Spywarefri Forum

1 af 4

Ebimkeu

[ Ignorer ] abba54
13.06.2012 13:46:36 Antal indlæg: 72	Hej, I har tidligere hjulpet mig rigtig meget (2010). Nu har jeg problemer med computeren igen. Måske der er en orm inde. Jeg har fået et par pop-up på virus-/spywareprogram om filer, der er sat i karantæne og senest har jeg i dag fået et pop-up om noget, der ikke er genkendeligt - se vedhæftede skærmprint. Jeg har diverse programmer på computeren fra sidst I hjalp mig - bla. Hi Jack mfl. Vedhæftede billeder Klik miniature for at se billede i fuld størrelse
[ Ignorer ] [ # 1 ] f-arn TeamSpywarefri
13.06.2012 20:20:08 Administrator Team Spywarefri Antal indlæg: 7044	Hej Hent “Malwarebytes’ Anti-Malware” her eller her Installer og start programmet, klik på fanen opdater, klik Tjek for opdatering, lav “Fuld system skan” under fanebladet “skanner” Bagefter klik på “vis resultater”, tryk på “Fjern det valgte” gem loggen og send den herind sammen med logs fra DDS. Den laver to logs,(DDS.txt og Attach.txt) gem dem på skrivebordet og kopier indholdet af begge herind. OBS - DDS skal gemmes på computeren og ikke køres fra nettet. Mht.: Vista og Windows 7 - Højreklik på filen - Kør som Administrator. NB Når du opdaterer Malwarebytes, så klik på Tjek for opdatering til den skriver at der ikke er flere opdateringer. Jeg vil gerne se: (Lavet i den rækkefølge) 1. Log fra Malwarebytes. (Opdateret) 2. Logs fra DDS. (DDS.txt og Attach.txt) Signatur Undlad venligst at vedhæfte logs, medmindre du bliver bedt om det !
[ Ignorer ] [ # 2 ] abba54
14.06.2012 09:03:14 Antal indlæg: 72	Hej igen, Så har jeg fulgt instruktionen. Malwarebytefilen kommer først og derefter DDS og sidst attach-filen. Jeg kan se, der er en del filer i karantæne på Malwarebytes både fra nu og formentlig også fra 2010, hvor I hjalp mig. Skal jeg slette det hele, der er sat i karantæne eller afvente nærmere fra jer? MVH ABBA54 Malwarebytes: Malwarebytes Anti-Malware 1.61.0.1400 http://www.malwarebytes.org Database version: v2012.06.13.06 Windows Vista Service Pack 2 x86 NTFS Internet Explorer 8.0.6001.19272 Kim Langvad :: KIMLANGVAD-PC [administrator] 13-06-2012 20:42:06 mbam-log-2012-06-13 (20-42-06).txt Skanningstype: Fuldstændig skanning Skanningsmuligheder valgt: Hukommelse \| Opstart \| Registreringsdatabasen \| Filsystem \| Heuristics/Ekstra \| Heuristics/Shuriken \| PUP \| PUM Skanningsmuligheder som er deaktiverede: P2P Objekter skannet: 566198 Tid gået: 3 time(e), 23 minut(ter), 6 sekund(er) Hukommelses Processorer Inficeret: 0 (Ingen skadelige objekter blev fundet) Hukommelses Moduler Inficeret: 0 (Ingen skadelige objekter blev fundet) Registreringsdatabasenøgler Inficeret: 0 (Ingen skadelige objekter blev fundet) Registreringsdatabaseværdier Inficeret: 1 HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\|{9C85206B-56A6-03D5-DE37-5916956AFF77} (Trojan.ZbotR.Gen) -> Data: “C:\Users\Kim Langvad\AppData\Roaming\Ebimkeu\orsaot.exe” -> Sat i karantæne og slettet succesfuldt. Registreringsdatabasedata Objekter Inficeret: 0 (Ingen skadelige objekter blev fundet) Inficerede Mapper: 0 (Ingen skadelige objekter blev fundet) Inficerede Filer: 4 C:\ProgramData\F4D55F3E03F47A720AA426E8570F1C8B\F4D55F3E03F47A720AA426E8570F1C8B.exe (Trojan.Agent) -> Sat i karantæne og slettet succesfuldt. C:\Users\Kim Langvad\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\20\3a622bd4-4006d123 (Trojan.Ransom) -> Sat i karantæne og slettet succesfuldt. C:\Users\Kim Langvad\Documents\Ny Organisation-DOK\Musik\WinAmp 5.05 Pro\keygen.exe (Trojan.Downloader) -> Sat i karantæne og slettet succesfuldt. C:\Users\Kim Langvad\AppData\Roaming\Ebimkeu\orsaot.exe (Trojan.ZbotR.Gen) -> Sat i karantæne og slettet succesfuldt. (færdig) DDS: . DDS (Ver_2011-08-26.01) - NTFSx86 Internet Explorer: 8.0.6001.19272 Run by Kim Langvad at 8:54:20 on 2012-06-14 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.45.1030.18.3069.1266 [GMT 2:00] . AV: Microsoft Security Essentials Enabled/Updated {9765EA51-0D3C-7DFB-6091-10E4E1F341F6} SP: Windows Defender Disabled/Outdated {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Microsoft Security Essentials Enabled/Updated {2C040BB5-2B06-7275-5A21-2B969A740B4B} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k rpcss c:\Program Files\Microsoft Security Client\MsMpEng.exe C:\Windows\system32\Ati2evxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\SLsvc.exe C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\Ati2evxx.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files\Intel\IntelDH\CCU\AlertService.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Windows\system32\svchost.exe -k bthsvcs C:\Windows\system32\CTsvcCDA.exe C:\Program Files\Creative\Shared Files\CTDevSrv.exe C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe C:\Program Files\Nero\Update\NASvc.exe C:\Program Files\Common Files\Intel\IntelDH\NMS\NMSCore\NMSCore.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe C:\Windows\System32\svchost.exe -k WerSvcGroup C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Windows\system32\SearchIndexer.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe C:\Windows\system32\taskeng.exe C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe C:\Windows\system32\WUDFHost.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe C:\Windows\RtHDVCpl.exe C:\Program Files\HP\HP Software Update\hpwuSchd2.exe C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe C:\Windows\System32\NILaunch.exe C:\Program Files\Maxtor\OneTouch\Utils\OneTouch.exe C:\Program Files\Intel\IntelDH\CCU\CCU_TrayIcon.exe C:\Program Files\Seagate\SeagateManager\FreeAgent Status\stxmenumgr.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Windows\ehome\ehtray.exe C:\Program Files\DVICO\TViXNetShare\TViXNetShare.exe C:\Weather\weather.exe C:\Program Files\Common Files\Apple\Internet Services\ubd.exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe C:\Users\Kim Langvad\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Windows\system32\SearchProtocolHost.exe C:\Program Files\Common Files\Apple\Apple Application Support\distnoted.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE C:\Windows\ehome\ehmsas.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Weather\usbwr.exe C:\Program Files\Intel\IntelDH\CCU\CCU_Engine.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Windows\system32\conime.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Malwarebytes’ Anti-Malware\mbam.exe C:\Program Files\Google\Google Toolbar\GoogleToolbarUser.exe C:\Windows\system32\Macromed\Flash\FlashUtil32_11_3_300_257_ActiveX.exe C:\Windows\servicing\TrustedInstaller.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\DllHost.exe C:\Windows\System32\svchost.exe -k swprv C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\DllHost.exe . ============== Pseudo HJT Report =============== . uStart Page = https://www.google.dk/ mDefault_Page_URL = hxxp://www.defaulthomepage.info uInternet Settings,ProxyOverride = *.local BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: Tunebite_WebRipPlugin Class: {aa102584-3b97-47e7-b9bc-75d54c110a7d} - c:\program files\rapidsolution\tunebite\plugins\ie\TB_WebRipIePlugin.dll BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar.dll BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.1.1309.3572\swg.dll BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - c:\program files\google\google toolbar\component\fastsearch_A8904FB862BD9564.dll BHO: CBrowserHelperObject Object: {ca6319c0-31b7-401e-a518-a07c3db8f777} - c:\program files\dell\bae\BAE.dll BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar.dll uRun: [swg] c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe uRun: [TViXNetShare] c:\program files\dvico\tvixnetshare\TViXNetShare.exe uRun: [cfweatherStation] c:\weather\Weather.exe uRun: [MobileDocuments] c:\program files\common files\apple\internet services\ubd.exe uRun: [AdobeUpdater] “c:\program files\common files\adobe\updater5\AdobeUpdater.exe” uRun: [Octoshape Streaming Services] “c:\users\kim langvad\appdata\roaming\octoshape\octoshape streaming services\OctoshapeClient.exe” -inv:bootrun uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe mRun: [RtHDVCpl] RtHDVCpl.exe mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide mRun: [StartCCC] “c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe” mRun: [NMSSupport] “c:\program files\common files\intel\inteldh\nms\support\IntelHCTAgent.exe” /startup mRun: [Net-It Launcher] c:\windows\system32\NILaunch.exe mRun: [MMTray] c:\progra~1\musicm~1\musicm~1\mm_tray.exe mRun: [MimBoot] c:\progra~1\musicm~1\musicm~1\mimboot.exe mRun: [MaxtorOneTouch] c:\progra~1\maxtor\onetouch\utils\OneTouch.exe mRun: [ISUSScheduler] “c:\program files\common files\installshield\updateservice\issch.exe” -start mRun: [Google Desktop Search] “c:\program files\google\google desktop search\GoogleDesktop.exe” /startup mRun: [ECenter] c:\dell\e-center\EULALauncher.exe mRun: [CCUTRAYICON] “c:\program files\intel\inteldh\ccu\CCU_TrayIcon.exe” mRun: [Bluetooth HCI Monitor] RunDll32 HCIMNTR.DLL,RunCheckHCIMode mRun: [CarboniteSetupLite] “c:\program files\carbonite\CarbonitePreinstaller.exe” /preinstalled /showonfirst /reshowat=900 mRun: [MaxMenuMgr] “c:\program files\seagate\seagatemanager\freeagent status\StxMenuMgr.exe” mRun: [APSDaemon] “c:\program files\common files\apple\apple application support\APSDaemon.exe” mRun: [Adobe ARM] “c:\program files\common files\adobe\arm\1.0\AdobeARM.exe” mRun: [iTunesHelper] “c:\program files\itunes\iTunesHelper.exe” mRun: [MSC] “c:\program files\microsoft security client\msseces.exe” -hide -runkey mRun: [QuickTime Task] “c:\program files\quicktime\QTTask.exe” -atboottime mRun: [NBAgent] “c:\program files\nero\nero 11\nero backitup\NBAgent.exe” /WinStart StartupFolder: c:\users\kimlan~1\appdata\roaming\micros~1\windows\startm~1\programs\startup\dropbox.lnk - c:\users\kim langvad\appdata\roaming\dropbox\bin\Dropbox.exe StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\adobeg~1.lnk - c:\program files\common files\adobe\calibration\Adobe Gamma Loader.exe StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\bttray.lnk - c:\program files\widcomm\bluetooth software\BTTray.exe StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\wddmst~1.lnk - c:\program files\western digital\wd smartware\wd drive manager\WDDMStatus.exe StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\wdsmar~1.lnk - c:\program files\western digital\wd smartware\front parlor\WDSmartWare.exe mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) mPolicies-system: EnableLinkedConnections = 1 (0x1) IE: E&ksporter; til Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000 IE: Send billede til &Bluetooth;-enhed… - c:\program files\widcomm\bluetooth software\btsendto_ie_ctx.htm IE: Send siden til &Bluetooth;-enhed… - c:\program files\widcomm\bluetooth software\btsendto_ie.htm IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll IE: {38E51477-DDB4-4aed-9D61-D0C193E10749} - {38E51477-DDB4-4aed-9D61-D0C193E10749} - c:\program files\soundtaxi\YouTubeRipper.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL Trusted Zone: cimber.com\www Trusted Zone: danid.dk Trusted Zone: tdc.dk\kundeservice Trusted Zone: tdc.dk\udstedelse.certifikat Trusted Zone: danid.dk DPF: {07D09E9E-C667-45DD-B035-217BC2A61A3B} - hxxps://www.portalbank.dk/package/sdc/external/activex/ActiveXSikkerhedssoftware-prod-1.30.cab DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/8/b/d/8bd77752-5704-4d68-a152-f7252adaa4f2/LegitCheckControl.cab DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} - hxxp://gfx2.hotmail.com/mail/w2/resources/VistaMSNPUpldda-dk.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab DPF: {D216644A-C6DB-49D9-BBCF-D38FE7991BF2} - hxxps://udstedelse.certifikat.tdc.dk/csp/authenticode/tdccsp-0506.exe DPF: {D821DC4A-0814-435E-9820-661C543A4679} - hxxp://drmlicense.one.microsoft.com/crlupdate/en/crlocx.ocx TCP: DhcpNameServer = 192.168.1.1 TCP: Interfaces\{0C1AFF84-1152-4D2C-B0FF-D89AEB51BE59} : DhcpNameServer = 192.168.1.1 TCP: Interfaces\{1D3E91D9-5EF5-4660-8A45-1FA87745D85D} : DhcpNameServer = 193.162.153.164 194.239.134.83 Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - c:\program files\google\google toolbar\component\fastsearch_A8904FB862BD9564.dll Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll AppInit_DLLs: c:\progra~1\google\google~2\GOEC62~1.DLL mASetup: {B2C3BB6B-E005-4246-B8E5-DF0A4D073CDC} - c:\program files\pixiepack codec pack\InstallerHelper.exe . ============= SERVICES / DRIVERS =============== . R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2010-10-24 171064] R0 NBVol;Nero Backup Volume Filter Driver;c:\windows\system32\drivers\NBVol.sys [2012-5-29 56496] R0 NBVolUp;Nero Backup Volume Upper Filter Driver;c:\windows\system32\drivers\NBVolUp.sys [2012-5-29 12464] R1 MpKsl20d8ccf4;MpKsl20d8ccf4;c:\programdata\microsoft\microsoft antimalware\definition updates\{21cd9e03-9a84-447c-8c17-df74ab92319a}\MpKsl20d8ccf4.sys [2012-6-14 29904] R2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\common files\adobe\arm\1.0\armsvc.exe [2012-1-3 63928] R2 DQLWinService;DQLWinService;c:\program files\common files\intel\inteldh\nms\adpplugins\DQLWinService.exe [2007-2-12 208896] R2 FontCache;Tjenesten Windows-skrifttypecache;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-6-18 21504] R2 FreeAgentGoNext Service;Seagate Service;c:\program files\seagate\seagatemanager\sync\FreeAgentService.exe [2009-9-25 189736] R2 MCLServiceATL;Intel(R) Application Tracker;c:\program files\intel\inteldh\intel media server\shells\MCLServiceATL.exe [2007-6-27 157912] R2 NAUpdate;Nero Update;c:\program files\nero\update\NASvc.exe [2011-11-25 687400] R2 NMSCore;Intel(R) NMSCore;c:\program files\common files\intel\inteldh\nms\nmscore\NMSCore.exe [2007-6-27 317656] R2 nmsunidr;UniDriver for NMS;c:\windows\system32\drivers\nmsunidr.sys [2007-2-18 5376] R2 WDDMService;WD SmartWare Drive Manager;c:\program files\western digital\wd smartware\wd drive manager\WDDMService.exe [2009-11-13 110592] R2 WDSmartWareBackgroundService;WD SmartWare Background Service;c:\program files\western digital\wd smartware\front parlor\WDSmartWareBackgroundService.exe [2009-6-16 20480] R3 IntelDH;IntelDH Driver;c:\windows\system32\drivers\IntelDH.sys [2008-2-12 5632] R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2012-6-14 40776] R3 SndTAudio;SndTAudio;c:\windows\system32\drivers\SndTAudio.sys [2010-1-10 23096] S2 0059321299772622mcinstcleanup;McAfee Application Installer Cleanup (0059321299772622);c:\users\kimlan~1\appdata\local\temp\005932~1.exe c:\progra~1\common~1\mcafee\instal~1\cleanup.ini -cleanup -nolog -service—> c:\users\kimlan~1\appdata\local\temp\005932~1.exe c:\progra~1\common~1\mcafee\instal~1\cleanup.ini -cleanup -nolog -service [?] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 gupdate;Google Update Tjeneste (gupdate);c:\program files\google\update\GoogleUpdate.exe [2011-10-11 136176] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-4-2 257224] S3 DHTRACE;Intel(R) DHTrace Controller;c:\program files\common files\intel\inteldh\bin\DHTraceController.exe [2007-6-27 39640] S3 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr.sys [2010-11-29 39272] S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2010-9-23 1493352] S3 gupdatem;Google Update Tjeneste (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2011-10-11 136176] S3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2010-10-24 74112] S3 NisSrv;Microsoft Netværksinspektion;c:\program files\microsoft security client\NisSrv.exe [2012-3-26 214952] S3 SMServer;SMServer;c:\windows\system32\snmvtsvc.exe [2010-1-10 249856] S3 STSService;STSService;c:\program files\soundtaxi media suite\STSService.exe [2009-11-19 335872] S3 stusb2ir;USB 2.0 IrDA-bro;c:\windows\system32\drivers\stusb2ir.sys [2006-11-2 41728] S3 USBAAPL;Apple Mobile USB Driver;c:\windows\system32\drivers\usbaapl.sys [2012-2-15 43520] S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [2009-2-13 11520] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504] S4 QualityManager;Intel(R) Quality Manager;c:\program files\intel\inteldh\intel media server\media server\bin\QualityManager.exe [2007-6-27 272600] . =============== Created Last 30 ================ . 2012-06-14 06:49:49 29904 ——a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{21cd9e03-9a84-447c-8c17-df74ab92319a}\MpKsl20d8ccf4.sys 2012-06-14 06:40:32 40776 ——a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2012-06-13 18:38:35 22344 ——a-w- c:\windows\system32\drivers\mbam.sys 2012-06-13 08:12:21 713784 ——a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{879c71f6-52ba-4dda-a7cb-6e4904b9e070}\gapaengine.dll 2012-06-13 08:09:06 6737808 ——a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{21cd9e03-9a84-447c-8c17-df74ab92319a}\mpengine.dll 2012-06-12 08:25:17 6737808 ——a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll 2012-06-12 05:55:42 ———— d——-w- c:\program files\Dropbox 2012-06-06 09:07:24 202 ——a-w- c:\programdata\microsoft\microsoft antimalware\localcopy\{D202A0C7-96DB-C778-9E19-7592147F760D}-tmp27fd6f3f.bat 2012-06-06 09:06:43 ———— d——-w- c:\users\kim langvad\appdata\roaming\Giaf 2012-06-06 09:06:43 ———— d——-w- c:\users\kim langvad\appdata\roaming\Ebimkeu 2012-06-06 08:57:20 ———— d——-w- c:\programdata\F4D55F3E03F47A720AA426E8570F1C8B 2012-05-31 08:27:56 396560 ——a-w- c:\programdata\microsoft\ehome\packages\mcespotlight\mcespotlight\SpotlightResources.dll 2012-05-30 06:10:17 ———— d——-w- c:\programdata\Nero 2012-05-29 21:42:43 12464 ——a-w- c:\windows\system32\drivers\NBVolUp.sys 2012-05-29 21:39:43 56496 ——a-w- c:\windows\system32\drivers\NBVol.sys 2012-05-29 21:39:41 ———— d——-w- c:\program files\Nero 2012-05-29 21:39:05 248672 ——a-w- c:\windows\system32\d3dx11_43.dll 2012-05-29 21:38:15 1974616 ——a-w- c:\windows\system32\D3DCompiler_42.dll 2012-05-29 21:37:12 470880 ——a-w- c:\windows\system32\d3dx10_43.dll 2012-05-29 21:36:11 1892184 ——a-w- c:\windows\system32\D3DX9_42.dll 2012-05-29 21:35:25 1998168 ——a-w- c:\windows\system32\D3DX9_43.dll 2012-05-29 21:34:37 4379984 ——a-w- c:\windows\system32\D3DX9_40.dll 2012-05-29 21:33:49 1868128 ——a-w- c:\windows\system32\d3dcsx_43.dll 2012-05-29 21:33:04 3727720 ——a-w- c:\windows\system32\d3dx9_35.dll 2012-05-29 21:32:20 2106216 ——a-w- c:\windows\system32\D3DCompiler_43.dll 2012-05-29 21:31:30 3497832 ——a-w- c:\windows\system32\d3dx9_34.dll 2012-05-20 08:27:04 159744 ——a-w- c:\program files\internet explorer\plugins\npqtplugin7.dll 2012-05-20 08:27:04 159744 ——a-w- c:\program files\internet explorer\plugins\npqtplugin6.dll 2012-05-20 08:27:04 159744 ——a-w- c:\program files\internet explorer\plugins\npqtplugin5.dll 2012-05-20 08:27:04 159744 ——a-w- c:\program files\internet explorer\plugins\npqtplugin4.dll 2012-05-20 08:27:04 159744 ——a-w- c:\program files\internet explorer\plugins\npqtplugin3.dll 2012-05-20 08:27:04 159744 ——a-w- c:\program files\internet explorer\plugins\npqtplugin2.dll 2012-05-20 08:27:04 159744 ——a-w- c:\program files\internet explorer\plugins\npqtplugin.dll . ==================== Find3M ==================== . 2012-06-12 05:54:16 70344 ——a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-06-12 05:54:16 426184 ——a-w- c:\windows\system32\FlashPlayerApp.exe 2012-06-04 12:50:04 59 ——a-w- c:\windows\wpd99.drv 2012-05-15 19:51:08 2045440 ——a-w- c:\windows\system32\win32k.sys 2012-05-15 06:37:49 916992 ——a-w- c:\windows\system32\wininet.dll 2012-05-15 06:32:25 43520 ——a-w- c:\windows\system32\licmgr10.dll 2012-05-15 06:32:00 1469440 ——a-w- c:\windows\system32\inetcpl.cpl 2012-05-15 06:31:44 109056 ——a-w- c:\windows\system32\iesysprep.dll 2012-05-15 06:31:43 71680 ——a-w- c:\windows\system32\iesetup.dll 2012-05-15 05:01:56 385024 ——a-w- c:\windows\system32\html.iec 2012-05-15 03:26:05 133632 ——a-w- c:\windows\system32\ieUnatt.exe 2012-05-15 03:23:41 1638912 ——a-w- c:\windows\system32\mshtml.tlb 2012-05-01 14:03:49 180736 ——a-w- c:\windows\system32\drivers\rdpwd.sys 2012-04-23 16:00:53 984064 ——a-w- c:\windows\system32\crypt32.dll 2012-04-23 16:00:53 98304 ——a-w- c:\windows\system32\cryptnet.dll 2012-04-23 16:00:53 133120 ——a-w- c:\windows\system32\cryptsvc.dll 2012-04-18 18:56:30 94208 ——a-w- c:\windows\system32\QuickTimeVR.qtx 2012-04-18 18:56:30 69632 ——a-w- c:\windows\system32\QuickTime.qts 2012-04-03 08:16:12 3602816 ——a-w- c:\windows\system32\ntkrnlpa.exe 2012-04-03 08:16:11 3550080 ——a-w- c:\windows\system32\ntoskrnl.exe 2012-03-30 12:39:11 914304 ——a-w- c:\windows\system32\drivers\tcpip.sys 2012-03-29 13:39:19 31232 ——a-w- c:\windows\system32\drivers\tcpipreg.sys 2012-03-20 23:28:50 53120 ——a-w- c:\windows\system32\drivers\partmgr.sys 2012-03-20 18:44:12 74112 ——a-w- c:\windows\system32\drivers\NisDrvWFP.sys 2012-03-20 18:44:12 171064 ——a-w- c:\windows\system32\drivers\MpFilter.sys . ============= FINISH: 8:54:39,07 =============== ATTACH: . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-08-26.01) . Microsoft® Windows Vista™ Home Premium Boot Device: \Device\HarddiskVolume3 Install Date: 12-02-2008 10:36:26 System Uptime: 14-06-2012 08:32:04 (0 hours ago) . Motherboard: Dell Inc. \| \| 0RY007 Processor: Intel(R) Core(TM)2 Duo CPU E4500 @ 2.20GHz \| Socket 775 \| 1600/200mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 456 GiB total, 87,315 GiB free. D: is FIXED (NTFS) - 10 GiB total, 5,59 GiB free. E: is CDROM () F: is CDROM () H: is Removable I: is Removable J: is Removable K: is Removable . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . . ==== Installed Programs ====================== . Update for Microsoft Office 2007 (KB2508958) 7-Zip 9.20 ActiveX sikkerhedssoftware Adobe Flash Player 11 ActiveX Adobe Photoshop 7.0 Adobe Reader X (10.1.3) - Dansk Alletiders Nisse Apple Application Support Apple Mobile Device Support Apple Software Update ATI Catalyst Control Center Audacity 1.2.6 AudibleManager Bonjour Browser Address Error Redirector BufferChm Canon G.726 WMP-Decoder CANON iMAGE GATEWAY Task for ZoomBrowser EX Canon Internet Library for ZoomBrowser EX Canon MovieEdit Task for ZoomBrowser EX Canon RAW Image Task for ZoomBrowser EX Canon Utilities CameraWindow Canon Utilities CameraWindow DC Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX Canon Utilities MyCamera Canon Utilities MyCamera DC Canon Utilities PhotoStitch Canon Utilities RemoteCapture Task for ZoomBrowser EX Canon Utilities ZoomBrowser EX Canon ZoomBrowser EX Memory Card Utility Carbonite Online Backup Setup Catalyst Control Center Core Implementation Catalyst Control Center Graphics Full Existing Catalyst Control Center Graphics Full New Catalyst Control Center Graphics Light Catalyst Control Center Graphics Previews Common Catalyst Control Center Graphics Previews Vista Catalyst Control Center Localization Chinese Standard Catalyst Control Center Localization Chinese Traditional Catalyst Control Center Localization French Catalyst Control Center Localization German Catalyst Control Center Localization Hungarian Catalyst Control Center Localization Italian Catalyst Control Center Localization Japanese Catalyst Control Center Localization Korean Catalyst Control Center Localization Polish Catalyst Control Center Localization Portuguese Catalyst Control Center Localization Spanish Catalyst Control Center Localization Thai Catalyst Control Center Localization Turkish ccc-core-static ccc-utility CCC Help Chinese Standard CCC Help Chinese Traditional CCC Help English CCC Help French CCC Help German CCC Help Hungarian CCC Help Italian CCC Help Japanese CCC Help Korean CCC Help Polish CCC Help Portuguese CCC Help Spanish CCC Help Thai CCC Help Turkish Creative Media Lite Creative MediaSource Creative Removable Disk Manager Creative System Information Creative ZEN Stone Plus User’s Guide Creative Zen Vision M D3DX10 Destination Component DeviceManagementQFolder Digital Signatur Digital Video DocProc DocProcQFolder Dropbox DVD Decrypter (Remove Only) eSupportQFolder Football Mania Google Chrome Google Desktop Google Earth Plug-in Google Toolbar for Internet Explorer Google Update Helper HandBrake 0.9.5 High-Definition Video Playback HijackThis 2.0.2 Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) HP Imaging Device Functions 9.0 HP OCR Software 9.0 HP Photosmart Essential HP Product Assistant HP Scanjet G2710 9.0 HP Solution Center 9.0 HP Update hpg2710 hpg2710QFolder HPProductAssistant iCloud Intel(R) PRO Network Connections 12.1.11.0 Intel(R) Viiv(TM) Software iPhone Configuration Utility ISScript iTunes Java(TM) 6 Update 15 Java(TM) SE Runtime Environment 6 Jesus og Josefine 1.0 Junk Mail filter update Lotus SmartSuite version 9.5 Malwarebytes Anti-Malware version 1.61.0.1400 Maxtor OneTouch Microsoft .NET Framework 3.5 Language Pack SP1 - dan Microsoft .NET Framework 3.5 SP1 Microsoft .NET Framework 4 Client Profile Microsoft .NET Framework 4 Client Profile DAN Language Pack Microsoft .NET Framework 4 Client Profile DAN sprogpakke Microsoft Antimalware Service DA-DK Language Pack Microsoft Application Error Reporting Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Excel MUI (Danish) 2007 Microsoft Office File Validation Add-In Microsoft Office Home and Student 2007 Microsoft Office Live Add-in 1.5 Microsoft Office OneNote MUI (Danish) 2007 Microsoft Office PowerPoint MUI (Danish) 2007 Microsoft Office Proof (Danish) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (German) 2007 Microsoft Office Proofing (Danish) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Shared MUI (Danish) 2007 Microsoft Office Word MUI (Danish) 2007 Microsoft Security Client Microsoft Security Client DA-DK Language Pack Microsoft Security Essentials Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 MobileMe Control Panel MSVCRT MSXML 4.0 SP2 (KB936181) MSXML 4.0 SP2 (KB941833) MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) muvee Reveal Seagate Edition Nero 11 Nero 11 Disc Menus Basic Nero 11 Effects Basic Nero 11 Image Samples Nero 11 Kwik Themes Basic Nero 11 PiP Effects Basic Nero Audio Pack 1 Nero BackItUp 11 Nero BackItUp 11 Help (CHM) Nero Backup Drivers Nero Burning ROM 11 Nero Burning ROM 11 Help (CHM) Nero ControlCenter 11 Nero ControlCenter 11 Help (CHM) Nero Core Components 11 Nero CoverDesigner 11 Nero CoverDesigner 11 Help (CHM) Nero Express 11 Nero Express 11 Help (CHM) Nero Kwik Media Nero Kwik Media Help (CHM) Nero Recode 11 Nero Recode 11 Help (CHM) Nero RescueAgent 11 Nero RescueAgent 11 Help (CHM) Nero SharedVideoCodecs Nero SoundTrax 11 Nero SoundTrax 11 Help (CHM) Nero Update Nero Video 11 Nero Video 11 Help (CHM) Nero WaveEditor 11 Nero WaveEditor 11 Help (CHM) nero.prerequisites.msi Nokia PC Suite 4.88 Octoshape Streaming Services OGA Notifier 2.0.0048.0 Opdatering til Microsoft Office Excel 2007 Help (KB963678) Opdatering til Microsoft Office Powerpoint 2007 Help (KB963669) Opdatering til Microsoft Office Word 2007 Help (KB963665) PanoStandAlone Pdf995 Photo Viewer 2.4 Pixelines skolevej PixiePack Codec Pack QuickTime Realtek High Definition Audio Driver Safari Scan ScannerCopy Seagate Manager Installer Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424) Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Client Profile DAN sprogpakke (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile DAN sprogpakke (KB2518870) Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596880) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597162) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2598041) 32-Bit Edition Security Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office Word 2007 (KB2596917) 32-Bit Edition Segoe UI SES Driver Skins SolutionCenter Sonic Activation Module SoundTaxi 3.9.4 SoundTaxi Media Suite 3.9.4 Sprogpakke til Microsoft .NET Framework 3.5 SP1 - dansk Startour Fotoservice Total Commander (Remove or Repair) Tunebite TViX NetShare 2.13 Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 3.5 SP1 (KB963707) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) User’s Guides VoiceOver Kit WD SmartWare weather_Fsk2.4 WebReg Welcome App (Start-up experience) WIDCOMM Bluetooth Software 6.0.1.4300 Windows Live Communications Platform Windows Live Essentials Windows Live Family Safety Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Mail Windows Live Messenger Windows Live MIME IFilter Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live Sync Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources . ==== End Of File ===========================
[ Ignorer ] [ # 3 ] f-arn TeamSpywarefri
14.06.2012 09:40:01 Administrator Team Spywarefri Antal indlæg: 7044	C:\Users\Kim Langvad\Documents\Ny Organisation-DOK\Musik\WinAmp 5.05 Pro\keygen.exe Slet alle keygens og lignende. ——— Hent og gem ComboFix på dit skrivebord. <- Vigtigt Kør så ComboFix og følg anvisningerne. Da ComboFix kan konflikte med dine sikkerhedsprogrammer, er det vigtigt at du deaktiverer dem. <- Vigtigt Du bør ikke klikke på vinduet imens værktøjet kører, idet det kan få din computer til at fryse. Når ComboFix er færdig, og efter det (muligvis) har genstartet, skulle der gerne åbnes en logfil: ComboFix.txt Indholdet af denne fil må du gerne lægge herind. Den kan findes her: C:\ComboFix.txt Får du noget der ligner denne fejl. Der blev forsøgt en ugyldig handling på en registreringsdatabasenøgle, som er blevet mærket til sletning Så genstart, en gang mere, det burde løse det. Signatur Undlad venligst at vedhæfte logs, medmindre du bliver bedt om det !
