Spywarefri Forum | kan ikke fuldføre rensningsproces

1 af 4

kan ikke fuldføre rensningsproces

[ Ignorer ] firas123
06.07.2012 13:23:23 Antal indlæg: 44	Jeg har forsøgt at sende en log fra Eset scanningen, men fik en fejlmeddelelse fra jer, at i ikke kunne modtage mit indlæg. Her er teksten, som jeg forsøgte at sende: “Jeg har forsøgt at følge vedledningen, og jeg er nået til at downloade programmet “Malwarebytes”, men jeg kan ikke få lov til at åbne programmet, så jeg kan ikke rigtig komme videre. Min pc opfører sig mærkeligt - den “fryser” efter et par minutter, så jeg ikke kan åbne noget som helst. Jeg vedhæfter loggen fra Eset scanningen - hvad gør jeg?” Nu prøver jeg at sende dette indlæg uden at vedlægge loggen.
[ Ignorer ] [ # 1 ] firas123
06.07.2012 13:24:59 Antal indlæg: 44	Det lykkedes - så prøver jeg at tilføje loggen.
[ Ignorer ] [ # 2 ] firas123
06.07.2012 13:26:34 Antal indlæg: 44	jeg prøver at vedhæfte loggen. Vedhæftede filer log.txt (Filstørrelse: 4 - Downloads: 61)
[ Ignorer ] [ # 3 ] Peder TeamSpywarefri
06.07.2012 13:27:10 Redaktør Team Spywarefri Antal indlæg: 13950	Du har en alvorligt infektion, hvilken Windows version kører du med? Signatur I did it my way. Jeg håber du klarer den Kessler.
[ Ignorer ] [ # 4 ] firas123
06.07.2012 13:29:45 Antal indlæg: 44	Deter XP.
[ Ignorer ] [ # 5 ] Peder TeamSpywarefri
06.07.2012 14:12:33 Redaktør Team Spywarefri Antal indlæg: 13950	Du skal helst downloade fra en anden PC. ——— Til 32 bit Windows, hent Farbar Recovery Scan Tool gem den på en USB nøgle. Monter nøglen i den søge PC. Genstart din PC, tast F8 før den indlæser Windows, der vælger du dette > Start op i ”Fejlsikret tilstand med kommandoprompt” Skift nu til drev bogstav for din USB nøgle og skriv så FRST.exe Når Farbar Recovery Scan Tool er startet, klikker du på Scan. Den laver FRST.txt på USB nøglen. Kopier den herind i dit næste indlæg. Signatur I did it my way. Jeg håber du klarer den Kessler.
[ Ignorer ] [ # 6 ] firas123
06.07.2012 15:42:30 Antal indlæg: 44	Her er loggen: Scan result of Farbar Recovery Scan Tool (FRST written by Farbar) Version: 06-07-2012 01 Ran by fr at 06-07-2012 15:34:05 Running from F:\ Service Pack 3 (X86) OS Language: Danish Attention: Could not load system hive. Error: Processen kan ikke få adgang til filen, da den bruges af en anden proces. ATTENTION:=====> THE TOOL IS NOT RUN FROM RECOVERY ENVIRONMENT AND WILL NOT FUNTION PROPERLY. ============ One Month Created Files and Folders ============== 2012-07-06 15:33 - 2012-07-06 15:34 - 00000000 ___DC C:\FRST 2012-07-06 15:26 - 2012-07-06 15:29 - 00000664 ___AC C:\Windows\System32\d3d9caps.dat 2012-07-06 15:05 - 2012-07-06 15:05 - 00000116 ___AC C:\Windows\setupact.log 2012-07-06 15:05 - 2012-07-06 15:05 - 00000000 ___AC C:\Windows\setuperr.log 2012-07-06 12:23 - 2012-07-06 12:23 - 00000054 ___AC C:\KRAKKMDD.INI 2012-07-06 12:23 - 2012-07-06 12:23 - 00000000 ___AC C:\GemVis0.des 2012-07-06 11:15 - 2012-07-06 11:15 - 00000000 ___DC C:\Documents and Settings\All Users\Application Data\Malwarebytes 2012-07-06 11:15 - 2010-04-29 15:39 - 00038224 ___AC (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbamswissarmy.sys 2012-07-06 11:15 - 2010-04-29 15:39 - 00020952 ___AC (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys 2012-07-05 14:53 - 2012-07-06 15:05 - 00017251 ___AC C:\Windows\setupapi.log 2012-06-23 10:08 - 2012-06-23 10:08 - 00001557 ___AC C:\Windows\System32\uninstal.log 2012-06-23 10:08 - 1999-12-17 10:13 - 00086016 ___AC (MindVision Software) C:\Windows\unvise32.exe 2012-06-14 03:45 - 2012-06-14 03:45 - 00000000 __HDC C:\Windows\$NtUninstallKB2707511$ 2012-06-14 03:12 - 2012-06-14 03:12 - 00000000 __HDC C:\Windows\$NtUninstallKB2685939$ 2012-06-14 03:02 - 2012-06-14 03:03 - 00000000 __HDC C:\Windows\$NtUninstallKB2709162$ 2012-06-13 17:08 - 2012-05-11 16:44 - 00521728 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\jsdbgui.dll 2012-06-08 20:56 - 2012-07-06 00:05 - 00000830 ___AC C:\Windows\Tasks\Adobe Flash Player Updater.job 2012-06-08 20:56 - 2012-06-23 21:59 - 00426184 ___AC (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe ============ 3 Months Modified Files ======================== 2012-07-06 15:32 - 2004-08-27 14:00 - 00013646 ___AC C:\Windows\System32\wpa.dbl 2012-07-06 15:30 - 2009-08-18 11:26 - 00524288 ____A C:\Windows\System32\config\ACS.evt 2012-07-06 15:30 - 2009-08-17 14:50 - 00000304 __SHC C:\Documents and Settings\fr\ntuser.ini 2012-07-06 15:30 - 2006-05-15 13:59 - 04521984 ____A C:\Windows\System32\config\Antivirus.Evt 2012-07-06 15:30 - 2006-05-15 12:30 - 01287867 ___AC C:\Windows\WindowsUpdate.log 2012-07-06 15:29 - 2012-07-06 15:26 - 00000664 ___AC C:\Windows\System32\d3d9caps.dat 2012-07-06 15:12 - 2009-08-05 13:31 - 00000430 __AHC C:\Windows\Tasks\User_Feed_Synchronization-{8AF37B35-2428-4366-8068-8CAF0B15EB8C}.job 2012-07-06 15:12 - 2006-05-15 14:11 - 00000159 ___AC C:\Windows\wiadebug.log 2012-07-06 15:12 - 2006-05-15 14:11 - 00000050 ___AC C:\Windows\wiaservc.log 2012-07-06 15:11 - 2011-05-24 21:17 - 00000902 ___AC C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2012-07-06 15:11 - 2009-08-05 17:59 - 00000438 ___AC C:\Windows\Tasks\SLOW-PCfighter.job 2012-07-06 15:10 - 2009-08-18 08:27 - 00000408 __AHC C:\Windows\Tasks\User_Feed_Synchronization-{CA74B880-AC89-4778-9C97-CEFBD954BAA2}.job 2012-07-06 15:10 - 2006-05-15 12:35 - 00000006 __AHC C:\Windows\Tasks\SA.DAT 2012-07-06 15:05 - 2012-07-06 15:05 - 00000116 ___AC C:\Windows\setupact.log 2012-07-06 15:05 - 2012-07-06 15:05 - 00000000 ___AC C:\Windows\setuperr.log 2012-07-06 15:05 - 2012-07-05 14:53 - 00017251 ___AC C:\Windows\setupapi.log 2012-07-06 12:26 - 2006-05-15 12:35 - 00032510 ____A C:\Windows\SchedLgU.Txt 2012-07-06 12:23 - 2012-07-06 12:23 - 00000054 ___AC C:\KRAKKMDD.INI 2012-07-06 12:23 - 2012-07-06 12:23 - 00000000 ___AC C:\GemVis0.des 2012-07-06 00:05 - 2012-06-08 20:56 - 00000830 ___AC C:\Windows\Tasks\Adobe Flash Player Updater.job 2012-07-05 22:30 - 2009-04-27 10:06 - 00000970 ___AC C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1614895754-1229272821-725345543-1003.job 2012-07-05 20:50 - 2011-05-24 21:17 - 00000906 ___AC C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2012-07-05 15:01 - 2012-04-29 14:40 - 00000252 ___AC C:\Windows\Tasks\RegClean Pro_DEFAULT.job 2012-07-05 14:53 - 2011-06-11 12:42 - 00012984 ___AC C:\Windows\System32\Drivers\SWDUMon.sys 2012-07-04 17:14 - 2006-05-15 12:31 - 00002709 ___AC C:\Windows\System32\CONFIG.NT 2012-07-04 15:03 - 2012-04-29 14:40 - 00000260 ___AC C:\Windows\Tasks\RegClean Pro_UPDATES.job 2012-07-04 13:20 - 2011-05-28 11:07 - 00921935 ___AC C:\Documents and Settings\fr\danid.log 2012-07-04 03:00 - 2011-06-11 13:28 - 00000422 ___AC C:\Windows\Tasks\SlimDrivers Scan.job 2012-07-04 01:57 - 2006-12-13 12:14 - 00000324 __AHC C:\Windows\Tasks\MP Scheduled Scan.job 2012-06-26 08:07 - 2007-06-22 10:21 - 00000278 ___AC C:\Windows\Tasks\AppleSoftwareUpdate.job 2012-06-23 21:59 - 2012-06-08 20:56 - 00426184 ___AC (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe 2012-06-23 21:59 - 2011-05-28 11:10 - 00070344 ___AC (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl 2012-06-23 10:08 - 2012-06-23 10:08 - 00001557 ___AC C:\Windows\System32\uninstal.log 2012-06-14 22:51 - 2004-08-27 14:00 - 00001456 ___AC C:\Windows\win.ini 2012-06-14 04:04 - 2006-05-15 14:08 - 03613136 ___AC C:\Windows\System32\FNTCACHE.DAT 2012-06-14 03:44 - 2006-05-15 14:09 - 01185828 ___AC C:\Windows\System32\PerfStringBackup.INI 2012-06-14 03:23 - 2006-05-15 13:39 - 56731752 ___AC (Microsoft Corporation) C:\Windows\System32\MRT.exe 2012-06-02 15:19 - 2009-05-04 08:59 - 00017648 ___AC (Microsoft Corporation) C:\Windows\System32\mucltui.dll.mui 2012-06-02 15:19 - 2007-06-22 10:15 - 00023064 ___AC (Microsoft Corporation) C:\Windows\System32\wucltui.dll.mui 2012-06-02 15:19 - 2007-06-22 10:15 - 00018456 ___AC (Microsoft Corporation) C:\Windows\System32\wuaueng.dll.mui 2012-06-02 15:19 - 2007-06-22 10:15 - 00015896 ___AC (Microsoft Corporation) C:\Windows\System32\wuapi.dll.mui 2012-06-02 15:19 - 2007-06-22 10:15 - 00015384 ___AC (Microsoft Corporation) C:\Windows\System32\wuaucpl.cpl.mui 2012-06-02 15:19 - 2006-05-15 13:06 - 00045080 ___AC (Microsoft Corporation) C:\Windows\System32\wups2.dll 2012-06-02 15:19 - 2006-05-15 12:29 - 01933848 ___AC (Microsoft Corporation) C:\Windows\System32\wuaueng.dll 2012-06-02 15:19 - 2006-05-15 12:29 - 01933848 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\wuaueng.dll 2012-06-02 15:19 - 2006-05-15 12:29 - 00577048 ___AC (Microsoft Corporation) C:\Windows\System32\wuapi.dll 2012-06-02 15:19 - 2006-05-15 12:29 - 00577048 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\wuapi.dll 2012-06-02 15:19 - 2006-05-15 12:29 - 00329240 ___AC (Microsoft Corporation) C:\Windows\System32\wucltui.dll 2012-06-02 15:19 - 2006-05-15 12:29 - 00329240 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\wucltui.dll 2012-06-02 15:19 - 2006-05-15 12:29 - 00219160 ___AC (Microsoft Corporation) C:\Windows\System32\wuaucpl.cpl 2012-06-02 15:19 - 2006-05-15 12:29 - 00219160 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\wuaucpl.cpl 2012-06-02 15:19 - 2006-05-15 12:29 - 00210968 ___AC (Microsoft Corporation) C:\Windows\System32\wuweb.dll 2012-06-02 15:19 - 2006-05-15 12:29 - 00210968 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\wuweb.dll 2012-06-02 15:19 - 2006-05-15 12:29 - 00053784 ___AC (Microsoft Corporation) C:\Windows\System32\wuauclt.exe 2012-06-02 15:19 - 2006-05-15 12:29 - 00053784 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\wuauclt.exe 2012-06-02 15:19 - 2006-05-15 12:29 - 00035864 ___AC (Microsoft Corporation) C:\Windows\System32\wups.dll 2012-06-02 15:19 - 2006-05-15 12:29 - 00035864 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\wups.dll 2012-06-02 15:19 - 2004-08-27 14:00 - 00097304 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\cdm.dll 2012-06-02 15:19 - 2004-08-27 14:00 - 00097304 ___AC (Microsoft Corporation) C:\Windows\System32\cdm.dll 2012-06-02 15:18 - 2009-05-04 08:59 - 00275696 ___AC (Microsoft Corporation) C:\Windows\System32\mucltui.dll 2012-06-02 15:18 - 2008-10-16 14:07 - 00214256 ___AC (Microsoft Corporation) C:\Windows\System32\muweb.dll 2012-05-31 20:49 - 2011-05-28 11:07 - 01057770 ___AC C:\Documents and Settings\fr\danid.log.1 2012-05-31 15:22 - 2011-09-03 12:17 - 00602112 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\crypt32.dll 2012-05-31 15:22 - 2004-08-27 14:00 - 00602112 ___AC (Microsoft Corporation) C:\Windows\System32\crypt32.dll 2012-05-16 17:09 - 2009-04-27 13:30 - 00916992 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\wininet.dll 2012-05-16 17:09 - 2004-08-27 14:00 - 00916992 ___AC (Microsoft Corporation) C:\Windows\System32\wininet.dll 2012-05-15 15:55 - 2009-04-27 13:30 - 01863168 ___AC (Microsoft Corporation) C:\Windows\System32\win32k.sys 2012-05-15 15:55 - 2008-10-23 10:11 - 01863168 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\win32k.sys 2012-05-11 20:14 - 2009-04-30 10:31 - 11111424 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\ieframe.dll 2012-05-11 20:14 - 2007-08-13 18:54 - 11111424 ___AC (Microsoft Corporation) C:\Windows\System32\ieframe.dll 2012-05-11 16:44 - 2012-06-13 17:08 - 00521728 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\jsdbgui.dll 2012-05-11 16:44 - 2010-06-15 14:57 - 00743424 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\iedvtool.dll 2012-05-11 16:44 - 2009-08-04 17:52 - 00247808 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\ieproxy.dll 2012-05-11 16:44 - 2009-08-04 17:52 - 00012800 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\xpshims.dll 2012-05-11 16:44 - 2009-04-30 10:31 - 02000384 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\iertutil.dll 2012-05-11 16:44 - 2009-04-30 10:31 - 00629760 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\msfeeds.dll 2012-05-11 16:44 - 2009-04-30 10:31 - 00055296 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\msfeedsbs.dll 2012-05-11 16:44 - 2009-04-27 13:31 - 06007808 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\mshtml.dll 2012-05-11 16:44 - 2009-04-27 13:31 - 00184320 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\iepeers.dll 2012-05-11 16:44 - 2009-04-27 13:30 - 01212416 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\urlmon.dll 2012-05-11 16:44 - 2009-04-27 13:30 - 00105984 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\url.dll 2012-05-11 16:44 - 2007-08-13 18:54 - 00629760 ___AC (Microsoft Corporation) C:\Windows\System32\msfeeds.dll 2012-05-11 16:44 - 2007-08-13 18:54 - 00055296 ___AC (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll 2012-05-11 16:44 - 2007-08-13 18:34 - 02000384 ___AC (Microsoft Corporation) C:\Windows\System32\iertutil.dll 2012-05-11 16:44 - 2004-08-27 14:00 - 06007808 ___AC (Microsoft Corporation) C:\Windows\System32\mshtml.dll 2012-05-11 16:44 - 2004-08-27 14:00 - 01469440 ___AC (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl 2012-05-11 16:44 - 2004-08-27 14:00 - 01469440 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\inetcpl.cpl 2012-05-11 16:44 - 2004-08-27 14:00 - 01212416 ___AC (Microsoft Corporation) C:\Windows\System32\urlmon.dll 2012-05-11 16:44 - 2004-08-27 14:00 - 00611840 ___AC (Microsoft Corporation) C:\Windows\System32\mstime.dll 2012-05-11 16:44 - 2004-08-27 14:00 - 00611840 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\mstime.dll 2012-05-11 16:44 - 2004-08-27 14:00 - 