Spywarefri Forum

3 af 4

Virua??

[ Ignorer ] [ # 31 ] nicko10
16.07.2012 18:01:03 Antal indlæg: 30	Jeg tror sq det lykkedes rigtig denne gang.. :-D Jeg er jo bare PC spasser.. ComboFix 12-07-16.01 - Bruger 16-07-2012 17:46:14.6.4 - x64 Microsoft Windows 7 Professional 6.1.7601.1.1252.45.1030.18.3891.2510 [GMT 2:00] Kører fra: c:\users\Bruger\Desktop\ComboFix.exe Kommandoer benyttet :: c:\users\Bruger\Desktop\CFScript.txt SP: Windows Defender Enabled/Outdated {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . FILE :: “c:\windows\system32\drivers\bkezgdvb.sys” . . ((((((((((((((((((((((((((((((((((((((( Andet, der er slettet ))))))))))))))))))))))))))))))))))))))))))))))))) . . . ((((((((((((((((((((((((((((((((((((((( Drivers/Tjenester ))))))))))))))))))))))))))))))))))))))))))))))))) . . ———-\Service_bkezgdvb . . ((((((((((((((((((((((((((((( Filer skabt fra 2012-06-16 til 2012-07-16 ))))))))))))))))))))))))))))))))))) . . 2012-07-16 01:57 . 2012-07-16 01:57 ———— d——-w- C:\FRST 2012-07-14 23:11 . 2012-07-14 23:11 544008 ——a-w- c:\windows\system32\npdeployJava1.dll 2012-07-14 23:11 . 2012-07-14 23:11 ———— d——-w- c:\program files\Java 2012-07-14 23:05 . 2012-07-14 23:05 ———— d——-w- c:\users\Bruger\AppData\Local\Secunia PSI 2012-07-14 22:48 . 2012-05-04 11:00 366592 ——a-w- c:\windows\system32\qdvd.dll 2012-07-14 22:48 . 2012-05-04 09:59 514560 ——a-w- c:\windows\SysWow64\qdvd.dll 2012-07-14 20:57 . 2012-07-14 20:57 ———— d——-w- c:\users\Bruger\AppData\Roaming\SUPERAntiSpyware.com 2012-07-14 20:51 . 2012-07-14 20:51 ———— d——-w- c:\users\Bruger\AppData\Roaming\Malwarebytes 2012-07-14 20:51 . 2010-04-29 13:39 24664 ——a-w- c:\windows\system32\drivers\mbam.sys 2012-07-14 09:29 . 2012-07-14 09:29 ———— d——-w- c:\program files (x86)\Common Files\Java 2012-07-14 09:29 . 2012-07-14 09:29 ———— d——-w- c:\program files (x86)\Oracle 2012-07-14 07:58 . 2012-07-14 07:58 ———— d——-w- c:\program files\Google 2012-07-13 17:44 . 2012-06-12 03:08 3148800 ——a-w- c:\windows\system32\win32k.sys 2012-07-13 15:07 . 2012-06-06 06:06 2004480 ——a-w- c:\windows\system32\msxml6.dll 2012-07-06 19:09 . 2012-07-03 16:21 285328 ——a-w- c:\windows\system32\aswBoot.exe 2012-07-06 18:32 . 2012-07-06 18:32 328704 ——a-w- c:\windows\system32\services.exe.59386698FA441EBD 2012-07-06 18:27 . 2012-07-06 18:27 328704 ——a-w- c:\windows\system32\services.exe.FAC23AEE9185AF52 2012-07-05 11:22 . 2012-07-05 11:22 328704 ——a-w- c:\windows\system32\services.exe.C12CDEF9763B4051 2012-07-05 11:09 . 2012-07-05 11:09 328704 ——a-w- c:\windows\system32\services.exe.418199560E4C1CFD 2012-07-05 11:04 . 2012-07-05 11:04 328704 ——a-w- c:\windows\system32\services.exe.F4B6219652D83EA5 2012-07-05 10:59 . 2012-07-05 10:59 328704 ——a-w- c:\windows\system32\services.exe.548FD81E8BA5215B 2012-07-05 10:49 . 2012-07-05 10:49 328704 ——a-w- c:\windows\system32\services.exe.B1E1D9BC712D6D70 2012-07-05 04:53 . 2012-07-05 04:53 328704 ——a-w- c:\windows\system32\services.exe.4EED60BF51DE80FE 2012-07-05 04:44 . 2012-07-05 04:44 328704 ——a-w- c:\windows\system32\services.exe.BC63FE0941504DD8 2012-07-04 20:57 . 2012-07-04 20:57 328704 ——a-w- c:\windows\system32\services.exe.E72716115E29A0E6 2012-07-04 20:49 . 2012-07-04 20:49 328704 ——a-w- c:\windows\system32\services.exe.E317392EDB05A41C 2012-07-04 20:40 . 2012-07-04 20:40 328704 ——a-w- c:\windows\system32\services.exe.A58CA16EF1E8C195 2012-07-04 20:35 . 2012-07-04 20:35 328704 ——a-w- c:\windows\system32\services.exe.BC6E54315F7687BB 2012-07-04 19:02 . 2012-07-04 19:02 328704 ——a-w- c:\windows\system32\services.exe.9BA4BF1D852E7325 2012-07-04 18:58 . 2012-07-04 18:58 328704 ——a-w- c:\windows\system32\services.exe.F546FFC94B4716B7 2012-07-04 18:53 . 2012-07-04 18:53 328704 ——a-w- c:\windows\system32\services.exe.B13AF585757807BB 2012-07-04 18:49 . 2012-07-04 18:49 328704 ——a-w- c:\windows\system32\services.exe.AF1EFA474609A73E 2012-07-04 18:44 . 2012-07-04 18:44 328704 ——a-w- c:\windows\system32\services.exe.035E52564A759124 2012-07-04 18:40 . 2012-07-04 18:40 328704 ——a-w- c:\windows\system32\services.exe.9BD2F869FA14C68D 2012-07-04 18:35 . 2012-07-04 18:35 328704 ——a-w- c:\windows\system32\services.exe.877CEAB57B5333DD 2012-07-04 18:31 . 2012-07-04 18:31 328704 ——a-w- c:\windows\system32\services.exe.EE855FD8BC146F77 2012-07-04 18:26 . 2012-07-04 18:26 328704 ——a-w- c:\windows\system32\services.exe.BF9015058A3F0B76 2012-07-04 18:22 . 2012-07-04 18:22 328704 ——a-w- c:\windows\system32\services.exe.CDACDA4183A830EE 2012-07-04 18:17 . 2012-07-04 18:17 328704 ——a-w- c:\windows\system32\services.exe.5C5C5105D6E51938 2012-07-04 18:13 . 2012-07-04 18:13 328704 ——a-w- c:\windows\system32\services.exe.B4F7C06DB75FF1DB 2012-07-04 18:08 . 2012-07-04 18:08 328704 ——a-w- c:\windows\system32\services.exe.0DFDFC362A1BDDE1 2012-07-04 18:04 . 2012-07-04 18:04 328704 ——a-w- c:\windows\system32\services.exe.3ED3AA4B8F3FC0C2 2012-07-04 18:00 . 2012-07-04 18:00 328704 ——a-w- c:\windows\system32\services.exe.7D7EF44106CC8F35 2012-07-04 17:55 . 2012-07-04 17:55 328704 ——a-w- c:\windows\system32\services.exe.764D436137737309 2012-07-04 17:51 . 2012-07-04 17:51 328704 ——a-w- c:\windows\system32\services.exe.67306F7CEB2A265F 2012-07-04 17:46 . 2012-07-04 17:46 328704 ——a-w- c:\windows\system32\services.exe.6BA21833F5B256BC 2012-07-04 17:42 . 2012-07-04 17:42 328704 ——a-w- c:\windows\system32\services.exe.C8CEF1EB7CB1E3AD 2012-07-04 17:37 . 2012-07-04 17:37 328704 ——a-w- c:\windows\system32\services.exe.698EF8C47725CC34 2012-07-04 17:33 . 2012-07-04 17:33 328704 ——a-w- c:\windows\system32\services.exe.F22A23E488C6ED75 2012-07-04 17:29 . 2012-07-04 17:29 328704 ——a-w- c:\windows\system32\services.exe.EA8BB7EC37FEADF2 2012-07-04 17:24 . 2012-07-04 17:24 328704 ——a-w- c:\windows\system32\services.exe.EE9A8963A0B669F2 2012-07-04 17:20 . 2012-07-04 17:20 328704 ——a-w- c:\windows\system32\services.exe.D2418C053797CF6D 2012-07-04 17:15 . 2012-07-04 17:15 328704 ——a-w- c:\windows\system32\services.exe.680D252C12106182 2012-07-04 17:11 . 2012-07-04 17:11 328704 ——a-w- c:\windows\system32\services.exe.A4B96FC95B120F9F 2012-07-04 17:06 . 2012-07-04 17:06 328704 ——a-w- c:\windows\system32\services.exe.17B28A29E0EAD4F7 2012-07-04 17:02 . 2012-07-04 17:02 328704 ——a-w- c:\windows\system32\services.exe.88B73C11395681A8 2012-07-04 16:57 . 2012-07-04 16:57 328704 ——a-w- c:\windows\system32\services.exe.E150F30A52DD4EF5 2012-07-04 16:53 . 2012-07-04 16:53 328704 ——a-w- c:\windows\system32\services.exe.640AC1D22B0F6D44 2012-07-04 16:48 . 2012-07-04 16:48 328704 ——a-w- c:\windows\system32\services.exe.81941FE844F2C139 2012-07-04 16:44 . 2012-07-04 16:44 328704 ——a-w- c:\windows\system32\services.exe.669D7ADF0D2459FC 2012-07-04 16:40 . 2012-07-04 16:40 328704 ——a-w- c:\windows\system32\services.exe.9E271461B7FE4A0F 2012-07-04 16:35 . 2012-07-04 16:35 328704 ——a-w- c:\windows\system32\services.exe.C2018DECE6B88D51 2012-07-04 16:31 . 2012-07-04 16:31 328704 ——a-w- c:\windows\system32\services.exe.7106C8744516DF5B 2012-07-04 16:26 . 2012-07-04 16:26 328704 ——a-w- c:\windows\system32\services.exe.6E832EF5479EFA10 2012-07-04 16:22 . 2012-07-04 16:22 328704 ——a-w- c:\windows\system32\services.exe.42856EDDF3C0ABA6 2012-07-04 16:17 . 2012-07-04 16:17 328704 ——a-w- c:\windows\system32\services.exe.6EE1EAE8722C20EE 2012-07-04 16:13 . 2012-07-04 16:13 328704 ——a-w- c:\windows\system32\services.exe.7B94260620BF7A85 2012-07-04 16:08 . 2012-07-04 16:08 328704 ——a-w- c:\windows\system32\services.exe.ADA899C2F9D79F23 2012-07-04 16:04 . 2012-07-04 16:04 328704 ——a-w- c:\windows\system32\services.exe.94DAFC81239AF8C4 2012-07-04 15:59 . 2012-07-04 15:59 328704 ——a-w- c:\windows\system32\services.exe.B95026EF24D45098 2012-07-04 15:55 . 2012-07-04 15:55 328704 ——a-w- c:\windows\system32\services.exe.FA5EED9C75604162 2012-07-04 15:51 . 2012-07-04 15:51 328704 ——a-w- c:\windows\system32\services.exe.301A1DCC17471D30 2012-07-04 15:46 . 2012-07-04 15:46 328704 ——a-w- c:\windows\system32\services.exe.026786B94EC04C0E 2012-07-04 15:42 . 2012-07-04 15:42 328704 ——a-w- c:\windows\system32\services.exe.1D9118A88BB8C66F 2012-06-24 12:32 . 2012-06-02 22:19 2428952 ——a-w- c:\windows\system32\wuaueng.dll 2012-06-24 12:32 . 2012-06-02 22:19 57880 ——a-w- c:\windows\system32\wuauclt.exe 2012-06-24 12:32 . 2012-06-02 22:19 44056 ——a-w- c:\windows\system32\wups2.dll 2012-06-24 12:32 . 2012-06-02 22:15 2622464 ——a-w- c:\windows\system32\wucltux.dll 2012-06-24 12:32 . 2012-06-02 22:19 38424 ——a-w- c:\windows\system32\wups.dll 2012-06-24 12:32 . 2012-06-02 22:19 701976 ——a-w- c:\windows\system32\wuapi.dll 2012-06-24 12:32 . 2012-06-02 22:15 99840 ——a-w- c:\windows\system32\wudriver.dll 2012-06-24 12:32 . 2012-06-02 13:19 186752 ——a-w- c:\windows\system32\wuwebv.dll 2012-06-24 12:32 . 2012-06-02 13:15 36864 ——a-w- c:\windows\system32\wuapp.exe . . . (((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-07-14 23:11 . 2012-01-02 14:29 525576 ——a-w- c:\windows\system32\deployJava1.dll 2012-07-13 15:33 . 2012-04-07 11:18 426184 ——a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2012-07-13 15:33 . 2011-12-21 20:34 70344 ——a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2012-07-05 20:06 . 2012-05-12 11:00 772544 ——a-w- c:\windows\SysWow64\npdeployJava1.dll 2012-07-05 20:06 . 2011-12-18 00:19 687544 ——a-w- c:\windows\SysWow64\deployJava1.dll 2012-05-04 11:06 . 2012-06-13 14:28 5559664 ——a-w- c:\windows\system32\ntoskrnl.exe 2012-05-04 10:03 . 2012-06-13 14:28 3968368 ——a-w- c:\windows\SysWow64\ntkrnlpa.exe 2012-05-04 10:03 . 2012-06-13 14:28 3913072 ——a-w- c:\windows\SysWow64\ntoskrnl.exe 2012-05-01 05:40 . 2012-06-13 14:28 209920 ——a-w- c:\windows\system32\profsvc.dll 2012-04-28 03:55 . 2012-06-13 14:28 210944 ——a-w- c:\windows\system32\drivers\rdpwd.sys 2012-04-26 05:41 . 2012-06-13 14:28 77312 ——a-w- c:\windows\system32\rdpwsx.dll 2012-04-26 05:41 . 2012-06-13 14:28 149504 ——a-w- c:\windows\system32\rdpcorekmts.dll 2012-04-26 05:34 . 2012-06-13 14:28 9216 ——a-w- c:\windows\system32\rdrmemptylst.exe 2012-04-24 05:37 . 2012-06-13 14:27 184320 ——a-w- c:\windows\system32\cryptsvc.dll 2012-04-24 05:37 . 2012-06-13 14:27 140288 ——a-w- c:\windows\system32\cryptnet.dll 2012-04-24 05:37 . 2012-06-13 14:27 1462272 ——a-w- c:\windows\system32\crypt32.dll 2012-04-24 04:36 . 2012-06-13 14:27 1158656 ——a-w- c:\windows\SysWow64\crypt32.dll 2012-04-24 04:36 . 2012-06-13 14:27 140288 ——a-w- c:\windows\SysWow64\cryptsvc.dll 2012-04-24 04:36 . 2012-06-13 14:27 103936 ——a-w- c:\windows\SysWow64\cryptnet.dll . . (((((((((((((((((((((((((((((((((((((((((((( Look ))))))))))))))))))))))))))))))))))))))))))))))))))))))))) . . —- c:\windows\system32\services.exe—- Company: Microsoft Corporation File Description: Tjenester og controllerprogrammer File Version: 6.1.7600.16385 (win7_rtm.090713-1255) Product Name: Microsoft® Windows® Operativsystem Copyright: © Microsoft Corporation. Alle rettigheder forbeholdes. Original Filename: services.exe.mui File size: 328704 Created time: 2009-07-13 23:19 Modified time: 2009-07-14 01:39 MD5: 24ACB7E5BE595468E3B9AA488B9B4FCB SHA1: A5B16A7D28D2BA79A9CCFC16ED480AD75A757166 . . —- c:\windows\system32\services.exe.59386698FA441EBD—- Company: Microsoft Corporation File Description: Tjenester og controllerprogrammer File Version: 6.1.7600.16385 (win7_rtm.090713-1255) Product Name: Microsoft® Windows® Operativsystem Copyright: © Microsoft Corporation. Alle rettigheder forbeholdes. Original Filename: services.exe.mui File size: 328704 Created time: 2012-07-06 18:32 Modified time: 2012-07-06 18:32 MD5: 24ACB7E5BE595468E3B9AA488B9B4FCB SHA1: A5B16A7D28D2BA79A9CCFC16ED480AD75A757166 . . ((((((((((((((((((((((((((((((((((( Start steder i reg.basen )))))))))))))))))))))))))))))))))))))))))))))))) . . Bemærk tomme linier & lovlige standard linier vises ikke REGEDIT4 . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] @=”{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}” [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2011-12-05 19:17 94208 ——a-w- c:\users\Bruger\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] @=”{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}” [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2011-12-05 19:17 94208 ——a-w- c:\users\Bruger\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] @=”{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}” [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2011-12-05 19:17 94208 ——a-w- c:\users\Bruger\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] “LtMoh”=“c:\program files\ltmoh\Ltmoh.exe” [2009-12-04 195080] “Skype”=“c:\program files (x86)\Skype\Phone\Skype.exe” [2012-07-03 17417392] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] “IMSS”=“c:\program files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe” [2009-11-01 104960] “IndicatorUtility”=“c:\program files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe” [2009-10-09 47976] “LoadFUJ02E3”=“c:\program files (x86)\Fujitsu\FUJ02E3\FUJ02E3.exe” [2009-06-16 36712] “Adobe ARM”=“c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe” [2012-01-03 843712] . c:\users\Bruger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Dropbox.lnk - c:\users\Bruger\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-5-24 27112840] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] “ConsentPromptBehaviorAdmin”= 5 (0x5) “ConsentPromptBehaviorUser”= 3 (0x3) “EnableUIADesktopToggle”= 0 (0x0) . R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 gupdate;Google Update Tjeneste (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-07-06 136176] R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-06-07 160944] R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-13 250056] R3 BrSerIb;Brother MFC Serial Interface Driver(WDM);c:\windows\system32\DRIVERS\BrSerIb.sys [2009-07-14 281088] R3 BrUsbSIb;Brother MFC Serial USB Driver(WDM);c:\windows\system32\DRIVERS\BrUsbSIb.sys [2009-06-10 15360] R3 gupdatem;Google Update Tjeneste (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-07-06 136176] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392] R3 WatAdminSvc;Tjenesten Windows Aktivering;c:\windows\system32\Wat\WatAdminSvc.exe [2011-12-18 1255736] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904] S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928] S2 PowerSavingUtilityService;PowerSavingUtilityService;c:\program files\Fujitsu\PSUtility\PSUService.exe [2009-07-30 63336] S2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-06-19 3048136] S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-11-01 2314240] S2 VFPRadioSupportService;Understøttelse af Bluetooth funktioner;c:\program files\CSR\Bluetooth Feature Pack 5.0\VFPRadioSupportService.exe [2009-10-12 145792] S2 WirelessSelectorService;WirelessSelectorService;c:\program files\Fujitsu\WirelessSelector\WSUService.exe [2009-07-21 62312] S3 e1kexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver K;c:\windows\system32\DRIVERS\e1k62x64.sys [2009-11-01 283824] S3 FUJ02E3;Fujitsu FUJ02E3 Device Driver;c:\windows\system32\DRIVERS\FUJ02E3.sys [2006-11-01 7296] S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2009-11-01 56344] S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [2009-10-26 151936] S3 IntcDAud;Intel(R) lyd for skærm;c:\windows\system32\DRIVERS\IntcDAud.sys [2009-11-27 244736] S3 O2MDRDR;O2MDRDR;c:\windows\system32\DRIVERS\o2mdx64.sys [2009-05-13 58400] S3 O2SDRDR;O2SDRDR;c:\windows\system32\DRIVERS\o2sdx64.sys [2009-07-03 56096] . . Indhold af mappen ‘Planlagte Opgaver’ . 2012-07-16 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-07 15:33] . 2012-07-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-07-06 19:09] . 2012-07-16 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-07-06 19:09] . . ————- X64 Entries—————- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] @=”{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}” [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2011-12-05 19:17 97792 ——a-w- c:\users\Bruger\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] @=”{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}” [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2011-12-05 19:17 97792 ——a-w- c:\users\Bruger\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] @=”{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}” [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2011-12-05 19:17 97792 ——a-w- c:\users\Bruger\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4] @=”{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}” [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}] 2011-12-05 19:17 97792 ——a-w- c:\users\Bruger\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] “RtHDVCpl”=“c:\program files\Realtek\Audio\HDA\RAVCpl64.exe” [2009-10-28 8312352] “SynTPEnh”=“c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe” [BU] “LoadFujitsuQuickTouch”=“c:\program files\Fujitsu\Application Panel\QuickTouch.exe” [2009-10-15 157544] “LoadBtnHnd”=“c:\program files\Fujitsu\Application Panel\BtnHnd.exe” [2009-10-15 35176] “PSUTility”=“c:\program files\Fujitsu\PSUtility\TrayManager.exe” [2009-07-30 188264] “FDM7”=“c:\program files\Fujitsu\FDM7\FdmDaemon.exe” [2009-10-27 164712] “ConMgr”=“c:\program files\CSR\Bluetooth Feature Pack 5.0\ConMgr.exe” [2009-10-12 535392] “CSRSkype”=“c:\program files\CSR\Bluetooth Feature Pack 5.0\CSRSkype.exe” [2009-10-12 431456] “IgfxTray”=“c:\windows\system32\igfxtray.exe” [2012-01-10 167704] “HotKeysCmds”=“c:\windows\system32\hkcmd.exe” [2012-01-10 392984] “Persistence”=“c:\windows\system32\igfxpers.exe” [2012-01-10 417560] “combofix”=“c:\combofix\CF21413.3XE” [2010-11-20 345088] . ———- Yderligere scanning———- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://www.google.dk/ mLocal Page = c:\windows\SysWOW64\blank.htm TCP: DhcpNameServer = 212.10.10.5 212.10.10.4 . . ——————————- LÅSTE REGISTRERINGS NØGLER——————————- . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @=“FlashBroker” “LocalizedString”=”@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_265_ActiveX.exe,-101” . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] “Enabled”=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @=“c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_265_ActiveX.exe” . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @=”{FAB3E735-69C7-453B-A446-B6823C6DF1C9}” . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @=“Shockwave Flash Object” . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @=“c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx” “ThreadingModel”=“Apartment” . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @=“0” . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @=“ShockwaveFlash.ShockwaveFlash.11” . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @=“c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx, 1” . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @=”{D27CDB6B-AE6D-11cf-96B8-444553540000}” . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @=“1.0” . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @=“ShockwaveFlash.ShockwaveFlash” . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @=“Macromedia Flash Factory Object” . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @=“c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx” “ThreadingModel”=“Apartment” . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @=“FlashFactory.FlashFactory.1” . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @=“c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx, 1” . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @=”{D27CDB6B-AE6D-11cf-96B8-444553540000}” . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @=“1.0” . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @=“FlashFactory.FlashFactory” . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @=“IFlashBroker4” . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @=”{00020424-0000-0000-C000-000000000046}” . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @=”{FAB3E735-69C7-453B-A446-B6823C6DF1C9}” “Version”=“1.0” . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) “BlindDial”=dword:00000000 “MSCurrentCountry”=dword:000000b5 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) “BlindDial”=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ————————————Andre kørende processer———————————— . c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe c:\windows\SysWOW64\o2flash.exe . ************************************************************************** . Gennemført tid: 2012-07-16 17:54:25 - maskinen blev genstartet ComboFix-quarantined-files.txt 2012-07-16 15:54 ComboFix2.txt 2012-07-16 14:30 ComboFix3.txt 2012-07-16 13:19 ComboFix4.txt 2012-07-16 13:06 ComboFix5.txt 2012-07-16 15:45 . Pre-Kørsel: 240.181.829.632 byte ledig Post-Kørsel: 239.963.439.104 byte ledig . - - End Of File - - 268E4FCC4BFF6701BDB6E2CE64962AD0
[ Ignorer ] [ # 32 ] Peder TeamSpywarefri
16.07.2012 18:35:28 Redaktør Team Spywarefri Antal indlæg: 14028	Så var der dette > Download Tdsskiller.zip på dit skrivebord og pak den ud i en mappe. Kør TDSSKiller.exe -> Klik på “Start Scan” Mht.: Vista og Windows 7 - Højreklik på filen - Kør som Administrator. Under “Change parameters” sætter du flueben ved “Detect TDLFS file system” Klik på “Start Scan” Hvis en inficeret fil bliver fundet, vil ”Default action” være Cure, klik på Continue Hvis den finder TDLFS file system, klikker du på Delete. Hvis en mistænkelig fil opdages, vil ”Default action” være Skip, klik på Continue Hvis den ikke spørger om ”Reboot” (genstart) så klik på ”Report”, kopier den tekst herind i tråden. Genstart hvis den kræver det. Hvis den genstarter kan du finde logfilen her : C:\TDSSKiller.[Version]_[Dato]_[Tidspunkt]_log.txt. Kopier den tekst herind I denne tråd. Signatur Kaffen er drukket Kassen er lukket Støtten gør mere nytte Hos de små og forknytte Børns Vilkår
[ Ignorer ] [ # 33 ] nicko10
16.07.2012 21:55:07 Antal indlæg: 30	21:51:15.0987 3804 TDSS rootkit removing tool 2.7.45.0 Jul 9 2012 12:46:35 21:51:16.0128 3804 ============================================================ 21:51:16.0128 3804 Current date / time: 2012/07/16 21:51:16.0128 21:51:16.0128 3804 SystemInfo: 21:51:16.0128 3804 21:51:16.0128 3804 OS Version: 6.1.7601 ServicePack: 1.0 21:51:16.0128 3804 Product type: Workstation 21:51:16.0128 3804 ComputerName: FSE780-1 21:51:16.0143 3804 UserName: Bruger 21:51:16.0143 3804 Windows directory: C:\Windows 21:51:16.0143 3804 System windows directory: C:\Windows 21:51:16.0143 3804 Running under WOW64 21:51:16.0143 3804 Processor architecture: Intel x64 21:51:16.0143 3804 Number of processors: 4 21:51:16.0143 3804 Page size: 0x1000 21:51:16.0143 3804 Boot type: Normal boot 21:51:16.0143 3804 ============================================================ 21:51:16.0518 3804 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type ‘K0’, Flags 0x00000040 21:51:16.0533 3804 ============================================================ 21:51:16.0533 3804 \Device\Harddisk0\DR0: 21:51:16.0533 3804 MBR partitions: 21:51:16.0533 3804 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000 21:51:16.0533 3804 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x253FB800 21:51:16.0533 3804 ============================================================ 21:51:16.0580 3804 C: <-> \Device\Harddisk0\DR0\Partition1 21:51:16.0580 3804 ============================================================ 21:51:16.0580 3804 Initialize success 21:51:16.0580 3804 ============================================================ 21:51:47.0874 4548 ============================================================ 21:51:47.0874 4548 Scan started 21:51:47.0874 4548 Mode: Manual; TDLFS; 21:51:47.0874 4548 ============================================================ 21:51:48.0155 4548 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys 21:51:48.0155 4548 1394ohci - ok 21:51:48.0217 4548 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys 21:51:48.0233 4548 ACPI - ok 21:51:48.0248 4548 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys 21:51:48.0248 4548 AcpiPmi - ok 21:51:48.0342 4548 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 21:51:48.0342 4548 AdobeARMservice - ok 21:51:48.0467 4548 AdobeFlashPlayerUpdateSvc (5e1a953c6472e7bb644892a4d0df5e72) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 21:51:48.0482 4548 AdobeFlashPlayerUpdateSvc - ok 21:51:48.0529 4548 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys 21:51:48.0545 4548 adp94xx - ok 21:51:48.0576 4548 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys 21:51:48.0591 4548 adpahci - ok 21:51:48.0623 4548 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys 21:51:48.0638 4548 adpu320 - ok 21:51:48.0669 4548 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll 21:51:48.0669 4548 AeLookupSvc - ok 21:51:48.0747 4548 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys 21:51:48.0763 4548 AFD - ok 21:51:48.0841 4548 AgereModemAudio (b65f8dba54f251906bbe8611b5a0e7ab) C:\Program Files\LSI SoftModem\agr64svc.exe 21:51:48.0841 4548 AgereModemAudio - ok 21:51:48.0919 4548 AgereSoftModem (c98356d813b581e9c425b42a5d146ce0) C:\Windows\system32\DRIVERS\agrsm64.sys 21:51:48.0966 4548 AgereSoftModem - ok 21:51:48.0981 4548 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys 21:51:48.0997 4548 agp440 - ok 21:51:49.0013 4548 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe 21:51:49.0013 4548 ALG - ok 21:51:49.0059 4548 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys 21:51:49.0059 4548 aliide - ok 21:51:49.0075 4548 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys 21:51:49.0075 4548 amdide - ok 21:51:49.0091 4548 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys 21:51:49.0091 4548 AmdK8 - ok 21:51:49.0106 4548 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys 21:51:49.0106 4548 AmdPPM - ok 21:51:49.0137 4548 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys 21:51:49.0137 4548 amdsata - ok 21:51:49.0169 4548 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys 21:51:49.0169 4548 amdsbs - ok 21:51:49.0169 4548 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys 21:51:49.0169 4548 amdxata - ok 21:51:49.0231 4548 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys 21:51:49.0231 4548 AppID - ok 21:51:49.0247 4548 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll 21:51:49.0262 4548 AppIDSvc - ok 21:51:49.0278 4548 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll 21:51:49.0278 4548 Appinfo - ok 21:51:49.0293 4548 AppMgmt (4aba3e75a76195a3e38ed2766c962899) C:\Windows\System32\appmgmts.dll 21:51:49.0309 4548 AppMgmt - ok 21:51:49.0325 4548 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys 21:51:49.0325 4548 arc - ok 21:51:49.0340 4548 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys 21:51:49.0340 4548 arcsas - ok 21:51:49.0387 4548 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys 21:51:49.0387 4548 AsyncMac - ok 21:51:49.0434 4548 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys 21:51:49.0434 4548 atapi - ok 21:51:49.0559 4548 athr (0acc06fcf46f64ed4f11e57ee461c1f4) C:\Windows\system32\DRIVERS\athrx.sys 21:51:49.0605 4548 athr - ok 21:51:49.0824 4548 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll 21:51:49.0839 4548 AudioEndpointBuilder - ok 21:51:49.0855 4548 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll 21:51:49.0855 4548 AudioSrv - ok 21:51:49.0886 4548 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll 21:51:49.0902 4548 AxInstSV - ok 21:51:49.0964 4548 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys 21:51:50.0011 4548 b06bdrv - ok 21:51:50.0027 4548 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys 21:51:50.0042 4548 b57nd60a - ok 21:51:50.0073 4548 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll 21:51:50.0073 4548 BDESVC - ok 21:51:50.0089 4548 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys 21:51:50.0089 4548 Beep - ok 21:51:50.0183 4548 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll 21:51:50.0214 4548 BFE - ok 21:51:50.0276 4548 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\system32\qmgr.dll 21:51:50.0307 4548 BITS - ok 21:51:50.0354 4548 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys 21:51:50.0354 4548 blbdrive - ok 21:51:50.0401 4548 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys 21:51:50.0401 4548 bowser - ok 21:51:50.0401 4548 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys 21:51:50.0401 4548 BrFiltLo - ok 21:51:50.0417 4548 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys 21:51:50.0417 4548 BrFiltUp - ok 21:51:50.0463 4548 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys 21:51:50.0463 4548 BridgeMP - ok 21:51:50.0495 4548 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll 21:51:50.0495 4548 Browser - ok 21:51:50.0557 4548 BrSerIb (e5e9b1625a767ceb6f319c12d33eab78) C:\Windows\system32\DRIVERS\BrSerIb.sys 21:51:50.0573 4548 BrSerIb - ok 21:51:50.0604 4548 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys 21:51:50.0619 4548 Brserid - ok 21:51:50.0619 4548 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys 21:51:50.0619 4548 BrSerWdm - ok 21:51:50.0635 4548 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys 21:51:50.0635 4548 BrUsbMdm - ok 21:51:50.0635 4548 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys 21:51:50.0635 4548 BrUsbSer - ok 21:51:50.0651 4548 BrUsbSIb (d9f6b30ad93cbd165ec71fadf51df25e) C:\Windows\system32\DRIVERS\BrUsbSIb.sys 21:51:50.0651 4548 BrUsbSIb - ok 21:51:50.0666 4548 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys 21:51:50.0666 4548 BTHMODEM - ok 21:51:50.0682 4548 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll 21:51:50.0682 4548 bthserv - ok 21:51:50.0713 4548 catchme - ok 21:51:50.0744 4548 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys 21:51:50.0744 4548 cdfs - ok 21:51:50.0791 4548 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys 21:51:50.0791 4548 cdrom - ok 21:51:50.0838 4548 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll 21:51:50.0838 4548 CertPropSvc - ok 21:51:50.0853 4548 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys 21:51:50.0853 4548 circlass - ok 21:51:50.0885 4548 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys 21:51:50.0900 4548 CLFS - ok 21:51:50.0963 4548 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 21:51:50.0963 4548 clr_optimization_v2.0.50727_32 - ok 21:51:50.0994 4548 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 21:51:50.0994 4548 clr_optimization_v2.0.50727_64 - ok 21:51:51.0087 4548 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 21:51:51.0103 4548 clr_optimization_v4.0.30319_32 - ok 21:51:51.0134 4548 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 21:51:51.0150 4548 clr_optimization_v4.0.30319_64 - ok 21:51:51.0181 4548 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys 21:51:51.0181 4548 CmBatt - ok 21:51:51.0197 4548 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys 21:51:51.0197 4548 cmdide - ok 21:51:51.0259 4548 CNG (9ac4f97c2d3e93367e2148ea940cd2cd) C:\Windows\system32\Drivers\cng.sys 21:51:51.0275 4548 CNG - ok 21:51:51.0321 4548 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys 21:51:51.0321 4548 Compbatt - ok 21:51:51.0353 4548 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys 21:51:51.0353 4548 CompositeBus - ok 21:51:51.0353 4548 COMSysApp - ok 21:51:51.0368 4548 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys 21:51:51.0368 4548 crcdisk - ok 21:51:51.0446 4548 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll 21:51:51.0446 4548 CryptSvc - ok 21:51:51.0493 4548 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys 21:51:51.0524 4548 CSC - ok 21:51:51.0571 4548 CscService (3ab183ab4d2c79dcf459cd2c1266b043) C:\Windows\System32\cscsvc.dll 21:51:51.0602 4548 CscService - ok 21:51:51.0665 4548 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll 21:51:51.0696 4548 DcomLaunch - ok 21:51:51.0743 4548 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll 21:51:51.0758 4548 defragsvc - ok 21:51:51.0789 4548 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys 21:51:51.0789 4548 DfsC - ok 21:51:51.0852 4548 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll 21:51:51.0867 4548 Dhcp - ok 21:51:51.0883 4548 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys 21:51:51.0883 4548 discache - ok 21:51:51.0930 4548 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys 21:51:51.0930 4548 Disk - ok 21:51:51.0961 4548 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll 21:51:51.0977 4548 Dnscache - ok 21:51:52.0039 4548 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll 21:51:52.0055 4548 dot3svc - ok 21:51:52.0070 4548 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll 21:51:52.0070 4548 DPS - ok 21:51:52.0117 4548 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys 21:51:52.0117 4548 drmkaud - ok 21:51:52.0179 4548 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys 21:51:52.0179 4548 DXGKrnl - ok 21:51:52.0226 4548 e1kexpress (52a482dc61f24b498c8268866b90bb44) C:\Windows\system32\DRIVERS\e1k62x64.sys 21:51:52.0226 4548 e1kexpress - ok 21:51:52.0289 4548 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll 21:51:52.0289 4548 EapHost - ok 21:51:52.0476 4548 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys 21:51:52.0554 4548 ebdrv - ok 21:51:52.0694 4548 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe 21:51:52.0710 4548 EFS - ok 21:51:52.0772 4548 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe 21:51:52.0803 4548 ehRecvr - ok 21:51:52.0819 4548 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe 21:51:52.0819 4548 ehSched - ok 21:51:52.0897 4548 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys 21:51:52.0928 4548 elxstor - ok 21:51:52.0959 4548 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys 21:51:52.0959 4548 ErrDev - ok 21:51:53.0006 4548 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll 21:51:53.0022 4548 EventSystem - ok 21:51:53.0053 4548 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys 21:51:53.0069 4548 exfat - ok 21:51:53.0100 4548 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys 21:51:53.0100 4548 fastfat - ok 21:51:53.0193 4548 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe 21:51:53.0209 4548 Fax - ok 21:51:53.0225 4548 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys 21:51:53.0225 4548 fdc - ok 21:51:53.0256 4548 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll 21:51:53.0256 4548 fdPHost - ok 21:51:53.0271 4548 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll 21:51:53.0271 4548 FDResPub - ok 21:51:53.0287 4548 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys 21:51:53.0303 4548 FileInfo - ok 21:51:53.0303 4548 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys 21:51:53.0303 4548 Filetrace - ok 21:51:53.0318 4548 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys 21:51:53.0318 4548 flpydisk - ok 21:51:53.0365 4548 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys 21:51:53.0381 4548 FltMgr - ok 21:51:53.0459 4548 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll 21:51:53.0490 4548 FontCache - ok 21:51:53.0552 4548 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 21:51:53.0552 4548 FontCache3.0.0.0 - ok 21:51:53.0583 4548 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys 21:51:53.0583 4548 FsDepends - ok 21:51:53.0615 4548 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys 21:51:53.0615 4548 Fs_Rec - ok 21:51:53.0646 4548 FUJ02B1 (ba0c1ffda496d8bcbcac63f8d98d20e3) C:\Windows\system32\DRIVERS\FUJ02B1.sys 21:51:53.0646 4548 FUJ02B1 - ok 21:51:53.0661 4548 FUJ02E3 (7135030cbf87d724b6037bb023923730) C:\Windows\system32\DRIVERS\FUJ02E3.sys 21:51:53.0661 4548 FUJ02E3 - ok 21:51:53.0708 4548 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys 21:51:53.0724 4548 fvevol - ok 21:51:53.0771 4548 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys 21:51:53.0771 4548 gagp30kx - ok 21:51:53.0833 4548 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll 21:51:53.0864 4548 gpsvc - ok 21:51:53.0973 4548 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 21:51:53.0989 4548 gupdate - ok 21:51:54.0005 4548 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 21:51:54.0005 4548 gupdatem - ok 21:51:54.0051 4548 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe 21:51:54.0067 4548 gusvc - ok 21:51:54.0114 4548 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys 21:51:54.0114 4548 hcw85cir - ok 21:51:54.0161 4548 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys 21:51:54.0176 4548 HdAudAddService - ok 21:51:54.0223 4548 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys 21:51:54.0223 4548 HDAudBus - ok 21:51:54.0254 4548 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys 21:51:54.0254 4548 HECIx64 - ok 21:51:54.0254 4548 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys 21:51:54.0254 4548 HidBatt - ok 21:51:54.0332 4548 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys 21:51:54.0332 4548 HidBth - ok 21:51:54.0332 4548 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys 21:51:54.0348 4548 HidIr - ok 21:51:54.0363 4548 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll 21:51:54.0363 4548 hidserv - ok 21:51:54.0395 4548 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys 21:51:54.0395 4548 HidUsb - ok 21:51:54.0426 4548 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll 21:51:54.0426 4548 hkmsvc - ok 21:51:54.0457 4548 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll 21:51:54.0473 4548 HomeGroupListener - ok 21:51:54.0504 4548 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll 21:51:54.0519 4548 HomeGroupProvider - ok 21:51:54.0566 4548 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys 21:51:54.0566 4548 HpSAMD - ok 21:51:54.0613 4548 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys 21:51:54.0660 4548 HTTP - ok 21:51:54.0675 4548 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys 21:51:54.0675 4548 hwpolicy - ok 21:51:54.0738 4548 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys 21:51:54.0738 4548 i8042prt - ok 21:51:54.0800 4548 iaStor (073a606333b6f7bbf20aa856df7f0997) C:\Windows\system32\DRIVERS\iaStor.sys 21:51:54.0816 4548 iaStor - ok 21:51:54.0878 4548 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys 21:51:54.0894 4548 iaStorV - ok 21:51:54.0987 4548 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 21:51:55.0003 4548 idsvc - ok 21:51:55.0736 4548 igfx (f4f91789c7c7a159ce8215c1f69f2a85) C:\Windows\system32\DRIVERS\igdkmd64.sys 21:51:55.0939 4548 igfx - ok 21:51:56.0064 4548 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys 21:51:56.0064 4548 iirsp - ok 21:51:56.0142 4548 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll 21:51:56.0157 4548 IKEEXT - ok 21:51:56.0189 4548 Impcd (36fdf367a1dabff903e2214023d71368) C:\Windows\system32\DRIVERS\Impcd.sys 21:51:56.0204 4548 Impcd - ok 21:51:56.0329 4548 IntcAzAudAddService (42943bb3ab7a405b30eff7c8283cc129) C:\Windows\system32\drivers\RTKVHD64.sys 21:51:56.0345 4548 IntcAzAudAddService - ok 21:51:56.0485 4548 IntcDAud (d248aae81c156c0d47a77cd61bc24cd4) C:\Windows\system32\DRIVERS\IntcDAud.sys 21:51:56.0501 4548 IntcDAud - ok 21:51:56.0532 4548 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys 21:51:56.0532 4548 intelide - ok 21:51:56.0563 4548 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys 21:51:56.0563 4548 intelppm - ok 21:51:56.0594 4548 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll 21:51:56.0594 4548 IPBusEnum - ok 21:51:56.0625 4548 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys 21:51:56.0625 4548 IpFilterDriver - ok 21:51:56.0735 4548 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll 21:51:56.0766 4548 iphlpsvc - ok 21:51:56.0781 4548 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys 21:51:56.0781 4548 IPMIDRV - ok 21:51:56.0828 4548 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys 21:51:56.0828 4548 IPNAT - ok 21:51:56.0859 4548 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys 21:51:56.0859 4548 IRENUM - ok 21:51:56.0875 4548 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys 21:51:56.0875 4548 isapnp - ok 21:51:56.0906 4548 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys 21:51:56.0922 4548 iScsiPrt - ok 21:51:56.0953 4548 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys 21:51:56.0953 4548 kbdclass - ok 21:51:56.0984 4548 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys 21:51:56.0984 4548 kbdhid - ok 21:51:57.0015 4548 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 21:51:57.0015 4548 KeyIso - ok 21:51:57.0047 4548 KSecDD (97a7070aea4c058b6418519e869a63b4) C:\Windows\system32\Drivers\ksecdd.sys 21:51:57.0047 4548 KSecDD - ok 21:51:57.0078 4548 KSecPkg (26c43a7c2862447ec59deda188d1da07) C:\Windows\system32\Drivers\ksecpkg.sys 21:51:57.0078 4548 KSecPkg - ok 21:51:57.0109 4548 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys 21:51:57.0109 4548 ksthunk - ok 21:51:57.0140 4548 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll 21:51:57.0156 4548 KtmRm - ok 21:51:57.0203 4548 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\System32\srvsvc.dll 21:51:57.0218 4548 LanmanServer - ok 21:51:57.0249 4548 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll 21:51:57.0249 4548 LanmanWorkstation - ok 21:51:57.0296 4548 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys 21:51:57.0296 4548 lltdio - ok 21:51:57.0327 4548 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll 21:51:57.0343 4548 lltdsvc - ok 21:51:57.0359 4548 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll 21:51:57.0359 4548 lmhosts - ok 21:51:57.0483 4548 LMS (a1c148801b4af64847aeb9f3ad9594ef) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe 21:51:57.0499 4548 LMS - ok 21:51:57.0546 4548 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys 21:51:57.0546 4548 LSI_FC - ok 21:51:57.0561 4548 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys 21:51:57.0561 4548 LSI_SAS - ok 21:51:57.0577 4548 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys 21:51:57.0577 4548 LSI_SAS2 - ok 21:51:57.0593 4548 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys 21:51:57.0593 4548 LSI_SCSI - ok 21:51:57.0608 4548 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys 21:51:57.0608 4548 luafv - ok 21:51:57.0639 4548 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll 21:51:57.0639 4548 Mcx2Svc - ok 21:51:57.0655 4548 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys 21:51:57.0671 4548 megasas - ok 21:51:57.0686 4548 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys 21:51:57.0702 4548 MegaSR - ok 21:51:57.0733 4548 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll 21:51:57.0733 4548 MMCSS - ok 21:51:57.0749 4548 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys 21:51:57.0749 4548 Modem - ok 21:51:57.0764 4548 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys 21:51:57.0764 4548 monitor - ok 21:51:57.0811 4548 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys 21:51:57.0811 4548 mouclass - ok 21:51:57.0842 4548 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys 21:51:57.0842 4548 mouhid - ok 21:51:57.0858 4548 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys 21:51:57.0874 4548 mountmgr - ok 21:51:57.0889 4548 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys 21:51:57.0889 4548 mpio - ok 21:51:57.0905 4548 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys 21:51:57.0905 4548 mpsdrv - ok 21:51:57.0998 4548 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll 21:51:58.0030 4548 MpsSvc - ok 21:51:58.0061 4548 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys 21:51:58.0061 4548 MRxDAV - ok 21:51:58.0092 4548 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys 21:51:58.0092 4548 mrxsmb - ok 21:51:58.0123 4548 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys 21:51:58.0139 4548 mrxsmb10 - ok 21:51:58.0170 4548 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys 21:51:58.0170 4548 mrxsmb20 - ok 21:51:58.0170 4548 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys 21:51:58.0186 4548 msahci - ok 21:51:58.0201 4548 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys 21:51:58.0201 4548 msdsm - ok 21:51:58.0232 4548 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe 21:51:58.0232 4548 MSDTC - ok 21:51:58.0248 4548 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys 21:51:58.0264 4548 Msfs - ok 21:51:58.0295 4548 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys 21:51:58.0295 4548 mshidkmdf - ok 21:51:58.0310 4548 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys 21:51:58.0310 4548 msisadrv - ok 21:51:58.0326 4548 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll 21:51:58.0326 4548 MSiSCSI - ok 21:51:58.0342 4548 msiserver - ok 21:51:58.0357 4548 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys 21:51:58.0357 4548 MSKSSRV - ok 21:51:58.0388 4548 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys 21:51:58.0388 4548 MSPCLOCK - ok 21:51:58.0388 4548 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys 21:51:58.0388 4548 MSPQM - ok 21:51:58.0435 4548 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys 21:51:58.0451 4548 MsRPC - ok 21:51:58.0466 4548 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys 21:51:58.0466 4548 mssmbios - ok 21:51:58.0482 4548 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys 21:51:58.0482 4548 MSTEE - ok 21:51:58.0482 4548 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys 21:51:58.0482 4548 MTConfig - ok 21:51:58.0498 4548 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys 21:51:58.0498 4548 Mup - ok 21:51:58.0544 4548 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll 21:51:58.0560 4548 napagent - ok 21:51:58.0607 4548 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys 21:51:58.0622 4548 NativeWifiP - ok 21:51:58.0700 4548 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys 21:51:58.0747 4548 NDIS - ok 21:51:58.0778 4548 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys 21:51:58.0778 4548 NdisCap - ok 21:51:58.0810 4548 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys 21:51:58.0810 4548 NdisTapi - ok 21:51:58.0872 4548 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys 21:51:58.0872 4548 Ndisuio - ok 21:51:58.0903 4548 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys 21:51:58.0919 4548 NdisWan - ok 21:51:58.0934 4548 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys 21:51:58.0934 4548 NDProxy - ok 21:51:58.0981 4548 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys 21:51:58.0981 4548 NetBIOS - ok 21:51:59.0028 4548 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys 21:51:59.0044 4548 NetBT - ok 21:51:59.0059 4548 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 21:51:59.0059 4548 Netlogon - ok 21:51:59.0122 4548 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll 21:51:59.0137 4548 Netman - ok 21:51:59.0168 4548 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll 21:51:59.0184 4548 netprofm - ok 21:51:59.0262 4548 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe 21:51:59.0262 4548 NetTcpPortSharing - ok 21:51:59.0309 4548 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys 21:51:59.0324 4548 nfrd960 - ok 21:51:59.0356 4548 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll 21:51:59.0371 4548 NlaSvc - ok 21:51:59.0418 4548 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys 21:51:59.0418 4548 Npfs - ok 21:51:59.0434 4548 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll 21:51:59.0449 4548 nsi - ok 21:51:59.0449 4548 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys 21:51:59.0465 4548 nsiproxy - ok 21:51:59.0558 4548 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys 21:51:59.0605 4548 Ntfs - ok 21:51:59.0730 4548 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys 21:51:59.0730 4548 Null - ok 21:51:59.0761 4548 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys 21:51:59.0761 4548 nvraid - ok 21:51:59.0777 4548 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys 21:51:59.0792 4548 nvstor - ok 21:51:59.0824 4548 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys 21:51:59.0824 4548 nv_agp - ok 21:51:59.0933 4548 O2Flash (d955d5de998db2476bf0892be3a96c26) C:\Windows\SysWOW64\o2flash.exe 21:51:59.0933 4548 O2Flash - ok 21:51:59.0948 4548 O2MDRDR (aecff27d5c70f295b09b85efe3292ed1) C:\Windows\system32\DRIVERS\o2mdx64.sys 21:51:59.0948 4548 O2MDRDR - ok 21:51:59.0980 4548 O2SCBUS (3b179a7eff9edcc045f5570510c812f6) C:\Windows\system32\DRIVERS\ozscrx64.sys 21:51:59.0980 4548 O2SCBUS - ok 21:52:00.0011 4548 O2SDRDR (df014c48015b637790be3eddd1384728) C:\Windows\system32\DRIVERS\o2sdx64.sys 21:52:00.0011 4548 O2SDRDR - ok 21:52:00.0042 4548 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys 21:52:00.0042 4548 ohci1394 - ok 21:52:00.0104 4548 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll 21:52:00.0120 4548 p2pimsvc - ok 21:52:00.0151 4548 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll 21:52:00.0182 4548 p2psvc - ok 21:52:00.0198 4548 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys 21:52:00.0198 4548 Parport - ok 21:52:00.0229 4548 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys 21:52:00.0229 4548 partmgr - ok 21:52:00.0260 4548 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll 21:52:00.0260 4548 PcaSvc - ok 21:52:00.0276 4548 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys 21:52:00.0292 4548 pci - ok 21:52:00.0307 4548 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys 21:52:00.0307 4548 pciide - ok 21:52:00.0338 4548 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys 21:52:00.0338 4548 pcmcia - ok 21:52:00.0354 4548 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys 21:52:00.0354 4548 pcw - ok 21:52:00.0401 4548 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys 21:52:00.0432 4548 PEAUTH - ok 21:52:00.0510 4548 PeerDistSvc (b9b0a4299dd2d76a4243f75fd54dc680) C:\Windows\system32\peerdistsvc.dll 21:52:00.0541 4548 PeerDistSvc - ok 21:52:00.0650 4548 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe 21:52:00.0666 4548 PerfHost - ok 21:52:00.0838 4548 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll 21:52:00.0884 