[ Ignorer ] [ # 4 ] abba54
14.06.2012 13:30:46 Antal indlæg: 72	Jeg kan godt installere ComboFix men ikke deaktivere Microsoft Security Essentials. Hvordan gør jeg det?
[ Ignorer ] [ # 5 ] abba54
14.06.2012 14:20:46 Antal indlæg: 72	Jeg fandt løsningen på at få deaktiveret Security Essentials. Og så gik scanningen fint. Her er resultatet: ComboFix 12-06-14.01 - Kim Langvad 14-06-2012 13:54:59.1.2 - x86 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.45.1030.18.3069.1542 [GMT 2:00] Kører fra: c:\users\Kim Langvad\Desktop\ComboFix.exe AV: Microsoft Security Essentials Disabled/Updated {9765EA51-0D3C-7DFB-6091-10E4E1F341F6} SP: Microsoft Security Essentials Disabled/Updated {2C040BB5-2B06-7275-5A21-2B969A740B4B} SP: Windows Defender Disabled/Outdated {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((((( Andet, der er slettet ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\users\Kim Langvad\Desktop\Internet Explorer.lnk c:\users\Kim Langvad\GoToAssistDownloadHelper.exe c:\users\Public\Desktop\weather.lnk c:\windows\IsUn0406.exe c:\windows\pkunzip.pif c:\windows\pkzip.pif c:\windows\system32\drivers\etc\hosts.ics c:\windows\winhelp.ini . . ((((((((((((((((((((((((((((( Filer skabt fra 2012-05-14 til 2012-06-14 ))))))))))))))))))))))))))))))))))) . . 2012-06-14 12:05 . 2012-06-14 12:06 ———— d——-w- c:\users\Kim Langvad\AppData\Local\temp 2012-06-14 12:05 . 2012-06-14 12:05 ———— d——-w- c:\users\IUSR_NMPR\AppData\Local\temp 2012-06-14 12:05 . 2012-06-14 12:05 ———— d——-w- c:\users\Default\AppData\Local\temp 2012-06-14 08:14 . 2012-06-14 08:14 29904 ——a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{35ABCF94-794A-401D-93B5-8416FBDA95CF}\MpKsl0579d6a6.sys 2012-06-14 08:14 . 2012-06-14 08:14 56200 ——a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{35ABCF94-794A-401D-93B5-8416FBDA95CF}\offreg.dll 2012-06-14 08:08 . 2012-05-08 16:40 6737808 ——a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{35ABCF94-794A-401D-93B5-8416FBDA95CF}\mpengine.dll 2012-06-13 18:38 . 2012-04-04 13:56 22344 ——a-w- c:\windows\system32\drivers\mbam.sys 2012-06-13 08:12 . 2012-02-12 08:38 713784 ———w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{879C71F6-52BA-4DDA-A7CB-6E4904B9E070}\gapaengine.dll 2012-06-13 08:09 . 2012-05-08 16:40 6737808 ——a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2012-06-12 05:55 . 2012-06-12 05:55 ———— d——-w- c:\program files\Dropbox 2012-06-06 09:07 . 2012-06-06 09:07 202 ——a-w- c:\programdata\Microsoft\Microsoft Antimalware\LocalCopy\{D202A0C7-96DB-C778-9E19-7592147F760D}-tmp27fd6f3f.bat 2012-06-06 09:06 . 2012-06-14 06:28 ———— d——-w- c:\users\Kim Langvad\AppData\Roaming\Ebimkeu 2012-06-06 09:06 . 2012-06-06 09:07 ———— d——-w- c:\users\Kim Langvad\AppData\Roaming\Giaf 2012-06-06 08:57 . 2012-06-13 19:11 ———— d——-w- c:\programdata\F4D55F3E03F47A720AA426E8570F1C8B 2012-05-31 08:27 . 2012-05-31 08:27 396560 ——a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll 2012-05-30 06:26 . 2012-05-30 06:26 ———— d——-w- c:\users\Kim Langvad\AppData\Roaming\Nero 2012-05-30 06:11 . 2012-05-30 06:16 ———— d——-w- c:\program files\Common Files\Nero 2012-05-30 06:10 . 2012-05-30 06:24 ———— d——-w- c:\programdata\Nero 2012-05-29 21:42 . 2011-12-01 09:40 12464 ——a-w- c:\windows\system32\drivers\NBVolUp.sys 2012-05-29 21:39 . 2011-12-01 09:40 56496 ——a-w- c:\windows\system32\drivers\NBVol.sys 2012-05-29 21:39 . 2012-05-30 06:23 ———— d——-w- c:\program files\Nero 2012-05-29 21:39 . 2010-05-26 09:41 248672 ——a-w- c:\windows\system32\d3dx11_43.dll 2012-05-29 21:38 . 2009-09-04 15:29 1974616 ——a-w- c:\windows\system32\D3DCompiler_42.dll 2012-05-29 21:37 . 2010-05-26 09:41 470880 ——a-w- c:\windows\system32\d3dx10_43.dll 2012-05-29 21:36 . 2009-09-04 15:29 1892184 ——a-w- c:\windows\system32\D3DX9_42.dll 2012-05-29 21:35 . 2010-05-26 09:41 1998168 ——a-w- c:\windows\system32\D3DX9_43.dll 2012-05-29 21:34 . 2008-10-15 04:22 4379984 ——a-w- c:\windows\system32\D3DX9_40.dll 2012-05-29 21:33 . 2010-05-26 09:41 1868128 ——a-w- c:\windows\system32\d3dcsx_43.dll 2012-05-29 21:33 . 2007-07-19 16:14 3727720 ——a-w- c:\windows\system32\d3dx9_35.dll 2012-05-29 21:32 . 2010-05-26 09:41 2106216 ——a-w- c:\windows\system32\D3DCompiler_43.dll 2012-05-29 21:31 . 2007-05-16 14:45 3497832 ——a-w- c:\windows\system32\d3dx9_34.dll 2012-05-20 08:27 . 2012-05-20 08:27 159744 ——a-w- c:\program files\Internet Explorer\plugins\npqtplugin7.dll 2012-05-20 08:27 . 2012-05-20 08:27 159744 ——a-w- c:\program files\Internet Explorer\plugins\npqtplugin6.dll 2012-05-20 08:27 . 2012-05-20 08:27 159744 ——a-w- c:\program files\Internet Explorer\plugins\npqtplugin5.dll 2012-05-20 08:27 . 2012-05-20 08:27 159744 ——a-w- c:\program files\Internet Explorer\plugins\npqtplugin4.dll 2012-05-20 08:27 . 2012-05-20 08:27 159744 ——a-w- c:\program files\Internet Explorer\plugins\npqtplugin3.dll 2012-05-20 08:27 . 2012-05-20 08:27 159744 ——a-w- c:\program files\Internet Explorer\plugins\npqtplugin2.dll 2012-05-20 08:27 . 2012-05-20 08:27 159744 ——a-w- c:\program files\Internet Explorer\plugins\npqtplugin.dll 2012-05-20 08:26 . 2012-05-20 08:27 ———— d——-w- c:\program files\QuickTime . . . (((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-06-12 05:54 . 2012-04-02 07:42 426184 ——a-w- c:\windows\system32\FlashPlayerApp.exe 2012-06-12 05:54 . 2011-05-14 09:25 70344 ——a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-04-18 18:56 . 2012-04-18 18:56 94208 ——a-w- c:\windows\system32\QuickTimeVR.qtx 2012-04-18 18:56 . 2012-04-18 18:56 69632 ——a-w- c:\windows\system32\QuickTime.qts 2012-04-03 08:16 . 2012-05-10 05:36 3602816 ——a-w- c:\windows\system32\ntkrnlpa.exe 2012-04-03 08:16 . 2012-05-10 05:36 3550080 ——a-w- c:\windows\system32\ntoskrnl.exe 2012-03-30 12:39 . 2012-05-10 05:37 914304 ——a-w- c:\windows\system32\drivers\tcpip.sys 2012-03-29 13:39 . 2012-05-10 05:37 31232 ——a-w- c:\windows\system32\drivers\tcpipreg.sys 2012-03-20 23:28 . 2012-05-10 05:37 53120 ——a-w- c:\windows\system32\drivers\partmgr.sys 2012-03-20 18:44 . 2010-10-24 20:25 74112 ——a-w- c:\windows\system32\drivers\NisDrvWFP.sys 2012-03-20 18:44 . 2010-10-24 20:25 171064 ——a-w- c:\windows\system32\drivers\MpFilter.sys . . ((((((((((((((((((((((((((((((((((( Start steder i reg.basen )))))))))))))))))))))))))))))))))))))))))))))))) . . Bemærk tomme linier & lovlige standard linier vises ikke REGEDIT4 . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] @=”{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}” [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2010-10-06 23:36 94208 ——a-w- c:\users\Kim Langvad\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] @=”{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}” [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2010-10-06 23:36 94208 ——a-w- c:\users\Kim Langvad\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] @=”{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}” [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2010-10-06 23:36 94208 ——a-w- c:\users\Kim Langvad\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] “swg”=“c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe” [2008-02-12 68856] “ehTray.exe”=“c:\windows\ehome\ehTray.exe” [2008-01-19 125952] “TViXNetShare”=“c:\program files\DVICO\TViXNetShare\TViXNetShare.exe” [2010-01-12 901120] “cfweatherStation”=“c:\weather\Weather.exe” [2009-08-17 1189376] “MobileDocuments”=“c:\program files\Common Files\Apple\Internet Services\ubd.exe” [2012-02-23 59240] “Octoshape Streaming Services”=“c:\users\Kim Langvad\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe” [2011-03-24 107800] “WMPNSCFG”=“c:\program files\Windows Media Player\WMPNSCFG.exe” [2008-01-19 202240] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] “RtHDVCpl”=“RtHDVCpl.exe” [2007-05-11 4452352] “AppleSyncNotifier”=“c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe” [2011-10-05 59240] “HP Software Update”=“c:\program files\HP\HP Software Update\HPWuSchd2.exe” [2007-03-11 49152] “StartCCC”=“c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe” [2006-11-10 90112] “NMSSupport”=“c:\program files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe” [2007-06-27 439512] “Net-It Launcher”=“c:\windows\system32\NILaunch.exe” [1998-02-05 24576] “MaxtorOneTouch”=“c:\progra~1\Maxtor\OneTouch\Utils\OneTouch.exe” [2003-05-21 45056] “ISUSScheduler”=“c:\program files\Common Files\InstallShield\UpdateService\issch.exe” [2006-10-03 81920] “Google Desktop Search”=“c:\program files\Google\Google Desktop Search\GoogleDesktop.exe” [2008-02-12 1838592] “ECenter”=“c:\dell\E-Center\EULALauncher.exe” [2007-05-25 17920] “CCUTRAYICON”=“c:\program files\Intel\IntelDH\CCU\CCU_TrayIcon.exe” [2007-06-27 215256] “Bluetooth HCI Monitor”=“HCIMNTR.DLL” [2006-12-07 9728] “CarboniteSetupLite”=“c:\program files\Carbonite\CarbonitePreinstaller.exe” [2009-08-04 318096] “MaxMenuMgr”=“c:\program files\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe” [2009-09-25 185640] “APSDaemon”=“c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe” [2012-02-20 59240] “Adobe ARM”=“c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe” [2012-01-03 843712] “iTunesHelper”=“c:\program files\iTunes\iTunesHelper.exe” [2012-03-27 421736] “MSC”=“c:\program files\Microsoft Security Client\msseces.exe” [2012-03-26 931200] “QuickTime Task”=“c:\program files\QuickTime\QTTask.exe” [2012-04-18 421888] “NBAgent”=“c:\program files\Nero\Nero 11\Nero BackItUp\NBAgent.exe” [2012-01-13 1493288] . c:\users\Kim Langvad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Dropbox.lnk - c:\users\Kim Langvad\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-5-24 27112840] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2008-3-10 110592] BTTray.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2007-2-13 715568] WDDMStatus.lnk - c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe [2009-11-13 2057536] WDSmartWare.lnk - c:\program files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe [2009-11-13 9117504] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] “EnableUIADesktopToggle”= 0 (0x0) “EnableLinkedConnections”= 1 (0x1) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] “AppInit_DLLs”=c:\progra~1\Google\GOOGLE~2\GoogleDesktopNetwork3.dll . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] @=”“ . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] @=“Service” . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] 2008-02-12 09:46 77824 ——a-w- c:\program files\Java\jre1.6.0\bin\jusched.exe . R2 0059321299772622mcinstcleanup;McAfee Application Installer Cleanup (0059321299772622);c:\users\KIMLAN~1\AppData\Local\Temp\005932~1.EXE [x] R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-12 257224] S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928] . . —- Andre Services/Drivers i Hukommelsen—- . NewlyCreated - MPKSL0579D6A6 NewlyCreated - MPKSL20D8CCF4 Deregistered - MpKsl20d8ccf4 . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] bthsvcs REG_MULTI_SZ BthServ LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache hpdevmgmt REG_MULTI_SZ hpqcxs08 . [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{B2C3BB6B-E005-4246-B8E5-DF0A4D073CDC}] 2008-06-18 13:04 8192 ——a-w- c:\program files\PixiePack Codec Pack\InstallerHelper.exe . Indhold af mappen ‘Planlagte Opgaver’ . 2012-06-14 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-02 05:54] . 2012-06-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2011-10-11 07:44] . 2012-06-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2011-10-11 07:44] . . ———- Yderligere scanning———- . uStart Page = https://www.google.dk/ uInternet Settings,ProxyOverride = .local IE: E&ksporter; til Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 IE: Send billede til &Bluetooth;-enhed… - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm IE: Send siden til &Bluetooth;-enhed… - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm Trusted Zone: cimber.com\www Trusted Zone: danid.dk Trusted Zone: tdc.dk\kundeservice Trusted Zone: tdc.dk\udstedelse.certifikat Trusted Zone: danid.dk TCP: DhcpNameServer = 192.168.1.1 DPF: {D216644A-C6DB-49D9-BBCF-D38FE7991BF2} - hxxps://udstedelse.certifikat.tdc.dk/csp/authenticode/tdccsp-0506.exe . - - - - TOMME GENVEJE FJERNET - - - - . HKLM-Run-MMTray - c:\progra~1\MUSICM~1\MUSICM~1\mm_tray.exe HKLM-Run-MimBoot - c:\progra~1\MUSICM~1\MUSICM~1\mimboot.exe AddRemove-Adobe Photoshop 7.0 - c:\windows\ISUN0406.EXE . . . *********************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2012-06-14 14:06 Windows 6.0.6002 Service Pack 2 NTFS . scanner skjulte processer ... . scanner skjulte autostarter ... . scanner skjulte filer ... . scanning gennemført med succes skjulte filer: 0 . ************************************************************************ . ——————————- LÅSTE REGISTRERINGS NØGLER——————————- . [HKEY_USERS\S-1-5-21-1078876698-3040631466-2266607781-1001\Software\Creative Tech\Component Installed\{B3D7BF0D-FBAD-4D39-A562-5BE27FEE9E92}\Object\{00000000-0000-0000-0000-000000000000}\User Settings\ ®* 0 ] “Encoding Language”=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) “BlindDial”=dword:00000000 . Gennemført tid: 2012-06-14 14:10:57 ComboFix-quarantined-files.txt 2012-06-14 12:10 . Pre-Kørsel: 92.567.826.432 byte ledig Post-Kørsel: 97.294.946.304 byte ledig . - - End Of File - - D1506605BD30EF5DAD6BA7AF40414C56
[ Ignorer ] [ # 6 ] f-arn TeamSpywarefri
14.06.2012 19:56:50 Administrator Team Spywarefri Antal indlæg: 7044	Højreklik på skrivebordet og vælg ny->tekstdokument og kopier det fremhævede ind og gem filen som CFScript Killall:: Filelook:: c:\program files\DVICO\TViXNetShare\TViXNetShare.exe Folder:: c:\users\Kim Langvad\AppData\Roaming\Ebimkeu Dirlook:: C:\Users\Kim Langvad\Documents\Ny Organisation-DOK\Musik c:\users\Kim Langvad\AppData\Roaming\Giaf Driver:: 0059321299772622mcinstcleanup ClearJavaCache:: Da Combofix kan konflikte med dine sikkerhedsprogrammer er det vigtigt at du deaktiverer dem. <- Vigtigt Tag så fat i den nye fil med musen, og før den hen over ComboFix-filen, hvorefter du “giver slip” med musen. http://www.fromsej.saknet.dk/billeder/swfcombo.gif Så skulle ComboFix gerne give sig til at arbejde. Muligvis vil den kræve en genstart, hvilket du skal tillade. Du bør ikke klikke på vinduet imens værktøjet kører, idet det kan få din computer til at fryse. Når Combofix er færdig, og efter det (muligvis) har genstartet, skulle der gerne åbnes en logfil combofix.txt som ligger her C:\Combofix.txt Indholdet af denne fil må du gerne lægge herind. Signatur Undlad venligst at vedhæfte logs, medmindre du bliver bedt om det !
