 2011-12-14 12:37 - 0069112 ____A (Tencent) C:\Windows\SysWOW64\Drivers\TSDefenseBt.sys 2011-11-25 22:28 - 2011-11-25 22:29 - 5342064 ____A C:\Users\sun\Downloads\YouTubeDownloaderSetup34.exe 2011-11-22 11:24 - 2011-11-22 11:24 - 0000162 ___AH C:\Users\sun\Desktop\~$chools.docx 2011-11-21 18:15 - 2011-11-21 18:15 - 0062990 ____A C:\Users\sun\Downloads\SOP Blank Invoice Form.pdf 2011-11-21 13:19 - 2011-11-21 13:19 - 0083456 ____A C:\Users\sun\Downloads\referee.doc 2011-11-19 21:09 - 2011-11-19 21:10 - 0386048 ____A C:\Users\sun\Downloads\2008128103732829.doc ============ 3 Months Modified Files and Folders ============= 2011-12-19 22:47 - 2011-12-19 22:46 - 0000000 ____D C:\FRST 2011-12-19 20:30 - 2011-11-28 10:11 - 0000000 ____D C:\Users\All Users\Anti-phishing Domain Advisor 2011-12-19 20:30 - 2011-11-28 10:11 - 0000000 ____D C:\ProgramData\Anti-phishing Domain Advisor 2011-12-19 20:29 - 2011-09-23 20:26 - 0013282 ____A C:\Windows\setupact.log 2011-12-19 20:29 - 2011-06-20 11:33 - 1405898752 __ASH C:\hiberfil.sys 2011-12-19 20:29 - 2009-07-13 21:08 - 0000006 ___AH C:\Windows\Tasks\SA.DAT 2011-12-19 20:27 - 2009-07-13 20:45 - 0016304 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2011-12-19 20:27 - 2009-07-13 20:45 - 0016304 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2011-12-19 20:18 - 2011-06-20 11:39 - 1884336 ____A C:\Windows\WindowsUpdate.log 2011-12-19 20:14 - 2009-07-13 21:13 - 0726316 ____A C:\Windows\System32\PerfStringBackup.INI 2011-12-19 19:57 - 2011-11-28 20:55 - 0000000 ____D C:\Users\sun\AppData\Local\Akamai 2011-12-19 01:25 - 2011-12-18 14:39 - 0000000 ____D C:\Program Files (x86)\Malwarebytes’ Anti-Malware 2011-12-19 01:25 - 2011-12-16 10:55 - 0000000 ____D C:\Users\All Users\Spybot - Search & Destroy 2011-12-19 01:25 - 2011-12-16 10:55 - 0000000 ____D C:\ProgramData\Spybot - Search & Destroy 2011-12-19 01:25 - 2011-12-16 10:55 - 0000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2011-12-19 01:25 - 2011-12-14 21:36 - 0000000 ____D C:\12 2011-12-19 01:25 - 2011-09-23 17:28 - 0000000 ____D C:\Users\sun\AppData\Roaming\SogouExplorer 2011-12-19 01:25 - 2011-07-18 00:50 - 0000000 ____D C:\Windows\Minidump 2011-12-19 01:25 - 2011-07-01 21:55 - 0000000 ____D C:\Program Files (x86)\StartNow Toolbar 2011-12-19 01:25 - 2011-07-01 21:55 - 0000000 ____D C:\Program Files (x86)\Shop to Win 16 2011-12-19 01:25 - 2011-07-01 21:55 - 0000000 ____D C:\Program Files (x86)\Shop To Win 2011-12-19 01:25 - 2011-07-01 21:54 - 0000000 ____D C:\Program Files (x86)\Object 2011-12-19 01:25 - 2011-06-30 23:34 - 0000000 ____D C:\Program Files\TENCENT 2011-12-19 01:25 - 2011-06-21 23:32 - 0000000 ____D C:\Users\sun\AppData\Roaming\Tencent 2011-12-19 01:25 - 2011-06-20 12:19 - 0000000 ____D C:\Users\sun\AppData\LocalLow 2011-12-19 01:25 - 2010-08-13 13:01 - 0000000 ____D C:\Program Files\Google 2011-12-19 01:25 - 2010-08-13 13:01 - 0000000 ____D C:\Program Files (x86)\Google 2011-12-19 01:25 - 2009-07-13 21:37 - 0000000 ____D C:\Windows\SysWOW64\sysprep 2011-12-19 01:25 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\registration 2011-12-19 01:23 - 2011-11-14 11:20 - 0000000 ____D C:\Users\All Users\Real 2011-12-19 01:23 - 2011-11-14 11:20 - 0000000 ____D C:\ProgramData\Real 2011-12-19 01:23 - 2011-06-20 14:00 - 0000000 ____D C:\Users\sun\AppData\Local\Google 2011-12-19 00:16 - 2011-06-20 12:19 - 0000000 ____D C:\users\sun 2011-12-19 00:15 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\config\TxR 2011-12-15 18:02 - 2011-12-15 18:02 - 0000000 ____D C:\Users\sun\AppData\Roaming\Malwarebytes 2011-12-15 18:02 - 2011-12-15 18:02 - 0000000 ____D C:\Users\All Users\Malwarebytes 2011-12-15 18:02 - 2011-12-15 18:02 - 0000000 ____D C:\ProgramData\Malwarebytes 2011-12-15 17:36 - 2011-06-26 23:16 - 0000000 ____D C:\Users\sun\AppData\Local\CrashDumps 2011-12-15 17:36 - 2010-08-13 12:18 - 0000000 ____D C:\Windows\Panther 2011-12-15 17:25 - 2011-12-15 17:25 - 3552208 ____A (Piriform Ltd) C:\Users\sun\Downloads\ccsetup313.exe 2011-12-15 16:47 - 2011-06-30 17:10 - 0000000 ____D C:\Users\sun\AppData\Roaming\Skype 2011-12-15 02:25 - 2011-06-21 23:32 - 0000000 ____D C:\Users\sun\Documents\Tencent Files 2011-12-14 23:34 - 2009-07-13 20:45 - 0452000 ____A C:\Windows\System32\FNTCACHE.DAT 2011-12-14 23:32 - 2011-11-07 16:23 - 0002152 ____A C:\Windows\PFRO.log 2011-12-14 21:58 - 2011-06-21 23:02 - 0000000 ____D C:\Users\All Users\Microsoft Help 2011-12-14 21:58 - 2011-06-21 23:02 - 0000000 ____D C:\ProgramData\Microsoft Help 2011-12-14 12:37 - 2011-11-28 09:09 - 0069112 ____A (Tencent) C:\Windows\SysWOW64\Drivers\TSDefenseBt.sys 2011-12-12 23:50 - 2011-06-27 14:06 - 0000000 ____A C:\Windows\SysWOW64\config.nt 2011-12-12 23:41 - 2010-08-13 13:00 - 0000000 ____D C:\Users\All Users\Adobe 2011-12-12 23:41 - 2010-08-13 13:00 - 0000000 ____D C:\ProgramData\Adobe 2011-12-12 23:40 - 2011-06-20 12:23 - 0114272 ____A C:\Users\sun\AppData\Local\GDIPFONTCACHEV1.DAT 2011-12-12 23:27 - 2011-12-12 23:27 - 0389120 ____A C:\Users\sun\Documents\0gemJm04.exe 2011-12-12 18:48 - 2011-06-20 11:42 - 0000000 ____D C:\Windows\SysWOW64\SDA 2011-12-12 15:49 - 2009-07-13 21:08 - 0032598 ____A C:\Windows\Tasks\SCHEDLGU.TXT 2011-12-12 02:43 - 2011-06-24 22:38 - 0000000 ____D C:\Users\sun\AppData\Roaming\Apple Computer 2011-12-12 02:43 - 2011-06-24 22:38 - 0000000 ____D C:\Users\sun\AppData\Local\Apple Computer 2011-12-12 02:30 - 2011-11-05 20:07 - 0001954 ____A C:\Users\Public\Desktop\Mozilla Firefox.lnk 2011-12-12 02:30 - 2011-08-19 18:41 - 0000000 ____D C:\Program Files (x86)\Mozilla Firefox 2011-12-12 02:26 - 2011-12-12 02:25 - 7890272 ____A (Mozilla) C:\Users\sun\Downloads\Firefox Setup 3.6.24.exe 2011-12-08 02:13 - 2011-12-08 02:13 - 0001856 ____A C:\Users\Public\Desktop\QuickTime Player.lnk 2011-12-08 02:13 - 2011-12-08 02:13 - 0000000 ____D C:\Program Files (x86)\QuickTime 2011-12-08 02:12 - 2011-07-25 18:57 - 0000000 ____D C:\Program Files (x86)\Safari 2011-12-08 02:10 - 2011-12-08 02:10 - 0001794 ____A C:\Users\Public\Desktop\iTunes.lnk 2011-12-08 02:10 - 2011-12-08 02:10 - 0000000 ____D C:\Program Files\iTunes 2011-12-08 02:10 - 2011-12-08 02:10 - 0000000 ____D C:\Program Files\iPod 2011-12-08 02:10 - 2011-12-08 02:10 - 0000000 ____D C:\Program Files (x86)\iTunes 2011-12-07 00:31 - 2011-12-07 00:31 - 0046983 ____A C:\Users\sun\Downloads\hc.jpg 2011-12-05 19:56 - 2011-12-05 19:56 - 288473463 ____A C:\Windows\MEMORY.DMP 2011-12-05 19:56 - 2011-12-05 19:56 - 0274680 ____A C:\Windows\Minidump\120511-38407-01.dmp 2011-12-01 00:39 - 2011-12-01 00:39 - 0147018 ____A C:\Users\sun\Downloads\UniversityOfChicagoGraduateApplication.pdf 2011-11-28 22:07 - 2011-06-20 14:01 - 0000000 ____D C:\Users\sun\AppData\Roaming\Adobe 2011-11-28 22:06 - 2011-11-28 22:06 - 0000000 ____D C:\Users\All Users\regid.1986-12.com.adobe 2011-11-28 22:06 - 2011-11-28 22:06 - 0000000 ____D C:\ProgramData\regid.1986-12.com.adobe 2011-11-28 21:57 - 2010-08-13 13:00 - 0000000 ____D C:\Program Files (x86)\Adobe 2011-11-28 21:51 - 2011-11-28 21:51 - 0030208 ____A C:\Users\sun\Downloads\Sequencing Protocol(1).doc 2011-11-28 20:54 - 2011-11-28 20:53 - 8482536 ____A C:\Users\sun\Downloads\Adobe_Acrobat_X_Pro-AkamaiDLM.exe 2011-11-28 10:12 - 2011-11-28 10:11 - 0000000 ____D C:\Users\sun\AppData\Roaming\SumatraPDF 2011-11-28 10:11 - 2011-11-28 10:11 - 0000000 ____D C:\Users\sun\AppData\Local\antiphishing-vmninternethelper1_1dn 2011-11-28 10:11 - 2011-11-28 10:11 - 0000000 ____D C:\Users\All Users\Tarma Installer 2011-11-28 10:11 - 2011-11-28 10:11 - 0000000 ____D C:\ProgramData\Tarma Installer 2011-11-28 10:11 - 2011-11-28 10:11 - 0000000 ____D C:\Program Files (x86)\Yontoo Layers Runtime 2011-11-28 10:11 - 2011-11-28 10:10 - 0000237 ____A C:\user.js 2011-11-28 10:10 - 2011-11-28 10:10 - 0000000 ____D C:\Users\sun\AppData\Roaming\Babylon 2011-11-28 10:10 - 2011-11-28 10:10 - 0000000 ____D C:\Users\sun\AppData\Local\Babylon 2011-11-28 10:10 - 2011-11-28 10:10 - 0000000 ____D C:\Users\All Users\Babylon 2011-11-28 10:10 - 2011-11-28 10:10 - 0000000 ____D C:\ProgramData\Babylon 2011-11-28 10:10 - 2011-11-28 10:10 - 0000000 ____D C:\Program Files (x86)\SumatraPDF 2011-11-28 10:10 - 2011-11-28 10:09 - 0172616 ____A (AirInstaller) C:\Users\sun\Downloads\Sumatra_PDF_setup.exe 2011-11-28 10:01 - 2011-06-27 14:06 - 0256960 ____A (AVAST Software) C:\Windows\System32\aswBoot.exe 2011-11-28 10:01 - 2011-06-27 14:05 - 0199816 ____A (AVAST Software) C:\Windows\SysWOW64\aswBoot.exe 2011-11-28 10:01 - 2011-06-27 14:05 - 0041184 ____A (AVAST Software) C:\Windows\avastSS.scr 2011-11-28 09:54 - 2011-06-27 14:06 - 0591192 ____A (AVAST Software) C:\Windows\System32\Drivers\aswSnx.sys 2011-11-28 09:53 - 2011-06-27 14:06 - 0304472 ____A (AVAST Software) C:\Windows\System32\Drivers\aswSP.sys 2011-11-28 09:52 - 2011-06-27 14:06 - 0066904 ____A (AVAST Software) C:\Windows\System32\Drivers\aswMonFlt.sys 2011-11-28 09:52 - 2011-06-27 14:06 - 0058712 ____A (AVAST Software) C:\Windows\System32\Drivers\aswTdi.sys 2011-11-28 09:52 - 2011-06-27 14:06 - 0042328 ____A (AVAST Software) C:\Windows\System32\Drivers\aswRdr.sys 2011-11-28 09:51 - 2011-06-27 14:06 - 0024408 ____A (AVAST Software) C:\Windows\System32\Drivers\aswFsBlk.sys 2011-11-28 09:18 - 2011-11-28 09:18 - 0002515 ____A C:\Users\Public\Desktop\Skype.lnk 2011-11-28 09:18 - 2011-06-30 17:09 - 0000000 ___RD C:\Program Files (x86)\Skype 2011-11-28 09:18 - 2011-06-30 17:09 - 0000000 ____D C:\Users\All Users\Skype 2011-11-28 09:18 - 2011-06-30 17:09 - 0000000 ____D C:\ProgramData\Skype 2011-11-25 22:29 - 2011-11-25 22:28 - 5342064 ____A C:\Users\sun\Downloads\YouTubeDownloaderSetup34.exe 2011-11-25 13:13 - 2011-11-14 11:20 - 0000000 ____D C:\Users\sun\AppData\Roaming\Real 2011-11-23 21:00 - 2011-12-14 21:33 - 3141632 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys 2011-11-22 11:24 - 2011-11-22 11:24 - 0000162 ___AH C:\Users\sun\Desktop\~$chools.docx 2011-11-21 18:15 - 2011-11-21 18:15 - 0062990 ____A C:\Users\sun\Downloads\SOP Blank Invoice Form.pdf 2011-11-21 17:24 - 2011-06-21 23:03 - 0000000 ____D C:\Users\sun\AppData\Local\Microsoft Help 2011-11-21 13:19 - 2011-11-21 13:19 - 0083456 ____A C:\Users\sun\Downloads\referee.doc 2011-11-19 21:10 - 2011-11-19 21:09 - 0386048 ____A C:\Users\sun\Downloads\2008128103732829.doc 2011-11-17 17:02 - 2011-11-17 17:02 - 0082130 ____A C:\Users\sun\Downloads\wcurve.exe 2011-11-14 11:22 - 2011-11-14 11:22 - 0000000 ____D C:\Users\sun\AppData\Local\Real 2011-11-14 11:21 - 2011-11-14 11:21 - 0499712 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msvcp71.dll 2011-11-14 11:21 - 2011-11-14 11:21 - 0348160 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msvcr71.dll 2011-11-14 11:21 - 2011-11-14 11:21 - 0272896 ____A (Progressive Networks) C:\Windows\SysWOW64\pncrt.dll 2011-11-14 11:21 - 2011-11-14 11:21 - 0198832 ____A (RealNetworks, Inc.) C:\Windows\SysWOW64\rmoc3260.dll 2011-11-14 11:21 - 2011-11-14 11:21 - 0006656 ____A (RealNetworks, Inc.) C:\Windows\SysWOW64\pndx5016.dll 2011-11-14 11:21 - 2011-11-14 11:21 - 0005632 ____A (RealNetworks, Inc.) C:\Windows\SysWOW64\pndx5032.dll 2011-11-14 11:21 - 2011-11-14 11:20 - 0000000 ____D C:\Program Files (x86)\Real 2011-11-14 11:19 - 2011-11-14 11:19 - 0000000 ____D C:\Users\sun\AppData\Local\The Weather Channel 2011-11-14 10:39 - 2011-11-14 10:38 - 0684288 ____A (RealNetworks, Inc.) C:\Users\sun\Downloads\RealPlayer.exe 2011-11-10 22:41 - 2011-12-14 21:34 - 12370944 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll 2011-11-10 22:41 - 2011-12-14 21:33 - 0247808 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll 2011-11-10 21:50 - 2011-12-14 21:33 - 10990080 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2011-11-10 21:50 - 2011-12-14 21:33 - 0176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2011-11-08 15:36 - 2009-07-13 19:20 - 0000000 ____D C:\Program Files\Common Files\System 2011-11-08 14:31 - 2011-11-08 14:30 - 1610464 ____A C:\Users\sun\Downloads\science-9 2011-11-08 14:30 - 2011-11-08 14:30 - 0733003 ____A C:\Users\sun\Downloads\mmc1-1.pdf 2011-11-06 22:42 - 2011-11-06 22:42 - 0000505 ____A C:\Users\sun\Downloads\clustalw2-I20111107-063908-0870-43395115-pg.dnd 2011-11-06 20:56 - 2011-11-06 20:56 - 5231584 ____A (ParetoLogic Inc.) C:\Users\sun\Downloads\ParetoLogic PC Health Advisor.exe 2011-11-06 20:55 - 2011-11-06 20:55 - 0002706 ____A C:\Users\sun\Downloads\sequence.fasta 2011-11-06 18:15 - 2011-11-06 18:15 - 0211908 ____A C:\Users\sun\Downloads\to u5.jpg 2011-11-06 18:12 - 2011-11-06 18:12 - 0223553 ____A C:\Users\sun\Downloads\to u4.jpg 2011-11-06 18:11 - 2011-11-06 18:11 - 0200680 ____A C:\Users\sun\Downloads\to u3.jpg 2011-11-06 18:09 - 2011-11-06 18:09 - 0220643 ____A C:\Users\sun\Downloads\to u2.jpg 2011-11-06 17:54 - 2011-11-06 17:54 - 0088383 ____A C:\Users\sun\Downloads\to u.jpg 2011-11-06 13:49 - 2011-11-06 13:48 - 1765376 ____A C:\Users\sun\Downloads\PhyloDraw.exe 2011-11-05 19:59 - 2011-11-05 19:59 - 0000000 ____D C:\Download 2011-11-05 12:02 - 2009-07-13 19:20 - 0000000 ____D C:\Windows\System32\NDF 2011-11-04 21:26 - 2011-12-14 21:33 - 1501184 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll 2011-11-04 21:26 - 2011-12-14 21:33 - 1197568 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll 2011-11-04 21:26 - 2011-12-14 21:33 - 0134144 ____A (Microsoft Corporation) C:\Windows\System32\url.dll 2011-11-04 21:23 - 2011-12-14 21:34 - 9332736 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll 2011-11-04 21:23 - 2011-12-14 21:33 - 1026560 ____A (Microsoft Corporation) C:\Windows\System32\mstime.dll 2011-11-04 21:23 - 2011-12-14 21:33 - 0703488 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll 2011-11-04 21:23 - 2011-12-14 21:33 - 0097280 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll 2011-11-04 21:23 - 2011-12-14 21:33 - 0082944 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll 2011-11-04 21:23 - 2011-12-14 21:33 - 0057856 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll 2011-11-04 21:22 - 2011-12-14 21:33 - 2458624 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll 2011-11-04 21:22 - 2011-12-14 21:33 - 0445952 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll 2011-11-04 21:22 - 2011-12-14 21:33 - 0256000 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll 2011-11-04 21:22 - 2011-12-14 21:33 - 0064512 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll 2011-11-04 21:19 - 2011-12-14 21:33 - 0012288 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe 2011-11-04 21:17 - 2011-12-14 21:33 - 0002048 ____A (Microsoft Corporation) C:\Windows\System32\tzres.dll 2011-11-04 20:35 - 2011-12-14 21:33 - 1230336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2011-11-04 20:35 - 2011-12-14 21:33 - 0981504 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2011-11-04 20:35 - 2011-12-14 21:33 - 0132096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll 2011-11-04 20:34 - 2011-12-14 21:34 - 5997568 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2011-11-04 20:34 - 2011-12-14 21:33 - 2072576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2011-11-04 20:34 - 2011-12-14 21:33 - 0606208 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mstime.dll 2011-11-04 20:34 - 2011-12-14 21:33 - 0599552 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2011-11-04 20:34 - 2011-12-14 21:33 - 0185856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll 2011-11-04 20:34 - 2011-12-14 21:33 - 0067072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2011-11-04 20:34 - 2011-12-14 21:33 - 0064512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll 2011-11-04 20:34 - 2011-12-14 21:33 - 0048128 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2011-11-04 20:34 - 2011-12-14 21:33 - 0044544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll 2011-11-04 20:33 - 2011-12-14 21:33 - 0381440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2011-11-04 20:32 - 2011-12-14 21:33 - 0012800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe 2011-11-04 20:30 - 2011-12-14 21:33 - 0002048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll 2011-11-04 20:07 - 2011-12-14 21:33 - 0482816 ____A (Microsoft Corporation) C:\Windows\System32\html.iec 2011-11-04 19:28 - 2011-12-14 21:33 - 0386048 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2011-11-04 19:25 - 2011-12-14 21:33 - 1638912 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb 2011-11-04 18:55 - 2011-12-14 21:33 - 1638912 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2011-11-04 10:44 - 2011-11-04 10:44 - 0469200 ____A (Cloudpath Networks, Inc.) C:\Users\sun\Downloads\NetworkWizardLoader.exe 2011-10-25 21:19 - 2011-12-14 21:33 - 0043520 ____A (Microsoft Corporation) C:\Windows\System32\csrsrv.dll 2011-10-24 20:34 - 2011-10-24 20:34 - 0055862 ____A C:\Users\sun\Documents\??(???)t.pdf 2011-10-24 19:21 - 2011-07-03 21:09 - 0414368 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2011-10-24 12:29 - 2011-10-24 12:29 - 0094208 ____A (Apple Inc.) C:\Windows\SysWOW64\QuickTimeVR.qtx 2011-10-24 12:29 - 2011-10-24 12:29 - 0069632 ____A (Apple Inc.) C:\Windows\SysWOW64\QuickTime.qts 2011-10-22 01:29 - 2011-06-20 19:30 - 0000009 ____A C:\Users\sun\AppData\Roaming\pwpe_wiki_ini.conf 2011-10-21 23:15 - 2011-10-21 23:15 - 0181359 ____A C:\Users\sun\Downloads\????.txt 2011-10-21 15:54 - 2011-10-21 15:54 - 0020337 ____A C:\Users\sun\Documents\Summary of Lecture 8.docx 2011-10-20 15:49 - 2011-10-20 15:49 - 0000000 ____D C:\Users\sun\Downloads\New folder 2011-10-20 15:46 - 2011-10-20 15:46 - 0054784 ____A C:\Users\sun\Downloads\sbeidas1bioinformaticsoutline.doc 2011-10-19 00:33 - 2011-10-18 21:58 - 0017184 ____A C:\Users\sun\Documents\cell phone fees.xlsx 2011-10-17 14:04 - 2011-10-17 14:04 - 0000000 ____D C:\Users\All Users\Symantec 2011-10-17 14:04 - 2011-10-17 14:04 - 0000000 ____D C:\ProgramData\Symantec 2011-10-17 04:42 - 2011-10-16 19:29 - 0000000 ____D C:\Users\sun\AppData\Local\Kjs.AppLife.Update 2011-10-16 21:22 - 2011-10-16 21:22 - 0000000 ____D C:\Users\sun\AppData\Local\Downloaded Installations 2011-10-14 22:25 - 2011-12-14 21:33 - 0723456 ____A (Microsoft Corporation) C:\Windows\System32\EncDec.dll 2011-10-14 21:48 - 2011-12-14 21:33 - 0534528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\EncDec.dll 2011-10-11 22:41 - 2011-10-11 22:40 - 0384199 ____A C:\Users\sun\Documents\SUNHW2.pdf 2011-10-11 20:33 - 2010-08-13 13:06 - 0000000 ____D C:\Program Files (x86)\Microsoft Silverlight 2011-10-04 15:57 - 2011-10-04 15:57 - 0121730 ____A C:\Users\sun\Downloads\192.pdf 2011-10-02 20:37 - 2011-10-02 20:37 - 0000000 ____D C:\Users\Default\AppData\Roaming\SogouExplorer 2011-10-02 20:37 - 2011-10-02 20:37 - 0000000 ____D C:\Users\Default User\AppData\Roaming\SogouExplorer 2011-10-02 20:37 - 2011-10-02 20:37 - 0000000 ____D C:\Users\Administrator\AppData\Roaming\SogouExplorer 2011-10-01 22:33 - 2011-10-01 22:33 - 0035223 ____A C:\Users\sun\Documents\Resume(Sun,Tianjiao)t.pdf 2011-09-30 09:42 - 2011-09-23 17:30 - 0000000 ____D C:\SoDA 2011-09-30 01:12 - 2011-09-30 01:12 - 0030208 ____A C:\Users\sun\Downloads\Sequencing Protocol.doc 2011-09-30 01:12 - 2011-09-30 01:12 - 0030208 ____A C:\Users\sun\Downloads\Sequencing Protocol - Copy.doc 2011-09-30 01:08 - 2011-09-30 01:07 - 0052224 ____A C:\Users\sun\Downloads\Tree_building_1.doc 2011-09-29 17:02 - 2011-09-29 17:01 - 23096815 ____A C:\Users\sun\Downloads\KUBY - Immunology - 6th Edition.PDF 2011-09-29 08:24 - 2011-11-08 14:39 - 1897328 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys 2011-09-29 02:44 - 2011-09-29 02:08 - 0000000 ____D C:\Users\sun\AppData\Roaming\Book Place 2011-09-29 02:08 - 2011-09-29 02:07 - 0000000 ____D C:\Users\Administrator\AppData\Roaming\Book Place 2011-09-29 02:07 - 2011-09-29 02:07 - 0000000 ____D C:\Users\sun\Documents\Book Place 2011-09-29 02:07 - 2011-09-29 02:07 - 0000000 ____D C:\users\Administrator 