00387584 ___AC (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll 2012-05-11 16:44 - 2004-08-27 14:00 - 00387584 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\iedkcs32.dll 2012-05-11 16:44 - 2004-08-27 14:00 - 00206848 ___AC (Microsoft Corporation) C:\Windows\System32\occache.dll 2012-05-11 16:44 - 2004-08-27 14:00 - 00206848 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\occache.dll 2012-05-11 16:44 - 2004-08-27 14:00 - 00184320 ___AC (Microsoft Corporation) C:\Windows\System32\iepeers.dll 2012-05-11 16:44 - 2004-08-27 14:00 - 00105984 ___AC (Microsoft Corporation) C:\Windows\System32\url.dll 2012-05-11 16:44 - 2004-08-27 14:00 - 00067072 ___AC (Microsoft Corporation) C:\Windows\System32\mshtmled.dll 2012-05-11 16:44 - 2004-08-27 14:00 - 00067072 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\mshtmled.dll 2012-05-11 16:44 - 2004-08-27 14:00 - 00043520 ___AC (Microsoft Corporation) C:\Windows\System32\licmgr10.dll 2012-05-11 16:44 - 2004-08-27 14:00 - 00043520 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\licmgr10.dll 2012-05-11 16:44 - 2004-08-27 14:00 - 00025600 ___AC (Microsoft Corporation) C:\Windows\System32\jsproxy.dll 2012-05-11 16:44 - 2004-08-27 14:00 - 00025600 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\jsproxy.dll 2012-05-11 13:38 - 2004-08-27 14:00 - 00385024 ___AC (Microsoft Corporation) C:\Windows\System32\html.iec 2012-05-11 13:38 - 2004-08-27 14:00 - 00174080 ___AC (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe 2012-05-11 13:38 - 2004-08-27 14:00 - 00174080 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\ie4uinit.exe 2012-05-05 05:14 - 2009-04-30 11:27 - 02150912 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\ntkrnlmp.exe 2012-05-05 05:14 - 2009-04-30 11:27 - 02029056 ____C (Microsoft Corporation) C:\Windows\System32\dllcache\ntkrpamp.exe 2012-05-05 05:14 - 2009-04-27 13:30 - 02195200 ___AC (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe 2012-05-05 05:14 - 2009-04-27 13:30 - 02195200 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\ntoskrnl.exe 2012-05-05 05:14 - 2009-04-27 13:30 - 02071680 ___AC (Microsoft Corporation) C:\Windows\System32\ntkrnlpa.exe 2012-05-05 05:14 - 2009-04-27 13:30 - 02071680 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\ntkrnlpa.exe 2012-05-02 15:47 - 2009-04-27 13:30 - 00139656 ___AC (Microsoft Corporation) C:\Windows\System32\Drivers\rdpwd.sys 2012-05-02 15:47 - 2009-04-27 13:30 - 00139656 ___AC (Microsoft Corporation) C:\Windows\System32\dllcache\rdpwd.sys 2012-04-21 17:11 - 2012-04-21 10:31 - 00004848 ___AC C:\Windows\System32\Drivers\kgpcpy.cfg 2012-04-17 22:44 - 2012-04-17 22:43 - 00059392 ___RC C:\Windows\System32\streamhlp.dll 2012-04-14 16:59 - 2012-04-14 16:58 - 00736420 ___AC C:\Windows\System32\Drivers\Cat.DB 2012-04-14 14:20 - 2012-04-14 14:20 - 00000889 ___AC C:\Documents and Settings\fr\Application Data\result.db ZeroAccess: C:\Windows\Installer\{51311d5c-7fa4-2667-7c49-ef3297d0ae6e} C:\Windows\Installer\{51311d5c-7fa4-2667-7c49-ef3297d0ae6e}\@ C:\Windows\Installer\{51311d5c-7fa4-2667-7c49-ef3297d0ae6e}\L C:\Windows\Installer\{51311d5c-7fa4-2667-7c49-ef3297d0ae6e}\n C:\Windows\Installer\{51311d5c-7fa4-2667-7c49-ef3297d0ae6e}\U C:\Windows\Installer\{51311d5c-7fa4-2667-7c49-ef3297d0ae6e}\L\00000004.@ C:\Windows\Installer\{51311d5c-7fa4-2667-7c49-ef3297d0ae6e}\L\00000008.@ C:\Windows\Installer\{51311d5c-7fa4-2667-7c49-ef3297d0ae6e}\U\00000004.@ C:\Windows\Installer\{51311d5c-7fa4-2667-7c49-ef3297d0ae6e}\U\00000008.@ C:\Windows\Installer\{51311d5c-7fa4-2667-7c49-ef3297d0ae6e}\U\000000cb.@ C:\Windows\Installer\{51311d5c-7fa4-2667-7c49-ef3297d0ae6e}\U\80000000.@ C:\Windows\Installer\{51311d5c-7fa4-2667-7c49-ef3297d0ae6e}\U\80000032.@ ========================= Bamital & volsnap Check ============ C:\Windows\explorer.exe [2004-08-27 14:00] - [2008-04-14 18:05] - 1034752 ____A (Microsoft Corporation) 1d9bd1caa1e4cf63370f201df742dc7d C:\Windows\System32\winlogon.exe [2004-08-27 14:00] - [2008-04-14 18:06] - 0507904 ____A (Microsoft Corporation) e0339362391bf6ac04d1622ef8e3a61b C:\Windows\System32\svchost.exe [2004-08-27 14:00] - [2008-04-14 18:06] - 0014336 ____A (Microsoft Corporation) 555f8f4cb284fe94059dcacf6074f9ec C:\Windows\System32\services.exe [2009-04-27 13:30] - [2009-02-09 13:25] - 0110592 ____A (Microsoft Corporation) 32f091e3425759b126760f44b5e931c9 C:\Windows\System32\User32.dll [2004-08-27 14:00] - [2008-04-14 18:05] - 0578560 ____A (Microsoft Corporation) a45b00e0410e44e7177a403ecad4b12a C:\Windows\System32\userinit.exe [2009-04-27 13:30] - [2008-04-14 18:06] - 0026112 ___AC (Microsoft Corporation) 7b3770db760fbba068454eafcaa89772 C:\Windows\System32\Drivers\volsnap.sys [2009-04-27 13:30] - [2008-04-14 17:37] - 0053504 ___AC (Microsoft Corporation) 69d9e1de5f897580f8b1d1957528b0b2 ==================== Restore Points (XP) ===================== ========================= Memory info ====================== Percentage of memory in use: 15% Total physical RAM: 2039.42 MB Available physical RAM: 1729.27 MB Total Pagefile: 3935.65 MB Available Pagefile: 3838.79 MB Total Virtual: 2047.88 MB Available Virtual: 1996.71 MB ======================= Partitions ========================= 1 Drive c: () (Fixed) (Total:55.88 GB) (Free:10.74 GB) NTFS ==>[Drive with boot components (Windows XP)] 4 Drive f: (UDISK) (Removable) (Total:7.45 GB) (Free:1.43 GB) FAT32 P† computeren: KIRATIN Partition ### Type Str. Forskydning ——————- ———————————- —————- Disk 0 Online 56 GB 0 B Partitions of Disk 0: =============== P† computeren: KIRATIN Partition ### Type Str. Forskydning ——————- ———————————- —————- Partition 1 Prim‘r 56 GB 32 KB ================================================================================== Disk: 0 P† computeren: KIRATIN Tjenesterne til diskh†ndtering kunne ikke fuldf›re handlingen. ================================================================================== ======================= End Of Log ==========================
[ Ignorer ] [ # 7 ] Peder TeamSpywarefri
06.07.2012 16:24:19 Redaktør Team Spywarefri Antal indlæg: 13950	Start Notesblok, kopier det fremhævede ind, og gem filen som fixlist.txt på USB nøglen. C:\Windows\Installer\{51311d5c-7fa4-2667-7c49-ef3297d0ae6e} Genstart din PC, tast F8 før den indlæser Windows, der vælger du dette > Start op i ”Fejlsikret tilstand med kommandoprompt” Skift nu til drev bogstav for din USB nøgle og skriv så FRST.exe Når Farbar Recovery Scan Tool er startet, klikker du på FIX (og venter til den er færdig) Den laver Fixlog.txt på USB nøglen. Kopier Fixlog.txt ind i dit næste indlæg. >> Forsøg derefter dette > Hent combofix og gem den på skrivebordet. Her Vigtigt-> Deaktiver dit antivirus/antispyware program. Da det/de kan ”forstyrre” og konflikte med combofix, eller fjerne vigtige combofix filer, hvilket kan få computeren til fryse. Kør så combofix.exe, og følg anvisningerne. Mht.: Vista og Windows 7 - Højreklik på filen - Kør som Administrator. Du bør ikke klikke på vinduet imens værktøjet kører, idet det kan få din computer til at fryse. Når combofix er færdig, og efter det (muligvis) har genstartet, skulle der gerne åbnes en logfil: combofix.txt Indholdet af denne fil må du gerne lægge herind. Den kan også findes her - > C:\ combofix txt Signatur I did it my way. Jeg håber du klarer den Kessler.
[ Ignorer ] [ # 8 ] firas123
06.07.2012 17:38:53 Antal indlæg: 44	Jeg ved ikke om jeg har gjort noget forkert, men nu har jeg 3 gange prøvet at genstarte og trykke F8 og derefter vælge “fejlsikret tilstand med kommandopromt”, men nu vil den ikke acceptere mit kodeord? hvad gør jeg forkert?
[ Ignorer ] [ # 9 ] Peder TeamSpywarefri
06.07.2012 18:39:41 Redaktør Team Spywarefri Antal indlæg: 13950	Det var mærkelig. Kan du starte op i “Fejlsikret tilstand” ? Signatur I did it my way. Jeg håber du klarer den Kessler.
[ Ignorer ] [ # 10 ] firas123
06.07.2012 21:21:40 Antal indlæg: 44	Det er mystisk - hvis jeg starter op i fejlsikret tilstand eller i fejlsikret tilstand med kommandopromt vil den ikke acceptere koden, men hvis jeg vælger fejlsikret tilstand med netværk er der ingen problemer. Hvordan kommer jeg videre?
[ Ignorer ] [ # 11 ] firas123
07.07.2012 06:58:15 Antal indlæg: 44	Så lykkedes det endelig - her fixloggen: Fix result of Farbar Recovery Tool (FRST written by Farbar) Version: 06-07-2012 01 Ran by fr at 2012-07-07 03:32:18 Run:1 Running from F:\ ATTENTION: THE TOOL IS NOT RUN FROM RECOVERY ENVIRONMENT AND WILL NOT FUNCTION PROPERLY. ============================================== C:\Windows\Installer\{51311d5c-7fa4-2667-7c49-ef3297d0ae6e} moved successfully. ==== End of Fixlog ==== Her er loggen fra combofix: ComboFix 12-07-06.02 - fr 07-07-2012 6:11.1.1 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.45.1030.18.2039.1234 [GMT 2:00] Kører fra: c:\documents and settings\fr\Skrivebord\combo\ComboFix.exe AV: avast! antivirus 4.8.1368 [VPS 120705-0] Disabled/Updated {7591DB91-41F0-48A3-B128-1A293FD8233D} . advarsel -DENNE MASKINE HAR IKKE GENOPRETTELSESKONSOL INSTALLERET !! . . ((((((((((((((((((((((((((((((((((((((( Andet, der er slettet ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\documents and settings\Administrator\WINDOWS c:\documents and settings\All Users\Application Data\TEMP c:\documents and settings\fr\Application Data\PriceGong c:\documents and settings\fr\Application Data\PriceGong\Data\mru.xml c:\documents and settings\fr\Dokumenter\$AP121.tmp c:\documents and settings\fr\IE c:\documents and settings\fr\Lokale indstillinger\Application Data\{51311d5c-7fa4-2667-7c49-ef3297d0ae6e} c:\documents and settings\fr\Lokale indstillinger\Application Data\{51311d5c-7fa4-2667-7c49-ef3297d0ae6e}\@ c:\documents and settings\fr\Lokale indstillinger\Application Data\{51311d5c-7fa4-2667-7c49-ef3297d0ae6e}\L\00000004.@ c:\documents and settings\fr\Lokale indstillinger\Application Data\{51311d5c-7fa4-2667-7c49-ef3297d0ae6e}\L\00000008.@ c:\documents and settings\fr\Lokale indstillinger\Application Data\{51311d5c-7fa4-2667-7c49-ef3297d0ae6e}\n c:\documents and settings\fr\Lokale indstillinger\Application Data\{51311d5c-7fa4-2667-7c49-ef3297d0ae6e}\U\00000004.@ c:\documents and settings\fr\Lokale indstillinger\Application Data\{51311d5c-7fa4-2667-7c49-ef3297d0ae6e}\U\00000008.@ c:\documents and settings\fr\Lokale indstillinger\Application Data\{51311d5c-7fa4-2667-7c49-ef3297d0ae6e}\U\000000cb.@ c:\documents and settings\fr\Lokale indstillinger\Application Data\{51311d5c-7fa4-2667-7c49-ef3297d0ae6e}\U\80000000.@ c:\documents and settings\fr\Lokale indstillinger\Application Data\{51311d5c-7fa4-2667-7c49-ef3297d0ae6e}\U\80000032.@ c:\documents and settings\Krister Katva\WINDOWS c:\programmer\SUPERAntiSpyware1241.exe c:\windows\system32\SET70.tmp c:\windows\system32\SET75.tmp c:\windows\system32\SET7C.tmp c:\windows\system32\SET85.tmp c:\windows\system32\SET86.tmp c:\windows\system32\SET87.tmp c:\windows\system32\SET8A.tmp . . ((((((((((((((((((((((((((((( Filer skabt fra 2012-06-07 til 2012-07-07 ))))))))))))))))))))))))))))))))))) . . 2012-07-06 13:33 . 2012-07-07 01:27 ———— dc——w- C:\FRST 2012-07-06 09:15 . 2010-04-29 13:39 38224 -c—a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2012-07-06 09:15 . 2012-07-06 09:15 ———— dc——w- c:\programmer\Malwarebytes’ Anti-Malware 2012-07-06 09:15 . 2012-07-06 09:15 ———— dc——w- c:\documents and settings\All Users\Application Data\Malwarebytes 2012-07-06 09:15 . 2010-04-29 13:39 20952 -c—a-w- c:\windows\system32\drivers\mbam.sys 2012-07-04 15:06 . 2012-07-04 15:06 ———— dc——w- c:\programmer\CCleaner 2012-06-23 08:08 . 1999-12-17 08:13 86016 -c—a-w- c:\windows\unvise32.exe 2012-06-14 20:42 . 2012-06-14 20:42 ———— dc——w- c:\programmer\RustemSoft 2012-06-13 15:08 . 2012-05-11 14:44 521728 -c——w- c:\windows\system32\dllcache\jsdbgui.dll 2012-06-08 18:56 . 2012-06-23 19:59 426184 -c—a-w- c:\windows\system32\FlashPlayerApp.exe 2012-06-08 04:38 . 2012-06-08 04:38 770384 -c—a-w- c:\programmer\Mozilla Firefox\msvcr100.dll 2012-06-08 04:38 . 2012-06-08 04:38 421200 -c—a-w- c:\programmer\Mozilla Firefox\msvcp100.dll . . . (((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-07-07 04:38 . 2011-06-11 10:42 12984 -c—a-w- c:\windows\system32\drivers\SWDUMon.sys 2012-06-23 19:59 . 2011-05-28 09:10 70344 -c—a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-06-02 13:19 . 2007-06-22 08:15 15384 -c—a-w- c:\windows\system32\wuaucpl.cpl.mui 2012-06-02 13:19 . 2006-05-15 10:29 329240 -c—a-w- c:\windows\system32\wucltui.dll 2012-06-02 13:19 . 2006-05-15 10:29 210968 -c—a-w- c:\windows\system32\wuweb.dll 2012-06-02 13:19 . 2006-05-15 10:29 219160 -c—a-w- c:\windows\system32\wuaucpl.cpl 2012-06-02 13:19 . 2006-05-15 11:06 45080 -c—a-w- c:\windows\system32\wups2.dll 2012-06-02 13:19 . 2006-05-15 10:29 53784 -c—a-w- c:\windows\system32\wuauclt.exe 2012-06-02 13:19 . 2006-05-15 10:29 35864 -c—a-w- c:\windows\system32\wups.dll 2012-06-02 13:19 . 2004-08-27 12:00 97304 -c—a-w- c:\windows\system32\cdm.dll 2012-06-02 13:19 . 2007-06-22 08:15 18456 -c—a-w- c:\windows\system32\wuaueng.dll.mui 2012-06-02 13:19 . 2006-05-15 10:29 577048 -c—a-w- c:\windows\system32\wuapi.dll 2012-06-02 13:19 . 2007-06-22 08:15 23064 -c—a-w- c:\windows\system32\wucltui.dll.mui 2012-06-02 13:19 . 2007-06-22 08:15 15896 -c—a-w- c:\windows\system32\wuapi.dll.mui 2012-06-02 13:19 . 2006-05-15 10:29 1933848 -c—a-w- c:\windows\system32\wuaueng.dll 2012-06-02 13:19 . 2009-05-04 06:59 17648 -c—a-w- c:\windows\system32\mucltui.dll.mui 2012-06-02 13:18 . 