Security Shield!

Musten · Juni 7, 2012

Tjena

Datorn blev precis smittad av Security Shield... Jag undvek att trycka på nåt och försökte stänga processen vilket inte gick. Jag startade om datorn utan internet och dödade processen och gör just nu en scan med Microsoft Sec.Ess. men jag tvivlar på att det kommer räcka. JAg har googlat mig fram till att lösningen finns på denna länken, http://www.bleepingcomputer.com/virus-removal/remove-my-security-shield men den ligger tyvärr nere just nu. Så kan någon hjälpa mig bli av med skiten?

Tack!

Cecilia · Juni 7, 2012

Jag får fram informationen på Bleepingcomputers sida genom att använda Googles cache:

https://webcache.googleusercontent.com/search?q=cache:L8sw9rvp3XAJ:http://www.bleepingcomputer.com/virus-removal/remove-security-shield%2BSecurity+Shield+bleepingcomputer&hl=sv&ct=clnk

Det är dock inte säkert att informationen där stämmer längre eftersom infektionen troligen har ändrat sig sedan i mars.

Om du vill ha en mer personlig vägledning så följ anvisningarna i tråden Till dig med virus eller andra skadliga program i datorn så gott det går.

jarru · Juni 7, 2012

Funkar denna länk ?

http://www.2-viruses.com/remove-security-shield

Musten · Juni 7, 2012

Hej Cecilia!

Tack för ett snabbt svar. Jag körde precis DDS och fick fram detta:

.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421  BrowserJavaVersion: 1.6.0_30
Run by Sevket at 18:23:55 on 2012-06-07
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.46.1053.18.4010.1783 [GMT 2:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Microsoft Security Essentials *Enabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\conhost.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\ProgramData\DatacardService\HWDeviceService64.exe
C:\ProgramData\DatacardService\DCSHelper.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files (x86)\Voipwise.com\Voipwise\voipwise.exe
C:\Program Files (x86)\WebcamMax\wcmmon.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
C:\Users\Sevket\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe
C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe
C:\Program Files (x86)\CyberLink\Shared files\brs.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE
C:\ProgramData\Telenor Mobile Partner\OnlineUpdate\ouc.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\UI0Detect.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\System32\alg.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\DllHost.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\cvh.exe
C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\OfficeVirt.exe
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.sivilmanset.com/
uDefault_Page_URL = hxxp://www.dell.com
uURLSearchHooks: UrlSearchHook Class: {00000000-6e41-4fd3-8538-502f5495e5fc} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
mWinlogon: Userinit=userinit.exe
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: McAfee Phishing Filter: {27b4851a-3207-45a2-b947-be8afe6163ab} - c:\progra~1\mcafee\msk\mskapbho.dll
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
uRun: [Voipwise] "C:\Program Files (x86)\Voipwise.com\Voipwise\voipwise.exe" -nosplash -minimized
uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
uRun: [WebcamMaxAutoRun] "C:\Program Files (x86)\WebcamMax\wcmmon.exe" -a
uRun: [Octoshape Streaming Services] "C:\Users\Sevket\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" -inv:bootrun
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
mRun: [Dell Registration] C:\Program Files (x86)\System Registration\prodreg.exe /boot
mRun: [RemoteControl9] "c:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe"
mRun: [PDVD9LanguageShortcut] "c:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe"
mRun: [bDRegion] c:\Program Files (x86)\Cyberlink\Shared Files\brs.exe
mRun: [<NO NAME>]
mRun: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe"
mRun: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe"
mRun: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
StartupFolder: C:\Users\Sevket\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\INTEL(~1.LNK - C:\Program Files (x86)\Intel\TurboBoost\SignalIslandUi.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload.adobe.com/pub/shockwave/cabs/flash/swflash.cab
TCP: DhcpNameServer = 192.168.2.1
TCP: Interfaces\{03D5B791-6B1E-4D79-AAB6-0FE61462B7E4} : NameServer = 195.54.122.221 195.54.122.211
TCP: Interfaces\{6CDFA328-59D2-4F23-AA8D-F3B4A2751FF7}\4493350575A50513D22393130303 : DhcpNameServer = 192.168.0.1 192.168.0.1
TCP: Interfaces\{AA501FAE-8CB3-4829-AD7D-632A341FDD4B} : DhcpNameServer = 192.168.2.1
TCP: Interfaces\{AA501FAE-8CB3-4829-AD7D-632A341FDD4B}\2456C6B696E6F5E4F575962756C6563737F5032354533444 : DhcpNameServer = 192.168.2.1
TCP: Interfaces\{AA501FAE-8CB3-4829-AD7D-632A341FDD4B}\3747164656E6127657563747 : DhcpNameServer = 62.88.141.5 62.88.141.6
TCP: Interfaces\{AA501FAE-8CB3-4829-AD7D-632A341FDD4B}\4556C6562394E6475627E65647D25383534463 : DhcpNameServer = 192.168.1.1 192.168.1.1
TCP: Interfaces\{AA501FAE-8CB3-4829-AD7D-632A341FDD4B}\45E4F507279667164756F5131324032373 : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{AA501FAE-8CB3-4829-AD7D-632A341FDD4B}\57C647271437C616E69437675636 : DhcpNameServer = 192.168.2.1
TCP: Interfaces\{AC58B719-048A-46CF-9BD3-7F70777CD774} : DhcpNameServer = 192.168.1.1 192.168.1.1
TCP: Interfaces\{C56D62E1-2A3C-440D-8DD5-F68FFAA20F97} : NameServer = 195.54.122.221 195.54.122.211
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
{18DF081C-E8AD-4283-A596-FA578C2EBDC3}
{27B4851A-3207-45A2-B947-BE8AFE6163AB}
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
{9030D464-4C02-4ABF-8ECC-5164760863C6}
{9FDDE16B-836F-4806-AB1F-1455CBEFF289}
{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
{D4027C7F-154A-4066-A1AD-4243D8127440}
{DBC80044-A445-435b-BC74-9C25C1C588A9}
{D4027C7F-154A-4066-A1AD-4243D8127440}
mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
mRun-x64: [Dell Registration] C:\Program Files (x86)\System Registration\prodreg.exe /boot
mRun-x64: [RemoteControl9] "c:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe"
mRun-x64: [PDVD9LanguageShortcut] "c:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe"
mRun-x64: [bDRegion] c:\Program Files (x86)\Cyberlink\Shared Files\brs.exe
mRun-x64: [(Standard)]
mRun-x64: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe"
mRun-x64: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe"
mRun-x64: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun-x64: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
AppInit_DLLs-X64: C:\Windows\SysWOW64\nvinit.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Sevket\AppData\Roaming\Mozilla\Firefox\Profiles\exgyoeyf.default\
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\Program Files (x86)\Veetle\Player\npvlc.dll
FF - plugin: C:\Program Files (x86)\Veetle\plugins\npVeetle.dll
FF - plugin: C:\Program Files (x86)\Veetle\VLCBroadcast\npvbp.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\Sevket\AppData\Roaming\Mozilla\plugins\npoctoshape.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\system32\DRIVERS\MpFilter.sys --> C:\Windows\system32\DRIVERS\MpFilter.sys [?]
R0 nvpciflt;nvpciflt;C:\Windows\system32\DRIVERS\nvpciflt.sys --> C:\Windows\system32\DRIVERS\nvpciflt.sys [?]
R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]
R0 stdcfltn;Disk Class Filter Driver for Accelerometer;C:\Windows\system32\DRIVERS\stdcfltn.sys --> C:\Windows\system32\DRIVERS\stdcfltn.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-9-5 64952]
R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2011-4-30 98208]
R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]
R2 HWDeviceService64.exe;HWDeviceService64.exe;C:\ProgramData\DatacardService\HWDeviceService64.exe [2011-3-14 346976]
R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-4-30 1997416]
R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]
R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2011-4-30 1692480]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-11-29 378472]
R2 TeamViewer7;TeamViewer 7;C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-2-17 3027840]
R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\system32\DRIVERS\TurboB.sys --> C:\Windows\system32\DRIVERS\TurboB.sys [?]
R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-4-30 2656280]
R2 WCMVCAM;WebcamMax, WDM Video Capture;C:\Windows\system32\DRIVERS\wcmvcam64.sys --> C:\Windows\system32\DRIVERS\wcmvcam64.sys [?]
R3 Acceler;Accelerometer Service;C:\Windows\system32\DRIVERS\Accelern.sys --> C:\Windows\system32\DRIVERS\Accelern.sys [?]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\system32\DRIVERS\CtClsFlt.sys --> C:\Windows\system32\DRIVERS\CtClsFlt.sys [?]
R3 huawei_enumerator;huawei_enumerator;C:\Windows\system32\DRIVERS\ew_jubusenum.sys --> C:\Windows\system32\DRIVERS\ew_jubusenum.sys [?]
R3 IntcDAud;Intel(R) Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys [?]
R3 MEIx64;Intel(R) Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]
R3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\system32\DRIVERS\NETwNs64.sys --> C:\Windows\system32\DRIVERS\NETwNs64.sys [?]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\system32\DRIVERS\nusb3hub.sys --> C:\Windows\system32\DRIVERS\nusb3hub.sys [?]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\system32\DRIVERS\nusb3xhc.sys --> C:\Windows\system32\DRIVERS\nusb3xhc.sys [?]
R3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
R3 qicflt;upper Device Filter Driver;C:\Windows\system32\DRIVERS\qicflt.sys --> C:\Windows\system32\DRIVERS\qicflt.sys [?]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
R3 Sftfs;Sftfs;C:\Windows\system32\DRIVERS\Sftfslh.sys --> C:\Windows\system32\DRIVERS\Sftfslh.sys [?]
R3 Sftplay;Sftplay;C:\Windows\system32\DRIVERS\Sftplaylh.sys --> C:\Windows\system32\DRIVERS\Sftplaylh.sys [?]
R3 Sftredir;Sftredir;C:\Windows\system32\DRIVERS\Sftredirlh.sys --> C:\Windows\system32\DRIVERS\Sftredirlh.sys [?]
R3 Sftvol;Sftvol;C:\Windows\system32\DRIVERS\Sftvollh.sys --> C:\Windows\system32\DRIVERS\Sftvollh.sys [?]
R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]
R3 wdkmd;Intel WiDi KMD;C:\Windows\system32\DRIVERS\WDKMD.sys --> C:\Windows\system32\DRIVERS\WDKMD.sys [?]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]
S2 CLKMSVC10_9EC60124;CyberLink Product - 2011/04/30 00:12:56;C:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe [2010-10-29 236016]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Tjänsten Google Update (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-2-28 136176]
S2 RoxWatch12;Roxio Hard Drive Watcher 12;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-11-25 219632]
S2 Telenor Mobile Partner. RunOuc;Telenor Mobile Partner. OUC;C:\Program Files (x86)\Telenor Mobile Partner\UpdateDog\ouc.exe [2012-2-28 246112]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-4-7 257696]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;C:\Windows\system32\DRIVERS\ew_hwusbdev.sys --> C:\Windows\system32\DRIVERS\ew_hwusbdev.sys [?]
S3 ew_usbenumfilter;huawei_CompositeFilter;C:\Windows\system32\DRIVERS\ew_usbenumfilter.sys --> C:\Windows\system32\DRIVERS\ew_usbenumfilter.sys [?]
S3 ewusbmbb;HUAWEI USB-WWAN miniport;C:\Windows\system32\DRIVERS\ewusbwwan.sys --> C:\Windows\system32\DRIVERS\ewusbwwan.sys [?]
S3 gupdatem;Tjänsten Google Update (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-2-28 136176]
S3 Impcd;Impcd;C:\Windows\system32\DRIVERS\Impcd.sys --> C:\Windows\system32\DRIVERS\Impcd.sys [?]
S3 JMCR;JMCR;C:\Windows\system32\DRIVERS\jmcr.sys --> C:\Windows\system32\DRIVERS\jmcr.sys [?]
S3 massfilter_hs;ZTE HandSet Mass Storage Filter Driver;C:\Windows\system32\drivers\massfilter_hs.sys --> C:\Windows\system32\drivers\massfilter_hs.sys [?]
S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-5-5 113120]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2010-12-17 340240]
S3 NisDrv;Microsoft Network Inspection System;C:\Windows\system32\DRIVERS\NisDrvWFP.sys --> C:\Windows\system32\DRIVERS\NisDrvWFP.sys [?]
S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2012-3-26 291696]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\system32\drivers\nvhda64v.sys --> C:\Windows\system32\drivers\nvhda64v.sys [?]
S3 NvStUSB;NVIDIA Stereoscopic 3D USB driver;C:\Windows\system32\DRIVERS\nvstusb.sys --> C:\Windows\system32\DRIVERS\nvstusb.sys [?]
S3 RoxMediaDB12OEM;RoxMediaDB12OEM;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-11-25 1116656]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504]
S3 WatAdminSvc;Aktiveringsteknologier för Windows-tjänst;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-23 57184]
.
=============== Created Last 30 ================
.
2012-06-07 15:53:43 69000 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{37860474-1D9C-4D17-8391-C1C3EE791DDB}\offreg.dll
2012-06-07 15:46:10 -------- d-----w- C:\Users\Sevket\AppData\Local\{B94A15F4-8F2F-43D3-935E-A20419E2D8BA}
2012-06-07 15:45:29 -------- d-----w- C:\Users\Sevket\AppData\Local\{1701EAF8-18BA-45D3-BE76-14A685538CEB}
2012-06-07 15:37:20 306176 ----a-w- C:\Users\Sevket\AppData\Local\uhzpwswpwi.exe
2012-06-06 19:31:28 770384 ----a-w- C:\Program Files (x86)\Mozilla Firefox\msvcr100.dll
2012-06-06 19:31:28 421200 ----a-w- C:\Program Files (x86)\Mozilla Firefox\msvcp100.dll
2012-06-06 16:00:22 8955792 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{37860474-1D9C-4D17-8391-C1C3EE791DDB}\mpengine.dll
2012-06-06 10:59:37 -------- d-----w- C:\Users\Sevket\AppData\Local\{87866375-B9C4-410D-8C16-906D44EA036C}
2012-06-06 10:59:15 -------- d-----w- C:\Users\Sevket\AppData\Local\{55CF67D8-73C5-4A71-8DB5-F65253163136}
2012-06-05 13:03:02 8955792 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-06-04 21:03:36 -------- d-----w- C:\Users\Sevket\AppData\Local\{FB04F855-8E1E-480A-9792-F39F34E96976}
2012-06-04 21:03:15 -------- d-----w- C:\Users\Sevket\AppData\Local\{012F0FCA-313A-4A99-97CF-8F79EB7AC829}
2012-06-03 12:20:52 -------- d-----w- C:\Users\Sevket\AppData\Local\{9BFA623E-3E01-4641-843C-520DC3E974FD}
2012-06-03 00:20:15 -------- d-----w- C:\Users\Sevket\AppData\Local\{DA5A3079-8D43-45F9-9E50-924A7FFC00DC}
2012-06-03 00:20:00 -------- d-----w- C:\Users\Sevket\AppData\Local\{D5E90BA6-B796-4969-8E32-CE0A54846075}
2012-06-02 08:00:36 -------- d-----w- C:\Users\Sevket\AppData\Local\{9F4072B7-C916-43D6-9FA6-6E386A262359}
2012-06-02 08:00:25 -------- d-----w- C:\Users\Sevket\AppData\Local\{AAD60CC8-9196-4A8C-92BC-1BD25AC4485A}
2012-06-01 14:01:10 -------- d-----w- C:\Users\Sevket\AppData\Local\{C8A8F95B-ECA9-410E-A03D-FD6306B1A2A4}
2012-06-01 14:00:44 -------- d-----w- C:\Users\Sevket\AppData\Local\{718EDF62-C0E6-4B9D-A0F8-0AB569C11337}
2012-05-31 06:37:53 -------- d-----w- C:\Users\Sevket\AppData\Local\{6FC95CB2-9CC5-4294-8A97-0EF72B396308}
2012-05-31 06:37:42 -------- d-----w- C:\Users\Sevket\AppData\Local\{7FC442B5-6002-4CFF-AA3A-31157B9D0790}
2012-05-29 12:49:56 -------- d-----w- C:\Users\Sevket\AppData\Local\{0B3544D2-1ACE-486A-9CB2-AE3F4A1DAAB0}
2012-05-29 12:49:45 -------- d-----w- C:\Users\Sevket\AppData\Local\{0E63C6F5-26BF-4A9D-BD1F-54CAA9EC4965}
2012-05-28 21:39:21 -------- d-----w- C:\Users\Sevket\AppData\Local\{A2D5CEFC-2E3E-4F94-BAE2-569E08E7C5C9}
2012-05-28 21:39:03 -------- d-----w- C:\Users\Sevket\AppData\Local\{A41159FE-482F-4CA0-87FD-B23967808D6A}
2012-05-24 09:10:03 -------- d-----w- C:\Users\Sevket\AppData\Local\{C332719F-3B05-4F32-9B7C-C4C358F12265}
2012-05-24 09:09:52 -------- d-----w- C:\Users\Sevket\AppData\Local\{A1020D66-E11F-4DC2-B02A-7D31244115EA}
2012-05-21 12:12:05 -------- d-----w- C:\Users\Sevket\AppData\Local\{852E3D51-0401-40B9-B53A-EE23E6E67F82}
2012-05-21 12:11:54 -------- d-----w- C:\Users\Sevket\AppData\Local\{D6B5CC97-1127-450E-97AD-1D7C254836F7}
2012-05-21 00:11:37 -------- d-----w- C:\Users\Sevket\AppData\Local\{DD2D1B6D-C551-4855-AFA0-C66213B06BE2}
2012-05-21 00:11:20 -------- d-----w- C:\Users\Sevket\AppData\Local\{2A5210E7-0312-4DE2-B1FB-5F281FCAE935}
2012-05-20 12:10:49 -------- d-----w- C:\Users\Sevket\AppData\Local\{F74B5FCD-03E0-425B-98DD-220A9D962171}
2012-05-20 12:10:35 -------- d-----w- C:\Users\Sevket\AppData\Local\{60EAB4DF-C35F-456F-84A4-D78252B08A64}
2012-05-20 11:28:36 -------- d---a-w- C:\Users\Sevket\.android
2012-05-20 11:28:32 38424 ----a-w- C:\Windows\System32\drivers\androidusb.sys
2012-05-20 11:28:32 129304 ----a-w- C:\Windows\System32\drivers\zghsvousb.sys
2012-05-20 11:28:32 129304 ----a-w- C:\Windows\System32\drivers\zghsnmea.sys
2012-05-20 11:28:32 129304 ----a-w- C:\Windows\System32\drivers\zghsdiag.sys
2012-05-20 11:28:32 129304 ----a-w- C:\Windows\System32\drivers\zghsat.sys
2012-05-20 11:28:32 127056 ----a-w- C:\Windows\System32\drivers\zghsmdm.sys
2012-05-20 11:28:32 11776 ----a-w- C:\Windows\System32\drivers\massfilter_hs.sys
2012-05-20 11:28:27 96256 ----a-w- C:\Windows\AdbWinApi.dll
2012-05-20 11:28:27 584584 ----a-w- C:\Windows\adb.exe
2012-05-20 11:28:27 -------- d-----w- C:\Program Files\ZTE Handset USB Driver
2012-05-19 10:19:56 -------- d-----w- C:\Users\Sevket\AppData\Local\{E6621AF1-7DBA-4D5F-A576-D39A81383D70}
2012-05-19 10:19:44 -------- d-----w- C:\Users\Sevket\AppData\Local\{9B438B85-8BE5-4B6F-A7A3-744A044A050A}
2012-05-18 20:19:03 -------- d-----w- C:\Users\Sevket\AppData\Local\{63B72367-6370-45DD-B158-CC3FF1B86768}
2012-05-18 20:18:48 -------- d-----w- C:\Users\Sevket\AppData\Local\{93A720B9-0D42-4ED6-8AD5-5938FDF5769B}
2012-05-17 17:30:19 -------- d-----w- C:\Users\Sevket\AppData\Local\{C1E69500-D1B4-44CA-B366-322EBEB2E7F7}
2012-05-17 17:30:08 -------- d-----w- C:\Users\Sevket\AppData\Local\{E7E6D606-0184-4810-88D8-504702B1B9DD}
2012-05-16 22:04:13 -------- d-----w- C:\Users\Sevket\AppData\Local\{478F15A1-0568-4A9F-97F9-83718AF278CE}
2012-05-16 22:04:01 -------- d-----w- C:\Users\Sevket\AppData\Local\{220199A6-ACF7-425F-A979-64F0441DEB3B}
2012-05-14 13:06:42 -------- d-----w- C:\Users\Sevket\AppData\Local\{B1F88348-CFE8-43F5-94AB-80BDD652EFDC}
2012-05-14 13:06:31 -------- d-----w- C:\Users\Sevket\AppData\Local\{C1AA0329-45F9-43EE-9BFD-0790766B8D5C}
2012-05-12 23:12:43 -------- d-----w- C:\Users\Sevket\AppData\Local\{7A55E381-DEA8-46F3-91A8-6DA10BBF35F5}
2012-05-12 23:12:32 -------- d-----w- C:\Users\Sevket\AppData\Local\{743497AD-6788-403F-8E90-66776FF7D850}
2012-05-12 19:57:24 -------- d-----w- C:\Users\Sevket\AppData\Local\{4D6D8F6E-FC07-41CD-96B5-A17AFED93972}
2012-05-12 19:56:59 -------- d-----w- C:\Users\Sevket\AppData\Local\{344A5395-59CE-4333-9A0D-295430B4AE55}
2012-05-11 19:02:12 -------- d-----w- C:\Users\Sevket\AppData\Local\{B16D0A71-CB5B-4198-BC01-2B563FB8500D}
2012-05-11 19:01:53 -------- d-----w- C:\Users\Sevket\AppData\Local\{9BAC8E84-9E0B-4575-B42E-32F41256F5B3}
2012-05-10 02:01:29 -------- d-----w- C:\Users\Sevket\AppData\Local\{B92B4582-A1D1-4FE3-BEE7-2796DD35A13B}
2012-05-10 02:01:18 -------- d-----w- C:\Users\Sevket\AppData\Local\{73AF87B3-D701-4A4D-8203-BCCEF98CE1E3}
2012-05-09 22:12:11 1544704 ----a-w- C:\Windows\System32\DWrite.dll
2012-05-09 22:12:11 1077248 ----a-w- C:\Windows\SysWow64\DWrite.dll
2012-05-09 22:12:10 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe
2012-05-09 22:12:09 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2012-05-09 22:12:09 3146240 ----a-w- C:\Windows\System32\win32k.sys
2012-05-09 22:12:08 3913072 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2012-05-09 22:11:09 75120 ----a-w- C:\Windows\System32\drivers\partmgr.sys
2012-05-09 22:10:30 1918320 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2012-05-09 22:10:23 936960 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2012-05-09 22:10:23 1732096 ----a-w- C:\Program Files\Windows Journal\NBDoc.DLL
2012-05-09 22:10:23 1367552 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll
2012-05-09 22:10:22 1402880 ----a-w- C:\Program Files\Windows Journal\JNWDRV.dll
2012-05-09 22:10:22 1393664 ----a-w- C:\Program Files\Windows Journal\JNTFiltr.dll
2012-05-09 11:51:24 -------- d-----w- C:\Users\Sevket\AppData\Local\{3C6057E0-A54F-44D6-AA8A-80085FDF884A}
2012-05-09 11:51:13 -------- d-----w- C:\Users\Sevket\AppData\Local\{F5AD9EDE-73B6-4D15-8B94-1A461B3D8369}
.
==================== Find3M  ====================
.
2012-05-05 14:58:35 70304 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-05-05 14:58:35 419488 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-05-05 14:58:23 8744608 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe
2012-03-20 18:44:12 98688 ----a-w- C:\Windows\System32\drivers\NisDrvWFP.sys
2012-03-20 18:44:12 203888 ----a-w- C:\Windows\System32\drivers\MpFilter.sys
.
============= FINISH: 18:24:40,45 ===============