2011-09-27 20:13 - 2011-09-27 20:13 - 0002359 ____A C:\Users\Public\Desktop\Toshiba Laptop Checkup.lnk 2011-09-27 17:30 - 2011-09-27 17:24 - 518733856 ____A (Microsoft Corporation) C:\Users\sun\Downloads\office2007b2tr-kb000000-fullfile-en-us.exe 2011-09-27 17:20 - 2011-06-20 12:21 - 0000000 ____D C:\Users\sun\AppData\Local\VirtualStore 2011-09-27 17:16 - 2011-09-27 17:04 - 0000000 ____D C:\Program Files (x86)\MSECache 2011-09-27 17:16 - 2010-08-13 13:08 - 0000000 ____D C:\Program Files (x86)\Microsoft Office 2011-09-27 17:15 - 2011-09-27 17:15 - 25685128 ____A (Microsoft Corporation) C:\Users\sun\Downloads\wordview_en-us.exe 2011-09-27 17:04 - 2011-09-27 17:04 - 77738888 ____A (Microsoft Corporation) C:\Users\sun\Downloads\ExcelViewer.exe 2011-09-27 00:59 - 2011-06-27 16:37 - 0000000 ____D C:\Users\sun\AppData\Local\Adobe 2011-09-23 20:26 - 2011-09-23 20:26 - 0000000 ____A C:\Windows\setuperr.log 2011-09-23 19:20 - 2011-06-20 11:57 - 0000000 ____D C:\Program Files (x86)\TOSHIBA Corporation 2011-09-23 19:20 - 2010-08-13 12:50 - 0000000 ____D C:\Program Files\TOSHIBA 2011-09-23 19:20 - 2010-08-13 12:50 - 0000000 ____D C:\Program Files (x86)\TOSHIBA 2011-09-23 19:18 - 2011-09-12 22:25 - 0000000 ____D C:\Program Files (x86)\AliWangWang 2011-09-23 17:29 - 2011-09-23 17:29 - 0000000 ____D C:\Users\sun\AppData\Roaming\SE_logs 2011-09-23 17:20 - 2011-09-23 17:20 - 0122728 ____A (Sogou.com) C:\Users\sun\Downloads\SeMiniSetup_2108.exe 2011-09-23 14:20 - 2011-09-23 14:20 - 0287744 ____A C:\Users\sun\Downloads\Bioinformatics_550_Course_Summary,_Housekeeping,_and_short_outline_of_notes[1]-3_1(1).doc 2011-09-23 03:48 - 2011-09-23 03:48 - 0287744 ____A C:\Users\sun\Downloads\Bioinformatics_550_Course_Summary,_Housekeeping,_and_short_outline_of_notes[1]-3_1.doc 2011-09-23 03:37 - 2011-09-23 03:37 - 0000162 ___AH C:\Users\sun\Desktop\~$mmary of lecture 4(2).doc 2011-09-22 21:16 - 2011-09-22 20:14 - 0011656 ____H C:\Users\sun\Desktop\~WRL3398.tmp 2011-09-22 16:02 - 2011-09-22 16:01 - 0002025 ____A C:\Users\Public\Desktop\Adobe Reader 9.lnk ========================= Known DLLs (Whitelisted) ============ ========================= Bamital & volsnap Check ============ C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit ========================= Memory info ====================== Percentage of memory in use: 24% Total physical RAM: 1787.7 MB Available physical RAM: 1351.44 MB Total Pagefile: 1787.7 MB Available Pagefile: 1338.47 MB Total Virtual: 8192 MB Available Virtual: 8191.9 MB ======================= Partitions ========================= 1 Drive c: (TI105975W0B) (Fixed) (Total:222.19 GB) (Free:165.14 GB) NTFS ==>[System with boot components] 2 Drive d: (System) (Fixed) (Total:1.46 GB) (Free:1.27 GB) NTFS ==>[System with boot components] 3 Drive e: () (Removable) (Total:3.74 GB) (Free:3.47 GB) FAT32 4 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS Disk ### Status Size Free Dyn Gpt ——————————- ———- ———- —- —- Disk 0 Online 232 GB 0 B Disk 1 Online 3840 MB 0 B Partitions of Disk 0: Partition ### Type Size Offset ——————- ———————————- ———- Partition 1 Recovery 1500 MB 1024 KB Partition 2 Primary 222 GB 1501 MB Partition 3 Primary 9 GB 223 GB Disk: 0 Partition 1 Hidden: Yes Active: Yes Volume ### Ltr Label Fs Type Size Status Info ——————- —————- ——- ————————- ————- ———— * Volume 1 D System NTFS Partition 1500 MB Healthy Hidden ========================================================== Last Boot: 2011-12-18 18:11 ======================= End Of Log ==========================
[ Ignorer ] [ # 4 ] f-arn TeamSpywarefri
21.12.2011 07:40:34 Administrator Team Spywarefri Antal indlæg: 4202	Download Tdsskiller.zip på dit skrivebord og pak den ud i en mappe. Kør TDSSKiller.exe -> Klik på “Start Scan” Mht.: Vista og Windows 7 - Højreklik på filen - Kør som Administrator. Hvis en inficeret fil bliver fundet, vil ”Default action” være Cure, klik på Continue Hvis en mistænkelig fil opdages, vil ”Default action” være Skip, klik på Continue Hvis den ikke spørger om ”Reboot” (genstart) så klik på ”Report”, kopier den tekst herind i tråden. Genstart hvis den kræver det. Hvis den genstarter kan du finde logfilen her : C:\TDSSKiller.[Version]_[Dato]_[Tidspunkt]_log.txt. Signatur Undlad venligst at vedhæfte logs, medmindre du bliver bedt om det !
[ Ignorer ] [ # 5 ] H-C
27.12.2011 02:31:26 Antal indlæg: 49	Computeren er begyndt med pop ups om køb af anti spyware igen. Her kommer loggen. 00:55:28.0063 0776 TDSS rootkit removing tool 2.6.23.0 Dec 13 2011 10:39:31 00:55:28.0586 0776 ============================================================ 00:55:28.0586 0776 Current date / time: 2011/12/21 00:55:28.0586 00:55:28.0586 0776 SystemInfo: 00:55:28.0586 0776 00:55:28.0586 0776 OS Version: 6.1.7600 ServicePack: 0.0 00:55:28.0586 0776 Product type: Workstation 00:55:28.0586 0776 ComputerName: SUN-PC 00:55:28.0587 0776 UserName: sun 00:55:28.0587 0776 Windows directory: C:\windows 00:55:28.0587 0776 System windows directory: C:\windows 00:55:28.0587 0776 Running under WOW64 00:55:28.0587 0776 Processor architecture: Intel x64 00:55:28.0587 0776 Number of processors: 1 00:55:28.0587 0776 Page size: 0x1000 00:55:28.0587 0776 Boot type: Normal boot 00:55:28.0587 0776 ============================================================ 00:55:29.0994 0776 Initialize success 00:55:34.0168 5700 ============================================================ 00:55:34.0168 5700 Scan started 00:55:34.0168 5700 Mode: Manual; 00:55:34.0168 5700 ============================================================ 00:55:37.0430 5700 1394ohci (969c91060cbb5d17cb8440b5f78b4c51) C:\windows\system32\DRIVERS\1394ohci.sys 00:55:37.0438 5700 1394ohci - ok 00:55:37.0575 5700 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\windows\system32\DRIVERS\ACPI.sys 00:55:37.0585 5700 ACPI - ok 00:55:37.0703 5700 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\windows\system32\DRIVERS\acpipmi.sys 00:55:37.0707 5700 AcpiPmi - ok 00:55:37.0875 5700 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\windows\system32\DRIVERS\adp94xx.sys 00:55:37.0883 5700 adp94xx - ok 00:55:38.0032 5700 adpahci (597f78224ee9224ea1a13d6350ced962) C:\windows\system32\DRIVERS\adpahci.sys 00:55:38.0065 5700 adpahci - ok 00:55:38.0223 5700 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\windows\system32\DRIVERS\adpu320.sys 00:55:38.0228 5700 adpu320 - ok 00:55:38.0324 5700 AFD (6ef20ddf3172e97d69f596fb90602f29) C:\windows\system32\drivers\afd.sys 00:55:38.0333 5700 AFD - ok 00:55:38.0452 5700 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\windows\system32\DRIVERS\agp440.sys 00:55:38.0455 5700 agp440 - ok 00:55:38.0585 5700 aliide (5812713a477a3ad7363c7438ca2ee038) C:\windows\system32\DRIVERS\aliide.sys 00:55:38.0588 5700 aliide - ok 00:55:38.0730 5700 amdide (1ff8b4431c353ce385c875f194924c0c) C:\windows\system32\DRIVERS\amdide.sys 00:55:38.0733 5700 amdide - ok 00:55:38.0866 5700 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\windows\system32\DRIVERS\amdk8.sys 00:55:38.0870 5700 AmdK8 - ok 00:55:39.0159 5700 amdkmdag (d6227f6469e4d2189e88c8d880a8378b) C:\windows\system32\DRIVERS\atikmdag.sys 00:55:39.0314 5700 amdkmdag - ok 00:55:39.0440 5700 amdkmdap (895c13c8cb916ee52bb9ed390e378ee4) C:\windows\system32\DRIVERS\atikmpag.sys 00:55:39.0446 5700 amdkmdap - ok 00:55:39.0587 5700 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\windows\system32\DRIVERS\amdppm.sys 00:55:39.0591 5700 AmdPPM - ok 00:55:39.0711 5700 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\windows\system32\drivers\amdsata.sys 00:55:39.0719 5700 amdsata - ok 00:55:39.0848 5700 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\windows\system32\DRIVERS\amdsbs.sys 00:55:39.0854 5700 amdsbs - ok 00:55:39.0977 5700 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\windows\system32\drivers\amdxata.sys 00:55:39.0980 5700 amdxata - ok 00:55:40.0106 5700 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\windows\system32\drivers\appid.sys 00:55:40.0110 5700 AppID - ok 00:55:40.0314 5700 arc (c484f8ceb1717c540242531db7845c4e) C:\windows\system32\DRIVERS\arc.sys 00:55:40.0321 5700 arc - ok 00:55:40.0346 5700 arcsas (019af6924aefe7839f61c830227fe79c) C:\windows\system32\DRIVERS\arcsas.sys 00:55:40.0351 5700 arcsas - ok 00:55:40.0415 5700 aswFsBlk (ce6d8bcc4787704ea4feeb92b0d0caf8) C:\windows\system32\drivers\aswFsBlk.sys 00:55:40.0417 5700 aswFsBlk - ok 00:55:40.0545 5700 aswMonFlt (0debeb2e3fbd0bf5343125cce617f105) C:\windows\system32\drivers\aswMonFlt.sys 00:55:40.0549 5700 aswMonFlt - ok 00:55:40.0683 5700 aswRdr (952edc2e81f85d1781958d4128bf59f8) C:\windows\system32\drivers\aswRdr.sys 00:55:40.0687 5700 aswRdr - ok 00:55:40.0828 5700 aswSnx (dd383e2ac941c545a85ab72503da6c12) C:\windows\system32\drivers\aswSnx.sys 00:55:40.0842 5700 aswSnx - ok 00:55:40.0950 5700 aswSP (ef5403fb8b2dcb791ec365fdf6040a4a) C:\windows\system32\drivers\aswSP.sys 00:55:40.0957 5700 aswSP - ok 00:55:41.0076 5700 aswTdi (34165da5c6b30c0f9d61246bf8a28040) C:\windows\system32\drivers\aswTdi.sys 00:55:41.0079 5700 aswTdi - ok 00:55:41.0217 5700 AsyncMac (769765ce2cc62867468cea93969b2242) C:\windows\system32\DRIVERS\asyncmac.sys 00:55:41.0223 5700 AsyncMac - ok 00:55:41.0272 5700 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\windows\system32\DRIVERS\atapi.sys 00:55:41.0273 5700 atapi - ok 00:55:41.0427 5700 athr (d6cad7e5b05055bb8226bdcb1644da27) C:\windows\system32\DRIVERS\athrx.sys 00:55:41.0453 5700 athr - ok 00:55:41.0591 5700 AtiPcie (7c5d273e29dcc5505469b299c6f29163) C:\windows\system32\DRIVERS\AtiPcie.sys 00:55:41.0593 5700 AtiPcie - ok 00:55:41.0744 5700 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\windows\system32\DRIVERS\bxvbda.sys 00:55:41.0752 5700 b06bdrv - ok 00:55:41.0876 5700 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\windows\system32\DRIVERS\b57nd60a.sys 00:55:41.0881 5700 b57nd60a - ok 00:55:42.0019 5700 Beep (16a47ce2decc9b099349a5f840654746) C:\windows\system32\drivers\Beep.sys 00:55:42.0021 5700 Beep - ok 00:55:42.0063 5700 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\windows\system32\DRIVERS\blbdrive.sys 00:55:42.0065 5700 blbdrive - ok 00:55:42.0167 5700 bowser (19d20159708e152267e53b66677a4995) C:\windows\system32\DRIVERS\bowser.sys 00:55:42.0170 5700 bowser - ok 00:55:42.0213 5700 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\windows\system32\DRIVERS\BrFiltLo.sys 00:55:42.0214 5700 BrFiltLo - ok 00:55:42.0262 5700 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\windows\system32\DRIVERS\BrFiltUp.sys 00:55:42.0264 5700 BrFiltUp - ok 00:55:42.0314 5700 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\windows\System32\Drivers\Brserid.sys 00:55:42.0320 5700 Brserid - ok 00:55:42.0614 5700 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\windows\System32\Drivers\BrSerWdm.sys 00:55:42.0618 5700 BrSerWdm - ok 00:55:42.0647 5700 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\windows\System32\Drivers\BrUsbMdm.sys 00:55:42.0648 5700 BrUsbMdm - ok 00:55:42.0672 5700 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\windows\System32\Drivers\BrUsbSer.sys 00:55:42.0674 5700 BrUsbSer - ok 00:55:42.0706 5700 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\windows\system32\DRIVERS\bthmodem.sys 00:55:42.0710 5700 BTHMODEM - ok 00:55:42.0788 5700 cdfs (b8bd2bb284668c84865658c77574381a) C:\windows\system32\DRIVERS\cdfs.sys 00:55:42.0793 5700 cdfs - ok 00:55:42.0903 5700 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\windows\system32\DRIVERS\cdrom.sys 00:55:42.0907 5700 cdrom - ok 00:55:43.0039 5700 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\windows\system32\DRIVERS\circlass.sys 00:55:43.0042 5700 circlass - ok 00:55:43.0086 5700 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\windows\system32\CLFS.sys 00:55:43.0110 5700 CLFS - ok 00:55:43.0300 5700 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\windows\system32\DRIVERS\CmBatt.sys 00:55:43.0321 5700 CmBatt - ok 00:55:43.0420 5700 cmdide (e19d3f095812725d88f9001985b94edd) C:\windows\system32\DRIVERS\cmdide.sys 00:55:43.0423 5700 cmdide - ok 00:55:43.0521 5700 CNG (f95fd4cb7da00ba2a63ce9f6b5c053e1) C:\windows\system32\Drivers\cng.sys 00:55:43.0534 5700 CNG - ok 00:55:43.0589 5700 Compbatt (102de219c3f61415f964c88e9085ad14) C:\windows\system32\DRIVERS\compbatt.sys 00:55:43.0591 5700 Compbatt - ok 00:55:43.0708 5700 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\windows\system32\DRIVERS\CompositeBus.sys 00:55:43.0746 5700 CompositeBus - ok 00:55:43.0853 5700 crcdisk (1c827878a998c18847245fe1f34ee597) C:\windows\system32\DRIVERS\crcdisk.sys 00:55:43.0855 5700 crcdisk - ok 00:55:44.0005 5700 DfsC (9c253ce7311ca60fc11c774692a13208) C:\windows\system32\Drivers\dfsc.sys 00:55:44.0007 5700 DfsC - ok 00:55:44.0518 5700 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\windows\system32\drivers\discache.sys 00:55:44.0521 5700 discache - ok 00:55:44.0618 5700 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\windows\system32\DRIVERS\disk.sys 00:55:44.0622 5700 Disk - ok 00:55:44.0724 5700 drmkaud (9b19f34400d24df84c858a421c205754) C:\windows\system32\drivers\drmkaud.sys 00:55:44.0726 5700 drmkaud - ok 00:55:44.0851 5700 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\windows\System32\drivers\dxgkrnl.sys 00:55:44.0867 5700 DXGKrnl - ok 00:55:45.0052 5700 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\windows\system32\DRIVERS\evbda.sys 00:55:45.0168 5700 ebdrv - ok 00:55:45.0292 5700 elxstor (0e5da5369a0fcaea12456dd852545184) C:\windows\system32\DRIVERS\elxstor.sys 00:55:45.0301 5700 elxstor - ok 00:55:45.0400 5700 ErrDev (34a3c54752046e79a126e15c51db409b) C:\windows\system32\DRIVERS\errdev.sys 00:55:45.0403 5700 ErrDev - ok 00:55:45.0502 5700 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\windows\system32\drivers\exfat.sys 00:55:45.0506 5700 exfat - ok 00:55:45.0569 5700 fastfat (0adc83218b66a6db380c330836f3e36d) C:\windows\system32\drivers\fastfat.sys 00:55:45.0575 5700 fastfat - ok 00:55:45.0681 5700 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\windows\system32\DRIVERS\fdc.sys 00:55:45.0685 5700 fdc - ok 00:55:45.0827 5700 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\windows\system32\drivers\fileinfo.sys 00:55:45.0833 5700 FileInfo - ok 00:55:45.0885 5700 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\windows\system32\drivers\filetrace.sys 00:55:45.0887 5700 Filetrace - ok 00:55:45.0949 5700 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\windows\system32\DRIVERS\flpydisk.sys 00:55:45.0951 5700 flpydisk - ok 00:55:46.0029 5700 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\windows\system32\drivers\fltmgr.sys 00:55:46.0035 5700 FltMgr - ok 00:55:46.0104 5700 FsDepends (d43703496149971890703b4b1b723eac) C:\windows\system32\drivers\FsDepends.sys 00:55:46.0107 5700 FsDepends - ok 00:55:46.0154 5700 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\windows\system32\drivers\Fs_Rec.sys 00:55:46.0156 5700 Fs_Rec - ok 00:55:46.0234 5700 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\windows\system32\DRIVERS\fvevol.sys 00:55:46.0238 5700 fvevol - ok 00:55:46.0307 5700 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\windows\system32\DRIVERS\gagp30kx.sys 00:55:46.0310 5700 gagp30kx - ok 00:55:46.0450 5700 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\windows\system32\DRIVERS\GEARAspiWDM.sys 00:55:46.0454 5700 GEARAspiWDM - ok 00:55:46.0606 5700 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\windows\system32\drivers\hcw85cir.sys 00:55:46.0609 5700 hcw85cir - ok 00:55:46.0730 5700 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\windows\system32\drivers\HdAudio.sys 00:55:46.0740 5700 HdAudAddService - ok 00:55:46.0809 5700 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\windows\system32\DRIVERS\HDAudBus.sys 00:55:46.0812 5700 HDAudBus - ok 00:55:46.0898 5700 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\windows\system32\DRIVERS\HidBatt.sys 00:55:46.0905 5700 HidBatt - ok 00:55:47.0001 5700 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\windows\system32\DRIVERS\hidbth.sys 00:55:47.0011 5700 HidBth - ok 00:55:47.0089 5700 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\windows\system32\DRIVERS\hidir.sys 00:55:47.0106 5700 HidIr - ok 00:55:47.0273 5700 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\windows\system32\DRIVERS\hidusb.sys 00:55:47.0277 5700 HidUsb - ok 00:55:47.0331 5700 HpSAMD (0886d440058f203eba0e1825e4355914) C:\windows\system32\DRIVERS\HpSAMD.sys 00:55:47.0335 5700 HpSAMD - ok 00:55:47.0429 5700 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\windows\system32\drivers\HTTP.sys 00:55:47.0444 5700 HTTP - ok 00:55:47.0523 5700 hwpolicy (f17766a19145f111856378df337a5d79) C:\windows\system32\drivers\hwpolicy.sys 00:55:47.0543 5700 hwpolicy - ok 00:55:47.0690 5700 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\windows\system32\DRIVERS\i8042prt.sys 00:55:47.0695 5700 i8042prt - ok 00:55:47.0865 5700 iaStorV (b75e45c564e944a2657167d197ab29da) C:\windows\system32\drivers\iaStorV.sys 00:55:47.0873 5700 iaStorV - ok 00:55:47.0992 5700 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\windows\system32\DRIVERS\iirsp.sys 00:55:47.0996 5700 iirsp - ok 00:55:48.0220 5700 IntcAzAudAddService (a73cc9bd3a7236e686be6667f0106c16) C:\windows\system32\drivers\RTKVHD64.sys 00:55:48.0252 5700 IntcAzAudAddService - ok 00:55:48.0347 5700 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\windows\system32\DRIVERS\intelide.sys 00:55:48.0349 5700 intelide - ok 00:55:48.0418 5700 intelppm (ada036632c664caa754079041cf1f8c1) C:\windows\system32\DRIVERS\intelppm.sys 00:55:48.0421 5700 intelppm - ok 00:55:48.0495 5700 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\windows\system32\DRIVERS\ipfltdrv.sys 00:55:48.0497 5700 IpFilterDriver - ok 00:55:48.0533 5700 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\windows\system32\DRIVERS\IPMIDrv.sys 00:55:48.0537 5700 IPMIDRV - ok 00:55:48.0634 5700 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\windows\system32\drivers\ipnat.sys 00:55:48.0639 5700 IPNAT - ok 00:55:48.0790 5700 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\windows\system32\drivers\irenum.sys 00:55:48.0792 5700 IRENUM - ok 00:55:48.0811 5700 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\windows\system32\DRIVERS\isapnp.sys 00:55:48.0813 5700 isapnp - ok 00:55:48.0919 5700 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\windows\system32\DRIVERS\msiscsi.sys 00:55:48.0928 5700 iScsiPrt - ok 00:55:49.0075 5700 JMCR (25d602ae635a0443458fbed1a8b6e4e9) C:\windows\system32\DRIVERS\jmcr.sys 00:55:49.0081 5700 JMCR - ok 00:55:49.0193 5700 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\windows\system32\DRIVERS\kbdclass.sys 00:55:49.0196 5700 kbdclass - ok 00:55:49.0327 5700 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\windows\system32\DRIVERS\kbdhid.sys 00:55:49.0330 5700 kbdhid - ok 00:55:49.0482 5700 KSecDD (e8b6fcc9c83535c67f835d407620bd27) C:\windows\system32\Drivers\ksecdd.sys 00:55:49.0487 5700 KSecDD - ok 00:55:49.0587 5700 KSecPkg (a8c63880ef6f4d3fec7b616b9c060215) C:\windows\system32\Drivers\ksecpkg.sys 00:55:49.0594 5700 KSecPkg - ok 00:55:49.0730 5700 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\windows\system32\drivers\ksthunk.sys 00:55:49.0733 5700 ksthunk - ok 00:55:49.0898 5700 lltdio (1538831cf8ad2979a04c423779465827) C:\windows\system32\DRIVERS\lltdio.sys 00:55:49.0901 5700 lltdio - ok 00:55:50.0039 5700 LPCFilter (41e122f6d1448c94cc05196bc41d6bfb) C:\windows\system32\DRIVERS\LPCFilter.sys 00:55:50.0043 5700 LPCFilter - ok 00:55:50.0192 5700 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\windows\system32\DRIVERS\lsi_fc.sys 00:55:50.0197 5700 LSI_FC - ok 00:55:50.0238 5700 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\windows\system32\DRIVERS\lsi_sas.sys 