4548 pla - ok 21:52:01.0009 4548 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll 21:52:01.0025 4548 PlugPlay - ok 21:52:01.0040 4548 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll 21:52:01.0056 4548 PNRPAutoReg - ok 21:52:01.0072 4548 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll 21:52:01.0072 4548 PNRPsvc - ok 21:52:01.0134 4548 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll 21:52:01.0150 4548 PolicyAgent - ok 21:52:01.0181 4548 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll 21:52:01.0196 4548 Power - ok 21:52:01.0274 4548 PowerSavingUtilityService (843ba5f09a391d52ac1f8486c5fc3d4f) C:\Program Files\Fujitsu\PSUtility\PSUService.exe 21:52:01.0290 4548 PowerSavingUtilityService - ok 21:52:01.0337 4548 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys 21:52:01.0337 4548 PptpMiniport - ok 21:52:01.0352 4548 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys 21:52:01.0368 4548 Processor - ok 21:52:01.0399 4548 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll 21:52:01.0399 4548 ProfSvc - ok 21:52:01.0430 4548 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 21:52:01.0430 4548 ProtectedStorage - ok 21:52:01.0493 4548 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys 21:52:01.0493 4548 Psched - ok 21:52:01.0586 4548 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys 21:52:01.0633 4548 ql2300 - ok 21:52:01.0789 4548 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys 21:52:01.0789 4548 ql40xx - ok 21:52:01.0820 4548 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll 21:52:01.0836 4548 QWAVE - ok 21:52:01.0852 4548 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys 21:52:01.0852 4548 QWAVEdrv - ok 21:52:01.0883 4548 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys 21:52:01.0883 4548 RasAcd - ok 21:52:01.0945 4548 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys 21:52:01.0945 4548 RasAgileVpn - ok 21:52:01.0961 4548 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll 21:52:01.0961 4548 RasAuto - ok 21:52:01.0992 4548 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys 21:52:01.0992 4548 Rasl2tp - ok 21:52:02.0023 4548 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll 21:52:02.0039 4548 RasMan - ok 21:52:02.0054 4548 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys 21:52:02.0054 4548 RasPppoe - ok 21:52:02.0070 4548 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys 21:52:02.0070 4548 RasSstp - ok 21:52:02.0101 4548 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys 21:52:02.0117 4548 rdbss - ok 21:52:02.0132 4548 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys 21:52:02.0132 4548 rdpbus - ok 21:52:02.0148 4548 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys 21:52:02.0148 4548 RDPCDD - ok 21:52:02.0195 4548 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys 21:52:02.0195 4548 RDPDR - ok 21:52:02.0242 4548 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys 21:52:02.0242 4548 RDPENCDD - ok 21:52:02.0257 4548 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys 21:52:02.0257 4548 RDPREFMP - ok 21:52:02.0288 4548 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys 21:52:02.0288 4548 RDPWD - ok 21:52:02.0320 4548 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys 21:52:02.0335 4548 rdyboost - ok 21:52:02.0382 4548 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll 21:52:02.0382 4548 RemoteAccess - ok 21:52:02.0398 4548 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll 21:52:02.0413 4548 RemoteRegistry - ok 21:52:02.0429 4548 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll 21:52:02.0444 4548 RpcEptMapper - ok 21:52:02.0460 4548 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe 21:52:02.0460 4548 RpcLocator - ok 21:52:02.0522 4548 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll 21:52:02.0522 4548 RpcSs - ok 21:52:02.0538 4548 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys 21:52:02.0538 4548 rspndr - ok 21:52:02.0554 4548 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys 21:52:02.0569 4548 s3cap - ok 21:52:02.0585 4548 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 21:52:02.0585 4548 SamSs - ok 21:52:02.0616 4548 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys 21:52:02.0616 4548 sbp2port - ok 21:52:02.0632 4548 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll 21:52:02.0647 4548 SCardSvr - ok 21:52:02.0678 4548 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys 21:52:02.0678 4548 scfilter - ok 21:52:02.0741 4548 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll 21:52:02.0772 4548 Schedule - ok 21:52:02.0803 4548 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll 21:52:02.0803 4548 SCPolicySvc - ok 21:52:02.0881 4548 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\drivers\sdbus.sys 21:52:02.0881 4548 sdbus - ok 21:52:02.0912 4548 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll 21:52:02.0928 4548 SDRSVC - ok 21:52:02.0975 4548 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys 21:52:02.0975 4548 secdrv - ok 21:52:03.0006 4548 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll 21:52:03.0006 4548 seclogon - ok 21:52:03.0022 4548 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\system32\sens.dll 21:52:03.0022 4548 SENS - ok 21:52:03.0037 4548 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll 21:52:03.0053 4548 SensrSvc - ok 21:52:03.0053 4548 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys 21:52:03.0053 4548 Serenum - ok 21:52:03.0100 4548 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys 21:52:03.0100 4548 Serial - ok 21:52:03.0115 4548 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys 21:52:03.0115 4548 sermouse - ok 21:52:03.0146 4548 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll 21:52:03.0146 4548 SessionEnv - ok 21:52:03.0162 4548 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys 21:52:03.0162 4548 sffdisk - ok 21:52:03.0178 4548 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys 21:52:03.0178 4548 sffp_mmc - ok 21:52:03.0193 4548 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys 21:52:03.0193 4548 sffp_sd - ok 21:52:03.0209 4548 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys 21:52:03.0209 4548 sfloppy - ok 21:52:03.0287 4548 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll 21:52:03.0302 4548 SharedAccess - ok 21:52:03.0349 4548 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll 21:52:03.0365 4548 ShellHWDetection - ok 21:52:03.0380 4548 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys 21:52:03.0396 4548 SiSRaid2 - ok 21:52:03.0412 4548 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys 21:52:03.0412 4548 SiSRaid4 - ok 21:52:03.0661 4548 Skype C2C Service (2a99850c2a6edd6c6602e822c716edaf) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe 21:52:03.0739 4548 Skype C2C Service - ok 21:52:03.0833 4548 SkypeUpdate (ddaa5f4a6b958fc313ebd02dd925752f) C:\Program Files (x86)\Skype\Updater\Updater.exe 21:52:03.0833 4548 SkypeUpdate - ok 21:52:03.0989 4548 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys 21:52:04.0004 4548 Smb - ok 21:52:04.0051 4548 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe 21:52:04.0051 4548 SNMPTRAP - ok 21:52:04.0067 4548 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys 21:52:04.0067 4548 spldr - ok 21:52:04.0114 4548 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe 21:52:04.0145 4548 Spooler - ok 21:52:04.0348 4548 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe 21:52:04.0410 4548 sppsvc - ok 21:52:04.0488 4548 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll 21:52:04.0488 4548 sppuinotify - ok 21:52:04.0535 4548 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys 21:52:04.0550 4548 srv - ok 21:52:04.0597 4548 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys 21:52:04.0613 4548 srv2 - ok 21:52:04.0628 4548 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys 21:52:04.0628 4548 srvnet - ok 21:52:04.0691 4548 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll 21:52:04.0706 4548 SSDPSRV - ok 21:52:04.0706 4548 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll 21:52:04.0722 4548 SstpSvc - ok 21:52:04.0738 4548 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys 21:52:04.0738 4548 stexstor - ok 21:52:04.0816 4548 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll 21:52:04.0862 4548 stisvc - ok 21:52:04.0878 4548 storflt (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys 21:52:04.0878 4548 storflt - ok 21:52:04.0894 4548 StorSvc (c40841817ef57d491f22eb103da587cc) C:\Windows\system32\storsvc.dll 21:52:04.0909 4548 StorSvc - ok 21:52:04.0909 4548 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys 21:52:04.0925 4548 storvsc - ok 21:52:04.0925 4548 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys 21:52:04.0925 4548 swenum - ok 21:52:04.0972 4548 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll 21:52:04.0987 4548 swprv - ok 21:52:05.0050 4548 SynTP (2f827bb08cc7f1a17df2ead7b424d731) C:\Windows\system32\DRIVERS\SynTP.sys 21:52:05.0065 4548 SynTP - ok 21:52:05.0174 4548 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll 21:52:05.0206 4548 SysMain - ok 21:52:05.0362 4548 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll 21:52:05.0377 4548 TabletInputService - ok 21:52:05.0393 4548 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll 21:52:05.0408 4548 TapiSrv - ok 21:52:05.0424 4548 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll 21:52:05.0440 4548 TBS - ok 21:52:05.0564 4548 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys 21:52:05.0596 4548 Tcpip - ok 21:52:05.0798 4548 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys 21:52:05.0814 4548 TCPIP6 - ok 21:52:05.0892 4548 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys 21:52:05.0892 4548 tcpipreg - ok 21:52:05.0923 4548 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys 21:52:05.0923 4548 TDPIPE - ok 21:52:05.0954 4548 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys 21:52:05.0954 4548 TDTCP - ok 21:52:05.0986 4548 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys 21:52:05.0986 4548 tdx - ok 21:52:06.0017 4548 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys 21:52:06.0017 4548 TermDD - ok 21:52:06.0048 4548 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll 21:52:06.0079 4548 TermService - ok 21:52:06.0095 4548 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll 21:52:06.0095 4548 Themes - ok 21:52:06.0126 4548 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll 21:52:06.0126 4548 THREADORDER - ok 21:52:06.0173 4548 TPM (dbcc20c02e8a3e43b03c304a4e40a84f) C:\Windows\system32\drivers\tpm.sys 21:52:06.0173 4548 TPM - ok 21:52:06.0204 4548 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll 21:52:06.0204 4548 TrkWks - ok 21:52:06.0235 4548 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe 21:52:06.0251 4548 TrustedInstaller - ok 21:52:06.0282 4548 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys 21:52:06.0282 4548 tssecsrv - ok 21:52:06.0329 4548 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys 21:52:06.0329 4548 TsUsbFlt - ok 21:52:06.0391 4548 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys 21:52:06.0391 4548 tunnel - ok 21:52:06.0407 4548 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys 21:52:06.0422 4548 uagp35 - ok 21:52:06.0438 4548 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys 21:52:06.0454 4548 udfs - ok 21:52:06.0485 4548 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe 21:52:06.0485 4548 UI0Detect - ok 21:52:06.0547 4548 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys 21:52:06.0547 4548 uliagpkx - ok 21:52:06.0594 4548 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys 21:52:06.0594 4548 umbus - ok 21:52:06.0625 4548 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys 21:52:06.0625 4548 UmPass - ok 21:52:06.0656 4548 UmRdpService (a293dcd756d04d8492a750d03b9a297c) C:\Windows\System32\umrdp.dll 21:52:06.0672 4548 UmRdpService - ok 21:52:06.0875 4548 UNS (41118d920b2b268c0adc36421248cdcf) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe 21:52:06.0937 4548 UNS - ok 21:52:07.0109 4548 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll 21:52:07.0124 4548 upnphost - ok 21:52:07.0187 4548 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys 21:52:07.0187 4548 usbccgp - ok 21:52:07.0234 4548 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys 21:52:07.0234 4548 usbcir - ok 21:52:07.0249 4548 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys 21:52:07.0249 4548 usbehci - ok 21:52:07.0280 4548 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys 21:52:07.0280 4548 usbhub - ok 21:52:07.0312 4548 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys 21:52:07.0312 4548 usbohci - ok 21:52:07.0327 4548 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys 21:52:07.0327 4548 usbprint - ok 21:52:07.0358 4548 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys 21:52:07.0358 4548 usbscan - ok 21:52:07.0374 4548 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS 21:52:07.0374 4548 USBSTOR - ok 21:52:07.0390 4548 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys 21:52:07.0405 4548 usbuhci - ok 21:52:07.0405 4548 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll 21:52:07.0405 4548 UxSms - ok 21:52:07.0421 4548 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 21:52:07.0436 4548 VaultSvc - ok 21:52:07.0452 4548 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys 21:52:07.0452 4548 vdrvroot - ok 21:52:07.0514 4548 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe 21:52:07.0546 4548 vds - ok 21:52:07.0624 4548 VFPRadioSupportService (85256da6fdbd6b16c526c858f2da8bf0) C:\Program Files\CSR\Bluetooth Feature Pack 5.0\VFPRadioSupportService.exe 21:52:07.0624 4548 VFPRadioSupportService - ok 21:52:07.0655 4548 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys 21:52:07.0655 4548 vga - ok 21:52:07.0670 4548 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys 21:52:07.0670 4548 VgaSave - ok 21:52:07.0717 4548 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys 21:52:07.0717 4548 vhdmp - ok 21:52:07.0733 4548 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys 21:52:07.0733 4548 viaide - ok 21:52:07.0764 4548 vmbus (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys 21:52:07.0764 4548 vmbus - ok 21:52:07.0780 4548 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys 21:52:07.0780 4548 VMBusHID - ok 21:52:07.0795 4548 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys 21:52:07.0811 4548 volmgr - ok 21:52:07.0842 4548 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys 21:52:07.0858 4548 volmgrx - ok 21:52:07.0889 4548 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys 21:52:07.0904 4548 volsnap - ok 21:52:07.0951 4548 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys 21:52:07.0951 4548 vsmraid - ok 21:52:08.0045 4548 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe 21:52:08.0092 4548 VSS - ok 21:52:08.0248 4548 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys 21:52:08.0248 4548 vwifibus - ok 21:52:08.0263 4548 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys 21:52:08.0263 4548 vwififlt - ok 21:52:08.0294 4548 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll 21:52:08.0326 4548 W32Time - ok 21:52:08.0341 4548 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys 21:52:08.0341 4548 WacomPen - ok 21:52:08.0388 4548 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 21:52:08.0404 4548 WANARP - ok 21:52:08.0419 4548 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 21:52:08.0419 4548 Wanarpv6 - ok 21:52:08.0528 4548 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe 21:52:08.0560 4548 WatAdminSvc - ok 21:52:08.0669 4548 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe 21:52:08.0716 4548 wbengine - ok 21:52:08.0856 4548 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll 21:52:08.0872 4548 WbioSrvc - ok 21:52:08.0903 4548 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll 21:52:08.0934 4548 wcncsvc - ok 21:52:08.0934 4548 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll 21:52:08.0950 4548 WcsPlugInService - ok 21:52:08.0981 4548 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys 21:52:08.0981 4548 Wd - ok 21:52:09.0028 4548 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys 21:52:09.0043 4548 Wdf01000 - ok 21:52:09.0059 4548 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll 21:52:09.0059 4548 WdiServiceHost - ok 21:52:09.0074 4548 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll 21:52:09.0074 4548 WdiSystemHost - ok 21:52:09.0090 4548 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll 21:52:09.0106 4548 WebClient - ok 21:52:09.0137 4548 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll 21:52:09.0137 4548 Wecsvc - ok 21:52:09.0152 4548 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll 21:52:09.0152 4548 wercplsupport - ok 21:52:09.0184 4548 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll 21:52:09.0184 4548 WerSvc - ok 21:52:09.0230 4548 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys 21:52:09.0230 4548 WfpLwf - ok 21:52:09.0246 4548 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys 21:52:09.0246 4548 WIMMount - ok 21:52:09.0324 4548 WinDefend - ok 21:52:09.0324 4548 WinHttpAutoProxySvc - ok 21:52:09.0386 4548 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll 21:52:09.0402 4548 Winmgmt - ok 21:52:09.0527 4548 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll 21:52:09.0574 4548 WinRM - ok 21:52:09.0652 4548 WirelessSelectorService (c2208229a0761b05e874e10ffb341a64) C:\Program Files\Fujitsu\WirelessSelector\WSUService.exe 21:52:09.0652 4548 WirelessSelectorService - ok 21:52:09.0839 4548 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll 21:52:09.0870 4548 Wlansvc - ok 21:52:09.0901 4548 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys 21:52:09.0901 4548 WmiAcpi - ok 21:52:09.0964 4548 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe 21:52:09.0979 4548 wmiApSrv - ok 21:52:10.0026 4548 WMPNetworkSvc - ok 21:52:10.0042 4548 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll 21:52:10.0042 4548 WPCSvc - ok 21:52:10.0073 4548 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll 21:52:10.0073 4548 WPDBusEnum - ok 21:52:10.0104 4548 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys 21:52:10.0104 4548 ws2ifsl - ok 21:52:10.0151 4548 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\system32\wscsvc.dll 21:52:10.0151 4548 wscsvc - ok 21:52:10.0166 4548 WSearch - ok 21:52:10.0322 4548 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll 21:52:10.0369 4548 wuauserv - ok 21:52:10.0541 4548 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys 21:52:10.0541 4548 WudfPf - ok 21:52:10.0588 4548 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys 21:52:10.0588 4548 WUDFRd - ok 21:52:10.0619 4548 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll 21:52:10.0619 4548 wudfsvc - ok 21:52:10.0650 4548 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll 21:52:10.0666 4548 WwanSvc - ok 21:52:10.0744 4548 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0 21:52:11.0102 4548 \Device\Harddisk0\DR0 - ok 21:52:11.0134 4548 Boot (0x1200) (0d3b8f436c0a72a1bf03eb024bcc3394) \Device\Harddisk0\DR0\Partition0 21:52:11.0134 4548 \Device\Harddisk0\DR0\Partition0 - ok 21:52:11.0149 4548 Boot (0x1200) (1af98195b64c268d0578d06628f4ed3f) \Device\Harddisk0\DR0\Partition1 21:52:11.0149 4548 \Device\Harddisk0\DR0\Partition1 - ok 21:52:11.0149 4548 ============================================================ 21:52:11.0149 4548 Scan finished 21:52:11.0149 4548 ============================================================ 21:52:11.0165 2576 Detected object count: 0 21:52:11.0165 2576 Actual detected object count: 0
[ Ignorer ] [ # 34 ] Peder TeamSpywarefri
17.07.2012 09:23:26 Redaktør Team Spywarefri Antal indlæg: 14028	Hent og gem Farbar Service Scanner på skrivebordet Her Start den og sæt flueben i følgende. Internet Services Windows Firewall System Restore Security Center Windows Update Klik på Scan. Den laver en log (FSS.txt). Kopier den herind i dit næste indlæg. Signatur Kaffen er drukket Kassen er lukket Støtten gør mere nytte Hos de små og forknytte Børns Vilkår
[ Ignorer ] [ # 35 ] nicko10
17.07.2012 09:28:16 Antal indlæg: 30	Farbar Service Scanner Version: 08-07-2012 Ran by Bruger (administrator) on 17-07-2012 at 09:25:34 Running from “C:\Users\Bruger\Desktop” Microsoft Windows 7 Professional Service Pack 1 (X64) Boot Mode: Normal ************************************************************** Internet Services: ============ Connection Status: ============== Localhost is accessible. LAN connected. Google IP is accessible. Google.com is accessible. Yahoo IP is accessible. Yahoo.com is accessible. Windows Firewall: ============= Firewall Disabled Policy: ================== System Restore: ============ System Restore Disabled Policy: ======================== Action Center: ============ Windows Update: ============ Windows Autoupdate Disabled Policy: ============================ File Check: ======== C:\Windows\System32\nsisvc.dll => MD5 is legit C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit C:\Windows\System32\dhcpcore.dll => MD5 is legit C:\Windows\System32\drivers\afd.sys => MD5 is legit C:\Windows\System32\drivers\tdx.sys => MD5 is legit C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit C:\Windows\System32\dnsrslvr.dll => MD5 is legit C:\Windows\System32\mpssvc.dll => MD5 is legit C:\Windows\System32\bfe.dll => MD5 is legit C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit C:\Windows\System32\SDRSVC.dll => MD5 is legit C:\Windows\System32\vssvc.exe => MD5 is legit C:\Windows\System32\wscsvc.dll => MD5 is legit C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit C:\Windows\System32\wuaueng.dll => MD5 is legit C:\Windows\System32\qmgr.dll => MD5 is legit C:\Windows\System32\es.dll => MD5 is legit C:\Windows\System32\cryptsvc.dll => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit End of log **
[ Ignorer ] [ # 36 ] Peder TeamSpywarefri
17.07.2012 09:41:55 Redaktør Team Spywarefri Antal indlæg: 14028	Kør OTL > Kopier teksten med fed skrift ind under ”Custom Scans/Fixes” og klik på ”Run Fix”. :OTL :Files ipconfig /flushdns /c :Commands [purity] [resethosts] [emptytemp] [ClearAllRestorePoints] [EMPTYFLASH] [Reboot] Efter genstart åbnes en logfil, kopier den tekst herind i denne tråd. Hvordan kører din PC nu? Signatur Kaffen er drukket Kassen er lukket Støtten gør mere nytte Hos de små og forknytte Børns Vilkår
[ Ignorer ] [ # 37 ] nicko10
17.07.2012 10:47:06 Antal indlæg: 30	All processes killed ========== OTL ========== ========== FILES ========== < ipconfig /flushdns /c > Windows IP-konfiguration DNS Resolver Cache blev t›mt. C:\Users\Bruger\Desktop\cmd.bat deleted successfully. C:\Users\Bruger\Desktop\cmd.txt deleted successfully. ========== COMMANDS ========== C:\Windows\System32\drivers\etc\Hosts moved successfully. HOSTS file reset successfully [EMPTYTEMP] User: All Users User: Bruger ->Temp folder emptied: 2180144 bytes ->Temporary Internet Files folder emptied: 163784691 bytes ->Java cache emptied: 2875775 bytes ->Google Chrome cache emptied: 168603562 bytes ->Flash cache emptied: 4445 bytes User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Public ->Temp folder emptied: 0 bytes %systemdrive% .tmp files removed: 447560158 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32 (64bit) .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 13386 bytes %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 67730 bytes %systemroot%\sysnative\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 759 bytes RecycleBin emptied: 27683 bytes Total Files Cleaned = 749,00 mb Restore point Set: OTL Restore Point [EMPTYFLASH] User: All Users User: Bruger ->Flash cache emptied: 0 bytes User: Default User: Default User User: Public Total Flash Files Cleaned = 0,00 mb OTL by OldTimer - Version 3.2.54.0 log created on 07172012_104023 Files\Folders moved on Reboot… C:\Users\Bruger\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully. C:\Users\Bruger\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\AntiPhishing\ED8654D5-B9F0-4DD9-B3E8-F8F560086FDF.dat moved successfully. C:\Users\Bruger\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0HOV6OL2\P30[1].htm moved successfully. PendingFileRenameOperations files… File C:\Users\Bruger\AppData\Local\Temp\FXSAPIDebugLogFile.txt not found! File C:\Users\Bruger\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\AntiPhishing\ED8654D5-B9F0-4DD9-B3E8-F8F560086FDF.dat not found! File C:\Users\Bruger\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0HOV6OL2\P30[1].htm not found! Registry entries deleted on Reboot…
[ Ignorer ] [ # 38 ] nicko10
17.07.2012 10:52:21 Antal indlæg: 30	Den køre fint nu. :-D Jeg har kørt med Avast et lille stykke tid, fordi Microsoft Security Essentials ikke har kørt. Hvad vil du anbefale mig at køre med… Jeg kan rigtig godt li Avast og har brugt S&D i mange år.