Attach.txt

Musten · Juni 7, 2012

Funkar denna länk ?

http://www.2-viruses...security-shield

Hej!

Den funkar bra, och rent i allmänhet så funkar datorn just nu utan problem och jag får inte upp något skit. T.ex. kollade jag det med proxy inställningen på din länk och det var inte så trots att jag inte kört MalWarebytes ännu... Jag har inte riktigt gjort något mot viruset men inte heller något för att installera det liksom så vill vara säker på att det inte finns nåt kvar alls.

Cecilia · Juni 7, 2012

Funkar denna länk ?

http://www.2-viruses...security-shield

Den sidan är bara en reklamsida för SpyHunter som inte tar bort något utan att man betalar för programmet. Informationen är också alldeles för gammal för att vara korrekt för en ny infektion.

Cecilia · Juni 7, 2012

Där finns åtminstone en skadlig fil i loggen så kör MBAM så får vi se om den tas bort.

jarru · Juni 7, 2012

Den sidan är bara en reklamsida för SpyHunter som inte tar bort något utan att man betalar för programmet. Informationen är också alldeles för gammal för att vara korrekt för en ny infektion.

Ursäkta mig, men jag la in en länk ifall du inte var på plats, och den visar inte bara reklam.

Cecilia · Juni 7, 2012

Ursäkta mig, men jag la in en länk ifall du inte var på plats, och den visar inte bara reklam.

Snällt tänkt, men tyvärr så finns det så många opålitliga, även rent skadliga, sidor som kommer upp när man googlar på skadliga programs namn.

jarru · Juni 7, 2012

Snällt tänkt, men tyvärr så finns det så många opålitliga, även rent skadliga, sidor som kommer upp när man googlar på skadliga programs namn.

Jodå, nog är det så, men det går att rensa manuellt också, och jag uppfattade att det var tanken bakom det hela.

Vet nu inte hur snabbt antivirusföretagen reagerar på "nya saker" numera.

Cecilia · Juni 7, 2012

Jovisst, men informationen på sidan räcker inte till. T ex står det så här:

Stop these Security Shield processes:
[random].exe

Hur ska man veta vad man ska stoppa för process?

Remove these Security Shield files:
C:\Documents and Settings\[user]\Local Settings\Application Data\[random].exe

Mappen finns inte i Vista och Windows 7 och om där finns två exe-filer i mappen är det ju omöjligt att veta vilken det gäller.

Och den manuella instruktionen avslutas med:

It is impossible to list all file names and locations of modern parasites.

Det blir en rätt värdelös instruktion.

Musten · Juni 7, 2012

Där finns åtminstone en skadlig fil i loggen så kör MBAM så får vi se om den tas bort.

MBAM hittar inget fel? Behöver jag köra den i felsäkert läge kanske? Var så länge sen jag rensade virus...

Cecilia · Juni 7, 2012

Då tar vi till ComboFix i stället.

Spara ComboFix på Skrivbordet: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

Stäng av alla program du ser inklusive antivirusprogram och antispionprogram, men lämna brandväggen på.

Hur? Se http://www.bleepingcomputer.com/forums/topic114351.html

Kör ComboFix och följ anvisningarna som visas.

Om det kommer upp en fråga om du vill installera återställningskonsolen så svara Ja.

Mer detaljerad vägledning finns på http://www.bleepingcomputer.com/combofix/se/hur-combofix-ska-anvandas

Om det kommer upp något meddelande, t ex att ett rootkit har hittats, från ComboFix skriv ner det och skriv det sedan i ditt svar.

VIKTIGT! Klicka inte på ComboFix-fönstret med musen när det körs eftersom så det kan hänga upp sig då.

När ComboFix är färdig ska en logg komma upp, klistra in den i ditt svar. Kontrollera att antivirusprogram mm är igång innan du ansluter till internet.

Om du får problem med att komma ut på internet:

Kontrollpanelen - Nätverksanslutningar

högerklicka på din internetanslutning och välj Reparera och/eller starta om datorn.

Musten · Juni 7, 2012

Det var jobbigt med ComboFix.... gick inte med internet sen blev en omstart istället.... Nu är det klart iaf

ComboFix 12-06-07.03 - Sevket 2012-06-07  21:21:40.1.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.46.1053.18.4010.2336 [GMT 2:00]
Körs från: c:\users\Sevket\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}
SP: Microsoft Security Essentials *Disabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Skapade en ny återställningspunkt
.
.
((((((((((((((((((((((((((((((((((((((( Andra raderingar ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Roaming
c:\users\Sevket\AppData\Local\uhzpwswpwi.exe
c:\windows\system32\drivers\etc\hosts.ics
.
.
((((((((((((((((((((((((   Filer skapade från 2012-05-07 till 2012-06-07  ))))))))))))))))))))))))))))))
.
.
2012-06-07 19:25 . 2012-06-07 19:25 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-06-07 19:25 . 2012-06-07 19:25 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2012-06-07 19:15 . 2012-05-08 17:02 8955792 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{4166747A-73C9-4B05-A497-8A2919ECA440}\mpengine.dll
2012-06-07 16:35 . 2012-06-07 16:35 -------- d-----w- c:\users\Sevket\AppData\Roaming\Malwarebytes
2012-06-07 16:35 . 2012-06-07 16:35 -------- d-----w- c:\programdata\Malwarebytes
2012-06-07 16:35 . 2012-06-07 16:35 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-06-07 16:35 . 2012-04-04 13:56 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-06-06 19:31 . 2012-06-06 19:31 770384 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcr100.dll
2012-06-06 19:31 . 2012-06-06 19:31 421200 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcp100.dll
2012-06-06 16:00 . 2012-05-08 17:02 8955792 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-05-20 11:28 . 2012-05-20 11:28 -------- d---a-w- c:\users\Sevket\.android
2012-05-20 11:28 . 2010-10-20 14:10 11776 ----a-w- c:\windows\system32\drivers\massfilter_hs.sys
2012-05-20 11:28 . 2010-10-18 12:29 129304 ----a-w- c:\windows\system32\drivers\zghsvousb.sys
2012-05-20 11:28 . 2010-10-18 12:28 129304 ----a-w- c:\windows\system32\drivers\zghsnmea.sys
2012-05-20 11:28 . 2010-10-18 12:26 127056 ----a-w- c:\windows\system32\drivers\zghsmdm.sys
2012-05-20 11:28 . 2010-10-18 12:26 129304 ----a-w- c:\windows\system32\drivers\zghsdiag.sys
2012-05-20 11:28 . 2010-10-18 12:26 129304 ----a-w- c:\windows\system32\drivers\zghsat.sys
2012-05-20 11:28 . 2010-10-18 12:24 38424 ----a-w- c:\windows\system32\drivers\androidusb.sys
2012-05-20 11:28 . 2012-05-20 11:28 -------- d-----w- c:\program files\ZTE Handset USB Driver
2012-05-20 11:28 . 2011-01-07 07:43 584584 ----a-w- c:\windows\adb.exe
2012-05-20 11:28 . 2010-05-07 09:48 96256 ----a-w- c:\windows\AdbWinApi.dll
2012-05-09 22:12 . 2012-03-03 06:35 1544704 ----a-w- c:\windows\system32\DWrite.dll
2012-05-09 22:12 . 2012-03-03 05:31 1077248 ----a-w- c:\windows\SysWow64\DWrite.dll
2012-05-09 22:12 . 2012-03-31 06:05 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-05-09 22:12 . 2012-03-31 04:39 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-05-09 22:12 . 2012-03-31 03:10 3146240 ----a-w- c:\windows\system32\win32k.sys
2012-05-09 22:12 . 2012-03-31 04:39 3913072 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-05-09 22:11 . 2012-03-17 07:58 75120 ----a-w- c:\windows\system32\drivers\partmgr.sys
2012-05-09 22:10 . 2012-03-30 11:35 1918320 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-05-09 22:10 . 2012-03-31 05:42 1732096 ----a-w- c:\program files\Windows Journal\NBDoc.DLL
2012-05-09 22:10 . 2012-03-31 05:40 1367552 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2012-05-09 22:10 . 2012-03-31 04:29 936960 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2012-05-09 22:10 . 2012-03-31 05:40 1402880 ----a-w- c:\program files\Windows Journal\JNWDRV.dll
2012-05-09 22:10 . 2012-03-31 05:40 1393664 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-05-05 14:58 . 2012-04-07 19:43 419488 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-05-05 14:58 . 2011-12-19 22:38 70304 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-05-05 14:58 . 2012-04-07 19:58 8744608 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2012-03-20 18:44 . 2011-04-27 14:25 98688 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys
2012-03-20 18:44 . 2011-04-18 12:18 203888 ----a-w- c:\windows\system32\drivers\MpFilter.sys
2012-03-15 02:03 . 2011-12-21 14:05 2136512 ----a-w- c:\programdata\Microsoft\VisualStudio\10.0\1033\ResourceCache.dll
.
.
(((((((((((((((((((((((((((((((((( Startpunkter i registret )))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Not* tomma poster & legitima standardposter visas inte.
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{00000000-6E41-4FD3-8538-502F5495E5FC}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2012-01-03 1514152]
.
[HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}]
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
2012-01-03 15:31 1514152 ----a-w- c:\program files (x86)\Ask.com\GenericAskToolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2012-01-03 1514152]
.
[HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}]
[HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Voipwise"="c:\program files (x86)\Voipwise.com\Voipwise\voipwise.exe" [2012-04-12 17792376]
"WebcamMaxAutoRun"="c:\program files (x86)\WebcamMax\wcmmon.exe" [2011-07-17 1038848]
"Octoshape Streaming Services"="c:\users\Sevket\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" [2011-03-24 107800]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2011-09-05 35736]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
"Dell Webcam Central"="c:\program files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" [2010-08-19 487562]
"Dell Registration"="c:\program files (x86)\System Registration\prodreg.exe" [2010-11-10 4144448]
"RemoteControl9"="c:\program files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe" [2010-10-01 87336]
"PDVD9LanguageShortcut"="c:\program files (x86)\CyberLink\PowerDVD9\Language\Language.exe" [2010-09-17 50472]
"BDRegion"="c:\program files (x86)\Cyberlink\Shared Files\brs.exe" [2010-10-29 75048]
"RoxWatchTray"="c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe" [2010-11-25 240112]
"Desktop Disc Tool"="c:\program files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe" [2010-11-17 514544]
"VirtualCloneDrive"="c:\program files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2011-03-07 89456]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"ApnUpdater"="c:\program files (x86)\Ask.com\Updater\Updater.exe" [2012-01-03 1391272]
.
c:\users\Sevket\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Intel(R) Turbo Boost Technology Monitor 2.0.lnk - c:\program files\Intel\TurboBoost\SignalIslandUi.exe [2010-11-29 204288]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ	kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 CLKMSVC10_9EC60124;CyberLink Product - 2011/04/30 00:12;c:\program files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe [2010-10-29 236016]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Tjänsten Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-02-28 136176]
R2 RoxWatch12;Roxio Hard Drive Watcher 12;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-11-25 219632]
R2 Telenor Mobile Partner. RunOuc;Telenor Mobile Partner. OUC;c:\program files (x86)\Telenor Mobile Partner\UpdateDog\ouc.exe [2012-02-28 246112]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-05 257696]
R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys [x]
R3 ew_usbenumfilter;huawei_CompositeFilter;c:\windows\system32\DRIVERS\ew_usbenumfilter.sys [x]
R3 ewusbmbb;HUAWEI USB-WWAN miniport;c:\windows\system32\DRIVERS\ewusbwwan.sys [x]
R3 gupdatem;Tjänsten Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-02-28 136176]
R3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [x]
R3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [x]
R3 massfilter_hs;ZTE HandSet Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter_hs.sys [x]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-06-06 113120]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [2010-12-17 340240]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe [2012-03-26 291696]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x]
R3 NvStUSB;NVIDIA Stereoscopic 3D USB driver;c:\windows\system32\DRIVERS\nvstusb.sys [x]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 RoxMediaDB12OEM;RoxMediaDB12OEM;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-11-25 1116656]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0;c:\program files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504]
R3 WatAdminSvc;Aktiveringsteknologier för Windows-tjänst;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]
S0 stdcfltn;Disk Class Filter Driver for Accelerometer;c:\windows\system32\DRIVERS\stdcfltn.sys [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-09-05 64952]
S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.exe [2009-11-18 98208]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
S2 HWDeviceService64.exe;HWDeviceService64.exe;c:\programdata\DatacardService\HWDeviceService64.exe [2011-03-14 346976]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2010-11-30 1997416]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
S2 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [2011-08-18 1692480]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-11-29 378472]
S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-01-19 3027840]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-12-20 2656280]
S2 WCMVCAM;WebcamMax, WDM Video Capture;c:\windows\system32\DRIVERS\wcmvcam64.sys [x]
S3 Acceler;Accelerometer Service;c:\windows\system32\DRIVERS\Accelern.sys [x]
S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys [x]
S3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x]
S3 MEIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;c:\windows\system32\DRIVERS\NETwNs64.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [x]
S3 qicflt;upper Device Filter Driver;c:\windows\system32\DRIVERS\qicflt.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
S3 wdkmd;Intel WiDi KMD;c:\windows\system32\DRIVERS\WDKMD.sys [x]
.
.
--- Övriga tjänster/drivrutiner i minnet ---
.
*NewlyCreated* - WS2IFSL
*Deregistered* - CLKMDRV10_9EC60124
.
Innehåll i mappen 'Schemalagda aktiviteter':
.
2012-06-07 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-07 14:58]
.
2012-06-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-02-28 17:01]
.
2012-06-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-02-28 17:01]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2010-12-14 6561384]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2010-12-11 2186856]
"NVHotkey"="c:\windows\system32\nvHotkey.dll" [2010-11-29 312936]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-02-12 167960]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-02-12 391704]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-02-12 418328]
"FreeFallProtection"="c:\program files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe" [2010-12-17 686704]
"IntelWireless"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2010-12-17 1933584]
"QuickSet"="c:\program files\Dell\QuickSet\QuickSet.exe" [2011-01-25 4479648]
"IntelTBRunOnce"="wscript.exe" [2009-07-14 168960]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-03-26 1271168]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x1
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Extra genomsökning -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.sivilmanset.com/
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 192.168.2.1
TCP: Interfaces\{03D5B791-6B1E-4D79-AAB6-0FE61462B7E4}: NameServer = 195.54.122.221 195.54.122.211
TCP: Interfaces\{C56D62E1-2A3C-440D-8DD5-F68FFAA20F97}: NameServer = 195.54.122.221 195.54.122.211
FF - ProfilePath - c:\users\Sevket\AppData\Roaming\Mozilla\Firefox\Profiles\exgyoeyf.default\
.
- - - - FÖRÄLDRALÖSA POSTER SOM TAGITS BORT - - - -
.
Toolbar-Locked - (no file)
Toolbar-Locked - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
.
.
.
--------------------- LÅSTA REGISTERNYCKLAR ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
  00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Andra processer som körs ------------------------
.
c:\programdata\Telenor Mobile Partner\OnlineUpdate\ouc.exe
c:\program files (x86)\Dell DataSafe Local Backup\TOASTER.EXE
c:\program files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
c:\program files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Sluttid: 2012-06-07  21:31:15 - datorn startades om.
ComboFix-quarantined-files.txt  2012-06-07 19:31
.
Före genomsökningen: 421 728 002 048 byte ledigt
Efter genomsökningen: 422 151 114 752 byte ledigt
.
- - End Of File - - 4209532BDC824AF2DA5857D5728FFB34