2009-05-04 06:59 275696 -c—a-w- c:\windows\system32\mucltui.dll 2012-06-02 13:18 . 2008-10-16 12:07 214256 -c—a-w- c:\windows\system32\muweb.dll 2012-05-31 13:22 . 2004-08-27 12:00 602112 -c—a-w- c:\windows\system32\crypt32.dll 2012-05-16 15:09 . 2004-08-27 12:00 916992 -c—a-w- c:\windows\system32\wininet.dll 2012-05-15 13:55 . 2009-04-27 11:30 1863168 -c—a-w- c:\windows\system32\win32k.sys 2012-05-11 14:44 . 2004-08-27 12:00 43520 -c—a-w- c:\windows\system32\licmgr10.dll 2012-05-11 14:44 . 2004-08-27 12:00 1469440 -c—a-w- c:\windows\system32\inetcpl.cpl 2012-05-11 11:38 . 2004-08-27 12:00 385024 -c—a-w- c:\windows\system32\html.iec 2012-05-05 03:14 . 2009-04-27 11:30 2195200 -c—a-w- c:\windows\system32\ntoskrnl.exe 2012-05-05 03:14 . 2009-04-27 11:30 2071680 -c—a-w- c:\windows\system32\ntkrnlpa.exe 2012-05-02 13:47 . 2009-04-27 11:30 139656 -c—a-w- c:\windows\system32\drivers\rdpwd.sys 2012-04-14 05:36 . 2012-04-14 05:36 56200 -c—a-w- c:\documents and settings\All Users\Application Data\Microsoft\Windows Defender\Definition Updates\{9DA00138-D163-402E-9B6D-F926287198EF}\offreg.dll 2011-08-06 07:05 . 2012-04-15 01:34 3142144 -c—a-w- c:\programmer\KeyGenInstaller.msi 2011-08-06 07:05 . 2012-04-15 01:34 428544 -c—a-w- c:\programmer\setup.exe 2009-09-05 08:02 . 2009-09-05 08:02 755229 -c—a-w- c:\programmer\Aqua_v1.exe 2012-06-17 08:01 . 2011-05-25 17:03 85472 -c—a-w- c:\programmer\mozilla firefox\components\browsercomps.dll . . ———- Sigcheck———- Note: Unsigned files aren’t necessarily malware. . [7] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\atapi.sys [7] 2004-08-27 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\system32\ReinstallBackups\0003\DriverFiles\i386\atapi.sys [7] 2004-08-03 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\$NtServicePackUninstall$\atapi.sys [-] 2004-08-03 20:59 . !HASH: COULD NOT OPEN FILE !!!!! . 95360 . . [———] . . c:\windows\system32\drivers\atapi.sys . . ((((((((((((((((((((((((((((((((((( Start steder i reg.basen )))))))))))))))))))))))))))))))))))))))))))))))) . . Bemærk tomme linier & lovlige standard linier vises ikke REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] “swg”=“c:\programmer\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe” [2007-05-28 68856] “WMPNSCFG”=“c:\programmer\Windows Media Player\WMPNSCFG.exe” [2006-11-15 204288] “QuickTime Task”=“c:\programmer\QuickTime\qttask.exe” [2010-11-29 421888] “SlimDrivers”=“c:\programmer\SlimDrivers\SlimDrivers.exe” [2012-02-01 27481952] “Akamai NetSession Interface”=“c:\documents and settings\fr\Lokale indstillinger\Application Data\Akamai\netsession_win.exe” [2012-05-26 4327744] “Advanced System Protector”=“c:\programmer\Advanced System Protector\advancedsystemprotector.exe” [2012-05-15 5925760] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] “avast!”=“c:\progra~1\ALWILS~1\Avast4\ashDisp.exe” [2009-11-24 81000] “TWCU”=“c:\programmer\TP-LINK\TL-WN821N 1.0\TWCU.exe” [2008-06-02 557173] “SynTPLpr”=“c:\programmer\Synaptics\SynTP\SynTPLpr.exe” [2004-10-08 98394] “SynTPEnh”=“c:\programmer\Synaptics\SynTP\SynTPEnh.exe” [2004-10-08 688218] “Openwares LiveUpdate”=“c:\program files\LiveUpdate\LiveUpdate.exe” [2003-12-13 61440] “IntelZeroConfig”=“c:\programmer\Intel\WiFi\bin\ZCfgSvc.exe” [2009-05-21 1372160] “IntelWireless”=“c:\programmer\Fælles filer\Intel\WirelessCommon\iFrmewrk.exe” [2009-05-21 1202448] “AGRSMMSG”=“AGRSMMSG.exe” [2004-12-20 88358] “Adobe Version Cue CS2”=“c:\programmer\Adobe\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe” [2005-04-04 856064] “IgfxTray”=“c:\windows\system32\igfxtray.exe” [2000-01-01 131072] “HotKeysCmds”=“c:\windows\system32\hkcmd.exe” [2000-01-01 163840] “Persistence”=“c:\windows\system32\igfxpers.exe” [2000-01-01 135168] “SoundMan”=“SOUNDMAN.EXE” [2000-01-01 577536] “QuickTime Task”=“c:\programmer\QuickTime\qttask.exe” [2010-11-29 421888] “iTunesHelper”=“c:\programmer\iTunes\iTunesHelper.exe” [2011-06-07 421160] “Adobe ARM”=“c:\programmer\Fælles filer\Adobe\ARM\1.0\AdobeARM.exe” [2012-01-03 843712] “SunJavaUpdateSched”=“c:\programmer\Fælles filer\Java\Java Update\jusched.exe” [2012-01-18 254696] “THGuard”=“c:\programmer\TrojanHunter 5.5\THGuard.exe” [2011-12-06 1088280] “Advanced System Protector”=“c:\programmer\Advanced System Protector\advancedsystemprotector.exe” [2012-05-15 5925760] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] “CTFMON.EXE”=“c:\windows\system32\CTFMON.EXE” [2008-04-14 15360] “DWQueuedReporting”=“c:\progra~1\FLLESF~1\MICROS~1\DW\dwtrig20.exe” [2007-03-22 39264] . c:\documents and settings\Krister Katva\Menuen Start\Programmer\Start\ OpenOffice.org 2.0.lnk - c:\programmer\OpenOffice.org 2.0\program\quickstart.exe [2006-2-26 393216] WinMySQLadmin.lnk - c:\programmer\xampp\mysql\bin\winmysqladmin.exe [2005-4-4 936448] . c:\documents and settings\All Users\Menuen Start\Programmer\Start\ Adobe Gamma.lnk - c:\programmer\Fælles filer\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664] C-Pen 20.lnk - c:\windows\Installer\{ED10A1F7-C0D9-44F4-AA62-E6EACFE9188C}\_5A1930EDFA8D_4359_BB47_DE9376F17160.exe [2007-3-14 45056] Microsoft Office.lnk - c:\programmer\Microsoft Office\Office\OSA9.EXE [1999-2-17 65588] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] “ConsentPromptBehaviorAdmin”= 0 (0x0) “ConsentPromptBehaviorUser”= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer] “NoWelcomeScreen”= 1 (0x1) . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @=“Driver” . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] “%windir%\\system32\\sessmgr.exe”= “c:\\Documents and Settings\\fr\\Lokale indstillinger\\Application Data\\Akamai\\netsession_win.exe”= . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] “1092:TCP”= 1092:TCP:Akamai NetSession Interface “5000:UDP”= 5000:UDP:Akamai NetSession Interface . R0 a347bus;a347bus;c:\windows\system32\drivers\a347bus.sys [16-05-2006 18:54 160640] R0 a347scsi;a347scsi;c:\windows\system32\drivers\a347scsi.sys [16-05-2006 18:54 5248] R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [30-04-2009 11:52 114768] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [30-04-2009 11:52 20560] R2 PDIHWCTL;PDIHWCTL;c:\windows\system32\drivers\pdihwctl.sys [23-10-2006 10:26 14416] S1 PDIDRV;PDIDRV; [x] S2 gupdate;Tjenesten Google Update (gupdate);c:\programmer\Google\Update\GoogleUpdate.exe [24-05-2011 21:17 136176] S2 UI Assistant Service;UI Assistant Service;c:\programmer\Mobilt Bredbånd\AssistantServices.exe—> c:\programmer\Mobilt Bredbånd\AssistantServices.exe [?] S2 XAMPP;XAMPP Service;c:\programmer\xampp\service.exe [12-03-2005 08:24 60928] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [08-06-2012 20:56 250056] S3 arusb(TP-LINK);Atheros Wireless Network Adapter Service(TP-LINK);c:\windows\system32\drivers\arusb.sys [18-08-2009 11:25 434688] S3 CPen20;C-Pen 20;c:\windows\system32\drivers\CPen20.sys [16-02-2005 09:53 14382] S3 eyeonedp;eye-one display;c:\windows\system32\drivers\EyeOneDp.sys [23-10-2006 10:26 44344] S3 gupdatem;Google Update Tjeneste (gupdatem);c:\programmer\Google\Update\GoogleUpdate.exe [24-05-2011 21:17 136176] S3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys—> c:\windows\system32\DRIVERS\ewusbdev.sys [?] S3 MozillaMaintenance;Mozilla Maintenance Service;c:\programmer\Mozilla Maintenance Service\maintenanceservice.exe [25-04-2012 17:30 113120] S3 pendfu;PenDfu (pendfu.sys);c:\windows\system32\drivers\pendfu.sys [14-02-2005 16:27 32408] S3 SWDUMon;SWDUMon;c:\windows\system32\drivers\SWDUMon.sys [11-06-2011 12:42 12984] S3 zte_ecm_enum_filter;zte_ecm_enum_filter;c:\windows\system32\DRIVERS\zte_ecm_enum_filter.sys—> c:\windows\system32\DRIVERS\zte_ecm_enum_filter.sys [?] . Indhold af mappen ‘Planlagte Opgaver’ . 2012-07-07 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-08 19:59] . 2012-06-26 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\programmer\Apple Software Update\SoftwareUpdate.exe [2011-06-01 15:57] . 2012-07-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\programmer\Google\Update\GoogleUpdate.exe [2011-05-24 19:17] . 2012-07-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\programmer\Google\Update\GoogleUpdate.exe [2011-05-24 19:17] . 2012-07-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1614895754-1229272821-725345543-1003.job - c:\documents and settings\Krister Katva\Lokale indstillinger\Application Data\Google\Update\GoogleUpdate.exe [2008-10-27 08:32] . 2012-07-03 c:\windows\Tasks\MP Scheduled Scan.job - c:\programmer\Windows Defender\MpCmdRun.exe [2006-11-03 17:20] . 2012-07-04 c:\windows\Tasks\SlimDrivers Scan.job - c:\programmer\SlimDrivers\SlimDrivers.exe [2012-02-01 12:42] . 2012-07-07 c:\windows\Tasks\User_Feed_Synchronization-{8AF37B35-2428-4366-8068-8CAF0B15EB8C}.job - c:\windows\system32\msfeedssync.exe [2007-08-13 02:31] . 2012-07-07 c:\windows\Tasks\User_Feed_Synchronization-{CA74B880-AC89-4778-9C97-CEFBD954BAA2}.job - c:\windows\system32\msfeedssync.exe [2007-08-13 02:31] . . ———- Yderligere scanning———- . uStart Page = hxxp://www.google.dk/reader/view/?hl=da&tab=wy#overview-page uInternet Settings,ProxyOverride = .local;<local> IE: E&ksporter; til Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 IE: {{0AD5A451-967F-46BD-9F5E-39247D7FC77F} - c:\adgangforalle\adgangforalle.exe TCP: DhcpNameServer = 10.0.0.1 212.242.40.3 212.242.40.51 DPF: {9DAD2E36-8A62-428C-9F1C-951050D5ABE4} - hxxp://www2c.web-direct.dk/neozone/WDXMAP.CAB DPF: {C8C1066B-FE9E-4B1B-9951-1BBC5EE03E38} - hxxps://www2.web-direct.dk/WDX.CAB FF - ProfilePath - c:\documents and settings\fr\Application Data\Mozilla\Firefox\Profiles\vvbk92qd.default\ FF - prefs.js: keyword.URL - hxxp://dts.search-results.com/sr?src=ffb&appid=101&systemid=406&sr=0&q= . . ———- Fil Associationer———- . .txt=UltraEdit.txt . - - - - TOMME GENVEJE FJERNET - - - - . Toolbar-10 - (no file) WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file) WebBrowser-{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - (no file) HKCU-Run-DriverFinder - c:\programmer\DriverFinder\DriverFinder.exe Notify-TPSvc - TPSvc.dll SafeBoot-WinDefend . . . *********************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2012-07-07 06:36 Windows 5.1.2600 Service Pack 3 NTFS . scanner skjulte processer ... . scanner skjulte autostarter ... . scanner skjulte filer ... . scanning gennemført med succes skjulte filer: 0 . ********************************************************************** . ——————————- DLLs startet under kørende Processer——————————- . - - - - - - - > ‘winlogon.exe’(1272) c:\windows\system32\netprovcredman.dll . - - - - - - - > ‘explorer.exe’(4236) c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll c:\windows\system32\netprovcredman.dll . ————————————Andre kørende processer———————————— . c:\programmer\Intel\WiFi\bin\S24EvMon.exe c:\programmer\Alwil Software\Avast4\aswUpdSv.exe c:\programmer\Alwil Software\Avast4\ashServ.exe c:\windows\system32\acs.exe c:\programmer\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe c:\programmer\xampp\apache\bin\apache.exe c:\programmer\Fælles filer\Apple\Mobile Device Support\AppleMobileDeviceService.exe c:\programmer\Bonjour\mDNSResponder.exe c:\programmer\Intel\WiFi\bin\EvtEng.exe c:\programmer\Adobe\Adobe Version Cue CS2\data\database\bin\mysqld-nt.exe c:\programmer\xampp\apache\bin\apache.exe c:\programmer\xampp\FileZillaFTP\FileZillaServer.exe c:\programmer\Java\jre6\bin\jqs.exe c:\programmer\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe c:\programmer\xampp\mysql\bin\mysqld-nt.exe c:\programmer\Fælles filer\Intel\WirelessCommon\RegSrvc.exe c:\programmer\pinnacle\shared files\programs\mediaserver\pmshost.exe c:\programmer\Alwil Software\Avast4\ashMaiSv.exe c:\programmer\Alwil Software\Avast4\ashWebSv.exe c:\windows\AGRSMMSG.exe c:\windows\SOUNDMAN.EXE c:\windows\system32\wbem\unsecapp.exe c:\programmer\iPod\bin\iPodService.exe c:\programmer\C Technologies\C-Pen 20\CPen20.exe c:\programmer\C Technologies\C-Pen 20\CPenOCR.exe c:\programmer\C Technologies\C-Pen 20\CPenDesk.exe . ************************************************************************ . Gennemført tid: 2012-07-07 06:45:33 - maskinen blev genstartet ComboFix-quarantined-files.txt 2012-07-07 04:45 . Pre-Kørsel: 11.115.921.408 byte ledig Post-Kørsel: 11.266.719.744 byte ledig . - - End Of File - - 1400EEA723D30319F977C52EDE7AB6C9
[ Ignorer ] [ # 12 ] Peder TeamSpywarefri
07.07.2012 09:20:30 Redaktør Team Spywarefri Antal indlæg: 13950	Udfør dette i den rækkefølge herunder. Slet den Combofix du har liggende på skrivebordet og hent en ny fra dette link, gem den på skrivebordet. Hent combofix og gem den på skrivebordet. Her Åben Notesblok og kopier følgende (tekst med fed skrift) ind - og gem tekst-filen som CFScript.txt samme sted som du har ComboFix: FCopy:: c:\windows\ServicePackFiles\i386\atapi.sys \| c:\windows\system32\drivers\atapi.sys Træk CFScript filen over på ComboFix ikonet - det vil starte ComboFix igen (hvis computeren vil genstarte, så lad den gøre det). Se eventuelt her: http://www.fromsej.saknet.dk/billeder/swfcombo.gif Læg den nye ComboFix log herind. >> Hent “Malwarebytes’ Anti-Malware” Her Installer og start programmet, klik på fanen opdater, klik Tjek for opdatering, lav “Fuld system skan” under fanebladet “skanner” Bagefter klik på “vis resultater”, tryk på “ Fjern det valgte” send loggen herind i denne tråd. NB Når du opdaterer Malwarebytes, så klik på Tjek for opdatering til den skriver at der ikke er flere opdateringer. Signatur I did it my way. Jeg håber du klarer den Kessler.