00:55:50.0243 5700 LSI_SAS - ok 00:55:50.0261 5700 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\windows\system32\DRIVERS\lsi_sas2.sys 00:55:50.0264 5700 LSI_SAS2 - ok 00:55:50.0388 5700 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\windows\system32\DRIVERS\lsi_scsi.sys 00:55:50.0393 5700 LSI_SCSI - ok 00:55:50.0480 5700 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\windows\system32\drivers\luafv.sys 00:55:50.0505 5700 luafv - ok 00:55:50.0598 5700 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\windows\system32\DRIVERS\megasas.sys 00:55:50.0600 5700 megasas - ok 00:55:50.0623 5700 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\windows\system32\DRIVERS\MegaSR.sys 00:55:50.0675 5700 MegaSR - ok 00:55:50.0702 5700 Modem (800ba92f7010378b09f9ed9270f07137) C:\windows\system32\drivers\modem.sys 00:55:50.0704 5700 Modem - ok 00:55:50.0758 5700 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\windows\system32\DRIVERS\monitor.sys 00:55:50.0762 5700 monitor - ok 00:55:50.0869 5700 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\windows\system32\DRIVERS\mouclass.sys 00:55:50.0885 5700 mouclass - ok 00:55:50.0933 5700 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\windows\system32\DRIVERS\mouhid.sys 00:55:50.0935 5700 mouhid - ok 00:55:51.0011 5700 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\windows\system32\drivers\mountmgr.sys 00:55:51.0016 5700 mountmgr - ok 00:55:51.0114 5700 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\windows\system32\DRIVERS\mpio.sys 00:55:51.0120 5700 mpio - ok 00:55:51.0227 5700 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\windows\system32\drivers\mpsdrv.sys 00:55:51.0231 5700 mpsdrv - ok 00:55:51.0311 5700 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\windows\system32\drivers\mrxdav.sys 00:55:51.0330 5700 MRxDAV - ok 00:55:51.0381 5700 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\windows\system32\DRIVERS\mrxsmb.sys 00:55:51.0385 5700 mrxsmb - ok 00:55:51.0479 5700 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\windows\system32\DRIVERS\mrxsmb10.sys 00:55:51.0484 5700 mrxsmb10 - ok 00:55:51.0554 5700 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\windows\system32\DRIVERS\mrxsmb20.sys 00:55:51.0557 5700 mrxsmb20 - ok 00:55:51.0617 5700 msahci (5c37497276e3b3a5488b23a326a754b7) C:\windows\system32\DRIVERS\msahci.sys 00:55:51.0619 5700 msahci - ok 00:55:51.0693 5700 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\windows\system32\DRIVERS\msdsm.sys 00:55:51.0698 5700 msdsm - ok 00:55:51.0766 5700 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\windows\system32\drivers\Msfs.sys 00:55:51.0768 5700 Msfs - ok 00:55:51.0856 5700 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\windows\System32\drivers\mshidkmdf.sys 00:55:51.0857 5700 mshidkmdf - ok 00:55:51.0900 5700 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\windows\system32\DRIVERS\msisadrv.sys 00:55:51.0902 5700 msisadrv - ok 00:55:52.0063 5700 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\windows\system32\drivers\MSKSSRV.sys 00:55:52.0066 5700 MSKSSRV - ok 00:55:52.0207 5700 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\windows\system32\drivers\MSPCLOCK.sys 00:55:52.0210 5700 MSPCLOCK - ok 00:55:52.0248 5700 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\windows\system32\drivers\MSPQM.sys 00:55:52.0250 5700 MSPQM - ok 00:55:52.0286 5700 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\windows\system32\drivers\MsRPC.sys 00:55:52.0292 5700 MsRPC - ok 00:55:52.0321 5700 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\windows\system32\DRIVERS\mssmbios.sys 00:55:52.0323 5700 mssmbios - ok 00:55:52.0436 5700 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\windows\system32\drivers\MSTEE.sys 00:55:52.0440 5700 MSTEE - ok 00:55:52.0473 5700 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\windows\system32\DRIVERS\MTConfig.sys 00:55:52.0474 5700 MTConfig - ok 00:55:52.0512 5700 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\windows\system32\Drivers\mup.sys 00:55:52.0515 5700 Mup - ok 00:55:52.0586 5700 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\windows\system32\DRIVERS\nwifi.sys 00:55:52.0592 5700 NativeWifiP - ok 00:55:52.0900 5700 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\windows\system32\drivers\ndis.sys 00:55:52.0924 5700 NDIS - ok 00:55:53.0021 5700 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\windows\system32\DRIVERS\ndiscap.sys 00:55:53.0024 5700 NdisCap - ok 00:55:53.0072 5700 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\windows\system32\DRIVERS\ndistapi.sys 00:55:53.0075 5700 NdisTapi - ok 00:55:53.0200 5700 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\windows\system32\DRIVERS\ndisuio.sys 00:55:53.0202 5700 Ndisuio - ok 00:55:53.0224 5700 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\windows\system32\DRIVERS\ndiswan.sys 00:55:53.0227 5700 NdisWan - ok 00:55:53.0255 5700 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\windows\system32\drivers\NDProxy.sys 00:55:53.0258 5700 NDProxy - ok 00:55:53.0302 5700 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\windows\system32\DRIVERS\netbios.sys 00:55:53.0305 5700 NetBIOS - ok 00:55:53.0405 5700 NetBT (9162b273a44ab9dce5b44362731d062a) C:\windows\system32\DRIVERS\netbt.sys 00:55:53.0410 5700 NetBT - ok 00:55:53.0572 5700 nfrd960 (77889813be4d166cdab78ddba990da92) C:\windows\system32\DRIVERS\nfrd960.sys 00:55:53.0574 5700 nfrd960 - ok 00:55:53.0729 5700 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\windows\system32\drivers\Npfs.sys 00:55:53.0731 5700 Npfs - ok 00:55:53.0763 5700 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\windows\system32\drivers\nsiproxy.sys 00:55:53.0766 5700 nsiproxy - ok 00:55:53.0855 5700 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\windows\system32\drivers\Ntfs.sys 00:55:53.0880 5700 Ntfs - ok 00:55:54.0001 5700 Null (9899284589f75fa8724ff3d16aed75c1) C:\windows\system32\drivers\Null.sys 00:55:54.0007 5700 Null - ok 00:55:54.0071 5700 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\windows\system32\drivers\nvraid.sys 00:55:54.0074 5700 nvraid - ok 00:55:54.0171 5700 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\windows\system32\drivers\nvstor.sys 00:55:54.0198 5700 nvstor - ok 00:55:54.0262 5700 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\windows\system32\DRIVERS\nv_agp.sys 00:55:54.0265 5700 nv_agp - ok 00:55:54.0411 5700 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\windows\system32\DRIVERS\ohci1394.sys 00:55:54.0413 5700 ohci1394 - ok 00:55:54.0686 5700 Parport (0086431c29c35be1dbc43f52cc273887) C:\windows\system32\DRIVERS\parport.sys 00:55:54.0689 5700 Parport - ok 00:55:54.0794 5700 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\windows\system32\drivers\partmgr.sys 00:55:54.0797 5700 partmgr - ok 00:55:54.0845 5700 pci (5aab2b170536885de70a6cba8d7ce52b) C:\windows\system32\DRIVERS\pci.sys 00:55:54.0849 5700 pci - ok 00:55:54.0877 5700 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\windows\system32\DRIVERS\pciide.sys 00:55:54.0879 5700 pciide - ok 00:55:54.0922 5700 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\windows\system32\DRIVERS\pcmcia.sys 00:55:54.0943 5700 pcmcia - ok 00:55:54.0961 5700 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\windows\system32\drivers\pcw.sys 00:55:54.0963 5700 pcw - ok 00:55:55.0014 5700 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\windows\system32\drivers\peauth.sys 00:55:55.0024 5700 PEAUTH - ok 00:55:55.0185 5700 PGEffect (663962900e7fea522126ba287715bb4a) C:\windows\system32\DRIVERS\pgeffect.sys 00:55:55.0189 5700 PGEffect - ok 00:55:55.0314 5700 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\windows\system32\DRIVERS\raspptp.sys 00:55:55.0317 5700 PptpMiniport - ok 00:55:55.0409 5700 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\windows\system32\DRIVERS\processr.sys 00:55:55.0418 5700 Processor - ok 00:55:55.0582 5700 Psched (ee992183bd8eaefd9973f352e587a299) C:\windows\system32\DRIVERS\pacer.sys 00:55:55.0584 5700 Psched - ok 00:55:55.0676 5700 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\windows\system32\DRIVERS\ql2300.sys 00:55:55.0698 5700 ql2300 - ok 00:55:55.0870 5700 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\windows\system32\DRIVERS\ql40xx.sys 00:55:55.0875 5700 ql40xx - ok 00:55:56.0080 5700 QQSysMon (da2bca44fdfca8a087ff6b806f64c359) C:\Program Files (x86)\Tencent\QQPCMgr\5.0.1415.205\QQSysMon.sys 00:55:56.0128 5700 QQSysMon - ok 00:55:56.0259 5700 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\windows\system32\drivers\qwavedrv.sys 00:55:56.0261 5700 QWAVEdrv - ok 00:55:56.0279 5700 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\windows\system32\DRIVERS\rasacd.sys 00:55:56.0281 5700 RasAcd - ok 00:55:56.0361 5700 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\windows\system32\DRIVERS\AgileVpn.sys 00:55:56.0364 5700 RasAgileVpn - ok 00:55:56.0452 5700 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\windows\system32\DRIVERS\rasl2tp.sys 00:55:56.0463 5700 Rasl2tp - ok 00:55:56.0543 5700 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\windows\system32\DRIVERS\raspppoe.sys 00:55:56.0546 5700 RasPppoe - ok 00:55:56.0637 5700 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\windows\system32\DRIVERS\rassstp.sys 00:55:56.0651 5700 RasSstp - ok 00:55:56.0717 5700 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\windows\system32\DRIVERS\rdbss.sys 00:55:56.0728 5700 rdbss - ok 00:55:56.0792 5700 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\windows\system32\DRIVERS\rdpbus.sys 00:55:56.0794 5700 rdpbus - ok 00:55:56.0814 5700 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\windows\system32\DRIVERS\RDPCDD.sys 00:55:56.0816 5700 RDPCDD - ok 00:55:56.0892 5700 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\windows\system32\drivers\rdpencdd.sys 00:55:56.0894 5700 RDPENCDD - ok 00:55:57.0014 5700 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\windows\system32\drivers\rdprefmp.sys 00:55:57.0016 5700 RDPREFMP - ok 00:55:57.0048 5700 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\windows\system32\drivers\RDPWD.sys 00:55:57.0052 5700 RDPWD - ok 00:55:57.0177 5700 rdyboost (e5dc9ba9e439d6dbdd79f8caacb5bf01) C:\windows\system32\drivers\rdyboost.sys 00:55:57.0181 5700 rdyboost - ok 00:55:57.0339 5700 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\windows\system32\DRIVERS\rspndr.sys 00:55:57.0343 5700 rspndr - ok 00:55:57.0402 5700 RTHDMIAzAudService (4e821c740a675f6d040be41d59a62b1d) C:\windows\system32\drivers\RtHDMIVX.sys 00:55:57.0406 5700 RTHDMIAzAudService - ok 00:55:57.0518 5700 RTL8167 (fd978b2bf8a9b2390dcbef435e9c1f9f) C:\windows\system32\DRIVERS\Rt64win7.sys 00:55:57.0525 5700 RTL8167 - ok 00:55:57.0608 5700 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\windows\system32\DRIVERS\sbp2port.sys 00:55:57.0612 5700 sbp2port - ok 00:55:57.0670 5700 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\windows\system32\DRIVERS\scfilter.sys 00:55:57.0672 5700 scfilter - ok 00:55:57.0807 5700 sdbus (2c8d162efaf73abd36d8bcbb6340cae7) C:\windows\system32\DRIVERS\sdbus.sys 00:55:57.0811 5700 sdbus - ok 00:55:57.0932 5700 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\windows\system32\drivers\secdrv.sys 00:55:57.0934 5700 secdrv - ok 00:55:58.0030 5700 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\windows\system32\DRIVERS\serenum.sys 00:55:58.0032 5700 Serenum - ok 00:55:58.0093 5700 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\windows\system32\DRIVERS\serial.sys 00:55:58.0096 5700 Serial - ok 00:55:58.0189 5700 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\windows\system32\DRIVERS\sermouse.sys 00:55:58.0191 5700 sermouse - ok 00:55:58.0239 5700 sffdisk (a554811bcd09279536440c964ae35bbf) C:\windows\system32\DRIVERS\sffdisk.sys 00:55:58.0241 5700 sffdisk - ok 00:55:58.0266 5700 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\windows\system32\DRIVERS\sffp_mmc.sys 00:55:58.0268 5700 sffp_mmc - ok 00:55:58.0289 5700 sffp_sd (178298f767fe638c9fedcbdef58bb5e4) C:\windows\system32\DRIVERS\sffp_sd.sys 00:55:58.0291 5700 sffp_sd - ok 00:55:58.0314 5700 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\windows\system32\DRIVERS\sfloppy.sys 00:55:58.0316 5700 sfloppy - ok 00:55:58.0403 5700 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\windows\system32\DRIVERS\SiSRaid2.sys 00:55:58.0405 5700 SiSRaid2 - ok 00:55:58.0468 5700 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\windows\system32\DRIVERS\sisraid4.sys 00:55:58.0472 5700 SiSRaid4 - ok 00:55:58.0595 5700 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\windows\system32\DRIVERS\smb.sys 00:55:58.0598 5700 Smb - ok 00:55:58.0743 5700 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\windows\system32\drivers\spldr.sys 00:55:58.0745 5700 spldr - ok 00:55:58.0829 5700 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\windows\system32\DRIVERS\srv.sys 00:55:58.0838 5700 srv - ok 00:55:58.0940 5700 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\windows\system32\DRIVERS\srv2.sys 00:55:58.0953 5700 srv2 - ok 00:55:59.0056 5700 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\windows\system32\DRIVERS\srvnet.sys 00:55:59.0060 5700 srvnet - ok 00:55:59.0183 5700 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\windows\system32\DRIVERS\stexstor.sys 00:55:59.0185 5700 stexstor - ok 00:55:59.0228 5700 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\windows\system32\DRIVERS\swenum.sys 00:55:59.0231 5700 swenum - ok 00:55:59.0402 5700 SynTP (470c47daba9ca3966f0ab3f835d7d135) C:\windows\system32\DRIVERS\SynTP.sys 00:55:59.0410 5700 SynTP - ok 00:55:59.0571 5700 TcHardWare (62c0a414ee77949cb4aa117d2708bcf3) C:\Program Files (x86)\Tencent\QQPCMgr\5.0.1415.205\QQPCHW-x64.sys 00:55:59.0573 5700 TcHardWare - ok 00:55:59.0719 5700 Tcpip (f18f56efc0bfb9c87ba01c37b27f4da5) C:\windows\system32\drivers\tcpip.sys 00:55:59.0756 5700 Tcpip - ok 00:55:59.0952 5700 TCPIP6 (f18f56efc0bfb9c87ba01c37b27f4da5) C:\windows\system32\DRIVERS\tcpip.sys 00:55:59.0970 5700 TCPIP6 - ok 00:56:00.0079 5700 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\windows\system32\drivers\tcpipreg.sys 00:56:00.0082 5700 tcpipreg - ok 00:56:00.0246 5700 TCSafeBox (1474e86f7d710f65024f75fd5bb8d074) C:\Program Files (x86)\Tencent\QQPCMgr\5.0.1415.205\TCSafebox64.sys 00:56:00.0250 5700 TCSafeBox - ok 00:56:00.0404 5700 tdcmdpst (fd542b661bd22fa69ca789ad0ac58c29) C:\windows\system32\DRIVERS\tdcmdpst.sys 00:56:00.0406 5700 tdcmdpst - ok 00:56:00.0457 5700 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\windows\system32\drivers\tdpipe.sys 00:56:00.0459 5700 TDPIPE - ok 00:56:00.0525 5700 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\windows\system32\drivers\tdtcp.sys 00:56:00.0527 5700 TDTCP - ok 00:56:00.0572 5700 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\windows\system32\DRIVERS\tdx.sys 00:56:00.0575 5700 tdx - ok 00:56:00.0653 5700 TermDD (c448651339196c0e869a355171875522) C:\windows\system32\DRIVERS\termdd.sys 00:56:00.0657 5700 TermDD - ok 00:56:00.0761 5700 Thpdrv (c013f6acaa9761f571bd28dada7c157d) C:\windows\system32\DRIVERS\thpdrv.sys 00:56:00.0763 5700 Thpdrv - ok 00:56:00.0871 5700 Thpevm (b4e609047434ed948af7bdef2fa66e38) C:\windows\system32\DRIVERS\Thpevm.SYS 00:56:00.0885 5700 Thpevm - ok 00:56:01.0117 5700 TSDefenseBt - ok 00:56:01.0267 5700 TSKSP (01c56e657e931de31ef15667efb4d7ae) C:\Program Files (x86)\Tencent\QQPCMgr\5.0.1415.205\TSKsp.sys 00:56:01.0284 5700 TSKSP - ok 00:56:01.0386 5700 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\windows\system32\DRIVERS\tssecsrv.sys 00:56:01.0390 5700 tssecsrv - ok 00:56:01.0518 5700 TSysCare (fa3fd6f4f9a331181d99f385e21d6575) C:\windows\system32\Drivers\TSysCare64.sys 00:56:01.0522 5700 TSysCare - ok 00:56:01.0590 5700 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\windows\system32\DRIVERS\tunnel.sys 00:56:01.0594 5700 tunnel - ok 00:56:01.0694 5700 TVALZ (550b567f9364d8f7684c3fb3ea665a72) C:\windows\system32\DRIVERS\TVALZ_O.SYS 00:56:01.0697 5700 TVALZ - ok 00:56:01.0777 5700 TVALZFL (9c7191f4b2e49bff47a6c1144b5923fa) C:\windows\system32\DRIVERS\TVALZFL.sys 00:56:01.0779 5700 TVALZFL - ok 00:56:01.0870 5700 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\windows\system32\DRIVERS\uagp35.sys 00:56:01.0873 5700 uagp35 - ok 00:56:01.0914 5700 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\windows\system32\DRIVERS\udfs.sys 00:56:01.0921 5700 udfs - ok 00:56:02.0025 5700 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\windows\system32\DRIVERS\uliagpkx.sys 00:56:02.0027 5700 uliagpkx - ok 00:56:02.0083 5700 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\windows\system32\DRIVERS\umbus.sys 00:56:02.0086 5700 umbus - ok 00:56:02.0161 5700 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\windows\system32\DRIVERS\umpass.sys 00:56:02.0164 5700 UmPass - ok 00:56:02.0337 5700 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\windows\system32\Drivers\usbaapl64.sys 00:56:02.0342 5700 USBAAPL64 - ok 00:56:02.0399 5700 usbccgp (537a4e03d7103c12d42dfd8ffdb5bdc9) C:\windows\system32\DRIVERS\usbccgp.sys 00:56:02.0405 5700 usbccgp - ok 00:56:02.0525 5700 usbcir (af0892a803fdda7492f595368e3b68e7) C:\windows\system32\DRIVERS\usbcir.sys 00:56:02.0530 5700 usbcir - ok 00:56:02.0631 5700 usbehci (fbb21ebe49f6d560db37ac25fbc68e66) C:\windows\system32\DRIVERS\usbehci.sys 00:56:02.0633 5700 usbehci - ok 00:56:02.0689 5700 usbhub (6b7a8a99c4a459e73c286a6763ea24cc) C:\windows\system32\DRIVERS\usbhub.sys 00:56:02.0695 5700 usbhub - ok 00:56:02.0826 5700 usbohci (8c88aa7617b4cbc2e4bed61d26b33a27) C:\windows\system32\DRIVERS\usbohci.sys 00:56:02.0829 5700 usbohci - ok 00:56:02.0885 5700 usbprint (73188f58fb384e75c4063d29413cee3d) C:\windows\system32\DRIVERS\usbprint.sys 00:56:02.0888 5700 usbprint - ok 00:56:03.0175 5700 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\windows\system32\DRIVERS\USBSTOR.SYS 00:56:03.0180 5700 USBSTOR - ok 00:56:03.0297 5700 usbuhci (0b5b3b2df3fd1709618acfa50b8392b0) C:\windows\system32\drivers\usbuhci.sys 00:56:03.0299 5700 usbuhci - ok 00:56:03.0439 5700 usbvideo (7cb8c573c6e4a2714402cc0a36eab4fe) C:\windows\System32\Drivers\usbvideo.sys 00:56:03.0446 5700 usbvideo - ok 00:56:03.0579 5700 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\windows\system32\DRIVERS\vdrvroot.sys 00:56:03.0583 5700 vdrvroot - ok 00:56:03.0725 5700 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\windows\system32\DRIVERS\vgapnp.sys 00:56:03.0729 5700 vga - ok 00:56:03.0824 5700 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\windows\System32\drivers\vga.sys 00:56:03.0827 5700 VgaSave - ok 00:56:03.0851 5700 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\windows\system32\DRIVERS\vhdmp.sys 00:56:03.0857 5700 vhdmp - ok 00:56:03.0939 5700 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\windows\system32\DRIVERS\viaide.sys 00:56:03.0957 5700 viaide - ok 00:56:04.0048 5700 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\windows\system32\DRIVERS\volmgr.sys 00:56:04.0052 5700 volmgr - ok 00:56:04.0095 5700 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\windows\system32\drivers\volmgrx.sys 00:56:04.0102 5700 volmgrx - ok 00:56:04.0183 5700 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\windows\system32\DRIVERS\volsnap.sys 00:56:04.0189 5700 volsnap - ok 00:56:04.0212 5700 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\windows\system32\DRIVERS\vsmraid.sys 00:56:04.0215 5700 vsmraid - ok 00:56:04.0245 5700 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\windows\system32\DRIVERS\vwifibus.sys 00:56:04.0248 5700 vwifibus - ok 00:56:04.0281 5700 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\windows\system32\DRIVERS\vwififlt.sys 