[ Ignorer ] [ # 39 ] Peder TeamSpywarefri
17.07.2012 10:52:59 Redaktør Team Spywarefri Antal indlæg: 14028	Det ser godt ud nu, kører din PC normalt igen ? Signatur Kaffen er drukket Kassen er lukket Støtten gør mere nytte Hos de små og forknytte Børns Vilkår
[ Ignorer ] [ # 40 ] nicko10
17.07.2012 11:02:31 Antal indlæg: 30	Den køre rigtig fin og normalt. Alt virker igen… Hvad vil du anbefale at køre som antispyware?
[ Ignorer ] [ # 41 ] Peder TeamSpywarefri
17.07.2012 11:05:24 Redaktør Team Spywarefri Antal indlæg: 14028	Jeg vil anbefale Avast. Du fjerner Combofix sådan > Tryk på windows tast + R. > Det åbner ”KØR” > Skriv Combofix /Uninstall Husk mellemrum efter Combofix. Kør OTL > Klik på ”CleanUp”. Det vil afinstaller OTL, de andre programmer vi har brugt til rensning må du slette manuelt. Til slut vil jeg gerne se 2 logs fra DDS. Hent DDS og gem programmet på dit Skrivebord: Her Dobbeltklik på DDS.scr og tillad programmet at køre. Når programmet er færdig vil det åbne to logs/tekst-filer. Gem begge filer på dit Skrivebord og kopier indholdet af txt filerne herind i dit næste indlæg. Signatur Kaffen er drukket Kassen er lukket Støtten gør mere nytte Hos de små og forknytte Børns Vilkår
[ Ignorer ] [ # 42 ] nicko10
17.07.2012 11:32:36 Antal indlæg: 30	. DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.5.1 Run by Bruger at 11:29:42 on 2012-07-17 Microsoft Windows 7 Professional 6.1.7601.1.1252.45.1030.18.3891.2503 [GMT 2:00] . SP: Windows Defender Enabled/Updated {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\taskeng.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\LSI SoftModem\agr64svc.exe C:\Windows\system32\svchost.exe -k bthsvcs C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe C:\Windows\SysWOW64\o2flash.exe C:\Program Files\Fujitsu\PSUtility\PSUService.exe C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\CSR\Bluetooth Feature Pack 5.0\VFPRadioSupportService.exe C:\Windows\System32\svchost.exe -k secsvcs C:\Program Files\Fujitsu\WirelessSelector\WSUService.exe C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe C:\Program Files\Fujitsu\PSUtility\TrayManager.exe C:\Program Files\Fujitsu\FDM7\FdmDaemon.exe C:\Program Files\CSR\Bluetooth Feature Pack 5.0\ConMgr.exe C:\Program Files\CSR\Bluetooth Feature Pack 5.0\CSRSkype.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\ltmoh\ltmoh.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Users\Bruger\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files\Fujitsu\Application Panel\BtnHndHkb.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe C:\Program Files (x86)\Fujitsu\FUJ02E3\FUJ02E3.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Windows\servicing\TrustedInstaller.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe C:\Windows\system32\sppsvc.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\igfxsrvc.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\DllHost.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\conhost.exe C:\Windows\SysWOW64\cscript.exe C:\Windows\system32\wbem\wmiprvse.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.google.dk/ BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll uRun: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe uRun: [Skype] “C:\Program Files (x86)\Skype\Phone\Skype.exe” /minimized /regrun mRun: [IMSS] “C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe” mRun: [IndicatorUtility] C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe mRun: [LoadFUJ02E3] C:\Program Files (x86)\Fujitsu\FUJ02E3\FUJ02E3.exe mRun: [Adobe ARM] “C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe” StartupFolder: C:\Users\Bruger\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Bruger\AppData\Roaming\Dropbox\bin\Dropbox.exe mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab DPF: {CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab TCP: DhcpNameServer = 212.10.10.5 212.10.10.4 TCP: Interfaces\{7071218A-08B6-4AD3-A5C5-A5919EBA55D6} : DhcpNameServer = 212.10.10.5 212.10.10.4 TCP: Interfaces\{909BEB06-901E-41A9-941B-EC4734E4B888} : DhcpNameServer = 212.10.10.5 212.10.10.4 TCP: Interfaces\{909BEB06-901E-41A9-941B-EC4734E4B888}\3596475636F6D6436334441423 : DhcpNameServer = 192.168.0.1 TCP: Interfaces\{909BEB06-901E-41A9-941B-EC4734E4B888}\55343597464616E6D61627B6 : DhcpNameServer = 10.33.255.225 10.34.0.5 10.2.0.5 TCP: Interfaces\{909BEB06-901E-41A9-941B-EC4734E4B888}\B4F6C64696E676B6F6D6D286F6473707F647 : DhcpNameServer = 193.162.153.164 194.239.134.83 TCP: Interfaces\{909BEB06-901E-41A9-941B-EC4734E4B888}\D65727562756E6 : DhcpNameServer = 192.168.15.1 Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL {18DF081C-E8AD-4283-A596-FA578C2EBDC3} {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} {AA58ED58-01DD-4d91-8333-CF10577473F7} {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} {DBC80044-A445-435b-BC74-9C25C1C588A9} {2318C2B1-4965-11d4-9B18-009027A5CD4F} mRun-x64: [IMSS] “C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe” mRun-x64: [IndicatorUtility] C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe mRun-x64: [LoadFUJ02E3] C:\Program Files (x86)\Fujitsu\FUJ02E3\FUJ02E3.exe mRun-x64: [Adobe ARM] “C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe” . ============= SERVICES / DRIVERS =============== . R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys—> C:\Windows\system32\DRIVERS\vwififlt.sys [?] R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-1-3 63928] R2 PowerSavingUtilityService;PowerSavingUtilityService;C:\Program Files\Fujitsu\PSUtility\PSUService.exe [2009-7-30 63336] R2 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-6-19 3048136] R2 UNS;Intel(R) Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-12-18 2314240] R2 VFPRadioSupportService;Understøttelse af Bluetooth funktioner;C:\Program Files\CSR\Bluetooth Feature Pack 5.0\VFPRadioSupportService.exe [2009-10-12 145792] R2 WirelessSelectorService;WirelessSelectorService;C:\Program Files\Fujitsu\WirelessSelector\WSUService.exe [2009-7-21 62312] R3 e1kexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver K;C:\Windows\system32\DRIVERS\e1k62x64.sys—> C:\Windows\system32\DRIVERS\e1k62x64.sys [?] R3 FUJ02E3;Fujitsu FUJ02E3 Device Driver;C:\Windows\system32\DRIVERS\FUJ02E3.sys—> C:\Windows\system32\DRIVERS\FUJ02E3.sys [?] R3 HECIx64;Intel(R) Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys—> C:\Windows\system32\DRIVERS\HECIx64.sys [?] R3 Impcd;Impcd;C:\Windows\system32\DRIVERS\Impcd.sys—> C:\Windows\system32\DRIVERS\Impcd.sys [?] R3 IntcDAud;Intel(R) lyd for skærm;C:\Windows\system32\DRIVERS\IntcDAud.sys—> C:\Windows\system32\DRIVERS\IntcDAud.sys [?] R3 O2MDRDR;O2MDRDR;C:\Windows\system32\DRIVERS\o2mdx64.sys—> C:\Windows\system32\DRIVERS\o2mdx64.sys [?] R3 O2SDRDR;O2SDRDR;C:\Windows\system32\DRIVERS\o2sdx64.sys—> C:\Windows\system32\DRIVERS\o2sdx64.sys [?] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 gupdate;Google Update Tjeneste (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-7-6 136176] S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-6-7 160944] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-4-7 250056] S3 BrSerIb;Brother MFC Serial Interface Driver(WDM);C:\Windows\system32\DRIVERS\BrSerIb.sys—> C:\Windows\system32\DRIVERS\BrSerIb.sys [?] S3 BrUsbSIb;Brother MFC Serial USB Driver(WDM);C:\Windows\system32\DRIVERS\BrUsbSIb.sys—> C:\Windows\system32\DRIVERS\BrUsbSIb.sys [?] S3 gupdatem;Google Update Tjeneste (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-7-6 136176] S3 StorSvc;Lagertjeneste;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 20992] S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys—> C:\Windows\system32\drivers\tsusbflt.sys [?] S3 WatAdminSvc;Tjenesten Windows Aktivering;C:\Windows\system32\Wat\WatAdminSvc.exe—> C:\Windows\system32\Wat\WatAdminSvc.exe [?] . =============== Created Last 30 ================ . 2012-07-17 09:04:42 ———— d——-w- C:\ProgramData\AVAST Software 2012-07-17 09:04:42 ———— d——-w- C:\Program Files\AVAST Software 2012-07-17 06:41:51 8822856 ——a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll 2012-07-17 06:41:49 9133488 ——a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{6780AC8B-E02F-4D17-B3C3-42FFD72FDB40}\mpengine.dll 2012-07-16 15:51:44 ———— d-sh—w- C:\$RECYCLE.BIN 2012-07-16 01:57:23 ———— d——-w- C:\FRST 2012-07-14 23:11:30 544008 ——a-w- C:\Windows\System32\npdeployJava1.dll 2012-07-14 23:05:39 ———— d——-w- C:\Users\Bruger\AppData\Local\Secunia PSI 2012-07-14 22:48:09 514560 ——a-w- C:\Windows\SysWow64\qdvd.dll 2012-07-14 22:48:09 366592 ——a-w- C:\Windows\System32\qdvd.dll 2012-07-14 20:57:57 ———— d——-w- C:\Users\Bruger\AppData\Roaming\SUPERAntiSpyware.com 2012-07-14 20:51:23 ———— d——-w- C:\Users\Bruger\AppData\Roaming\Malwarebytes 2012-07-14 20:51:13 24664 ——a-w- C:\Windows\System32\drivers\mbam.sys 2012-07-14 09:29:02 ———— d——-w- C:\Program Files (x86)\Oracle 2012-07-13 17:44:43 3148800 ——a-w- C:\Windows\System32\win32k.sys 2012-07-13 15:07:49 2004480 ——a-w- C:\Windows\System32\msxml6.dll 2012-07-06 18:32:39 328704 ——a-w- C:\Windows\System32\services.exe.59386698FA441EBD 2012-07-06 18:27:59 328704 ——a-w- C:\Windows\System32\services.exe.FAC23AEE9185AF52 2012-07-05 11:22:10 328704 ——a-w- C:\Windows\System32\services.exe.C12CDEF9763B4051 2012-07-05 11:09:48 328704 ——a-w- C:\Windows\System32\services.exe.418199560E4C1CFD 2012-07-05 11:04:22 328704 ——a-w- C:\Windows\System32\services.exe.F4B6219652D83EA5 2012-07-05 10:59:11 328704 ——a-w- C:\Windows\System32\services.exe.548FD81E8BA5215B 2012-07-05 10:49:40 328704 ——a-w- C:\Windows\System32\services.exe.B1E1D9BC712D6D70 2012-07-05 04:53:06 328704 ——a-w- C:\Windows\System32\services.exe.4EED60BF51DE80FE 2012-07-05 04:44:52 328704 ——a-w- C:\Windows\System32\services.exe.BC63FE0941504DD8 