[ Ignorer ] [ # 7 ] abba54
14.06.2012 21:14:28 Antal indlæg: 72	Så er den klaret: ComboFix 12-06-14.01 - Kim Langvad 14-06-2012 20:36:58.2.2 - x86 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.45.1030.18.3069.1549 [GMT 2:00] Kører fra: c:\users\Kim Langvad\Desktop\ComboFix.exe Kommandoer benyttet :: c:\users\Kim Langvad\Desktop\CFScript.txt AV: Microsoft Security Essentials Disabled/Updated {9765EA51-0D3C-7DFB-6091-10E4E1F341F6} SP: Microsoft Security Essentials Disabled/Updated {2C040BB5-2B06-7275-5A21-2B969A740B4B} SP: Windows Defender Disabled/Outdated {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((((( Andet, der er slettet ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\users\Kim Langvad\AppData\Roaming\Ebimkeu . . ((((((((((((((((((((((((((((((((((((((( Drivers/Tjenester ))))))))))))))))))))))))))))))))))))))))))))))))) . . ———-\Service_0059321299772622mcinstcleanup . . ((((((((((((((((((((((((((((( Filer skabt fra 2012-05-14 til 2012-06-14 ))))))))))))))))))))))))))))))))))) . . 2012-06-14 18:45 . 2012-06-14 18:49 ———— d——-w- c:\users\Kim Langvad\AppData\Local\temp 2012-06-14 18:45 . 2012-06-14 18:45 ———— d——-w- c:\users\IUSR_NMPR\AppData\Local\temp 2012-06-13 18:38 . 2012-04-04 13:56 22344 ——a-w- c:\windows\system32\drivers\mbam.sys 2012-06-13 08:12 . 2012-02-12 08:38 713784 ———w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{879C71F6-52BA-4DDA-A7CB-6E4904B9E070}\gapaengine.dll 2012-06-13 08:09 . 2012-05-08 16:40 6737808 ——a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2012-06-12 05:55 . 2012-06-12 05:55 ———— d——-w- c:\program files\Dropbox 2012-06-06 09:07 . 2012-06-06 09:07 202 ——a-w- c:\programdata\Microsoft\Microsoft Antimalware\LocalCopy\{D202A0C7-96DB-C778-9E19-7592147F760D}-tmp27fd6f3f.bat 2012-06-06 09:06 . 2012-06-06 09:07 ———— d——-w- c:\users\Kim Langvad\AppData\Roaming\Giaf 2012-06-06 08:57 . 2012-06-13 19:11 ———— d——-w- c:\programdata\F4D55F3E03F47A720AA426E8570F1C8B 2012-05-31 08:27 . 2012-05-31 08:27 396560 ——a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll 2012-05-30 06:26 . 2012-05-30 06:26 ———— d——-w- c:\users\Kim Langvad\AppData\Roaming\Nero 2012-05-30 06:11 . 2012-05-30 06:16 ———— d——-w- c:\program files\Common Files\Nero 2012-05-30 06:10 . 2012-05-30 06:24 ———— d——-w- c:\programdata\Nero 2012-05-29 21:42 . 2011-12-01 09:40 12464 ——a-w- c:\windows\system32\drivers\NBVolUp.sys 2012-05-29 21:39 . 2011-12-01 09:40 56496 ——a-w- c:\windows\system32\drivers\NBVol.sys 2012-05-29 21:39 . 2012-05-30 06:23 ———— d——-w- c:\program files\Nero 2012-05-29 21:39 . 2010-05-26 09:41 248672 ——a-w- c:\windows\system32\d3dx11_43.dll 2012-05-29 21:38 . 2009-09-04 15:29 1974616 ——a-w- c:\windows\system32\D3DCompiler_42.dll 2012-05-29 21:37 . 2010-05-26 09:41 470880 ——a-w- c:\windows\system32\d3dx10_43.dll 2012-05-29 21:36 . 2009-09-04 15:29 1892184 ——a-w- c:\windows\system32\D3DX9_42.dll 2012-05-29 21:35 . 2010-05-26 09:41 1998168 ——a-w- c:\windows\system32\D3DX9_43.dll 2012-05-29 21:34 . 2008-10-15 04:22 4379984 ——a-w- c:\windows\system32\D3DX9_40.dll 2012-05-29 21:33 . 2010-05-26 09:41 1868128 ——a-w- c:\windows\system32\d3dcsx_43.dll 2012-05-29 21:33 . 2007-07-19 16:14 3727720 ——a-w- c:\windows\system32\d3dx9_35.dll 2012-05-29 21:32 . 2010-05-26 09:41 2106216 ——a-w- c:\windows\system32\D3DCompiler_43.dll 2012-05-29 21:31 . 2007-05-16 14:45 3497832 ——a-w- c:\windows\system32\d3dx9_34.dll 2012-05-20 08:27 . 2012-05-20 08:27 159744 ——a-w- c:\program files\Internet Explorer\plugins\npqtplugin7.dll 2012-05-20 08:27 . 2012-05-20 08:27 159744 ——a-w- c:\program files\Internet Explorer\plugins\npqtplugin6.dll 2012-05-20 08:27 . 2012-05-20 08:27 159744 ——a-w- c:\program files\Internet Explorer\plugins\npqtplugin5.dll 2012-05-20 08:27 . 2012-05-20 08:27 159744 ——a-w- c:\program files\Internet Explorer\plugins\npqtplugin4.dll 2012-05-20 08:27 . 2012-05-20 08:27 159744 ——a-w- c:\program files\Internet Explorer\plugins\npqtplugin3.dll 2012-05-20 08:27 . 2012-05-20 08:27 159744 ——a-w- c:\program files\Internet Explorer\plugins\npqtplugin2.dll 2012-05-20 08:27 . 2012-05-20 08:27 159744 ——a-w- c:\program files\Internet Explorer\plugins\npqtplugin.dll 2012-05-20 08:26 . 2012-05-20 08:27 ———— d——-w- c:\program files\QuickTime . . . (((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-06-12 05:54 . 2012-04-02 07:42 426184 ——a-w- c:\windows\system32\FlashPlayerApp.exe 2012-06-12 05:54 . 2011-05-14 09:25 70344 ——a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-05-15 19:51 . 2012-06-13 06:08 2045440 ——a-w- c:\windows\system32\win32k.sys 2012-05-15 06:37 . 2012-06-13 06:08 916992 ——a-w- c:\windows\system32\wininet.dll 2012-04-18 18:56 . 2012-04-18 18:56 94208 ——a-w- c:\windows\system32\QuickTimeVR.qtx 2012-04-18 18:56 . 2012-04-18 18:56 69632 ——a-w- c:\windows\system32\QuickTime.qts 2012-04-03 08:16 . 2012-05-10 05:36 3602816 ——a-w- c:\windows\system32\ntkrnlpa.exe 2012-04-03 08:16 . 2012-05-10 05:36 3550080 ——a-w- c:\windows\system32\ntoskrnl.exe 2012-03-30 12:39 . 2012-05-10 05:37 914304 ——a-w- c:\windows\system32\drivers\tcpip.sys 2012-03-29 13:39 . 2012-05-10 05:37 31232 ——a-w- c:\windows\system32\drivers\tcpipreg.sys 2012-03-20 23:28 . 2012-05-10 05:37 53120 ——a-w- c:\windows\system32\drivers\partmgr.sys 2012-03-20 18:44 . 2010-10-24 20:25 74112 ——a-w- c:\windows\system32\drivers\NisDrvWFP.sys 2012-03-20 18:44 . 2010-10-24 20:25 171064 ——a-w- c:\windows\system32\drivers\MpFilter.sys . . (((((((((((((((((((((((((((((((((((((((((((( Look ))))))))))))))))))))))))))))))))))))))))))))))))))))))))) . . —- c:\program files\DVICO\TViXNetShare\TViXNetShare.exe—- Company: DVICO File Description: File Version: 2.1.3.0 Product Name: TViX NetShare(c) Copyright: Original Filename: File size: 901120 Created time: 2011-03-20 12:36 Modified time: 2010-01-12 10:34 MD5: D465FEF45D8D14E1FE8A6C71A5E1D213 SHA1: 938A1F5C7EB4B4D7E70EAB3F0B93A0984A92F0C5 . ——Directory of c:\users\Kim Langvad\AppData\Roaming\Giaf—— . 2009-03-17 20:00 . 2012-06-14 06:04 1830925 ——a-w- c:\users\Kim Langvad\AppData\Roaming\Giaf\lyivovi.awk 2009-03-17 20:00 . 2009-03-17 20:00 0 ——a-w- c:\users\Kim Langvad\AppData\Roaming\Giaf\lyivovi.tmp . ——Directory of c:\users\Kim Langvad\Documents\Ny Organisation-DOK\Musik—— . . . ((((((((((((((((((((((((((((((((((( Start steder i reg.basen )))))))))))))))))))))))))))))))))))))))))))))))) . . Bemærk tomme linier & lovlige standard linier vises ikke REGEDIT4 . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] @=”{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}” [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2010-10-06 23:36 94208 ——a-w- c:\users\Kim Langvad\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] @=”{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}” [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2010-10-06 23:36 94208 ——a-w- c:\users\Kim Langvad\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] @=”{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}” [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2010-10-06 23:36 94208 ——a-w- c:\users\Kim Langvad\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] “swg”=“c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe” [2008-02-12 68856] “ehTray.exe”=“c:\windows\ehome\ehTray.exe” [2008-01-19 125952] “TViXNetShare”=“c:\program files\DVICO\TViXNetShare\TViXNetShare.exe” [2010-01-12 901120] “cfweatherStation”=“c:\weather\Weather.exe” [2009-08-17 1189376] “MobileDocuments”=“c:\program files\Common Files\Apple\Internet Services\ubd.exe” [2012-02-23 59240] “Octoshape Streaming Services”=“c:\users\Kim Langvad\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe” [2011-03-24 107800] “WMPNSCFG”=“c:\program files\Windows Media Player\WMPNSCFG.exe” [2008-01-19 202240] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] “RtHDVCpl”=“RtHDVCpl.exe” [2007-05-11 4452352] “AppleSyncNotifier”=“c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe” [2011-10-05 59240] “HP Software Update”=“c:\program files\HP\HP Software Update\HPWuSchd2.exe” [2007-03-11 49152] “StartCCC”=“c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe” [2006-11-10 90112] “NMSSupport”=“c:\program files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe” [2007-06-27 439512] “Net-It Launcher”=“c:\windows\system32\NILaunch.exe” [1998-02-05 24576] “MaxtorOneTouch”=“c:\progra~1\Maxtor\OneTouch\Utils\OneTouch.exe” [2003-05-21 45056] “ISUSScheduler”=“c:\program files\Common Files\InstallShield\UpdateService\issch.exe” [2006-10-03 81920] “Google Desktop Search”=“c:\program files\Google\Google Desktop Search\GoogleDesktop.exe” [2008-02-12 1838592] “ECenter”=“c:\dell\E-Center\EULALauncher.exe” [2007-05-25 17920] “CCUTRAYICON”=“c:\program files\Intel\IntelDH\CCU\CCU_TrayIcon.exe” [2007-06-27 215256] “Bluetooth HCI Monitor”=“HCIMNTR.DLL” [2006-12-07 9728] “CarboniteSetupLite”=“c:\program files\Carbonite\CarbonitePreinstaller.exe” [2009-08-04 318096] “MaxMenuMgr”=“c:\program files\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe” [2009-09-25 185640] “APSDaemon”=“c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe” [2012-02-20 59240] “Adobe ARM”=“c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe” [2012-01-03 843712] “iTunesHelper”=“c:\program files\iTunes\iTunesHelper.exe” [2012-03-27 421736] “MSC”=“c:\program files\Microsoft Security Client\msseces.exe” [2012-03-26 931200] “QuickTime Task”=“c:\program files\QuickTime\QTTask.exe” [2012-04-18 421888] “NBAgent”=“c:\program files\Nero\Nero 11\Nero BackItUp\NBAgent.exe” [2012-01-13 1493288] . c:\users\Kim Langvad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Dropbox.lnk - c:\users\Kim Langvad\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-5-24 27112840] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2008-3-10 110592] BTTray.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2007-2-13 715568] WDDMStatus.lnk - c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe [2009-11-13 2057536] WDSmartWare.lnk - c:\program files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe [2009-11-13 9117504] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] “EnableUIADesktopToggle”= 0 (0x0) “EnableLinkedConnections”= 1 (0x1) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] “AppInit_DLLs”=c:\progra~1\Google\GOOGLE~2\GoogleDesktopNetwork3.dll . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] @=”“ . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] @=“Service” . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] 2008-02-12 09:46 77824 ——a-w- c:\program files\Java\jre1.6.0\bin\jusched.exe . R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-12 257224] S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928] . . —- Andre Services/Drivers i Hukommelsen—- . NewlyCreated - WS2IFSL . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] bthsvcs REG_MULTI_SZ BthServ LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache hpdevmgmt REG_MULTI_SZ hpqcxs08 . [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{B2C3BB6B-E005-4246-B8E5-DF0A4D073CDC}] 2008-06-18 13:04 8192 ——a-w- c:\program files\PixiePack Codec Pack\InstallerHelper.exe . Indhold af mappen ‘Planlagte Opgaver’ . 2012-06-14 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-02 05:54] . 2012-06-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2011-10-11 07:44] . 2012-06-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2011-10-11 07:44] . . ———- Yderligere scanning———- . uStart Page = https://www.google.dk/ uInternet Settings,ProxyOverride = .local IE: E&ksporter; til Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 IE: Send billede til &Bluetooth;-enhed… - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm IE: Send siden til &Bluetooth;-enhed… - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm Trusted Zone: cimber.com\www Trusted Zone: danid.dk Trusted Zone: tdc.dk\kundeservice Trusted Zone: tdc.dk\udstedelse.certifikat Trusted Zone: danid.dk TCP: DhcpNameServer = 192.168.1.1 DPF: {D216644A-C6DB-49D9-BBCF-D38FE7991BF2} - hxxps://udstedelse.certifikat.tdc.dk/csp/authenticode/tdccsp-0506.exe . . *********************************************************************** scanner skjulte processer ... . scanner skjulte autostarter ... . scanner skjulte filer ... . scanning gennemført med succes skjulte filer: . ************************************************************************ . ——————————- LÅSTE REGISTRERINGS NØGLER——————————- . [HKEY_USERS\S-1-5-21-1078876698-3040631466-2266607781-1001\Software\Creative Tech\Component Installed\{B3D7BF0D-FBAD-4D39-A562-5BE27FEE9E92}\Object\{00000000-0000-0000-0000-000000000000}\User Settings\ ®* 0 ] “Encoding Language”=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) “BlindDial”=dword:00000000 . ——————————- DLLs startet under kørende Processer——————————- . - - - - - - - > ‘Explorer.exe’(3612) c:\users\Kim Langvad\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll c:\windows\system32\btncopy.dll . ————————————Andre kørende processer———————————— . c:\program files\Microsoft Security Client\MsMpEng.exe c:\windows\system32\Ati2evxx.exe c:\windows\system32\Ati2evxx.exe c:\program files\Intel\IntelDH\CCU\AlertService.exe c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe c:\program files\Bonjour\mDNSResponder.exe c:\windows\system32\CTsvcCDA.exe c:\program files\Creative\Shared Files\CTDevSrv.exe c:\program files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe c:\program files\Seagate\SeagateManager\Sync\FreeAgentService.exe c:\program files\Nero\Update\NASvc.exe c:\program files\Common Files\Intel\IntelDH\NMS\NMSCore\NMSCore.exe c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe c:\program files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe c:\windows\system32\WUDFHost.exe c:\program files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe c:\program files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe c:\program files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe c:\windows\system32\conime.exe c:\program files\Windows Media Player\wmpnetwk.exe c:\windows\system32\DllHost.exe c:\windows\system32\RacAgent.exe . ************************************************************************** . Gennemført tid: 2012-06-14 21:02:56 - maskinen blev genstartet ComboFix-quarantined-files.txt 2012-06-14 19:00 ComboFix2.txt 2012-06-14 12:10 . Pre-Kørsel: 97.272.795.136 byte ledig Post-Kørsel: 97.194.881.024 byte ledig . - - End Of File - - 00546D87B4804057893CB19D755364BF
[ Ignorer ] [ # 8 ] f-arn TeamSpywarefri
14.06.2012 22:11:55 Administrator Team Spywarefri Antal indlæg: 7044	Der er noget der undrer mig, så jeg vil gerne sikre mig, at der ikke er noget der gemmer sig. ——— Du skal deaktivere Microsoft Security Essentials, mens du kører disse. Download Tdsskiller.zip på dit skrivebord og pak den ud i en mappe. Start TDSSKiller.exe. Mht.: Vista og Windows 7 - Højreklik på filen - Kør som Administrator. Under “Change parameters” sætter du flueben ved “Detect TDLFS file system” Klik på “Start Scan” Hvis en inficeret fil bliver fundet, vil ”Default action” være Cure, klik på Continue Hvis den finder TDLFS file system, klikker du på Delete. Hvis en mistænkelig fil opdages, vil ”Default action” være Skip, klik på Continue Hvis den ikke spørger om ”Reboot” (genstart) så klik på ”Report”, kopier den tekst herind i tråden. Genstart hvis den kræver det. Hvis den genstarter kan du finde logfilen her : C:\TDSSKiller.[Version]_[Dato]_[Tidspunkt]_log.txt. Kopier den tekst herind I denne tråd. (Den skal nok deles i to) ——— Hent og gem aswMBR på dit Skrivebord. Start aswMBR og klik på “Scan” Mht.: Vista og Windows 7 - Højreklik på filen - Kør som Administrator. Hvis den spørger efter “Avast virus definitioner” klikker du “Yes” Når den er færdig med at scanne, klikker du på “SAVE LOG” og sender loggen herind. ——— PS Vil du godt gøre det, i den rækkefølge jeg anfører Signatur Undlad venligst at vedhæfte logs, medmindre du bliver bedt om det !
[ Ignorer ] [ # 9 ] abba54
14.06.2012 22:58:27 Antal indlæg: 72	Logfil fra TDSKILLER er her - resten følger om lidt: Den er tekstmæssigt for stor - fil vedhæftet med loggen. Den går heller ikke. Så I må have den i flere mails. 22:41:44.0072 0824 TDSS rootkit removing tool 2.7.39.0 Jun 14 2012 08:11:46 22:41:44.0276 0824 ============================================================ 22:41:44.0276 0824 Current date / time: 2012/06/14 22:41:44.0276 22:41:44.0276 0824 SystemInfo: 22:41:44.0276 0824 22:41:44.0276 0824 OS Version: 6.0.6002 ServicePack: 2.0 22:41:44.0276 0824 Product type: Workstation 22:41:44.0277 0824 ComputerName: KIMLANGVAD-PC 22:41:44.0277 0824 UserName: Kim Langvad 22:41:44.0277 0824 Windows directory: C:\Windows 22:41:44.0277 0824 System windows directory: C:\Windows 22:41:44.0277 0824 Processor architecture: Intel x86 22:41:44.0277 0824 Number of processors: 2 22:41:44.0277 0824 Page size: 0x1000 22:41:44.0277 0824 Boot type: Normal boot 22:41:44.0277 0824 ============================================================ 22:41:45.0264 0824 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type ‘K0’, Flags 0x00000050 22:41:45.0321 0824 ============================================================ 22:41:45.0321 0824 \Device\Harddisk0\DR0: 22:41:45.0321 0824 MBR partitions: 22:41:45.0321 0824 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1F800, BlocksNum 0x1400000 22:41:45.0321 0824 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x141F800, BlocksNum 0x38F66000 22:41:45.0321 0824 ============================================================ 22:41:45.0353 0824 C: <-> \Device\Harddisk0\DR0\Partition1 22:41:45.0392 0824 D: <-> \Device\Harddisk0\DR0\Partition0 22:41:45.0393 0824 ============================================================ 22:41:45.0393 0824 Initialize success 22:41:45.0393 0824 ============================================================ 22:41:53.0879 3508 ============================================================ 22:41:53.0879 3508 Scan started 22:41:53.0879 3508 Mode: Manual; 22:41:53.0879 3508 ============================================================ 22:41:55.0140 3508 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys 22:41:55.0163 3508 ACPI - ok 22:41:55.0308 3508 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe 22:41:55.0309 3508 AdobeARMservice - ok 22:41:55.0405 3508 AdobeFlashPlayerUpdateSvc (f3cd7b20b27d1772c946df993ff3635c) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe 22:41:55.0410 3508 AdobeFlashPlayerUpdateSvc - ok 22:41:55.0508 3508 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys 22:41:55.0576 3508 adp94xx - ok 22:41:55.0637 3508 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys 22:41:55.0650 3508 adpahci - ok 22:41:55.0680 3508 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys 22:41:55.0683 3508 adpu160m - ok 22:41:55.0714 3508 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys 22:41:55.0717 3508 adpu320 - ok 22:41:55.0758 3508 AeLookupSvc (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll 22:41:55.0759 3508 AeLookupSvc - ok 22:41:55.0838 3508 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys 22:41:55.0845 3508 AFD - ok 22:41:55.0893 3508 agp440 (8b10ce1c1f9f1d47e4deb1a547a00cd4) C:\Windows\system32\drivers\agp440.sys 22:41:55.0894 3508 agp440 - ok 22:41:55.0944 3508 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys 22:41:55.0946 3508 aic78xx - ok 22:41:56.0011 3508 AlertService (cf86f64a1aea27e5fa97e697bf70346d) C:\Program Files\Intel\IntelDH\CCU\AlertService.exe 22:41:56.0014 3508 AlertService - ok 22:41:56.0048 3508 ALG (a1545b731579895d8cc44fc0481c1192) C:\Windows\System32\alg.exe 22:41:56.0050 3508 ALG - ok 22:41:56.0084 3508 aliide (dc67a153fdb8105b25d05334b5e1d8e2) C:\Windows\system32\drivers\aliide.sys 22:41:56.0085 3508 aliide - ok 22:41:56.0106 3508 amdagp (848f27e5b27c1c253f6cefdc1a5d8f21) C:\Windows\system32\drivers\amdagp.sys 22:41:56.0108 3508 amdagp - ok 22:41:56.0124 3508 amdide (835c4c3355088298a5ebd818fa31430f) C:\Windows\system32\drivers\amdide.sys 22:41:56.0125 3508 amdide - ok 22:41:56.0170 3508 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys 22:41:56.0171 3508 AmdK7 - ok 22:41:56.0207 3508 AmdK8 (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys 22:41:56.0209 3508 AmdK8 - ok 22:41:56.0259 3508 Appinfo (c6d704c7f0434dc791aac37cac4b6e14) C:\Windows\System32\appinfo.dll 22:41:56.0260 3508 Appinfo - ok 22:41:56.0339 3508 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 22:41:56.0341 3508 Apple Mobile Device - ok 22:41:56.0418 3508 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys 22:41:56.0420 3508 arc - ok 22:41:56.0454 3508 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys 22:41:56.0456 3508 arcsas - ok 22:41:56.0490 3508 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys 22:41:56.0491 3508 AsyncMac - ok 22:41:56.0522 3508 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys 22:41:56.0523 3508 atapi - ok 22:41:56.0598 3508 Ati External Event Utility (a98b419c1537457c12c5d42317550079) C:\Windows\system32\Ati2evxx.exe 22:41:56.0604 3508 Ati External Event Utility - ok 22:41:56.0853 3508 atikmdag (63fc6a312bb0fbbbf355cb5d4a1c7764) C:\Windows\system32\DRIVERS\atikmdag.sys 22:41:56.0885 3508 atikmdag - ok 22:41:57.0015 3508 AudioEndpointBuilder (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll 22:41:57.0029 3508 AudioEndpointBuilder - ok 22:41:57.0036 3508 Audiosrv (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll 22:41:57.0040 3508 Audiosrv - ok 22:41:57.0106 3508 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys 22:41:57.0107 3508 Beep - ok 22:41:57.0169 3508 BFE (c789af0f724fda5852fb9a7d3a432381) C:\Windows\System32\bfe.dll 22:41:57.0182 3508 BFE - ok 22:41:57.0286 3508 BITS (93952506c6d67330367f7e7934b6a02f) C:\Windows\system32\qmgr.dll 22:41:57.0297 3508 BITS - ok 22:41:57.0302 3508 blbdrive - ok 22:41:57.0424 3508 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe 22:41:57.0428 3508 Bonjour Service - ok 22:41:57.0464 3508 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys 22:41:57.0466 3508 bowser - ok 22:41:57.0523 3508 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys 22:41:57.0525 3508 BrFiltLo - ok 22:41:57.0548 3508 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys 22:41:57.0549 3508 BrFiltUp - ok 22:41:57.0612 3508 BridgeMP (b1564976d98e91fc764d5dc28a0297da) C:\Windows\system32\DRIVERS\bridge.sys 22:41:57.0615 3508 BridgeMP - ok 22:41:57.0658 3508 Browser (a3629a0c4226f9e9c72faaeebc3ad33c) C:\Windows\System32\browser.dll 22:41:57.0660 3508 Browser - ok 22:41:57.0704 3508 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys 22:41:57.0707 3508 Brserid - ok 22:41:57.0735 3508 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys 22:41:57.0737 3508 BrSerWdm - ok 22:41:57.0757 3508 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys 22:41:57.0758 3508 BrUsbMdm - ok 22:41:57.0774 3508 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys 22:41:57.0776 3508 BrUsbSer - ok 22:41:57.0823 3508 BthEnum (6d39c954799b63ba866910234cf7d726) C:\Windows\system32\DRIVERS\BthEnum.sys 22:41:57.0824 3508 BthEnum - ok 22:41:57.0866 3508 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys 22:41:57.0868 3508 BTHMODEM - ok 22:41:57.0914 3508 BthPan (5904efa25f829bf84ea6fb045134a1d8) C:\Windows\system32\DRIVERS\bthpan.sys 22:41:57.0917 3508 BthPan - ok 22:41:57.0999 3508 BTHPORT (611ff3f2f095c8d4a6d4cfd9dcc09793) C:\Windows\system32\Drivers\BTHport.sys 22:41:58.0024 3508 BTHPORT - ok 22:41:58.0063 3508 BthServ (a4c8377fa4a994e07075107dbe2e3dce) C:\Windows\System32\bthserv.dll 22:41:58.0065 3508 BthServ - ok 22:41:58.0103 3508 BTHUSB (d330803eab2a15caec7f011f1d4cb30e) C:\Windows\system32\Drivers\BTHUSB.sys 22:41:58.0104 3508 BTHUSB - ok 22:41:58.0215 3508 btwaudio (fc23e3a7ae18b02dcc1a34cbef3f80af) C:\Windows\system32\drivers\btwaudio.sys 22:41:58.0216 3508 btwaudio - ok 22:41:58.0226 3508 btwavdt (5e14c92763e51130bfb9a670afd7eddf) C:\Windows\system32\drivers\btwavdt.sys 22:41:58.0227 3508 btwavdt - ok 22:41:58.0346 3508 btwdins (cb3eba480beb1855fb63cdba5e406712) C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe 22:41:58.0382 3508 btwdins - ok 22:41:58.0431 3508 btwrchid (ac3fd5a3bbfa114098f75b80c4c1f3e7) C:\Windows\system32\DRIVERS\btwrchid.sys 22:41:58.0431 3508 btwrchid - ok 22:41:58.0567 3508 catchme - ok 22:41:58.0635 3508 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys 22:41:58.0637 3508 cdfs - ok 22:41:58.0678 3508 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys 22:41:58.0679 3508 cdrom - ok 22:41:58.0723 3508 CertPropSvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll 22:41:58.0725 3508 CertPropSvc - ok 22:41:58.0759 3508 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys 22:41:58.0760 3508 circlass - ok 22:41:58.0809 3508 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys 22:41:58.0825 3508 CLFS - ok 22:41:58.0888 3508 clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 22:41:58.0890 3508 clr_optimization_v2.0.50727_32 - ok 22:41:58.0987 3508 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 22:41:58.0998 3508 clr_optimization_v4.0.30319_32 - ok 22:41:59.0027 3508 cmdide (e79cbb2195e965f6e3256e2c1b23fd1c) C:\Windows\system32\drivers\cmdide.sys 22:41:59.0029 3508 cmdide - ok 22:41:59.0089 3508 Compbatt (722936afb75a7f509662b69b5632f48a) C:\Windows\system32\drivers\compbatt.sys 22:41:59.0131 3508 Compbatt - ok 22:41:59.0137 3508 COMSysApp - ok 22:41:59.0189 3508 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys 22:41:59.0190 3508 crcdisk - ok 22:41:59.0247 3508 Creative Service for CDROM Access (3c8b6609712f4ff78e521f6dcfc4032b) C:\Windows\system32\CTsvcCDA.exe 22:41:59.0248 3508 Creative Service for CDROM Access - ok 22:41:59.0278 3508 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys 22:41:59.0280 3508 Crusoe - ok 22:41:59.0328 3508 CryptSvc (75c6a297e364014840b48eccd7525e30) C:\Windows\system32\cryptsvc.dll 22:41:59.0330 3508 CryptSvc - ok 22:41:59.0372 3508 CTDevice_Srv (a5bea0e5c297f5f3835638a87e512fba) C:\Program Files\Creative\Shared Files\CTDevSrv.exe 22:41:59.0373 3508 CTDevice_Srv - ok 22:41:59.0425 3508 DcomLaunch (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll 22:41:59.0434 3508 DcomLaunch - ok 22:41:59.0490 3508 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys 22:41:59.0492 3508 DfsC - ok 22:41:59.0653 3508 DFSR (2cc3dcfb533a1035b13dcab6160ab38b) C:\Windows\system32\DFSR.exe 22:41:59.0703 3508 DFSR - ok 22:41:59.0855 3508 Dhcp (9028559c132146fb75eb7acf384b086a) C:\Windows\System32\dhcpcsvc.dll 22:41:59.0864 3508 Dhcp - ok 22:41:59.0916 3508 DHTRACE (2c56880d37785cf2c07b0309cebb0a7d) C:\Program Files\Common Files\Intel\IntelDH\bin\DHTraceController.exe 22:41:59.0917 3508 DHTRACE - ok 22:41:59.0971 3508 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys 22:41:59.0973 3508 disk - ok 22:42:00.0009 3508 Dnscache (57d762f6f5974af0da2be88a3349baaa) C:\Windows\System32\dnsrslvr.dll 22:42:00.0012 3508 Dnscache - ok 22:42:00.0045 3508 dot3svc (324fd74686b1ef5e7c19a8af49e748f6) C:\Windows\System32\dot3svc.dll 22:42:00.0055 3508 dot3svc - ok 22:42:00.0096 3508 DPS (a622e888f8aa2f6b49e9bc466f0e5def) C:\Windows\system32\dps.dll 22:42:00.0099 3508 DPS - ok 22:42:00.0118 3508 DQLWinService (28b42d80ce943a98c6bcea67263cbdff) C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe 22:42:00.0120 3508 DQLWinService - ok 22:42:00.0157 3508 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys 22:42:00.0158 3508 drmkaud - ok 22:42:00.0229 3508 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys 22:42:00.0236 3508 DXGKrnl - ok 22:42:00.0319 3508 e1express (04944f4fc4f0477185f5d26ae0ddb90e) C:\Windows\system32\DRIVERS\e1e6032.sys 22:42:00.0321 3508 e1express - ok 22:42:00.0364 3508 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys 22:42:00.0367 3508 E1G60 - ok 22:42:00.0421 3508 EapHost (c0b95e40d85cd807d614e264248a45b9) C:\Windows\System32\eapsvc.dll 22:42:00.0424 3508 EapHost - ok 22:42:00.0463 3508 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys 22:42:00.0474 3508 Ecache - ok 22:42:00.0513 3508 ehRecvr (9be3744d295a7701eb425332014f0797) C:\Windows\ehome\ehRecvr.exe 22:42:00.0528 3508 ehRecvr - ok 22:42:00.0568 3508 ehSched (ad1870c8e5d6dd340c829e6074bf3c3f) C:\Windows\ehome\ehsched.exe 22:42:00.0580 3508 ehSched - ok 22:42:00.0585 3508 ehstart (c27c4ee8926e74aa72efcab24c5242c3) C:\Windows\ehome\ehstart.dll 22:42:00.0586 3508 ehstart - ok 22:42:00.0635 3508 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys 22:42:00.0649 3508 elxstor - ok 22:42:00.0718 3508 EMDMgmt (4e6b23dfc917ea39306b529b773950f4) C:\Windows\system32\emdmgmt.dll 22:42:00.0732 3508 EMDMgmt - ok 22:42:00.0798 3508 EventSystem (67058c46504bc12d821f38cf99b7b28f) C:\Windows\system32\es.dll 22:42:00.0802 3508 EventSystem - ok 22:42:00.0850 3508 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys 22:42:00.0861 3508 exfat - ok 22:42:00.0896 3508 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys 22:42:00.0907 3508 fastfat - ok 22:42:00.0941 3508 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys 22:42:00.0942 3508 fdc - ok 22:42:00.0959 3508 fdPHost (6629b5f0e98151f4afdd87567ea32ba3) C:\Windows\system32\fdPHost.dll 22:42:00.0962 3508 fdPHost - ok 22:42:00.0985 3508 FDResPub (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll 22:42:00.0987 3508 FDResPub - ok 22:42:00.0996 3508 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys 22:42:00.0998 3508 FileInfo - ok 22:42:01.0035 3508 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys 22:42:01.0036 3508 Filetrace - ok 22:42:01.0058 3508 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys 22:42:01.0060 3508 flpydisk - ok 22:42:01.0108 3508 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys 22:42:01.0117 3508 FltMgr - ok 22:42:01.0213 3508 FontCache (8ce364388c8eca59b14b539179276d44) C:\Windows\system32\FntCache.dll 22:42:01.0230 3508 FontCache - ok 22:42:01.0327 3508 FontCache3.0.0.0 (c7fbdd1ed42f82bfa35167a5c9803ea3) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe 22:42:01.0329 3508 FontCache3.0.0.0 - ok 22:42:01.0440 3508 FreeAgentGoNext Service (9513b437b7adb1e6065b7f0d83d11ecf) C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe 22:42:01.0442 3508 FreeAgentGoNext Service - ok 22:42:01.0508 3508 fssfltr (d909075fa72c090f27aa926c32cb4612) C:\Windows\system32\DRIVERS\fssfltr.sys 22:42:01.0509 3508 fssfltr - ok 22:42:01.0718 3508 fsssvc (4ce9dac1518ff7e77bd213e6394b9d77) C:\Program Files\Windows Live\Family Safety\fsssvc.exe 22:42:01.0802 3508 fsssvc - ok 22:42:01.0950 3508 Fs_Rec (b972a66758577e0bfd1de0f91aaa27b5) C:\Windows\system32\drivers\Fs_Rec.sys 22:42:01.0951 3508 Fs_Rec - ok 22:42:01.0988 3508 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys 22:42:01.0990 3508 gagp30kx - ok 22:42:02.0029 3508 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\Drivers\GEARAspiWDM.sys 22:42:02.0029 3508 GEARAspiWDM - ok 22:42:02.0186 3508 GoogleDesktopManager (1c23ca2beb4fa0a92b87164c35212b11) C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe 22:42:02.0259 3508 GoogleDesktopManager - ok 22:42:02.0359 3508 gpsvc (cd5d0aeee35dfd4e986a5aa1500a6e66) C:\Windows\System32\gpsvc.dll 22:42:02.0382 3508 gpsvc - ok 22:42:02.0512 3508 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe 22:42:02.0515 3508 gupdate - ok 22:42:02.0541 3508 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe 22:42:02.0542 3508 gupdatem - ok 22:42:02.0548 3508 gusvc - ok 22:42:02.0609 3508 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys 22:42:02.0624 3508 HDAudBus - ok 22:42:02.0653 3508 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys 22:42:02.0655 3508 HidBth - ok 22:42:02.0691 3508 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys 22:42:02.0693 3508 HidIr - ok 22:42:02.0713 3508 hidserv (84067081f3318162797385e11a8f0582) C:\Windows\System32\hidserv.dll 22:42:02.0715 3508 hidserv - ok 22:42:02.0738 3508 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys 22:42:02.0740 3508 HidUsb - ok 22:42:02.0778 3508 hkmsvc (d8ad255b37da92434c26e4876db7d418) C:\Windows\system32\kmsvc.dll 22:42:02.0782 3508 hkmsvc - ok 22:42:02.0814 3508 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys 22:42:02.0815 3508 HpCISSs - ok 22:42:02.0976 3508 hpqcxs08 (58d4765ab87347db835d5693adf652c1) C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll 22:42:02.0984 3508 hpqcxs08 - ok 22:42:03.0038 3508 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys 22:42:03.0050 3508 HTTP - ok 22:42:03.0084 3508 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys 22:42:03.0086 3508 i2omp - ok 22:42:03.0168 3508 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys 22:42:03.0170 3508 i8042prt - ok 22:42:03.0241 3508 iaStor (997e8f5939f2d12cd9f2e6b395724c16) C:\Windows\system32\drivers\iastor.sys 22:42:03.0288 3508 iaStor - ok 22:42:03.0318 3508 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys 22:42:03.0327 3508 iaStorV - ok 22:42:03.0469 3508 IDriverT (6f95324909b502e2651442c1548ab12f) C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe 22:42:03.0471 3508 IDriverT - ok 22:42:03.0579 3508 idsvc (98477b08e61945f974ed9fdc4cb6bdab) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe 22:42:03.0600 3508 idsvc - ok 22:42:03.0717 3508 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys 22:42:03.0718 3508 iirsp - ok 22:42:03.0807 3508 IKEEXT (9908d8a397b76cd8d31d0d383c5773c9) C:\Windows\System32\ikeext.dll 22:42:03.0819 3508 IKEEXT - ok 22:42:03.0972 3508 IntcAzAudAddService (4eae74c8bcbca309a5d7cbad7e231427) C:\Windows\system32\drivers\RTKVHDA.sys 22:42:03.0983 3508 IntcAzAudAddService - ok 22:42:04.0066 3508 IntelDH (7f440f8ced849fcdfa85bb3521b4f048) C:\Windows\system32\Drivers\IntelDH.sys 22:42:04.0067 3508 IntelDH - ok 22:42:04.0073 3508 intelide (0084046c084d68e494f8cf36bcf08186) C:\Windows\system32\DRIVERS\intelide.sys 22:42:04.0074 3508 intelide - ok 22:42:04.0107 3508 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys 22:42:04.0108 3508 intelppm - ok 22:42:04.0140 3508 IPBusEnum (9ac218c6e6105477484c6fdbe7d409a4) C:\Windows\system32\ipbusenum.dll 22:42:04.0142 3508 IPBusEnum - ok 22:42:04.0285 3508 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys 22:42:04.0310 3508 IpFilterDriver - ok 22:42:04.0377 3508 iphlpsvc (1998bd97f950680bb55f55a7244679c2) C:\Windows\System32\iphlpsvc.dll 22:42:04.0386 3508 iphlpsvc - ok 22:42:04.0390 3508 IpInIp - ok 22:42:04.0428 3508 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys 22:42:04.0430 3508 IPMIDRV - ok 22:42:04.0486 3508 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys 22:42:04.0489 3508 IPNAT - ok 22:42:04.0648 3508 iPod Service (57edb35ea2feca88f8b17c0c095c9a56) C:\Program Files\iPod\bin\iPodService.exe 22:42:04.0656 3508 iPod Service - ok 22:42:04.0717 3508 irda (e50a95179211b12946f7e035d60af560) C:\Windows\system32\DRIVERS\irda.sys 22:42:04.0720 3508 irda - ok 22:42:04.0760 3508 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys 22:42:04.0761 3508 IRENUM - ok 22:42:04.0810 3508 Irmon (cbb0d940221a281bcfeaea695bd1cda5) C:\Windows\System32\irmon.dll 22:42:04.0813 3508 Irmon - ok 22:42:04.0834 3508 isapnp (2f8ece2699e7e2070545e9b0960a8ed2) C:\Windows\system32\drivers\isapnp.sys 22:42:04.0837 3508 isapnp - ok 22:42:04.0879 3508 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys 22:42:04.0881 3508 iScsiPrt - ok 22:42:04.0969 3508 ISSM (50adb2883f8874aa6632a67cd410f27f) C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe 22:42:04.0970 3508 ISSM - ok 22:42:05.0002 3508 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys 22:42:05.0004 3508 iteatapi - ok 22:42:05.0020 3508 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys 22:42:05.0022 3508 iteraid - ok 22:42:05.0068 3508 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys 22:42:05.0069 3508 kbdclass - ok 22:42:05.0101 3508 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys 22:42:05.0103 3508 kbdhid - ok 22:42:05.0142 3508 KeyIso (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe 22:42:05.0145 3508 KeyIso - ok 22:42:05.0207 3508 KSecDD (2b2f1638466e8cb091400c9019cc730e) C:\Windows\system32\Drivers\ksecdd.sys 22:42:05.0225 3508 KSecDD - ok 22:42:05.0301 3508 KtmRm (8078f8f8f7a79e2e6b494523a828c585) C:\Windows\system32\msdtckrm.dll 22:42:05.0314 3508 KtmRm - ok 22:42:05.0359 3508 LanmanServer (1bf5eebfd518dd7298434d8c862f825d) C:\Windows\System32\srvsvc.dll 22:42:05.0371 3508 LanmanServer - ok 22:42:05.0426 3508 LanmanWorkstation (1db69705b695b987082c8baec0c6b34f) C:\Windows\System32\wkssvc.dll 22:42:05.0436 3508 LanmanWorkstation - ok 22:42:05.0479 3508 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys 22:42:05.0480 3508 lltdio - ok 22:42:05.0529 3508 lltdsvc (2d5a428872f1442631d0959a34abff63) C:\Windows\System32\lltdsvc.dll 22:42:05.0539 3508 lltdsvc - ok 22:42:05.0599 3508 lmhosts (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll 22:42:05.0601 3508 lmhosts - ok 22:42:05.0639 3508 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys 22:42:05.0640 3508 LSI_FC - ok 22:42:05.0658 3508 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys 22:42:05.0660 3508 LSI_SAS - ok 22:42:05.0722 3508 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys 22:42:05.0724 3508 LSI_SCSI - ok 22:42:05.0766 3508 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys 22:42:05.0769 3508 luafv - ok 22:42:05.0863 3508 M1 Server (9a3741d5412ab81b86992915e3ecd3e9) C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe 22:42:05.0866 3508 M1 Server - ok 22:42:05.0904 3508 MCLServiceATL (6ad27b01272f966c9611a398961fcf15) C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe 22:42:05.0906 3508 MCLServiceATL - ok 22:42:05.0947 3508 Mcx2Svc (aef9babb8a506bc4ce0451a64aaded46) C:\Windows\system32\Mcx2Svc.dll 22:42:05.0951 3508 Mcx2Svc - ok 22:42:05.0966 3508 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys 22:42:05.0967 3508 megasas - ok 22:42:06.0014 3508 MMCSS (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll 22:42:06.0017 3508 MMCSS - ok 22:42:06.0065 3508 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys 22:42:06.0067 3508 Modem - ok 22:42:06.0112 3508 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys 22:42:06.0114 3508 monitor - ok 22:42:06.0147 3508 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys 22:42:06.0148 3508 mouclass - ok 22:42:06.0157 3508 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys 22:42:06.0158 3508 mouhid - ok 22:42:06.0178 3508 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys 22:42:06.0180 3508 MountMgr - ok 22:42:06.0218 3508 MpFilter (d993bea500e7382dc4e760bf4f35efcb) C:\Windows\system32\DRIVERS\MpFilter.sys 22:42:06.0228 3508 MpFilter - ok 22:42:06.0261 3508 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys 22:42:06.0263 3508 mpio - ok 22:42:06.0292 3508 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys 22:42:06.0294 3508 mpsdrv - ok 22:42:06.0343 3508 MpsSvc (5de62c6e9108f14f6794060a9bdecaec) C:\Windows\system32\mpssvc.dll 22:42:06.0362 3508 MpsSvc - ok 22:42:06.0395 3508 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys 22:42:06.0397 3508 Mraid35x - ok 22:42:06.0439 3508 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys 22:42:06.0442 3508 MRxDAV - ok 22:42:06.0484 3508 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys 22:42:06.0487 3508 mrxsmb - ok 22:42:06.0543 3508 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys 22:42:06.0551 3508 mrxsmb10 - ok 22:42:06.0560 3508 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys 22:42:06.0563 3508 mrxsmb20 - ok 22:42:06.0598 3508 msahci (d420bc42a637ac3cc4f411220549c0dc) C:\Windows\system32\drivers\msahci.sys 22:42:06.0599 3508 msahci - ok 22:42:06.0626 3508 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys 22:42:06.0628 3508 msdsm - ok 22:42:06.0676 3508 MSDTC (fd7520cc3a80c5fc8c48852bb24c6ded) C:\Windows\System32\msdtc.exe 22:42:06.0681 3508 MSDTC - ok 22:42:06.0731 3508 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys 22:42:06.0733 3508 Msfs - ok 22:42:06.0852 3508 MSIRCOMM (11756768993106dd07861096fb97cdb8) C:\Windows\system32\DRIVERS\MSIRCOMM.sys 22:42:06.0854 3508 MSIRCOMM - ok 22:42:06.0904 3508 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys 22:42:06.0905 3508 msisadrv - ok 22:42:06.0951 3508 MSiSCSI (85466c0757a23d9a9aecdc0755203cb2) C:\Windows\system32\iscsiexe.dll 22:42:06.0964 3508 MSiSCSI - ok 22:42:06.0989 3508 msiserver - ok 22:42:07.0039 3508 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys 22:42:07.0040 3508 MSKSSRV - ok 22:42:07.0141 3508 MsMpSvc (24516bf4e12a46cb67302e2cdcb8cddf) c:\Program Files\Microsoft Security Client\MsMpEng.exe 22:42:07.0142 3508 MsMpSvc - ok 22:42:07.0210 3508 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys 22:42:07.0212 3508 MSPCLOCK - ok 22:42:07.0274 3508 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys 22:42:07.0275 3508 MSPQM - ok 22:42:07.0318 3508 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys 22:42:07.0328 3508 MsRPC - ok 22:42:07.0374 3508 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys 22:42:07.0375 3508 mssmbios - ok 22:42:07.0426 3508 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys 22:42:07.0428 3508 MSTEE - ok 22:42:07.0435 3508 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys 22:42:07.0437 3508 Mup - ok 22:42:07.0492 3508 napagent (e4eaf0c5c1b41b5c83386cf212ca9584) C:\Windows\system32\qagentRT.dll 22:42:07.0507 3508 napagent - ok 22:42:07.0599 3508 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys 22:42:07.0602 3508 NativeWifiP - ok 22:42:08.0254 3508 NAUpdate (934bb0d23a25c8c136570800a5a149b6) C:\Program Files\Nero\Update\NASvc.exe 22:42:08.0261 3508 NAUpdate - ok 22:42:08.0430 3508 NBVol (0ae25530894a934c6ca600865c6e9d7c) C:\Windows\system32\DRIVERS\NBVol.sys 22:42:08.0450 3508 NBVol - ok 22:42:08.0493 3508 NBVolUp (1ddcef3039c9d90af3529dee6699967d) C:\Windows\system32\DRIVERS\NBVolUp.sys 22:42:08.0494 3508 NBVolUp - ok 22:42:08.0544 3508 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys 22:42:08.0548 3508 NDIS - ok 22:42:08.0630 3508 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys 22:42:08.0631 3508 NdisTapi - ok 22:42:08.0658 3508 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys 22:42:08.0659 3508 Ndisuio - ok 22:42:08.0679 3508 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys 22:42:08.0681 3508 NdisWan - ok 22:42:08.0695 3508 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys 22:42:08.0697 3508 NDProxy - ok 22:42:08.0713 3508 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys 22:42:08.0714 3508 NetBIOS - ok 22:42:08.0747 3508 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys 22:42:08.0756 3508 netbt - ok 22:42:08.0835 3508 Netlogon (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe 22:42:08.0837 3508 Netlogon - ok 22:42:09.0073 3508 Netman (c8052711daecc48b982434c5116ca401) C:\Windows\System32\netman.dll 22:42:09.0078 3508 Netman - ok 22:42:09.0221 3508 netprofm (2ef3bbe22e5a5acd1428ee387a0d0172) C:\Windows\System32\netprofm.dll 22:42:09.0273 3508 netprofm - ok 22:42:09.0518 3508 NetTcpPortSharing (d6c4e4a39a36029ac0813d476fbd0248) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe 22:42:09.0521 3508 NetTcpPortSharing - ok 22:42:09.0734 3508 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys 22:42:09.0736 3508 nfrd960 - ok 22:42:09.0783 3508 NisDrv (b52f26bade7d7e4a79706e3fd91834cd) C:\Windows\system32\DRIVERS\NisDrvWFP.sys 22:42:09.0785 3508 NisDrv - ok 22:42:09.0998 3508 NisSrv (290c0d4c4889398797f8df3be00b9698) c:\Program Files\Microsoft Security Client\NisSrv.exe 22:42:10.0003 3508 NisSrv - ok 22:42:10.0064 3508 NlaSvc (2997b15415f9bbe05b5a4c1c85e0c6a2) C:\Windows\System32\nlasvc.dll 22:42:10.0074 3508 NlaSvc - ok 22:42:10.0120 3508 NMSCore (5384d7a64e7b6011e98d68f69dcfc980) C:\Program Files\Common Files\Intel\IntelDH\NMS\NMSCore\NMSCore.exe 22:42:10.0124 3508 NMSCore - ok 22:42:10.0154 3508 nmsunidr (dfeabb7cfffadea4a912ab95bdc3177a) C:\Windows\system32\DRIVERS\nmsunidr.sys 22:42:10.0155 3508 nmsunidr - ok 22:42:10.0183 3508 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys 22:42:10.0184 3508 Npfs - ok 22:42:10.0204 3508 nsi (8bb86f0c7eea2bded6fe095d0b4ca9bd) C:\Windows\system32\nsisvc.dll 22:42:10.0208 3508 nsi - ok 22:42:10.0247 3508 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys 22:42:10.0249 3508 nsiproxy - ok 22:42:10.0350 3508 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys 22:42:10.0362 3508 Ntfs - ok 22:42:10.0435 3508 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys 22:42:10.0437 3508 ntrigdigi - ok 22:42:10.0467 3508 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys 22:42:10.0469 3508 Null - ok 22:42:10.0501 3508 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys 22:42:10.0504 3508 nvraid - ok 22:42:10.0518 3508 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys 22:42:10.0519 3508 nvstor - ok 22:42:10.0542 3508 nv_agp (055081fd5076401c1ee1bcab08d81911) C:\Windows\system32\drivers\nv_agp.sys 22:42:10.0545 3508 nv_agp - ok 22:42:10.0550 3508 NwlnkFlt - ok 22:42:10.0559 3508 NwlnkFwd - ok 22:42:10.0673 3508 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE 22:42:10.0684 3508 odserv - ok 22:42:10.0737 3508 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys 22:42:10.0739 3508 ohci1394 - ok 22:42:10.0781 3508 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE 22:42:10.0792 3508 ose - ok 22:42:10.0835 