00:56:04.0284 5700 vwififlt - ok 00:56:04.0342 5700 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\windows\system32\DRIVERS\wacompen.sys 00:56:04.0345 5700 WacomPen - ok 00:56:04.0389 5700 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\windows\system32\DRIVERS\wanarp.sys 00:56:04.0392 5700 WANARP - ok 00:56:04.0406 5700 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\windows\system32\DRIVERS\wanarp.sys 00:56:04.0409 5700 Wanarpv6 - ok 00:56:04.0548 5700 Wd (72889e16ff12ba0f235467d6091b17dc) C:\windows\system32\DRIVERS\wd.sys 00:56:04.0552 5700 Wd - ok 00:56:04.0627 5700 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\windows\system32\drivers\Wdf01000.sys 00:56:04.0637 5700 Wdf01000 - ok 00:56:04.0770 5700 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\windows\system32\DRIVERS\wfplwf.sys 00:56:04.0781 5700 WfpLwf - ok 00:56:04.0840 5700 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\windows\system32\drivers\wimmount.sys 00:56:04.0843 5700 WIMMount - ok 00:56:05.0011 5700 WinUsb (817eaff5d38674edd7713b9dfb8e9791) C:\windows\system32\DRIVERS\WinUsb.sys 00:56:05.0015 5700 WinUsb - ok 00:56:05.0096 5700 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\windows\system32\DRIVERS\wmiacpi.sys 00:56:05.0098 5700 WmiAcpi - ok 00:56:05.0182 5700 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\windows\system32\drivers\ws2ifsl.sys 00:56:05.0184 5700 ws2ifsl - ok 00:56:05.0285 5700 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\windows\system32\drivers\WudfPf.sys 00:56:05.0288 5700 WudfPf - ok 00:56:05.0363 5700 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\windows\system32\DRIVERS\WUDFRd.sys 00:56:05.0373 5700 WUDFRd - ok 00:56:05.0468 5700 MBR (0x1B8) (5b5e648d12fcadc244c1ec30318e1eb9) \Device\Harddisk0\DR0 00:56:05.0487 5700 \Device\Harddisk0\DR0 - ok 00:56:05.0542 5700 Boot (0x1200) (ef377c9de8d74bc26b12eb23ee2e92d9) \Device\Harddisk0\DR0\Partition0 00:56:05.0543 5700 \Device\Harddisk0\DR0\Partition0 - ok 00:56:05.0547 5700 ============================================================ 00:56:05.0547 5700 Scan finished 00:56:05.0547 5700 ============================================================ 00:56:05.0569 5836 Detected object count: 0 00:56:05.0569 5836 Actual detected object count: 0 01:08:57.0307 5372 ============================================================ 01:08:57.0307 5372 Scan started 01:08:57.0307 5372 Mode: Manual; 01:08:57.0307 5372 ============================================================ 01:08:58.0112 5372 1394ohci (969c91060cbb5d17cb8440b5f78b4c51) C:\windows\system32\DRIVERS\1394ohci.sys 01:08:58.0115 5372 1394ohci - ok 01:08:58.0141 5372 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\windows\system32\DRIVERS\ACPI.sys 01:08:58.0145 5372 ACPI - ok 01:08:58.0167 5372 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\windows\system32\DRIVERS\acpipmi.sys 01:08:58.0168 5372 AcpiPmi - ok 01:08:58.0216 5372 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\windows\system32\DRIVERS\adp94xx.sys 01:08:58.0221 5372 adp94xx - ok 01:08:58.0304 5372 adpahci (597f78224ee9224ea1a13d6350ced962) C:\windows\system32\DRIVERS\adpahci.sys 01:08:58.0307 5372 adpahci - ok 01:08:58.0336 5372 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\windows\system32\DRIVERS\adpu320.sys 01:08:58.0338 5372 adpu320 - ok 01:08:58.0397 5372 AFD (6ef20ddf3172e97d69f596fb90602f29) C:\windows\system32\drivers\afd.sys 01:08:58.0403 5372 AFD - ok 01:08:58.0502 5372 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\windows\system32\DRIVERS\agp440.sys 01:08:58.0504 5372 agp440 - ok 01:08:58.0528 5372 aliide (5812713a477a3ad7363c7438ca2ee038) C:\windows\system32\DRIVERS\aliide.sys 01:08:58.0529 5372 aliide - ok 01:08:58.0557 5372 amdide (1ff8b4431c353ce385c875f194924c0c) C:\windows\system32\DRIVERS\amdide.sys 01:08:58.0558 5372 amdide - ok 01:08:58.0586 5372 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\windows\system32\DRIVERS\amdk8.sys 01:08:58.0587 5372 AmdK8 - ok 01:08:58.0819 5372 amdkmdag (d6227f6469e4d2189e88c8d880a8378b) C:\windows\system32\DRIVERS\atikmdag.sys 01:08:58.0889 5372 amdkmdag - ok 01:08:58.0990 5372 amdkmdap (895c13c8cb916ee52bb9ed390e378ee4) C:\windows\system32\DRIVERS\atikmpag.sys 01:08:58.0992 5372 amdkmdap - ok 01:08:59.0040 5372 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\windows\system32\DRIVERS\amdppm.sys 01:08:59.0041 5372 AmdPPM - ok 01:08:59.0139 5372 amdsata (ec7ebab00a4d8448bab68d1e49b4beb9) C:\windows\system32\drivers\amdsata.sys 01:08:59.0140 5372 amdsata - ok 01:08:59.0194 5372 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\windows\system32\DRIVERS\amdsbs.sys 01:08:59.0196 5372 amdsbs - ok 01:08:59.0283 5372 amdxata (db27766102c7bf7e95140a2aa81d042e) C:\windows\system32\drivers\amdxata.sys 01:08:59.0285 5372 amdxata - ok 01:08:59.0340 5372 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\windows\system32\drivers\appid.sys 01:08:59.0342 5372 AppID - ok 01:08:59.0487 5372 arc (c484f8ceb1717c540242531db7845c4e) C:\windows\system32\DRIVERS\arc.sys 01:08:59.0489 5372 arc - ok 01:08:59.0518 5372 arcsas (019af6924aefe7839f61c830227fe79c) C:\windows\system32\DRIVERS\arcsas.sys 01:08:59.0521 5372 arcsas - ok 01:08:59.0633 5372 aswFsBlk (ce6d8bcc4787704ea4feeb92b0d0caf8) C:\windows\system32\drivers\aswFsBlk.sys 01:08:59.0636 5372 aswFsBlk - ok 01:08:59.0699 5372 aswMonFlt (0debeb2e3fbd0bf5343125cce617f105) C:\windows\system32\drivers\aswMonFlt.sys 01:08:59.0700 5372 aswMonFlt - ok 01:08:59.0778 5372 aswRdr (952edc2e81f85d1781958d4128bf59f8) C:\windows\system32\drivers\aswRdr.sys 01:08:59.0780 5372 aswRdr - ok 01:08:59.0862 5372 aswSnx (dd383e2ac941c545a85ab72503da6c12) C:\windows\system32\drivers\aswSnx.sys 01:08:59.0869 5372 aswSnx - ok 01:08:59.0957 5372 aswSP (ef5403fb8b2dcb791ec365fdf6040a4a) C:\windows\system32\drivers\aswSP.sys 01:08:59.0960 5372 aswSP - ok 01:09:00.0015 5372 aswTdi (34165da5c6b30c0f9d61246bf8a28040) C:\windows\system32\drivers\aswTdi.sys 01:09:00.0017 5372 aswTdi - ok 01:09:00.0113 5372 AsyncMac (769765ce2cc62867468cea93969b2242) C:\windows\system32\DRIVERS\asyncmac.sys 01:09:00.0114 5372 AsyncMac - ok 01:09:00.0179 5372 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\windows\system32\DRIVERS\atapi.sys 01:09:00.0180 5372 atapi - ok 01:09:00.0288 5372 athr (d6cad7e5b05055bb8226bdcb1644da27) C:\windows\system32\DRIVERS\athrx.sys 01:09:00.0303 5372 athr - ok 01:09:00.0409 5372 AtiPcie (7c5d273e29dcc5505469b299c6f29163) C:\windows\system32\DRIVERS\AtiPcie.sys 01:09:00.0410 5372 AtiPcie - ok 01:09:00.0507 5372 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\windows\system32\DRIVERS\bxvbda.sys 01:09:00.0512 5372 b06bdrv - ok 01:09:00.0605 5372 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\windows\system32\DRIVERS\b57nd60a.sys 01:09:00.0609 5372 b57nd60a - ok 01:09:00.0699 5372 Beep (16a47ce2decc9b099349a5f840654746) C:\windows\system32\drivers\Beep.sys 01:09:00.0701 5372 Beep - ok 01:09:00.0740 5372 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\windows\system32\DRIVERS\blbdrive.sys 01:09:00.0741 5372 blbdrive - ok 01:09:00.0851 5372 bowser (19d20159708e152267e53b66677a4995) C:\windows\system32\DRIVERS\bowser.sys 01:09:00.0853 5372 bowser - ok 01:09:00.0908 5372 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\windows\system32\DRIVERS\BrFiltLo.sys 01:09:00.0909 5372 BrFiltLo - ok 01:09:00.0963 5372 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\windows\system32\DRIVERS\BrFiltUp.sys 01:09:00.0964 5372 BrFiltUp - ok 01:09:01.0032 5372 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\windows\System32\Drivers\Brserid.sys 01:09:01.0035 5372 Brserid - ok 01:09:01.0097 5372 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\windows\System32\Drivers\BrSerWdm.sys 01:09:01.0098 5372 BrSerWdm - ok 01:09:01.0143 5372 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\windows\System32\Drivers\BrUsbMdm.sys 01:09:01.0144 5372 BrUsbMdm - ok 01:09:01.0169 5372 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\windows\System32\Drivers\BrUsbSer.sys 01:09:01.0170 5372 BrUsbSer - ok 01:09:01.0195 5372 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\windows\system32\DRIVERS\bthmodem.sys 01:09:01.0196 5372 BTHMODEM - ok 01:09:01.0240 5372 cdfs (b8bd2bb284668c84865658c77574381a) C:\windows\system32\DRIVERS\cdfs.sys 01:09:01.0242 5372 cdfs - ok 01:09:01.0298 5372 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\windows\system32\DRIVERS\cdrom.sys 01:09:01.0300 5372 cdrom - ok 01:09:01.0357 5372 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\windows\system32\DRIVERS\circlass.sys 01:09:01.0358 5372 circlass - ok 01:09:01.0448 5372 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\windows\system32\CLFS.sys 01:09:01.0453 5372 CLFS - ok 01:09:01.0570 5372 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\windows\system32\DRIVERS\CmBatt.sys 01:09:01.0573 5372 CmBatt - ok 01:09:01.0592 5372 cmdide (e19d3f095812725d88f9001985b94edd) C:\windows\system32\DRIVERS\cmdide.sys 01:09:01.0593 5372 cmdide - ok 01:09:01.0621 5372 CNG (f95fd4cb7da00ba2a63ce9f6b5c053e1) C:\windows\system32\Drivers\cng.sys 01:09:01.0628 5372 CNG - ok 01:09:01.0711 5372 Compbatt (102de219c3f61415f964c88e9085ad14) C:\windows\system32\DRIVERS\compbatt.sys 01:09:01.0714 5372 Compbatt - ok 01:09:01.0752 5372 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\windows\system32\DRIVERS\CompositeBus.sys 01:09:01.0754 5372 CompositeBus - ok 01:09:01.0845 5372 crcdisk (1c827878a998c18847245fe1f34ee597) C:\windows\system32\DRIVERS\crcdisk.sys 01:09:01.0846 5372 crcdisk - ok 01:09:01.0925 5372 DfsC (9c253ce7311ca60fc11c774692a13208) C:\windows\system32\Drivers\dfsc.sys 01:09:01.0927 5372 DfsC - ok 01:09:02.0035 5372 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\windows\system32\drivers\discache.sys 01:09:02.0036 5372 discache - ok 01:09:02.0059 5372 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\windows\system32\DRIVERS\disk.sys 01:09:02.0061 5372 Disk - ok 01:09:02.0113 5372 drmkaud (9b19f34400d24df84c858a421c205754) C:\windows\system32\drivers\drmkaud.sys 01:09:02.0114 5372 drmkaud - ok 01:09:02.0218 5372 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\windows\System32\drivers\dxgkrnl.sys 01:09:02.0229 5372 DXGKrnl - ok 01:09:02.0420 5372 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\windows\system32\DRIVERS\evbda.sys 01:09:02.0450 5372 ebdrv - ok 01:09:02.0577 5372 elxstor (0e5da5369a0fcaea12456dd852545184) C:\windows\system32\DRIVERS\elxstor.sys 01:09:02.0583 5372 elxstor - ok 01:09:02.0668 5372 ErrDev (34a3c54752046e79a126e15c51db409b) C:\windows\system32\DRIVERS\errdev.sys 01:09:02.0669 5372 ErrDev - ok 01:09:02.0727 5372 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\windows\system32\drivers\exfat.sys 01:09:02.0730 5372 exfat - ok 01:09:02.0814 5372 fastfat (0adc83218b66a6db380c330836f3e36d) C:\windows\system32\drivers\fastfat.sys 01:09:02.0816 5372 fastfat - ok 01:09:02.0847 5372 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\windows\system32\DRIVERS\fdc.sys 01:09:02.0848 5372 fdc - ok 01:09:02.0884 5372 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\windows\system32\drivers\fileinfo.sys 01:09:02.0885 5372 FileInfo - ok 01:09:02.0906 5372 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\windows\system32\drivers\filetrace.sys 01:09:02.0909 5372 Filetrace - ok 01:09:02.0931 5372 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\windows\system32\DRIVERS\flpydisk.sys 01:09:02.0932 5372 flpydisk - ok 01:09:02.0980 5372 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\windows\system32\drivers\fltmgr.sys 01:09:02.0984 5372 FltMgr - ok 01:09:03.0110 5372 FsDepends (d43703496149971890703b4b1b723eac) C:\windows\system32\drivers\FsDepends.sys 01:09:03.0112 5372 FsDepends - ok 01:09:03.0155 5372 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\windows\system32\drivers\Fs_Rec.sys 01:09:03.0157 5372 Fs_Rec - ok 01:09:03.0267 5372 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\windows\system32\DRIVERS\fvevol.sys 01:09:03.0271 5372 fvevol - ok 01:09:03.0313 5372 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\windows\system32\DRIVERS\gagp30kx.sys 01:09:03.0316 5372 gagp30kx - ok 01:09:03.0422 5372 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\windows\system32\DRIVERS\GEARAspiWDM.sys 01:09:03.0425 5372 GEARAspiWDM - ok 01:09:03.0501 5372 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\windows\system32\drivers\hcw85cir.sys 01:09:03.0503 5372 hcw85cir - ok 01:09:03.0673 5372 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\windows\system32\drivers\HdAudio.sys 01:09:03.0695 5372 HdAudAddService - ok 01:09:03.0795 5372 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\windows\system32\DRIVERS\HDAudBus.sys 01:09:03.0798 5372 HDAudBus - ok 01:09:03.0827 5372 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\windows\system32\DRIVERS\HidBatt.sys 01:09:03.0830 5372 HidBatt - ok 01:09:03.0973 5372 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\windows\system32\DRIVERS\hidbth.sys 01:09:03.0976 5372 HidBth - ok 01:09:04.0015 5372 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\windows\system32\DRIVERS\hidir.sys 01:09:04.0017 5372 HidIr - ok 01:09:04.0102 5372 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\windows\system32\DRIVERS\hidusb.sys 01:09:04.0104 5372 HidUsb - ok 01:09:04.0162 5372 HpSAMD (0886d440058f203eba0e1825e4355914) C:\windows\system32\DRIVERS\HpSAMD.sys 01:09:04.0164 5372 HpSAMD - ok 01:09:04.0196 5372 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\windows\system32\drivers\HTTP.sys 01:09:04.0210 5372 HTTP - ok 01:09:04.0231 5372 hwpolicy (f17766a19145f111856378df337a5d79) C:\windows\system32\drivers\hwpolicy.sys 01:09:04.0233 5372 hwpolicy - ok 01:09:04.0274 5372 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\windows\system32\DRIVERS\i8042prt.sys 01:09:04.0276 5372 i8042prt - ok 01:09:04.0381 5372 iaStorV (b75e45c564e944a2657167d197ab29da) C:\windows\system32\drivers\iaStorV.sys 01:09:04.0388 5372 iaStorV - ok 01:09:04.0509 5372 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\windows\system32\DRIVERS\iirsp.sys 01:09:04.0513 5372 iirsp - ok 01:09:04.0782 5372 IntcAzAudAddService (a73cc9bd3a7236e686be6667f0106c16) C:\windows\system32\drivers\RTKVHD64.sys 01:09:04.0820 5372 IntcAzAudAddService - ok 01:09:04.0909 5372 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\windows\system32\DRIVERS\intelide.sys 01:09:04.0911 5372 intelide - ok 01:09:04.0931 5372 intelppm (ada036632c664caa754079041cf1f8c1) C:\windows\system32\DRIVERS\intelppm.sys 01:09:04.0934 5372 intelppm - ok 01:09:05.0034 5372 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\windows\system32\DRIVERS\ipfltdrv.sys 01:09:05.0037 5372 IpFilterDriver - ok 01:09:05.0073 5372 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\windows\system32\DRIVERS\IPMIDrv.sys 01:09:05.0076 5372 IPMIDRV - ok 01:09:05.0162 5372 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\windows\system32\drivers\ipnat.sys 01:09:05.0165 5372 IPNAT - ok 01:09:05.0319 5372 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\windows\system32\drivers\irenum.sys 01:09:05.0320 5372 IRENUM - ok 01:09:05.0359 5372 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\windows\system32\DRIVERS\isapnp.sys 01:09:05.0361 5372 isapnp - ok 01:09:05.0435 5372 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\windows\system32\DRIVERS\msiscsi.sys 01:09:05.0440 5372 iScsiPrt - ok 01:09:05.0545 5372 JMCR (25d602ae635a0443458fbed1a8b6e4e9) C:\windows\system32\DRIVERS\jmcr.sys 01:09:05.0568 5372 JMCR - ok 01:09:05.0621 5372 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\windows\system32\DRIVERS\kbdclass.sys 01:09:05.0623 5372 kbdclass - ok 01:09:05.0674 5372 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\windows\system32\DRIVERS\kbdhid.sys 01:09:05.0677 5372 kbdhid - ok 01:09:05.0754 5372 KSecDD (e8b6fcc9c83535c67f835d407620bd27) C:\windows\system32\Drivers\ksecdd.sys 01:09:05.0757 5372 KSecDD - ok 01:09:05.0827 5372 KSecPkg (a8c63880ef6f4d3fec7b616b9c060215) C:\windows\system32\Drivers\ksecpkg.sys 01:09:05.0833 5372 KSecPkg - ok 01:09:05.0969 5372 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\windows\system32\drivers\ksthunk.sys 01:09:05.0971 5372 ksthunk - ok 01:09:06.0102 5372 lltdio (1538831cf8ad2979a04c423779465827) C:\windows\system32\DRIVERS\lltdio.sys 01:09:06.0106 5372 lltdio - ok 01:09:06.0245 5372 LPCFilter (41e122f6d1448c94cc05196bc41d6bfb) C:\windows\system32\DRIVERS\LPCFilter.sys 01:09:06.0247 5372 LPCFilter - ok 01:09:06.0320 5372 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\windows\system32\DRIVERS\lsi_fc.sys 01:09:06.0323 5372 LSI_FC - ok 01:09:06.0366 5372 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\windows\system32\DRIVERS\lsi_sas.sys 01:09:06.0369 5372 LSI_SAS - ok 01:09:06.0457 5372 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\windows\system32\DRIVERS\lsi_sas2.sys 01:09:06.0459 5372 LSI_SAS2 - ok 01:09:06.0539 5372 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\windows\system32\DRIVERS\lsi_scsi.sys 01:09:06.0542 5372 LSI_SCSI - ok 01:09:06.0598 5372 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\windows\system32\drivers\luafv.sys 01:09:06.0603 5372 luafv - ok 01:09:06.0660 5372 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\windows\system32\DRIVERS\megasas.sys 01:09:06.0662 5372 megasas - ok 01:09:06.0718 5372 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\windows\system32\DRIVERS\MegaSR.sys 01:09:06.0724 5372 MegaSR - ok 01:09:06.0782 5372 Modem (800ba92f7010378b09f9ed9270f07137) C:\windows\system32\drivers\modem.sys 01:09:06.0785 5372 Modem - ok 01:09:06.0908 5372 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\windows\system32\DRIVERS\monitor.sys 01:09:06.0910 5372 monitor - ok 01:09:06.0939 5372 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\windows\system32\DRIVERS\mouclass.sys 01:09:06.0941 5372 mouclass - ok 01:09:07.0011 5372 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\windows\system32\DRIVERS\mouhid.sys 01:09:07.0013 5372 mouhid - ok 01:09:07.0049 5372 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\windows\system32\drivers\mountmgr.sys 01:09:07.0054 5372 mountmgr - ok 01:09:07.0152 5372 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\windows\system32\DRIVERS\mpio.sys 01:09:07.0155 5372 mpio - ok 01:09:07.0240 5372 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\windows\system32\drivers\mpsdrv.sys 01:09:07.0242 5372 mpsdrv - ok 01:09:07.0313 5372 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\windows\system32\drivers\mrxdav.sys 01:09:07.0316 5372 MRxDAV - ok 01:09:07.0408 5372 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\windows\system32\DRIVERS\mrxsmb.sys 01:09:07.0411 5372 mrxsmb - ok 01:09:07.0461 5372 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\windows\system32\DRIVERS\mrxsmb10.sys 01:09:07.0466 5372 mrxsmb10 - ok 01:09:07.0560 5372 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\windows\system32\DRIVERS\mrxsmb20.sys 01:09:07.0562 5372 mrxsmb20 - ok 01:09:07.0600 5372 msahci (5c37497276e3b3a5488b23a326a754b7) C:\windows\system32\DRIVERS\msahci.sys 01:09:07.0602 5372 msahci - ok 01:09:07.0665 5372 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\windows\system32\DRIVERS\msdsm.sys 01:09:07.0670 5372 msdsm - ok 01:09:07.0739 5372 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\windows\system32\drivers\Msfs.sys 01:09:07.0741 5372 Msfs - ok 01:09:07.0823 5372 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\windows\System32\drivers\mshidkmdf.sys 01:09:07.0829 5372 mshidkmdf - ok 01:09:07.0873 5372 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\windows\system32\DRIVERS\msisadrv.sys 01:09:07.0874 5372 msisadrv - ok 01:09:07.0953 5372 