Det dyker dessutom upp en bildruta nu när man startar datorn. Bifogar en bild.

Redigerad Juni 7, 2012 av Musten

Cecilia · Juni 7, 2012

Bra där försvann filen som hörde ihop med Security Shield.

Ask Toolbar anses vara olämplig så den bör du avinstallera. När du har gjort det så starta om datorn och kör DDS igen. Klistra in DDS.txt, men Attach.txt behövs inte.

Cecilia · Juni 7, 2012

Kommer det fram något program om du klickar på "Växla till"?

Musten · Juni 7, 2012

Hej!

Tog bort Ask Toolbar, något som någon annan måste råkat klicka i.... Detta är inte min egna dator så.Här är output från DDS

.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421  BrowserJavaVersion: 1.6.0_30
Run by Sevket at 22:27:09 on 2012-06-07
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.46.1053.18.4010.2014 [GMT 2:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Microsoft Security Essentials *Enabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\conhost.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\ProgramData\DatacardService\HWDeviceService64.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe
C:\ProgramData\DatacardService\DCSHelper.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files (x86)\Voipwise.com\Voipwise\voipwise.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\WebcamMax\wcmmon.exe
C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE
C:\Users\Sevket\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe
C:\ProgramData\Telenor Mobile Partner\OnlineUpdate\ouc.exe
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\reader_sl.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe
C:\Program Files (x86)\CyberLink\Shared files\brs.exe
C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\alg.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\servicing\TrustedInstaller.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files\Intel\TurboBoost\TurboBoost.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.sivilmanset.com/
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: McAfee Phishing Filter: {27b4851a-3207-45a2-b947-be8afe6163ab} - c:\progra~1\mcafee\msk\mskapbho.dll
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
uRun: [Voipwise] "C:\Program Files (x86)\Voipwise.com\Voipwise\voipwise.exe" -nosplash -minimized
uRun: [WebcamMaxAutoRun] "C:\Program Files (x86)\WebcamMax\wcmmon.exe" -a
uRun: [Octoshape Streaming Services] "C:\Users\Sevket\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" -inv:bootrun
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
mRun: [Dell Registration] C:\Program Files (x86)\System Registration\prodreg.exe /boot
mRun: [RemoteControl9] "c:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe"
mRun: [PDVD9LanguageShortcut] "c:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe"
mRun: [bDRegion] c:\Program Files (x86)\Cyberlink\Shared Files\brs.exe
mRun: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe"
mRun: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe"
mRun: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
StartupFolder: C:\Users\Sevket\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\INTEL(~1.LNK - C:\Program Files (x86)\Intel\TurboBoost\SignalIslandUi.exe
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload.adobe.com/pub/shockwave/cabs/flash/swflash.cab
TCP: DhcpNameServer = 192.168.2.1
TCP: Interfaces\{03D5B791-6B1E-4D79-AAB6-0FE61462B7E4} : NameServer = 195.54.122.221 195.54.122.211
TCP: Interfaces\{6CDFA328-59D2-4F23-AA8D-F3B4A2751FF7}\4493350575A50513D22393130303 : DhcpNameServer = 192.168.0.1 192.168.0.1
TCP: Interfaces\{AA501FAE-8CB3-4829-AD7D-632A341FDD4B} : DhcpNameServer = 192.168.2.1
TCP: Interfaces\{AA501FAE-8CB3-4829-AD7D-632A341FDD4B}\2456C6B696E6F5E4F575962756C6563737F5032354533444 : DhcpNameServer = 192.168.2.1
TCP: Interfaces\{AA501FAE-8CB3-4829-AD7D-632A341FDD4B}\3747164656E6127657563747 : DhcpNameServer = 62.88.141.5 62.88.141.6
TCP: Interfaces\{AA501FAE-8CB3-4829-AD7D-632A341FDD4B}\4556C6562394E6475627E65647D25383534463 : DhcpNameServer = 192.168.1.1 192.168.1.1
TCP: Interfaces\{AA501FAE-8CB3-4829-AD7D-632A341FDD4B}\45E4F507279667164756F5131324032373 : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{AA501FAE-8CB3-4829-AD7D-632A341FDD4B}\57C647271437C616E69437675636 : DhcpNameServer = 192.168.2.1
TCP: Interfaces\{C56D62E1-2A3C-440D-8DD5-F68FFAA20F97} : NameServer = 195.54.122.221 195.54.122.211
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
{18DF081C-E8AD-4283-A596-FA578C2EBDC3}
{27B4851A-3207-45A2-B947-BE8AFE6163AB}
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
{9030D464-4C02-4ABF-8ECC-5164760863C6}
{9FDDE16B-836F-4806-AB1F-1455CBEFF289}
{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
{DBC80044-A445-435b-BC74-9C25C1C588A9}
mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2
mRun-x64: [Dell Registration] C:\Program Files (x86)\System Registration\prodreg.exe /boot
mRun-x64: [RemoteControl9] "c:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe"
mRun-x64: [PDVD9LanguageShortcut] "c:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe"
mRun-x64: [bDRegion] c:\Program Files (x86)\Cyberlink\Shared Files\brs.exe
mRun-x64: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe"
mRun-x64: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe"
mRun-x64: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
AppInit_DLLs-X64: C:\Windows\SysWOW64\nvinit.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Sevket\AppData\Roaming\Mozilla\Firefox\Profiles\exgyoeyf.default\
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\Program Files (x86)\Veetle\Player\npvlc.dll
FF - plugin: C:\Program Files (x86)\Veetle\plugins\npVeetle.dll
FF - plugin: C:\Program Files (x86)\Veetle\VLCBroadcast\npvbp.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\Sevket\AppData\Roaming\Mozilla\plugins\npoctoshape.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\system32\DRIVERS\MpFilter.sys --> C:\Windows\system32\DRIVERS\MpFilter.sys [?]
R0 nvpciflt;nvpciflt;C:\Windows\system32\DRIVERS\nvpciflt.sys --> C:\Windows\system32\DRIVERS\nvpciflt.sys [?]
R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]
R0 stdcfltn;Disk Class Filter Driver for Accelerometer;C:\Windows\system32\DRIVERS\stdcfltn.sys --> C:\Windows\system32\DRIVERS\stdcfltn.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-9-5 64952]
R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2011-4-30 98208]
R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624]
R2 HWDeviceService64.exe;HWDeviceService64.exe;C:\ProgramData\DatacardService\HWDeviceService64.exe [2011-3-14 346976]
R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-4-30 1997416]
R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776]
R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2011-4-30 1692480]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-11-29 378472]
R2 TeamViewer7;TeamViewer 7;C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-2-17 3027840]
R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\system32\DRIVERS\TurboB.sys --> C:\Windows\system32\DRIVERS\TurboB.sys [?]
R2 WCMVCAM;WebcamMax, WDM Video Capture;C:\Windows\system32\DRIVERS\wcmvcam64.sys --> C:\Windows\system32\DRIVERS\wcmvcam64.sys [?]
R3 Acceler;Accelerometer Service;C:\Windows\system32\DRIVERS\Accelern.sys --> C:\Windows\system32\DRIVERS\Accelern.sys [?]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\system32\DRIVERS\CtClsFlt.sys --> C:\Windows\system32\DRIVERS\CtClsFlt.sys [?]
R3 huawei_enumerator;huawei_enumerator;C:\Windows\system32\DRIVERS\ew_jubusenum.sys --> C:\Windows\system32\DRIVERS\ew_jubusenum.sys [?]
R3 IntcDAud;Intel(R) Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys [?]
R3 MEIx64;Intel(R) Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]
R3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\system32\DRIVERS\NETwNs64.sys --> C:\Windows\system32\DRIVERS\NETwNs64.sys [?]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\system32\DRIVERS\nusb3hub.sys --> C:\Windows\system32\DRIVERS\nusb3hub.sys [?]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\system32\DRIVERS\nusb3xhc.sys --> C:\Windows\system32\DRIVERS\nusb3xhc.sys [?]
R3 qicflt;upper Device Filter Driver;C:\Windows\system32\DRIVERS\qicflt.sys --> C:\Windows\system32\DRIVERS\qicflt.sys [?]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
R3 Sftfs;Sftfs;C:\Windows\system32\DRIVERS\Sftfslh.sys --> C:\Windows\system32\DRIVERS\Sftfslh.sys [?]
R3 Sftplay;Sftplay;C:\Windows\system32\DRIVERS\Sftplaylh.sys --> C:\Windows\system32\DRIVERS\Sftplaylh.sys [?]
R3 Sftredir;Sftredir;C:\Windows\system32\DRIVERS\Sftredirlh.sys --> C:\Windows\system32\DRIVERS\Sftredirlh.sys [?]
R3 Sftvol;Sftvol;C:\Windows\system32\DRIVERS\Sftvollh.sys --> C:\Windows\system32\DRIVERS\Sftvollh.sys [?]
R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496]
R3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504]
R3 wdkmd;Intel WiDi KMD;C:\Windows\system32\DRIVERS\WDKMD.sys --> C:\Windows\system32\DRIVERS\WDKMD.sys [?]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]
S2 CLKMSVC10_9EC60124;CyberLink Product - 2011/04/30 00:12:56;C:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe [2010-10-29 236016]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Tjänsten Google Update (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-2-28 136176]
S2 RoxWatch12;Roxio Hard Drive Watcher 12;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-11-25 219632]
S2 Telenor Mobile Partner. RunOuc;Telenor Mobile Partner. OUC;C:\Program Files (x86)\Telenor Mobile Partner\UpdateDog\ouc.exe [2012-2-28 246112]
S2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-4-30 2656280]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-4-7 257696]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;C:\Windows\system32\DRIVERS\ew_hwusbdev.sys --> C:\Windows\system32\DRIVERS\ew_hwusbdev.sys [?]
S3 ew_usbenumfilter;huawei_CompositeFilter;C:\Windows\system32\DRIVERS\ew_usbenumfilter.sys --> C:\Windows\system32\DRIVERS\ew_usbenumfilter.sys [?]
S3 ewusbmbb;HUAWEI USB-WWAN miniport;C:\Windows\system32\DRIVERS\ewusbwwan.sys --> C:\Windows\system32\DRIVERS\ewusbwwan.sys [?]
S3 gupdatem;Tjänsten Google Update (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-2-28 136176]
S3 Impcd;Impcd;C:\Windows\system32\DRIVERS\Impcd.sys --> C:\Windows\system32\DRIVERS\Impcd.sys [?]
S3 JMCR;JMCR;C:\Windows\system32\DRIVERS\jmcr.sys --> C:\Windows\system32\DRIVERS\jmcr.sys [?]
S3 massfilter_hs;ZTE HandSet Mass Storage Filter Driver;C:\Windows\system32\drivers\massfilter_hs.sys --> C:\Windows\system32\drivers\massfilter_hs.sys [?]
S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-5-5 113120]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2010-12-17 340240]
S3 NisDrv;Microsoft Network Inspection System;C:\Windows\system32\DRIVERS\NisDrvWFP.sys --> C:\Windows\system32\DRIVERS\NisDrvWFP.sys [?]
S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2012-3-26 291696]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\system32\drivers\nvhda64v.sys --> C:\Windows\system32\drivers\nvhda64v.sys [?]
S3 NvStUSB;NVIDIA Stereoscopic 3D USB driver;C:\Windows\system32\DRIVERS\nvstusb.sys --> C:\Windows\system32\DRIVERS\nvstusb.sys [?]
S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
S3 RoxMediaDB12OEM;RoxMediaDB12OEM;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-11-25 1116656]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 WatAdminSvc;Aktiveringsteknologier för Windows-tjänst;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-23 57184]
.
=============== Created Last 30 ================
.
2012-06-07 19:39:42 8955792 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{EF1B6B55-2677-4E6D-AF72-FE0BDA252F29}\mpengine.dll
2012-06-07 19:38:07 -------- d-sh--w- C:\$RECYCLE.BIN
2012-06-07 19:20:09 98816 ----a-w- C:\Windows\sed.exe
2012-06-07 19:20:09 518144 ----a-w- C:\Windows\SWREG.exe
2012-06-07 19:20:09 256000 ----a-w- C:\Windows\PEV.exe
2012-06-07 19:20:09 208896 ----a-w- C:\Windows\MBR.exe
2012-06-07 16:35:29 -------- d-----w- C:\Users\Sevket\AppData\Roaming\Malwarebytes
2012-06-07 16:35:12 -------- d-----w- C:\ProgramData\Malwarebytes
2012-06-07 16:35:11 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-06-07 16:35:11 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-06-07 15:46:10 -------- d-----w- C:\Users\Sevket\AppData\Local\{B94A15F4-8F2F-43D3-935E-A20419E2D8BA}
2012-06-07 15:45:29 -------- d-----w- C:\Users\Sevket\AppData\Local\{1701EAF8-18BA-45D3-BE76-14A685538CEB}
2012-06-06 19:31:28 770384 ----a-w- C:\Program Files (x86)\Mozilla Firefox\msvcr100.dll
2012-06-06 19:31:28 421200 ----a-w- C:\Program Files (x86)\Mozilla Firefox\msvcp100.dll
2012-06-06 16:00:22 8955792 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-06-06 10:59:37 -------- d-----w- C:\Users\Sevket\AppData\Local\{87866375-B9C4-410D-8C16-906D44EA036C}
2012-06-06 10:59:15 -------- d-----w- C:\Users\Sevket\AppData\Local\{55CF67D8-73C5-4A71-8DB5-F65253163136}
2012-06-04 21:03:36 -------- d-----w- C:\Users\Sevket\AppData\Local\{FB04F855-8E1E-480A-9792-F39F34E96976}
2012-06-04 21:03:15 -------- d-----w- C:\Users\Sevket\AppData\Local\{012F0FCA-313A-4A99-97CF-8F79EB7AC829}
2012-06-03 12:20:52 -------- d-----w- C:\Users\Sevket\AppData\Local\{9BFA623E-3E01-4641-843C-520DC3E974FD}
2012-06-03 00:20:15 -------- d-----w- C:\Users\Sevket\AppData\Local\{DA5A3079-8D43-45F9-9E50-924A7FFC00DC}
2012-06-03 00:20:00 -------- d-----w- C:\Users\Sevket\AppData\Local\{D5E90BA6-B796-4969-8E32-CE0A54846075}
2012-06-02 08:00:36 -------- d-----w- C:\Users\Sevket\AppData\Local\{9F4072B7-C916-43D6-9FA6-6E386A262359}
2012-06-02 08:00:25 -------- d-----w- C:\Users\Sevket\AppData\Local\{AAD60CC8-9196-4A8C-92BC-1BD25AC4485A}
2012-06-01 14:01:10 -------- d-----w- C:\Users\Sevket\AppData\Local\{C8A8F95B-ECA9-410E-A03D-FD6306B1A2A4}
2012-06-01 14:00:44 -------- d-----w- C:\Users\Sevket\AppData\Local\{718EDF62-C0E6-4B9D-A0F8-0AB569C11337}
2012-05-31 06:37:53 -------- d-----w- C:\Users\Sevket\AppData\Local\{6FC95CB2-9CC5-4294-8A97-0EF72B396308}
2012-05-31 06:37:42 -------- d-----w- C:\Users\Sevket\AppData\Local\{7FC442B5-6002-4CFF-AA3A-31157B9D0790}
2012-05-29 12:49:56 -------- d-----w- C:\Users\Sevket\AppData\Local\{0B3544D2-1ACE-486A-9CB2-AE3F4A1DAAB0}
2012-05-29 12:49:45 -------- d-----w- C:\Users\Sevket\AppData\Local\{0E63C6F5-26BF-4A9D-BD1F-54CAA9EC4965}
2012-05-28 21:39:21 -------- d-----w- C:\Users\Sevket\AppData\Local\{A2D5CEFC-2E3E-4F94-BAE2-569E08E7C5C9}