[ Ignorer ] [ # 13 ] firas123
07.07.2012 20:33:53 Antal indlæg: 44	Her er loggen fra combofix: ComboFix 12-07-07.02 - fr 07-07-2012 13:30:34.2.1 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.45.1030.18.2039.1223 [GMT 2:00] Kører fra: c:\documents and settings\fr\Skrivebord\combofix\ComboFix.exe Kommandoer benyttet :: c:\documents and settings\fr\Skrivebord\combofix\CfScript.txt AV: avast! antivirus 4.8.1368 [VPS 120705-0] Disabled/Updated {7591DB91-41F0-48A3-B128-1A293FD8233D} . advarsel -DENNE MASKINE HAR IKKE GENOPRETTELSESKONSOL INSTALLERET !! . . ((((((((((((((((((((((((((((((((((((((( Andet, der er slettet ))))))))))))))))))))))))))))))))))))))))))))))))) . . . ———————- FCopy———————- . c:\windows\ServicePackFiles\i386\atapi.sys—> c:\windows\system32\drivers\atapi.sys . ((((((((((((((((((((((((((((( Filer skabt fra 2012-06-07 til 2012-07-07 ))))))))))))))))))))))))))))))))))) . . 2012-07-07 11:19 . 2012-07-07 11:19 ———— dc——w- c:\windows\LastGood 2012-07-07 11:08 . 2012-07-07 11:08 ———— dc——w- c:\documents and settings\fr\Application Data\Malwarebytes 2012-07-06 13:33 . 2012-07-07 01:27 ———— dc——w- C:\FRST 2012-07-06 09:15 . 2012-07-07 11:09 ———— dc——w- c:\programmer\Malwarebytes’ Anti-Malware 2012-07-06 09:15 . 2012-07-06 09:15 ———— dc——w- c:\documents and settings\All Users\Application Data\Malwarebytes 2012-07-04 15:06 . 2012-07-04 15:06 ———— dc——w- c:\programmer\CCleaner 2012-06-23 08:08 . 1999-12-17 08:13 86016 -c—a-w- c:\windows\unvise32.exe 2012-06-14 20:42 . 2012-06-14 20:42 ———— dc——w- c:\programmer\RustemSoft 2012-06-13 15:08 . 2012-05-11 14:44 521728 -c——w- c:\windows\system32\dllcache\jsdbgui.dll 2012-06-08 18:56 . 2012-06-23 19:59 426184 -c—a-w- c:\windows\system32\FlashPlayerApp.exe 2012-06-08 04:38 . 2012-06-08 04:38 770384 -c—a-w- c:\programmer\Mozilla Firefox\msvcr100.dll 2012-06-08 04:38 . 2012-06-08 04:38 421200 -c—a-w- c:\programmer\Mozilla Firefox\msvcp100.dll . . . (((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-07-07 11:18 . 2011-06-11 10:42 12984 -c—a-w- c:\windows\system32\drivers\SWDUMon.sys 2012-07-07 11:11 . 2006-05-15 12:00 81920 ——a-w- c:\windows\DUMP47b7.tmp 2012-06-23 19:59 . 2011-05-28 09:10 70344 -c—a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-06-02 13:19 . 2007-06-22 08:15 15384 -c—a-w- c:\windows\system32\wuaucpl.cpl.mui 2012-06-02 13:19 . 2006-05-15 10:29 329240 -c—a-w- c:\windows\system32\wucltui.dll 2012-06-02 13:19 . 2006-05-15 10:29 210968 -c—a-w- c:\windows\system32\wuweb.dll 2012-06-02 13:19 . 2006-05-15 10:29 219160 -c—a-w- c:\windows\system32\wuaucpl.cpl 2012-06-02 13:19 . 2006-05-15 11:06 45080 -c—a-w- c:\windows\system32\wups2.dll 2012-06-02 13:19 . 2006-05-15 10:29 53784 -c—a-w- c:\windows\system32\wuauclt.exe 2012-06-02 13:19 . 2006-05-15 10:29 35864 -c—a-w- c:\windows\system32\wups.dll 2012-06-02 13:19 . 2004-08-27 12:00 97304 -c—a-w- c:\windows\system32\cdm.dll 2012-06-02 13:19 . 2007-06-22 08:15 18456 -c—a-w- c:\windows\system32\wuaueng.dll.mui 2012-06-02 13:19 . 2006-05-15 10:29 577048 -c—a-w- c:\windows\system32\wuapi.dll 2012-06-02 13:19 . 2007-06-22 08:15 23064 -c—a-w- c:\windows\system32\wucltui.dll.mui 2012-06-02 13:19 . 2007-06-22 08:15 15896 -c—a-w- c:\windows\system32\wuapi.dll.mui 2012-06-02 13:19 . 2006-05-15 10:29 1933848 -c—a-w- c:\windows\system32\wuaueng.dll 2012-06-02 13:19 . 2009-05-04 06:59 17648 -c—a-w- c:\windows\system32\mucltui.dll.mui 2012-06-02 13:18 . 2009-05-04 06:59 275696 -c—a-w- c:\windows\system32\mucltui.dll 2012-06-02 13:18 . 2008-10-16 12:07 214256 -c—a-w- c:\windows\system32\muweb.dll 2012-05-31 13:22 . 2004-08-27 12:00 602112 -c—a-w- c:\windows\system32\crypt32.dll 2012-05-16 15:09 . 2004-08-27 12:00 916992 -c—a-w- c:\windows\system32\wininet.dll 2012-05-15 13:55 . 2009-04-27 11:30 1863168 -c—a-w- c:\windows\system32\win32k.sys 2012-05-11 14:44 . 2004-08-27 12:00 43520 -c—a-w- c:\windows\system32\licmgr10.dll 2012-05-11 14:44 . 2004-08-27 12:00 1469440 -c—a-w- c:\windows\system32\inetcpl.cpl 2012-05-11 11:38 . 2004-08-27 12:00 385024 -c—a-w- c:\windows\system32\html.iec 2012-05-05 03:14 . 2009-04-27 11:30 2195200 -c—a-w- c:\windows\system32\ntoskrnl.exe 2012-05-05 03:14 . 2009-04-27 11:30 2071680 -c—a-w- c:\windows\system32\ntkrnlpa.exe 2012-05-02 13:47 . 2009-04-27 11:30 139656 -c—a-w- c:\windows\system32\drivers\rdpwd.sys 2012-04-14 05:36 . 2012-04-14 05:36 56200 -c—a-w- c:\documents and settings\All Users\Application Data\Microsoft\Windows Defender\Definition Updates\{9DA00138-D163-402E-9B6D-F926287198EF}\offreg.dll 2011-08-06 07:05 . 2012-04-15 01:34 3142144 -c—a-w- c:\programmer\KeyGenInstaller.msi 2011-08-06 07:05 . 2012-04-15 01:34 428544 -c—a-w- c:\programmer\setup.exe 2009-09-05 08:02 . 2009-09-05 08:02 755229 -c—a-w- c:\programmer\Aqua_v1.exe 2012-06-17 08:01 . 2011-05-25 17:03 85472 -c—a-w- c:\programmer\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((( SnapShot@2012-07-07_04.36.33 ))))))))))))))))))))))))))))))))))))))))) . + 2012-07-07 11:15 . 2012-07-07 11:15 16384 c:\windows\Temp\Perflib_Perfdata_e2c.dat + 2012-07-07 11:15 . 2012-07-07 11:15 16384 c:\windows\Temp\Perflib_Perfdata_cd0.dat + 2012-07-07 11:14 . 2012-07-07 11:14 16384 c:\windows\Temp\Perflib_Perfdata_274.dat + 2004-08-27 12:00 . 2008-04-13 18:40 96512 c:\windows\system32\dllcache\atapi.sys + 2012-07-07 11:19 . 2012-07-07 04:38 12984 c:\windows\LastGood\system32\DRIVERS\SWDUMon.sys . ((((((((((((((((((((((((((((((((((( Start steder i reg.basen )))))))))))))))))))))))))))))))))))))))))))))))) . . Bemærk tomme linier & lovlige standard linier vises ikke REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] “swg”=“c:\programmer\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe” [2007-05-28 68856] “WMPNSCFG”=“c:\programmer\Windows Media Player\WMPNSCFG.exe” [2006-11-15 204288] “QuickTime Task”=“c:\programmer\QuickTime\qttask.exe” [2010-11-29 421888] “SlimDrivers”=“c:\programmer\SlimDrivers\SlimDrivers.exe” [2012-02-01 27481952] “Akamai NetSession Interface”=“c:\documents and settings\fr\Lokale indstillinger\Application Data\Akamai\netsession_win.exe” [2012-05-26 4327744] “Advanced System Protector”=“c:\programmer\Advanced System Protector\advancedsystemprotector.exe” [2012-05-15 5925760] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] “avast!”=“c:\progra~1\ALWILS~1\Avast4\ashDisp.exe” [2009-11-24 81000] “TWCU”=“c:\programmer\TP-LINK\TL-WN821N 1.0\TWCU.exe” [2008-06-02 557173] “SynTPLpr”=“c:\programmer\Synaptics\SynTP\SynTPLpr.exe” [2004-10-08 98394] “SynTPEnh”=“c:\programmer\Synaptics\SynTP\SynTPEnh.exe” [2004-10-08 688218] “Openwares LiveUpdate”=“c:\program files\LiveUpdate\LiveUpdate.exe” [2003-12-13 61440] “IntelZeroConfig”=“c:\programmer\Intel\WiFi\bin\ZCfgSvc.exe” [2009-05-21 1372160] “IntelWireless”=“c:\programmer\Fælles filer\Intel\WirelessCommon\iFrmewrk.exe” [2009-05-21 1202448] “AGRSMMSG”=“AGRSMMSG.exe” [2004-12-20 88358] “Adobe Version Cue CS2”=“c:\programmer\Adobe\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe” [2005-04-04 856064] “IgfxTray”=“c:\windows\system32\igfxtray.exe” [2000-01-01 131072] “HotKeysCmds”=“c:\windows\system32\hkcmd.exe” [2000-01-01 163840] “Persistence”=“c:\windows\system32\igfxpers.exe” [2000-01-01 135168] “SoundMan”=“SOUNDMAN.EXE” [2000-01-01 577536] “QuickTime Task”=“c:\programmer\QuickTime\qttask.exe” [2010-11-29 421888] “iTunesHelper”=“c:\programmer\iTunes\iTunesHelper.exe” [2011-06-07 421160] “Adobe ARM”=“c:\programmer\Fælles filer\Adobe\ARM\1.0\AdobeARM.exe” [2012-01-03 843712] “SunJavaUpdateSched”=“c:\programmer\Fælles filer\Java\Java Update\jusched.exe” [2012-01-18 254696] “THGuard”=“c:\programmer\TrojanHunter 5.5\THGuard.exe” [2011-12-06 1088280] “Advanced System Protector”=“c:\programmer\Advanced System Protector\advancedsystemprotector.exe” [2012-05-15 5925760] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] “CTFMON.EXE”=“c:\windows\system32\CTFMON.EXE” [2008-04-14 15360] “DWQueuedReporting”=“c:\progra~1\FLLESF~1\MICROS~1\DW\dwtrig20.exe” [2007-03-22 39264] . c:\documents and settings\Krister Katva\Menuen Start\Programmer\Start\ OpenOffice.org 2.0.lnk - c:\programmer\OpenOffice.org 2.0\program\quickstart.exe [2006-2-26 393216] WinMySQLadmin.lnk - c:\programmer\xampp\mysql\bin\winmysqladmin.exe [2005-4-4 936448] . c:\documents and settings\All Users\Menuen Start\Programmer\Start\ Adobe Gamma.lnk - c:\programmer\Fælles filer\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664] C-Pen 20.lnk - c:\windows\Installer\{ED10A1F7-C0D9-44F4-AA62-E6EACFE9188C}\_5A1930EDFA8D_4359_BB47_DE9376F17160.exe [2007-3-14 45056] Microsoft Office.lnk - c:\programmer\Microsoft Office\Office\OSA9.EXE [1999-2-17 65588] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] “ConsentPromptBehaviorAdmin”= 0 (0x0) “ConsentPromptBehaviorUser”= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer] “NoWelcomeScreen”= 1 (0x1) . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @=“Driver” . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] “%windir%\\system32\\sessmgr.exe”= “c:\\Documents and Settings\\fr\\Lokale indstillinger\\Application Data\\Akamai\\netsession_win.exe”= . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] “1065:TCP”= 1065:TCP:Akamai NetSession Interface “5000:UDP”= 5000:UDP:Akamai NetSession Interface . R0 a347bus;a347bus;c:\windows\system32\drivers\a347bus.sys [16-05-2006 18:54 160640] R0 a347scsi;a347scsi;c:\windows\system32\drivers\a347scsi.sys [16-05-2006 18:54 5248] R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [30-04-2009 11:52 114768] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [30-04-2009 11:52 20560] R2 PDIHWCTL;PDIHWCTL;c:\windows\system32\drivers\pdihwctl.sys [23-10-2006 10:26 14416] S1 PDIDRV;PDIDRV; [x] S2 gupdate;Tjenesten Google Update (gupdate);c:\programmer\Google\Update\GoogleUpdate.exe [24-05-2011 21:17 136176] S2 UI Assistant Service;UI Assistant Service;c:\programmer\Mobilt Bredbånd\AssistantServices.exe—> c:\programmer\Mobilt Bredbånd\AssistantServices.exe [?] S2 XAMPP;XAMPP Service;c:\programmer\xampp\service.exe [12-03-2005 08:24 60928] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [08-06-2012 20:56 250056] S3 arusb(TP-LINK);Atheros Wireless Network Adapter Service(TP-LINK);c:\windows\system32\drivers\arusb.sys [18-08-2009 11:25 434688] S3 CPen20;C-Pen 20;c:\windows\system32\drivers\CPen20.sys [16-02-2005 09:53 14382] S3 eyeonedp;eye-one display;c:\windows\system32\drivers\EyeOneDp.sys [23-10-2006 10:26 44344] S3 gupdatem;Google Update Tjeneste (gupdatem);c:\programmer\Google\Update\GoogleUpdate.exe [24-05-2011 21:17 136176] S3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys—> c:\windows\system32\DRIVERS\ewusbdev.sys [?] S3 MozillaMaintenance;Mozilla Maintenance Service;c:\programmer\Mozilla Maintenance Service\maintenanceservice.exe [25-04-2012 17:30 113120] S3 pendfu;PenDfu (pendfu.sys);c:\windows\system32\drivers\pendfu.sys [14-02-2005 16:27 32408] S3 SWDUMon;SWDUMon;c:\windows\system32\drivers\SWDUMon.sys [11-06-2011 12:42 12984] S3 zte_ecm_enum_filter;zte_ecm_enum_filter;c:\windows\system32\DRIVERS\zte_ecm_enum_filter.sys—> c:\windows\system32\DRIVERS\zte_ecm_enum_filter.sys [?] . Indhold af mappen ‘Planlagte Opgaver’ . 2012-07-07 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-08 19:59] . 2012-06-26 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\programmer\Apple Software Update\SoftwareUpdate.exe [2011-06-01 15:57] . 2012-07-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\programmer\Google\Update\GoogleUpdate.exe [2011-05-24 19:17] . 2012-07-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\programmer\Google\Update\GoogleUpdate.exe [2011-05-24 19:17] . 2012-07-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1614895754-1229272821-725345543-1003.job - c:\documents and settings\Krister Katva\Lokale indstillinger\Application Data\Google\Update\GoogleUpdate.exe [2008-10-27 08:32] . 2012-07-03 c:\windows\Tasks\MP Scheduled Scan.job - c:\programmer\Windows Defender\MpCmdRun.exe [2006-11-03 17:20] . 2012-07-07 c:\windows\Tasks\User_Feed_Synchronization-{8AF37B35-2428-4366-8068-8CAF0B15EB8C}.job - c:\windows\system32\msfeedssync.exe [2007-08-13 02:31] . 2012-07-07 c:\windows\Tasks\User_Feed_Synchronization-{CA74B880-AC89-4778-9C97-CEFBD954BAA2}.job - c:\windows\system32\msfeedssync.exe [2007-08-13 02:31] . . ———- Yderligere scanning———- . uStart Page = hxxp://www.google.dk/reader/view/?hl=da&tab=wy#overview-page uInternet Settings,ProxyOverride = .local;<local> IE: E&ksporter; til Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 IE: {{0AD5A451-967F-46BD-9F5E-39247D7FC77F} - c:\adgangforalle\adgangforalle.exe TCP: DhcpNameServer = 10.0.0.1 212.242.40.3 212.242.40.51 DPF: {9DAD2E36-8A62-428C-9F1C-951050D5ABE4} - hxxp://www2c.web-direct.dk/neozone/WDXMAP.CAB DPF: {C8C1066B-FE9E-4B1B-9951-1BBC5EE03E38} - hxxps://www2.web-direct.dk/WDX.CAB FF - ProfilePath - c:\documents and settings\fr\Application Data\Mozilla\Firefox\Profiles\vvbk92qd.default\ FF - prefs.js: keyword.URL - hxxp://dts.search-results.com/sr?src=ffb&appid=101&systemid=406&sr=0&q= . . *********************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2012-07-07 13:43 Windows 5.1.2600 Service Pack 3 NTFS . scanner skjulte processer ... . scanner skjulte autostarter ... . scanner skjulte filer ... . scanning gennemført med succes skjulte filer: 0 . ************************************************************************ . ——————————- DLLs startet under kørende Processer——————————- . - - - - - - - > ‘winlogon.exe’(1264) c:\windows\system32\netprovcredman.dll . - - - - - - - > ‘explorer.exe’(4220) c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll c:\windows\system32\netprovcredman.dll . Gennemført tid: 2012-07-07 13:46:24 ComboFix-quarantined-files.txt 2012-07-07 11:46 ComboFix2.txt 2012-07-07 04:45 . Pre-Kørsel: 10.979.594.240 byte ledig Post-Kørsel: 11.207.421.952 byte ledig . - - End Of File - - 7BF625CA2712200546452525D61BB8AB —— Her er loggen fra Malwarebytes: Malwarebytes Anti-Malware (Prøveversion) 1.61.0.1400 http://www.malwarebytes.org Database version: v2012.07.07.05 Windows XP Service Pack 3 x86 NTFS Internet Explorer 8.0.6001.18702 fr :: KIRATIN [administrator] Beskyttelse: Slået til 07-07-2012 17:54:23 mbam-log-2012-07-07 (20-14-34).txt Skanningstype: Fuldstændig skanning Skanningsmuligheder valgt: Hukommelse \| Opstart \| Registreringsdatabasen \| Filsystem \| Heuristics/Ekstra \| Heuristics/Shuriken \| PUP \| PUM Skanningsmuligheder som er deaktiverede: P2P Objekter skannet: 506300 Tid gået: 2 time(e), 12 minut(ter), 38 sekund(er) Hukommelses Processorer Inficeret: 0 (Ingen skadelige objekter blev fundet) Hukommelses Moduler Inficeret: 0 (Ingen skadelige objekter blev fundet) Registreringsdatabasenøgler Inficeret: 3 HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{4B8C28A7-A9BC-45F8-990D-21499EED643C} (Adware.QuestScan) -> Ingen handling valgt. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\INSTALL.EXE (PUP.Casino.Gen) -> Ingen handling valgt. HKLM\SOFTWARE\QUESTSCAN (Adware.QuestScan) -> Ingen handling valgt. Registreringsdatabaseværdier Inficeret: 1 HKLM\SOFTWARE\QuestScan\|DllPath (Adware.QuestScan) -> Data: C:\Programmer\QuestScan\questscan.dll -> Ingen handling valgt. Registreringsdatabasedata Objekter Inficeret: 0 (Ingen skadelige objekter blev fundet) Inficerede Mapper: 4 C:\Programmer\Mozilla Firefox\extensions\{F0E1168A-B4B5-484C-B77E-0D28E6B64096} (Adware.QuestScan) -> Ingen handling valgt. C:\Programmer\Mozilla Firefox\extensions\{F0E1168A-B4B5-484C-B77E-0D28E6B64096}\chrome (Adware.QuestScan) -> Ingen handling valgt. C:\Programmer\Mozilla Firefox\extensions\{F0E1168A-B4B5-484C-B77E-0D28E6B64096}\defaults (Adware.QuestScan) -> Ingen handling valgt. C:\Programmer\Mozilla Firefox\extensions\{F0E1168A-B4B5-484C-B77E-0D28E6B64096}\defaults\preferences (Adware.QuestScan) -> Ingen handling valgt. Inficerede Filer: 13 C:\Qoobox\Quarantine\C\Documents and Settings\fr\Lokale indstillinger\Application Data\{51311d5c-7fa4-2667-7c49-ef3297d0ae6e}\U\00000008.@.vir (Trojan.Dropper.BCMiner) -> Ingen handling valgt. C:\FRST\Quarantine\{51311d5c-7fa4-2667-7c49-ef3297d0ae6e}\U\00000008.@ (Trojan.Dropper.BCMiner) -> Ingen handling valgt. C:\Microgaming\Casino\RoyalVegas\install.exe (PUP.Casino.Gen) -> Ingen handling valgt. C:\Microgaming\Casino\VirtualCity\bresume.exe (PUP.Casino.Gen) -> Ingen handling valgt. C:\Microgaming\Casino\VirtualCity\dresume.exe (PUP.Casino.Gen) -> Ingen handling valgt. C:\Microgaming\Casino\VirtualCity\install.exe (PUP.Casino.Gen) -> Ingen handling valgt. C:\Microgaming\Casino\VirtualCity\sresume.exe (PUP.Casino.Gen) -> Ingen handling valgt. C:\Microgaming\Casino\VirtualCity\tresume.exe (PUP.Casino.Gen) -> Ingen handling valgt. C:\System Volume Information\_restore{5483A89E-E05A-4F08-9FD6-D34DF2BE8F2A}\RP683\A0199675.ini (Trojan.0access) -> Ingen handling valgt. C:\Programmer\Mozilla Firefox\extensions\{F0E1168A-B4B5-484C-B77E-0D28E6B64096}\chrome.manifest (Adware.QuestScan) -> Ingen handling valgt. C:\Programmer\Mozilla Firefox\extensions\{F0E1168A-B4B5-484C-B77E-0D28E6B64096}\install.rdf (Adware.QuestScan) -> Ingen handling valgt. C:\Programmer\Mozilla Firefox\extensions\{F0E1168A-B4B5-484C-B77E-0D28E6B64096}\chrome\questscan.jar (Adware.QuestScan) -> Ingen handling valgt. C:\Programmer\Mozilla Firefox\extensions\{F0E1168A-B4B5-484C-B77E-0D28E6B64096}\defaults\preferences\prefs.js (Adware.QuestScan) -> Ingen handling valgt. (færdig)
[ Ignorer ] [ # 14 ] Peder TeamSpywarefri
08.07.2012 10:37:22 Redaktør Team Spywarefri Antal indlæg: 13950	Det er en OMMER med Malwarebytes Ingen handling valgt Bagefter klik på “vis resultater”, tryk på “ Fjern det valgte” gem loggen og send den herind. >> Download Tdsskiller.zip på dit skrivebord og pak den ud i en mappe. Kør TDSSKiller.exe -> Klik på “Start Scan” Mht.: Vista og Windows 7 - Højreklik på filen - Kør som Administrator. Under “Change parameters” sætter du flueben ved “Detect TDLFS file system” Klik på “Start Scan” Hvis en inficeret fil bliver fundet, vil ”Default action” være Cure, klik på Continue Hvis den finder TDLFS file system, klikker du på Delete. Hvis en mistænkelig fil opdages, vil ”Default action” være Skip, klik på Continue Hvis den ikke spørger om ”Reboot” (genstart) så klik på ”Report”, kopier den tekst herind i tråden. Genstart hvis den kræver det. Hvis den genstarter kan du finde logfilen her : C:\TDSSKiller.[Version]_[Dato]_[Tidspunkt]_log.txt. Signatur I did it my way. Jeg håber du klarer den Kessler.