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\windows\system32\drivers\MSKSSRV.sys 01:09:07.0955 5372 MSKSSRV - ok 01:09:07.0990 5372 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\windows\system32\drivers\MSPCLOCK.sys 01:09:07.0992 5372 MSPCLOCK - ok 01:09:08.0101 5372 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\windows\system32\drivers\MSPQM.sys 01:09:08.0137 5372 MSPQM - ok 01:09:08.0437 5372 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\windows\system32\drivers\MsRPC.sys 01:09:08.0448 5372 MsRPC - ok 01:09:08.0563 5372 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\windows\system32\DRIVERS\mssmbios.sys 01:09:08.0569 5372 mssmbios - ok 01:09:08.0648 5372 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\windows\system32\drivers\MSTEE.sys 01:09:08.0650 5372 MSTEE - ok 01:09:08.0691 5372 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\windows\system32\DRIVERS\MTConfig.sys 01:09:08.0693 5372 MTConfig - ok 01:09:08.0777 5372 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\windows\system32\Drivers\mup.sys 01:09:08.0779 5372 Mup - ok 01:09:08.0847 5372 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\windows\system32\DRIVERS\nwifi.sys 01:09:08.0852 5372 NativeWifiP - ok 01:09:08.0983 5372 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\windows\system32\drivers\ndis.sys 01:09:09.0006 5372 NDIS - ok 01:09:09.0083 5372 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\windows\system32\DRIVERS\ndiscap.sys 01:09:09.0085 5372 NdisCap - ok 01:09:09.0122 5372 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\windows\system32\DRIVERS\ndistapi.sys 01:09:09.0127 5372 NdisTapi - ok 01:09:09.0197 5372 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\windows\system32\DRIVERS\ndisuio.sys 01:09:09.0200 5372 Ndisuio - ok 01:09:09.0250 5372 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\windows\system32\DRIVERS\ndiswan.sys 01:09:09.0254 5372 NdisWan - ok 01:09:09.0373 5372 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\windows\system32\drivers\NDProxy.sys 01:09:09.0376 5372 NDProxy - ok 01:09:09.0426 5372 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\windows\system32\DRIVERS\netbios.sys 01:09:09.0428 5372 NetBIOS - ok 01:09:09.0488 5372 NetBT (9162b273a44ab9dce5b44362731d062a) C:\windows\system32\DRIVERS\netbt.sys 01:09:09.0495 5372 NetBT - ok 01:09:09.0568 5372 nfrd960 (77889813be4d166cdab78ddba990da92) C:\windows\system32\DRIVERS\nfrd960.sys 01:09:09.0571 5372 nfrd960 - ok 01:09:09.0634 5372 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\windows\system32\drivers\Npfs.sys 01:09:09.0636 5372 Npfs - ok 01:09:09.0690 5372 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\windows\system32\drivers\nsiproxy.sys 01:09:09.0692 5372 nsiproxy - ok 01:09:09.0804 5372 Ntfs (378e0e0dfea67d98ae6ea53adbbd76bc) C:\windows\system32\drivers\Ntfs.sys 01:09:09.0851 5372 Ntfs - ok 01:09:09.0940 5372 Null (9899284589f75fa8724ff3d16aed75c1) C:\windows\system32\drivers\Null.sys 01:09:09.0943 5372 Null - ok 01:09:09.0996 5372 nvraid (a4d9c9a608a97f59307c2f2600edc6a4) C:\windows\system32\drivers\nvraid.sys 01:09:09.0999 5372 nvraid - ok 01:09:10.0083 5372 nvstor (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\windows\system32\drivers\nvstor.sys 01:09:10.0086 5372 nvstor - ok 01:09:10.0142 5372 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\windows\system32\DRIVERS\nv_agp.sys 01:09:10.0145 5372 nv_agp - ok 01:09:10.0239 5372 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\windows\system32\DRIVERS\ohci1394.sys 01:09:10.0244 5372 ohci1394 - ok 01:09:10.0306 5372 Parport (0086431c29c35be1dbc43f52cc273887) C:\windows\system32\DRIVERS\parport.sys 01:09:10.0311 5372 Parport - ok 01:09:10.0392 5372 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\windows\system32\drivers\partmgr.sys 01:09:10.0396 5372 partmgr - ok 01:09:10.0464 5372 pci (5aab2b170536885de70a6cba8d7ce52b) C:\windows\system32\DRIVERS\pci.sys 01:09:10.0468 5372 pci - ok 01:09:10.0542 5372 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\windows\system32\DRIVERS\pciide.sys 01:09:10.0545 5372 pciide - ok 01:09:10.0597 5372 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\windows\system32\DRIVERS\pcmcia.sys 01:09:10.0601 5372 pcmcia - ok 01:09:10.0674 5372 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\windows\system32\drivers\pcw.sys 01:09:10.0677 5372 pcw - ok 01:09:10.0725 5372 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\windows\system32\drivers\peauth.sys 01:09:10.0735 5372 PEAUTH - ok 01:09:10.0846 5372 PGEffect (663962900e7fea522126ba287715bb4a) C:\windows\system32\DRIVERS\pgeffect.sys 01:09:10.0848 5372 PGEffect - ok 01:09:10.0953 5372 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\windows\system32\DRIVERS\raspptp.sys 01:09:10.0956 5372 PptpMiniport - ok 01:09:11.0036 5372 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\windows\system32\DRIVERS\processr.sys 01:09:11.0039 5372 Processor - ok 01:09:11.0109 5372 Psched (ee992183bd8eaefd9973f352e587a299) C:\windows\system32\DRIVERS\pacer.sys 01:09:11.0112 5372 Psched - ok 01:09:11.0225 5372 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\windows\system32\DRIVERS\ql2300.sys 01:09:11.0248 5372 ql2300 - ok 01:09:11.0329 5372 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\windows\system32\DRIVERS\ql40xx.sys 01:09:11.0332 5372 ql40xx - ok 01:09:11.0441 5372 QQSysMon (da2bca44fdfca8a087ff6b806f64c359) C:\Program Files (x86)\Tencent\QQPCMgr\5.0.1415.205\QQSysMon.sys 01:09:11.0446 5372 QQSysMon - ok 01:09:11.0553 5372 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\windows\system32\drivers\qwavedrv.sys 01:09:11.0557 5372 QWAVEdrv - ok 01:09:11.0613 5372 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\windows\system32\DRIVERS\rasacd.sys 01:09:11.0615 5372 RasAcd - ok 01:09:11.0678 5372 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\windows\system32\DRIVERS\AgileVpn.sys 01:09:11.0680 5372 RasAgileVpn - ok 01:09:11.0757 5372 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\windows\system32\DRIVERS\rasl2tp.sys 01:09:11.0761 5372 Rasl2tp - ok 01:09:11.0817 5372 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\windows\system32\DRIVERS\raspppoe.sys 01:09:11.0820 5372 RasPppoe - ok 01:09:11.0898 5372 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\windows\system32\DRIVERS\rassstp.sys 01:09:11.0901 5372 RasSstp - ok 01:09:11.0953 5372 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\windows\system32\DRIVERS\rd
[ Ignorer ] [ # 6 ] H-C
27.12.2011 02:49:54 Antal indlæg: 49	01:09:11.0959 5372 rdbss - ok 01:09:12.0019 5372 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\windows\system32\DRIVERS\rdpbus.sys 01:09:12.0022 5372 rdpbus - ok 01:09:12.0072 5372 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\windows\system32\DRIVERS\RDPCDD.sys 01:09:12.0074 5372 RDPCDD - ok 01:09:12.0153 5372 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\windows\system32\drivers\rdpencdd.sys 01:09:12.0154 5372 RDPENCDD - ok 01:09:12.0184 5372 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\windows\system32\drivers\rdprefmp.sys 01:09:12.0185 5372 RDPREFMP - ok 01:09:12.0223 5372 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\windows\system32\drivers\RDPWD.sys 01:09:12.0229 5372 RDPWD - ok 01:09:12.0275 5372 rdyboost (e5dc9ba9e439d6dbdd79f8caacb5bf01) C:\windows\system32\drivers\rdyboost.sys 01:09:12.0279 5372 rdyboost - ok 01:09:12.0433 5372 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\windows\system32\DRIVERS\rspndr.sys 01:09:12.0435 5372 rspndr - ok 01:09:12.0474 5372 RTHDMIAzAudService (4e821c740a675f6d040be41d59a62b1d) C:\windows\system32\drivers\RtHDMIVX.sys 01:09:12.0478 5372 RTHDMIAzAudService - ok 01:09:12.0557 5372 RTL8167 (fd978b2bf8a9b2390dcbef435e9c1f9f) C:\windows\system32\DRIVERS\Rt64win7.sys 01:09:12.0564 5372 RTL8167 - ok 01:09:12.0636 5372 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\windows\system32\DRIVERS\sbp2port.sys 01:09:12.0639 5372 sbp2port - ok 01:09:12.0687 5372 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\windows\system32\DRIVERS\scfilter.sys 01:09:12.0690 5372 scfilter - ok 01:09:12.0823 5372 sdbus (2c8d162efaf73abd36d8bcbb6340cae7) C:\windows\system32\DRIVERS\sdbus.sys 01:09:12.0826 5372 sdbus - ok 01:09:12.0906 5372 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\windows\system32\drivers\secdrv.sys 01:09:12.0924 5372 secdrv - ok 01:09:12.0984 5372 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\windows\system32\DRIVERS\serenum.sys 01:09:12.0986 5372 Serenum - ok 01:09:13.0060 5372 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\windows\system32\DRIVERS\serial.sys 01:09:13.0064 5372 Serial - ok 01:09:13.0093 5372 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\windows\system32\DRIVERS\sermouse.sys 01:09:13.0095 5372 sermouse - ok 01:09:13.0205 5372 sffdisk (a554811bcd09279536440c964ae35bbf) C:\windows\system32\DRIVERS\sffdisk.sys 01:09:13.0207 5372 sffdisk - ok 01:09:13.0239 5372 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\windows\system32\DRIVERS\sffp_mmc.sys 01:09:13.0240 5372 sffp_mmc - ok 01:09:13.0317 5372 sffp_sd (178298f767fe638c9fedcbdef58bb5e4) C:\windows\system32\DRIVERS\sffp_sd.sys 01:09:13.0319 5372 sffp_sd - ok 01:09:13.0350 5372 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\windows\system32\DRIVERS\sfloppy.sys 01:09:13.0352 5372 sfloppy - ok 01:09:13.0508 5372 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\windows\system32\DRIVERS\SiSRaid2.sys 01:09:13.0510 5372 SiSRaid2 - ok 01:09:13.0540 5372 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\windows\system32\DRIVERS\sisraid4.sys 01:09:13.0543 5372 SiSRaid4 - ok 01:09:13.0659 5372 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\windows\system32\DRIVERS\smb.sys 01:09:13.0662 5372 Smb - ok 01:09:13.0735 5372 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\windows\system32\drivers\spldr.sys 01:09:13.0737 5372 spldr - ok 01:09:13.0834 5372 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\windows\system32\DRIVERS\srv.sys 01:09:13.0841 5372 srv - ok 01:09:13.0934 5372 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\windows\system32\DRIVERS\srv2.sys 01:09:13.0941 5372 srv2 - ok 01:09:14.0028 5372 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\windows\system32\DRIVERS\srvnet.sys 01:09:14.0036 5372 srvnet - ok 01:09:14.0100 5372 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\windows\system32\DRIVERS\stexstor.sys 01:09:14.0102 5372 stexstor - ok 01:09:14.0190 5372 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\windows\system32\DRIVERS\swenum.sys 01:09:14.0194 5372 swenum - ok 01:09:14.0263 5372 SynTP (470c47daba9ca3966f0ab3f835d7d135) C:\windows\system32\DRIVERS\SynTP.sys 01:09:14.0269 5372 SynTP - ok 01:09:14.0398 5372 TcHardWare (62c0a414ee77949cb4aa117d2708bcf3) C:\Program Files (x86)\Tencent\QQPCMgr\5.0.1415.205\QQPCHW-x64.sys 01:09:14.0401 5372 TcHardWare - ok 01:09:14.0551 5372 Tcpip (f18f56efc0bfb9c87ba01c37b27f4da5) C:\windows\system32\drivers\tcpip.sys 01:09:14.0578 5372 Tcpip - ok 01:09:14.0705 5372 TCPIP6 (f18f56efc0bfb9c87ba01c37b27f4da5) C:\windows\system32\DRIVERS\tcpip.sys 01:09:14.0723 5372 TCPIP6 - ok 01:09:14.0819 5372 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\windows\system32\drivers\tcpipreg.sys 01:09:14.0823 5372 tcpipreg - ok 01:09:14.0930 5372 TCSafeBox (1474e86f7d710f65024f75fd5bb8d074) C:\Program Files (x86)\Tencent\QQPCMgr\5.0.1415.205\TCSafebox64.sys 01:09:14.0932 5372 TCSafeBox - ok 01:09:15.0018 5372 tdcmdpst (fd542b661bd22fa69ca789ad0ac58c29) C:\windows\system32\DRIVERS\tdcmdpst.sys 01:09:15.0021 5372 tdcmdpst - ok 01:09:15.0063 5372 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\windows\system32\drivers\tdpipe.sys 01:09:15.0065 5372 TDPIPE - ok 01:09:15.0132 5372 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\windows\system32\drivers\tdtcp.sys 01:09:15.0134 5372 TDTCP - ok 01:09:15.0178 5372 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\windows\system32\DRIVERS\tdx.sys 01:09:15.0181 5372 tdx - ok 01:09:15.0259 5372 TermDD (c448651339196c0e869a355171875522) C:\windows\system32\DRIVERS\termdd.sys 01:09:15.0263 5372 TermDD - ok 01:09:15.0322 5372 Thpdrv (c013f6acaa9761f571bd28dada7c157d) C:\windows\system32\DRIVERS\thpdrv.sys 01:09:15.0325 5372 Thpdrv - ok 01:09:15.0410 5372 Thpevm (b4e609047434ed948af7bdef2fa66e38) C:\windows\system32\DRIVERS\Thpevm.SYS 01:09:15.0412 5372 Thpevm - ok 01:09:15.0522 5372 TSDefenseBt - ok 01:09:15.0627 5372 TSKSP (01c56e657e931de31ef15667efb4d7ae) C:\Program Files (x86)\Tencent\QQPCMgr\5.0.1415.205\TSKsp.sys 01:09:15.0632 5372 TSKSP - ok 01:09:15.0736 5372 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\windows\system32\DRIVERS\tssecsrv.sys 01:09:15.0741 5372 tssecsrv - ok 01:09:15.0846 5372 TSysCare (fa3fd6f4f9a331181d99f385e21d6575) C:\windows\system32\Drivers\TSysCare64.sys 01:09:15.0849 5372 TSysCare - ok 01:09:15.0897 5372 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\windows\system32\DRIVERS\tunnel.sys 01:09:15.0900 5372 tunnel - ok 01:09:15.0978 5372 TVALZ (550b567f9364d8f7684c3fb3ea665a72) C:\windows\system32\DRIVERS\TVALZ_O.SYS 01:09:15.0981 5372 TVALZ - ok 01:09:16.0027 5372 TVALZFL (9c7191f4b2e49bff47a6c1144b5923fa) C:\windows\system32\DRIVERS\TVALZFL.sys 01:09:16.0029 5372 TVALZFL - ok 01:09:16.0122 5372 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\windows\system32\DRIVERS\uagp35.sys 01:09:16.0134 5372 uagp35 - ok 01:09:16.0188 5372 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\windows\system32\DRIVERS\udfs.sys 01:09:16.0195 5372 udfs - ok 01:09:16.0310 5372 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\windows\system32\DRIVERS\uliagpkx.sys 01:09:16.0314 5372 uliagpkx - ok 01:09:16.0370 5372 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\windows\system32\DRIVERS\umbus.sys 01:09:16.0372 5372 umbus - ok 01:09:16.0433 5372 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\windows\system32\DRIVERS\umpass.sys 01:09:16.0435 5372 UmPass - ok 01:09:16.0532 5372 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\windows\system32\Drivers\usbaapl64.sys 01:09:16.0536 5372 USBAAPL64 - ok 01:09:16.0606 5372 usbccgp (537a4e03d7103c12d42dfd8ffdb5bdc9) C:\windows\system32\DRIVERS\usbccgp.sys 01:09:16.0610 5372 usbccgp - ok 01:09:16.0686 5372 usbcir (af0892a803fdda7492f595368e3b68e7) C:\windows\system32\DRIVERS\usbcir.sys 01:09:16.0689 5372 usbcir - ok 01:09:16.0748 5372 usbehci (fbb21ebe49f6d560db37ac25fbc68e66) C:\windows\system32\DRIVERS\usbehci.sys 01:09:16.0751 5372 usbehci - ok 01:09:16.0843 5372 usbhub (6b7a8a99c4a459e73c286a6763ea24cc) C:\windows\system32\DRIVERS\usbhub.sys 01:09:16.0850 5372 usbhub - ok 01:09:16.0925 5372 usbohci (8c88aa7617b4cbc2e4bed61d26b33a27) C:\windows\system32\DRIVERS\usbohci.sys 01:09:16.0928 5372 usbohci - ok 01:09:17.0025 5372 usbprint (73188f58fb384e75c4063d29413cee3d) C:\windows\system32\DRIVERS\usbprint.sys 01:09:17.0029 5372 usbprint - ok 01:09:17.0102 5372 USBSTOR (f39983647bc1f3e6100778ddfe9dce29) C:\windows\system32\DRIVERS\USBSTOR.SYS 01:09:17.0105 5372 USBSTOR - ok 01:09:17.0192 5372 usbuhci (0b5b3b2df3fd1709618acfa50b8392b0) C:\windows\system32\drivers\usbuhci.sys 01:09:17.0195 5372 usbuhci - ok 01:09:17.0278 5372 usbvideo (7cb8c573c6e4a2714402cc0a36eab4fe) C:\windows\System32\Drivers\usbvideo.sys 01:09:17.0285 5372 usbvideo - ok 01:09:17.0396 5372 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\windows\system32\DRIVERS\vdrvroot.sys 01:09:17.0398 5372 vdrvroot - ok 01:09:17.0433 5372 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\windows\system32\DRIVERS\vgapnp.sys 01:09:17.0435 5372 vga - ok 01:09:17.0459 5372 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\windows\System32\drivers\vga.sys 01:09:17.0461 5372 VgaSave - ok 01:09:17.0486 5372 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\windows\system32\DRIVERS\vhdmp.sys 01:09:17.0492 5372 vhdmp - ok 01:09:17.0583 5372 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\windows\system32\DRIVERS\viaide.sys 01:09:17.0595 5372 viaide - ok 01:09:17.0617 5372 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\windows\system32\DRIVERS\volmgr.sys 01:09:17.0620 5372 volmgr - ok 01:09:17.0702 5372 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\windows\system32\drivers\volmgrx.sys 01:09:17.0709 5372 volmgrx - ok 01:09:17.0745 5372 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\windows\system32\DRIVERS\volsnap.sys 01:09:17.0750 5372 volsnap - ok 01:09:17.0832 5372 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\windows\system32\DRIVERS\vsmraid.sys 01:09:17.0836 5372 vsmraid - ok 01:09:17.0880 5372 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\windows\system32\DRIVERS\vwifibus.sys 01:09:17.0882 5372 vwifibus - ok 01:09:17.0937 5372 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\windows\system32\DRIVERS\vwififlt.sys 01:09:17.0940 5372 vwififlt - ok 01:09:18.0015 5372 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\windows\system32\DRIVERS\wacompen.sys 01:09:18.0017 5372 WacomPen - ok 01:09:18.0075 5372 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\windows\system32\DRIVERS\wanarp.sys 01:09:18.0079 5372 WANARP - ok 01:09:18.0093 5372 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\windows\system32\DRIVERS\wanarp.sys 01:09:18.0095 5372 Wanarpv6 - ok 01:09:18.0189 5372 Wd (72889e16ff12ba0f235467d6091b17dc) C:\windows\system32\DRIVERS\wd.sys 01:09:18.0191 5372 Wd - ok 01:09:18.0235 5372 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\windows\system32\drivers\Wdf01000.sys 01:09:18.0270 5372 Wdf01000 - ok 01:09:18.0373 5372 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\windows\system32\DRIVERS\wfplwf.sys 01:09:18.0375 5372 WfpLwf - ok 01:09:18.0420 5372 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\windows\system32\drivers\wimmount.sys 01:09:18.0422 5372 WIMMount - ok 01:09:18.0684 5372 WinUsb (817eaff5d38674edd7713b9dfb8e9791) C:\windows\system32\DRIVERS\WinUsb.sys 01:09:18.0686 5372 WinUsb - ok 01:09:18.0755 5372 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\windows\system32\DRIVERS\wmiacpi.sys 01:09:18.0757 5372 WmiAcpi - ok 01:09:18.0851 5372 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\windows\system32\drivers\ws2ifsl.sys 01:09:18.0853 5372 ws2ifsl - ok 01:09:18.0947 5372 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\windows\system32\drivers\WudfPf.sys 01:09:18.0950 5372 WudfPf - ok 01:09:18.0997 5372 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\windows\system32\DRIVERS\WUDFRd.sys 01:09:19.0001 5372 WUDFRd - ok 01:09:19.0063 5372 MBR (0x1B8) (5b5e648d12fcadc244c1ec30318e1eb9) \Device\Harddisk0\DR0 01:09:19.0086 5372 \Device\Harddisk0\DR0 - ok 01:09:19.0104 5372 Boot (0x1200) (ef377c9de8d74bc26b12eb23ee2e92d9) \Device\Harddisk0\DR0\Partition0 01:09:19.0105 5372 \Device\Harddisk0\DR0\Partition0 - ok 01:09:19.0112 5372 ============================================================ 01:09:19.0113 5372 Scan finished 01:09:19.0113 5372 ============================================================ 01:09:19.0133 4628 Detected object count: 0 01:09:19.0133 4628 Actual detected object count: 0 01:19:46.0383 5324 Deinitialize success
[ Ignorer ] [ # 7 ] f-arn TeamSpywarefri
27.12.2011 07:57:11 Administrator Team Spywarefri Antal indlæg: 4202	Vil du godt opdatere Malwarebytes, og køre et scan med den. Kopier loggen herind. ——— Hent og kør DDS. Den laver to logs,(DDS.txt og Attach.txt) gem dem på skrivebordet og kopier indholdet af begge herind. OBS - DDS skal gemmes på computeren og ikke køres fra nettet. Mht.: Vista og Windows 7 - Højreklik på filen - Kør som Administrator. —- Jeg vil gerne se: (Lavet i den rækkefølge) 1. Log fra Malwarebytes. (Opdateret) 2. Logs fra DDS. (DDS.txt og Attach.txt) Signatur Undlad venligst at vedhæfte logs, medmindre du bliver bedt om det !