2012-05-28 21:39:03 -------- d-----w- C:\Users\Sevket\AppData\Local\{A41159FE-482F-4CA0-87FD-B23967808D6A}
2012-05-24 09:10:03 -------- d-----w- C:\Users\Sevket\AppData\Local\{C332719F-3B05-4F32-9B7C-C4C358F12265}
2012-05-24 09:09:52 -------- d-----w- C:\Users\Sevket\AppData\Local\{A1020D66-E11F-4DC2-B02A-7D31244115EA}
2012-05-21 12:12:05 -------- d-----w- C:\Users\Sevket\AppData\Local\{852E3D51-0401-40B9-B53A-EE23E6E67F82}
2012-05-21 12:11:54 -------- d-----w- C:\Users\Sevket\AppData\Local\{D6B5CC97-1127-450E-97AD-1D7C254836F7}
2012-05-21 00:11:37 -------- d-----w- C:\Users\Sevket\AppData\Local\{DD2D1B6D-C551-4855-AFA0-C66213B06BE2}
2012-05-21 00:11:20 -------- d-----w- C:\Users\Sevket\AppData\Local\{2A5210E7-0312-4DE2-B1FB-5F281FCAE935}
2012-05-20 12:10:49 -------- d-----w- C:\Users\Sevket\AppData\Local\{F74B5FCD-03E0-425B-98DD-220A9D962171}
2012-05-20 12:10:35 -------- d-----w- C:\Users\Sevket\AppData\Local\{60EAB4DF-C35F-456F-84A4-D78252B08A64}
2012-05-20 11:28:36 -------- d---a-w- C:\Users\Sevket\.android
2012-05-20 11:28:32 38424 ----a-w- C:\Windows\System32\drivers\androidusb.sys
2012-05-20 11:28:32 129304 ----a-w- C:\Windows\System32\drivers\zghsvousb.sys
2012-05-20 11:28:32 129304 ----a-w- C:\Windows\System32\drivers\zghsnmea.sys
2012-05-20 11:28:32 129304 ----a-w- C:\Windows\System32\drivers\zghsdiag.sys
2012-05-20 11:28:32 129304 ----a-w- C:\Windows\System32\drivers\zghsat.sys
2012-05-20 11:28:32 127056 ----a-w- C:\Windows\System32\drivers\zghsmdm.sys
2012-05-20 11:28:32 11776 ----a-w- C:\Windows\System32\drivers\massfilter_hs.sys
2012-05-20 11:28:27 96256 ----a-w- C:\Windows\AdbWinApi.dll
2012-05-20 11:28:27 584584 ----a-w- C:\Windows\adb.exe
2012-05-20 11:28:27 -------- d-----w- C:\Program Files\ZTE Handset USB Driver
2012-05-19 10:19:56 -------- d-----w- C:\Users\Sevket\AppData\Local\{E6621AF1-7DBA-4D5F-A576-D39A81383D70}
2012-05-19 10:19:44 -------- d-----w- C:\Users\Sevket\AppData\Local\{9B438B85-8BE5-4B6F-A7A3-744A044A050A}
2012-05-18 20:19:03 -------- d-----w- C:\Users\Sevket\AppData\Local\{63B72367-6370-45DD-B158-CC3FF1B86768}
2012-05-18 20:18:48 -------- d-----w- C:\Users\Sevket\AppData\Local\{93A720B9-0D42-4ED6-8AD5-5938FDF5769B}
2012-05-17 17:30:19 -------- d-----w- C:\Users\Sevket\AppData\Local\{C1E69500-D1B4-44CA-B366-322EBEB2E7F7}
2012-05-17 17:30:08 -------- d-----w- C:\Users\Sevket\AppData\Local\{E7E6D606-0184-4810-88D8-504702B1B9DD}
2012-05-16 22:04:13 -------- d-----w- C:\Users\Sevket\AppData\Local\{478F15A1-0568-4A9F-97F9-83718AF278CE}
2012-05-16 22:04:01 -------- d-----w- C:\Users\Sevket\AppData\Local\{220199A6-ACF7-425F-A979-64F0441DEB3B}
2012-05-14 13:06:42 -------- d-----w- C:\Users\Sevket\AppData\Local\{B1F88348-CFE8-43F5-94AB-80BDD652EFDC}
2012-05-14 13:06:31 -------- d-----w- C:\Users\Sevket\AppData\Local\{C1AA0329-45F9-43EE-9BFD-0790766B8D5C}
2012-05-12 23:12:43 -------- d-----w- C:\Users\Sevket\AppData\Local\{7A55E381-DEA8-46F3-91A8-6DA10BBF35F5}
2012-05-12 23:12:32 -------- d-----w- C:\Users\Sevket\AppData\Local\{743497AD-6788-403F-8E90-66776FF7D850}
2012-05-12 19:57:24 -------- d-----w- C:\Users\Sevket\AppData\Local\{4D6D8F6E-FC07-41CD-96B5-A17AFED93972}
2012-05-12 19:56:59 -------- d-----w- C:\Users\Sevket\AppData\Local\{344A5395-59CE-4333-9A0D-295430B4AE55}
2012-05-11 19:02:12 -------- d-----w- C:\Users\Sevket\AppData\Local\{B16D0A71-CB5B-4198-BC01-2B563FB8500D}
2012-05-11 19:01:53 -------- d-----w- C:\Users\Sevket\AppData\Local\{9BAC8E84-9E0B-4575-B42E-32F41256F5B3}
2012-05-10 02:01:29 -------- d-----w- C:\Users\Sevket\AppData\Local\{B92B4582-A1D1-4FE3-BEE7-2796DD35A13B}
2012-05-10 02:01:18 -------- d-----w- C:\Users\Sevket\AppData\Local\{73AF87B3-D701-4A4D-8203-BCCEF98CE1E3}
2012-05-09 22:12:11 1544704 ----a-w- C:\Windows\System32\DWrite.dll
2012-05-09 22:12:11 1077248 ----a-w- C:\Windows\SysWow64\DWrite.dll
2012-05-09 22:12:10 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe
2012-05-09 22:12:09 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2012-05-09 22:12:09 3146240 ----a-w- C:\Windows\System32\win32k.sys
2012-05-09 22:12:08 3913072 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2012-05-09 22:11:09 75120 ----a-w- C:\Windows\System32\drivers\partmgr.sys
2012-05-09 22:10:30 1918320 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2012-05-09 22:10:23 936960 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2012-05-09 22:10:23 1732096 ----a-w- C:\Program Files\Windows Journal\NBDoc.DLL
2012-05-09 22:10:23 1367552 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll
2012-05-09 22:10:22 1402880 ----a-w- C:\Program Files\Windows Journal\JNWDRV.dll
2012-05-09 22:10:22 1393664 ----a-w- C:\Program Files\Windows Journal\JNTFiltr.dll
2012-05-09 11:51:24 -------- d-----w- C:\Users\Sevket\AppData\Local\{3C6057E0-A54F-44D6-AA8A-80085FDF884A}
2012-05-09 11:51:13 -------- d-----w- C:\Users\Sevket\AppData\Local\{F5AD9EDE-73B6-4D15-8B94-1A461B3D8369}
.
==================== Find3M  ====================
.
2012-05-05 14:58:35 70304 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-05-05 14:58:35 419488 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-05-05 14:58:23 8744608 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe
2012-03-20 18:44:12 98688 ----a-w- C:\Windows\System32\drivers\NisDrvWFP.sys
2012-03-20 18:44:12 203888 ----a-w- C:\Windows\System32\drivers\MpFilter.sys
.
============= FINISH: 22:28:22,69 ===============

Musten · Juni 7, 2012

Och den där rutan kom inte upp denna gången, och den gav ingen respons när man tryckte på "växla till" tidigare....

Cecilia · Juni 7, 2012

Vad bra att rutan har försvunnit.

Nu återstår bara en sista städomgång:

1. Avinstallation av ComboFix

Tryck Windows-tangenten + R

Kopiera och klistra in denna rad:

ComboFix /Uninstall

Observera att det är ett mellanrum före /

Klicka på OK.

2. Ladda ner avinstallationsprogrammet OTC till Skrivbordet.

http://oldtimer.geekstogo.com/OTC.exe

Dubbelklicka på filen för att starta programmet.

Tryck på knappen CleanUp! och DDS kommer att avinstalleras efter en omstart av datorn. Ta bort eventuella loggar.

3. Byt alla lösenord som du använder i datorn och på internet eftersom dessa kan ha kommit i orätta händer.

http://mnin.blogspot.com/2009/02/why-i-enjoyed-tiggersyzor.html beskriver ett skadligt program som spionerar genom att ta skärmbilder, logga tangentbordsnedtryckningar och läsa lösenord som är lagrade i webbläsare, epostprogram etc.

4. Förbättra skyddet i datorn, se mina Råd för en säkrare dator: http://ceciliasec.wordpress.com/rad/

Det är väldigt viktigt att hålla alla program i datorn uppdaterade, och inte bara Windows. Det ser ut som att det finns en gammal Java-version med kända säkerhetshål installerad och det kan vara anledningen till att datorn blev infekterad av Security Shield. Men eftersom det kan finnas fler gamla versioner så kör gärna Secunias program som jag har en länk till på min webbsida.

jarru · Juni 8, 2012

Det blir en rätt värdelös instruktion.

Jag säger inte emot, men vet man vilken "random-process" och vilka "random-mappar" inte ska finnas med, går det att rensa manuellt.

Det beror på hur insatt man är i OS:et, men du håller på och löser problemet hursomhelst.

bengsi · Augusti 2, 2012

Hej!

Fick precis också Security Shield på dator, och har panik - får inte bort det. Har redan försökt med den här guiden, http://www.bleepingcomputer.com/virus-removal/remove-security-shield, men det funkade inte :/

Någon snäll och kunnig människa som kan hjälpa mig?

bengsi · Augusti 3, 2012

.

DDS (Ver_2011-08-26.01) - NTFSAMD64 NETWORK

Internet Explorer: 9.0.8112.16421

Run by Emma at 9:50:28 on 2012-08-03

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.46.1053.18.3950.3237 [GMT 2:00]

.

AV: McAfee Antivirus och antispionprogram *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}

SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: McAfee Antivirus och antispionprogram *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}

FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}

.

============== Running Processes ===============

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\SYSTEM32\WISPTIS.EXE

C:\Windows\system32\mfevtps.exe

C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe

C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\SYSTEM32\WISPTIS.EXE

C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\ctfmon.exe

c:\PROGRA~1\mcafee.com\agent\mcagent.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Windows\SysWOW64\cmd.exe

C:\Windows\system32\conhost.exe

C:\Windows\SysWOW64\cscript.exe

C:\Windows\system32\wbem\wmiprvse.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.google.com/

uDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=SVEC&bmod=EU01

mStart Page = hxxp://search.myheritage.com

uURLSearchHooks: MHURLSearchHook Class: {1c4ab6a5-595f-4e86-b15f-f93cce2bbd48} - C:\Program Files (x86)\Celebrity Toolbar\tbhelper.dll

uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll

BHO: MHTBPos00 Class: {0c37b053-fd68-456a-82e1-d788ee342e6f} - C:\Program Files (x86)\Celebrity Toolbar\tbcore3.dll

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll

BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120629133947.dll

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: e-kort Helper Class: {9065e913-4f23-4b47-9b5d-b055d32db1f3} - C:\Program Files (x86)\ekort\EKortHelper.dll

BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll

BHO: CMySite Class: {d62ec836-bf1e-4cac-81be-fb9179835d8e} - C:\Program Files (x86)\Celebrity Toolbar\mhxpcomi.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

TB: e-kort Toolbar: {8db2b2e8-579f-48a8-a496-18fefcf8f4df} - C:\Program Files (x86)\ekort\EKortToolbar.dll

TB: Celebrity Toolbar: {fd2fd708-1f6f-4b68-b141-c5778f0c19bb} - C:\Program Files (x86)\Celebrity Toolbar\tbcore3.dll

TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll

uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

uRun: [sansaDispatch] C:\Users\Emma\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe

uRun: [spotify Web Helper] "C:\Users\Emma\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

uRun: [AdobeBridge]

mRun: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

mRun: [iSBMgr.exe] "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe"

mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

mRun: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED

mRun: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe

mRun: [MarketingTools] C:\Program Files (x86)\Sony\Marketing Tools\MarketingTools.exe

mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun: [e-kort] C:\PROGRA~2\ekort\ekort.exe /dontopenmycards /Autostart

mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey

mRun: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin

mRun: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

StartupFolder: C:\Users\Emma\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ADOBEG~1.LNK - C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

StartupFolder: C:\Users\Emma\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\SKRMUR~1.LNK - C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BANKID~1.LNK - C:\Program Files (x86)\Personal\bin\Personal.exe

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files (x86)\WIDCOMM\Bluetooth Software\BTTray.exe

mPolicies-explorer: NoActiveDesktop = 1 (0x1)

mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)

mPolicies-system: ConsentPromptBehaviorUser = 0 (0x0)

mPolicies-system: EnableLUA = 0 (0x0)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000

IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html

IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL

IE: {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - {BC0E0A5D-AB5A-4fa4-A5FA-280E1D58EEEE} - C:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll

DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/sites/production/ieawsdc32.cab

DPF: {402EE96E-2CE8-482D-ADA5-CECEEA07E16D} - hxxp://www.turntool.com/ViewerInstall.exe

DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} - hxxp://www.fujidirekt.se/aurigma/ImageUploader5.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab

TCP: DhcpNameServer = 192.168.1.1

TCP: Interfaces\{36601CEE-D5D8-49CC-9878-7011DD745294} : DhcpNameServer = 192.168.1.1

TCP: Interfaces\{6D7BD819-48F2-4E64-8CDB-988BAD52DF69} : DhcpNameServer = 195.54.122.199 195.54.122.204

Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\McAfee\MSC\McSnIePl.dll

Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\McAfee\SITEAD~1\McIEPlg.dll

Handler: mhtb - {669A2A3A-F19C-452D-800D-1240299756C1} - C:\Program Files (x86)\Celebrity Toolbar\mhxpcomi.dll

Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\McAfee\SITEAD~1\McIEPlg.dll

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

Notify: VESWinlogon - VESWinlogon.dll

{0C37B053-FD68-456a-82E1-D788EE342E6F}

{18DF081C-E8AD-4283-A596-FA578C2EBDC3}

{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}

{7DB2D5A0-7241-4E79-B68D-6309F01C5231}

{9030D464-4C02-4ABF-8ECC-5164760863C6}

{9065E913-4F23-4B47-9B5D-B055D32DB1F3}

{AA58ED58-01DD-4d91-8333-CF10577473F7}

{B164E929-A1B6-4A06-B104-2CD0E90A88FF}

{D62EC836-BF1E-4CAC-81BE-FB9179835D8E}

{DBC80044-A445-435b-BC74-9C25C1C588A9}

{8DB2B2E8-579F-48A8-A496-18FEFCF8F4DF}

{FD2FD708-1F6F-4B68-B141-C5778F0C19BB}

{2318C2B1-4965-11d4-9B18-009027A5CD4F}

{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064}

mRun-x64: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

mRun-x64: [iSBMgr.exe] "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe"

mRun-x64: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

mRun-x64: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED

mRun-x64: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe

mRun-x64: [MarketingTools] C:\Program Files (x86)\Sony\Marketing Tools\MarketingTools.exe

mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"

mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun-x64: [e-kort] C:\PROGRA~2\ekort\ekort.exe /dontopenmycards /Autostart

mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun-x64: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey

mRun-x64: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin

mRun-x64: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

IE-X64: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

Hosts: 78.46.61.26 www.google-analytics.com.