[ Ignorer ] [ # 15 ] firas123
09.07.2012 12:11:44 Antal indlæg: 44	OK - her er Malwarebytes-loggen: Malwarebytes Anti-Malware (Prøveversion) 1.61.0.1400 http://www.malwarebytes.org Database version: v2012.07.08.07 Windows XP Service Pack 3 x86 NTFS Internet Explorer 8.0.6001.18702 fr :: KIRATIN [administrator] Beskyttelse: Slået til 09-07-2012 01:36:33 mbam-log-2012-07-09 (01-36-33).txt Skanningstype: Fuldstændig skanning Skanningsmuligheder valgt: Hukommelse \| Opstart \| Registreringsdatabasen \| Filsystem \| Heuristics/Ekstra \| Heuristics/Shuriken \| PUP \| PUM Skanningsmuligheder som er deaktiverede: P2P Objekter skannet: 509461 Tid gået: 2 time(e), 15 minut(ter), 21 sekund(er) Hukommelses Processorer Inficeret: 0 (Ingen skadelige objekter blev fundet) Hukommelses Moduler Inficeret: 0 (Ingen skadelige objekter blev fundet) Registreringsdatabasenøgler Inficeret: 0 (Ingen skadelige objekter blev fundet) Registreringsdatabaseværdier Inficeret: 0 (Ingen skadelige objekter blev fundet) Registreringsdatabasedata Objekter Inficeret: 0 (Ingen skadelige objekter blev fundet) Inficerede Mapper: 0 (Ingen skadelige objekter blev fundet) Inficerede Filer: 6 C:\System Volume Information\_restore{5483A89E-E05A-4F08-9FD6-D34DF2BE8F2A}\RP683\A0200699.exe (PUP.Casino.Gen) -> Sat i karantæne og slettet succesfuldt. C:\System Volume Information\_restore{5483A89E-E05A-4F08-9FD6-D34DF2BE8F2A}\RP683\A0200700.exe (PUP.Casino.Gen) -> Sat i karantæne og slettet succesfuldt. C:\System Volume Information\_restore{5483A89E-E05A-4F08-9FD6-D34DF2BE8F2A}\RP683\A0200701.exe (PUP.Casino.Gen) -> Sat i karantæne og slettet succesfuldt. C:\System Volume Information\_restore{5483A89E-E05A-4F08-9FD6-D34DF2BE8F2A}\RP683\A0200702.exe (PUP.Casino.Gen) -> Sat i karantæne og slettet succesfuldt. C:\System Volume Information\_restore{5483A89E-E05A-4F08-9FD6-D34DF2BE8F2A}\RP683\A0200703.exe (PUP.Casino.Gen) -> Sat i karantæne og slettet succesfuldt. C:\System Volume Information\_restore{5483A89E-E05A-4F08-9FD6-D34DF2BE8F2A}\RP683\A0200704.exe (PUP.Casino.Gen) -> Sat i karantæne og slettet succesfuldt. (færdig) Her er TDSSKiller-loggen: 12:03:04.0750 3544 TDSS rootkit removing tool 2.7.44.0 Jul 2 2012 20:01:08 12:03:04.0953 3544 ============================================================ 12:03:04.0953 3544 Current date / time: 2012/07/09 12:03:04.0953 12:03:04.0953 3544 SystemInfo: 12:03:04.0953 3544 12:03:04.0953 3544 OS Version: 5.1.2600 ServicePack: 3.0 12:03:04.0953 3544 Product type: Workstation 12:03:04.0953 3544 ComputerName: KIRATIN 12:03:04.0953 3544 UserName: fr 12:03:04.0953 3544 Windows directory: C:\WINDOWS 12:03:04.0953 3544 System windows directory: C:\WINDOWS 12:03:04.0953 3544 Processor architecture: Intel x86 12:03:04.0953 3544 Number of processors: 1 12:03:04.0953 3544 Page size: 0x1000 12:03:04.0953 3544 Boot type: Normal boot 12:03:04.0953 3544 ============================================================ 12:03:07.0046 3544 Drive \Device\Harddisk0\DR0 - Size: 0xDF8F90000 (55.89 Gb), SectorSize: 0x200, Cylinders: 0x1C80, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type ‘K0’, Flags 0x00000054 12:03:07.0046 3544 ============================================================ 12:03:07.0046 3544 \Device\Harddisk0\DR0: 12:03:07.0046 3544 MBR partitions: 12:03:07.0046 3544 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x6FC3D80 12:03:07.0046 3544 ============================================================ 12:03:07.0078 3544 C: <-> \Device\Harddisk0\DR0\Partition0 12:03:07.0125 3544 ============================================================ 12:03:07.0125 3544 Initialize success 12:03:07.0125 3544 ============================================================ 12:03:21.0796 5900 ============================================================ 12:03:21.0796 5900 Scan started 12:03:21.0796 5900 Mode: Manual; TDLFS; 12:03:21.0796 5900 ============================================================ 12:03:22.0281 5900 61883 (914a9709fc3bf419ad2f85547f2a4832) C:\WINDOWS\system32\DRIVERS\61883.sys 12:03:22.0296 5900 61883 - ok 12:03:22.0343 5900 a347bus (1f61cacacb521215f39061789147968c) C:\WINDOWS\system32\DRIVERS\a347bus.sys 12:03:22.0343 5900 a347bus - ok 12:03:22.0343 5900 a347scsi (113e4b318bbaa7483ca4e582a4d63f49) C:\WINDOWS\system32\Drivers\a347scsi.sys 12:03:22.0359 5900 a347scsi - ok 12:03:22.0406 5900 Aavmker4 (2ccfa74242741ca22a4267cce9b586f4) C:\WINDOWS\system32\drivers\Aavmker4.sys 12:03:22.0406 5900 Aavmker4 - ok 12:03:22.0406 5900 Abiosdsk - ok 12:03:22.0421 5900 abp480n5 - ok 12:03:22.0453 5900 ACPI (991b6d6fe2a4d70caf76c41334e60926) C:\WINDOWS\system32\DRIVERS\ACPI.sys 12:03:22.0453 5900 ACPI - ok 12:03:22.0500 5900 ACPIEC (6f99fe216de8c4875dbb12937620da0c) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys 12:03:22.0500 5900 ACPIEC - ok 12:03:22.0593 5900 ACS (170ba964b612a9a62fadd5c71962429e) C:\WINDOWS\system32\acs.exe 12:03:22.0718 5900 ACS - ok 12:03:22.0843 5900 Adobe LM Service (8b46d5a1d3ef08232c04d0eafb871fb2) C:\Programmer\Fælles filer\Adobe Systems Shared\Service\Adobelmsvc.exe 12:03:22.0843 5900 Adobe LM Service - ok 12:03:22.0921 5900 Adobe Version Cue CS2 (41d15ead554396bf35b7c5246ad47a28) C:\Programmer\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe 12:03:22.0937 5900 Adobe Version Cue CS2 - ok 12:03:23.0078 5900 AdobeFlashPlayerUpdateSvc (990dc6edc9f933194d7cd4e65146bc94) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe 12:03:23.0078 5900 AdobeFlashPlayerUpdateSvc - ok 12:03:23.0093 5900 adpu160m - ok 12:03:23.0171 5900 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys 12:03:23.0171 5900 aec - ok 12:03:23.0234 5900 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys 12:03:23.0234 5900 AFD - ok 12:03:23.0375 5900 AgereSoftModem (c62f5fd87cbc94d6d345c30e8931324c) C:\WINDOWS\system32\DRIVERS\AGRSM.sys 12:03:23.0437 5900 AgereSoftModem - ok 12:03:23.0437 5900 Aha154x - ok 12:03:23.0453 5900 aic78u2 - ok 12:03:23.0468 5900 aic78xx - ok 12:03:24.0109 5900 ALCXWDM (dd8520280304b6145a6be31008748c7c) C:\WINDOWS\system32\drivers\ALCXWDM.SYS 12:03:24.0171 5900 ALCXWDM - ok 12:03:24.0515 5900 Alerter (6642db68b97ecb8088fba2d2539fdb7e) C:\WINDOWS\system32\alrsvc.dll 12:03:24.0515 5900 Alerter - ok 12:03:24.0546 5900 ALG (ab74a1b7500aca7d43d84804cbdf11fb) C:\WINDOWS\System32\alg.exe 12:03:24.0546 5900 ALG - ok 12:03:24.0578 5900 AliIde - ok 12:03:24.0578 5900 amsint - ok 12:03:24.0703 5900 Apache2 (de1c6efdca41880221816848b4d78da9) C:\Programmer\xampp\apache\bin\apache.exe 12:03:24.0703 5900 Apache2 - ok 12:03:24.0890 5900 Apple Mobile Device (20f6f19fe9e753f2780dc2fa083ad597) C:\Programmer\Fælles filer\Apple\Mobile Device Support\AppleMobileDeviceService.exe 12:03:24.0906 5900 Apple Mobile Device - ok 12:03:24.0984 5900 AppMgmt (e39274e0be87e672211392a4176c4ee6) C:\WINDOWS\System32\appmgmts.dll 12:03:24.0984 5900 AppMgmt - ok 12:03:25.0078 5900 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys 12:03:25.0078 5900 Arp1394 - ok 12:03:25.0140 5900 arusb(TP-LINK) (d496e93a2448b6bac1fcccec0f1a195f) C:\WINDOWS\system32\DRIVERS\arusb.sys 12:03:25.0171 5900 arusb(TP-LINK) - ok 12:03:25.0218 5900 ASAPIW2K (875f9079cabee679d34b49e466b61701) C:\WINDOWS\system32\drivers\ASAPIW2k.sys 12:03:25.0218 5900 ASAPIW2K - ok 12:03:25.0234 5900 asc - ok 12:03:25.0234 5900 asc3350p - ok 12:03:25.0250 5900 asc3550 - ok 12:03:25.0296 5900 Aspi32 (b979979ab8027f7f53fb16ec4229b7db) C:\WINDOWS\system32\drivers\Aspi32.sys 12:03:25.0296 5900 Aspi32 - ok 12:03:25.0421 5900 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe 12:03:25.0453 5900 aspnet_state - ok 12:03:25.0515 5900 aswFsBlk (b4079a98f294a3e262872cb76f4849f0) C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys 12:03:25.0515 5900 aswFsBlk - ok 12:03:25.0546 5900 aswMon2 (dbee7b5ecb50fc2cf9323f52cbf41141) C:\WINDOWS\system32\drivers\aswMon2.sys 12:03:25.0546 5900 aswMon2 - ok 12:03:25.0562 5900 aswRdr (8080d683489c99cbace813f6fa4069cc) C:\WINDOWS\system32\drivers\aswRdr.sys 12:03:25.0578 5900 aswRdr - ok 12:03:25.0609 5900 aswSP (2e5a2ad5004b55df39b7606130a88142) C:\WINDOWS\system32\drivers\aswSP.sys 12:03:25.0609 5900 aswSP - ok 12:03:25.0625 5900 aswTdi (d4c83a37efadfa2c398362e0776e3773) C:\WINDOWS\system32\drivers\aswTdi.sys 12:03:25.0640 5900 aswTdi - ok 12:03:25.0687 5900 aswUpdSv (5debc3519d489411073fa7e56ffb4a93) C:\Programmer\Alwil Software\Avast4\aswUpdSv.exe 12:03:25.0687 5900 aswUpdSv - ok 12:03:25.0718 5900 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys 12:03:25.0718 5900 AsyncMac - ok 12:03:25.0781 5900 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys 12:03:25.0781 5900 Suspicious file (NoAccess): C:\WINDOWS\system32\DRIVERS\atapi.sys. md5: 9f3a2f5aa6875c72bf062c712cfa2674 12:03:25.0781 5900 atapi ( LockedFile.Multi.Generic ) - warning 12:03:25.0781 5900 atapi - detected LockedFile.Multi.Generic (1) 12:03:25.0796 5900 Atdisk - ok 12:03:25.0812 5900 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys 12:03:25.0812 5900 Atmarpc - ok 12:03:25.0875 5900 AudioSrv (f6c00138b3f637dde807005b16e61dcc) C:\WINDOWS\System32\audiosrv.dll 12:03:25.0875 5900 AudioSrv - ok 12:03:25.0921 5900 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys 12:03:25.0921 5900 audstub - ok 12:03:26.0000 5900 Autodesk Licensing Service - ok 12:03:26.0046 5900 avast! Antivirus (0aaf6b848185899cf76ae04e62eab3d2) C:\Programmer\Alwil Software\Avast4\ashServ.exe 12:03:26.0046 5900 avast! Antivirus - ok 12:03:26.0078 5900 avast! Mail Scanner (b2f564dc59b67763c73269e1a9da7f18) C:\Programmer\Alwil Software\Avast4\ashMaiSv.exe 12:03:26.0078 5900 avast! Mail Scanner - ok 12:03:26.0140 5900 avast! Web Scanner (d86010c96abadda75356834d6113d37d) C:\Programmer\Alwil Software\Avast4\ashWebSv.exe 12:03:26.0156 5900 avast! Web Scanner - ok 12:03:26.0218 5900 Avc (f8e6956a614f15a0860474c5e2a7de6b) C:\WINDOWS\system32\DRIVERS\avc.sys 12:03:26.0218 5900 Avc - ok 12:03:26.0281 5900 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys 12:03:26.0281 5900 Beep - ok 12:03:26.0359 5900 BITS (51c84408e87a52187e25d839c58bdc45) C:\WINDOWS\system32\qmgr.dll 12:03:26.0484 5900 BITS - ok 12:03:26.0640 5900 Bonjour Service (f2060a34c8a75bc24a9222eb4f8c07bd) C:\Programmer\Bonjour\mDNSResponder.exe 12:03:26.0656 5900 Bonjour Service - ok 12:03:26.0703 5900 Browser (58ad7404c7fee33eb0f3fc2bacd04ff6) C:\WINDOWS\System32\browser.dll 12:03:26.0718 5900 Browser - ok 12:03:26.0812 5900 catchme - ok 12:03:26.0828 5900 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys 12:03:26.0843 5900 cbidf2k - ok 12:03:26.0890 5900 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys 12:03:26.0890 5900 CCDECODE - ok 12:03:26.0906 5900 cd20xrnt - ok 12:03:26.0937 5900 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys 12:03:26.0937 5900 Cdaudio - ok 12:03:26.0953 5900 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys 12:03:26.0953 5900 Cdfs - ok 12:03:27.0015 5900 cdrbsdrv (351735695e9ead93de6af85d8beb1ca8) C:\WINDOWS\system32\drivers\cdrbsdrv.sys 12:03:27.0015 5900 cdrbsdrv - ok 12:03:27.0031 5900 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys 12:03:27.0031 5900 Cdrom - ok 12:03:27.0046 5900 Changer - ok 12:03:27.0093 5900 CiSvc (1838615c98afa3a0ac1f4b15a113a82f) C:\WINDOWS\system32\cisvc.exe 12:03:27.0093 5900 CiSvc - ok 12:03:27.0109 5900 ClipSrv (5cea9fbc68fbd66a91e7ef09900ab566) C:\WINDOWS\system32\clipsrv.exe 12:03:27.0109 5900 ClipSrv - ok 12:03:27.0234 5900 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 12:03:27.0328 5900 clr_optimization_v2.0.50727_32 - ok 12:03:27.0609 5900 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 12:03:27.0609 5900 clr_optimization_v4.0.30319_32 - ok 12:03:27.0671 5900 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys 12:03:27.0671 5900 CmBatt - ok 12:03:27.0687 5900 CmdIde - ok 12:03:27.0703 5900 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys 12:03:27.0703 5900 Compbatt - ok 12:03:27.0718 5900 COMSysApp - ok 12:03:27.0765 5900 CPen20 (852d79a0a0fe1c17619d0b2a4789e8a2) C:\WINDOWS\system32\Drivers\CPen20.sys 12:03:27.0765 5900 CPen20 - ok 12:03:27.0765 5900 Cpqarray - ok 12:03:27.0843 5900 CryptSvc (325d42794a21d1717b98f354acf499e2) C:\WINDOWS\System32\cryptsvc.dll 12:03:27.0859 5900 CryptSvc - ok 12:03:27.0859 5900 dac2w2k - ok 12:03:27.0875 5900 dac960nt - ok 12:03:27.0953 5900 DcomLaunch (059187b38452a01bb3b397691ddf3552) C:\WINDOWS\system32\rpcss.dll 12:03:27.0968 5900 DcomLaunch - ok 12:03:28.0031 5900 Dhcp (a6e52fa9ada7f92def4206c0f64f6784) C:\WINDOWS\System32\dhcpcsvc.dll 12:03:28.0031 5900 Dhcp - ok 12:03:28.0093 5900 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys 12:03:28.0093 5900 Disk - ok 12:03:28.0093 5900 dmadmin - ok 12:03:28.0156 5900 dmboot (8a3088f97b2caa3340bbb068f314e596) C:\WINDOWS\system32\drivers\dmboot.sys 12:03:28.0171 5900 dmboot - ok 12:03:28.0187 5900 dmio (6d152a2781ffbd6a63a1e58801240e8e) C:\WINDOWS\system32\drivers\dmio.sys 12:03:28.0203 5900 dmio - ok 12:03:28.0234 5900 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys 12:03:28.0234 5900 dmload - ok 12:03:28.0296 5900 dmserver (6428446df3fe5c3b439973fb4c43d38e) C:\WINDOWS\System32\dmserver.dll 12:03:28.0296 5900 dmserver - ok 12:03:28.0343 5900 DMusic (a6f881284ac1150e37d9ae47ff601267) C:\WINDOWS\system32\drivers\DMusic.sys 12:03:28.0343 5900 DMusic - ok 12:03:28.0421 5900 Dnscache (42970873bc779a19c2baad3fc0d5833a) C:\WINDOWS\System32\dnsrslvr.dll 12:03:28.0421 5900 Dnscache - ok 12:03:28.0484 5900 Dot3svc (0b8193a12175eae5bc34063a63c49cff) C:\WINDOWS\System32\dot3svc.dll 12:03:28.0500 5900 Dot3svc - ok 12:03:28.0500 5900 dpti2o - ok 12:03:28.0531 5900 drmkaud (1ed4dbbae9f5d558dbba4cc450e3eb2e) C:\WINDOWS\system32\drivers\drmkaud.sys 12:03:28.0531 5900 drmkaud - ok 12:03:28.0546 5900 EapHost (95885ec4562461d3ad78aa6ac714d32f) C:\WINDOWS\System32\eapsvc.dll 12:03:28.0546 5900 EapHost - ok 12:03:28.0562 5900 ERSvc (396038f82cb672d83e792092319024aa) C:\WINDOWS\System32\ersvc.dll 12:03:28.0562 5900 ERSvc - ok 12:03:28.0609 5900 Eventlog (32f091e3425759b126760f44b5e931c9) C:\WINDOWS\system32\services.exe 