2012-07-04 20:57:32 328704 ——a-w- C:\Windows\System32\services.exe.E72716115E29A0E6 2012-07-04 20:49:20 328704 ——a-w- C:\Windows\System32\services.exe.E317392EDB05A41C 2012-07-04 20:40:51 328704 ——a-w- C:\Windows\System32\services.exe.A58CA16EF1E8C195 2012-07-04 20:35:57 328704 ——a-w- C:\Windows\System32\services.exe.BC6E54315F7687BB 2012-07-04 19:02:59 328704 ——a-w- C:\Windows\System32\services.exe.9BA4BF1D852E7325 2012-07-04 18:58:29 328704 ——a-w- C:\Windows\System32\services.exe.F546FFC94B4716B7 2012-07-04 18:53:58 328704 ——a-w- C:\Windows\System32\services.exe.B13AF585757807BB 2012-07-04 18:49:31 328704 ——a-w- C:\Windows\System32\services.exe.AF1EFA474609A73E 2012-07-04 18:44:55 328704 ——a-w- C:\Windows\System32\services.exe.035E52564A759124 2012-07-04 18:40:23 328704 ——a-w- C:\Windows\System32\services.exe.9BD2F869FA14C68D 2012-07-04 18:35:58 328704 ——a-w- C:\Windows\System32\services.exe.877CEAB57B5333DD 2012-07-04 18:31:29 328704 ——a-w- C:\Windows\System32\services.exe.EE855FD8BC146F77 2012-07-04 18:26:57 328704 ——a-w- C:\Windows\System32\services.exe.BF9015058A3F0B76 2012-07-04 18:22:27 328704 ——a-w- C:\Windows\System32\services.exe.CDACDA4183A830EE 2012-07-04 18:17:57 328704 ——a-w- C:\Windows\System32\services.exe.5C5C5105D6E51938 2012-07-04 18:13:24 328704 ——a-w- C:\Windows\System32\services.exe.B4F7C06DB75FF1DB 2012-07-04 18:08:55 328704 ——a-w- C:\Windows\System32\services.exe.0DFDFC362A1BDDE1 2012-07-04 18:04:45 328704 ——a-w- C:\Windows\System32\services.exe.3ED3AA4B8F3FC0C2 2012-07-04 18:00:18 328704 ——a-w- C:\Windows\System32\services.exe.7D7EF44106CC8F35 2012-07-04 17:55:46 328704 ——a-w- C:\Windows\System32\services.exe.764D436137737309 2012-07-04 17:51:20 328704 ——a-w- C:\Windows\System32\services.exe.67306F7CEB2A265F 2012-07-04 17:46:49 328704 ——a-w- C:\Windows\System32\services.exe.6BA21833F5B256BC 2012-07-04 17:42:25 328704 ——a-w- C:\Windows\System32\services.exe.C8CEF1EB7CB1E3AD 2012-07-04 17:37:57 328704 ——a-w- C:\Windows\System32\services.exe.698EF8C47725CC34 2012-07-04 17:33:33 328704 ——a-w- C:\Windows\System32\services.exe.F22A23E488C6ED75 2012-07-04 17:29:07 328704 ——a-w- C:\Windows\System32\services.exe.EA8BB7EC37FEADF2 2012-07-04 17:24:34 328704 ——a-w- C:\Windows\System32\services.exe.EE9A8963A0B669F2 2012-07-04 17:20:05 328704 ——a-w- C:\Windows\System32\services.exe.D2418C053797CF6D 2012-07-04 17:15:39 328704 ——a-w- C:\Windows\System32\services.exe.680D252C12106182 2012-07-04 17:11:16 328704 ——a-w- C:\Windows\System32\services.exe.A4B96FC95B120F9F 2012-07-04 17:06:50 328704 ——a-w- C:\Windows\System32\services.exe.17B28A29E0EAD4F7 2012-07-04 17:02:26 328704 ——a-w- C:\Windows\System32\services.exe.88B73C11395681A8 2012-07-04 16:57:58 328704 ——a-w- C:\Windows\System32\services.exe.E150F30A52DD4EF5 2012-07-04 16:53:26 328704 ——a-w- C:\Windows\System32\services.exe.640AC1D22B0F6D44 2012-07-04 16:48:58 328704 ——a-w- C:\Windows\System32\services.exe.81941FE844F2C139 2012-07-04 16:44:31 328704 ——a-w- C:\Windows\System32\services.exe.669D7ADF0D2459FC 2012-07-04 16:40:06 328704 ——a-w- C:\Windows\System32\services.exe.9E271461B7FE4A0F 2012-07-04 16:35:41 328704 ——a-w- C:\Windows\System32\services.exe.C2018DECE6B88D51 2012-07-04 16:31:14 328704 ——a-w- C:\Windows\System32\services.exe.7106C8744516DF5B 2012-07-04 16:26:48 328704 ——a-w- C:\Windows\System32\services.exe.6E832EF5479EFA10 2012-07-04 16:22:21 328704 ——a-w- C:\Windows\System32\services.exe.42856EDDF3C0ABA6 2012-07-04 16:17:50 328704 ——a-w- C:\Windows\System32\services.exe.6EE1EAE8722C20EE 2012-07-04 16:13:19 328704 ——a-w- C:\Windows\System32\services.exe.7B94260620BF7A85 2012-07-04 16:08:51 328704 ——a-w- C:\Windows\System32\services.exe.ADA899C2F9D79F23 2012-07-04 16:04:21 328704 ——a-w- C:\Windows\System32\services.exe.94DAFC81239AF8C4 2012-07-04 15:59:56 328704 ——a-w- C:\Windows\System32\services.exe.B95026EF24D45098 2012-07-04 15:55:26 328704 ——a-w- C:\Windows\System32\services.exe.FA5EED9C75604162 2012-07-04 15:51:00 328704 ——a-w- C:\Windows\System32\services.exe.301A1DCC17471D30 2012-07-04 15:46:33 328704 ——a-w- C:\Windows\System32\services.exe.026786B94EC04C0E 2012-07-04 15:42:01 328704 ——a-w- C:\Windows\System32\services.exe.1D9118A88BB8C66F 2012-06-24 12:32:33 2622464 ——a-w- C:\Windows\System32\wucltux.dll 2012-06-24 12:32:26 99840 ——a-w- C:\Windows\System32\wudriver.dll 2012-06-24 12:32:12 36864 ——a-w- C:\Windows\System32\wuapp.exe 2012-06-24 12:32:12 186752 ——a-w- C:\Windows\System32\wuwebv.dll . ==================== Find3M ==================== . 2012-07-14 23:11:18 525576 ——a-w- C:\Windows\System32\deployJava1.dll 2012-07-13 15:33:12 70344 ——a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2012-07-13 15:33:12 426184 ——a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2012-07-05 20:06:30 772544 ——a-w- C:\Windows\SysWow64\npdeployJava1.dll 2012-07-05 20:06:20 687544 ——a-w- C:\Windows\SysWow64\deployJava1.dll 2012-06-06 06:06:16 1881600 ——a-w- C:\Windows\System32\msxml3.dll 2012-06-06 06:02:54 1133568 ——a-w- C:\Windows\System32\cdosys.dll 2012-06-06 05:05:52 1390080 ——a-w- C:\Windows\SysWow64\msxml6.dll 2012-06-06 05:05:52 1236992 ——a-w- C:\Windows\SysWow64\msxml3.dll 2012-06-06 05:03:06 805376 ——a-w- C:\Windows\SysWow64\cdosys.dll 2012-06-02 12:12:17 2311680 ——a-w- C:\Windows\System32\jscript9.dll 2012-06-02 12:05:28 1392128 ——a-w- C:\Windows\System32\wininet.dll 2012-06-02 12:04:50 1494528 ——a-w- C:\Windows\System32\inetcpl.cpl 2012-06-02 12:01:40 173056 ——a-w- C:\Windows\System32\ieUnatt.exe 2012-06-02 11:57:08 2382848 ——a-w- C:\Windows\System32\mshtml.tlb 2012-06-02 08:33:25 1800192 ——a-w- C:\Windows\SysWow64\jscript9.dll 2012-06-02 08:25:08 1129472 ——a-w- C:\Windows\SysWow64\wininet.dll 2012-06-02 08:25:03 1427968 ——a-w- C:\Windows\SysWow64\inetcpl.cpl 2012-06-02 08:20:33 142848 ——a-w- C:\Windows\SysWow64\ieUnatt.exe 2012-06-02 08:16:52 2382848 ——a-w- C:\Windows\SysWow64\mshtml.tlb 2012-06-02 05:50:10 458704 ——a-w- C:\Windows\System32\drivers\cng.sys 2012-06-02 05:48:16 95600 ——a-w- C:\Windows\System32\drivers\ksecdd.sys 2012-06-02 05:48:16 151920 ——a-w- C:\Windows\System32\drivers\ksecpkg.sys 2012-06-02 05:45:31 340992 ——a-w- C:\Windows\System32\schannel.dll 2012-06-02 05:44:21 307200 ——a-w- C:\Windows\System32\ncrypt.dll 2012-06-02 04:40:42 22016 ——a-w- C:\Windows\SysWow64\secur32.dll 2012-06-02 04:40:39 225280 ——a-w- C:\Windows\SysWow64\schannel.dll 2012-06-02 04:39:10 219136 ——a-w- C:\Windows\SysWow64\ncrypt.dll 2012-06-02 04:34:09 96768 ——a-w- C:\Windows\SysWow64\sspicli.dll 2012-05-31 10:25:12 279656 ———w- C:\Windows\System32\MpSigStub.exe 2012-05-04 11:06:22 5559664 ——a-w- C:\Windows\System32\ntoskrnl.exe 2012-05-04 10:03:53 3968368 ——a-w- C:\Windows\SysWow64\ntkrnlpa.exe 2012-05-04 10:03:50 3913072 ——a-w- C:\Windows\SysWow64\ntoskrnl.exe 2012-05-01 05:40:20 209920 ——a-w- C:\Windows\System32\profsvc.dll 2012-04-28 03:55:21 210944 ——a-w- C:\Windows\System32\drivers\rdpwd.sys 2012-04-26 05:41:56 77312 ——a-w- C:\Windows\System32\rdpwsx.dll 2012-04-26 05:41:55 149504 ——a-w- C:\Windows\System32\rdpcorekmts.dll 2012-04-26 05:34:27 9216 ——a-w- C:\Windows\System32\rdrmemptylst.exe 2012-04-24 05:37:37 184320 ——a-w- C:\Windows\System32\cryptsvc.dll 2012-04-24 05:37:37 140288 ——a-w- C:\Windows\System32\cryptnet.dll 2012-04-24 05:37:36 1462272 ——a-w- C:\Windows\System32\crypt32.dll 2012-04-24 04:36:42 140288 ——a-w- C:\Windows\SysWow64\cryptsvc.dll 2012-04-24 04:36:42 1158656 ——a-w- C:\Windows\SysWow64\crypt32.dll 2012-04-24 04:36:42 103936 ——a-w- C:\Windows\SysWow64\cryptnet.dll . ============= FINISH: 11:30:26,01 =============== . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-08-26.01) . Microsoft Windows 7 Professional Boot Device: \Device\HarddiskVolume1 Install Date: 18-12-2011 00:07:58 System Uptime: 17-07-2012 11:24:12 (0 hours ago) . Motherboard: FUJITSU \| \| FJNB210 Processor: Intel(R) Core(TM) i5 CPU M 520 @ 2.40GHz \| Onboard \| 2112/133mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 298 GiB total, 232,749 GiB free. D: is CDROM () . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP119: 17-07-2012 11:22:59 - ComboFix created restore point . ==== Installed Programs ====================== . Adobe Flash Player 11 ActiveX Adobe Reader X (10.1.3) - Dansk Dropbox Fujitsu Display Manager Fujitsu Hotkey Utility Fujitsu MobilityCenter Extension Utility Fujitsu System Extension Utility Google Chrome Google Toolbar for Internet Explorer Google Update Helper Intel(R) Graphics Media Accelerator Driver Intel(R) Management Engine Components Java Auto Updater Java(TM) 6 Update 33 Java(TM) 7 Update 5 JavaFX 2.1.1 LifeBook Application Panel Microsoft Silverlight Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 O2Micro Flash Memory Card Windows Driver OpenOffice.org 3.4 OZ711 SCR Driver (x64) Power Saving Utility Realtek High Definition Audio Driver Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Client Profile DAN sprogpakke (KB2518870) Skype Click to Call Skype™ 5.10 Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Wireless Selector . ==== End Of File ===========================
[ Ignorer ] [ # 43 ] Peder TeamSpywarefri
17.07.2012 11:45:06 Redaktør Team Spywarefri Antal indlæg: 14028	Du skal afinstaller Java(TM) 6 Update 33 Jeg synes ikke jeg kan se nogen antivirusprogram? Signatur Kaffen er drukket Kassen er lukket Støtten gør mere nytte Hos de små og forknytte Børns Vilkår
[ Ignorer ] [ # 44 ] nicko10
17.07.2012 11:51:22 Antal indlæg: 30	Jeg har lige installeret Avast igen. Jeg afinstallerede det, da jeg kørte Combofix installationen. Jeg har fjernet Java(TM) 6 Update 33. Vil du have en ny log Så du kan se om jeg har gjrt det rigtig?
[ Ignorer ] [ # 45 ] nicko10
17.07.2012 11:52:42 Antal indlæg: 30	Hov. Jeg mente Combofix afinstallation… :-D

3 af 4

Forrige

Næste