Hosts: 78.46.61.26 ad-emea.doubleclick.net.

Hosts: 78.46.61.26 www.statcounter.com.

Hosts: 108.163.215.51 www.google-analytics.com.

Hosts: 108.163.215.51 ad-emea.doubleclick.net.

.

Note: multiple HOSTS entries found. Please refer to Attach.txt

.

============= SERVICES / DRIVERS ===============

.

R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\system32\drivers\mfehidk.sys --> C:\Windows\system32\drivers\mfehidk.sys [?]

R0 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\system32\drivers\mfewfpk.sys --> C:\Windows\system32\drivers\mfewfpk.sys [?]

R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]

R1 mfenlfk;McAfee NDIS Light Filter;C:\Windows\system32\DRIVERS\mfenlfk.sys --> C:\Windows\system32\DRIVERS\mfenlfk.sys [?]

R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]

R2 McMPFSvc;McAfee Personal Firewall Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-6-29 249936]

R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [2012-6-29 210616]

R2 mfevtp;McAfee Validation Trust Protection Service;"C:\Windows\system32\mfevtps.exe" --> C:\Windows\system32\mfevtps.exe [?]

R2 rimspci;rimspci;C:\Windows\system32\drivers\rimssne64.sys --> C:\Windows\system32\drivers\rimssne64.sys [?]

R2 risdsnpe;risdsnpe;C:\Windows\system32\drivers\risdsne64.sys --> C:\Windows\system32\drivers\risdsne64.sys [?]

R3 HECIx64;Intel® Management Engine Interface;C:\Windows\system32\drivers\HECIx64.sys --> C:\Windows\system32\drivers\HECIx64.sys [?]

R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\system32\drivers\mfefirek.sys --> C:\Windows\system32\drivers\mfefirek.sys [?]

R3 SFEP;Sony Firmware Extension Parser;C:\Windows\system32\drivers\SFEP.sys --> C:\Windows\system32\drivers\SFEP.sys [?]

R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk62x64.sys --> C:\Windows\system32\DRIVERS\yk62x64.sys [?]

S2 0048881343150844mcinstcleanup;McAfee Application Installer Cleanup (0048881343150844);C:\Windows\TEMP\004888~1.EXE -cleanup -nolog --> C:\Windows\TEMP\004888~1.EXE -cleanup -nolog [?]

S2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-1-13 133104]

S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2009-12-28 13336]

S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-8-2 655944]

S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-6-29 249936]

S2 McNaiAnn;McAfee VirusScan Announcer;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-6-29 249936]

S2 McProxy;McAfee Proxy Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-6-29 249936]

S2 McShield;McAfee McShield;C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe [2012-6-29 199304]

S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;C:\Program Files (x86)\SONY\PMB\PMBDeviceInfoProvider.exe [2009-10-24 360224]

S2 Roxio Upnp Server 10;Roxio Upnp Server 10;C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe [2009-8-31 362992]

S2 SampleCollector;VAIO Care Performance Service;C:\Program Files\Sony\VAIO Care\VCPerfService.exe [2011-12-15 259192]

S2 uCamMonitor;CamMonitor;C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2010-1-13 104960]

S2 UNS;Intel® Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2009-12-28 2320920]

S2 VCFw;VAIO Content Folder Watcher;C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2009-9-14 642416]

S2 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2010-2-19 529776]

S2 VSNService;VSNService;C:\Program Files\Sony\VAIO Smart Network\VSNService.exe [2010-1-13 821760]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-4-2 250056]

S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys --> C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys [?]

S3 btusbflt;Bluetooth USB Filter;C:\Windows\system32\drivers\btusbflt.sys --> C:\Windows\system32\drivers\btusbflt.sys [?]

S3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\system32\DRIVERS\btwl2cap.sys --> C:\Windows\system32\DRIVERS\btwl2cap.sys [?]

S3 cfwids;McAfee Inc. cfwids;C:\Windows\system32\drivers\cfwids.sys --> C:\Windows\system32\drivers\cfwids.sys [?]

S3 fssfltr;fssfltr;C:\Windows\system32\DRIVERS\fssfltr.sys --> C:\Windows\system32\DRIVERS\fssfltr.sys [?]

S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-3-8 1492840]

S3 gupdatem;Tjänsten Google Update (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-1-13 133104]

S3 Impcd;Impcd;C:\Windows\system32\drivers\Impcd.sys --> C:\Windows\system32\drivers\Impcd.sys [?]

S3 IntcDAud;Intel® Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys [?]

S3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]

S3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\system32\drivers\mfeavfk.sys --> C:\Windows\system32\drivers\mfeavfk.sys [?]

S3 mferkdet;McAfee Inc. mferkdet;C:\Windows\system32\drivers\mferkdet.sys --> C:\Windows\system32\drivers\mferkdet.sys [?]

S3 Roxio UPnP Renderer 10;Roxio UPnP Renderer 10;C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [2009-8-31 313840]

S3 SOHCImp;VAIO Media plus Content Importer;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2010-1-13 120104]

S3 SOHDBSvr;VAIO Media plus Database Manager;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe [2010-1-13 70952]

S3 SOHDms;VAIO Media plus Digital Media Server;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2010-1-13 427304]

S3 SOHDs;VAIO Media plus Device Searcher;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2010-1-13 75048]

S3 SOHPlMgr;VAIO Media plus Playlist Manager;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe [2010-1-13 91432]

S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]

S3 VAIO Power Management;VAIO Power Management;C:\Program Files\Sony\VAIO Power Management\SPMService.exe [2010-1-13 571248]

S3 WatAdminSvc;Aktiveringsteknologier för Windows-tjänst;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]

S3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2010-1-13 361840]

S3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2010-2-19 115568]

S3 VCService;VCService;C:\Program Files\Sony\VAIO Care\VCService.exe [2011-12-15 44736]

S3 VUAgent;VUAgent;C:\Program Files\Sony\VAIO Update Common\VUAgent.exe [2012-1-13 1256040]

.

=============== Created Last 30 ================

.

2012-08-02 20:00:52 98816 ----a-w- C:\Windows\sed.exe

2012-08-02 20:00:52 518144 ----a-w- C:\Windows\SWREG.exe

2012-08-02 20:00:52 256000 ----a-w- C:\Windows\PEV.exe

2012-08-02 20:00:52 208896 ----a-w- C:\Windows\MBR.exe

2012-08-02 20:00:44 -------- d-s---w- C:\ComboFix

2012-08-02 18:06:31 -------- d-----w- C:\Users\Emma\AppData\Roaming\Malwarebytes

2012-08-02 18:06:21 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys

2012-08-02 18:06:21 -------- d-----w- C:\ProgramData\Malwarebytes

2012-08-02 18:06:21 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware

2012-08-02 15:26:44 454656 ----a-w- C:\Users\Emma\AppData\Local\eodpmun.exe

2012-08-01 22:50:34 -------- d-----w- C:\ProgramData\7531CC77000844B0C9AE2DF4F875F002

2012-07-12 20:05:44 -------- d-----w- C:\Users\Emma\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1

2012-07-12 20:02:52 -------- d-----w- C:\ProgramData\regid.1986-12.com.adobe

2012-07-12 20:00:48 -------- d-----w- C:\ProgramData\ALM

2012-07-12 18:50:37 -------- d-----w- C:\Users\Emma\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant

2012-07-12 18:50:32 -------- d-----w- C:\Program Files (x86)\Adobe Download Assistant

2012-07-12 00:02:14 3148800 ----a-w- C:\Windows\System32\win32k.sys

2012-07-11 23:58:00 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb

2012-07-11 23:58:00 2382848 ----a-w- C:\Windows\System32\mshtml.tlb

2012-07-11 17:18:22 2004480 ----a-w- C:\Windows\System32\msxml6.dll

2012-07-11 17:17:59 212992 ----a-w- C:\Program Files (x86)\Common Files\System\msadc\msadco.dll

2012-07-11 17:17:58 372736 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msadox.dll

2012-07-11 17:17:58 143360 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msjro.dll

2012-07-11 17:17:57 1133568 ----a-w- C:\Windows\System32\cdosys.dll

.

==================== Find3M ====================

.

2012-07-28 11:43:33 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2012-07-28 11:43:33 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe

2012-06-06 06:06:16 1881600 ----a-w- C:\Windows\System32\msxml3.dll

2012-06-06 05:05:52 1390080 ----a-w- C:\Windows\SysWow64\msxml6.dll

2012-06-06 05:05:52 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll

2012-06-06 05:03:06 805376 ----a-w- C:\Windows\SysWow64\cdosys.dll

2012-06-02 22:15:31 2622464 ----a-w- C:\Windows\System32\wucltux.dll

2012-06-02 22:15:08 99840 ----a-w- C:\Windows\System32\wudriver.dll

2012-06-02 13:19:42 186752 ----a-w- C:\Windows\System32\wuwebv.dll

2012-06-02 13:15:12 36864 ----a-w- C:\Windows\System32\wuapp.exe

2012-06-02 12:12:17 2311680 ----a-w- C:\Windows\System32\jscript9.dll

2012-06-02 12:05:28 1392128 ----a-w- C:\Windows\System32\wininet.dll

2012-06-02 12:04:50 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl

2012-06-02 12:01:40 173056 ----a-w- C:\Windows\System32\ieUnatt.exe

2012-06-02 08:33:25 1800192 ----a-w- C:\Windows\SysWow64\jscript9.dll

2012-06-02 08:25:08 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll

2012-06-02 08:25:03 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl

2012-06-02 08:20:33 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe

2012-06-02 05:50:10 458704 ----a-w- C:\Windows\System32\drivers\cng.sys

2012-06-02 05:48:16 95600 ----a-w- C:\Windows\System32\drivers\ksecdd.sys

2012-06-02 05:48:16 151920 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys

2012-06-02 05:45:31 340992 ----a-w- C:\Windows\System32\schannel.dll

2012-06-02 05:44:21 307200 ----a-w- C:\Windows\System32\ncrypt.dll

2012-06-02 04:40:42 22016 ----a-w- C:\Windows\SysWow64\secur32.dll

2012-06-02 04:40:39 225280 ----a-w- C:\Windows\SysWow64\schannel.dll

2012-06-02 04:39:10 219136 ----a-w- C:\Windows\SysWow64\ncrypt.dll

2012-06-02 04:34:09 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll

2012-05-25 15:13:54 162224 ----a-w- C:\Windows\System32\mfevtps.exe

.

============= FINISH: 9:51:52,28 ===============

Attach.zip

bengsi · Augusti 3, 2012

Detta var vad jag fick fram från DDS. Körde den i felsäkert läge, vet inte om det spelar någon roll.

MrO · Augusti 3, 2012

Hej!

1.Avinstallera Celebrity Toolbar,läs om den här:

http://www.systemloo...helper_dll.html

2.Spara TDSSKiller på Skrivbordet:

http://support.kaspe.../tdsskiller.zip

Högerklicka och välj Extrahera alla. Kom ihåg var du packar upp filen.

Stäng av dina vanliga program, men du kan lämna antivirusprogram och liknande igång.

Kör programmet TDSSKiller.exe som finns i mappen där du packade upp filerna.

Klicka på Start Scan.

Om några malicious hittas så välj Cure och klicka på Continue. Om inte Cure finns så välj Skip. Om några suspicious hittas så välj Skip och klicka på Continue. Välj INTE Quarantine eller Delete. Eventuellt behöver datorn startas om.

Klistra in innehållet i loggen som du hittar i C:\ med namnet TDSSKiller följt av version och tidpunkt.

3.Spara aswMBR på skrivbordet: http://public.avast....erek/aswMBR.exe

Starta om datorn och låt bli att starta några program.

Dubbel-klicka på aswMBR.exe för att köra programmet.

Klicka på Scan-knappen för att börja genomsökningen.

När den är klar så spara (Save) loggen på skrivbordet.

Klistra in loggen i ditt svar här.

4.Spara RougueKiller på Skrivbordet.

http://www.sur-la-to...om/RogueKiller/

Stäng av alla program.

Kör RogueKiller. Om det inte går att köra så pröva med att döpa om programmet till winlogon.

Vänta tills "Prescan" har avslutats.

Klicka på "Scan"-knappen uppe till höger.

Vänta tills skanningen är klar.

En rapport ska då ha skapats på Skrivbordet.

Om något har hittats så klicka på "Delete"-knappen.

En till rapport ska då ha skapats på Skrivbordet.

Klicka på "ShortcutsFix"-knappen.

En till rapport ska då ha skapats på Skrivbordet.

Klistra in innehållet i alla "RKreport.txt", som finns på Skrivbordet, i ditt svar!