3508 p2pimsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll 22:42:10.0854 3508 p2pimsvc - ok 22:42:10.0866 3508 p2psvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll 22:42:10.0876 3508 p2psvc - ok 22:42:10.0908 3508 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys 22:42:10.0910 3508 Parport - ok 22:42:10.0953 3508 partmgr (b9c2b89f08670e159f7181891e449cd9) C:\Windows\system32\drivers\partmgr.sys 22:42:10.0955 3508 partmgr - ok 22:42:10.0988 3508 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys 22:42:10.0989 3508 Parvdm - ok 22:42:11.0035 3508 PcaSvc (c6276ad11f4bb49b58aa1ed88537f14a) C:\Windows\System32\pcasvc.dll 22:42:11.0039 3508 PcaSvc - ok 22:42:11.0074 3508 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys 22:42:11.0077 3508 pci - ok 22:42:11.0117 3508 pciide (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys 22:42:11.0119 3508 pciide - ok 22:42:11.0153 3508 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys 22:42:11.0164 3508 pcmcia - ok 22:42:11.0254 3508 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys 22:42:11.0276 3508 PEAUTH - ok 22:42:11.0415 3508 pla (b1689df169143f57053f795390c99db3) C:\Windows\system32\pla.dll 22:42:11.0450 3508 pla - ok 22:42:11.0578 3508 PlugPlay (c5e7f8a996ec0a82d508fd9064a5569e) C:\Windows\system32\umpnpmgr.dll 22:42:11.0584 3508 PlugPlay - ok 22:42:11.0656 3508 PNRPAutoReg (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll 22:42:11.0666 3508 PNRPAutoReg - ok 22:42:11.0678 3508 PNRPsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll 22:42:11.0688 3508 PNRPsvc - ok 22:42:11.0738 3508 PolicyAgent (d0494460421a03cd5225cca0059aa146) C:\Windows\System32\ipsecsvc.dll 22:42:11.0751 3508 PolicyAgent - ok 22:42:11.0774 3508 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys 22:42:11.0776 3508 PptpMiniport - ok 22:42:11.0818 3508 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys 22:42:11.0819 3508 Processor - ok 22:42:11.0860 3508 ProfSvc (0508faa222d28835310b7bfca7a77346) C:\Windows\system32\profsvc.dll 22:42:11.0870 3508 ProfSvc - ok 22:42:11.0938 3508 ProtectedStorage (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe 22:42:11.0941 3508 ProtectedStorage - ok 22:42:11.0967 3508 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys 22:42:11.0969 3508 PSched - ok 22:42:12.0069 3508 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys 22:42:12.0087 3508 ql2300 - ok 22:42:12.0117 3508 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys 22:42:12.0120 3508 ql40xx - ok 22:42:12.0262 3508 QualityManager (938a882b718866e24ca5f71dfc925866) C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\qualitymanager.exe 22:42:12.0302 3508 QualityManager - ok 22:42:12.0358 3508 QWAVE (e9ecae663f47e6cb43962d18ab18890f) C:\Windows\system32\qwave.dll 22:42:12.0374 3508 QWAVE - ok 22:42:12.0399 3508 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys 22:42:12.0400 3508 QWAVEdrv - ok 22:42:12.0602 3508 R300 (63fc6a312bb0fbbbf355cb5d4a1c7764) C:\Windows\system32\DRIVERS\atikmdag.sys 22:42:12.0635 3508 R300 - ok 22:42:12.0776 3508 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys 22:42:12.0778 3508 RasAcd - ok 22:42:12.0813 3508 RasAuto (f6a452eb4ceadbb51c9e0ee6b3ecef0f) C:\Windows\System32\rasauto.dll 22:42:12.0826 3508 RasAuto - ok 22:42:12.0859 3508 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys 22:42:12.0861 3508 Rasl2tp - ok 22:42:12.0897 3508 RasMan (75d47445d70ca6f9f894b032fbc64fcf) C:\Windows\System32\rasmans.dll 22:42:12.0913 3508 RasMan - ok 22:42:12.0944 3508 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys 22:42:12.0945 3508 RasPppoe - ok 22:42:12.0968 3508 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys 22:42:12.0970 3508 RasSstp - ok 22:42:13.0008 3508 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys 22:42:13.0016 3508 rdbss - ok 22:42:13.0038 3508 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys 22:42:13.0039 3508 RDPCDD - ok 22:42:13.0097 3508 rdpdr (0245418224cfa77bf4b41c2fe0622258) C:\Windows\system32\drivers\rdpdr.sys 22:42:13.0105 3508 rdpdr - ok 22:42:13.0112 3508 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys 22:42:13.0114 3508 RDPENCDD - ok 22:42:13.0170 3508 RDPWD (c127ebd5afab31524662c48dfceb773a) C:\Windows\system32\drivers\RDPWD.sys 22:42:13.0175 3508 RDPWD - ok 22:42:13.0327 3508 Remote UI Service (a8430231e1a06828210248c79755bf9c) C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe 22:42:13.0369 3508 Remote UI Service - ok 22:42:13.0429 3508 RemoteAccess (bcdd6b4804d06b1f7ebf29e53a57ece9) C:\Windows\System32\mprdim.dll 22:42:13.0432 3508 RemoteAccess - ok 22:42:13.0461 3508 RemoteRegistry (9e6894ea18daff37b63e1005f83ae4ab) C:\Windows\system32\regsvc.dll 22:42:13.0464 3508 RemoteRegistry - ok 22:42:13.0513 3508 RFCOMM (6482707f9f4da0ecbab43b2e0398a101) C:\Windows\system32\DRIVERS\rfcomm.sys 22:42:13.0521 3508 RFCOMM - ok 22:42:13.0540 3508 RpcLocator (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe 22:42:13.0542 3508 RpcLocator - ok 22:42:13.0577 3508 RpcSs (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll 22:42:13.0582 3508 RpcSs - ok 22:42:13.0617 3508 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys 22:42:13.0619 3508 rspndr - ok 22:42:13.0622 3508 RTL8187 - ok 22:42:13.0697 3508 SamSs (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe 22:42:13.0699 3508 SamSs - ok 22:42:13.0742 3508 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys 22:42:13.0744 3508 sbp2port - ok 22:42:13.0790 3508 SCardSvr (77b7a11a0c3d78d3386398fbbea1b632) C:\Windows\System32\SCardSvr.dll 22:42:13.0803 3508 SCardSvr - ok 22:42:13.0914 3508 Schedule (1a58069db21d05eb2ab58ee5753ebe8d) C:\Windows\system32\schedsvc.dll 22:42:13.0922 3508 Schedule - ok 22:42:13.0955 3508 SCPolicySvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll 22:42:13.0956 3508 SCPolicySvc - ok 22:42:13.0976 3508 SDRSVC (716313d9f6b0529d03f726d5aaf6f191) C:\Windows\System32\SDRSVC.dll 22:42:13.0989 3508 SDRSVC - ok 22:42:14.0022 3508 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys 22:42:14.0023 3508 secdrv - ok 22:42:14.0056 3508 seclogon (fd5199d4d8a521005e4b5ee7fe00fa9b) C:\Windows\system32\seclogon.dll 22:42:14.0060 3508 seclogon - ok 22:42:14.0075 3508 SENS (a9bbab5759771e523f55563d6cbe140f) C:\Windows\system32\sens.dll 22:42:14.0079 3508 SENS - ok 22:42:14.0106 3508 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys 22:42:14.0107 3508 Serenum - ok 22:42:14.0131 3508 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys 22:42:14.0133 3508 Serial - ok 22:42:14.0186 3508 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys 22:42:14.0188 3508 sermouse - ok 22:42:14.0278 3508 SessionEnv (d2193326f729b163125610dbf3e17d57) C:\Windows\system32\sessenv.dll 22:42:14.0291 3508 SessionEnv - ok 22:42:14.0330 3508 sffdisk (51cf56aa8bcc241f134b420b8f850406) C:\Windows\system32\drivers\sffdisk.sys 22:42:14.0331 3508 sffdisk - ok 22:42:14.0345 3508 sffp_mmc (96ded8b20c734ac41641ce275250e55d) C:\Windows\system32\drivers\sffp_mmc.sys 22:42:14.0346 3508 sffp_mmc - ok 22:42:14.0356 3508 sffp_sd (8b08cab1267b2c377883fc9e56981f90) C:\Windows\system32\drivers\sffp_sd.sys 22:42:14.0358 3508 sffp_sd - ok 22:42:14.0374 3508 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys 22:42:14.0375 3508 sfloppy - ok 22:42:14.0424 3508 SharedAccess (e1499bd0ff76b1b2fbbf1af339d91165) C:\Windows\System32\ipnathlp.dll 22:42:14.0439 3508 SharedAccess - ok 22:42:14.0480 3508 ShellHWDetection (c7230fbee14437716701c15be02c27b8) C:\Windows\System32\shsvcs.dll 22:42:14.0486 3508 ShellHWDetection - ok 22:42:14.0519 3508 sisagp (08072b2fb92477fc813271a84b3a8698) C:\Windows\system32\drivers\sisagp.sys 22:42:14.0521 3508 sisagp - ok 22:42:14.0537 3508 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys 22:42:14.0539 3508 SiSRaid2 - ok 22:42:14.0556 3508 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys 22:42:14.0558 3508 SiSRaid4 - ok 22:42:14.0789 3508 slsvc (862bb4cbc05d80c5b45be430e5ef872f) C:\Windows\system32\SLsvc.exe 22:42:14.0872 3508 slsvc - ok 22:42:15.0008 3508 SLUINotify (6edc422215cd78aa8a9cde6b30abbd35) C:\Windows\system32\SLUINotify.dll 22:42:15.0014 3508 SLUINotify - ok 22:42:15.0053 3508 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys 22:42:15.0055 3508 Smb - ok 22:42:15.0139 3508 SMServer (780148180239ce7e2784a0c0d81cab46) C:\Windows\system32\snmvtsvc.exe 22:42:15.0147 3508 SMServer - ok 22:42:15.0198 3508 SndTAudio (9b0d0dabc36895c72a047a5ad98da735) C:\Windows\system32\drivers\SndTAudio.sys 22:42:15.0199 3508 SndTAudio - ok 22:42:15.0220 3508 SNMPTRAP (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe 22:42:15.0223 3508 SNMPTRAP - ok 22:42:15.0254 3508 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys 22:42:15.0256 3508 spldr - ok 22:42:15.0331 3508 Spooler (8554097e5136c3bf9f69fe578a1b35f4) C:\Windows\System32\spoolsv.exe 22:42:15.0334 3508 Spooler - ok 22:42:15.0416 3508 sptd (71e276f6d189413266ea22171806597b) C:\Windows\system32\Drivers\sptd.sys 22:42:15.0417 3508 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 71e276f6d189413266ea22171806597b 22:42:15.0418 3508 sptd ( LockedFile.Multi.Generic ) - warning 22:42:15.0418 3508 sptd - detected LockedFile.Multi.Generic (1) 22:42:15.0466 3508 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys 22:42:15.0480 3508 srv - ok 22:42:15.0544 3508 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys 22:42:15.0555 3508 srv2 - ok 22:42:15.0605 3508 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys 22:42:15.0607 3508 srvnet - ok 22:42:15.0618 3508 SSDPSRV (03d50b37234967433a5ea5ba72bc0b62) C:\Windows\System32\ssdpsrv.dll 22:42:15.0623 3508 SSDPSRV - ok 22:42:15.0717 3508 SstpSvc (6f1a32e7b7b30f004d9a20afadb14944) C:\Windows\system32\sstpsvc.dll 22:42:15.0722 3508 SstpSvc - ok 22:42:15.0787 3508 stisvc (5de7d67e49b88f5f07f3e53c4b92a352) C:\Windows\System32\wiaservc.dll 22:42:15.0793 3508 stisvc - ok 22:42:15.0821 3508 stllssvr - ok 22:42:15.0878 3508 STSService (5305d3c2c872c3e765a3c913dccc7fb4) C:\Program Files\SoundTaxi Media Suite\STSService.exe 22:42:15.0892 3508 STSService - ok 22:42:15.0964 3508 stusb2ir (b64796dcb518e7093814d931ec8ec07b) C:\Windows\system32\DRIVERS\stusb2ir.sys 22:42:15.0966 3508 stusb2ir - ok 22:42:16.0008 3508 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys 22:42:16.0009 3508 swenum - ok 22:42:16.0051 3508 swprv (f21fd248040681cca1fb6c9a03aaa93d) C:\Windows\System32\swprv.dll 22:42:16.0065 3508 swprv - ok 22:42:16.0105 3508 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys 22:42:16.0107 3508 Symc8xx - ok 22:42:16.0130 3508 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys 22:42:16.0132 3508 Sym_hi - ok 22:42:16.0149 3508 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys 22:42:16.0150 3508 Sym_u3 - ok 22:42:16.0221 3508 SysMain (9a51b04e9886aa4ee90093586b0ba88d) C:\Windows\system32\sysmain.dll 22:42:16.0276 3508 SysMain - ok 22:42:16.0314 3508 TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll 22:42:16.0328 3508 TabletInputService - ok 22:42:16.0363 3508 TapiSrv (d7673e4b38ce21ee54c59eeeb65e2483) C:\Windows\System32\tapisrv.dll 22:42:16.0369 3508 TapiSrv - ok 22:42:16.0399 3508 tbhsd (ea02d11234c29e3af778081498072131) C:\Windows\system32\drivers\tbhsd.sys 22:42:16.0400 3508 tbhsd - ok 22:42:16.0438 3508 TBS (cb05822cd9cc6c688168e113c603dbe7) C:\Windows\System32\tbssvc.dll 22:42:16.0443 3508 TBS - ok 22:42:16.0535 3508 Tcpip (ee7e10bed85c312c1d5d30c435bdda9f) C:\Windows\system32\drivers\tcpip.sys 22:42:16.0544 3508 Tcpip - ok 22:42:16.0561 3508 Tcpip6 (ee7e10bed85c312c1d5d30c435bdda9f) C:\Windows\system32\DRIVERS\tcpip.sys 22:42:16.0571 3508 Tcpip6 - ok 22:42:16.0615 3508 tcpipreg (2c2d4cff5e09c73908f9b5af49a51365) C:\Windows\system32\drivers\tcpipreg.sys 22:42:16.0616 3508 tcpipreg - ok 22:42:16.0657 3508 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys 22:42:16.0659 3508 TDPIPE - ok 22:42:16.0681 3508 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys 22:42:16.0683 3508 TDTCP - ok 22:42:16.0724 3508 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys 22:42:16.0726 3508 tdx - ok 22:42:16.0759 3508 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys 22:42:16.0760 3508 TermDD - ok 22:42:16.0810 3508 TermService (bb95da09bef6e7a131bff3ba5032090d) C:\Windows\System32\termsrv.dll 22:42:16.0818 3508 TermService - ok 22:42:16.0862 3508 Themes (c7230fbee14437716701c15be02c27b8) C:\Windows\system32\shsvcs.dll 22:42:16.0868 3508 Themes - ok 22:42:16.0884 3508 THREADORDER (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll 22:42:16.0887 3508 THREADORDER - ok 22:42:16.0907 3508 TrkWks (ec74e77d0eb004bd3a809b5f8fb8c2ce) C:\Windows\System32\trkwks.dll 22:42:16.0913 3508 TrkWks - ok 22:42:16.0956 3508 TrustedInstaller (97d9d6a04e3ad9b6c626b9931db78dba) C:\Windows\servicing\TrustedInstaller.exe 22:42:16.0957 3508 TrustedInstaller - ok 22:42:17.0080 3508 TSHWMDTCP (b56368b25a51cebda77e6b20764f07f2) C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\TSHWMDTCP.sys 22:42:17.0081 3508 TSHWMDTCP - ok 22:42:17.0108 3508 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys 22:42:17.0109 3508 tssecsrv - ok 22:42:17.0159 3508 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys 22:42:17.0160 3508 tunmp - ok 22:42:17.0176 3508 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys 22:42:17.0177 3508 tunnel - ok 22:42:17.0219 3508 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys 22:42:17.0221 3508 uagp35 - ok 22:42:17.0298 3508 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys 22:42:17.0314 3508 udfs - ok 22:42:17.0374 3508 UI0Detect (ecef404f62863755951e09c802c94ad5) C:\Windows\system32\UI0Detect.exe 22:42:17.0379 3508 UI0Detect - ok 22:42:17.0409 3508 uliagpkx (6d72ef05921abdf59fc45c7ebfe7e8dd) C:\Windows\system32\drivers\uliagpkx.sys 22:42:17.0411 3508 uliagpkx - ok 22:42:17.0441 3508 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys 22:42:17.0449 3508 uliahci - ok 22:42:17.0467 3508 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys 22:42:17.0470 3508 UlSata - ok 22:42:17.0492 3508 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys 22:42:17.0495 3508 ulsata2 - ok 22:42:17.0538 3508 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys 22:42:17.0540 3508 umbus - ok 22:42:17.0580 3508 upnphost (68308183f4ae0be7bf8ecd07cb297999) C:\Windows\System32\upnphost.dll 22:42:17.0586 3508 upnphost - ok 22:42:17.0654 3508 USBAAPL (eafe1e00739afe6c51487a050e772e17) C:\Windows\system32\Drivers\usbaapl.sys 22:42:17.0656 3508 USBAAPL - ok 22:42:17.0728 3508 usbaudio (32db9517628ff0d070682aab61e688f0) C:\Windows\system32\drivers\usbaudio.sys 22:42:17.0731 3508 usbaudio - ok 22:42:17.0760 3508 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys 22:42:17.0762 3508 usbccgp - ok 22:42:17.0795 3508 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys 22:42:17.0797 3508 usbcir - ok 22:42:17.0835 3508 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys 22:42:17.0837 3508 usbehci - ok 22:42:17.0862 3508 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys 22:42:17.0871 3508 usbhub - ok 22:42:17.0906 3508 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys 22:42:17.0907 3508 usbohci - ok 22:42:17.0938 3508 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys 22:42:17.0940 3508 usbprint - ok 22:42:17.0974 3508 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys 22:42:17.0976 3508 usbscan - ok 22:42:17.0996 3508 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS 22:42:17.0998 3508 USBSTOR - ok 22:42:18.0034 3508 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys 22:42:18.0035 3508 usbuhci - ok 22:42:18.0067 3508 UxSms (1509e705f3ac1d474c92454a5c2dd81f) C:\Windows\System32\uxsms.dll 22:42:18.0072 3508 UxSms - ok 22:42:18.0121 3508 vds (cd88d1b7776dc17a119049742ec07eb4) C:\Windows\System32\vds.exe 22:42:18.0141 3508 vds - ok 22:42:18.0178 3508 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys 22:42:18.0180 3508 vga - ok 22:42:18.0228 3508 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys 22:42:18.0230 3508 VgaSave - ok 22:42:18.0269 3508 viaagp (d5929a28bdff4367a12caf06af901971) C:\Windows\system32\drivers\viaagp.sys 22:42:18.0271 3508 viaagp - ok 22:42:18.0296 3508 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys 22:42:18.0298 3508 ViaC7 - ok 22:42:18.0327 3508 viaide (f3b4762eb85a2aff4999401f14c3262b) C:\Windows\system32\drivers\viaide.sys 22:42:18.0329 3508 viaide - ok 22:42:18.0376 3508 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys 22:42:18.0378 3508 volmgr - ok 22:42:18.0423 3508 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys 22:42:18.0438 3508 volmgrx - ok 22:42:18.0458 3508 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys 22:42:18.0462 3508 volsnap - ok 22:42:18.0489 3508 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys 22:42:18.0492 3508 vsmraid - ok 22:42:18.0576 3508 VSS (db3d19f850c6eb32bdcb9bc0836acddb) C:\Windows\system32\vssvc.exe 22:42:18.0603 3508 VSS - ok 22:42:18.0688 3508 W32Time (96ea68b9eb310a69c25ebb0282b2b9de) C:\Windows\system32\w32time.dll 22:42:18.0695 3508 W32Time - ok 22:42:18.0750 3508 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys 22:42:18.0751 3508 WacomPen - ok 22:42:18.0801 3508 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys 22:42:18.0803 3508 Wanarp - ok 22:42:18.0816 3508 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys 22:42:18.0818 3508 Wanarpv6 - ok 22:42:18.0857 3508 wcncsvc (a3cd60fd826381b49f03832590e069af) C:\Windows\System32\wcncsvc.dll 22:42:18.0876 3508 wcncsvc - ok 22:42:18.0900 3508 WcsPlugInService (11bcb7afcdd7aadacb5746f544d3a9c7) C:\Windows\System32\WcsPlugInService.dll 22:42:18.0904 3508 WcsPlugInService - ok 22:42:18.0940 3508 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys 22:42:18.0941 3508 Wd - ok 22:42:19.0034 3508 WDC_SAM (d6efaf429fd30c5df613d220e344cce7) C:\Windows\system32\DRIVERS\wdcsam.sys 22:42:19.0035 3508 WDC_SAM - ok 22:42:19.0175 3508 WDDMService (7d1e301e2eeaf6d3730887de933413e6) C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe 22:42:19.0176 3508 WDDMService - ok 22:42:19.0228 3508 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys 22:42:19.0286 3508 Wdf01000 - ok 22:42:19.0313 3508 WdiServiceHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll 22:42:19.0318 3508 WdiServiceHost - ok 22:42:19.0322 3508 WdiSystemHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll 22:42:19.0326 3508 WdiSystemHost - ok 22:42:19.0359 3508 WDSmartWareBackgroundService (138ab06adbbf300aa804d7974a5aec82) C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe 22:42:19.0360 3508 WDSmartWareBackgroundService - ok 22:42:19.0379 3508 WebClient (04c37d8107320312fbae09926103d5e2) C:\Windows\System32\webclnt.dll 22:42:19.0389 3508 WebClient - ok 22:42:19.0435 3508 Wecsvc (ae3736e7e8892241c23e4ebbb7453b60) C:\Windows\system32\wecsvc.dll 22:42:19.0446 3508 Wecsvc - ok 22:42:19.0462 3508 wercplsupport (670ff720071ed741206d69bd995ea453) C:\Windows\System32\wercplsupport.dll 22:42:19.0466 3508 wercplsupport - ok 22:42:19.0487 3508 WerSvc (32b88481d3b326da6deb07b1d03481e7) C:\Windows\System32\WerSvc.dll 22:42:19.0492 3508 WerSvc - ok 22:42:19.0527 3508 WinDefend (4575aa12561c5648483403541d0d7f2b) C:\Program Files\Windows Defender\mpsvc.dll 22:42:19.0558 3508 WinDefend - ok 22:42:19.0565 3508 WinHttpAutoProxySvc - ok 22:42:19.0610 3508 Winmgmt (6b2a1d0e80110e3d04e6863c6e62fd8a) C:\Windows\system32\wbem\WMIsvc.dll 22:42:19.0620 3508 Winmgmt - ok 22:42:19.0731 3508 WinRM (7cfe68bdc065e55aa5e8421607037511) C:\Windows\system32\WsmSvc.dll 22:42:19.0768 3508 WinRM - ok 22:42:19.0826 3508 Wlansvc (c008405e4feeb069e30da1d823910234) C:\Windows\System32\wlansvc.dll 22:42:19.0842 3508 Wlansvc - ok 22:42:20.0046 3508 wlidsvc (0a70f4022ec2e14c159efc4f69aa2477) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 22:42:20.0064 3508 wlidsvc - ok 22:42:20.0186 3508 WmiAcpi (17eac0d023a65fa9b02114cc2baacad5) C:\Windows\system32\drivers\wmiacpi.sys 22:42:20.0188 3508 WmiAcpi - ok 22:42:20.0261 3508 wmiApSrv (43be3875207dcb62a85c8c49970b66cc) C:\Windows\system32\wbem\WmiApSrv.exe 22:42:20.0272 3508 wmiApSrv - ok 22:42:20.0388 3508 WMPNetworkSvc (3978704576a121a9204f8cc49a301a9b) C:\Program Files\Windows Media Player\wmpnetwk.exe 22:42:20.0405 3508 WMPNetworkSvc - ok 22:42:20.0463 3508 WPCSvc (cfc5a04558f5070cee3e3a7809f3ff52) C:\Windows\System32\wpcsvc.dll 22:42:20.0475 3508 WPCSvc - ok 22:42:20.0510 3508 WPDBusEnum (801fbdb89d472b3c467eb112a0fc9246) C:\Windows\system32\wpdbusenum.dll 22:42:20.0524 3508 WPDBusEnum - ok 22:42:20.0580 3508 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys 22:42:20.0582 3508 WpdUsb - ok 22:42:20.0762 3508 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe 22:42:20.0779 3508 WPFFontCache_v0400 - ok 22:42:20.0821 3508 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys 22:42:20.0822 3508 ws2ifsl - ok 22:42:20.0861 3508 wscsvc (1ca6c40261ddc0425987980d0cd2aaab) C:\Windows\system32\wscsvc.dll 22:42:20.0864 3508 wscsvc - ok 22:42:20.0869 3508 WSearch - ok 22:42:20.0995 3508 wuauserv (6298277b73c77fa99106b271a7525163) C:\Windows\system32\wuaueng.dll 22:42:21.0029 3508 wuauserv - ok 22:42:21.0133 3508 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys 22:42:21.0135 3508 WUDFRd - ok 22:42:21.0165 3508 wudfsvc (575a4190d989f64732119e4114045a4f) C:\Windows\System32\WUDFSvc.dll 22:42:21.0169 3508 wudfsvc - ok 22:42:21.0219 3508 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0 22:42:21.0443 3508 \Device\Harddisk0\DR0 - ok 22:42:21.0477 3508 Boot (0x1200) (377e95c0d72c8675ce479a8372b1b765) \Device\Harddisk0\DR0\Partition0 22:42:21.0478 3508 \Device\Harddisk0\DR0\Partition0 - ok 22:42:21.0482 3508 Boot (0x1200) (8d1e69ad7da21524fd5d501806b3e063) \Device\Harddisk0\DR0\Partition1 22:42:21.0484 3508 \Device\Harddisk0\DR0\Partition1 - ok 22:42:21.0485 3508 ============================================================ 22:42:21.0486 3508 Scan finished 22:42:21.0486 3508 ============================================================ 22:42:21.0505 2536 Detected object count: 1 22:42:21.0505 2536 Actual detected object count: 1 22:45:52.0750 2536 sptd ( LockedFile.Multi.Generic ) - skipped by user 22:45:52.0750 2536 sptd ( LockedFile.Multi.Generic ) - User select action: Skip 22:46:17.0650 2656 ============================================================ 22:46:17.0650 2656 Scan started 22:46:17.0650 2656 Mode: Manual; TDLFS;
[ Ignorer ] [ # 10 ] abba54