12:03:28.0625 5900 Eventlog - ok 12:03:28.0671 5900 EventSystem (72b9667d6f9ff2a85fcc43fdd7c8ed9f) C:\WINDOWS\system32\es.dll 12:03:28.0671 5900 EventSystem - ok 12:03:28.0968 5900 EvtEng (791464a9e9ade063327a29f1b3f1a86c) C:\Programmer\Intel\WiFi\bin\EvtEng.exe 12:03:28.0984 5900 EvtEng - ok 12:03:29.0031 5900 eyeonedp (8313a6af9de34a9d24df2329a548b004) C:\WINDOWS\system32\DRIVERS\eyeonedp.sys 12:03:29.0031 5900 eyeonedp - ok 12:03:29.0093 5900 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys 12:03:29.0109 5900 Fastfat - ok 12:03:29.0171 5900 FastUserSwitchingCompatibility (a17d630fabfe7b796cbdbee79f9e6612) C:\WINDOWS\System32\shsvcs.dll 12:03:29.0171 5900 FastUserSwitchingCompatibility - ok 12:03:29.0203 5900 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys 12:03:29.0203 5900 Fdc - ok 12:03:29.0312 5900 FileZilla Server (a6320a09363bffb2b953beb2606da7b5) C:\Programmer\xampp\FileZillaFTP\FileZillaServer.exe 12:03:29.0328 5900 FileZilla Server - ok 12:03:29.0406 5900 Fips (bb52a20854cf3e8e0474ee7167c7a3a5) C:\WINDOWS\system32\drivers\Fips.sys 12:03:29.0437 5900 Fips - ok 12:03:29.0546 5900 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys 12:03:29.0562 5900 Flpydisk - ok 12:03:29.0812 5900 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys 12:03:29.0812 5900 FltMgr - ok 12:03:30.0125 5900 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe 12:03:30.0125 5900 FontCache3.0.0.0 - ok 12:03:30.0171 5900 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys 12:03:30.0171 5900 Fs_Rec - ok 12:03:30.0187 5900 Ftdisk (0a58505b5d0aba661d2ff59cd8cf79b9) C:\WINDOWS\system32\DRIVERS\ftdisk.sys 12:03:30.0203 5900 Ftdisk - ok 12:03:30.0234 5900 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys 12:03:30.0234 5900 GEARAspiWDM - ok 12:03:30.0296 5900 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys 12:03:30.0296 5900 Gpc - ok 12:03:30.0421 5900 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Programmer\Google\Update\GoogleUpdate.exe 12:03:30.0421 5900 gupdate - ok 12:03:30.0421 5900 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Programmer\Google\Update\GoogleUpdate.exe 12:03:30.0421 5900 gupdatem - ok 12:03:30.0500 5900 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Programmer\Google\Common\Google Updater\GoogleUpdaterService.exe 12:03:30.0500 5900 gusvc - ok 12:03:30.0578 5900 helpsvc (9e256613b0a999ddd2aa889e340cd402) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll 12:03:30.0578 5900 helpsvc - ok 12:03:30.0640 5900 HidServ (8dbcd76c2a538c26357831dd14cd792f) C:\WINDOWS\System32\hidserv.dll 12:03:30.0656 5900 HidServ - ok 12:03:30.0718 5900 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys 12:03:30.0718 5900 HidUsb - ok 12:03:30.0750 5900 hkmsvc (8751c1091af19d3787798da90ffb0902) C:\WINDOWS\System32\kmsvc.dll 12:03:30.0765 5900 hkmsvc - ok 12:03:30.0765 5900 hpn - ok 12:03:30.0859 5900 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys 12:03:30.0875 5900 HTTP - ok 12:03:31.0015 5900 HTTPFilter (8e23b6943d42d0be0419f3fffde93a31) C:\WINDOWS\System32\w3ssl.dll 12:03:31.0015 5900 HTTPFilter - ok 12:03:31.0062 5900 hwdatacard - ok 12:03:31.0062 5900 hwusbdev - ok 12:03:31.0078 5900 i2omgmt - ok 12:03:31.0093 5900 i2omp - ok 12:03:31.0125 5900 i8042prt (ea89122e6c9c7478d55f138e1599f281) C:\WINDOWS\system32\DRIVERS\i8042prt.sys 12:03:31.0125 5900 i8042prt - ok 12:03:31.0437 5900 ialm - ok 12:03:31.0593 5900 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Programmer\Fælles filer\InstallShield\Driver\11\Intel 32\IDriverT.exe 12:03:31.0593 5900 IDriverT - ok 12:03:31.0796 5900 idsvc (c01ac32dc5c03076cfb852cb5da5229c) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe 12:03:31.0828 5900 idsvc - ok 12:03:31.0953 5900 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys 12:03:31.0953 5900 Imapi - ok 12:03:32.0015 5900 ImapiService (f73c9c37d4b7453c2cb7dcfd2640c75f) C:\WINDOWS\system32\imapi.exe 12:03:32.0031 5900 ImapiService - ok 12:03:32.0031 5900 ini910u - ok 12:03:32.0093 5900 IntelIde (3bcdda95f24d21d4b050c9f0f531c88b) C:\WINDOWS\system32\DRIVERS\intelide.sys 12:03:32.0093 5900 IntelIde - ok 12:03:32.0156 5900 intelppm (d1cd31b6cd4a99f3b82aec84cfdd4cba) C:\WINDOWS\system32\DRIVERS\intelppm.sys 12:03:32.0156 5900 intelppm - ok 12:03:32.0187 5900 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys 12:03:32.0187 5900 Ip6Fw - ok 12:03:32.0234 5900 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys 12:03:32.0234 5900 IpFilterDriver - ok 12:03:32.0265 5900 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys 12:03:32.0265 5900 IpInIp - ok 12:03:32.0296 5900 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys 12:03:32.0296 5900 IpNat - ok 12:03:32.0453 5900 iPod Service (b84a28b3984185eda8867541af14cddb) C:\Programmer\iPod\bin\iPodService.exe 12:03:32.0500 5900 iPod Service - ok 12:03:32.0562 5900 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys 12:03:32.0578 5900 IPSec - ok 12:03:32.0796 5900 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys 12:03:32.0796 5900 IRENUM - ok 12:03:32.0843 5900 isapnp (3ce6ec5903c59223b61f6a0b9b84b022) C:\WINDOWS\system32\DRIVERS\isapnp.sys 12:03:32.0843 5900 isapnp - ok 12:03:33.0031 5900 JavaQuickStarterService (0a5709543986843d37a92290b7838340) C:\Programmer\Java\jre6\bin\jqs.exe 12:03:33.0031 5900 JavaQuickStarterService - ok 12:03:33.0093 5900 Kbdclass (32e823dfd0a7f18cf3b024f78c7aa7dd) C:\WINDOWS\system32\DRIVERS\kbdclass.sys 12:03:33.0093 5900 Kbdclass - ok 12:03:33.0156 5900 kbdhid (530d40f58095397b6b8aa5a0fdd074a5) C:\WINDOWS\system32\DRIVERS\kbdhid.sys 12:03:33.0171 5900 kbdhid - ok 12:03:33.0203 5900 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys 12:03:33.0203 5900 kmixer - ok 12:03:33.0250 5900 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys 12:03:33.0250 5900 KSecDD - ok 12:03:33.0312 5900 lanmanserver (f429b46a773ed6b84025c8ea9949188f) C:\WINDOWS\System32\srvsvc.dll 12:03:33.0312 5900 lanmanserver - ok 12:03:33.0359 5900 LanmanWorkstation (62d286f1131aad51b6d8d8249a27b8ca) C:\WINDOWS\System32\wkssvc.dll 12:03:33.0390 5900 LanmanWorkstation - ok 12:03:33.0406 5900 lbrtfdc - ok 12:03:33.0453 5900 LmHosts (508c79641eb2256d7b8fd9ed64aa7b53) C:\WINDOWS\System32\lmhsvc.dll 12:03:33.0468 5900 LmHosts - ok 12:03:33.0531 5900 MarvinBus (269c14d512b74cc28d2812ff7d1eb066) C:\WINDOWS\system32\DRIVERS\MarvinBus.sys 12:03:33.0546 5900 MarvinBus - ok 12:03:33.0593 5900 MBAMProtector (fb097bbc1a18f044bd17bd2fccf97865) C:\WINDOWS\system32\drivers\mbam.sys 12:03:33.0593 5900 MBAMProtector - ok 12:03:33.0796 5900 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Programmer\Malwarebytes’ Anti-Malware\mbamservice.exe 12:03:33.0828 5900 MBAMService - ok 12:03:33.0890 5900 Messenger (6c585d70d270607ff861d762494b25e2) C:\WINDOWS\System32\msgsvc.dll 12:03:33.0890 5900 Messenger - ok 12:03:34.0031 5900 mi-raysat_3dsmax9_32 (aa0c4a2c33ce075df2c272d678734991) C:\Programmer\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_32server.exe 12:03:34.0046 5900 mi-raysat_3dsmax9_32 - ok 12:03:34.0078 5900 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys 12:03:34.0078 5900 mnmdd - ok 12:03:34.0140 5900 mnmsrvc (8184e5463ab9bb8cfb37a28852db16c5) C:\WINDOWS\system32\mnmsrvc.exe 12:03:34.0140 5900 mnmsrvc - ok 12:03:34.0218 5900 Modem (67ac997db66fdfd07738df58b45cd1b9) C:\WINDOWS\system32\drivers\Modem.sys 12:03:34.0218 5900 Modem - ok 12:03:34.0265 5900 Mouclass (d4ea24072e311adbbbb85f052f21270a) C:\WINDOWS\system32\DRIVERS\mouclass.sys 12:03:34.0265 5900 Mouclass - ok 12:03:34.0312 5900 mouhid (39f0a46109b167707018e8889d5fec93) C:\WINDOWS\system32\DRIVERS\mouhid.sys 12:03:34.0312 5900 mouhid - ok 12:03:34.0359 5900 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys 12:03:34.0375 5900 MountMgr - ok 12:03:34.0437 5900 MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Programmer\Mozilla Maintenance Service\maintenanceservice.exe 12:03:34.0453 5900 MozillaMaintenance - ok 12:03:34.0453 5900 mraid35x - ok 12:03:34.0515 5900 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys 12:03:34.0515 5900 MRxDAV - ok 12:03:34.0640 5900 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 12:03:34.0671 5900 MRxSmb - ok 12:03:34.0718 5900 MSDTC (5375122a1c3abf51a9dbe222398e3a25) C:\WINDOWS\system32\msdtc.exe 12:03:34.0718 5900 MSDTC - ok 12:03:34.0796 5900 MSDV (1477849772712bac69c144dcf2c9ce81) C:\WINDOWS\system32\DRIVERS\msdv.sys 12:03:34.0812 5900 MSDV - ok 12:03:34.0828 5900 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys 12:03:34.0828 5900 Msfs - ok 12:03:34.0828 5900 MSIServer - ok 12:03:34.0859 5900 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys 12:03:34.0859 5900 MSKSSRV - ok 12:03:34.0890 5900 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys 12:03:34.0921 5900 MSPCLOCK - ok 12:03:35.0156 5900 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys 12:03:35.0156 5900 MSPQM - ok 12:03:35.0218 5900 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys 12:03:35.0218 5900 mssmbios - ok 12:03:35.0921 5900 MSSQL$PINNACLESYS (1b959a0614d575d0ab3b09095f0a8b83) C:\Programmer\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe 12:03:36.0000 5900 MSSQL$PINNACLESYS - ok 12:03:36.0171 5900 MSSQLServerADHelper (1d1b22613eab9287af902398867bc93c) C:\Programmer\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe 12:03:36.0171 5900 MSSQLServerADHelper - ok 12:03:36.0500 5900 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys 12:03:36.0500 5900 MSTEE - ok 12:03:36.0593 5900 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys 12:03:36.0593 5900 Mup - ok 12:03:36.0656 5900 mysql - ok 12:03:36.0671 5900 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys 12:03:36.0687 5900 NABTSFEC - ok 12:03:36.0750 5900 napagent (8ff76bff355b66e320bc1e4429c22657) C:\WINDOWS\System32\qagentrt.dll 12:03:36.0765 5900 napagent - ok 12:03:36.0796 5900 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys 12:03:36.0796 5900 NDIS - ok 12:03:36.0828 5900 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys 12:03:36.0828 5900 NdisIP - ok 12:03:36.0875 5900 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys 12:03:36.0875 5900 NdisTapi - ok 12:03:36.0953 5900 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys 12:03:36.0968 5900 Ndisuio - ok 12:03:36.0984 5900 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys 12:03:37.0000 5900 NdisWan - ok 12:03:37.0046 5900 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys 12:03:37.0046 5900 NDProxy - ok 12:03:37.0109 5900 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys 12:03:37.0109 5900 NetBIOS - ok 12:03:37.0140 5900 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys 12:03:37.0140 5900 NetBT - ok 12:03:37.0218 5900 NetDDE (1b81d1d833268a82f979cb4cc8f7a4ef) C:\WINDOWS\system32\netdde.exe 12:03:37.0234 5900 NetDDE - ok 12:03:37.0234 5900 NetDDEdsdm (1b81d1d833268a82f979cb4cc8f7a4ef) C:\WINDOWS\system32\netdde.exe 12:03:37.0250 5900 NetDDEdsdm - ok 12:03:37.0312 5900 Netlogon (ac9fca8bcd685abdb9928b1964b731a2) C:\WINDOWS\system32\lsass.exe 12:03:37.0312 5900 Netlogon - ok 12:03:37.0343 5900 Netman (7b4a4a94389364565c2334a82fcddf67) C:\WINDOWS\System32\netman.dll 12:03:37.0359 5900 Netman - ok 12:03:37.0500 5900 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe 12:03:37.0500 5900 NetTcpPortSharing - ok 12:03:37.0546 5900 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys 12:03:37.0546 5900 NIC1394 - ok 12:03:37.0609 5900 Nla (3b0979e9506755266c100f43d3700ca7) C:\WINDOWS\System32\mswsock.dll 12:03:37.0625 5900 Nla - ok 12:03:37.0687 5900 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys 12:03:37.0687 5900 Npfs - ok 12:03:37.0781 5900 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys 12:03:37.0796 5900 Ntfs - ok 12:03:37.0812 5900 NtLmSsp (ac9fca8bcd685abdb9928b1964b731a2) C:\WINDOWS\system32\lsass.exe 12:03:37.0812 5900 NtLmSsp - ok 12:03:37.0890 5900 NtmsSvc (1fe8446399f6044504f569014a2599b3) C:\WINDOWS\system32\ntmssvc.dll 12:03:37.0906 5900 NtmsSvc - ok 12:03:37.0953 5900 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys 12:03:37.0953 5900 Null - ok 12:03:38.0000 5900 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys 12:03:38.0000 5900 NwlnkFlt - ok 12:03:38.0031 5900 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys 12:03:38.0031 5900 NwlnkFwd - ok 12:03:38.0062 5900 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys 12:03:38.0062 5900 ohci1394 - ok 12:03:38.0187 5900 ose (7a56cf3e3f12e8af599963b16f50fb6a) C:\Programmer\Fælles filer\Microsoft Shared\Source Engine\OSE.EXE 12:03:38.0203 5900 ose - ok 12:03:38.0328 5900 Parport (9e048790f33fe5f4fa9d27b5650a1dd5) C:\WINDOWS\system32\drivers\Parport.sys 12:03:38.0328 5900 Parport - ok 12:03:38.0359 5900 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys 12:03:38.0359 5900 PartMgr - ok 12:03:38.0390 5900 ParVdm (48e97af5b876301131e9d1b0c43212c3) C:\WINDOWS\system32\drivers\ParVdm.sys 12:03:38.0390 5900 ParVdm - ok 12:03:38.0421 5900 PCI (537fcf796cb5c3ab552e078956adfbd7) C:\WINDOWS\system32\DRIVERS\pci.sys 12:03:38.0421 5900 PCI - ok 12:03:38.0437 5900 PCIDump - ok 12:03:38.0468 5900 PCIIde (69ce0d409c11347196147ea4c6c02364) C:\WINDOWS\system32\DRIVERS\pciide.sys 12:03:38.0468 5900 PCIIde - ok 12:03:38.0484 5900 PCLEPCI (1bebe7de8508a02650cdce45c664c2a2) C:\WINDOWS\system32\drivers\pclepci.sys 12:03:38.0484 5900 PCLEPCI - ok 12:03:38.0500 5900 Pcmcia (e980b6d0ca6acba679a0ac810ab9a57c) C:\WINDOWS\system32\DRIVERS\pcmcia.sys 12:03:38.0500 5900 Pcmcia - ok 12:03:38.0500 5900 PDCOMP - ok 12:03:38.0515 5900 PDFRAME - ok 12:03:38.0515 5900 PDIDRV - ok 12:03:38.0546 5900 PDIHWCTL (274fb48dc92e0ec012d4d8d866cfaf8a) C:\WINDOWS\system32\drivers\pdihwctl.sys 12:03:38.0546 5900 PDIHWCTL - ok 12:03:38.0562 5900 PDRELI - ok 12:03:38.0562 5900 PDRFRAME - ok 12:03:38.0593 5900 pendfu (9163be83d58de67f25fae24894ccd80c) C:\WINDOWS\system32\Drivers\pendfu.sys 12:03:38.0609 5900 pendfu - ok 12:03:38.0609 5900 perc2 - ok 12:03:38.0609 5900 perc2hib - ok 12:03:38.0718 5900 PinnacleSys.MediaServer (478d9a1e760f9089de19925616689f0d) c:\programmer\pinnacle\shared files\programs\mediaserver\pmshost.exe 12:03:38.0718 5900 PinnacleSys.MediaServer - ok 12:03:38.0765 5900 PlugPlay (32f091e3425759b126760f44b5e931c9) C:\WINDOWS\system32\services.exe 12:03:38.0765 5900 PlugPlay - ok 12:03:38.0781 5900 PolicyAgent (ac9fca8bcd685abdb9928b1964b731a2) C:\WINDOWS\system32\lsass.exe 12:03:38.0781 5900 PolicyAgent - ok 12:03:38.0828 5900 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys 12:03:38.0843 5900 PptpMiniport - ok 12:03:38.0843 5900 ProtectedStorage (ac9fca8bcd685abdb9928b1964b731a2) C:\WINDOWS\system32\lsass.exe 12:03:38.0843 5900 ProtectedStorage - ok 12:03:38.0875 5900 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys 12:03:38.0875 5900 PSched - ok 12:03:38.0906 5900 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys 12:03:38.0906 5900 Ptilink - ok 12:03:38.0921 5900 ql1080 - ok 12:03:38.0921 5900 Ql10wnt - ok 12:03:38.0937 5900 ql12160 - ok 12:03:38.0937 5900 ql1240 - ok 12:03:38.0953 5900 ql1280 - ok 12:03:38.0968 5900 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys 12:03:38.0968 5900 RasAcd - ok 12:03:39.0015 5900 RasAuto (82c008ec993aba0bbc9d178b25f71746) C:\WINDOWS\System32\rasauto.dll 12:03:39.0031 5900 RasAuto - ok 12:03:39.0046 5900 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys 12:03:39.0046 5900 Rasl2tp - ok 12:03:39.0109 5900 RasMan (8a18f96203be26ad7e6a4af765610527) C:\WINDOWS\System32\rasmans.dll 12:03:39.0125 5900 RasMan - ok 12:03:39.0140 5900 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys 12:03:39.0156 5900 RasPppoe - ok 12:03:39.0171 5900 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys 12:03:39.0171 5900 Raspti - ok 12:03:39.0187 5900 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys 12:03:39.0218 5900 Rdbss - ok 12:03:39.0234 5900 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys 12:03:39.0234 5900 RDPCDD - ok 12:03:39.0296 5900 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys 12:03:39.0312 5900 rdpdr - ok 12:03:39.0359 5900 RDPWD (6589db6e5969f8eee594cf71171c5028) C:\WINDOWS\system32\drivers\RDPWD.sys 12:03:39.0359 5900 RDPWD - ok 12:03:39.0390 5900 RDSessMgr (2c0ab39d91e3c9118a191a48f7bd67f6) C:\WINDOWS\system32\sessmgr.exe 12:03:39.0421 5900 RDSessMgr - ok 12:03:39.0453 5900 redbook (d2ea9dae9a9f1bf40c0ea1d1d7c5592c) C:\WINDOWS\system32\DRIVERS\redbook.sys 12:03:39.0468 5900 redbook - ok 12:03:39.0609 5900 RegSrvc (636aafad77beabe192d01e7e74f4a45b) C:\Programmer\Fælles filer\Intel\WirelessCommon\RegSrvc.exe 12:03:39.0625 5900 RegSrvc - ok 12:03:39.0671 5900 RemoteAccess (bd3ea2fca2d32b003874ba4819f1818c) C:\WINDOWS\System32\mprdim.dll 12:03:39.0687 5900 RemoteAccess - ok 12:03:39.0734 5900 RemoteRegistry (13bcbc0acf9dc7f3192034bd858cc1ad) C:\WINDOWS\system32\regsvc.dll 12:03:39.0750 5900 RemoteRegistry - ok 12:03:39.0765 5900 RpcLocator (9fabc6add7a3212ea934e62943de252c) C:\WINDOWS\system32\locator.exe 12:03:39.0796 5900 RpcLocator - ok 12:03:39.0875 5900 RpcSs (059187b38452a01bb3b397691ddf3552) C:\WINDOWS\System32\rpcss.dll 12:03:39.0890 5900 RpcSs - ok 12:03:39.0937 5900 RSVP (72309905945d7eaab911b376f86b95e6) C:\WINDOWS\system32\rsvp.exe 12:03:39.0953 5900 RSVP - ok 12:03:40.0000 5900 RTL8023xp (1a2a445e8968b2019e75e08f3a1344fc) C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys 12:03:40.0015 5900 RTL8023xp - ok 12:03:40.0265 5900 S24EventMonitor (38b3b88728b3ba3ce726eb974aaff772) C:\Programmer\Intel\WiFi\bin\S24EvMon.exe 12:03:40.0281 5900 S24EventMonitor - ok 12:03:40.0343 5900 s24trans (96b4494d4734970f47c566e098c4f527) C:\WINDOWS\system32\DRIVERS\s24trans.sys 12:03:40.0343 5900 s24trans - ok 12:03:40.0390 5900 SamSs (ac9fca8bcd685abdb9928b1964b731a2) C:\WINDOWS\system32\lsass.exe 12:03:40.0406 5900 SamSs - ok 12:03:40.0468 5900 SCardSvr (c8bf6ae55768820130ecf35a6e4d64cc) C:\WINDOWS\System32\SCardSvr.exe 12:03:40.0484 5900 SCardSvr - ok 12:03:40.0546 5900 Schedule (7d53dc5de342af26401a3cbbbc8cafb8) C:\WINDOWS\system32\schedsvc.dll 12:03:40.0562 5900 Schedule - ok 12:03:40.0625 5900 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys 12:03:40.0625 5900 Secdrv - ok 12:03:40.0640 5900 seclogon (31c48478030803c99a050c47c22d4a9d) C:\WINDOWS\System32\seclogon.dll 12:03:40.0656 5900 seclogon - ok 12:03:40.0718 5900 SENS (1dda52fbbd05d3fa61a209447fa54aef) C:\WINDOWS\system32\sens.dll 12:03:40.0718 5900 SENS - ok 12:03:40.0781 5900 Serial (cffaff678b877ebd642f9721c636b878) C:\WINDOWS\system32\DRIVERS\avidXPserial.sys 12:03:40.0781 5900 Serial - ok 12:03:40.0859 5900 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys 12:03:40.0859 5900 Sfloppy - ok 12:03:40.0906 5900 SharedAccess (27bb7647b600a43147aa2d2c297660f0) C:\WINDOWS\System32\ipnathlp.dll 12:03:40.0921 5900 SharedAccess - ok 12:03:40.0984 5900 ShellHWDetection (a17d630fabfe7b796cbdbee79f9e6612) C:\WINDOWS\System32\shsvcs.dll 12:03:40.0984 5900 ShellHWDetection - ok 12:03:41.0000 5900 Simbad - ok 12:03:41.0031 5900 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys 12:03:41.0031 5900 SLIP - ok 12:03:41.0078 5900 sonypvs1 (dfadfc2c86662f40759bf02add27d569) C:\WINDOWS\system32\DRIVERS\sonypvs1.sys 12:03:41.0093 5900 sonypvs1 - ok 12:03:41.0093 5900 Sparrow - ok 12:03:41.0125 5900 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys 12:03:41.0125 5900 splitter - ok 12:03:41.0203 5900 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe 12:03:41.0203 5900 Spooler - ok 12:03:41.0390 5900 SQLAgent$PINNACLESYS (352e375ab298c23b0f9bc307652c7f50) C:\Programmer\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlagent.EXE 12:03:41.0406 5900 SQLAgent$PINNACLESYS - ok 12:03:41.0437 5900 sr (b3ecb8b07f7991132c71c1b16a82ffe3) C:\WINDOWS\system32\DRIVERS\sr.sys 12:03:41.0437 5900 sr - ok 12:03:41.0515 5900 srservice (1e8f91a7cd08bdb7482746f97365e12e) C:\WINDOWS\system32\srsvc.dll 12:03:41.0515 5900 srservice - ok 12:03:41.0593 5900 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys 12:03:41.0609 5900 Srv - ok 12:03:41.0640 5900 SSDPSRV (b1d1003d618961eb936a0717e74cb147) C:\WINDOWS\System32\ssdpsrv.dll 12:03:41.0656 5900 SSDPSRV - ok 12:03:41.0734 5900 stisvc (787e2a34b0be4b102843d0659811c7ac) C:\WINDOWS\system32\wiaservc.dll 12:03:41.0750 5900 stisvc - ok 12:03:41.0812 5900 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys 12:03:41.0812 5900 streamip - ok 12:03:41.0859 5900 SWDUMon (6ed7abf6cb1e6ec0debb53e0f104ed64) C:\WINDOWS\system32\DRIVERS\SWDUMon.sys 12:03:41.0859 5900 SWDUMon - ok 12:03:41.0875 5900 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys 12:03:41.0875 5900 swenum - ok 12:03:41.0921 5900 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys 12:03:41.0921 5900 swmidi - ok 12:03:41.0937 5900 SwPrv - ok 12:03:41.0953 5900 symc810 - ok 12:03:41.0953 5900 symc8xx - ok 12:03:41.0968 5900 sym_hi - ok 12:03:41.0984 5900 sym_u3 - ok 12:03:42.0031 5900 SynTP (eb363ddfbe8b6d51003ccab29d93d744) C:\WINDOWS\system32\DRIVERS\SynTP.sys 12:03:42.0046 5900 SynTP - ok 12:03:42.0093 5900 sysaudio (650ad082d46bac0e64c9c0e0928492fd) C:\WINDOWS\system32\drivers\sysaudio.sys 12:03:42.0093 5900 sysaudio - ok 12:03:42.0156 5900 SysmonLog (6453945e83873cdc17e81b0e6a71e707) C:\WINDOWS\system32\smlogsvc.exe 12:03:42.0171 5900 SysmonLog - ok 12:03:42.0234 5900 TapiSrv (dd04ba74cf4d5d223675b1bd8326648e) C:\WINDOWS\System32\tapisrv.dll 12:03:42.0250 5900 TapiSrv - ok 12:03:42.0343 5900 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys 12:03:42.0359 5900 Tcpip - ok 12:03:42.0406 5900 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys 12:03:42.0406 5900 TDPIPE - ok 12:03:42.0468 5900 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys 12:03:42.0468 5900 TDTCP - ok 12:03:42.0500 5900 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys 12:03:42.0500 5900 TermDD - ok 12:03:42.0546 5900 TermService (14c8ec0aa06a33ccc5407e4324f91312) C:\WINDOWS\System32\termsrv.dll 12:03:42.0546 5900 TermService - ok 12:03:42.0812 5900 Themes (a17d630fabfe7b796cbdbee79f9e6612) C:\WINDOWS\System32\shsvcs.dll 12:03:42.0812 5900 Themes - ok 12:03:42.0875 5900 TlntSvr (5ca8ca112235e9178f20422a07135f0e) C:\WINDOWS\system32\tlntsvr.exe 12:03:42.0875 5900 TlntSvr - ok 12:03:42.0890 5900 TosIde - ok 12:03:42.0921 5900 TrkWks (f9d5ffa46cde05c235ea258c02ba8a66) C:\WINDOWS\system32\trkwks.dll 12:03:42.0921 5900 TrkWks - ok 12:03:42.0953 5900 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys 12:03:42.0953 5900 Udfs - ok 12:03:43.0031 5900 UI Assistant Service - ok 12:03:43.0046 5900 ultra - ok 12:03:43.0125 5900 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys 12:03:43.0125 5900 Update - ok 12:03:43.0156 5900 upnphost (d091aa5963c06afec8bfc3d5b1b24647) C:\WINDOWS\System32\upnphost.dll 12:03:43.0171 5900 upnphost - ok 12:03:43.0187 5900 UPS (925edcae2170355679e1d2d1e638f68e) C:\WINDOWS\System32\ups.exe 12:03:43.0187 5900 UPS - ok 12:03:43.0234 5900 usbaudio (45a0d14b26c35497ad93bce7e15c9941) C:\WINDOWS\system32\drivers\usbaudio.sys 12:03:43.0234 5900 usbaudio - ok 12:03:43.0281 5900 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys 12:03:43.0281 5900 usbccgp - ok 12:03:43.0343 5900 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys 12:03:43.0343 5900 usbehci - ok 12:03:43.0390 5900 usbhub (c72f40947f92cea56a8fb532edf025f1) C:\WINDOWS\system32\DRIVERS\usbhub.sys 12:03:43.0406 5900 usbhub - ok 12:03:43.0421 5900 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys 12:03:43.0421 5900 usbprint - ok 12:03:43.0437 5900 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys 12:03:43.0437 5900 usbscan - ok 12:03:43.0500 5900 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS 12:03:43.0500 5900 USBSTOR - ok 12:03:43.0531 5900 usbuhci (f8fd1400092e23c8f2f31406ef06167b) C:\WINDOWS\system32\DRIVERS\usbuhci.sys 12:03:43.0531 5900 usbuhci - ok 12:03:43.0546 5900 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys 12:03:43.0546 5900 VgaSave - ok 12:03:43.0546 5900 ViaIde - ok 12:03:43.0578 5900 VolSnap (69d9e1de5f897580f8b1d1957528b0b2) C:\WINDOWS\system32\drivers\VolSnap.sys 12:03:43.0578 5900 VolSnap - ok 12:03:43.0640 5900 VSS (3f5d90c4bb1c6a75e264e8d7148eb3ce) C:\WINDOWS\System32\vssvc.exe 12:03:43.0656 5900 VSS - ok 12:03:43.0828 5900 w22n51 (5bc494442773035da902ab30cdca11e7) C:\WINDOWS\system32\DRIVERS\w22n51.sys 12:03:43.0890 5900 w22n51 - ok 12:03:44.0328 5900 w29n51 (f0608f3b5b6d16f4870e867f9d069b6b) C:\WINDOWS\system32\DRIVERS\w29n51.sys 12:03:44.0375 5900 w29n51 - ok 12:03:44.0437 5900 W32Time (1c398054ba3d3e75e991f548ab8d763f) C:\WINDOWS\system32\w32time.dll 12:03:44.0453 5900 W32Time - ok 12:03:44.0515 5900 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys 12:03:44.0515 5900 Wanarp - ok 12:03:44.0609 5900 Wdf01000 (d918617b46457b9ac28027722e30f647) C:\WINDOWS\system32\Drivers\wdf01000.sys 12:03:44.0625 5900 Wdf01000 - ok 12:03:44.0625 5900 WDICA - ok 12:03:44.0656 5900 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys 12:03:44.0671 5900 wdmaud - ok 12:03:44.0687 5900 WebClient (1a85ad583cd64227203bdc1fe2afa520) C:\WINDOWS\System32\webclnt.dll 12:03:44.0687 5900 WebClient - ok 12:03:44.0812 5900 winmgmt (c16c23396f1c1ba7d170c54ec4e78f1b) C:\WINDOWS\system32\wbem\WMIsvc.dll 12:03:44.0812 5900 winmgmt - ok 12:03:44.0875 5900 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\mspmsnsv.dll 12:03:44.0890 5900 WmdmPmSN - ok 12:03:44.0984 5900 Wmi (031ae33d8f143d37f53e122375950396) C:\WINDOWS\System32\advapi32.dll 12:03:44.0984 5900 Wmi - ok 12:03:45.0015 5900 WmiApSrv (a11d7a4dbabbf29bd66e189905c21d4e) C:\WINDOWS\system32\wbem\wmiapsrv.exe 12:03:45.0031 5900 WmiApSrv - ok 12:03:45.0234 5900 WMPNetworkSvc (6ee45ad8dbef8785b8cd312736626ebe) C:\Programmer\Windows Media Player\WMPNetwk.exe 12:03:45.0250 5900 WMPNetworkSvc - ok 12:03:45.0734 5900 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe 12:03:45.0765 5900 WPFFontCache_v0400 - ok 12:03:45.0859 5900 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys 12:03:45.0875 5900 WS2IFSL - ok 12:03:45.0921 5900 wscsvc (bc71bc51dd57e792851d31795f3edbf1) C:\WINDOWS\system32\wscsvc.dll 12:03:45.0937 5900 wscsvc - ok 12:03:45.0984 5900 WSIMD (43f767d59bfc25d8f4fc2eb42043ec1e) C:\WINDOWS\system32\DRIVERS\wsimd.sys 12:03:45.0984 5900 WSIMD - ok 12:03:46.0031 5900 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS 12:03:46.0046 5900 WSTCODEC - ok 12:03:46.0078 5900 wuauserv (2bc349942c6ce07736f78bec266816ce) C:\WINDOWS\system32\wuauserv.dll 12:03:46.0078 5900 wuauserv - ok 12:03:46.0140 5900 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys 12:03:46.0140 5900 WudfPf - ok 12:03:46.0171 5900 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys 12:03:46.0187 5900 WudfRd - ok 12:03:46.0203 5900 WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll 12:03:46.0218 5900 WudfSvc - ok 12:03:46.0328 5900 WZCSVC (f335fb0f45374c2ea9c3eba798eb550d) C:\WINDOWS\System32\wzcsvc.dll 12:03:46.0359 5900 WZCSVC - ok 12:03:46.0453 5900 XAMPP (89ffafe31a23e11148a7dca3177a107e) C:\Programmer\xampp\service.exe 12:03:46.0468 5900 XAMPP - ok 12:03:46.0500 5900 xmlprov (3fee6c536d5bfc0f1b6bca56f97d1f80) C:\WINDOWS\System32\xmlprov.dll 12:03:46.0515 5900 xmlprov - ok 12:03:46.0515 5900 zte_ecm_enum_filter - ok 12:03:46.0562 5900 MBR (0x1B8) (b8e6c11ca5664dbeda85d7507526e0f4) \Device\Harddisk0\DR0 12:03:47.0328 5900 \Device\Harddisk0\DR0 - ok 12:03:47.0343 5900 Boot (0x1200) (f76435164a6c3ca032fd10f487efe4b7) \Device\Harddisk0\DR0\Partition0 12:03:47.0343 5900 \Device\Harddisk0\DR0\Partition0 - ok 12:03:47.0343 5900 ============================================================ 12:03:47.0343 5900 Scan finished 12:03:47.0343 5900 ============================================================ 12:03:47.0359 4560 Detected object count: 1 12:03:47.0359 4560 Actual detected object count: 1 12:04:14.0937 4560 atapi ( LockedFile.Multi.Generic ) - skipped by user 12:04:14.0937 4560 atapi ( LockedFile.Multi.Generic ) - User select action: Skip 12:05:23.0734 2828 ============================================================ 12:05:23.0734 2828 Scan started 12:05:23.0734 