Mvh MrO

Redigerad Augusti 3, 2012 av MrO

bengsi · Augusti 3, 2012

11:23:17.0739 3600 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32

11:23:18.0269 3600 ============================================================

11:23:18.0269 3600 Current date / time: 2012/08/03 11:23:18.0269

11:23:18.0269 3600 SystemInfo:

11:23:18.0269 3600

11:23:18.0269 3600 OS Version: 6.1.7601 ServicePack: 1.0

11:23:18.0269 3600 Product type: Workstation

11:23:18.0269 3600 ComputerName: EMMA-VAIO

11:23:18.0269 3600 UserName: Emma

11:23:18.0269 3600 Windows directory: C:\Windows

11:23:18.0269 3600 System windows directory: C:\Windows

11:23:18.0269 3600 Running under WOW64

11:23:18.0269 3600 Processor architecture: Intel x64

11:23:18.0269 3600 Number of processors: 4

11:23:18.0269 3600 Page size: 0x1000

11:23:18.0269 3600 Boot type: Safe boot with network

11:23:18.0269 3600 ============================================================

11:23:18.0722 3600 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

11:23:18.0722 3600 ============================================================

11:23:18.0722 3600 \Device\Harddisk0\DR0:

11:23:18.0722 3600 MBR partitions:

11:23:18.0722 3600 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1C6C800, BlocksNum 0x32000

11:23:18.0722 3600 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1C9E800, BlocksNum 0x386E7030

11:23:18.0722 3600 ============================================================

11:23:18.0737 3600 C: <-> \Device\Harddisk0\DR0\Partition1

11:23:18.0737 3600 ============================================================

11:23:18.0737 3600 Initialize success

11:23:18.0737 3600 ============================================================

11:23:32.0403 2528 ============================================================

11:23:32.0403 2528 Scan started

11:23:32.0403 2528 Mode: Manual;

11:23:32.0403 2528 ============================================================

11:23:33.0089 2528 0048881343150844mcinstcleanup - ok

11:23:33.0245 2528 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys

11:23:33.0448 2528 1394ohci - ok

11:23:33.0542 2528 ACDaemon (adc420616c501b45d26c0fd3ef1e54e4) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe

11:23:33.0542 2528 ACDaemon - ok

11:23:33.0604 2528 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys

11:23:33.0604 2528 ACPI - ok

11:23:33.0651 2528 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys

11:23:33.0651 2528 AcpiPmi - ok

11:23:33.0713 2528 Adobe LM Service (8b46d5a1d3ef08232c04d0eafb871fb2) C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe

11:23:33.0713 2528 Adobe LM Service - ok

11:23:33.0854 2528 AdobeFlashPlayerUpdateSvc (6c40d5ed8951ab7b90d08af655224ee4) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

11:23:33.0854 2528 AdobeFlashPlayerUpdateSvc - ok

11:23:33.0932 2528 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys

11:23:33.0963 2528 adp94xx - ok

11:23:34.0010 2528 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys

11:23:34.0025 2528 adpahci - ok

11:23:34.0057 2528 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys

11:23:34.0072 2528 adpu320 - ok

11:23:34.0103 2528 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll

11:23:34.0103 2528 AeLookupSvc - ok

11:23:34.0181 2528 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys

11:23:34.0181 2528 AFD - ok

11:23:34.0228 2528 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys

11:23:34.0228 2528 agp440 - ok

11:23:34.0259 2528 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe

11:23:34.0275 2528 ALG - ok

11:23:34.0306 2528 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys

11:23:34.0306 2528 aliide - ok

11:23:34.0369 2528 AMD External Events Utility (0773999e53bce395f2c76df004f1b814) C:\Windows\system32\atiesrxx.exe

11:23:34.0369 2528 AMD External Events Utility - ok

11:23:34.0400 2528 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys

11:23:34.0400 2528 amdide - ok

11:23:34.0447 2528 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys

11:23:34.0447 2528 AmdK8 - ok

11:23:34.0478 2528 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys

11:23:34.0478 2528 AmdPPM - ok

11:23:34.0525 2528 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys

11:23:34.0525 2528 amdsata - ok

11:23:34.0571 2528 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys

11:23:34.0587 2528 amdsbs - ok

11:23:34.0603 2528 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys

11:23:34.0603 2528 amdxata - ok

11:23:34.0649 2528 ApfiltrService (1661f9c9e4b0049fa0a5e30264375a87) C:\Windows\system32\drivers\Apfiltr.sys

11:23:34.0665 2528 ApfiltrService - ok

11:23:34.0712 2528 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys

11:23:34.0712 2528 AppID - ok

11:23:34.0727 2528 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll

11:23:34.0727 2528 AppIDSvc - ok

11:23:34.0774 2528 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll

11:23:34.0774 2528 Appinfo - ok

11:23:34.0837 2528 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys

11:23:34.0837 2528 arc - ok

11:23:34.0868 2528 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys

11:23:34.0868 2528 arcsas - ok

11:23:34.0899 2528 ArcSoftKsUFilter (c130bc4a51b1382b2be8e44579ec4c0a) C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys

11:23:34.0899 2528 ArcSoftKsUFilter - ok

11:23:34.0946 2528 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys

11:23:34.0946 2528 AsyncMac - ok

11:23:34.0993 2528 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys

11:23:34.0993 2528 atapi - ok

11:23:35.0133 2528 athr (0acc06fcf46f64ed4f11e57ee461c1f4) C:\Windows\system32\DRIVERS\athrx.sys

11:23:35.0164 2528 athr - ok

11:23:35.0710 2528 atikmdag (89a3d56ce4044f35b9d08dd37193bbfc) C:\Windows\system32\DRIVERS\atikmdag.sys

11:23:35.0819 2528 atikmdag - ok

11:23:36.0022 2528 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll

11:23:36.0038 2528 AudioEndpointBuilder - ok

11:23:36.0038 2528 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll

11:23:36.0038 2528 AudioSrv - ok

11:23:36.0100 2528 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll

11:23:36.0100 2528 AxInstSV - ok

11:23:36.0178 2528 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys

11:23:36.0194 2528 b06bdrv - ok

11:23:36.0256 2528 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys

11:23:36.0256 2528 b57nd60a - ok

11:23:36.0303 2528 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll

11:23:36.0303 2528 BDESVC - ok

11:23:36.0319 2528 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys

11:23:36.0319 2528 Beep - ok

11:23:36.0412 2528 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll

11:23:36.0459 2528 BFE - ok

11:23:36.0568 2528 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll

11:23:36.0615 2528 BITS - ok

11:23:36.0709 2528 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys

11:23:36.0709 2528 blbdrive - ok

11:23:36.0740 2528 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys

11:23:36.0740 2528 bowser - ok

11:23:36.0787 2528 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys

11:23:36.0787 2528 BrFiltLo - ok

11:23:36.0802 2528 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys

11:23:36.0802 2528 BrFiltUp - ok

11:23:36.0896 2528 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys

11:23:36.0896 2528 BridgeMP - ok

11:23:36.0927 2528 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll

11:23:36.0927 2528 Browser - ok

11:23:36.0974 2528 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys

11:23:36.0989 2528 Brserid - ok

11:23:37.0021 2528 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys

11:23:37.0021 2528 BrSerWdm - ok

11:23:37.0052 2528 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys

11:23:37.0052 2528 BrUsbMdm - ok

11:23:37.0067 2528 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys

11:23:37.0083 2528 BrUsbSer - ok

11:23:37.0145 2528 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys

11:23:37.0145 2528 BthEnum - ok

11:23:37.0208 2528 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys

11:23:37.0208 2528 BTHMODEM - ok

11:23:37.0239 2528 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys

11:23:37.0239 2528 BthPan - ok

11:23:37.0317 2528 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys

11:23:37.0333 2528 BTHPORT - ok

11:23:37.0379 2528 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll

11:23:37.0379 2528 bthserv - ok

11:23:37.0395 2528 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys

11:23:37.0395 2528 BTHUSB - ok

11:23:37.0442 2528 btusbflt (6e04458e98daf28826482e41a7a62df5) C:\Windows\system32\drivers\btusbflt.sys

11:23:37.0442 2528 btusbflt - ok

11:23:37.0489 2528 btwaudio (4bdbdb86abba924e029fb2683be7c505) C:\Windows\system32\drivers\btwaudio.sys

11:23:37.0489 2528 btwaudio - ok

11:23:37.0551 2528 btwavdt (5c849bd7c78791c5cee9f4651d7fe38d) C:\Windows\system32\drivers\btwavdt.sys

11:23:37.0551 2528 btwavdt - ok

11:23:37.0738 2528 btwdins (31da517946ffe416442e864592548f8a) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe

11:23:37.0754 2528 btwdins - ok

11:23:37.0785 2528 btwl2cap (6149301dc3f81d6f9667a3fbac410975) C:\Windows\system32\DRIVERS\btwl2cap.sys

11:23:37.0785 2528 btwl2cap - ok

11:23:37.0816 2528 btwrchid (3e1991afa851a36dc978b0a1b0535c8b) C:\Windows\system32\drivers\btwrchid.sys

11:23:37.0816 2528 btwrchid - ok

11:23:37.0847 2528 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys

11:23:37.0847 2528 cdfs - ok

11:23:37.0894 2528 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys

11:23:37.0894 2528 cdrom - ok

11:23:37.0941 2528 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll

11:23:37.0957 2528 CertPropSvc - ok

11:23:38.0019 2528 cfwids (274ce03459896006f7a5069266e0469e) C:\Windows\system32\drivers\cfwids.sys

11:23:38.0019 2528 cfwids - ok

11:23:38.0050 2528 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys

11:23:38.0050 2528 circlass - ok

11:23:38.0097 2528 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys

11:23:38.0113 2528 CLFS - ok

11:23:38.0175 2528 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

11:23:38.0175 2528 clr_optimization_v2.0.50727_32 - ok

11:23:38.0237 2528 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

11:23:38.0237 2528 clr_optimization_v2.0.50727_64 - ok

11:23:38.0331 2528 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

11:23:38.0331 2528 clr_optimization_v4.0.30319_32 - ok

11:23:38.0409 2528 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

11:23:38.0409 2528 clr_optimization_v4.0.30319_64 - ok

11:23:38.0440 2528 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys

11:23:38.0440 2528 CmBatt - ok

11:23:38.0471 2528 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys

11:23:38.0471 2528 cmdide - ok

11:23:38.0518 2528 CNG (9ac4f97c2d3e93367e2148ea940cd2cd) C:\Windows\system32\Drivers\cng.sys

11:23:38.0518 2528 CNG - ok

11:23:38.0581 2528 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys

11:23:38.0581 2528 Compbatt - ok

11:23:38.0612 2528 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys

11:23:38.0612 2528 CompositeBus - ok

11:23:38.0627 2528 COMSysApp - ok

11:23:38.0659 2528 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys

11:23:38.0659 2528 crcdisk - ok

11:23:38.0705 2528 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll

11:23:38.0705 2528 CryptSvc - ok

11:23:38.0768 2528 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll

11:23:38.0768 2528 DcomLaunch - ok

11:23:38.0815 2528 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll

11:23:38.0830 2528 defragsvc - ok

11:23:38.0861 2528 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys

11:23:38.0861 2528 DfsC - ok

11:23:38.0924 2528 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll

11:23:38.0924 2528 Dhcp - ok

11:23:38.0955 2528 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys

11:23:38.0955 2528 discache - ok

11:23:38.0986 2528 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys

11:23:38.0986 2528 Disk - ok

11:23:39.0017 2528 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll

11:23:39.0033 2528 Dnscache - ok

11:23:39.0080 2528 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll

11:23:39.0080 2528 dot3svc - ok

11:23:39.0111 2528 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll

11:23:39.0111 2528 DPS - ok

11:23:39.0158 2528 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys

11:23:39.0158 2528 drmkaud - ok

11:23:39.0251 2528 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys

11:23:39.0267 2528 DXGKrnl - ok

11:23:39.0298 2528 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll

11:23:39.0298 2528 EapHost - ok

11:23:39.0501 2528 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys

11:23:39.0579 2528 ebdrv - ok

11:23:39.0688 2528 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe

11:23:39.0688 2528 EFS - ok

11:23:39.0782 2528 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe

11:23:39.0797 2528 ehRecvr - ok

11:23:39.0829 2528 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe

11:23:39.0829 2528 ehSched - ok

11:23:39.0907 2528 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys

11:23:39.0922 2528 elxstor - ok

11:23:39.0953 2528 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys

11:23:39.0953 2528 ErrDev - ok

11:23:40.0031 2528 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll

11:23:40.0031 2528 EventSystem - ok

11:23:40.0094 2528 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys

11:23:40.0094 2528 exfat - ok

11:23:40.0125 2528 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys

11:23:40.0141 2528 fastfat - ok

11:23:40.0203 2528 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe

11:23:40.0219 2528 Fax - ok

11:23:40.0250 2528 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys

11:23:40.0250 2528 fdc - ok

11:23:40.0281 2528 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll

11:23:40.0281 2528 fdPHost - ok

11:23:40.0297 2528 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll

11:23:40.0297 2528 FDResPub - ok

11:23:40.0328 2528 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys

11:23:40.0328 2528 FileInfo - ok

11:23:40.0328 2528 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys

11:23:40.0328 2528 Filetrace - ok

11:23:40.0359 2528 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys

11:23:40.0359 2528 flpydisk - ok

11:23:40.0421 2528 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys

11:23:40.0437 2528 FltMgr - ok

11:23:40.0531 2528 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll

11:23:40.0546 2528 FontCache - ok

11:23:40.0655 2528 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

11:23:40.0655 2528 FontCache3.0.0.0 - ok

11:23:40.0702 2528 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys

11:23:40.0702 2528 FsDepends - ok

11:23:40.0733 2528 fssfltr (07da62c960ddccc2d35836aeab4fc578) C:\Windows\system32\DRIVERS\fssfltr.sys

11:23:40.0733 2528 fssfltr - ok

11:23:40.0936 2528 fsssvc (28ddeeec44e988657b732cf404d504cb) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe

11:23:40.0999 2528 fsssvc - ok

11:23:41.0123 2528 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys

11:23:41.0139 2528 Fs_Rec - ok

11:23:41.0186 2528 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys

11:23:41.0186 2528 fvevol - ok

11:23:41.0248 2528 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys

11:23:41.0248 2528 gagp30kx - ok

11:23:41.0326 2528 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll

11:23:41.0342 2528 gpsvc - ok

11:23:41.0420 2528 gupdate (626a24ed1228580b9518c01930936df9) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

11:23:41.0435 2528 gupdate - ok

11:23:41.0482 2528 gupdatem (626a24ed1228580b9518c01930936df9) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

11:23:41.0482 2528 gupdatem - ok

11:23:41.0498 2528 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

11:23:41.0498 2528 gusvc - ok

11:23:41.0529 2528 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys

11:23:41.0529 2528 hcw85cir - ok

11:23:41.0607 2528 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys

11:23:41.0623 2528 HdAudAddService - ok

11:23:41.0654 2528 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys

11:23:41.0654 2528 HDAudBus - ok

11:23:41.0701 2528 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\drivers\HECIx64.sys

11:23:41.0701 2528 HECIx64 - ok

11:23:41.0732 2528 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys

11:23:41.0732 2528 HidBatt - ok

11:23:41.0779 2528 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys

11:23:41.0779 2528 HidBth - ok

11:23:41.0794 2528 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys

11:23:41.0810 2528 HidIr - ok

11:23:41.0825 2528 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll

11:23:41.0825 2528 hidserv - ok

11:23:41.0872 2528 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys

11:23:41.0872 2528 HidUsb - ok

11:23:41.0919 2528 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll

11:23:41.0919 2528 hkmsvc - ok

11:23:41.0966 2528 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll

11:23:41.0981 2528 HomeGroupListener - ok

11:23:42.0028 2528 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll

11:23:42.0044 2528 HomeGroupProvider - ok

11:23:42.0091 2528 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys

11:23:42.0091 2528 HpSAMD - ok

11:23:42.0169 2528 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys

11:23:42.0169 2528 HTTP - ok

11:23:42.0200 2528 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys

11:23:42.0200 2528 hwpolicy - ok

11:23:42.0262 2528 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys

11:23:42.0262 2528 i8042prt - ok

11:23:42.0340 2528 iaStor (073a606333b6f7bbf20aa856df7f0997) C:\Windows\system32\drivers\iaStor.sys

11:23:42.0340 2528 iaStor - ok

11:23:42.0418 2528 IAStorDataMgrSvc (cc800d2d9fd467542bac7c186c4774ad) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

11:23:42.0418 2528 IAStorDataMgrSvc - ok

11:23:42.0496 2528 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys

11:23:42.0496 2528 iaStorV - ok

11:23:42.0637 2528 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

11:23:42.0668 2528 idsvc - ok

11:23:43.0089 2528 igfx (31d1aff484d8a0906cf8d44251ec390f) C:\Windows\system32\DRIVERS\igdkmd64.sys

11:23:43.0261 2528 igfx - ok

11:23:43.0401 2528 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys

11:23:43.0401 2528 iirsp - ok

11:23:43.0479 2528 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll

11:23:43.0510 2528 IKEEXT - ok

11:23:43.0604 2528 Impcd (36fdf367a1dabff903e2214023d71368) C:\Windows\system32\drivers\Impcd.sys

11:23:43.0604 2528 Impcd - ok

11:23:43.0791 2528 IntcAzAudAddService (0f144e5f46cb9043004b5e84aa4bca6a) C:\Windows\system32\drivers\RTKVHD64.sys

11:23:43.0822 2528 IntcAzAudAddService - ok

11:23:43.0978 2528 IntcDAud (408b401cd7cdb075c7470b0ff7ba8d0b) C:\Windows\system32\DRIVERS\IntcDAud.sys

11:23:43.0978 2528 IntcDAud - ok

11:23:44.0025 2528 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys

11:23:44.0025 2528 intelide - ok

11:23:44.0072 2528 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\drivers\intelppm.sys

11:23:44.0072 2528 intelppm - ok

11:23:44.0103 2528 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll

11:23:44.0103 2528 IPBusEnum - ok

11:23:44.0150 2528 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys

11:23:44.0150 2528 IpFilterDriver - ok

11:23:44.0212 2528 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll

11:23:44.0228 2528 iphlpsvc - ok

11:23:44.0275 2528 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys

11:23:44.0275 2528 IPMIDRV - ok

11:23:44.0321 2528 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys

11:23:44.0321 2528 IPNAT - ok

11:23:44.0337 2528 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys

11:23:44.0337 2528 IRENUM - ok

11:23:44.0368 2528 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys

11:23:44.0368 2528 isapnp - ok

11:23:44.0431 2528 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys

11:23:44.0431 2528 iScsiPrt - ok

11:23:44.0477 2528 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys

11:23:44.0477 2528 kbdclass - ok

11:23:44.0509 2528 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys

11:23:44.0509 2528 kbdhid - ok

11:23:44.0555 2528 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

11:23:44.0555 2528 KeyIso - ok

11:23:44.0587 2528 KSecDD (97a7070aea4c058b6418519e869a63b4) C:\Windows\system32\Drivers\ksecdd.sys