[ Ignorer ] [ # 8 ] H-C
01.01.2012 01:29:14 Antal indlæg: 49	Malwarebytes Anti-Malware 1.60.0.1800 http://www.malwarebytes.org Database version: v2011.12.31.04 Windows 7 x64 NTFS Internet Explorer 8.0.7600.16385 sun :: SUN-PC [administrator] 12/31/2011 2:59:19 PM mbam-log-2011-12-31 (14-59-19).txt Scan type: Full scan Scan options enabled: Memory \| Startup \| Registry \| File System \| Heuristics/Extra \| Heuristics/Shuriken \| PUP \| PUM Scan options disabled: P2P Objects scanned: 393998 Time elapsed: 1 hour(s), 36 minute(s), 57 second(s) Memory Processes Detected: 1 C:\Program Files (x86)\Kingsoft\PowerWord PE\ksdsvc.exe (Trojan.Agent) -> 1744 -> Delete on reboot. Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 25 HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{70C6E9DE-F30E-4A40-8A6F-9572C2328320} (PUP.FCTPlugin) -> No action taken. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{70C6E9DE-F30E-4A40-8A6F-9572C2328320} (PUP.FCTPlugin) -> No action taken. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{70C6E9DE-F30E-4A40-8A6F-9572C2328320} (PUP.FCTPlugin) -> No action taken. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{70C6E9DE-F30E-4A40-8A6F-9572C2328320} (PUP.FCTPlugin) -> No action taken. HKLM\SOFTWARE\Google\Chrome\Extensions\kincjchfokkeneeofpeefomkikfkiedl (PUP.FCTPlugin) -> No action taken. HKCR\CLSID\{0C7C23EF-A848-485B-873C-0ED954731014} (Trojan.Agent) -> Quarantined and deleted successfully. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0C7C23EF-A848-485B-873C-0ED954731014} (Trojan.Agent) -> Quarantined and deleted successfully. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{0C7C23EF-A848-485B-873C-0ED954731014} (Trojan.Agent) -> Quarantined and deleted successfully. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{0C7C23EF-A848-485B-873C-0ED954731014} (Trojan.Agent) -> Quarantined and deleted successfully. HKCR\CLSID\{669751ED-D558-49AE-B01A-3B374CC7910E} (Trojan.Agent) -> Quarantined and deleted successfully. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{669751ED-D558-49AE-B01A-3B374CC7910E} (Trojan.Agent) -> Quarantined and deleted successfully. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{669751ED-D558-49AE-B01A-3B374CC7910E} (Trojan.Agent) -> Quarantined and deleted successfully. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{669751ED-D558-49AE-B01A-3B374CC7910E} (Trojan.Agent) -> Quarantined and deleted successfully. HKCR\CLSID\{A57E074F-56D8-4A33-8112-AAC9693AA909} (Trojan.Agent) -> Quarantined and deleted successfully. HKCR\CLSID\{DB8B2393-7A6C-4C76-88CE-6B1F6FF6FFE9} (Trojan.Agent) -> Quarantined and deleted successfully. HKCR\Typelib\{B1A7C2CF-BF40-4597-8142-7615D74D0CC3} (Trojan.Agent) -> Quarantined and deleted successfully. HKCR\Interface\{3084BC3D-C0D6-4A28-A8A4-5857165886EE} (Trojan.Agent) -> Quarantined and deleted successfully. HKCR\CLSID\{29CF293A-1E7D-4069-9E11-E39698D0AF95} (Trojan.Agent) -> Quarantined and deleted successfully. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{29CF293A-1E7D-4069-9E11-E39698D0AF95} (Trojan.Agent) -> Quarantined and deleted successfully. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{29CF293A-1E7D-4069-9E11-E39698D0AF95} (Trojan.Agent) -> Quarantined and deleted successfully. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{29CF293A-1E7D-4069-9E11-E39698D0AF95} (Trojan.Agent) -> Quarantined and deleted successfully. HKCR\SogouExplorerHTML (Adware.Sogou) -> Delete on reboot. HKLM\SOFTWARE\Clients\StartMenuInternet\SogouExplorer.exe (Adware.Sogou) -> Quarantined and deleted successfully. HKLM\SOFTWARE\Microsoft\Internet Explorer\AdvancedOptions\TBH (Trojan.Agent) -> Quarantined and deleted successfully. HKLM\SYSTEM\CurrentControlSet\Services\KSDSVC (Trojan.Agent) -> Quarantined and deleted successfully. Registry Values Detected: 10 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\|{0C7C23EF-A848-485B-873C-0ED954731014} (Trojan.Agent) -> Data: -> Quarantined and deleted successfully. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\|{669751ED-D558-49AE-B01A-3B374CC7910E} (Trojan.Agent) -> Data: -> Quarantined and deleted successfully. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\|{A57E074F-56D8-4A33-8112-AAC9693AA909} (Trojan.Agent) -> Data: -> Quarantined and deleted successfully. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\|{DB8B2393-7A6C-4C76-88CE-6B1F6FF6FFE9} (Trojan.Agent) -> Data: -> Quarantined and deleted successfully. HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\|{29CF293A-1E7D-4069-9E11-E39698D0AF95} (Trojan.Agent) -> Data: QQ工具栏 -> Quarantined and deleted successfully. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{0C7C23EF-A848-485B-873C-0ED954731014} (Trojan.Agent) -> Data: -> Quarantined and deleted successfully. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{DB8B2393-7A6C-4C76-88CE-6B1F6FF6FFE9} (Trojan.Agent) -> Data: -> Quarantined and deleted successfully. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{A57E074F-56D8-4A33-8112-AAC9693AA909} (Trojan.Agent) -> Data: -> Quarantined and deleted successfully. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{669751ED-D558-49AE-B01A-3B374CC7910E} (Trojan.Agent) -> Data: -> Quarantined and deleted successfully. HKCR\.exe\shell\open\command\| (Hijack.ExeFile) -> Data: “C:\Users\sun\AppData\Local\bdj.exe” -a “%1” %* -> Quarantined and deleted successfully. Registry Data Items Detected: 2 HKCR\.exe\| (Hijacked.exeFile) -> Bad: (6eM) Good: (exefile) -> Quarantined and repaired successfully. HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command\| (Hijack.StartMenuInternet) -> Bad: (“C:\Users\sun\AppData\Local\bdj.exe” -a “C:\Program Files (x86)\Internet Explorer\iexplore.exe”) Good: (iexplore.exe) -> Quarantined and repaired successfully. Folders Detected: 0 (No malicious items detected) Files Detected: 9 C:\Program Files\TENCENT\SSPlus\SAddr.dll (Trojan.Agent) -> Quarantined and deleted successfully. C:\Program Files\TENCENT\SSPlus\SSup.dll (Trojan.Agent) -> Quarantined and deleted successfully. C:\Program Files\TENCENT\QQToolbar\IEBar.dll (Trojan.Agent) -> Quarantined and deleted successfully. C:\12\sun\new\sun\lqbz\新建文件夹\else\everytime.exe (Adware.Agent) -> Quarantined and deleted successfully. C:\12\sun\new\sun\u盘+mp3\新建文件夹\else\everytime.exe (Adware.Agent) -> Quarantined and deleted successfully. C:\Program Files (x86)\Tencent\QQPCMgr\5.0.1415.205\QQPCMgr.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully. C:\Users\sun\AppData\Local\Temp\sogou_explorer111634.exe (Adware.Sogou) -> Quarantined and deleted successfully. C:\Users\sun\AppData\Roaming\SogouExplorer\temp\sogou_explorer4251838.exe (Adware.Sogou) -> Quarantined and deleted successfully. C:\Program Files (x86)\Kingsoft\PowerWord PE\ksdsvc.exe (Trojan.Agent) -> Delete on reboot. (end)
[ Ignorer ] [ # 9 ] H-C
01.01.2012 01:29:32 Antal indlæg: 49	. DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 8.0.7600.16385 Run by sun at 16:48:00 on 2011-12-31 Microsoft Windows 7 Home Premium 6.1.7600.0.936.86.1033.18.1788.825 [GMT -6:00] . AV: avast! Antivirus Enabled/Updated {2B2D1395-420B-D5C9-657E-930FE358FC3C} SP: avast! Antivirus Enabled/Updated {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender Enabled/Updated {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\windows\system32\wininit.exe C:\windows\system32\lsm.exe C:\windows\system32\svchost.exe -k DcomLaunch C:\windows\system32\svchost.exe -k RPCSS C:\windows\system32\atiesrxx.exe C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\windows\system32\svchost.exe -k netsvcs C:\windows\system32\svchost.exe -k LocalService C:\windows\system32\atieclxx.exe C:\windows\system32\svchost.exe -k NetworkService C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\windows\system32\Dwm.exe C:\windows\Explorer.EXE C:\windows\System32\spoolsv.exe C:\windows\system32\taskhost.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\windows\system32\taskeng.exe C:\windows\System32\svchost.exe -k LocalServiceNoNetwork C:\windows\system32\taskeng.exe C:\Program Files (x86)\Google\Update\GoogleUpdate.exe C:\windows\system32\taskeng.exe C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.3.198\ccSvcHst.exe C:\Program Files (x86)\Tencent\QQPCMgr\5.0.1415.205\QQPCRtp.exe C:\windows\system32\svchost.exe -k imgsvc C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe C:\windows\system32\ThpSrv.exe C:\Windows\system32\TODDSrv.exe C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe C:\Program Files\TOSHIBA\TECO\TecoService.exe C:\Program Files (x86)\StartNow Toolbar\ToolbarUpdaterService.exe C:\windows\system32\SearchIndexer.exe C:\windows\system32\wbem\wmiprvse.exe C:\windows\system32\SearchProtocolHost.exe C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\windows\system32\wbem\wmiprvse.exe C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.3.198\ccSvcHst.exe C:\Program Files (x86)\Tencent\QQPCMgr\5.0.1415.205\QQPCTray.exe C:\Program Files (x86)\TeamViewer\Version7\TeamViewer.exe C:\Program Files (x86)\TeamViewer\Version7\tv_w32.exe C:\Program Files (x86)\TeamViewer\Version7\tv_x64.exe C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe C:\Windows\System32\ThpSrv.exe C:\Program Files\TOSHIBA\TECO\Teco.exe c:\program files (x86)\teamviewer\version7\TeamViewer_Desktop.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe C:\Users\sun\AppData\Local\Akamai\netsession_win.exe C:\Users\sun\AppData\Local\Akamai\netsession_win.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files (x86)\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe C:\windows\System32\svchost.exe -k WerSvcGroup C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.3.198\SymcPCCULaunchSvc.exe C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe C:\windows\system32\sppsvc.exe C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe C:\windows\system32\SearchFilterHost.exe C:\windows\system32\DllHost.exe C:\windows\system32\DllHost.exe C:\windows\SysWOW64\cmd.exe C:\windows\system32\conhost.exe C:\windows\SysWOW64\cscript.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://search.babylon.com/?babsrc=HP_ss&affID=108907&mntrId=1e707c8200000000000088ae1de6aa50 uDefault_Page_URL = hxxp://www.google.com/ig?brand=TSND&bmod=TSND mDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSND&bmod=TSND mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=TSND&bmod=TSND uInternet Settings,ProxyOverride = <local> mWinlogon: Userinit=userinit.exe, BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File BHO: StartNow Toolbar Helper: {6e13d095-45c3-4271-9475-f3b48227dd9f} - C:\Program Files (x86)\StartNow Toolbar\Toolbar32.dll BHO: {70C6E9DE-F30E-4A40-8A6F-9572C2328320} - No File BHO: QQµÁƒ‘π‹º“Õ¯“≥∑¿ª«Ω: {7c260b4b-f7a0-40b5-b403-befcdc6a4c3b} - C:\Program Files (x86)\Tencent\QQPCMgr\5.0.1415.205\TSWebMon.dat BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: 1®®?®®?e®¶?°‰®∫°„?for IE: {a28581a7-e2a8-4b6c-9cc9-4a4cc1efd55a} - C:\Program Files (x86)\Kingsoft\PowerWord PE\SelectForIE.dll BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7018.1622\swg.dll BHO: DCA BHO: {b49699fc-1665-4414-a1cb-c4a2a4a13eec} - C:\Program Files (x86)\Common Files\FreeCause\DCA\dca-bho.dll BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll BHO: TOSHIBA Media Controller Plug-in: {f3c88694-effa-4d78-b409-54b7b2535b14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll BHO: Yontoo Layers: {fd72061e-9fde-484d-a58a-0bab4151cad8} - C:\Program Files (x86)\Yontoo Layers Runtime\YontooIEClient.dll TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll TB: StartNow Toolbar: {5911488e-9d1e-40ec-8cbb-06b231cc153f} - C:\Program Files (x86)\StartNow Toolbar\Toolbar32.dll TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll TB: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File TB: {65F8A3D2-4C22-4A33-9633-73167EAEEC45} - No File TB: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File uRun: [DW6] “C:\Program Files (x86)\The Weather Channel FW\Desktop\DesktopWeather.exe” uRun: [Akamai NetSession Interface] “C:\Users\sun\AppData\Local\Akamai\netsession_win.exe” uRun: [swg] “C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe” mRun: [TSleepSrv] %ProgramFiles(x86)%\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe mRun: [ToshibaAppPlace] “C:\Program Files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe” mRun: [StartCCC] “C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe” MSRun mRun: [SVPWUTIL] C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL mRun: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe hwSetUP mRun: [KeNotify] C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe mRun: [ToshibaServiceStation] “C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe” /hide:60 mRun: [NortonOnlineBackupReminder] “C:\Program Files (x86)\Toshiba\Toshiba Online Backup\Activation\TOBuActivation.exe” UNATTENDED mRun: [avast] “C:\Program Files\AVAST Software\Avast\avastUI.exe” /nogui mRun: [ QQPCTray] “C:\Program Files (x86)\Tencent\QQPCMgr\5.0.1415.205\QQPCTray.exe” /regrun mRun: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe mRun: [Anti-phishing Domain Advisor] “C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe” mRun: [APSDaemon] “C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe” mPolicies-explorer: NoActiveDesktop = 1 (0x1) mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1) mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html IE: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html IE: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html IE: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html IE: µº≥ˆµΩ Microsoft Excel(&X) - C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000 Trusted Zone: alipay.com Trusted Zone: alisoft.com Trusted Zone: taobao.com DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab TCP: DhcpNameServer = 192.168.0.1 TCP: Interfaces\{5D4CC51A-BD3A-4D82-B8E5-3A77F8E4CA3C} : DhcpNameServer = 165.124.49.21 129.105.49.1 TCP: Interfaces\{B0D6C625-DFE9-4AA9-BE6D-DB5A2E6D46DF} : DhcpNameServer = 192.168.0.1 TCP: Interfaces\{B0D6C625-DFE9-4AA9-BE6D-DB5A2E6D46DF}\34963736F64353736333 : DhcpNameServer = 192.168.7.254 TCP: Interfaces\{B0D6C625-DFE9-4AA9-BE6D-DB5A2E6D46DF}\758494455435F485D20534F5E4564777F627B6 : DhcpNameServer = 192.168.1.1 TCP: Interfaces\{B0D6C625-DFE9-4AA9-BE6D-DB5A2E6D46DF}\C416D602E4564777F627B6 : DhcpNameServer = 192.168.1.1 Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO-X64: AcroIEHelperStub - No File BHO-X64: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll BHO-X64: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File BHO-X64: StartNow Toolbar Helper: {6E13D095-45C3-4271-9475-F3B48227DD9F} - C:\Program Files (x86)\StartNow Toolbar\Toolbar32.dll BHO-X64: StartNowToolbarHelper - No File BHO-X64: {70C6E9DE-F30E-4A40-8A6F-9572C2328320} - No File BHO-X64: BHO Project - No File BHO-X64: QQµÁƒ‘π‹º“Õ¯“≥∑¿ª«Ω: {7C260B4B-F7A0-40B5-B403-BEFCDC6A4C3B} - C:\Program Files (x86)\Tencent\QQPCMgr\5.0.1415.205\TSWebMon.dat BHO-X64: TSWebMon - No File BHO-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll BHO-X64: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO-X64: 1®®?®®?e®¶?°‰®∫°„?for IE: {A28581A7-E2A8-4b6c-9CC9-4A4CC1EFD55A} - C:\Program Files (x86)\Kingsoft\PowerWord PE\SelectForIE.dll BHO-X64: 1®®?®®?e®¶?°‰®∫°„?for IE - No File BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll BHO-X64: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll BHO-X64: SkypeIEPluginBHO - No File BHO-X64: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7018.1622\swg.dll BHO-X64: DCA BHO: {B49699FC-1665-4414-A1CB-C4A2A4A13EEC} - C:\Program Files (x86)\Common Files\FreeCause\DCA\dca-bho.dll BHO-X64: DCA - No File BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll BHO-X64: TOSHIBA Media Controller Plug-in: {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll BHO-X64: Yontoo Layers: {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo Layers Runtime\YontooIEClient.dll BHO-X64: Yontoo Layers - No File TB-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll TB-X64: StartNow Toolbar: {5911488E-9D1E-40ec-8CBB-06B231CC153F} - C:\Program Files (x86)\StartNow Toolbar\Toolbar32.dll TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll TB-X64: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File TB-X64: {65F8A3D2-4C22-4A33-9633-73167EAEEC45} - No File TB-X64: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File mRun-x64: [TSleepSrv] %ProgramFiles(x86)%\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe mRun-x64: [ToshibaAppPlace] “C:\Program Files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe” mRun-x64: [StartCCC] “C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe” MSRun mRun-x64: [SVPWUTIL] C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL mRun-x64: [HWSetup] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe hwSetUP mRun-x64: [KeNotify] C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe mRun-x64: [ToshibaServiceStation] “C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe” /hide:60 mRun-x64: [NortonOnlineBackupReminder] “C:\Program Files (x86)\Toshiba\Toshiba Online Backup\Activation\TOBuActivation.exe” UNATTENDED mRun-x64: [avast] “C:\Program Files\AVAST Software\Avast\avastUI.exe” /nogui mRun-x64: [ QQPCTray] “C:\Program Files (x86)\Tencent\QQPCMgr\5.0.1415.205\QQPCTray.exe” /regrun mRun-x64: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe mRun-x64: [Anti-phishing Domain Advisor] “C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe” mRun-x64: [APSDaemon] “C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe” IE-X64: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\sun\AppData\Roaming\Mozilla\Firefox\Profiles\b28s2eee.default\ FF - prefs.js: browser.startup.homepage - about:cehome FF - prefs.js: network.proxy.type - 0 FF - component: C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components\SkypeFfComponent.dll FF - component: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\components\nprpffbrowserrecordext.dll FF - component: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext\components\nprpffbrowserrecordlegacyext.dll FF - component: C:\Users\sun\AppData\Roaming\Mozilla\Firefox\Profiles\b28s2eee.default\extensions\cpmanager@mozillaonline.com\components\mozilla-cpmanager.dll FF - plugin: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32.dll FF - Ext: Skype Click to Call: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: Firefox Home Page: . - %profile%\extensions\cehomepage@mozillaonline.com FF - Ext: Addons Manager: . - %profile%\extensions\cpmanager@mozillaonline.com FF - Ext: Yontoo Layers: . - %profile%\extensions\plugin@yontoo.com FF - Ext: avast! WebRep: . - C:\Program Files\AVAST Software\Avast\WebRep\FF FF - Ext: RealPlayer Browser Record Plugin: {ABDE892B-13A8-4d1b-88E6-365A6E755758} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext . ——FIREFOX POLICIES—— FF - user.js: extensions.BabylonToolbar_i.id - 1e707c8200000000000088ae1de6aa50 FF - user.js: extensions.BabylonToolbar_i.hardId - 1e707c8200000000000088ae1de6aa50 FF - user.js: extensions.BabylonToolbar_i.instlDay - 15306 FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17 FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17 FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.1712:10:47 FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar FF - user.js: extensions.BabylonToolbar_i.aflt - babsst FF - user.js: extensions.BabylonToolbar_i.smplGrp - none FF - user.js: extensions.BabylonToolbar_i.tlbrId - base FF - user.js: extensions.BabylonToolbar_i.newTab - false FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=108907 FF - user.js: extensions.BabylonToolbar_i.babExt - FF - user.js: extensions.BabylonToolbar_i.srcExt - ss FF - user.js: extensions.BabylonToolbar_i.instlRef - sst FF - user.js: extentions.y2layers.installId - f8a996e7-3053-4f55-8524-1e24c42560ee FF - user.js: extentions.y2layers.defaultEnableAppsList - PageRage,PageRageGlobal,Buzzdock,BuzzdockTease,PageRage,PageRageGlobal, . ============= SERVICES / DRIVERS =============== . R0 Thpdrv;TOSHIBA HDD Protection Driver;C:\windows\system32\DRIVERS\thpdrv.sys—> C:\windows\system32\DRIVERS\thpdrv.sys [?] R0 Thpevm;TOSHIBA HDD Protection - Shock Sensor Driver;C:\windows\system32\DRIVERS\Thpevm.SYS—> C:\windows\system32\DRIVERS\Thpevm.SYS [?] R0 TSysCare;TSysCare;C:\windows\system32\Drivers\TSysCare64.sys—> C:\windows\system32\Drivers\TSysCare64.sys [?] R1 aswSnx;aswSnx;C:\windows\system32\drivers\aswSnx.sys—> C:\windows\system32\drivers\aswSnx.sys [?] R1 aswSP;aswSP;C:\windows\system32\drivers\aswSP.sys—> C:\windows\system32\drivers\aswSP.sys [?] R1 TCSafeBox;TCSafeBox;C:\Program Files (x86)\Tencent\QQPCMgr\5.0.1415.205\TCSafeBox64.sys [2011-6-6 31872] R1 vwififlt;Virtual WiFi Filter Driver;C:\windows\system32\DRIVERS\vwififlt.sys—> C:\windows\system32\DRIVERS\vwififlt.sys [?] R2 AMD External Events Utility;AMD External Events Utility;C:\windows\system32\atiesrxx.exe—> C:\windows\system32\atiesrxx.exe [?] R2 aswFsBlk;aswFsBlk;C:\windows\system32\drivers\aswFsBlk.sys—> C:\windows\system32\drivers\aswFsBlk.sys [?] R2 aswMonFlt;aswMonFlt;\??