14.06.2012 22:59:22 Antal indlæg: 72	Anden afdeling af TDSKILLER her: 2:46:17.0650 2656 ============================================================ 22:46:18.0180 2656 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys 22:46:18.0182 2656 ACPI - ok 22:46:18.0299 2656 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe 22:46:18.0300 2656 AdobeARMservice - ok 22:46:18.0396 2656 AdobeFlashPlayerUpdateSvc (f3cd7b20b27d1772c946df993ff3635c) C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe 22:46:18.0399 2656 AdobeFlashPlayerUpdateSvc - ok 22:46:18.0482 2656 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys 22:46:18.0485 2656 adp94xx - ok 22:46:18.0520 2656 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys 22:46:18.0523 2656 adpahci - ok 22:46:18.0547 2656 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys 22:46:18.0548 2656 adpu160m - ok 22:46:18.0573 2656 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys 22:46:18.0574 2656 adpu320 - ok 22:46:18.0625 2656 AeLookupSvc (9d1fda9e086ba64e3c93c9de32461bcf) C:\Windows\System32\aelupsvc.dll 22:46:18.0626 2656 AeLookupSvc - ok 22:46:18.0679 2656 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys 22:46:18.0682 2656 AFD - ok 22:46:18.0710 2656 agp440 (8b10ce1c1f9f1d47e4deb1a547a00cd4) C:\Windows\system32\drivers\agp440.sys 22:46:18.0711 2656 agp440 - ok 22:46:18.0728 2656 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys 22:46:18.0729 2656 aic78xx - ok 22:46:18.0795 2656 AlertService (cf86f64a1aea27e5fa97e697bf70346d) C:\Program Files\Intel\IntelDH\CCU\AlertService.exe 22:46:18.0798 2656 AlertService - ok 22:46:18.0832 2656 ALG (a1545b731579895d8cc44fc0481c1192) C:\Windows\System32\alg.exe 22:46:18.0833 2656 ALG - ok 22:46:18.0859 2656 aliide (dc67a153fdb8105b25d05334b5e1d8e2) C:\Windows\system32\drivers\aliide.sys 22:46:18.0860 2656 aliide - ok 22:46:18.0881 2656 amdagp (848f27e5b27c1c253f6cefdc1a5d8f21) C:\Windows\system32\drivers\amdagp.sys 22:46:18.0882 2656 amdagp - ok 22:46:18.0899 2656 amdide (835c4c3355088298a5ebd818fa31430f) C:\Windows\system32\drivers\amdide.sys 22:46:18.0900 2656 amdide - ok 22:46:18.0921 2656 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys 22:46:18.0922 2656 AmdK7 - ok 22:46:18.0933 2656 AmdK8 (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys 22:46:18.0934 2656 AmdK8 - ok 22:46:18.0968 2656 Appinfo (c6d704c7f0434dc791aac37cac4b6e14) C:\Windows\System32\appinfo.dll 22:46:18.0969 2656 Appinfo - ok 22:46:19.0032 2656 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 22:46:19.0034 2656 Apple Mobile Device - ok 22:46:19.0069 2656 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys 22:46:19.0070 2656 arc - ok 22:46:19.0105 2656 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys 22:46:19.0106 2656 arcsas - ok 22:46:19.0125 2656 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys 22:46:19.0125 2656 AsyncMac - ok 22:46:19.0147 2656 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys 22:46:19.0148 2656 atapi - ok 22:46:19.0199 2656 Ati External Event Utility (a98b419c1537457c12c5d42317550079) C:\Windows\system32\Ati2evxx.exe 22:46:19.0206 2656 Ati External Event Utility - ok 22:46:19.0396 2656 atikmdag (63fc6a312bb0fbbbf355cb5d4a1c7764) C:\Windows\system32\DRIVERS\atikmdag.sys 22:46:19.0428 2656 atikmdag - ok 22:46:19.0558 2656 AudioEndpointBuilder (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll 22:46:19.0562 2656 AudioEndpointBuilder - ok 22:46:19.0569 2656 Audiosrv (68e2a1a0407a66cf50da0300852424ab) C:\Windows\System32\Audiosrv.dll 22:46:19.0573 2656 Audiosrv - ok 22:46:19.0624 2656 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys 22:46:19.0625 2656 Beep - ok 22:46:19.0671 2656 BFE (c789af0f724fda5852fb9a7d3a432381) C:\Windows\System32\bfe.dll 22:46:19.0674 2656 BFE - ok 22:46:19.0746 2656 BITS (93952506c6d67330367f7e7934b6a02f) C:\Windows\system32\qmgr.dll 22:46:19.0757 2656 BITS - ok 22:46:19.0762 2656 blbdrive - ok 22:46:19.0868 2656 Bonjour Service (db5bea73edaf19ac68b2c0fad0f92b1a) C:\Program Files\Bonjour\mDNSResponder.exe 22:46:19.0872 2656 Bonjour Service - ok 22:46:19.0907 2656 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys 22:46:19.0909 2656 bowser - ok 22:46:19.0950 2656 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys 22:46:19.0951 2656 BrFiltLo - ok 22:46:19.0975 2656 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys 22:46:19.0976 2656 BrFiltUp - ok 22:46:20.0023 2656 BridgeMP (b1564976d98e91fc764d5dc28a0297da) C:\Windows\system32\DRIVERS\bridge.sys 22:46:20.0024 2656 BridgeMP - ok 22:46:20.0069 2656 Browser (a3629a0c4226f9e9c72faaeebc3ad33c) C:\Windows\System32\browser.dll 22:46:20.0070 2656 Browser - ok 22:46:20.0098 2656 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys 22:46:20.0100 2656 Brserid - ok 22:46:20.0129 2656 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys 22:46:20.0130 2656 BrSerWdm - ok 22:46:20.0151 2656 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys 22:46:20.0152 2656 BrUsbMdm - ok 22:46:20.0168 2656 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys 22:46:20.0169 2656 BrUsbSer - ok 22:46:20.0209 2656 BthEnum (6d39c954799b63ba866910234cf7d726) C:\Windows\system32\DRIVERS\BthEnum.sys 22:46:20.0209 2656 BthEnum - ok 22:46:20.0236 2656 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys 22:46:20.0236 2656 BTHMODEM - ok 22:46:20.0284 2656 BthPan (5904efa25f829bf84ea6fb045134a1d8) C:\Windows\system32\DRIVERS\bthpan.sys 22:46:20.0285 2656 BthPan - ok 22:46:20.0377 2656 BTHPORT (611ff3f2f095c8d4a6d4cfd9dcc09793) C:\Windows\system32\Drivers\BTHport.sys 22:46:20.0383 2656 BTHPORT - ok 22:46:20.0424 2656 BthServ (a4c8377fa4a994e07075107dbe2e3dce) C:\Windows\System32\bthserv.dll 22:46:20.0425 2656 BthServ - ok 22:46:20.0458 2656 BTHUSB (d330803eab2a15caec7f011f1d4cb30e) C:\Windows\system32\Drivers\BTHUSB.sys 22:46:20.0459 2656 BTHUSB - ok 22:46:20.0518 2656 btwaudio (fc23e3a7ae18b02dcc1a34cbef3f80af) C:\Windows\system32\drivers\btwaudio.sys 22:46:20.0519 2656 btwaudio - ok 22:46:20.0537 2656 btwavdt (5e14c92763e51130bfb9a670afd7eddf) C:\Windows\system32\drivers\btwavdt.sys 22:46:20.0539 2656 btwavdt - ok 22:46:20.0634 2656 btwdins (cb3eba480beb1855fb63cdba5e406712) C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe 22:46:20.0638 2656 btwdins - ok 22:46:20.0667 2656 btwrchid (ac3fd5a3bbfa114098f75b80c4c1f3e7) C:\Windows\system32\DRIVERS\btwrchid.sys 22:46:20.0668 2656 btwrchid - ok 22:46:20.0778 2656 catchme - ok 22:46:20.0830 2656 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys 22:46:20.0831 2656 cdfs - ok 22:46:20.0856 2656 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys 22:46:20.0857 2656 cdrom - ok 22:46:20.0877 2656 CertPropSvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll 22:46:20.0879 2656 CertPropSvc - ok 22:46:20.0904 2656 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys 22:46:20.0905 2656 circlass - ok 22:46:20.0964 2656 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys 22:46:20.0967 2656 CLFS - ok 22:46:21.0033 2656 clr_optimization_v2.0.50727_32 (8ee772032e2fe80a924f3b8dd5082194) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 22:46:21.0034 2656 clr_optimization_v2.0.50727_32 - ok 22:46:21.0115 2656 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 22:46:21.0117 2656 clr_optimization_v4.0.30319_32 - ok 22:46:21.0148 2656 cmdide (e79cbb2195e965f6e3256e2c1b23fd1c) C:\Windows\system32\drivers\cmdide.sys 22:46:21.0148 2656 cmdide - ok 22:46:21.0167 2656 Compbatt (722936afb75a7f509662b69b5632f48a) C:\Windows\system32\drivers\compbatt.sys 22:46:21.0168 2656 Compbatt - ok 22:46:21.0174 2656 COMSysApp - ok 22:46:21.0185 2656 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys 22:46:21.0185 2656 crcdisk - ok 22:46:21.0226 2656 Creative Service for CDROM Access (3c8b6609712f4ff78e521f6dcfc4032b) C:\Windows\system32\CTsvcCDA.exe 22:46:21.0227 2656 Creative Service for CDROM Access - ok 22:46:21.0257 2656 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys 22:46:21.0257 2656 Crusoe - ok 22:46:21.0306 2656 CryptSvc (75c6a297e364014840b48eccd7525e30) C:\Windows\system32\cryptsvc.dll 22:46:21.0308 2656 CryptSvc - ok 22:46:21.0368 2656 CTDevice_Srv (a5bea0e5c297f5f3835638a87e512fba) C:\Program Files\Creative\Shared Files\CTDevSrv.exe 22:46:21.0368 2656 CTDevice_Srv - ok 22:46:21.0410 2656 DcomLaunch (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll 22:46:21.0416 2656 DcomLaunch - ok 22:46:21.0460 2656 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys 22:46:21.0461 2656 DfsC - ok 22:46:21.0595 2656 DFSR (2cc3dcfb533a1035b13dcab6160ab38b) C:\Windows\system32\DFSR.exe 22:46:21.0611 2656 DFSR - ok 22:46:21.0743 2656 Dhcp (9028559c132146fb75eb7acf384b086a) C:\Windows\System32\dhcpcsvc.dll 22:46:21.0745 2656 Dhcp - ok 22:46:21.0795 2656 DHTRACE (2c56880d37785cf2c07b0309cebb0a7d) C:\Program Files\Common Files\Intel\IntelDH\bin\DHTraceController.exe 22:46:21.0796 2656 DHTRACE - ok 22:46:21.0837 2656 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys 22:46:21.0838 2656 disk - ok 22:46:21.0880 2656 Dnscache (57d762f6f5974af0da2be88a3349baaa) C:\Windows\System32\dnsrslvr.dll 22:46:21.0882 2656 Dnscache - ok 22:46:21.0917 2656 dot3svc (324fd74686b1ef5e7c19a8af49e748f6) C:\Windows\System32\dot3svc.dll 22:46:21.0920 2656 dot3svc - ok 22:46:21.0959 2656 DPS (a622e888f8aa2f6b49e9bc466f0e5def) C:\Windows\system32\dps.dll 22:46:21.0962 2656 DPS - ok 22:46:21.0980 2656 DQLWinService (28b42d80ce943a98c6bcea67263cbdff) C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe 22:46:21.0982 2656 DQLWinService - ok 22:46:22.0011 2656 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys 22:46:22.0012 2656 drmkaud - ok 22:46:22.0083 2656 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys 22:46:22.0090 2656 DXGKrnl - ok 22:46:22.0124 2656 e1express (04944f4fc4f0477185f5d26ae0ddb90e) C:\Windows\system32\DRIVERS\e1e6032.sys 22:46:22.0126 2656 e1express - ok 22:46:22.0169 2656 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys 22:46:22.0171 2656 E1G60 - ok 22:46:22.0217 2656 EapHost (c0b95e40d85cd807d614e264248a45b9) C:\Windows\System32\eapsvc.dll 22:46:22.0220 2656 EapHost - ok 22:46:22.0243 2656 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys 22:46:22.0244 2656 Ecache - ok 22:46:22.0285 2656 ehRecvr (9be3744d295a7701eb425332014f0797) C:\Windows\ehome\ehRecvr.exe 22:46:22.0288 2656 ehRecvr - ok 22:46:22.0323 2656 ehSched (ad1870c8e5d6dd340c829e6074bf3c3f) C:\Windows\ehome\ehsched.exe 22:46:22.0325 2656 ehSched - ok 22:46:22.0330 2656 ehstart (c27c4ee8926e74aa72efcab24c5242c3) C:\Windows\ehome\ehstart.dll 22:46:22.0332 2656 ehstart - ok 22:46:22.0382 2656 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys 22:46:22.0385 2656 elxstor - ok 22:46:22.0464 2656 EMDMgmt (4e6b23dfc917ea39306b529b773950f4) C:\Windows\system32\emdmgmt.dll 22:46:22.0471 2656 EMDMgmt - ok 22:46:22.0503 2656 EventSystem (67058c46504bc12d821f38cf99b7b28f) C:\Windows\system32\es.dll 22:46:22.0507 2656 EventSystem - ok 22:46:22.0539 2656 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys 22:46:22.0540 2656 exfat - ok 22:46:22.0577 2656 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys 22:46:22.0578 2656 fastfat - ok 22:46:22.0604 2656 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys 22:46:22.0605 2656 fdc - ok 22:46:22.0623 2656 fdPHost (6629b5f0e98151f4afdd87567ea32ba3) C:\Windows\system32\fdPHost.dll 22:46:22.0625 2656 fdPHost - ok 22:46:22.0638 2656 FDResPub (89ed56dce8e47af40892778a5bd31fd2) C:\Windows\system32\fdrespub.dll 22:46:22.0640 2656 FDResPub - ok 22:46:22.0669 2656 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys 22:46:22.0670 2656 FileInfo - ok 22:46:22.0707 2656 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys 22:46:22.0708 2656 Filetrace - ok 22:46:22.0722 2656 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys 22:46:22.0723 2656 flpydisk - ok 22:46:22.0763 2656 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys 22:46:22.0766 2656 FltMgr - ok 22:46:22.0851 2656 FontCache (8ce364388c8eca59b14b539179276d44) C:\Windows\system32\FntCache.dll 22:46:22.0860 2656 FontCache - ok 22:46:22.0924 2656 FontCache3.0.0.0 (c7fbdd1ed42f82bfa35167a5c9803ea3) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe 22:46:22.0925 2656 FontCache3.0.0.0 - ok 22:46:23.0028 2656 FreeAgentGoNext Service (9513b437b7adb1e6065b7f0d83d11ecf) C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe 22:46:23.0030 2656 FreeAgentGoNext Service - ok 22:46:23.0080 2656 fssfltr (d909075fa72c090f27aa926c32cb4612) C:\Windows\system32\DRIVERS\fssfltr.sys 22:46:23.0081 2656 fssfltr - ok 22:46:23.0299 2656 fsssvc (4ce9dac1518ff7e77bd213e6394b9d77) C:\Program Files\Windows Live\Family Safety\fsssvc.exe 22:46:23.0314 2656 fsssvc - ok 22:46:23.0456 2656 Fs_Rec (b972a66758577e0bfd1de0f91aaa27b5) C:\Windows\system32\drivers\Fs_Rec.sys 22:46:23.0456 2656 Fs_Rec - ok 22:46:23.0494 2656 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys 22:46:23.0495 2656 gagp30kx - ok 22:46:23.0535 2656 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\Drivers\GEARAspiWDM.sys 22:46:23.0536 2656 GEARAspiWDM - ok 22:46:23.0691 2656 GoogleDesktopManager (1c23ca2beb4fa0a92b87164c35212b11) C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe 22:46:23.0709 2656 GoogleDesktopManager - ok 22:46:23.0831 2656 gpsvc (cd5d0aeee35dfd4e986a5aa1500a6e66) C:\Windows\System32\gpsvc.dll 22:46:23.0838 2656 gpsvc - ok 22:46:23.0968 2656 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe 22:46:23.0969 2656 gupdate - ok 22:46:23.0975 2656 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files\Google\Update\GoogleUpdate.exe 22:46:23.0977 2656 gupdatem - ok 22:46:23.0982 2656 gusvc - ok 22:46:24.0041 2656 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys 22:46:24.0047 2656 HDAudBus - ok 22:46:24.0076 2656 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys 22:46:24.0077 2656 HidBth - ok 22:46:24.0106 2656 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys 22:46:24.0107 2656 HidIr - ok 22:46:24.0128 2656 hidserv (84067081f3318162797385e11a8f0582) C:\Windows\System32\hidserv.dll 22:46:24.0130 2656 hidserv - ok 22:46:24.0153 2656 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys 22:46:24.0154 2656 HidUsb - ok 22:46:24.0192 2656 hkmsvc (d8ad255b37da92434c26e4876db7d418) C:\Windows\system32\kmsvc.dll 22:46:24.0195 2656 hkmsvc - ok 22:46:24.0228 2656 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys 22:46:24.0229 2656 HpCISSs - ok 22:46:24.0374 2656 hpqcxs08 (58d4765ab87347db835d5693adf652c1) C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll 22:46:24.0376 2656 hpqcxs08 - ok 22:46:24.0429 2656 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys 22:46:24.0433 2656 HTTP - ok 22:46:24.0466 2656 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys 22:46:24.0467 2656 i2omp - ok 22:46:24.0525 2656 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys 22:46:24.0526 2656 i8042prt - ok 22:46:24.0589 2656 iaStor (997e8f5939f2d12cd9f2e6b395724c16) C:\Windows\system32\drivers\iastor.sys 22:46:24.0592 2656 iaStor - ok 22:46:24.0651 2656 iaStorV (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys 22:46:24.0654 2656 iaStorV - ok 22:46:24.0760 2656 IDriverT (6f95324909b502e2651442c1548ab12f) C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe 22:46:24.0761 2656 IDriverT - ok 22:46:24.0881 2656 idsvc (98477b08e61945f974ed9fdc4cb6bdab) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe 22:46:24.0890 2656 idsvc - ok 22:46:25.0007 2656 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys 22:46:25.0008 2656 iirsp - ok 22:46:25.0067 2656 IKEEXT (9908d8a397b76cd8d31d0d383c5773c9) C:\Windows\System32\ikeext.dll 22:46:25.0073 2656 IKEEXT - ok 22:46:25.0202 2656 IntcAzAudAddService (4eae74c8bcbca309a5d7cbad7e231427) C:\Windows\system32\drivers\RTKVHDA.sys 22:46:25.0220 2656 IntcAzAudAddService - ok 22:46:25.0298 2656 IntelDH (7f440f8ced849fcdfa85bb3521b4f048) C:\Windows\system32\Drivers\IntelDH.sys 22:46:25.0299 2656 IntelDH - ok 22:46:25.0314 2656 intelide (0084046c084d68e494f8cf36bcf08186) C:\Windows\system32\DRIVERS\intelide.sys 22:46:25.0315 2656 intelide - ok 22:46:25.0348 2656 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys 22:46:25.0349 2656 intelppm - ok 22:46:25.0380 2656 IPBusEnum (9ac218c6e6105477484c6fdbe7d409a4) C:\Windows\system32\ipbusenum.dll 22:46:25.0383 2656 IPBusEnum - ok 22:46:25.0419 2656 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys 22:46:25.0420 2656 IpFilterDriver - ok 22:46:25.0468 2656 iphlpsvc (1998bd97f950680bb55f55a7244679c2) C:\Windows\System32\iphlpsvc.dll 22:46:25.0472 2656 iphlpsvc - ok 22:46:25.0477 2656 IpInIp - ok 22:46:25.0520 2656 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys 22:46:25.0521 2656 IPMIDRV - ok 22:46:25.0577 2656 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys 22:46:25.0579 2656 IPNAT - ok 22:46:25.0705 2656 iPod Service (57edb35ea2feca88f8b17c0c095c9a56) C:\Program Files\iPod\bin\iPodService.exe 22:46:25.0713 2656 iPod Service - ok 22:46:25.0776 2656 irda (e50a95179211b12946f7e035d60af560) C:\Windows\system32\DRIVERS\irda.sys 22:46:25.0777 2656 irda - ok 22:46:25.0818 2656 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys 22:46:25.0818 2656 IRENUM - ok 22:46:25.0860 2656 Irmon (cbb0d940221a281bcfeaea695bd1cda5) C:\Windows\System32\irmon.dll 22:46:25.0862 2656 Irmon - ok 22:46:25.0884 2656 isapnp (2f8ece2699e7e2070545e9b0960a8ed2) C:\Windows\system32\drivers\isapnp.sys 22:46:25.0885 2656 isapnp - ok 22:46:25.0921 2656 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys 22:46:25.0923 2656 iScsiPrt - ok 22:46:26.0027 2656 ISSM (50adb2883f8874aa6632a67cd410f27f) C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe 22:46:26.0028 2656 ISSM - ok 22:46:26.0060 2656 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys 22:46:26.0061 2656 iteatapi - ok 22:46:26.0087 2656 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys 22:46:26.0088 2656 iteraid - ok 22:46:26.0134 2656 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys 22:46:26.0135 2656 kbdclass - ok 22:46:26.0168 2656 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys 22:46:26.0168 2656 kbdhid - ok 22:46:26.0208 2656 KeyIso (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe 22:46:26.0210 2656 KeyIso - ok 22:46:26.0270 2656 KSecDD (2b2f1638466e8cb091400c9019cc730e) C:\Windows\system32\Drivers\ksecdd.sys 22:46:26.0273 2656 KSecDD - ok 22:46:26.0307 2656 KtmRm (8078f8f8f7a79e2e6b494523a828c585) C:\Windows\system32\msdtckrm.dll 22:46:26.0311 2656 KtmRm - ok 22:46:26.0359 2656 LanmanServer (1bf5eebfd518dd7298434d8c862f825d) C:\Windows\System32\srvsvc.dll 22:46:26.0362 2656 LanmanServer - ok 22:46:26.0417 2656 LanmanWorkstation (1db69705b695b987082c8baec0c6b34f) C:\Windows\System32\wkssvc.dll 22:46:26.0421 2656 LanmanWorkstation - ok 22:46:26.0454 2656 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys 22:46:26.0454 2656 lltdio - ok 22:46:26.0504 2656 lltdsvc (2d5a428872f1442631d0959a34abff63) C:\Windows\System32\lltdsvc.dll 22:46:26.0506 2656 lltdsvc - ok 22:46:26.0549 2656 lmhosts (35d40113e4a5b961b6ce5c5857702518) C:\Windows\System32\lmhsvc.dll 22:46:26.0551 2656 lmhosts - ok 22:46:26.0580 2656 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys 22:46:26.0581 2656 LSI_FC - ok 22:46:26.0599 2656 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys 22:46:26.0600 2656 LSI_SAS - ok 22:46:26.0614 2656 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys 22:46:26.0615 2656 LSI_SCSI - ok 22:46:26.0658 2656 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys 22:46:26.0659 2656 luafv - ok 22:46:26.0746 2656 M1 Server (9a3741d5412ab81b86992915e3ecd3e9) C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe 22:46:26.0749 2656 M1 Server - ok 22:46:26.0796 2656 MCLServiceATL (6ad27b01272f966c9611a398961fcf15) C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe 22:46:26.0797 2656 MCLServiceATL - ok 22:46:26.0897 2656 Mcx2Svc (aef9babb8a506bc4ce0451a64aaded46) C:\Windows\system32\Mcx2Svc.dll 22:46:26.0900 2656 Mcx2Svc - ok 22:46:26.0916 2656 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys 22:46:26.0917 2656 megasas - ok 22:46:26.0955 2656 MMCSS (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll 22:46:26.0958 2656 MMCSS - ok 22:46:27.0007 2656 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys 22:46:27.0008 2656 Modem - ok 22:46:27.0054 2656 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys 22:46:27.0055 2656 monitor - ok 22:46:27.0081 2656 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys 22:46:27.0082 2656 mouclass - ok 22:46:27.0091 2656 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys 22:46:27.0092 2656 mouhid - ok 22:46:27.0111 2656 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys 22:46:27.0112 2656 MountMgr - ok 22:46:27.0152 2656 MpFilter (d993bea500e7382dc4e760bf4f35efcb) C:\Windows\system32\DRIVERS\MpFilter.sys 22:46:27.0154 2656 MpFilter - ok 22:46:27.0178 2656 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys 22:46:27.0179 2656 mpio - ok 22:46:27.0209 2656 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys 22:46:27.0210 2656 mpsdrv - ok 22:46:27.0252 2656 MpsSvc (5de62c6e9108f14f6794060a9bdecaec) C:\Windows\system32\mpssvc.dll 22:46:27.0258 2656 MpsSvc - ok 22:46:27.0287 2656 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys 22:46:27.0288 2656 Mraid35x - ok 22:46:27.0331 2656 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys 22:46:27.0333 2656 MRxDAV - ok 22:46:27.0384 2656 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys 22:46:27.0386 2656 mrxsmb - ok 22:46:27.0435 2656 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys 22:46:27.0437 2656 mrxsmb10 - ok 22:46:27.0446 2656 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys 22:46:27.0448 2656 mrxsmb20 - ok 22:46:27.0482 2656 msahci (d420bc42a637ac3cc4f411220549c0dc) C:\Windows\system32\drivers\msahci.sys 22:46:27.0483 2656 msahci - ok 22:46:27.0510 2656 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys 22:46:27.0511 2656 msdsm - ok 22:46:27.0560 2656 MSDTC (fd7520cc3a80c5fc8c48852bb24c6ded) C:\Windows\System32\msdtc.exe 22:46:27.0563 2656 MSDTC - ok 22:46:27.0615 2656 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys 22:46:27.0616 2656 Msfs - ok 22:46:27.0652 2656 MSIRCOMM (11756768993106dd07861096fb97cdb8) C:\Windows\system32\DRIVERS\MSIRCOMM.sys 22:46:27.0653 2656 MSIRCOMM - ok 22:46:27.0704 2656 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys 22:46:27.0705 2656 msisadrv - ok 22:46:27.0752 2656 MSiSCSI (85466c0757a23d9a9aecdc0755203cb2) C:\Windows\system32\iscsiexe.dll 22:46:27.0755 2656 MSiSCSI - ok 22:46:27.0760 2656 msiserver - ok 22:46:27.0809 2656 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys 22:46:27.0810 2656 MSKSSRV - ok 22:46:27.0859 2656 MsMpSvc (24516bf4e12a46cb67302e2cdcb8cddf) c:\Program Files\Microsoft Security Client\MsMpEng.exe 22:46:27.0860 2656 MsMpSvc - ok 22:46:27.0903 2656 