11:23:44.0587 2528 KSecDD - ok

11:23:44.0633 2528 KSecPkg (26c43a7c2862447ec59deda188d1da07) C:\Windows\system32\Drivers\ksecpkg.sys

11:23:44.0633 2528 KSecPkg - ok

11:23:44.0680 2528 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys

11:23:44.0680 2528 ksthunk - ok

11:23:44.0743 2528 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll

11:23:44.0758 2528 KtmRm - ok

11:23:44.0821 2528 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\System32\srvsvc.dll

11:23:44.0836 2528 LanmanServer - ok

11:23:44.0867 2528 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll

11:23:44.0867 2528 LanmanWorkstation - ok

11:23:44.0914 2528 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys

11:23:44.0914 2528 lltdio - ok

11:23:44.0977 2528 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll

11:23:44.0992 2528 lltdsvc - ok

11:23:45.0023 2528 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll

11:23:45.0023 2528 lmhosts - ok

11:23:45.0117 2528 LMS (5460828f8951d310b42b442877603b8d) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

11:23:45.0148 2528 LMS - ok

11:23:45.0195 2528 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys

11:23:45.0195 2528 LSI_FC - ok

11:23:45.0226 2528 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys

11:23:45.0226 2528 LSI_SAS - ok

11:23:45.0273 2528 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys

11:23:45.0273 2528 LSI_SAS2 - ok

11:23:45.0320 2528 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys

11:23:45.0320 2528 LSI_SCSI - ok

11:23:45.0367 2528 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys

11:23:45.0367 2528 luafv - ok

11:23:45.0445 2528 MBAMProtector (dc8490812a3b72811ae534f423b4c206) C:\Windows\system32\drivers\mbam.sys

11:23:45.0445 2528 MBAMProtector - ok

11:23:45.0523 2528 MBAMService (43683e970f008c93c9429ef428147a54) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

11:23:45.0554 2528 MBAMService - ok

11:23:45.0694 2528 McAfee SiteAdvisor Service (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

11:23:45.0694 2528 McAfee SiteAdvisor Service - ok

11:23:45.0710 2528 McMPFSvc (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

11:23:45.0710 2528 McMPFSvc - ok

11:23:45.0741 2528 mcmscsvc (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

11:23:45.0741 2528 mcmscsvc - ok

11:23:45.0741 2528 McNaiAnn (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

11:23:45.0741 2528 McNaiAnn - ok

11:23:45.0741 2528 McNASvc (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

11:23:45.0757 2528 McNASvc - ok

11:23:45.0835 2528 McODS (dd2321925274f2902929d76ce2b0eb45) C:\Program Files\McAfee\VirusScan\mcods.exe

11:23:45.0850 2528 McODS - ok

11:23:45.0866 2528 McProxy (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

11:23:45.0866 2528 McProxy - ok

11:23:45.0944 2528 McShield (597c77235621e7ddd32a68574fde6464) C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe

11:23:45.0944 2528 McShield - ok

11:23:46.0069 2528 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll

11:23:46.0069 2528 Mcx2Svc - ok

11:23:46.0100 2528 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys

11:23:46.0100 2528 megasas - ok

11:23:46.0162 2528 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys

11:23:46.0162 2528 MegaSR - ok

11:23:46.0225 2528 mfeapfk (01884cb7655c8908b43ff5e364fe6fd2) C:\Windows\system32\drivers\mfeapfk.sys

11:23:46.0225 2528 mfeapfk - ok

11:23:46.0287 2528 mfeavfk (dab9a9cdfb04e4d68924492aa043019d) C:\Windows\system32\drivers\mfeavfk.sys

11:23:46.0287 2528 mfeavfk - ok

11:23:46.0318 2528 mfefire (134bb16f93a07c2c89b0b9c399382bdb) C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe

11:23:46.0334 2528 mfefire - ok

11:23:46.0381 2528 mfefirek (ce9a3680675c0907ade16404ca967b49) C:\Windows\system32\drivers\mfefirek.sys

11:23:46.0396 2528 mfefirek - ok

11:23:46.0474 2528 mfehidk (60cf67458dd29cd17e77f2327b1a9a54) C:\Windows\system32\drivers\mfehidk.sys

11:23:46.0474 2528 mfehidk - ok

11:23:46.0521 2528 mfenlfk (a8129cfb919347f8533c934b365e9202) C:\Windows\system32\DRIVERS\mfenlfk.sys

11:23:46.0521 2528 mfenlfk - ok

11:23:46.0568 2528 mferkdet (5041fa2bd2b3a2693b015771bfbf6dca) C:\Windows\system32\drivers\mferkdet.sys

11:23:46.0583 2528 mferkdet - ok

11:23:46.0630 2528 mfevtp (4d0ecd05abb518ea323f651f4ab8458f) C:\Windows\system32\mfevtps.exe

11:23:46.0630 2528 mfevtp - ok

11:23:46.0724 2528 mfewfpk (919c56db14a0e1e2ab6da5d2821dc26e) C:\Windows\system32\drivers\mfewfpk.sys

11:23:46.0724 2528 mfewfpk - ok

11:23:46.0771 2528 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll

11:23:46.0771 2528 MMCSS - ok

11:23:46.0817 2528 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys

11:23:46.0817 2528 Modem - ok

11:23:46.0833 2528 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys

11:23:46.0833 2528 monitor - ok

11:23:46.0864 2528 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys

11:23:46.0880 2528 mouclass - ok

11:23:46.0911 2528 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys

11:23:46.0911 2528 mouhid - ok

11:23:46.0958 2528 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys

11:23:46.0958 2528 mountmgr - ok

11:23:46.0989 2528 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys

11:23:46.0989 2528 mpio - ok

11:23:47.0020 2528 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys

11:23:47.0020 2528 mpsdrv - ok

11:23:47.0098 2528 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll

11:23:47.0114 2528 MpsSvc - ok

11:23:47.0145 2528 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys

11:23:47.0145 2528 MRxDAV - ok

11:23:47.0192 2528 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys

11:23:47.0192 2528 mrxsmb - ok

11:23:47.0239 2528 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys

11:23:47.0239 2528 mrxsmb10 - ok

11:23:47.0270 2528 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys

11:23:47.0270 2528 mrxsmb20 - ok

11:23:47.0301 2528 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys

11:23:47.0317 2528 msahci - ok

11:23:47.0332 2528 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys

11:23:47.0332 2528 msdsm - ok

11:23:47.0379 2528 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe

11:23:47.0379 2528 MSDTC - ok

11:23:47.0426 2528 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys

11:23:47.0426 2528 Msfs - ok

11:23:47.0441 2528 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys

11:23:47.0441 2528 mshidkmdf - ok

11:23:47.0473 2528 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys

11:23:47.0473 2528 msisadrv - ok

11:23:47.0535 2528 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll

11:23:47.0535 2528 MSiSCSI - ok

11:23:47.0551 2528 msiserver - ok

11:23:47.0660 2528 MSK80Service (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

11:23:47.0660 2528 MSK80Service - ok

11:23:47.0707 2528 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys

11:23:47.0707 2528 MSKSSRV - ok

11:23:47.0738 2528 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys

11:23:47.0738 2528 MSPCLOCK - ok

11:23:47.0753 2528 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys

11:23:47.0753 2528 MSPQM - ok

11:23:47.0800 2528 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys

11:23:47.0816 2528 MsRPC - ok

11:23:47.0831 2528 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys

11:23:47.0831 2528 mssmbios - ok

11:23:47.0847 2528 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys

11:23:47.0847 2528 MSTEE - ok

11:23:47.0878 2528 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys

11:23:47.0878 2528 MTConfig - ok

11:23:47.0909 2528 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys

11:23:47.0909 2528 Mup - ok

11:23:47.0972 2528 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll

11:23:47.0972 2528 napagent - ok

11:23:48.0019 2528 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys

11:23:48.0034 2528 NativeWifiP - ok

11:23:48.0128 2528 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys

11:23:48.0143 2528 NDIS - ok

11:23:48.0175 2528 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys

11:23:48.0175 2528 NdisCap - ok

11:23:48.0221 2528 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys

11:23:48.0221 2528 NdisTapi - ok

11:23:48.0284 2528 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys

11:23:48.0284 2528 Ndisuio - ok

11:23:48.0331 2528 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys

11:23:48.0331 2528 NdisWan - ok

11:23:48.0362 2528 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys

11:23:48.0362 2528 NDProxy - ok

11:23:48.0393 2528 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys

11:23:48.0393 2528 NetBIOS - ok

11:23:48.0440 2528 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys

11:23:48.0455 2528 NetBT - ok

11:23:48.0471 2528 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

11:23:48.0471 2528 Netlogon - ok

11:23:48.0549 2528 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll

11:23:48.0565 2528 Netman - ok

11:23:48.0596 2528 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll

11:23:48.0596 2528 netprofm - ok

11:23:48.0689 2528 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe

11:23:48.0705 2528 NetTcpPortSharing - ok

11:23:48.0736 2528 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys

11:23:48.0736 2528 nfrd960 - ok

11:23:48.0783 2528 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll

11:23:48.0814 2528 NlaSvc - ok

11:23:48.0845 2528 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys

11:23:48.0845 2528 Npfs - ok

11:23:48.0877 2528 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll

11:23:48.0877 2528 nsi - ok

11:23:48.0892 2528 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys

11:23:48.0892 2528 nsiproxy - ok

11:23:49.0064 2528 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys

11:23:49.0095 2528 Ntfs - ok

11:23:49.0220 2528 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys

11:23:49.0220 2528 Null - ok

11:23:49.0282 2528 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys

11:23:49.0282 2528 nvraid - ok

11:23:49.0313 2528 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys

11:23:49.0313 2528 nvstor - ok

11:23:49.0345 2528 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys

11:23:49.0345 2528 nv_agp - ok

11:23:49.0469 2528 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE

11:23:49.0469 2528 odserv - ok

11:23:49.0516 2528 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys

11:23:49.0516 2528 ohci1394 - ok

11:23:49.0563 2528 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

11:23:49.0579 2528 ose - ok

11:23:49.0610 2528 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll

11:23:49.0610 2528 p2pimsvc - ok

11:23:49.0657 2528 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll

11:23:49.0657 2528 p2psvc - ok

11:23:49.0703 2528 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys

11:23:49.0703 2528 Parport - ok

11:23:49.0750 2528 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys

11:23:49.0766 2528 partmgr - ok

11:23:49.0781 2528 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll

11:23:49.0797 2528 PcaSvc - ok

11:23:49.0828 2528 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys

11:23:49.0828 2528 pci - ok

11:23:49.0859 2528 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys

11:23:49.0859 2528 pciide - ok

11:23:49.0906 2528 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys

11:23:49.0922 2528 pcmcia - ok

11:23:49.0937 2528 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys

11:23:49.0953 2528 pcw - ok

11:23:50.0000 2528 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys

11:23:50.0015 2528 PEAUTH - ok

11:23:50.0093 2528 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe

11:23:50.0109 2528 PerfHost - ok

11:23:50.0218 2528 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll

11:23:50.0249 2528 pla - ok

11:23:50.0327 2528 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll

11:23:50.0327 2528 PlugPlay - ok

11:23:50.0515 2528 PMBDeviceInfoProvider (627fa58adc043704f9d14ca44340956f) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe

11:23:50.0577 2528 PMBDeviceInfoProvider - ok

11:23:50.0608 2528 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll

11:23:50.0608 2528 PNRPAutoReg - ok

11:23:50.0655 2528 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll

11:23:50.0655 2528 PNRPsvc - ok

11:23:50.0717 2528 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll

11:23:50.0733 2528 PolicyAgent - ok

11:23:50.0764 2528 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll

11:23:50.0764 2528 Power - ok

11:23:50.0842 2528 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys

11:23:50.0842 2528 PptpMiniport - ok

11:23:50.0873 2528 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys

11:23:50.0873 2528 Processor - ok

11:23:50.0936 2528 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll

11:23:50.0951 2528 ProfSvc - ok

11:23:50.0983 2528 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

11:23:50.0998 2528 ProtectedStorage - ok

11:23:51.0045 2528 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys

11:23:51.0045 2528 Psched - ok

11:23:51.0076 2528 PxHlpa64 (aed797cca02783296c68aa10d0cff8a9) C:\Windows\system32\Drivers\PxHlpa64.sys

11:23:51.0076 2528 PxHlpa64 - ok

11:23:51.0217 2528 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys

11:23:51.0232 2528 ql2300 - ok

11:23:51.0373 2528 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys

11:23:51.0388 2528 ql40xx - ok

11:23:51.0419 2528 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll

11:23:51.0435 2528 QWAVE - ok

11:23:51.0451 2528 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys

11:23:51.0451 2528 QWAVEdrv - ok

11:23:51.0466 2528 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys

11:23:51.0482 2528 RasAcd - ok

11:23:51.0529 2528 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys

11:23:51.0529 2528 RasAgileVpn - ok

11:23:51.0560 2528 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll

11:23:51.0560 2528 RasAuto - ok

11:23:51.0607 2528 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys

11:23:51.0607 2528 Rasl2tp - ok

11:23:51.0638 2528 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll

11:23:51.0653 2528 RasMan - ok

11:23:51.0685 2528 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys

11:23:51.0685 2528 RasPppoe - ok

11:23:51.0716 2528 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys

11:23:51.0716 2528 RasSstp - ok

11:23:51.0778 2528 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys

11:23:51.0794 2528 rdbss - ok

11:23:51.0809 2528 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys

11:23:51.0809 2528 rdpbus - ok

11:23:51.0841 2528 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys

11:23:51.0841 2528 RDPCDD - ok

11:23:51.0872 2528 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys

11:23:51.0872 2528 RDPENCDD - ok

11:23:51.0872 2528 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys

11:23:51.0872 2528 RDPREFMP - ok

11:23:51.0903 2528 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys

11:23:51.0919 2528 RDPWD - ok

11:23:51.0965 2528 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys

11:23:51.0981 2528 rdyboost - ok

11:23:52.0012 2528 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll

11:23:52.0012 2528 RemoteAccess - ok

11:23:52.0059 2528 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll

11:23:52.0059 2528 RemoteRegistry - ok

11:23:52.0121 2528 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys

11:23:52.0121 2528 RFCOMM - ok

11:23:52.0184 2528 rimspci (5ca4abd888b602551b59baa26941c167) C:\Windows\system32\drivers\rimssne64.sys

11:23:52.0184 2528 rimspci - ok

11:23:52.0215 2528 risdsnpe (bb6e138aeb351728959da5e2731d8140) C:\Windows\system32\drivers\risdsne64.sys

11:23:52.0215 2528 risdsnpe - ok

11:23:52.0340 2528 Roxio UPnP Renderer 10 (d151224bc11078895a60fa970728ff59) C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe

11:23:52.0355 2528 Roxio UPnP Renderer 10 - ok

11:23:52.0387 2528 Roxio Upnp Server 10 (5022a927944878bd750960bd21e751af) C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe

11:23:52.0402 2528 Roxio Upnp Server 10 - ok

11:23:52.0433 2528 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll

11:23:52.0449 2528 RpcEptMapper - ok

11:23:52.0496 2528 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe

11:23:52.0496 2528 RpcLocator - ok

11:23:52.0543 2528 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll

11:23:52.0558 2528 RpcSs - ok

11:23:52.0636 2528 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys

11:23:52.0636 2528 rspndr - ok

11:23:52.0699 2528 RTHDMIAzAudService (4e821c740a675f6d040be41d59a62b1d) C:\Windows\system32\drivers\RtHDMIVX.sys

11:23:52.0714 2528 RTHDMIAzAudService - ok

11:23:52.0808 2528 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

11:23:52.0808 2528 SamSs - ok

11:23:52.0839 2528 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys

11:23:52.0839 2528 sbp2port - ok

11:23:52.0886 2528 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll

11:23:52.0901 2528 SCardSvr - ok

11:23:52.0933 2528 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys

11:23:52.0933 2528 scfilter - ok

11:23:53.0026 2528 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll

11:23:53.0042 2528 Schedule - ok

11:23:53.0073 2528 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll

11:23:53.0089 2528 SCPolicySvc - ok

11:23:53.0135 2528 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\drivers\sdbus.sys

11:23:53.0151 2528 sdbus - ok

11:23:53.0198 2528 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll

11:23:53.0198 2528 SDRSVC - ok

11:23:53.0229 2528 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys

11:23:53.0229 2528 secdrv - ok

11:23:53.0260 2528 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll

11:23:53.0260 2528 seclogon - ok

11:23:53.0291 2528 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll

11:23:53.0307 2528 SENS - ok

11:23:53.0338 2528 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll

11:23:53.0338 2528 SensrSvc - ok

11:23:53.0385 2528 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys

11:23:53.0385 2528 Serenum - ok

11:23:53.0401 2528 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys

11:23:53.0401 2528 Serial - ok

11:23:53.0432 2528 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys

11:23:53.0432 2528 sermouse - ok

11:23:53.0479 2528 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll

11:23:53.0479 2528 SessionEnv - ok

11:23:53.0510 2528 SFEP (70f9c476b62de4f2823e918a6c181ade) C:\Windows\system32\drivers\SFEP.sys