\C:\windows\system32\drivers\aswMonFlt.sys—> C:\windows\system32\drivers\aswMonFlt.sys [?] R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-12-13 44768] R2 Norton PC Checkup Application Launcher;Toshiba Laptop Checkup Application Launcher;C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.3.198\SymcPCCULaunchSvc.exe [2011-6-20 135608] R2 PCCUJobMgr;Common Client Job Manager Service;C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.3.198\ccSvcHst.exe [2011-6-20 126392] R2 QQPCRTP;QQPCMgr RTP Service;C:\Program Files (x86)\Tencent\QQPCMgr\5.0.1415.205\QQPCRtp.exe -r—> C:\Program Files (x86)\Tencent\QQPCMgr\5.0.1415.205\QQPCRtp.exe -r [?] R2 TeamViewer7;TeamViewer 7;C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2011-12-31 2984832] R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;C:\Program Files\TOSHIBA\TECO\TecoService.exe [2010-4-6 258928] R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;C:\windows\system32\DRIVERS\TVALZFL.sys—> C:\windows\system32\DRIVERS\TVALZFL.sys [?] R2 Updater Service for StartNow Toolbar;Updater Service for StartNow Toolbar;C:\Program Files (x86)\StartNow Toolbar\ToolbarUpdaterService.exe [2011-10-25 244960] R3 amdkmdag;amdkmdag;C:\windows\system32\DRIVERS\atikmdag.sys—> C:\windows\system32\DRIVERS\atikmdag.sys [?] R3 amdkmdap;amdkmdap;C:\windows\system32\DRIVERS\atikmpag.sys—> C:\windows\system32\DRIVERS\atikmpag.sys [?] R3 JMCR;JMCR;C:\windows\system32\DRIVERS\jmcr.sys—> C:\windows\system32\DRIVERS\jmcr.sys [?] R3 PGEffect;Pangu effect driver;C:\windows\system32\DRIVERS\pgeffect.sys—> C:\windows\system32\DRIVERS\pgeffect.sys [?] R3 QQSysMon;QQSysMon;C:\Program Files (x86)\Tencent\QQPCMgr\5.0.1415.205\QQSysMon.sys [2011-6-6 61568] R3 RTL8167;Realtek 8167 NT Driver;C:\windows\system32\DRIVERS\Rt64win7.sys—> C:\windows\system32\DRIVERS\Rt64win7.sys [?] R3 TcHardWare;TcHardWare;C:\Program Files (x86)\Tencent\QQPCMgr\5.0.1415.205\QQPCHW-x64.sys [2011-6-6 36992] R3 TMachInfo;TMachInfo;C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2011-6-20 51512] R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-2-5 137560] R3 TPCHSrv;TPCH Service;C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [2010-2-23 835952] S1 TSKSP;TSKSP;C:\Program Files (x86)\Tencent\QQPCMgr\5.0.1415.205\TSKsp.sys [2011-10-29 164216] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-8-13 136176] S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-8-13 136176] S3 USBAAPL64;Apple Mobile USB Driver;C:\windows\system32\Drivers\usbaapl64.sys—> C:\windows\system32\Drivers\usbaapl64.sys [?] S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\system32\Wat\WatAdminSvc.exe—> C:\windows\system32\Wat\WatAdminSvc.exe [?] . =============== Created Last 30 ================ . 2011-12-31 20:27:58 23152 ——a-w- C:\windows\System32\drivers\mbam.sys 2011-12-31 09:00:51 ———— d——-w- C:\Program Files (x86)\TeamViewer 2011-12-31 08:12:38 ———— d——-w- C:\photo 2011-12-20 06:46:26 ———— d——-w- C:\FRST 2011-12-18 22:39:24 ———— d——-w- C:\Program Files (x86)\Malwarebytes’ Anti-Malware 2011-12-16 18:55:32 ———— d——-w- C:\ProgramData\Spybot - Search & Destroy 2011-12-16 18:55:32 ———— d——-w- C:\Program Files (x86)\Spybot - Search & Destroy 2011-12-16 02:02:54 ———— d——-w- C:\Users\sun\AppData\Roaming\Malwarebytes 2011-12-16 02:02:26 ———— d——-w- C:\ProgramData\Malwarebytes 2011-12-15 05:36:49 ———— d——-w- C:\12 2011-12-12 10:30:25 25560 ——a-w- C:\Program Files (x86)\Mozilla Firefox\components\browserdirprovider.dll 2011-12-12 10:30:25 140760 ——a-w- C:\Program Files (x86)\Mozilla Firefox\components\brwsrcmp.dll 2011-12-12 10:27:08 67032 ——a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\npnul32.dll 2011-12-12 10:27:07 849368 ——a-w- C:\Program Files (x86)\Mozilla Firefox\js3250.dll 2011-12-12 10:27:07 505816 ——a-w- C:\Program Files (x86)\Mozilla Firefox\sqlite3.dll 2011-12-09 16:38:39 8822856 ——a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{ECB9C603-86BE-48C8-BA09-05705C0BFE5D}\mpengine.dll 2011-12-08 10:10:06 ———— d——-w- C:\Program Files\iPod 2011-12-08 10:10:05 ———— d——-w- C:\Program Files\iTunes 2011-12-08 10:10:05 ———— d——-w- C:\Program Files (x86)\iTunes . ==================== Find3M ==================== . 2011-12-14 20:37:46 69112 ——a-w- C:\windows\SysWow64\drivers\TSDefenseBt.sys 2011-11-28 18:01:25 41184 ——a-w- C:\windows\avastSS.scr 2011-11-28 17:54:06 591192 ——a-w- C:\windows\System32\drivers\aswSnx.sys 2011-11-28 17:52:11 66904 ——a-w- C:\windows\System32\drivers\aswMonFlt.sys 2011-11-24 05:00:47 3141632 ——a-w- C:\windows\System32\win32k.sys 2011-11-14 19:21:17 499712 ——a-w- C:\windows\SysWow64\msvcp71.dll 2011-11-14 19:21:17 348160 ——a-w- C:\windows\SysWow64\msvcr71.dll 2011-11-05 05:26:29 1197568 ——a-w- C:\windows\System32\wininet.dll 2011-11-05 05:23:10 57856 ——a-w- C:\windows\System32\licmgr10.dll 2011-11-05 05:17:42 2048 ——a-w- C:\windows\System32\tzres.dll 2011-11-05 04:35:50 981504 ——a-w- C:\windows\SysWow64\wininet.dll 2011-11-05 04:34:15 44544 ——a-w- C:\windows\SysWow64\licmgr10.dll 2011-11-05 04:30:11 2048 ——a-w- C:\windows\SysWow64\tzres.dll 2011-11-05 04:07:32 482816 ——a-w- C:\windows\System32\html.iec 2011-11-05 03:28:41 386048 ——a-w- C:\windows\SysWow64\html.iec 2011-11-05 03:25:44 1638912 ——a-w- C:\windows\System32\mshtml.tlb 2011-11-05 02:55:38 1638912 ——a-w- C:\windows\SysWow64\mshtml.tlb 2011-10-26 05:19:07 43520 ——a-w- C:\windows\System32\csrsrv.dll 2011-10-25 03:21:49 414368 ——a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl 2011-10-24 20:29:02 94208 ——a-w- C:\windows\SysWow64\QuickTimeVR.qtx 2011-10-24 20:29:02 69632 ——a-w- C:\windows\SysWow64\QuickTime.qts 2011-10-15 06:25:12 723456 ——a-w- C:\windows\System32\EncDec.dll 2011-10-15 05:48:52 534528 ——a-w- C:\windows\SysWow64\EncDec.dll . ============= FINISH: 16:51:47.28 ===============
[ Ignorer ] [ # 10 ] H-C
01.01.2012 01:29:52 Antal indlæg: 49	. UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-08-26.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume1 Install Date: 6/20/2011 3:19:55 PM System Uptime: 12/31/2011 4:43:35 PM (0 hours ago) . Motherboard: TOSHIBA \| \| NDU01 Processor: AMD Athlon(tm) II Neo K125 Processor \| Socket M2/S1G1 \| 1700/200mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 222 GiB total, 159.003 GiB free. . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP105: 12/9/2011 10:37:21 AM - Windows Update RP106: 12/12/2011 8:45:34 PM - Removed Bonjour RP107: 12/12/2011 8:46:33 PM - Removed Bonjour RP108: 12/13/2011 1:37:43 AM - Removed Adobe Acrobat X Pro - English, FranÁais, Deutsch. RP109: 12/13/2011 1:44:55 AM - Windows Update RP110: 12/14/2011 11:53:41 PM - Windows Update RP111: 12/15/2011 7:25:09 PM - Windows Update RP112: 12/20/2011 7:16:50 PM - Windows Update . ==== Installed Programs ====================== . Update for Microsoft Office 2007 (KB2508958) Adobe Flash Player 10 ActiveX Adobe Flash Player 11 Plugin Adobe Reader 9.4.6 Akamai NetSession Interface Anti-phishing Domain Advisor Apple Application Support Apple Software Update Atheros Driver Installation Program avast! Free Antivirus Bejeweled 2 Deluxe Build-a-lot 2 Catalyst Control Center - Branding Catalyst Control Center Core Implementation Catalyst Control Center Graphics Full Existing Catalyst Control Center Graphics Full New Catalyst Control Center Graphics Light Catalyst Control Center Graphics Previews Common Catalyst Control Center Graphics Previews Vista Catalyst Control Center InstallProxy Catalyst Control Center Localization All ccc-core-static CCC Help Chinese Standard CCC Help Chinese Traditional CCC Help Czech CCC Help Danish CCC Help Dutch CCC Help English CCC Help Finnish CCC Help French CCC Help German CCC Help Greek CCC Help Hungarian CCC Help Italian CCC Help Japanese CCC Help Korean CCC Help Norwegian CCC Help Polish CCC Help Portuguese CCC Help Russian CCC Help Spanish CCC Help Swedish CCC Help Thai CCC Help Turkish Chinese Simplified Fonts Support For Adobe Reader 9 Chuzzle Deluxe FATE Google Chrome Google Toolbar for Internet Explorer Google Update Helper Java(TM) 6 Update 17 Jewel Quest - Heritage Junk Mail filter update Malwarebytes Anti-Malware version 1.60.0.1800 Microsoft Choice Guard Microsoft Office 2007 Service Pack 2 (SP2) Microsoft Office 2010 Microsoft Office Access MUI (Chinese (Simplified)) 2007 Microsoft Office Excel 2007 Help ∏¸–¬ (KB963678) Microsoft Office Excel MUI (Chinese (Simplified)) 2007 Microsoft Office Excel Viewer Microsoft Office IME (Chinese (Simplified)) 2007 Microsoft Office InfoPath MUI (Chinese (Simplified)) 2007 Microsoft Office Outlook 2007 Help ∏¸–¬ (KB963677) Microsoft Office Outlook MUI (Chinese (Simplified)) 2007 Microsoft Office Powerpoint 2007 Help ∏¸–¬ (KB963669) Microsoft Office PowerPoint MUI (Chinese (Simplified)) 2007 Microsoft Office Professional Plus 2007 Microsoft Office Proof (Chinese (Simplified)) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proofing (Chinese (Simplified)) 2007 Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) Microsoft Office Publisher MUI (Chinese (Simplified)) 2007 Microsoft Office Shared MUI (Chinese (Simplified)) 2007 Microsoft Office Word 2007 Help ∏¸–¬ (KB963665) Microsoft Office Word MUI (Chinese (Simplified)) 2007 Microsoft Office Word Viewer 2003 Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Mozilla Firefox (3.6.25) MSVCRT Plants vs. Zombies Polar Bowler QQπ§æﬂ¿∏ QQµÁƒ‘π‹º“5.0 Quickbooks Financial Center QuickTime RealNetworks - Microsoft Visual C++ 2008 Runtime RealPlayer Realtek Ethernet Controller Driver For Windows 7 Realtek HDMI Audio Driver for ATI Realtek High Definition Audio Driver RealUpgrade 1.1 Safari Security Update for 2007 Microsoft Office System (KB2288621) Security Update for 2007 Microsoft Office System (KB2288931) Security Update for 2007 Microsoft Office System (KB2345043) Security Update for 2007 Microsoft Office System (KB2553089) Security Update for 2007 Microsoft Office System (KB2553090) Security Update for 2007 Microsoft Office System (KB2584063) Security Update for 2007 Microsoft Office System (KB969559) Security Update for 2007 Microsoft Office System (KB976321) Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition Security Update for Microsoft Office Access 2007 (KB979440) Security Update for Microsoft Office InfoPath 2007 (KB2510061) Security Update for Microsoft Office InfoPath 2007 (KB979441) Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition Security Update for Microsoft Office system 2007 (972581) Security Update for Microsoft Office system 2007 (KB974234) Security Update for Microsoft Office Visio Viewer 2007 (KB973709) Security Update for Microsoft Office Word 2007 (KB2344993) Security Update for Microsoft Visual Basic for Applications 6.5 (KB974945) Shop To Win Skype Click to Call Skype Launcher Skype? 5.5 SOSO AddressBar Search StartNow Toolbar SumatraPDF TeamViewer 7 Toshiba App Place TOSHIBA Application Installer TOSHIBA Assist Toshiba Book Place TOSHIBA Bulletin Board TOSHIBA eco Utility TOSHIBA Face Recognition TOSHIBA Flash Cards Support Utility TOSHIBA Hardware Setup TOSHIBA HDD/SSD Alert Toshiba Laptop Checkup TOSHIBA Media Controller TOSHIBA Media Controller Plug-in Toshiba Online Backup TOSHIBA Quality Application TOSHIBA ReelTime TOSHIBA Service Station TOSHIBA Sleep Utility TOSHIBA Supervisor Password TOSHIBA Value Added Package TOSHIBA Web Camera Application ToshibaRegistration Update for 2007 Microsoft Office System (KB2284654) Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition Update for Microsoft Office 2007 System (KB2539530) Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition Update for Microsoft Office Outlook 2007 (KB2583910) Update for Outlook 2007 Junk Email Filter (KB2596560) Utility Common Driver Wheel of Fortune 2 WildTangent Games WildTangent ORB Game Console Windows Live Call Windows Live Communications Platform Windows Live Essentials Windows Live Mail Windows Live Messenger Windows Live Movie Maker Windows Live Photo Gallery Windows Live Sign-in Assistant Windows Live Sync Windows Live Upload Tool Windows Live Writer WinRAR 4.01 (32 Œª) Zuma’s Revenge Ã⁄—∂QQ2011 Ω…Ω¥ ∞‘2010 Beta∞Ê . ==== Event Viewer Messages From Past Week ======== . 12/31/2011 4:44:41 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: cdrom 12/31/2011 4:44:25 PM, Error: Service Control Manager [7023] - The Computer Browser service terminated with the following error: The specified service does not exist as an installed service. 12/31/2011 4:44:23 PM, Error: Service Control Manager [7003] - The IPsec Policy Agent service depends the following service: BFE. This service might not be installed. 12/31/2011 4:44:22 PM, Error: Service Control Manager [7003] - The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed. 12/31/2011 4:43:52 PM, Error: Application Popup [1060] - \SystemRoot\SysWow64\DRIVERS\TSDefenseBt.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver. 12/31/2011 4:43:52 PM, Error: Application Popup [1060] - \??\C:\Program Files (x86)\Tencent\QQPCMgr\5.0.1415.205\TSKsp.s has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver. . ==== End Of File ===========================
[ Ignorer ] [ # 11 ] f-arn TeamSpywarefri
02.01.2012 08:03:25 Administrator Team Spywarefri Antal indlæg: 4202	Hent og gem ComboFix på dit skrivebord. <- Vigtigt Kør så ComboFix og følg anvisningerne. Da ComboFix kan konflikte med dine sikkerhedsprogrammer, er det vigtigt at du deaktiverer dem. <- Vigtigt Du bør ikke klikke på vinduet imens værktøjet kører, idet det kan få din computer til at fryse. Når ComboFix er færdig, og efter det (muligvis) har genstartet, skulle der gerne åbnes en logfil: ComboFix.txt Indholdet af denne fil må du gerne lægge herind. Den kan findes her: C:\ComboFix.txt Signatur Undlad venligst at vedhæfte logs, medmindre du bliver bedt om det !
[ Ignorer ] [ # 12 ] H-C
02.01.2012 20:13:28 Antal indlæg: 49	ComboFix 12-01-02.01 - sun 2/2012 Mon 11:39:38.1.1 - x64 Microsoft Windows 7 Home Premium 6.1.7600.0.936.86.1033.18.1788.837 [GMT -6:00] ÷¥––Œª÷√: c:\users\sun\Desktop\ComboFix.exe AV: avast! Antivirus Enabled/Updated {2B2D1395-420B-D5C9-657E-930FE358FC3C} SP: avast! Antivirus Enabled/Updated {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender Enabled/Updated {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * ≥…π¶¥¥‘Ï–¬ªπ‘≠µ„ . Error: Cfiles.dat . ((((((((((((((((((((((((((((((((((((((( ±ª…æ≥˝µƒµµ∞∏ ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\program files (x86)\Common Files\Tencent\Paycenter c:\program files (x86)\Common Files\Tencent\Paycenter\qqcert.dll c:\program files (x86)\Common Files\Tencent\Paycenter\qqedit.dll c:\program files (x86)\Object c:\program files (x86)\Object\config.ini c:\program files (x86)\Shop to Win c:\program files (x86)\Shop to Win\STWNotify.exe c:\program files (x86)\Shop to Win\STWSetup-IE.exe c:\program files (x86)\Shop to Win\unins000.exe c:\program files (x86)\StartNow Toolbar c:\program files (x86)\StartNow Toolbar\ReactivateFF.exe c:\program files (x86)\StartNow Toolbar\ReactivateIE.exe c:\program files (x86)\StartNow Toolbar\StartNowToolbarUninstall.exe c:\program files (x86)\StartNow Toolbar\Toolbar32.dll c:\program files (x86)\StartNow Toolbar\ToolbarBroker.exe c:\program files (x86)\StartNow Toolbar\ToolbarUpdaterService.exe c:\programdata\Tarma Installer c:\programdata\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setup.dll c:\programdata\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\_Setupx.dll c:\programdata\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Setup.dat c:\programdata\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Setup.exe c:\programdata\Tarma Installer\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}\Setup.ico c:\programdata\Tarma Installer\{DE3B7BF9-0770-4104-BC0B-B1CCCCE2F053}\_Setup.dll c:\programdata\Tarma Installer\{DE3B7BF9-0770-4104-BC0B-B1CCCCE2F053}\_Setupx.dll c:\programdata\Tarma Installer\{DE3B7BF9-0770-4104-BC0B-B1CCCCE2F053}\Setup.dat c:\programdata\Tarma Installer\{DE3B7BF9-0770-4104-BC0B-B1CCCCE2F053}\Setup.exe c:\programdata\Tarma Installer\{DE3B7BF9-0770-4104-BC0B-B1CCCCE2F053}\Setup.ico c:\programdata\xp c:\programdata\xp\EBLib.dll c:\programdata\xp\TPwSav.sys c:\users\Administrator\AppData\Roaming\SogouExplorer c:\users\Administrator\AppData\Roaming\SogouExplorer\Bin\malurl.dat c:\users\Administrator\AppData\Roaming\SogouExplorer\datapack1 c:\users\Administrator\AppData\Roaming\SogouExplorer\datapack2 c:\users\Administrator\AppData\Roaming\SogouExplorer\datapack3 c:\users\Administrator\AppData\Roaming\SogouExplorer\MetaSearch\metasearchupdate1 c:\users\Administrator\AppData\Roaming\SogouExplorer\MetaSearch\metasearchupdate2 c:\users\Administrator\AppData\Roaming\SogouExplorer\script.dat c:\users\Administrator\AppData\Roaming\SogouExplorer\urlblack.dat c:\users\Default\AppData\Roaming\SogouExplorer c:\users\Default\AppData\Roaming\SogouExplorer\Bin\malurl.dat c:\users\Default\AppData\Roaming\SogouExplorer\datapack1 c:\users\Default\AppData\Roaming\SogouExplorer\datapack2 c:\users\Default\AppData\Roaming\SogouExplorer\datapack3 c:\users\Default\AppData\Roaming\SogouExplorer\MetaSearch\metasearchupdate1 c:\users\Default\AppData\Roaming\SogouExplorer\MetaSearch\metasearchupdate2 c:\users\Default\AppData\Roaming\SogouExplorer\script.dat c:\users\Default\AppData\Roaming\SogouExplorer\urlblack.dat c:\users\sun\AppData\Roaming\Mozilla\Firefox\Profiles\b28s2eee.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F} c:\users\sun\AppData\Roaming\Mozilla\Firefox\Profiles\b28s2eee.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome.manifest c:\users\sun\AppData\Roaming\Mozilla\Firefox\Profiles\b28s2eee.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\bar.js c:\users\sun\AppData\Roaming\Mozilla\Firefox\Profiles\b28s2eee.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\buttons.js c:\users\sun\AppData\Roaming\Mozilla\Firefox\Profiles\b28s2eee.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\constants.js c:\users\sun\AppData\Roaming\Mozilla\Firefox\Profiles\b28s2eee.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\events.js c:\users\sun\AppData\Roaming\Mozilla\Firefox\Profiles\b28s2eee.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\globals.js c:\users\sun\AppData\Roaming\Mozilla\Firefox\Profiles\b28s2eee.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\hosts.js c:\users\sun\AppData\Roaming\Mozilla\Firefox\Profiles\b28s2eee.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\init.js c:\users\sun\AppData\Roaming\Mozilla\Firefox\Profiles\b28s2eee.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\components\tellSvc.dll c:\users\sun\AppData\Roaming\SogouExplorer c:\users\sun\AppData\Roaming\SogouExplorer\Bin\bse_temp\update\msg.ini c:\users\sun\AppData\Roaming\SogouExplorer\Bin\bse_temp\update\quick.ini c:\users\sun\AppData\Roaming\SogouExplorer\Bin\bseapi.dll c:\users\sun\AppData\Roaming\SogouExplorer\Bin\bseupd.dll c:\users\sun\AppData\Roaming\SogouExplorer\Bin\framework.dll c:\users\sun\AppData\Roaming\SogouExplorer\Bin\knsfmon.dll c:\users\sun\AppData\Roaming\SogouExplorer\Bin\p2pclient.dll c:\users\sun\AppData\Roaming\SogouExplorer\Bin\seapi.dll c:\users\sun\AppData\Roaming\SogouExplorer\Bin\SoDaLib.dll c:\users\sun\AppData\Roaming\SogouExplorer\Bin\sogounet.dll c:\users\sun\AppData\Roaming\SogouExplorer\Bin\UdpNode.dll c:\users\sun\AppData\Roaming\SogouExplorer\Bin\video_acc.dll c:\users\sun\AppData\Roaming\SogouExplorer\bse_temp\update\msg.ini c:\users\sun\AppData\Roaming\SogouExplorer\bse_temp\update\quick.ini c:\users\sun\AppData\Roaming\SogouExplorer\Extension\com.sogou.privateSurf\0.0.0.1\default.ico c:\users\sun\AppData\Roaming\SogouExplorer\Extension\com.sogou.privateSurf\0.0.0.1\privacy_on.ico c:\users\sun\AppData\Roaming\SogouExplorer\Extension\com.sogou.quicklink\0.0.0.1\default.ico c:\users\sun\AppData\Roaming\SogouExplorer\Extension\com.sogou.secondAccount\0.0.0.1\default.ico c:\users\sun\AppData\Roaming\SogouExplorer\Extension\com.sogou.share\0.0.0.1\default.ico c:\users\sun\AppData\Roaming\SogouExplorer\Extension\com.sogou.share\0.0.0.1\sohu.ico c:\users\sun\AppData\Roaming\SogouExplorer\Extension\com.sogou.snapTaker\0.0.0.1\default.ico c:\users\sun\AppData\Roaming\SogouExplorer\Extension\com.sogou.snapTaker\0.0.0.1\npruntime.dll c:\users\sun\AppData\Roaming\SogouExplorer\Extension\com.sogou.translator\0.0.0.3\default.ico c:\users\sun\AppData\Roaming\SogouExplorer\Extension\com.sogou.translator\0.0.0.3\js\before_googleapi.js c:\users\sun\AppData\Roaming\SogouExplorer\Extension\com.sogou.translator\0.0.0.3\js\before_youdaoapi.js c:\users\sun\AppData\Roaming\SogouExplorer\Extension\com.sogou.translator\0.0.0.3\js\jquery.js c:\users\sun\AppData\Roaming\SogouExplorer\Extension\com.sogou.translator\0.0.0.3\js\translate.js c:\users\sun\AppData\Roaming\SogouExplorer\Extension\com.sogou.translator\0.0.0.3\js\youdao_translate.js c:\users\sun\AppData\Roaming\SogouExplorer\Extension\com.sogou.translator\0.0.0.3\translator.js c:\users\sun\AppData\Roaming\SogouExplorer\Extension\com.sogou.www\1.2.1.6\default.ico c:\users\sun\AppData\Roaming\SogouExplorer\Extension\com.sogou.www\1.2.1.6\start.js c:\users\sun\AppData\Roaming\SogouExplorer\Extension\com.sogou.www\1.2.1.6\stop.js c:\users\sun\AppData\Roaming\SogouExplorer\Extension\com.sogou.www\1.2.2.1\default.ico c:\users\sun\AppData\Roaming\SogouExplorer\Extension\com.sogou.www\1.2.2.1\start.js c:\users\sun\AppData\Roaming\SogouExplorer\Extension\com.sogou.www\1.2.2.1\stop.js c:\users\sun\AppData\Roaming\SogouExplorer\FavIcon\o0.ico c:\users\sun\AppData\Roaming\SogouExplorer\FavIcon\o1.ico c:\users\sun\AppData\Roaming\SogouExplorer\FavIcon\o2.ico c:\users\sun\AppData\Roaming\SogouExplorer\FavIcon\o3.ico c:\users\sun\AppData\Roaming\SogouExplorer\FavIcon\o4.ico c:\users\sun\AppData\Roaming\SogouExplorer\seupdater.dll c:\users\sun\AppData\Roaming\SogouExplorer\temp\sogouexplorerup.exe . . ((((((((((((((((((((((((((((((((((((((( «˝∂Ø/∑˛ŒÒ ))))))))))))))))))))))))))))))))))))))))))))))))) . . ———-\Service_Updater Service for StartNow Toolbar ———-\Service_Updater Service for StartNow Toolbar . . ((((((((((((((((((((((((( 2011-12-02 ÷¡ 2012-01-02 µƒ–¬µƒµµ∞∏ ))))))))))))))))))))))))))))))) . . 2012-01-02 17:51 . 2012-01-02 17:51 ———— d——-w- c:\users\Default\AppData\Local\temp 2011-12-31 20:27 . 2011-12-10 21:24 23152 ——a-w- c:\windows\system32\drivers\mbam.sys 2011-12-31 09:00 . 2011-12-31 09:00 ———— d——-w- c:\program files (x86)\TeamViewer 2011-12-31 08:12 . 2011-12-31 08:13 ———— d——-w- C:\photo 2011-12-20 06:46 . 2011-12-20 06:48 ———— d——-w- C:\FRST 2011-12-18 22:39 . 2011-12-31 20:28 ———— d——-w- c:\program files (x86)\Malwarebytes’ Anti-Malware 2011-12-16 18:55 . 2011-12-19 09:25 ———— d——-w- c:\program files (x86)\Spybot - Search & Destroy 2011-12-16 18:55 . 2011-12-19 09:25 ———— d——-w- c:\programdata\Spybot - Search & Destroy 2011-12-16 02:02 . 2011-12-16 02:02 ———— d——-w- c:\users\sun\AppData\Roaming\Malwarebytes 2011-12-16 02:02 . 2011-12-16 02:02 ———— d——-w- c:\programdata\Malwarebytes 2011-12-15 05:36 . 2011-12-31 08:46 ———— d——-w- C:\12 2011-12-12 10:30 . 2011-12-24 08:14 25560 ——a-w- c:\program files (x86)\Mozilla Firefox\components\browserdirprovider.dll 2011-12-12 10:30 . 2011-12-24 08:14 140760 ——a-w- c:\program files (x86)\Mozilla Firefox\components\brwsrcmp.dll 2011-12-12 10:27 . 2011-12-24 08:14 67032 ——a-w- c:\program files (x86)\Mozilla Firefox\plugins\npnul32.dll 2011-12-12 10:27 . 2011-12-24 08:14 505816 ——a-w- c:\program files (x86)\Mozilla Firefox\sqlite3.dll 2011-12-12 10:27 . 2011-12-24 08:14 849368 ——a-w- c:\program files (x86)\Mozilla Firefox\js3250.dll 2011-12-09 16:38 . 