2828 Mode: Manual; TDLFS; 12:05:23.0734 2828 ============================================================ 12:05:23.0984 2828 61883 (914a9709fc3bf419ad2f85547f2a4832) C:\WINDOWS\system32\DRIVERS\61883.sys 12:05:24.0000 2828 61883 - ok 12:05:24.0046 2828 a347bus (1f61cacacb521215f39061789147968c) C:\WINDOWS\system32\DRIVERS\a347bus.sys 12:05:24.0046 2828 a347bus - ok 12:05:24.0062 2828 a347scsi (113e4b318bbaa7483ca4e582a4d63f49) C:\WINDOWS\system32\Drivers\a347scsi.sys 12:05:24.0062 2828 a347scsi - ok 12:05:24.0125 2828 Aavmker4 (2ccfa74242741ca22a4267cce9b586f4) C:\WINDOWS\system32\drivers\Aavmker4.sys 12:05:24.0125 2828 Aavmker4 - ok 12:05:24.0140 2828 Abiosdsk - ok 12:05:24.0156 2828 abp480n5 - ok 12:05:24.0218 2828 ACPI (991b6d6fe2a4d70caf76c41334e60926) C:\WINDOWS\system32\DRIVERS\ACPI.sys 12:05:24.0218 2828 ACPI - ok 12:05:24.0265 2828 ACPIEC (6f99fe216de8c4875dbb12937620da0c) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys 12:05:24.0265 2828 ACPIEC - ok 12:05:24.0359 2828 ACS (170ba964b612a9a62fadd5c71962429e) C:\WINDOWS\system32\acs.exe 12:05:24.0359 2828 ACS - ok 12:05:24.0437 2828 Adobe LM Service (8b46d5a1d3ef08232c04d0eafb871fb2) C:\Programmer\Fælles filer\Adobe Systems Shared\Service\Adobelmsvc.exe 12:05:24.0437 2828 Adobe LM Service - ok 12:05:24.0546 2828 Adobe Version Cue CS2 (41d15ead554396bf35b7c5246ad47a28) C:\Programmer\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe 12:05:24.0546 2828 Adobe Version Cue CS2 - ok 12:05:24.0687 2828 AdobeFlashPlayerUpdateSvc (990dc6edc9f933194d7cd4e65146bc94) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe 12:05:24.0703 2828 AdobeFlashPlayerUpdateSvc - ok 12:05:24.0703 2828 adpu160m - ok 12:05:24.0781 2828 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys 12:05:24.0781 2828 aec - ok 12:05:24.0859 2828 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys 12:05:24.0859 2828 AFD - ok 12:05:25.0031 2828 AgereSoftModem (c62f5fd87cbc94d6d345c30e8931324c) C:\WINDOWS\system32\DRIVERS\AGRSM.sys 12:05:25.0046 2828 AgereSoftModem - ok 12:05:25.0062 2828 Aha154x - ok 12:05:25.0078 2828 aic78u2 - ok 12:05:25.0093 2828 aic78xx - ok 12:05:25.0765 2828 ALCXWDM (dd8520280304b6145a6be31008748c7c) C:\WINDOWS\system32\drivers\ALCXWDM.SYS 12:05:25.0843 2828 ALCXWDM - ok 12:05:26.0156 2828 Alerter (6642db68b97ecb8088fba2d2539fdb7e) C:\WINDOWS\system32\alrsvc.dll 12:05:26.0156 2828 Alerter - ok 12:05:26.0187 2828 ALG (ab74a1b7500aca7d43d84804cbdf11fb) C:\WINDOWS\System32\alg.exe 12:05:26.0187 2828 ALG - ok 12:05:26.0234 2828 AliIde - ok 12:05:26.0250 2828 amsint - ok 12:05:26.0359 2828 Apache2 (de1c6efdca41880221816848b4d78da9) C:\Programmer\xampp\apache\bin\apache.exe 12:05:26.0359 2828 Apache2 - ok 12:05:26.0562 2828 Apple Mobile Device (20f6f19fe9e753f2780dc2fa083ad597) C:\Programmer\Fælles filer\Apple\Mobile Device Support\AppleMobileDeviceService.exe 12:05:26.0562 2828 Apple Mobile Device - ok 12:05:26.0640 2828 AppMgmt (e39274e0be87e672211392a4176c4ee6) C:\WINDOWS\System32\appmgmts.dll 12:05:26.0656 2828 AppMgmt - ok 12:05:26.0718 2828 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys 12:05:26.0718 2828 Arp1394 - ok 12:05:26.0796 2828 arusb(TP-LINK) (d496e93a2448b6bac1fcccec0f1a195f) C:\WINDOWS\system32\DRIVERS\arusb.sys 12:05:26.0812 2828 arusb(TP-LINK) - ok 12:05:26.0859 2828 ASAPIW2K (875f9079cabee679d34b49e466b61701) C:\WINDOWS\system32\drivers\ASAPIW2k.sys 12:05:26.0875 2828 ASAPIW2K - ok 12:05:26.0875 2828 asc - ok 12:05:26.0890 2828 asc3350p - ok 12:05:26.0906 2828 asc3550 - ok 12:05:26.0953 2828 Aspi32 (b979979ab8027f7f53fb16ec4229b7db) C:\WINDOWS\system32\drivers\Aspi32.sys 12:05:26.0953 2828 Aspi32 - ok 12:05:27.0078 2828 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe 12:05:27.0078 2828 aspnet_state - ok 12:05:27.0140 2828 aswFsBlk (b4079a98f294a3e262872cb76f4849f0) C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys 12:05:27.0140 2828 aswFsBlk - ok 12:05:27.0171 2828 aswMon2 (dbee7b5ecb50fc2cf9323f52cbf41141) C:\WINDOWS\system32\drivers\aswMon2.sys 12:05:27.0171 2828 aswMon2 - ok 12:05:27.0203 2828 aswRdr (8080d683489c99cbace813f6fa4069cc) C:\WINDOWS\system32\drivers\aswRdr.sys 12:05:27.0203 2828 aswRdr - ok 12:05:27.0234 2828 aswSP (2e5a2ad5004b55df39b7606130a88142) C:\WINDOWS\system32\drivers\aswSP.sys 12:05:27.0234 2828 aswSP - ok 12:05:27.0265 2828 aswTdi (d4c83a37efadfa2c398362e0776e3773) C:\WINDOWS\system32\drivers\aswTdi.sys 12:05:27.0265 2828 aswTdi - ok 12:05:27.0343 2828 aswUpdSv (5debc3519d489411073fa7e56ffb4a93) C:\Programmer\Alwil Software\Avast4\aswUpdSv.exe 12:05:27.0343 2828 aswUpdSv - ok 12:05:27.0375 2828 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys 12:05:27.0375 2828 AsyncMac - ok 12:05:27.0437 2828 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys 12:05:27.0437 2828 Suspicious file (NoAccess): C:\WINDOWS\system32\DRIVERS\atapi.sys. md5: 9f3a2f5aa6875c72bf062c712cfa2674 12:05:27.0437 2828 atapi ( LockedFile.Multi.Generic ) - warning 12:05:27.0437 2828 atapi - detected LockedFile.Multi.Generic (1) 12:05:27.0453 2828 Atdisk - ok 12:05:27.0468 2828 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys 12:05:27.0468 2828 Atmarpc - ok 12:05:27.0531 2828 AudioSrv (f6c00138b3f637dde807005b16e61dcc) C:\WINDOWS\System32\audiosrv.dll 12:05:27.0531 2828 AudioSrv - ok 12:05:27.0578 2828 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys 12:05:27.0578 2828 audstub - ok 12:05:27.0656 2828 Autodesk Licensing Service - ok 12:05:27.0703 2828 avast! Antivirus (0aaf6b848185899cf76ae04e62eab3d2) C:\Programmer\Alwil Software\Avast4\ashServ.exe 12:05:27.0703 2828 avast! Antivirus - ok 12:05:27.0750 2828 avast! Mail Scanner (b2f564dc59b67763c73269e1a9da7f18) C:\Programmer\Alwil Software\Avast4\ashMaiSv.exe 12:05:27.0750 2828 avast! Mail Scanner - ok 12:05:27.0796 2828 avast! Web Scanner (d86010c96abadda75356834d6113d37d) C:\Programmer\Alwil Software\Avast4\ashWebSv.exe 12:05:27.0812 2828 avast! Web Scanner - ok 12:05:27.0875 2828 Avc (f8e6956a614f15a0860474c5e2a7de6b) C:\WINDOWS\system32\DRIVERS\avc.sys 12:05:27.0875 2828 Avc - ok 12:05:27.0937 2828 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys 12:05:27.0937 2828 Beep - ok 12:05:28.0031 2828 BITS (51c84408e87a52187e25d839c58bdc45) C:\WINDOWS\system32\qmgr.dll 12:05:28.0046 2828 BITS - ok 12:05:28.0218 2828 Bonjour Service (f2060a34c8a75bc24a9222eb4f8c07bd) C:\Programmer\Bonjour\mDNSResponder.exe 12:05:28.0218 2828 Bonjour Service - ok 12:05:28.0265 2828 Browser (58ad7404c7fee33eb0f3fc2bacd04ff6) C:\WINDOWS\System32\browser.dll 12:05:28.0265 2828 Browser - ok 12:05:28.0375 2828 catchme - ok 12:05:28.0390 2828 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys 12:05:28.0390 2828 cbidf2k - ok 12:05:28.0453 2828 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys 12:05:28.0453 2828 CCDECODE - ok 12:05:28.0468 2828 cd20xrnt - ok 12:05:28.0500 2828 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys 12:05:28.0500 2828 Cdaudio - ok 12:05:28.0531 2828 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys 12:05:28.0531 2828 Cdfs - ok 12:05:28.0593 2828 cdrbsdrv (351735695e9ead93de6af85d8beb1ca8) C:\WINDOWS\system32\drivers\cdrbsdrv.sys 12:05:28.0593 2828 cdrbsdrv - ok 12:05:28.0625 2828 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys 12:05:28.0625 2828 Cdrom - ok 12:05:28.0640 2828 Changer - ok 12:05:28.0687 2828 CiSvc (1838615c98afa3a0ac1f4b15a113a82f) C:\WINDOWS\system32\cisvc.exe 12:05:28.0703 2828 CiSvc - ok 12:05:28.0718 2828 ClipSrv (5cea9fbc68fbd66a91e7ef09900ab566) C:\WINDOWS\system32\clipsrv.exe 12:05:28.0718 2828 ClipSrv - ok 12:05:28.0843 2828 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 12:05:28.0843 2828 clr_optimization_v2.0.50727_32 - ok 12:05:29.0171 2828 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 12:05:29.0171 2828 clr_optimization_v4.0.30319_32 - ok 12:05:29.0250 2828 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys 12:05:29.0250 2828 CmBatt - ok 12:05:29.0265 2828 CmdIde - ok 12:05:29.0296 2828 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys 12:05:29.0296 2828 Compbatt - ok 12:05:29.0312 2828 COMSysApp - ok 12:05:29.0359 2828 CPen20 (852d79a0a0fe1c17619d0b2a4789e8a2) C:\WINDOWS\system32\Drivers\CPen20.sys 12:05:29.0359 2828 CPen20 - ok 12:05:29.0359 2828 Cpqarray - ok 12:05:29.0437 2828 CryptSvc (325d42794a21d1717b98f354acf499e2) C:\WINDOWS\System32\cryptsvc.dll 12:05:29.0437 2828 CryptSvc - ok 12:05:29.0453 2828 dac2w2k - ok 12:05:29.0468 2828 dac960nt - ok 12:05:29.0515 2828 DcomLaunch (059187b38452a01bb3b397691ddf3552) C:\WINDOWS\system32\rpcss.dll 12:05:29.0531 2828 DcomLaunch - ok 12:05:29.0609 2828 Dhcp (a6e52fa9ada7f92def4206c0f64f6784) C:\WINDOWS\System32\dhcpcsvc.dll 12:05:29.0609 2828 Dhcp - ok 12:05:29.0671 2828 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys 12:05:29.0671 2828 Disk - ok 12:05:29.0687 2828 dmadmin - ok 12:05:29.0750 2828 dmboot (8a3088f97b2caa3340bbb068f314e596) C:\WINDOWS\system32\drivers\dmboot.sys 12:05:29.0765 2828 dmboot - ok 12:05:29.0812 2828 dmio (6d152a2781ffbd6a63a1e58801240e8e) C:\WINDOWS\system32\drivers\dmio.sys 12:05:29.0812 2828 dmio - ok 12:05:29.0875 2828 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys 12:05:29.0875 2828 dmload - ok 12:05:29.0937 2828 dmserver (6428446df3fe5c3b439973fb4c43d38e) C:\WINDOWS\System32\dmserver.dll 12:05:29.0937 2828 dmserver - ok 12:05:29.0984 2828 DMusic (a6f881284ac1150e37d9ae47ff601267) C:\WINDOWS\system32\drivers\DMusic.sys 12:05:29.0984 2828 DMusic - ok 12:05:30.0046 2828 Dnscache (42970873bc779a19c2baad3fc0d5833a) C:\WINDOWS\System32\dnsrslvr.dll 12:05:30.0062 2828 Dnscache - ok 12:05:30.0109 2828 Dot3svc (0b8193a12175eae5bc34063a63c49cff) C:\WINDOWS\System32\dot3svc.dll 12:05:30.0109 2828 Dot3svc - ok 12:05:30.0109 2828 dpti2o - ok 12:05:30.0156 2828 drmkaud (1ed4dbbae9f5d558dbba4cc450e3eb2e) C:\WINDOWS\system32\drivers\drmkaud.sys 12:05:30.0156 2828 drmkaud - ok 12:05:30.0203 2828 EapHost (95885ec4562461d3ad78aa6ac714d32f) C:\WINDOWS\System32\eapsvc.dll 12:05:30.0203 2828 EapHost - ok 12:05:30.0218 2828 ERSvc (396038f82cb672d83e792092319024aa) C:\WINDOWS\System32\ersvc.dll 12:05:30.0234 2828 ERSvc - ok 12:05:30.0281 2828 Eventlog (32f091e3425759b126760f44b5e931c9) C:\WINDOWS\system32\services.exe 12:05:30.0281 2828 Eventlog - ok 12:05:30.0343 2828 EventSystem (72b9667d6f9ff2a85fcc43fdd7c8ed9f) C:\WINDOWS\system32\es.dll 12:05:30.0343 2828 EventSystem - ok 12:05:30.0656 2828 EvtEng (791464a9e9ade063327a29f1b3f1a86c) C:\Programmer\Intel\WiFi\bin\EvtEng.exe 12:05:30.0671 2828 EvtEng - ok 12:05:30.0718 2828 eyeonedp (8313a6af9de34a9d24df2329a548b004) C:\WINDOWS\system32\DRIVERS\eyeonedp.sys 12:05:30.0718 2828 eyeonedp - ok 12:05:30.0796 2828 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys 12:05:30.0796 2828 Fastfat - ok 12:05:30.0875 2828 FastUserSwitchingCompatibility (a17d630fabfe7b796cbdbee79f9e6612) C:\WINDOWS\System32\shsvcs.dll 12:05:30.0875 2828 FastUserSwitchingCompatibility - ok 12:05:30.0906 2828 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys 12:05:30.0906 2828 Fdc - ok 12:05:31.0015 2828 FileZilla Server (a6320a09363bffb2b953beb2606da7b5) C:\Programmer\xampp\FileZillaFTP\FileZillaServer.exe 12:05:31.0015 2828 FileZilla Server - ok 12:05:31.0046 2828 Fips (bb52a20854cf3e8e0474ee7167c7a3a5) C:\WINDOWS\system32\drivers\Fips.sys 12:05:31.0046 2828 Fips - ok 12:05:31.0062 2828 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys 12:05:31.0062 2828 Flpydisk - ok 12:05:31.0125 2828 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys 12:05:31.0125 2828 FltMgr - ok 12:05:31.0281 2828 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe 12:05:31.0281 2828 FontCache3.0.0.0 - ok 12:05:31.0312 2828 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys 12:05:31.0312 2828 Fs_Rec - ok 12:05:31.0359 2828 Ftdisk (0a58505b5d0aba661d2ff59cd8cf79b9) C:\WINDOWS\system32\DRIVERS\ftdisk.sys 12:05:31.0359 2828 Ftdisk - ok 12:05:31.0390 2828 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys 12:05:31.0390 2828 GEARAspiWDM - ok 12:05:31.0453 2828 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys 12:05:31.0453 2828 Gpc - ok 12:05:31.0593 2828 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Programmer\Google\Update\GoogleUpdate.exe 12:05:31.0593 2828 gupdate - ok 12:05:31.0609 2828 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Programmer\Google\Update\GoogleUpdate.exe 12:05:31.0609 2828 gupdatem - ok 12:05:31.0703 2828 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Programmer\Google\Common\Google Updater\GoogleUpdaterService.exe 12:05:31.0703 2828 gusvc - ok 12:05:31.0781 2828 helpsvc (9e256613b0a999ddd2aa889e340cd402) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll 12:05:31.0781 2828 helpsvc - ok 12:05:31.0843 2828 HidServ (8dbcd76c2a538c26357831dd14cd792f) C:\WINDOWS\System32\hidserv.dll 12:05:31.0859 2828 HidServ - ok 12:05:31.0937 2828 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys 12:05:31.0937 2828 HidUsb - ok 12:05:31.0984 2828 hkmsvc (8751c1091af19d3787798da90ffb0902) C:\WINDOWS\System32\kmsvc.dll 12:05:31.0984 2828 hkmsvc - ok 12:05:32.0000 2828 hpn - ok 12:05:32.0093 2828 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys 12:05:32.0093 2828 HTTP - ok 12:05:32.0156 2828 HTTPFilter (8e23b6943d42d0be0419f3fffde93a31) C:\WINDOWS\System32\w3ssl.dll 12:05:32.0156 2828 HTTPFilter - ok 12:05:32.0171 2828 hwdatacard - ok 12:05:32.0203 2828 hwusbdev - ok 12:05:32.0218 2828 i2omgmt - ok 12:05:32.0218 2828 i2omp - ok 12:05:32.0265 2828 i8042prt (ea89122e6c9c7478d55f138e1599f281) C:\WINDOWS\system32\DRIVERS\i8042prt.sys 12:05:32.0265 2828 i8042prt - ok 12:05:32.0578 2828 ialm - ok 12:05:32.0796 2828 IDriverT (1cf03c69b49acb70c722df92755c0c8c) C:\Programmer\Fælles filer\InstallShield\Driver\11\Intel 32\IDriverT.exe 12:05:32.0796 2828 IDriverT - ok 12:05:33.0046 2828 idsvc (c01ac32dc5c03076cfb852cb5da5229c) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe 12:05:33.0062 2828 idsvc - ok 12:05:33.0187 2828 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys

1 af 4

Næste

Sidst »