11:23:53.0510 2528 SFEP - ok

11:23:53.0541 2528 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys

11:23:53.0541 2528 sffdisk - ok

11:23:53.0572 2528 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys

11:23:53.0572 2528 sffp_mmc - ok

11:23:53.0588 2528 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys

11:23:53.0588 2528 sffp_sd - ok

11:23:53.0635 2528 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys

11:23:53.0635 2528 sfloppy - ok

11:23:53.0697 2528 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll

11:23:53.0713 2528 SharedAccess - ok

11:23:53.0775 2528 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll

11:23:53.0791 2528 ShellHWDetection - ok

11:23:53.0822 2528 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys

11:23:53.0822 2528 SiSRaid2 - ok

11:23:53.0853 2528 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys

11:23:53.0853 2528 SiSRaid4 - ok

11:23:53.0900 2528 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys

11:23:53.0900 2528 Smb - ok

11:23:53.0962 2528 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe

11:23:53.0962 2528 SNMPTRAP - ok

11:23:54.0056 2528 SOHCImp (98886c88a1cb13d61672ae2c638b7e1c) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe

11:23:54.0071 2528 SOHCImp - ok

11:23:54.0087 2528 SOHDBSvr (442a13f395546f4564c377296d43b564) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe

11:23:54.0087 2528 SOHDBSvr - ok

11:23:54.0134 2528 SOHDms (556681be668d71dc162391a45422b52c) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe

11:23:54.0149 2528 SOHDms - ok

11:23:54.0181 2528 SOHDs (72b46103e4111439109acf5882627c24) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe

11:23:54.0181 2528 SOHDs - ok

11:23:54.0196 2528 SOHPlMgr (725b6e9cd1959271ac993dc035e1606d) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe

11:23:54.0212 2528 SOHPlMgr - ok

11:23:54.0243 2528 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys

11:23:54.0243 2528 spldr - ok

11:23:54.0321 2528 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe

11:23:54.0337 2528 Spooler - ok

11:23:54.0602 2528 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe

11:23:54.0680 2528 sppsvc - ok

11:23:54.0789 2528 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll

11:23:54.0805 2528 sppuinotify - ok

11:23:54.0867 2528 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys

11:23:54.0914 2528 srv - ok

11:23:54.0992 2528 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys

11:23:55.0039 2528 srv2 - ok

11:23:55.0054 2528 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys

11:23:55.0070 2528 srvnet - ok

11:23:55.0117 2528 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll

11:23:55.0132 2528 SSDPSRV - ok

11:23:55.0148 2528 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll

11:23:55.0148 2528 SstpSvc - ok

11:23:55.0179 2528 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys

11:23:55.0179 2528 stexstor - ok

11:23:55.0241 2528 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll

11:23:55.0257 2528 stisvc - ok

11:23:55.0288 2528 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys

11:23:55.0288 2528 swenum - ok

11:23:55.0522 2528 SwitchBoard (f577910a133a592234ebaad3f3afa258) C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

11:23:55.0522 2528 SwitchBoard - ok

11:23:55.0600 2528 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll

11:23:55.0616 2528 swprv - ok

11:23:55.0756 2528 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll

11:23:55.0787 2528 SysMain - ok

11:23:55.0897 2528 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll

11:23:55.0897 2528 TabletInputService - ok

11:23:56.0053 2528 TabletService (fda7fb3830cc7cf5c809f976a57cef6d) C:\Windows\system32\Tablet.exe

11:23:56.0084 2528 TabletService - ok

11:23:56.0209 2528 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll

11:23:56.0224 2528 TapiSrv - ok

11:23:56.0255 2528 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll

11:23:56.0255 2528 TBS - ok

11:23:56.0443 2528 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys

11:23:56.0474 2528 Tcpip - ok

11:23:56.0755 2528 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys

11:23:56.0755 2528 TCPIP6 - ok

11:23:56.0957 2528 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys

11:23:56.0957 2528 tcpipreg - ok

11:23:56.0989 2528 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys

11:23:56.0989 2528 TDPIPE - ok

11:23:57.0020 2528 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys

11:23:57.0020 2528 TDTCP - ok

11:23:57.0067 2528 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys

11:23:57.0067 2528 tdx - ok

11:23:57.0098 2528 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys

11:23:57.0098 2528 TermDD - ok

11:23:57.0160 2528 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll

11:23:57.0176 2528 TermService - ok

11:23:57.0191 2528 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll

11:23:57.0191 2528 Themes - ok

11:23:57.0223 2528 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll

11:23:57.0223 2528 THREADORDER - ok

11:23:57.0254 2528 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll

11:23:57.0254 2528 TrkWks - ok

11:23:57.0301 2528 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe

11:23:57.0316 2528 TrustedInstaller - ok

11:23:57.0347 2528 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys

11:23:57.0347 2528 tssecsrv - ok

11:23:57.0394 2528 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys

11:23:57.0394 2528 TsUsbFlt - ok

11:23:57.0441 2528 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys

11:23:57.0441 2528 tunnel - ok

11:23:57.0488 2528 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys

11:23:57.0488 2528 uagp35 - ok

11:23:57.0550 2528 uCamMonitor (63f6d08c54d5b3c1b12a6172032055c7) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe

11:23:57.0550 2528 uCamMonitor - ok

11:23:57.0613 2528 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys

11:23:57.0628 2528 udfs - ok

11:23:57.0675 2528 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe

11:23:57.0675 2528 UI0Detect - ok

11:23:57.0706 2528 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys

11:23:57.0706 2528 uliagpkx - ok

11:23:57.0753 2528 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys

11:23:57.0753 2528 umbus - ok

11:23:57.0784 2528 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys

11:23:57.0784 2528 UmPass - ok

11:23:57.0987 2528 UNS (9e89c2d6945389270de067ce51ff7425) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

11:23:58.0018 2528 UNS - ok

11:23:58.0159 2528 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll

11:23:58.0174 2528 upnphost - ok

11:23:58.0237 2528 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys

11:23:58.0237 2528 usbccgp - ok

11:23:58.0268 2528 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys

11:23:58.0283 2528 usbcir - ok

11:23:58.0283 2528 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys

11:23:58.0299 2528 usbehci - ok

11:23:58.0330 2528 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys

11:23:58.0346 2528 usbhub - ok

11:23:58.0377 2528 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys

11:23:58.0393 2528 usbohci - ok

11:23:58.0439 2528 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys

11:23:58.0439 2528 usbprint - ok

11:23:58.0471 2528 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys

11:23:58.0471 2528 usbscan - ok

11:23:58.0517 2528 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS

11:23:58.0517 2528 USBSTOR - ok

11:23:58.0564 2528 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys

11:23:58.0564 2528 usbuhci - ok

11:23:58.0611 2528 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys

11:23:58.0627 2528 usbvideo - ok

11:23:58.0642 2528 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll

11:23:58.0642 2528 UxSms - ok

11:23:58.0751 2528 VAIO Entertainment TV Device Arbitration Service (4e7135d6d0127067e4cfee12259f895d) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe

11:23:58.0751 2528 VAIO Entertainment TV Device Arbitration Service - ok

11:23:58.0861 2528 VAIO Event Service (6b31c9cb94927dbeeb62e15275f4cc54) C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe

11:23:58.0876 2528 VAIO Event Service - ok

11:23:59.0032 2528 VAIO Power Management (b8c9a7010afd5cbbe194cb9ef7c4fd14) C:\Program Files\Sony\VAIO Power Management\SPMService.exe

11:23:59.0048 2528 VAIO Power Management - ok

11:23:59.0095 2528 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

11:23:59.0095 2528 VaultSvc - ok

11:23:59.0204 2528 VCFw (6a740f5ff3246c3be3dd317299efc88e) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe

11:23:59.0219 2528 VCFw - ok

11:23:59.0313 2528 VcmIAlzMgr (10e212bfb7eab152a64c1aaec2f7f4e0) C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe

11:23:59.0329 2528 VcmIAlzMgr - ok

11:23:59.0391 2528 VcmINSMgr (9d9b34b430b4dc683112f59c80d20ab8) C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe

11:23:59.0407 2528 VcmINSMgr - ok

11:23:59.0500 2528 VcmXmlIfHelper (8efaaccc7bfa1e9031efdfb01a1b0d69) C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe

11:23:59.0500 2528 VcmXmlIfHelper - ok

11:23:59.0578 2528 VCService (d347d3abe070aa09c22fc37121555d52) C:\Program Files\Sony\VAIO Care\VCService.exe

11:23:59.0578 2528 VCService - ok

11:23:59.0703 2528 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys

11:23:59.0703 2528 vdrvroot - ok

11:23:59.0765 2528 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe

11:23:59.0781 2528 vds - ok

11:23:59.0828 2528 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys

11:23:59.0828 2528 vga - ok

11:23:59.0843 2528 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys

11:23:59.0843 2528 VgaSave - ok

11:23:59.0906 2528 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys

11:23:59.0906 2528 vhdmp - ok

11:23:59.0937 2528 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys

11:23:59.0937 2528 viaide - ok

11:23:59.0984 2528 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys

11:23:59.0984 2528 volmgr - ok

11:24:00.0031 2528 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys

11:24:00.0031 2528 volmgrx - ok

11:24:00.0093 2528 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys

11:24:00.0109 2528 volsnap - ok

11:24:00.0155 2528 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys

11:24:00.0155 2528 vsmraid - ok

11:24:00.0358 2528 VSNService (33655f6b36aa8702960ab1568ed82a01) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe

11:24:00.0374 2528 VSNService - ok

11:24:00.0514 2528 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe

11:24:00.0577 2528 VSS - ok

11:24:00.0811 2528 VUAgent (fb4a1695d2d74f9c92ca5e84795cdbe1) C:\Program Files\Sony\VAIO Update Common\VUAgent.exe

11:24:00.0826 2528 VUAgent - ok

11:24:00.0951 2528 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys

11:24:00.0951 2528 vwifibus - ok

11:24:00.0998 2528 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys

11:24:00.0998 2528 vwififlt - ok

11:24:01.0091 2528 VzCdbSvc (d8bef4ac1eac809dbdbd441d6cff6c4c) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe

11:24:01.0091 2528 VzCdbSvc - ok

11:24:01.0138 2528 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll

11:24:01.0154 2528 W32Time - ok

11:24:01.0201 2528 wacommousefilter (b91a4688b5ac49328f1159a97e914d58) C:\Windows\system32\DRIVERS\wacommousefilter.sys

11:24:01.0201 2528 wacommousefilter - ok

11:24:01.0247 2528 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys

11:24:01.0247 2528 WacomPen - ok

11:24:01.0279 2528 wacomvhid (79ff5ff4a64c8e9f6e0929aa53d9920b) C:\Windows\system32\DRIVERS\wacomvhid.sys

11:24:01.0279 2528 wacomvhid - ok

11:24:01.0325 2528 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys

11:24:01.0325 2528 WANARP - ok

11:24:01.0341 2528 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys

11:24:01.0341 2528 Wanarpv6 - ok

11:24:01.0466 2528 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe

11:24:01.0481 2528 WatAdminSvc - ok

11:24:01.0606 2528 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe

11:24:01.0637 2528 wbengine - ok

11:24:01.0778 2528 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll

11:24:01.0793 2528 WbioSrvc - ok

11:24:01.0840 2528 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll

11:24:01.0856 2528 wcncsvc - ok

11:24:01.0871 2528 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll

11:24:01.0871 2528 WcsPlugInService - ok

11:24:01.0918 2528 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys

11:24:01.0918 2528 Wd - ok

11:24:01.0981 2528 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys

11:24:01.0996 2528 Wdf01000 - ok

11:24:02.0012 2528 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll

11:24:02.0027 2528 WdiServiceHost - ok

11:24:02.0027 2528 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll

11:24:02.0027 2528 WdiSystemHost - ok

11:24:02.0074 2528 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll

11:24:02.0074 2528 WebClient - ok

11:24:02.0105 2528 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll

11:24:02.0121 2528 Wecsvc - ok

11:24:02.0137 2528 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll

11:24:02.0137 2528 wercplsupport - ok

11:24:02.0168 2528 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll

11:24:02.0168 2528 WerSvc - ok

11:24:02.0230 2528 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys

11:24:02.0230 2528 WfpLwf - ok

11:24:02.0246 2528 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys

11:24:02.0246 2528 WIMMount - ok

11:24:02.0308 2528 WinDefend - ok

11:24:02.0308 2528 WinHttpAutoProxySvc - ok

11:24:02.0355 2528 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll

11:24:02.0371 2528 Winmgmt - ok

11:24:02.0542 2528 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll

11:24:02.0605 2528 WinRM - ok

11:24:02.0745 2528 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys

11:24:02.0745 2528 WinUsb - ok

11:24:02.0823 2528 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll

11:24:02.0839 2528 Wlansvc - ok

11:24:03.0073 2528 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

11:24:03.0104 2528 wlidsvc - ok

11:24:03.0244 2528 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys

11:24:03.0244 2528 WmiAcpi - ok

11:24:03.0322 2528 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe

11:24:03.0322 2528 wmiApSrv - ok

11:24:03.0400 2528 WMPNetworkSvc - ok

11:24:03.0431 2528 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll

11:24:03.0431 2528 WPCSvc - ok

11:24:03.0478 2528 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll

11:24:03.0478 2528 WPDBusEnum - ok

11:24:03.0509 2528 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys

11:24:03.0509 2528 ws2ifsl - ok

11:24:03.0525 2528 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\system32\wscsvc.dll

11:24:03.0525 2528 wscsvc - ok

11:24:03.0541 2528 WSearch - ok

11:24:03.0728 2528 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll

11:24:03.0743 2528 wuauserv - ok

11:24:03.0899 2528 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys

11:24:03.0899 2528 WudfPf - ok

11:24:03.0931 2528 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys

11:24:03.0931 2528 WUDFRd - ok

11:24:03.0977 2528 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll

11:24:03.0977 2528 wudfsvc - ok

11:24:04.0009 2528 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll

11:24:04.0024 2528 WwanSvc - ok

11:24:04.0102 2528 yukonw7 (64f88af327aa74e03658ae32b48ccb8b) C:\Windows\system32\DRIVERS\yk62x64.sys

11:24:04.0102 2528 yukonw7 - ok

11:24:04.0133 2528 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0

11:24:04.0367 2528 \Device\Harddisk0\DR0 - ok

11:24:04.0383 2528 Boot (0x1200) (583885de7a3d8b8bc47410dd489b64fa) \Device\Harddisk0\DR0\Partition0

11:24:04.0383 2528 \Device\Harddisk0\DR0\Partition0 - ok

11:24:04.0383 2528 Boot (0x1200) (613de3d6af3ec8dd7d3da0e98d4ca9e0) \Device\Harddisk0\DR0\Partition1

11:24:04.0383 2528 \Device\Harddisk0\DR0\Partition1 - ok

11:24:04.0383 2528 ============================================================

11:24:04.0383 2528 Scan finished

11:24:04.0383 2528 ============================================================

11:24:04.0399 2752 Detected object count: 0

11:24:04.0399 2752 Actual detected object count: 0

11:24:41.0199 3092 Deinitialize success

Security Shield!

Recommended Posts

Länk till kommentar

Dela på andra webbplatser

Toppostare i den här tråden

Populära dagar

Toppostare i den här tråden

Populära dagar

Bilder i tråden

Länk till kommentar

Dela på andra webbplatser

Länk till kommentar

Dela på andra webbplatser

Länk till kommentar

Dela på andra webbplatser

Länk till kommentar

Dela på andra webbplatser

Länk till kommentar

Dela på andra webbplatser

Länk till kommentar

Dela på andra webbplatser

Länk till kommentar

Dela på andra webbplatser

Länk till kommentar

Dela på andra webbplatser

Länk till kommentar

Dela på andra webbplatser

Länk till kommentar

Dela på andra webbplatser

Länk till kommentar

Dela på andra webbplatser

Länk till kommentar

Dela på andra webbplatser

Länk till kommentar

Dela på andra webbplatser

Länk till kommentar

Dela på andra webbplatser

Länk till kommentar

Dela på andra webbplatser

Länk till kommentar

Dela på andra webbplatser

Länk till kommentar

Dela på andra webbplatser

Länk till kommentar

Dela på andra webbplatser

Länk till kommentar

Dela på andra webbplatser

Länk till kommentar

Dela på andra webbplatser

Länk till kommentar

Dela på andra webbplatser

Länk till kommentar

Dela på andra webbplatser

Länk till kommentar

Dela på andra webbplatser

Länk till kommentar

Dela på andra webbplatser

Delta i dialogen