2011-11-21 11:40 8822856 ——a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{ECB9C603-86BE-48C8-BA09-05705C0BFE5D}\mpengine.dll 2011-12-08 10:10 . 2011-12-08 10:10 ———— d——-w- c:\program files\iPod 2011-12-08 10:10 . 2011-12-08 10:10 ———— d——-w- c:\program files\iTunes 2011-12-08 10:10 . 2011-12-08 10:10 ———— d——-w- c:\program files (x86)\iTunes . . . (((((((((((((((((((((((((((((((((((((((( ‘⁄»˝∏ˆ‘¬ƒ⁄±ª–ﬁ∏ƒµƒµµ∞∏ )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-12-14 20:37 . 2011-11-28 17:09 69112 ——a-w- c:\windows\SysWow64\drivers\TSDefenseBt.sys 2011-11-28 18:01 . 2011-06-27 22:05 41184 ——a-w- c:\windows\avastSS.scr 2011-11-28 18:01 . 2011-06-27 22:05 199816 ——a-w- c:\windows\SysWow64\aswBoot.exe 2011-11-28 18:01 . 2011-06-27 22:06 256960 ——a-w- c:\windows\system32\aswBoot.exe 2011-11-28 17:54 . 2011-06-27 22:06 591192 ——a-w- c:\windows\system32\drivers\aswSnx.sys 2011-11-28 17:53 . 2011-06-27 22:06 304472 ——a-w- c:\windows\system32\drivers\aswSP.sys 2011-11-28 17:52 . 2011-06-27 22:06 42328 ——a-w- c:\windows\system32\drivers\aswRdr.sys 2011-11-28 17:52 . 2011-06-27 22:06 58712 ——a-w- c:\windows\system32\drivers\aswTdi.sys 2011-11-28 17:52 . 2011-06-27 22:06 66904 ——a-w- c:\windows\system32\drivers\aswMonFlt.sys 2011-11-28 17:51 . 2011-06-27 22:06 24408 ——a-w- c:\windows\system32\drivers\aswFsBlk.sys 2011-11-14 19:21 . 2011-11-14 19:21 499712 ——a-w- c:\windows\SysWow64\msvcp71.dll 2011-11-14 19:21 . 2011-11-14 19:21 348160 ——a-w- c:\windows\SysWow64\msvcr71.dll 2011-10-25 03:21 . 2011-07-04 05:09 414368 ——a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2011-10-24 20:29 . 2011-10-24 20:29 94208 ——a-w- c:\windows\SysWow64\QuickTimeVR.qtx 2011-10-24 20:29 . 2011-10-24 20:29 69632 ——a-w- c:\windows\SysWow64\QuickTime.qts . . ((((((((((((((((((((((((((((((((((((( ÷ÿ“™µ«»Îµ„ )))))))))))))))))))))))))))))))))))))))))))))))))) . . ◊¢“‚ ø’∞◊”Î∫œ∑®»± °µ«¬ºΩ´≤ªª·±ªœ‘ æ REGEDIT4 . [HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{7C260B4B-F7A0-40B5-B403-BEFCDC6A4C3B}] 2011-08-03 10:29 353656 ——a-w- c:\program files (x86)\Tencent\QQPCMgr\5.0.1415.205\TSWebMon.dat . [HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}] 2011-09-30 17:27 194848 ——a-w- c:\program files (x86)\Yontoo Layers Runtime\YontooIEClient.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] “Akamai NetSession Interface”=“c:\users\sun\AppData\Local\Akamai\netsession_win.exe” [2011-12-13 3305760] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] “ToshibaAppPlace”=“c:\program files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe” [2010-06-11 552960] “StartCCC”=“c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe” [2010-06-28 102400] “SVPWUTIL”=“c:\program files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe” [2010-02-23 352256] “HWSetup”=“c:\program files\TOSHIBA\Utilities\HWSetup.exe” [2010-03-04 423936] “KeNotify”=“c:\program files (x86)\TOSHIBA\Utilities\KeNotify.exe” [2009-12-25 34160] “ToshibaServiceStation”=“c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe” [2009-10-06 1294136] “NortonOnlineBackupReminder”=“c:\program files (x86)\Toshiba\Toshiba Online Backup\Activation\TOBuActivation.exe” [2010-06-03 3218792] “avast”=“c:\program files\AVAST Software\Avast\avastUI.exe” [2011-11-28 3744552] “QQPCTray”=“c:\program files (x86)\Tencent\QQPCMgr\5.0.1415.205\QQPCTray.exe” [2011-09-05 2319736] “AppleSyncNotifier”=“c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe” [2011-04-20 58656] “Anti-phishing Domain Advisor”=“c:\programdata\Anti-phishing Domain Advisor\visicom_antiphishing.exe” [2011-07-29 217256] “APSDaemon”=“c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe” [2011-11-02 59240] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] “ConsentPromptBehaviorAdmin”= 5 (0x5) “ConsentPromptBehaviorUser”= 3 (0x3) “EnableUIADesktopToggle”= 0 (0x0) . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\keyboard layouts\e0210804] IME File REG_SZ IMSC12.IME . R1 TSKSP;TSKSP;c:\program files (x86)\Tencent\QQPCMgr\5.0.1415.205\TSKsp.sys [2011-12-15 164216] R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-08-13 136176] R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-08-13 136176] R3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [x] R3 TMachInfo;TMachInfo;c:\program files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2009-10-06 51512] R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x] S0 Thpdrv;TOSHIBA HDD Protection Driver;c:\windows\system32\DRIVERS\thpdrv.sys [x] S0 Thpevm;TOSHIBA HDD Protection - Shock Sensor Driver;c:\windows\system32\DRIVERS\Thpevm.SYS [x] S0 TSysCare;TSysCare;c:\windows\system32\Drivers\TSysCare64.sys [x] S1 aswSnx;aswSnx; [x] S1 aswSP;aswSP; [x] S1 TCSafeBox;TCSafeBox;c:\program files (x86)\Tencent\QQPCMgr\5.0.1415.205\TCSafebox64.sys [2011-06-06 31872] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x] S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x] S2 aswFsBlk;aswFsBlk; [x] S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x] S2 Norton PC Checkup Application Launcher;Toshiba Laptop Checkup Application Launcher;c:\program files (x86)\Norton PC Checkup\Engine\2.0.3.198\SymcPCCULaunchSvc.exe [2011-12-09 135608] S2 PCCUJobMgr;Common Client Job Manager Service;c:\program files (x86)\Norton PC Checkup\Engine\2.0.3.198\ccSvcHst.exe [2009-08-24 126392] S2 QQPCRTP;QQPCMgr RTP Service;c:\program files (x86)\Tencent\QQPCMgr\5.0.1415.205\QQPCRtp.exe [2011-07-15 890360] S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2011-12-14 2984832] S2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;c:\program files\TOSHIBA\TECO\TecoService.exe [2010-04-06 258928] S2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;c:\windows\system32\DRIVERS\TVALZFL.sys [x] S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x] S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x] S3 PGEffect;Pangu effect driver;c:\windows\system32\DRIVERS\pgeffect.sys [x] S3 QQSysMon;QQSysMon;c:\program files (x86)\Tencent\QQPCMgr\5.0.1415.205\QQSysMon.sys [2011-06-06 61568] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x] S3 TcHardWare;TcHardWare;c:\program files (x86)\Tencent\QQPCMgr\5.0.1415.205\QQPCHW-x64.sys [2011-06-06 36992] S3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-02-06 137560] S3 TPCHSrv;TPCH Service;c:\program files\TOSHIBA\TPHM\TPCHSrv.exe [2010-02-24 835952] . . . ————- x86-64—————- . . [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{7C260B4B-F7A0-40B5-B403-BEFCDC6A4C3B}] 2011-08-03 10:29 206200 ——a-w- c:\program files (x86)\Tencent\QQPCMgr\5.0.1415.205\TSWebMon64.dat . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @=”{472083B0-C522-11CF-8763-00608CC02F24}” [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2011-11-28 18:01 134384 ——a-w- c:\program files\AVAST Software\Avast\ashShA64.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] “ThpSrv”=“c:\windows\system32\thpsrv” [X] “RtHDVCpl”=“c:\program files\Realtek\Audio\HDA\RAVCpl64.exe” [2010-03-20 10134560] “RtHDVBg”=“c:\program files\Realtek\Audio\HDA\RAVBg64.exe” [2010-03-20 896032] “TosVolRegulator”=“c:\program files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe” [2009-11-11 24376] “TosSENotify”=“c:\program files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe” [2010-02-06 709976] “combofix”=“c:\combofix\CF21604.3XE” [2009-07-14 344576] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] “LoadAppInit_DLLs”=0x0 . ———- ∂¯Õ‚µƒ…®√Ë———- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://search.babylon.com/?babsrc=HP_ss&affID=108907&mntrId=1e707c8200000000000088ae1de6aa50 mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=TSND&bmod=TSND mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = <local> IE: Append Link Target to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html IE: Append to Existing PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html IE: Convert Link Target to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html IE: Convert to Adobe PDF - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html IE: µº≥ˆµΩ Microsoft Excel(&X) - c:\progra~2\MICROS~4\Office12\EXCEL.EXE/3000 Trusted Zone: alipay.com Trusted Zone: alisoft.com Trusted Zone: taobao.com TCP: DhcpNameServer = 192.168.0.1 FF - ProfilePath - c:\users\sun\AppData\Roaming\Mozilla\Firefox\Profiles\b28s2eee.default\ FF - prefs.js: browser.startup.homepage - about:cehome FF - prefs.js: network.proxy.type - 0 FF - Ext: Skype Click to Call: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} - c:\program files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: Firefox Home Page: . - %profile%\extensions\cehomepage@mozillaonline.com FF - Ext: Addons Manager: . - %profile%\extensions\cpmanager@mozillaonline.com FF - Ext: Yontoo Layers: . - %profile%\extensions\plugin@yontoo.com FF - Ext: avast! WebRep: . - c:\program files\AVAST Software\Avast\WebRep\FF FF - Ext: RealPlayer Browser Record Plugin: {ABDE892B-13A8-4d1b-88E6-365A6E755758} - c:\programdata\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext FF - user.js: extensions.BabylonToolbar_i.id - 1e707c8200000000000088ae1de6aa50 FF - user.js: extensions.BabylonToolbar_i.hardId - 1e707c8200000000000088ae1de6aa50 FF - user.js: extensions.BabylonToolbar_i.instlDay - 15306 FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17 FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17 FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.1712:10 FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar FF - user.js: extensions.BabylonToolbar_i.aflt - babsst FF - user.js: extensions.BabylonToolbar_i.smplGrp - none FF - user.js: extensions.BabylonToolbar_i.tlbrId - base FF - user.js: extensions.BabylonToolbar_i.newTab - false FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=108907 FF - user.js: extensions.BabylonToolbar_i.babExt - FF - user.js: extensions.BabylonToolbar_i.srcExt - ss FF - user.js: extensions.BabylonToolbar_i.instlRef - sst FF - user.js: extentions.y2layers.installId - f8a996e7-3053-4f55-8524-1e24c42560ee FF - user.js: extentions.y2layers.defaultEnableAppsList - PageRage,PageRageGlobal,Buzzdock,BuzzdockTease,PageRage,PageRageGlobal, . - - - - ORPHANS REMOVED - - - - . Toolbar-Locked - (no file) Wow6432Node-HKCU-Run-DW6 - c:\program files (x86)\The Weather Channel FW\Desktop\DesktopWeather.exe Wow6432Node-HKLM-Run-TSleepSrv - %ProgramFiles(x86)%\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe Toolbar-Locked - (no file) WebBrowser-{65F8A3D2-4C22-4A33-9633-73167EAEEC45} - (no file) HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe HKLM-Run-TPwrMain - c:\program files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE HKLM-Run-SmoothView - c:\program files (x86)\Toshiba\SmoothView\SmoothView.exe HKLM-Run-00TCrdMain - c:\program files (x86)\TOSHIBA\FlashCards\TCrdMain.exe HKLM-Run-SmartFaceVWatcher - c:\program files (x86)\Toshiba\SmartFaceV\SmartFaceVWatcher.exe HKLM-Run-Teco - c:\program files (x86)\TOSHIBA\TECO\Teco.exe HKLM-Run-TosWaitSrv - c:\program files (x86)\TOSHIBA\TPHM\TosWaitSrv.exe HKLM-Run-TosNC - c:\program files (x86)\Toshiba\BulletinBoard\TosNcCore.exe HKLM-Run-TosReelTimeMonitor - c:\program files (x86)\TOSHIBA\ReelTime\TosReelTimeMonitor.exe AddRemove-StartNow Toolbar - c:\program files (x86)\StartNow Toolbar\StartNowToolbarUninstall.exe AddRemove-{6EFDBA50-4ABE-4194-86F7-F3BD0A011F5B}_is1 - c:\program files (x86)\Shop To Win\unins000.exe . . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] ” QQPCTray”=”\“c:\\Program Files (x86)\\Tencent\\QQPCMgr\\5.0.1415.205\\QQPCTray.exe\” /regrun” . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\PCCUJobMgr] “ImagePath”=”\“c:\program files (x86)\Norton PC Checkup\Engine\2.0.3.198\ccSvcHst.exe\” /s \“PCCUJobMgr\” /m \“c:\program files (x86)\Norton PC Checkup\Engine\2.0.3.198\diMaster.dll\” /prefetch:1” . ——————————- LOCKED REGISTRY KEYS——————————- . [HKEY_USERS\S-1-5-21-3882254470-2563895922-4175525259-1000\Software\Microsoft\Office\12.0\Common\Open Find\Microsoft Office Excel\Settings\Sb_] “ClientGUID”=hex:89,10,8b,b5,c0,bc,e8,41,90,bf,13,7e,bf,74,45,3c . [HKEY_LOCAL_MACHINE\software\Classes\.?ñÃë˙e˙e•c6eÑvÔSëuáeˆN] @=“AliFileCheck.File” . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @=“FlashBroker” “LocalizedString”=”@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe,-101” . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] “Enabled”=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @=“c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe” . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @=”{FAB3E735-69C7-453B-A446-B6823C6DF1C9}” . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @=“Shockwave Flash Object” . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @=“c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10h.ocx” “ThreadingModel”=“Apartment” . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @=“0” . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @=“ShockwaveFlash.ShockwaveFlash.10” . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @=“c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10h.ocx, 1” . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @=”{D27CDB6B-AE6D-11cf-96B8-444553540000}” . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @=“1.0” . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @=“ShockwaveFlash.ShockwaveFlash” . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @=“Macromedia Flash Factory Object” . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @=“c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10h.ocx” “ThreadingModel”=“Apartment” . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @=“FlashFactory.FlashFactory.1” . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @=“c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10h.ocx, 1” . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @=”{D27CDB6B-AE6D-11cf-96B8-444553540000}” . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @=“1.0” . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @=“FlashFactory.FlashFactory” . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @=“IFlashBroker4” . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @=”{00020424-0000-0000-C000-000000000046}” . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @=”{FAB3E735-69C7-453B-A446-B6823C6DF1C9}” “Version”=“1.0” . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ————————————∆‰À˚‘À––Ω¯≥Ã———————————— . c:\program files\AVAST Software\Avast\AvastSvc.exe c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe c:\program files (x86)\TeamViewer\Version7\TeamViewer.exe c:\program files (x86)\TeamViewer\Version7\tv_w32.exe c:\program files (x86)\Tencent\QQPCMgr\5.0.1415.205\QQPCWebShield.exe c:\program files (x86)\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe . ************************************************************************** . ÕÍ≥… ±º‰: 2012-01-02 12:03:27 - µÁƒ‘“—÷ÿ–¬∆Ù∂Ø ComboFix-quarantined-files.txt 2012-01-02 18:03 . Pre-Run: 173,680,386,048 bytes free Post-Run: 173,858,996,224 bytes free . - - End Of File - - 855282EF655340CB107E07C594AF5AFC
[ Ignorer ] [ # 13 ] f-arn TeamSpywarefri
03.01.2012 12:07:30 Administrator Team Spywarefri Antal indlæg: 4202	Hvordan kører PCen nu Hent Security Check af screen317 Start den og følg instruktionerne. Kopier loggen herind. Jeg vil også gerne se C:\Qoobox\Add-Remove Programs.txt Signatur Undlad venligst at vedhæfte logs, medmindre du bliver bedt om det !
[ Ignorer ] [ # 14 ] H-C
11.01.2012 01:32:22 Antal indlæg: 49	Computeren ser ud til umiddelbart at stoppe med pop-ups. Dog virker det til at computeren er blevet langsommere og nettet kommer og går til tider. Loggen fra Sequrity Check kommer her: Results of screen317’s Security Check version 0.99.30 Windows 7 x64 (UAC is enabled) Internet Explorer 8 Out of date! `````````````````````````````` Antivirus/Firewall Check: avast! Free Antivirus WMI entry may not exist for antivirus; attempting automatic update. ``````````````````````````````` Anti-malware/Other Utilities Check: Java(TM) 6 Update 17 Java version out of date! Adobe Flash Player 11.0.1.152 Adobe Reader 9 Adobe Reader out of date! Mozilla Firefox (3.6.25) Firefox out of Date! ```````````````````````````````` Process Check: objlist.exe by Laurent Norton ccSvcHst.exe AVAST Software Avast AvastSvc.exe AVAST Software Avast AvastUI.exe ``````````End of Log```````````` Update for Microsoft Office 2007 (KB2508958) Adobe Flash Player 10 ActiveX Adobe Flash Player 11 Plugin Adobe Reader 9.4.6 Akamai NetSession Interface Anti-phishing Domain Advisor Apple Application Support Apple Software Update Atheros Driver Installation Program avast! Free Antivirus Bejeweled 2 Deluxe Build-a-lot 2 Catalyst Control Center - Branding Catalyst Control Center Core Implementation Catalyst Control Center Graphics Full Existing Catalyst Control Center Graphics Full New Catalyst Control Center Graphics Light Catalyst Control Center Graphics Previews Common Catalyst Control Center Graphics Previews Vista Catalyst Control Center InstallProxy Catalyst Control Center Localization All ccc-core-static CCC Help Chinese Standard CCC Help Chinese Traditional CCC Help Czech CCC Help Danish CCC Help Dutch CCC Help English CCC Help Finnish CCC Help French CCC Help German CCC Help Greek CCC Help Hungarian CCC Help Italian CCC Help Japanese CCC Help Korean CCC Help Norwegian CCC Help Polish CCC Help Portuguese CCC Help Russian CCC Help Spanish CCC Help Swedish CCC Help Thai CCC Help Turkish Chinese Simplified Fonts Support For Adobe Reader 9 Chuzzle Deluxe FATE Google Chrome Google Toolbar for Internet Explorer Google Update Helper Java(TM) 6 Update 17 Jewel Quest - Heritage Junk Mail filter update Malwarebytes Anti-Malware version 1.60.0.1800 Microsoft Choice Guard Microsoft Office 2007 Service Pack 2 (SP2) Microsoft Office 2010 Microsoft Office Access MUI (Chinese (Simplified)) 2007 Microsoft Office Excel 2007 Help 更新 (KB963678) Microsoft Office Excel MUI (Chinese (Simplified)) 2007 Microsoft Office Excel Viewer Microsoft Office IME (Chinese (Simplified)) 2007 Microsoft Office InfoPath MUI (Chinese (Simplified)) 2007 Microsoft Office Outlook 2007 Help 更新 (KB963677) Microsoft Office Outlook MUI (Chinese (Simplified)) 2007 Microsoft Office Powerpoint 2007 Help 更新 (KB963669) Microsoft Office PowerPoint MUI (Chinese (Simplified)) 2007 Microsoft Office Professional Plus 2007 Microsoft Office Proof (Chinese (Simplified)) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proofing (Chinese (Simplified)) 2007 Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) Microsoft Office Publisher MUI (Chinese (Simplified)) 2007 Microsoft Office Shared MUI (Chinese (Simplified)) 2007 Microsoft Office Word 2007 Help 更新 (KB963665) Microsoft Office Word MUI (Chinese (Simplified)) 2007 Microsoft Office Word Viewer 2003 Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Mozilla Firefox (3.6.25) MSVCRT Plants vs. Zombies Polar Bowler QQ工具栏 QQ电脑管家5.0 Quickbooks Financial Center QuickTime RealNetworks - Microsoft Visual C++ 2008 Runtime RealPlayer Realtek Ethernet Controller Driver For Windows 7 Realtek HDMI Audio Driver for ATI Realtek High Definition Audio Driver RealUpgrade 1.1 Safari Security Update for 2007 Microsoft Office System (KB2288621) Security Update for 2007 Microsoft Office System (KB2288931) Security Update for 2007 Microsoft Office System (KB2345043) Security Update for 2007 Microsoft Office System (KB2553089) Security Update for 2007 Microsoft Office System (KB2553090) Security Update for 2007 Microsoft Office System (KB2584063) Security Update for 2007 Microsoft Office System (KB969559) Security Update for 2007 Microsoft Office System (KB976321) Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition Security Update for Microsoft Office Access 2007 (KB979440) Security Update for Microsoft Office InfoPath 2007 (KB2510061) Security Update for Microsoft Office InfoPath 2007 (KB979441) Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition Security Update for Microsoft Office system 2007 (972581) Security Update for Microsoft Office system 2007 (KB974234) Security Update for Microsoft Office Visio Viewer 2007 (KB973709) Security Update for Microsoft Office Word 2007 (KB2344993) Security Update for Microsoft Visual Basic for Applications 6.5 (KB974945) Shop To Win Skype Click to Call Skype Launcher Skype? 5.5 StartNow Toolbar SumatraPDF TeamViewer 7 Toshiba App Place TOSHIBA Application Installer TOSHIBA Assist Toshiba Book Place TOSHIBA Bulletin Board TOSHIBA eco Utility TOSHIBA Face Recognition TOSHIBA Flash Cards Support Utility TOSHIBA Hardware Setup TOSHIBA HDD/SSD Alert Toshiba Laptop Checkup TOSHIBA Media Controller TOSHIBA Media Controller Plug-in Toshiba Online Backup TOSHIBA Quality Application TOSHIBA ReelTime TOSHIBA Service Station TOSHIBA Sleep Utility TOSHIBA Supervisor Password TOSHIBA Value Added Package TOSHIBA Web Camera Application ToshibaRegistration Update for 2007 Microsoft Office System (KB2284654) Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition Update for Microsoft Office 2007 System (KB2539530) Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition Update for Microsoft Office Outlook 2007 (KB2583910) Update for Outlook 2007 Junk Email Filter (KB2596560) Utility Common Driver Wheel of Fortune 2 WildTangent Games WildTangent ORB Game Console Windows Live Call Windows Live Communications Platform Windows Live Essentials Windows Live Mail Windows Live Messenger Windows Live Movie Maker Windows Live Photo Gallery Windows Live Sign-in Assistant Windows Live Sync Windows Live Upload Tool Windows Live Writer WinRAR 4.01 (32 位) Zuma’s Revenge 腾讯QQ2011 金山词霸2010 Beta版
[ Ignorer ] [ # 15 ] f-arn TeamSpywarefri
11.01.2012 19:16:09 Administrator Team Spywarefri Antal indlæg: 4202	Vil du godt slette C:\FRST mappen. ——— I Kontrolpanelet skal du afinstallere alt Java. Hent en ny her. http://www.java.com/en/download/index.jsp (husk at fraklikke Toolbars og andet skrammel) Du skal også afinstallere Adobe Reader 9 Hent en ny her. http://get.adobe.com/reader/ (husk at fraklikke Toolbars og andet skrammel) Din FireFox er også forældet, og bør udskiftes. Er der nogen grund til, at Internet Explorer 8 ikke er opgraderet ——— Jeg kan se Norton PC Checkup i dine logs, men den ser ikke ud til at være installeret. Har du prøvet at afinstallere den, så det kun er rester der ses Signatur Undlad venligst at vedhæfte logs, medmindre du bliver bedt om det !

1 af 3

Næste