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys 22:46:27.0904 2656 MSPCLOCK - ok 22:46:27.0916 2656 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys 22:46:27.0916 2656 MSPQM - ok 22:46:27.0961 2656 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys 22:46:27.0963 2656 MsRPC - ok 22:46:27.0975 2656 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys 22:46:27.0976 2656 mssmbios - ok 22:46:28.0006 2656 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys 22:46:28.0006 2656 MSTEE - ok 22:46:28.0015 2656 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys 22:46:28.0016 2656 Mup - ok 22:46:28.0078 2656 napagent (e4eaf0c5c1b41b5c83386cf212ca9584) C:\Windows\system32\qagentRT.dll 22:46:28.0084 2656 napagent - ok 22:46:28.0117 2656 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys 22:46:28.0119 2656 NativeWifiP - ok 22:46:28.0285 2656 NAUpdate (934bb0d23a25c8c136570800a5a149b6) C:\Program Files\Nero\Update\NASvc.exe 22:46:28.0292 2656 NAUpdate - ok 22:46:28.0335 2656 NBVol (0ae25530894a934c6ca600865c6e9d7c) C:\Windows\system32\DRIVERS\NBVol.sys 22:46:28.0336 2656 NBVol - ok 22:46:28.0373 2656 NBVolUp (1ddcef3039c9d90af3529dee6699967d) C:\Windows\system32\DRIVERS\NBVolUp.sys 22:46:28.0374 2656 NBVolUp - ok 22:46:28.0417 2656 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys 22:46:28.0422 2656 NDIS - ok 22:46:28.0451 2656 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys 22:46:28.0452 2656 NdisTapi - ok 22:46:28.0480 2656 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys 22:46:28.0481 2656 Ndisuio - ok 22:46:28.0500 2656 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys 22:46:28.0502 2656 NdisWan - ok 22:46:28.0534 2656 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys 22:46:28.0535 2656 NDProxy - ok 22:46:28.0551 2656 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys 22:46:28.0552 2656 NetBIOS - ok 22:46:28.0586 2656 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys 22:46:28.0588 2656 netbt - ok 22:46:28.0665 2656 Netlogon (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe 22:46:28.0667 2656 Netlogon - ok 22:46:28.0712 2656 Netman (c8052711daecc48b982434c5116ca401) C:\Windows\System32\netman.dll 22:46:28.0718 2656 Netman - ok 22:46:28.0762 2656 netprofm (2ef3bbe22e5a5acd1428ee387a0d0172) C:\Windows\System32\netprofm.dll 22:46:28.0767 2656 netprofm - ok 22:46:28.0835 2656 NetTcpPortSharing (d6c4e4a39a36029ac0813d476fbd0248) C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe 22:46:28.0837 2656 NetTcpPortSharing - ok 22:46:28.0898 2656 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys 22:46:28.0899 2656 nfrd960 - ok 22:46:28.0941 2656 NisDrv (b52f26bade7d7e4a79706e3fd91834cd) C:\Windows\system32\DRIVERS\NisDrvWFP.sys 22:46:28.0943 2656 NisDrv - ok 22:46:29.0062 2656 NisSrv (290c0d4c4889398797f8df3be00b9698) c:\Program Files\Microsoft Security Client\NisSrv.exe 22:46:29.0070 2656 NisSrv - ok 22:46:29.0114 2656 NlaSvc (2997b15415f9bbe05b5a4c1c85e0c6a2) C:\Windows\System32\nlasvc.dll 22:46:29.0118 2656 NlaSvc - ok 22:46:29.0171 2656 NMSCore (5384d7a64e7b6011e98d68f69dcfc980) C:\Program Files\Common Files\Intel\IntelDH\NMS\NMSCore\NMSCore.exe 22:46:29.0174 2656 NMSCore - ok 22:46:29.0196 2656 nmsunidr (dfeabb7cfffadea4a912ab95bdc3177a) C:\Windows\system32\DRIVERS\nmsunidr.sys 22:46:29.0197 2656 nmsunidr - ok 22:46:29.0215 2656 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys 22:46:29.0216 2656 Npfs - ok 22:46:29.0237 2656 nsi (8bb86f0c7eea2bded6fe095d0b4ca9bd) C:\Windows\system32\nsisvc.dll 22:46:29.0241 2656 nsi - ok 22:46:29.0264 2656 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys 22:46:29.0265 2656 nsiproxy - ok 22:46:29.0366 2656 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys 22:46:29.0378 2656 Ntfs - ok 22:46:29.0410 2656 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys 22:46:29.0411 2656 ntrigdigi - ok 22:46:29.0442 2656 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys 22:46:29.0443 2656 Null - ok 22:46:29.0476 2656 nvraid (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys 22:46:29.0477 2656 nvraid - ok 22:46:29.0493 2656 nvstor (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys 22:46:29.0494 2656 nvstor - ok 22:46:29.0509 2656 nv_agp (055081fd5076401c1ee1bcab08d81911) C:\Windows\system32\drivers\nv_agp.sys 22:46:29.0511 2656 nv_agp - ok 22:46:29.0516 2656 NwlnkFlt - ok 22:46:29.0524 2656 NwlnkFwd - ok 22:46:29.0616 2656 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE 22:46:29.0620 2656 odserv - ok 22:46:29.0655 2656 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys 22:46:29.0656 2656 ohci1394 - ok 22:46:29.0690 2656 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE 22:46:29.0691 2656 ose - ok 22:46:29.0735 2656 p2pimsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll 22:46:29.0744 2656 p2pimsvc - ok 22:46:29.0755 2656 p2psvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll 22:46:29.0764 2656 p2psvc - ok 22:46:29.0800 2656 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys 22:46:29.0801 2656 Parport - ok 22:46:29.0845 2656 partmgr (b9c2b89f08670e159f7181891e449cd9) C:\Windows\system32\drivers\partmgr.sys 22:46:29.0846 2656 partmgr - ok 22:46:29.0872 2656 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys 22:46:29.0873 2656 Parvdm - ok 22:46:29.0902 2656 PcaSvc (c6276ad11f4bb49b58aa1ed88537f14a) C:\Windows\System32\pcasvc.dll 22:46:29.0906 2656 PcaSvc - ok 22:46:29.0942 2656 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys 22:46:29.0944 2656 pci - ok 22:46:29.0960 2656 pciide (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys 22:46:29.0961 2656 pciide - ok 22:46:29.0996 2656 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys 22:46:29.0998 2656 pcmcia - ok 22:46:30.0071 2656 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys 22:46:30.0081 2656 PEAUTH - ok 22:46:30.0208 2656 pla (b1689df169143f57053f795390c99db3) C:\Windows\system32\pla.dll 22:46:30.0227 2656 pla - ok 22:46:30.0354 2656 PlugPlay (c5e7f8a996ec0a82d508fd9064a5569e) C:\Windows\system32\umpnpmgr.dll 22:46:30.0360 2656 PlugPlay - ok 22:46:30.0424 2656 PNRPAutoReg (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll 22:46:30.0433 2656 PNRPAutoReg - ok 22:46:30.0445 2656 PNRPsvc (0c8e8e61ad1eb0b250b846712c917506) C:\Windows\system32\p2psvc.dll 22:46:30.0454 2656 PNRPsvc - ok 22:46:30.0481 2656 PolicyAgent (d0494460421a03cd5225cca0059aa146) C:\Windows\System32\ipsecsvc.dll 22:46:30.0486 2656 PolicyAgent - ok 22:46:30.0508 2656 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys 22:46:30.0510 2656 PptpMiniport - ok 22:46:30.0544 2656 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys 22:46:30.0545 2656 Processor - ok 22:46:30.0586 2656 ProfSvc (0508faa222d28835310b7bfca7a77346) C:\Windows\system32\profsvc.dll 22:46:30.0591 2656 ProfSvc - ok 22:46:30.0665 2656 ProtectedStorage (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe 22:46:30.0667 2656 ProtectedStorage - ok 22:46:30.0693 2656 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys 22:46:30.0694 2656 PSched - ok 22:46:30.0779 2656 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys 22:46:30.0788 2656 ql2300 - ok 22:46:30.0818 2656 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys 22:46:30.0820 2656 ql40xx - ok 22:46:30.0963 2656 QualityManager (938a882b718866e24ca5f71dfc925866) C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\qualitymanager.exe 22:46:30.0966 2656 QualityManager - ok 22:46:31.0027 2656 QWAVE (e9ecae663f47e6cb43962d18ab18890f) C:\Windows\system32\qwave.dll 22:46:31.0033 2656 QWAVE - ok 22:46:31.0059 2656 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys 22:46:31.0060 2656 QWAVEdrv - ok 22:46:31.0286 2656 R300 (63fc6a312bb0fbbbf355cb5d4a1c7764) C:\Windows\system32\DRIVERS\atikmdag.sys 22:46:31.0307 2656 R300 - ok 22:46:31.0436 2656 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys 22:46:31.0437 2656 RasAcd - ok 22:46:31.0473 2656 RasAuto (f6a452eb4ceadbb51c9e0ee6b3ecef0f) C:\Windows\System32\rasauto.dll 22:46:31.0475 2656 RasAuto - ok 22:46:31.0510 2656 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys 22:46:31.0511 2656 Rasl2tp - ok 22:46:31.0548 2656 RasMan (75d47445d70ca6f9f894b032fbc64fcf) C:\Windows\System32\rasmans.dll 22:46:31.0552 2656 RasMan - ok 22:46:31.0587 2656 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys 22:46:31.0588 2656 RasPppoe - ok 22:46:31.0603 2656 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys 22:46:31.0604 2656 RasSstp - ok 22:46:31.0642 2656 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys 22:46:31.0644 2656 rdbss - ok 22:46:31.0665 2656 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys 22:46:31.0665 2656 RDPCDD - ok 22:46:31.0724 2656 rdpdr (0245418224cfa77bf4b41c2fe0622258) C:\Windows\system32\drivers\rdpdr.sys 22:46:31.0726 2656 rdpdr - ok 22:46:31.0731 2656 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys 22:46:31.0732 2656 RDPENCDD - ok 22:46:31.0787 2656 RDPWD (c127ebd5afab31524662c48dfceb773a) C:\Windows\system32\drivers\RDPWD.sys 22:46:31.0789 2656 RDPWD - ok 22:46:31.0952 2656 Remote UI Service (a8430231e1a06828210248c79755bf9c) C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe 22:46:31.0957 2656 Remote UI Service - ok 22:46:32.0006 2656 RemoteAccess (bcdd6b4804d06b1f7ebf29e53a57ece9) C:\Windows\System32\mprdim.dll 22:46:32.0009 2656 RemoteAccess - ok 22:46:32.0038 2656 RemoteRegistry (9e6894ea18daff37b63e1005f83ae4ab) C:\Windows\system32\regsvc.dll 22:46:32.0042 2656 RemoteRegistry - ok 22:46:32.0079 2656 RFCOMM (6482707f9f4da0ecbab43b2e0398a101) C:\Windows\system32\DRIVERS\rfcomm.sys 22:46:32.0081 2656 RFCOMM - ok 22:46:32.0101 2656 RpcLocator (5123f83cbc4349d065534eeb6bbdc42b) C:\Windows\system32\locator.exe 22:46:32.0103 2656 RpcLocator - ok 22:46:32.0141 2656 RpcSs (3b5b4d53fec14f7476ca29a20cc31ac9) C:\Windows\system32\rpcss.dll 22:46:32.0150 2656 RpcSs - ok 22:46:32.0186 2656 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys 22:46:32.0187 2656 rspndr - ok 22:46:32.0194 2656 RTL8187 - ok 22:46:32.0266 2656 SamSs (a3e186b4b935905b829219502557314e) C:\Windows\system32\lsass.exe 22:46:32.0269 2656 SamSs - ok 22:46:32.0303 2656 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys 22:46:32.0304 2656 sbp2port - ok 22:46:32.0342 2656 SCardSvr (77b7a11a0c3d78d3386398fbbea1b632) C:\Windows\System32\SCardSvr.dll 22:46:32.0347 2656 SCardSvr - ok 22:46:32.0450 2656 Schedule (1a58069db21d05eb2ab58ee5753ebe8d) C:\Windows\system32\schedsvc.dll 22:46:32.0459 2656 Schedule - ok 22:46:32.0490 2656 SCPolicySvc (312ec3e37a0a1f2006534913e37b4423) C:\Windows\System32\certprop.dll 22:46:32.0491 2656 SCPolicySvc - ok 22:46:32.0512 2656 SDRSVC (716313d9f6b0529d03f726d5aaf6f191) C:\Windows\System32\SDRSVC.dll 22:46:32.0516 2656 SDRSVC - ok 22:46:32.0524 2656 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys 22:46:32.0526 2656 secdrv - ok 22:46:32.0559 2656 seclogon (fd5199d4d8a521005e4b5ee7fe00fa9b) C:\Windows\system32\seclogon.dll 22:46:32.0563 2656 seclogon - ok 22:46:32.0577 2656 SENS (a9bbab5759771e523f55563d6cbe140f) C:\Windows\system32\sens.dll 22:46:32.0581 2656 SENS - ok 22:46:32.0608 2656 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys 22:46:32.0609 2656 Serenum - ok 22:46:32.0633 2656 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys 22:46:32.0635 2656 Serial - ok 22:46:32.0689 2656 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys 22:46:32.0690 2656 sermouse - ok 22:46:32.0763 2656 SessionEnv (d2193326f729b163125610dbf3e17d57) C:\Windows\system32\sessenv.dll 22:46:32.0768 2656 SessionEnv - ok 22:46:32.0799 2656 sffdisk (51cf56aa8bcc241f134b420b8f850406) C:\Windows\system32\drivers\sffdisk.sys 22:46:32.0799 2656 sffdisk - ok 22:46:32.0814 2656 sffp_mmc (96ded8b20c734ac41641ce275250e55d) C:\Windows\system32\drivers\sffp_mmc.sys 22:46:32.0815 2656 sffp_mmc - ok 22:46:32.0825 2656 sffp_sd (8b08cab1267b2c377883fc9e56981f90) C:\Windows\system32\drivers\sffp_sd.sys 22:46:32.0826 2656 sffp_sd - ok 22:46:32.0843 2656 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys 22:46:32.0844 2656 sfloppy - ok 22:46:32.0893 2656 SharedAccess (e1499bd0ff76b1b2fbbf1af339d91165) C:\Windows\System32\ipnathlp.dll 22:46:32.0897 2656 SharedAccess - ok 22:46:32.0941 2656 ShellHWDetection (c7230fbee14437716701c15be02c27b8) C:\Windows\System32\shsvcs.dll 22:46:32.0947 2656 ShellHWDetection - ok 22:46:32.0980 2656 sisagp (08072b2fb92477fc813271a84b3a8698) C:\Windows\system32\drivers\sisagp.sys 22:46:32.0981 2656 sisagp - ok 22:46:32.0998 2656 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys 22:46:32.0999 2656 SiSRaid2 - ok 22:46:33.0017 2656 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys 22:46:33.0018 2656 SiSRaid4 - ok 22:46:33.0251 2656 slsvc (862bb4cbc05d80c5b45be430e5ef872f) C:\Windows\system32\SLsvc.exe 22:46:33.0289 2656 slsvc - ok 22:46:33.0411 2656 SLUINotify (6edc422215cd78aa8a9cde6b30abbd35) C:\Windows\system32\SLUINotify.dll 22:46:33.0415 2656 SLUINotify - ok 22:46:33.0455 2656 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys 22:46:33.0457 2656 Smb - ok 22:46:33.0510 2656 SMServer (780148180239ce7e2784a0c0d81cab46) C:\Windows\system32\snmvtsvc.exe 22:46:33.0516 2656 SMServer - ok 22:46:33.0568 2656 SndTAudio (9b0d0dabc36895c72a047a5ad98da735) C:\Windows\system32\drivers\SndTAudio.sys 22:46:33.0569 2656 SndTAudio - ok 22:46:33.0590 2656 SNMPTRAP (2a146a055b4401c16ee62d18b8e2a032) C:\Windows\System32\snmptrap.exe 22:46:33.0594 2656 SNMPTRAP - ok 22:46:33.0624 2656 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys 22:46:33.0625 2656 spldr - ok 22:46:33.0701 2656 Spooler (8554097e5136c3bf9f69fe578a1b35f4) C:\Windows\System32\spoolsv.exe 22:46:33.0706 2656 Spooler - ok 22:46:33.0771 2656 sptd (71e276f6d189413266ea22171806597b) C:\Windows\system32\Drivers\sptd.sys 22:46:33.0772 2656 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 71e276f6d189413266ea22171806597b 22:46:33.0774 2656 sptd ( LockedFile.Multi.Generic ) - warning 22:46:33.0774 2656 sptd - detected LockedFile.Multi.Generic (1) 22:46:33.0820 2656 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys 22:46:33.0823 2656 srv - ok 22:46:33.0872 2656 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys 22:46:33.0875 2656 srv2 - ok 22:46:33.0925 2656 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys 22:46:33.0926 2656 srvnet - ok 22:46:33.0940 2656 SSDPSRV (03d50b37234967433a5ea5ba72bc0b62) C:\Windows\System32\ssdpsrv.dll 22:46:33.0946 2656 SSDPSRV - ok 22:46:33.0987 2656 SstpSvc (6f1a32e7b7b30f004d9a20afadb14944) C:\Windows\system32\sstpsvc.dll 22:46:33.0992 2656 SstpSvc - ok 22:46:34.0041 2656 stisvc (5de7d67e49b88f5f07f3e53c4b92a352) C:\Windows\System32\wiaservc.dll 22:46:34.0049 2656 stisvc - ok 22:46:34.0074 2656 stllssvr - ok 22:46:34.0123 2656 STSService (5305d3c2c872c3e765a3c913dccc7fb4) C:\Program Files\SoundTaxi Media Suite\STSService.exe 22:46:34.0127 2656 STSService - ok 22:46:34.0185 2656 stusb2ir (b64796dcb518e7093814d931ec8ec07b) C:\Windows\system32\DRIVERS\stusb2ir.sys 22:46:34.0186 2656 stusb2ir - ok 22:46:34.0229 2656 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys 22:46:34.0230 2656 swenum - ok 22:46:34.0280 2656 swprv (f21fd248040681cca1fb6c9a03aaa93d) C:\Windows\System32\swprv.dll 22:46:34.0286 2656 swprv - ok 22:46:34.0325 2656 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys 22:46:34.0326 2656 Symc8xx - ok 22:46:34.0350 2656 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys 22:46:34.0352 2656 Sym_hi - ok 22:46:34.0377 2656 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys 22:46:34.0378 2656 Sym_u3 - ok 22:46:34.0450 2656 SysMain (9a51b04e9886aa4ee90093586b0ba88d) C:\Windows\system32\sysmain.dll 22:46:34.0459 2656 SysMain - ok 22:46:34.0493 2656 TabletInputService (2dca225eae15f42c0933e998ee0231c3) C:\Windows\System32\TabSvc.dll 22:46:34.0497 2656 TabletInputService - ok 22:46:34.0534 2656 TapiSrv (d7673e4b38ce21ee54c59eeeb65e2483) C:\Windows\System32\tapisrv.dll 22:46:34.0540 2656 TapiSrv - ok 22:46:34.0569 2656 tbhsd (ea02d11234c29e3af778081498072131) C:\Windows\system32\drivers\tbhsd.sys 22:46:34.0570 2656 tbhsd - ok 22:46:34.0608 2656 TBS (cb05822cd9cc6c688168e113c603dbe7) C:\Windows\System32\tbssvc.dll 22:46:34.0612 2656 TBS - ok 22:46:34.0713 2656 Tcpip (ee7e10bed85c312c1d5d30c435bdda9f) C:\Windows\system32\drivers\tcpip.sys 22:46:34.0722 2656 Tcpip - ok 22:46:34.0738 2656 Tcpip6 (ee7e10bed85c312c1d5d30c435bdda9f) C:\Windows\system32\DRIVERS\tcpip.sys 22:46:34.0747 2656 Tcpip6 - ok 22:46:34.0793 2656 tcpipreg (2c2d4cff5e09c73908f9b5af49a51365) C:\Windows\system32\drivers\tcpipreg.sys 22:46:34.0794 2656 tcpipreg - ok 22:46:34.0836 2656 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys 22:46:34.0837 2656 TDPIPE - ok 22:46:34.0859 2656 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys 22:46:34.0861 2656 TDTCP - ok 22:46:34.0903 2656 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys 22:46:34.0904 2656 tdx - ok 22:46:34.0937 2656 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys 22:46:34.0938 2656 TermDD - ok 22:46:34.0988 2656 TermService (bb95da09bef6e7a131bff3ba5032090d) C:\Windows\System32\termsrv.dll 22:46:34.0997 2656 TermService - ok 22:46:35.0040 2656 Themes (c7230fbee14437716701c15be02c27b8) C:\Windows\system32\shsvcs.dll 22:46:35.0046 2656 Themes - ok 22:46:35.0062 2656 THREADORDER (1076ffcffaae8385fd62dfcb25ac4708) C:\Windows\system32\mmcss.dll 22:46:35.0065 2656 THREADORDER - ok 22:46:35.0086 2656 TrkWks (ec74e77d0eb004bd3a809b5f8fb8c2ce) C:\Windows\System32\trkwks.dll 22:46:35.0090 2656 TrkWks - ok 22:46:35.0134 2656 TrustedInstaller (97d9d6a04e3ad9b6c626b9931db78dba) C:\Windows\servicing\TrustedInstaller.exe 22:46:35.0135 2656 TrustedInstaller - ok 22:46:35.0250 2656 TSHWMDTCP (b56368b25a51cebda77e6b20764f07f2) C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\TSHWMDTCP.sys 22:46:35.0251 2656 TSHWMDTCP - ok 22:46:35.0278 2656 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys 22:46:35.0279 2656 tssecsrv - ok 22:46:35.0329 2656 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys 22:46:35.0330 2656 tunmp - ok 22:46:35.0346 2656 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys 22:46:35.0347 2656 tunnel - ok 22:46:35.0389 2656 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys 22:46:35.0391 2656 uagp35 - ok 22:46:35.0468 2656 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys 22:46:35.0471 2656 udfs - ok 22:46:35.0528 2656 UI0Detect (ecef404f62863755951e09c802c94ad5) C:\Windows\system32\UI0Detect.exe 22:46:35.0532 2656 UI0Detect - ok 22:46:35.0580 2656 uliagpkx (6d72ef05921abdf59fc45c7ebfe7e8dd) C:\Windows\system32\drivers\uliagpkx.sys 22:46:35.0581 2656 uliagpkx - ok 22:46:35.0611 2656 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys 22:46:35.0614 2656 uliahci - ok 22:46:35.0662 2656 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys 22:46:35.0664 2656 UlSata - ok 22:46:35.0688 2656 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys 22:46:35.0690 2656 ulsata2 - ok 22:46:35.0725 2656 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys 22:46:35.0726 2656 umbus - ok 22:46:35.0751 2656 upnphost (68308183f4ae0be7bf8ecd07cb297999) C:\Windows\System32\upnphost.dll 22:46:35.0757 2656 upnphost - ok 22:46:35.0824 2656 USBAAPL (eafe1e00739afe6c51487a050e772e17) C:\Windows\system32\Drivers\usbaapl.sys 22:46:35.0826 2656 USBAAPL - ok 22:46:35.0874 2656 usbaudio (32db9517628ff0d070682aab61e688f0) C:\Windows\system32\drivers\usbaudio.sys 22:46:35.0875 2656 usbaudio - ok 22:46:35.0905 2656 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys 22:46:35.0907 2656 usbccgp - ok 22:46:35.0941 2656 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys 22:46:35.0942 2656 usbcir - ok 22:46:35.0981 2656 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys 22:46:35.0982 2656 usbehci - ok 22:46:36.0007 2656 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys 22:46:36.0010 2656 usbhub - ok 22:46:36.0043 2656 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys 22:46:36.0044 2656 usbohci - ok 22:46:36.0084 2656 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys 22:46:36.0085 2656 usbprint - ok 22:46:36.0111 2656 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys 22:46:36.0112 2656 usbscan - ok 22:46:36.0133 2656 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS 22:46:36.0134 2656 USBSTOR - ok 22:46:36.0171 2656 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys 22:46:36.0172 2656 usbuhci - ok 22:46:36.0204 2656 UxSms (1509e705f3ac1d474c92454a5c2dd81f) C:\Windows\System32\uxsms.dll 22:46:36.0209 2656 UxSms - ok 22:46:36.0259 2656 vds (cd88d1b7776dc17a119049742ec07eb4) C:\Windows\System32\vds.exe 22:46:36.0268 2656 vds - ok 22:46:36.0298 2656 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys 22:46:36.0299 2656 vga - ok 22:46:36.0340 2656 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys 22:46:36.0341 2656 VgaSave - ok 22:46:36.0372 2656 viaagp (d5929a28bdff4367a12caf06af901971) C:\Windows\system32\drivers\viaagp.sys 22:46:36.0373 2656 viaagp - ok 22:46:36.0392 2656 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys 22:46:36.0392 2656 ViaC7 - ok 22:46:36.0414 2656 viaide (f3b4762eb85a2aff4999401f14c3262b) C:\Windows\system32\drivers\viaide.sys 22:46:36.0415 2656 viaide - ok 22:46:36.0463 2656 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys 22:46:36.0464 2656 volmgr - ok 22:46:36.0510 2656 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys 22:46:36.0512 2656 volmgrx - ok 22:46:36.0537 2656 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys 22:46:36.0539 2656 volsnap - ok 22:46:36.0568 2656 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys 22:46:36.0569 2656 vsmraid - ok 22:46:36.0661 2656 VSS (db3d19f850c6eb32bdcb9bc0836acddb) C:\Windows\system32\vssvc.exe 22:46:36.0670 2656 VSS - ok 22:46:36.0724 2656 W32Time (96ea68b9eb310a69c25ebb0282b2b9de) C:\Windows\system32\w32time.dll 22:46:36.0729 2656 W32Time - ok 22:46:36.0779 2656 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys 22:46:36.0780 2656 WacomPen - ok 22:46:36.0822 2656 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys 22:46:36.0823 2656 Wanarp - ok 22:46:36.0827 2656 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys 22:46:36.0828 2656 Wanarpv6 - ok 22:46:36.0860 2656 wcncsvc (a3cd60fd826381b49f03832590e069af) C:\Windows\System32\wcncsvc.dll 22:46:36.0866 2656 wcncsvc - ok 22:46:36.0888 2656 WcsPlugInService (11bcb7afcdd7aadacb5746f544d3a9c7) C:\Windows\System32\WcsPlugInService.dll 22:46:36.0892 2656 WcsPlugInService - ok 22:46:36.0919 2656 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys 22:46:36.0920 2656 Wd - ok 22:46:36.0972 2656 WDC_SAM (d6efaf429fd30c5df613d220e344cce7) C:\Windows\system32\DRIVERS\wdcsam.sys 22:46:36.0972 2656 WDC_SAM - ok 22:46:37.0105 2656 WDDMService (7d1e301e2eeaf6d3730887de933413e6) C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe 22:46:37.0107 2656 WDDMService - ok 22:46:37.0167 2656 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys 22:46:37.0173 2656 Wdf01000 - ok 22:46:37.0202 2656 WdiServiceHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll 22:46:37.0207 2656 WdiServiceHost - ok 22:46:37.0212 2656 WdiSystemHost (abfc76b48bb6c96e3338d8943c5d93b5) C:\Windows\system32\wdi.dll 22:46:37.0217 2656 WdiSystemHost - ok 22:46:37.0248 2656 WDSmartWareBackgroundService (138ab06adbbf300aa804d7974a5aec82) C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe 22:46:37.0249 2656 WDSmartWareBackgroundService - ok 22:46:37.0276 2656 WebClient (04c37d8107320312fbae09926103d5e2) C:\Windows\System32\webclnt.dll 22:46:37.0283 2656 WebClient - ok 22:46:37.0332 2656 Wecsvc (ae3736e7e8892241c23e4ebbb7453b60) C:\Windows\system32\wecsvc.dll 22:46:37.0338 2656 Wecsvc - ok 22:46:37.0375 2656 wercplsupport (670ff720071ed741206d69bd995ea453) C:\Windows\System32\wercplsupport.dll 22:46:37.0380 2656 wercplsupport - ok 22:46:37.0406 2656 WerSvc (32b88481d3b326da6deb07b1d03481e7) C:\Windows\System32\WerSvc.dll 22:46:37.0412 2656 WerSvc - ok 22:46:37.0448 2656 WinDefend (4575aa12561c5648483403541d0d7f2b) C:\Program Files\Windows Defender\mpsvc.dll 22:46:37.0451 2656 WinDefend - ok 22:46:37.0460 2656 WinHttpAutoProxySvc - ok 22:46:37.0506 2656 Winmgmt (6b2a1d0e80110e3d04e6863c6e62fd8a) C:\Windows\system32\wbem\WMIsvc.dll 22:46:37.0509 2656 Winmgmt - ok 22:46:37.0619 2656 WinRM (7cfe68bdc065e55aa5e8421607037511) C:\Windows\system32\WsmSvc.dll 22:46:37.0635 2656 WinRM - ok 22:46:37.0715 2656 Wlansvc (c008405e4feeb069e30da1d823910234) C:\Windows\System32\wlansvc.dll 22:46:37.0724 2656 Wlansvc - ok 22:46:37.0917 2656 wlidsvc (0a70f4022ec2e14c159efc4f69aa2477) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 22:46:37.0928 2656 wlidsvc - ok 22:46:38.0050 2656 WmiAcpi (17eac0d023a65fa9b02114cc2baacad5) C:\Windows\system32\drivers\wmiacpi.sys 22:46:38.0050 2656 WmiAcpi - ok 22:46:38.0124 2656 wmiApSrv (43be3875207dcb62a85c8c49970b66cc) C:\Windows\system32\wbem\WmiApSrv.exe 22:46:38.0125 2656 wmiApSrv - ok 22:46:38.0216 2656 WMPNetworkSvc (3978704576a121a9204f8cc49a301a9b) C:\Program Files\Windows Media Player\wmpnetwk.exe 22:46:38.0225 2656 WMPNetworkSvc - ok 22:46:38.0251 2656 WPCSvc (cfc5a04558f5070cee3e3a7809f3ff52) C:\Windows\System32\wpcsvc.dll 22:46:38.0255 2656 WPCSvc - ok 22:46:38.0290 2656 WPDBusEnum (801fbdb89d472b3c467eb112a0fc9246) C:\Windows\system32\wpdbusenum.dll 22:46:38.0294 2656 WPDBusEnum - ok 22:46:38.0336 2656 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys 22:46:38.0337 2656 WpdUsb - ok 22:46:38.0506 2656 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe 22:46:38.0511 2656 WPFFontCache_v0400 - ok 22:46:38.0560 2656 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys 22:46:38.0561 2656 ws2ifsl - ok 22:46:38.0600 2656 wscsvc (1ca6c40261ddc0425987980d0cd2aaab) C:\Windows\system32\wscsvc.dll 22:46:38.0603 2656 wscsvc - ok 22:46:38.0607 2656 WSearch - ok 22:46:38.0729 2656 wuauserv (6298277b73c77fa99106b271a7525163) C:\Windows\system32\wuaueng.dll 22:46:38.0743 2656 wuauserv - ok 22:46:38.0856 2656 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys 22:46:38.0857 2656 WUDFRd - ok 22:46:38.0888 2656 wudfsvc (575a4190d989f64732119e4114045a4f) C:\Windows\System32\WUDFSvc.dll 22:46:38.0891 2656 wudfsvc - ok 22:46:38.0916 2656 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0 22:46:39.0204 2656 \Device\Harddisk0\DR0 - ok 22:46:39.0241 2656 Boot (0x1200) (377e95c0d72c8675ce479a8372b1b765) \Device\Harddisk0\DR0\Partition0 22:46:39.0242 2656 \Device\Harddisk0\DR0\Partition0 - ok 22:46:39.0249 2656 Boot (0x1200) (8d1e69ad7da21524fd5d501806b3e063) \Device\Harddisk0\DR0\Partition1 22:46:39.0250 2656 \Device\Harddisk0\DR0\Partition1 - ok 22:46:39.0250 2656 ============================================================ 22:46:39.0250 2656 Scan finished 22:46:39.0250 2656 ============================================================ 22:46:39.0260 3940 Detected object count: 1 22:46:39.0260 3940 Actual detected object count: 1 22:47:12.0647 3940 sptd ( LockedFile.Multi.Generic ) - skipped by user 22:47:12.0648 3940 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
[ Ignorer ] [ # 11 ] abba54
14.06.2012 23:21:04 Antal indlæg: 72	Her er så aswMBR log-filen. Var lidt i tvivl om den var færdig, men afventede 10 minutter inden jeg gemte loggen. aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software Run date: 2012-06-14 23:02:50 ——————————————- 23:02:50.670 OS Version: Windows 6.0.6002 Service Pack 2 23:02:50.670 Number of processors: 2 586 0xF0D 23:02:50.675 ComputerName: KIMLANGVAD-PC UserName: Kim Langvad 23:02:52.057 Initialize success 23:03:50.892 AVAST engine defs: 12061401 23:04:30.813 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 23:04:30.815 Disk 0 Vendor: WDC_WD5000AAKS-75YGA0 12.01C02 Size: 476940MB BusType: 3 23:04:30.830 Disk 0 MBR read successfully 23:04:30.832 Disk 0 MBR scan 23:04:30.837 Disk 0 Windows VISTA default MBR code 23:04:30.840 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 62 MB offset 63 23:04:30.855 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 10240 MB offset 129024 23:04:30.874 Disk 0 Partition 3 80 (A) 07 HPFS/NTFS NTFS 466636 MB offset 21100544 23:04:30.880 Disk 0 scanning sectors +976771072 23:04:30.969 Disk 0 scanning C:\Windows\system32\drivers 23:04:43.157 Service scanning 23:05:01.988 Service sptd C:\Windows\System32\Drivers\sptd.sys LOCKED 32 23:05:08.747 Modules scanning 23:05:13.631 Disk 0 trace - called modules: 23:05:13.654 ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll >>UNKNOWN [0x861281f8]<< 23:05:13.661 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86875948] 23:05:13.668 3 CLASSPNP.SYS[8afb08b3] -> nt!IofCallDriver -> [0x8617e328] 23:05:13.675 5 acpi.sys[805c06bc] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x86176528] 23:05:13.683 \Driver\atapi[0x8617f220] -> IRP_MJ_CREATE -> 0x861281f8 23:05:15.734 AVAST engine scan C:\Windows 23:05:21.618 AVAST engine scan C:\Windows\system32 23:09:55.794 AVAST engine scan C:\Windows\system32\drivers 23:10:25.992 AVAST engine scan C:\Users\Kim Langvad 23:19:41.168 Disk 0 MBR has been saved successfully to “C:\Users\Kim Langvad\Desktop\MBR.dat” 23:19:41.184 The log file has been saved successfully to “C:\Users\Kim Langvad\Desktop\aswMBR-140612.txt”
[ Ignorer ] [ # 12 ] f-arn TeamSpywarefri
15.06.2012 08:46:42 Administrator Team Spywarefri Antal indlæg: 7044	1. Hent Defogger og gem programmet på dit Skrivebord: http://www.jpshortstuff.247fixes.com/Defogger.exe 2. Dobbeltklik på Defogger.exe - et vindue vil åbne sig - klik på “Disable” og klik “Yes” for at fortsætte. Nu vil programmet deaktivere dit CD-emulations program og afslutte med “Finished!” - klik “OK”. NB - efter rensning vil vi aktivere dit CD-emulations program igen; ingen grund til bekymring. 3. Defogger vil nu genstarte din computer - klik OK. ——— Kør aswMBR igen. Husk at deaktivere Microsoft Security Essentials. ——— Kør Defogger igen - Klik “Enable” Kopier loggen fra aswMBR herind. Signatur Undlad venligst at vedhæfte logs, medmindre du bliver bedt om det !
[ Ignorer ] [ # 13 ] abba54
15.06.2012 09:42:59 Antal indlæg: 72	Så er Defogger kørt - ind imellem aswMBR - og sidst Defogger igen. Da den genstartede kom der et pop-up med teksten “update.exe” - den kommer af og til og i og med jeg ikke ved, hvilket program, den relaterer til, har jeg hver gang trykket “annuler” - den har været der med mellemrum i et års tid. Her er loggen fra aswMBR: aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software Run date: 2012-06-15 09:06:33 ——————————————- 09:06:33.581 OS Version: Windows 6.0.6002 Service Pack 2 09:06:33.581 Number of processors: 2 586 0xF0D 09:06:33.582 ComputerName: KIMLANGVAD-PC UserName: Kim Langvad 09:08:43.200 Initialize success 09:09:12.097 AVAST engine defs: 12061401 09:11:04.158 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 09:11:04.162 Disk 0 Vendor: WDC_WD5000AAKS-75YGA0 12.01C02 Size: 476940MB BusType: 3 09:11:04.224 Disk 0 MBR read successfully 09:11:04.228 Disk 0 MBR scan 09:11:04.235 Disk 0 Windows VISTA default MBR code 09:11:04.275 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 62 MB offset 63 09:11:04.317 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 10240 MB offset 129024 09:11:04.402 Disk 0 Partition 3 80 (A) 07 HPFS/NTFS NTFS 466636 MB offset 21100544 09:11:04.425 Disk 0 scanning sectors +976771072 09:11:04.603 Disk 0 scanning C:\Windows\system32\drivers 09:11:40.253 Service scanning 09:12:12.743 Modules scanning 09:12:31.709 Disk 0 trace - called modules: 09:12:32.082 ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll ataport.SYS pciide.sys PCIIDEX.SYS atapi.sys dxgkrnl.sys atikmdag.sys tcpip.sys NETIO.SYS 09:12:32.089 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x85c929a0] 09:12:32.096 3 CLASSPNP.SYS[8abb08b3] -> nt!IofCallDriver -> [0x85183918] 09:12:32.104 5 acpi.sys[8069b6bc] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x85aea820] 09:12:34.419 AVAST engine scan C:\Windows 09:12:48.984 AVAST engine scan C:\Windows\system32 09:23:56.379 AVAST engine scan C:\Windows\system32\drivers 09:25:11.376 AVAST engine scan C:\Users\Kim Langvad 09:26:37.624 Disk 0 MBR has been saved successfully to “C:\Users\Kim Langvad\Desktop\MBR.dat” 09:26:37.634 The log file has been saved successfully to “C:\Users\Kim Langvad\Desktop\aswMBR-150612.txt”
[ Ignorer ] [ # 14 ] f-arn TeamSpywarefri
15.06.2012 11:07:00 Administrator Team Spywarefri Antal indlæg: 7044	Højreklik på skrivebordet og vælg ny->tekstdokument og kopier det fremhævede ind og gem filen som CFScript Killall:: Folder:: c:\users\Kim Langvad\AppData\Roaming\Giaf ClearJavaCache:: Da Combofix kan konflikte med dine sikkerhedsprogrammer er det vigtigt at du deaktiverer dem. <- Vigtigt Tag så fat i den nye fil med musen, og før den hen over ComboFix-filen, hvorefter du “giver slip” med musen. http://www.fromsej.saknet.dk/billeder/swfcombo.gif Så skulle ComboFix gerne give sig til at arbejde. Muligvis vil den kræve en genstart, hvilket du skal tillade. Du bør ikke klikke på vinduet imens værktøjet kører, idet det kan få din computer til at fryse. Når Combofix er færdig, og efter det (muligvis) har genstartet, skulle der gerne åbnes en logfil combofix.txt som ligger her C:\Combofix.txt Indholdet af denne fil må du gerne lægge herind. Signatur Undlad venligst at vedhæfte logs, medmindre du bliver bedt om det !
[ Ignorer ] [ # 15 ] abba54
15.06.2012 11:38:51 Antal indlæg: 72	Her er loggen fra ComboFix: ComboFix 12-06-14.01 - Kim Langvad 15-06-2012 11:18:48.3.2 - x86 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.45.1030.18.3069.1653 [GMT 2:00] Kører fra: C:\Users\Kim Langvad\Desktop\ComboFix.exe Kommandoer benyttet :: C:\Users\Kim Langvad\Desktop\CFScript.txt AV: Microsoft Security Essentials Disabled/Updated {9765EA51-0D3C-7DFB-6091-10E4E1F341F6} SP: Microsoft Security Essentials Disabled/Updated {2C040BB5-2B06-7275-5A21-2B969A740B4B} SP: Windows Defender Disabled/Outdated {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ((((((((((((((((((((((((((((( Filer skabt fra 2012-05-15 til 2012-06-15 ))))))))))))))))))))))))))))))))))) 2012-06-15 09:31:26 . 2012-06-15 09:31:31 ———— d——-w- C:\Users\Kim Langvad\AppData\Local\temp 2012-06-15 09:31:26 . 2012-06-15 09:31:26 ———— d——-w- C:\Users\IUSR_NMPR\AppData\Local\temp 2012-06-15 09:31:26 . 2012-06-15 09:31:26 ———— d——-w- C:\Users\Default\AppData\Local\temp 2012-06-15 08:14:57 . 2012-06-15 08:14:57 56200 ——a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{678D1AB7-580D-4C8F-B72C-EB960F749844}\offreg.dll 2012-06-15 08:14:56 . 2012-06-15 08:15:03 29904 ——a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{678D1AB7-580D-4C8F-B72C-EB960F749844}\MpKsl181469a8.sys 2012-06-15 08:06:02 . 2012-05-08 16:40:12 6737808 ——a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{678D1AB7-580D-4C8F-B72C-EB960F749844}\mpengine.dll 2012-06-15 07:44:23 . 2012-05-08 16:40:12 6737808 ——a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2012-06-13 18:38:35 . 2012-04-04 13:56:40 22344 ——a-w- C:\Windows\system32\drivers\mbam.sys 2012-06-13 08:12:21 . 2012-02-12 08:38:07 713784 ———w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{879C71F6-52BA-4DDA-A7CB-6E4904B9E070}\gapaengine.dll 2012-06-12 05:55:42 . 2012-06-12 05:55:44 ———— d——-w- C:\Program Files\Dropbox 2012-06-06 09:07:24 . 2012-06-06 09:07:24 202 ——a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\LocalCopy\{D202A0C7-96DB-C778-9E19-7592147F760D}-tmp27fd6f3f.bat 2012-06-06 09:06:43 . 2012-06-06 09:07:14 ———— d——-w- C:\Users\Kim Langvad\AppData\Roaming\Giaf 2012-06-06 08:57:20 . 2012-06-13 19:11:45 ———— d——-w- C:\ProgramData\F4D55F3E03F47A720AA426E8570F1C8B 2012-05-31 08:27:56 . 2012-05-31 08:27:56 396560 ——a-w- C:\ProgramData\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll 2012-05-30 06:26:04 . 2012-05-30 06:26:04 ———— d——-w- C:\Users\Kim Langvad\AppData\Roaming\Nero 2012-05-30 06:11:01 . 2012-05-30 06:16:42 ———— d——-w- C:\Program Files\Common Files\Nero 2012-05-30 06:10:17 . 2012-05-30 06:24:48 ———— d——-w- C:\ProgramData\Nero 2012-05-29 21:42:43 . 2011-12-01 09:40:16 12464 ——a-w- C:\Windows\system32\drivers\NBVolUp.sys 2012-05-29 21:39:43 . 2011-12-01 09:40:16 56496 ——a-w- C:\Windows\system32\drivers\NBVol.sys 2012-05-29 21:39:41 . 2012-05-30 06:23:14 ———— d——-w- C:\Program Files\Nero 2012-05-29 21:39:05 . 2010-05-26 09:41:02 248672 ——a-w- C:\Windows\system32\d3dx11_43.dll 2012-05-29 21:38:15 . 2009-09-04 15:29:32 1974616 ——a-w- C:\Windows\system32\D3DCompiler_42.dll 2012-05-29 21:37:12 . 2010-05-26 09:41:02 470880 ——a-w- C:\Windows\system32\d3dx10_43.dll 2012-05-29 21:36:11 . 2009-09-04 15:29:30 1892184 ——a-w- C:\Windows\system32\D3DX9_42.dll 2012-05-29 21:35:25 . 2010-05-26 09:41:02 1998168 ——a-w- C:\Windows\system32\D3DX9_43.dll 2012-05-29 21:34:37 . 2008-10-15 04:22:52 4379984 ——a-w- C:\Windows\system32\D3DX9_40.dll 2012-05-29 21:33:49 . 2010-05-26 09:41:02 1868128 ——a-w- C:\Windows\system32\d3dcsx_43.dll 2012-05-29 21:33:04 . 2007-07-19 16:14:42 3727720 ——a-w- C:\Windows\system32\d3dx9_35.dll 2012-05-29 21:32:20 . 2010-05-26 09:41:02 2106216 ——a-w- C:\Windows\system32\D3DCompiler_43.dll 2012-05-29 21:31:30 . 2007-05-16 14:45:16 3497832 ——a-w- C:\Windows\system32\d3dx9_34.dll 2012-05-20 08:27:04 . 2012-05-20 08:27:03 159744 ——a-w- C:\Program Files\Internet Explorer\plugins\npqtplugin7.dll 2012-05-20 08:27:04 . 2012-05-20 08:27:03 159744 ——a-w- C:\Program Files\Internet Explorer\plugins\npqtplugin6.dll 2012-05-20 08:27:04 . 2012-05-20 08:27:03 159744 ——a-w- C:\Program Files\Internet Explorer\plugins\npqtplugin5.dll 2012-05-20 08:27:04 . 2012-05-20 08:27:03 159744 ——a-w- C:\Program Files\Internet Explorer\plugins\npqtplugin4.dll 2012-05-20 08:27:04 . 2012-05-20 08:27:03 159744 ——a-w- C:\Program Files\Internet Explorer\plugins\npqtplugin3.dll 2012-05-20 08:27:04 . 2012-05-20 08:27:03 159744 ——a-w- C:\Program Files\Internet Explorer\plugins\npqtplugin2.dll 2012-05-20 08:27:04 . 2012-05-20 08:27:02 159744 ——a-w- C:\Program Files\Internet Explorer\plugins\npqtplugin.dll 2012-05-20 08:26:33 . 2012-05-20 08:27:02 ———— d——-w- C:\Program Files\QuickTime . (((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) 2012-06-12 05:54:16 . 2012-04-02 07:42:38 426184 ——a-w- C:\Windows\system32\FlashPlayerApp.exe 2012-06-12 05:54:16 . 2011-05-14 09:25:00 70344 ——a-w- C:\Windows\system32\FlashPlayerCPLApp.cpl 2012-04-18 18:56:30 . 2012-04-18 18:56:30 94208 ——a-w- C:\Windows\system32\QuickTimeVR.qtx 2012-04-18 18:56:30 . 2012-04-18 18:56:30 69632 ——a-w- C:\Windows\system32\QuickTime.qts 2012-04-03 08:16:12 . 2012-05-10 05:36:49 3602816 ——a-w- C:\Windows\system32\ntkrnlpa.exe 2012-04-03 08:16:11 . 2012-05-10 05:36:50 3550080 ——a-w- C:\Windows\system32\ntoskrnl.exe 2012-03-30 12:39:11 . 2012-05-10 05:37:05 914304 ——a-w- C:\Windows\system32\drivers\tcpip.sys 2012-03-29 13:39:19 . 2012-05-10 05:37:04 31232 ——a-w- C:\Windows\system32\drivers\tcpipreg.sys 2012-03-20 23:28:50 . 2012-05-10 05:37:06 53120 ——a-w- C:\Windows\system32\drivers\partmgr.sys 2012-03-20 18:44:12 . 2010-10-24 20:25:38 74112 ——a-w- C:\Windows\system32\drivers\NisDrvWFP.sys 2012-03-20 18:44:12 . 2010-10-24 20:25:38 171064 ——a-w- C:\Windows\system32\drivers\MpFilter.sys ((((((((((((((((((((((((((((((((((( Start steder i reg.basen )))))))))))))))))))))))))))))))))))))))))))))))) Bemærk tomme linier & lovlige standard linier vises ikke REGEDIT4 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] @=”{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}” [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2010-10-06 23:36:00 94208 ——a-w- C:\Users\Kim Langvad\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] @=”{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}” [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2010-10-06 23:36:00 94208 ——a-w- C:\Users\Kim Langvad\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] @=”{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}” [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2010-10-06 23:36:00 94208 ——a-w- C:\Users\Kim Langvad\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] “swg”=“C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe” [2008-02-12 10:05:45 68856] “ehTray.exe”=“C:\Windows\ehome\ehTray.exe” [2008-01-19 07:33:09 125952] “TViXNetShare”=“C:\Program Files\DVICO\TViXNetShare\TViXNetShare.exe” [2010-01-12 10:34:20 901120] “cfweatherStation”=“C:\Weather\Weather.exe” [2009-08-17 14:48:34 1189376] “MobileDocuments”=“C:\Program Files\Common Files\Apple\Internet Services\ubd.exe” [2012-02-23 11:30:40 59240] “Octoshape Streaming Services”=“C:\Users\Kim Langvad\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe” [2011-03-24 15:11:18 107800] “WMPNSCFG”=“C:\Program Files\Windows Media Player\WMPNSCFG.exe” [2008-01-19 07:33:39 202240] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] “RtHDVCpl”=“RtHDVCpl.exe” [2007-05-11 13:26:44 4452352] “AppleSyncNotifier”=“C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe” [2011-10-05 23:52:06 59240] “HP Software Update”=“C:\Program Files\HP\HP Software Update\HPWuSchd2.exe” [2007-03-11 19:34:40 49152] “StartCCC”=“C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe” [2006-11-10 12:35:24 90112] “NMSSupport”=“C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe” [2007-06-27 10:14:40 439512] “Net-It Launcher”=“C:\Windows\system32\NILaunch.exe” [1998-02-05 18:16:18 24576] “MaxtorOneTouch”=“C:\PROGRA~1\Maxtor\OneTouch\Utils\OneTouch.exe” [2003-05-21 14:30:52 45056] “ISUSScheduler”=“C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe” [2006-10-03 11:37:04 81920] “Google Desktop Search”=“C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe” [2008-02-12 10:05:48 1838592] “ECenter”=“C:\Dell\E-Center\EULALauncher.exe” [2007-05-25 06:03:00 17920] “CCUTRAYICON”=“C:\Program Files\Intel\IntelDH\CCU\CCU_TrayIcon.exe” [2007-06-27 10:18:40 215256] “Bluetooth HCI Monitor”=“HCIMNTR.DLL” [2006-12-07 23:50:22 9728] “CarboniteSetupLite”=“C:\Program Files\Carbonite\CarbonitePreinstaller.exe” [2009-08-04 08:49:00 318096] “MaxMenuMgr”=“C:\Program Files\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe” [2009-09-25 21:31:32 185640] “APSDaemon”=“C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe” [2012-02-20 20:28:32 59240] “Adobe ARM”=“C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe” [2012-01-03 07:37:53 843712] “iTunesHelper”=“C:\Program Files\iTunes\iTunesHelper.exe” [2012-03-27 03:09:24 421736] “MSC”=“c:\Program Files\Microsoft Security Client\msseces.exe” [2012-03-26 15:08:12 931200] “QuickTime Task”=“C:\Program Files\QuickTime\QTTask.exe” [2012-04-18 18:56:22 421888] “NBAgent”=“C:\Program Files\Nero\Nero 11\Nero BackItUp\NBAgent.exe” [2012-01-13 14:22:10 1493288] C:\Users\Kim Langvad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Dropbox.lnk - C:\Users\Kim Langvad\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-5-24 27112840] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2008-3-10 110592] BTTray.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe [2007-2-13 715568] WDDMStatus.lnk - C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe [2009-11-13 2057536] WDSmartWare.lnk - C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe [2009-11-13 9117504] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] “EnableUIADesktopToggle”= 0 (0x0) “EnableLinkedConnections”= 1 (0x1) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] “AppInit_DLLs”=C:\PROGRA~1\Google\GOOGLE~2\GoogleDesktopNetwork3.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] @=”“ [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] @=“Service” [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] 2008-02-12 09:46:19 77824 ——a-w- c:\Program Files\Java\jre1.6.0\bin\jusched.exe R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-12 05:54:17 257224] S2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 13:10:42 63928] —- Andre Services/Drivers i Hukommelsen—- NewlyCreated - MPKSL181469A8 [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] bthsvcs REG_MULTI_SZ BthServ LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache hpdevmgmt REG_MULTI_SZ hpqcxs08 [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{B2C3BB6B-E005-4246-B8E5-DF0A4D073CDC}] 2008-06-18 13:04:24 8192 ——a-w- C:\Program Files\PixiePack Codec Pack\InstallerHelper.exe Indhold af mappen ‘Planlagte Opgaver’ 2012-06-15 C:\Windows\Tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-02 07:42:38 . 2012-06-12 05:54:17] 2012-06-15 C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe [2011-10-11 07:45:06 . 2011-10-11 07:44:48] 2012-06-15 C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe [2011-10-11 07:45:06 . 2011-10-11 07:44:48] ———- Yderligere scanning———- uStart Page = https://www.google.dk/ uInternet Settings,ProxyOverride = *.local IE: E&ksporter; til Microsoft Excel - C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 IE: Send billede til &Bluetooth;-enhed… - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm IE: Send siden til &Bluetooth;-enhed… - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm Trusted Zone: cimber.com\www Trusted Zone: danid.dk Trusted Zone: tdc.dk\kundeservice Trusted Zone: tdc.dk\udstedelse.certifikat Trusted Zone: danid.dk TCP: DhcpNameServer = 192.168.1.1 DPF: {D216644A-C6DB-49D9-BBCF-D38FE7991BF2} - hxxps://udstedelse.certifikat.tdc.dk/csp/authenticode/tdccsp-0506.exe

1 af 4

Næste

Sidst »