Musten Postad Juni 7, 2012 Dela Postad Juni 7, 2012 Tjena Datorn blev precis smittad av Security Shield... Jag undvek att trycka på nåt och försökte stänga processen vilket inte gick. Jag startade om datorn utan internet och dödade processen och gör just nu en scan med Microsoft Sec.Ess. men jag tvivlar på att det kommer räcka. JAg har googlat mig fram till att lösningen finns på denna länken, http://www.bleepingcomputer.com/virus-removal/remove-my-security-shield men den ligger tyvärr nere just nu. Så kan någon hjälpa mig bli av med skiten? Tack! Citera Länk till kommentar Dela på andra webbplatser Fler delningsalternativ...
Cecilia Postad Juni 7, 2012 Dela Postad Juni 7, 2012 Jag får fram informationen på Bleepingcomputers sida genom att använda Googles cache: https://webcache.googleusercontent.com/search?q=cache:L8sw9rvp3XAJ:http://www.bleepingcomputer.com/virus-removal/remove-security-shield%2BSecurity+Shield+bleepingcomputer&hl=sv&ct=clnk Det är dock inte säkert att informationen där stämmer längre eftersom infektionen troligen har ändrat sig sedan i mars. Om du vill ha en mer personlig vägledning så följ anvisningarna i tråden Till dig med virus eller andra skadliga program i datorn så gott det går. Citera Länk till kommentar Dela på andra webbplatser Fler delningsalternativ...
jarru Postad Juni 7, 2012 Dela Postad Juni 7, 2012 Funkar denna länk ? http://www.2-viruses.com/remove-security-shield Citera Länk till kommentar Dela på andra webbplatser Fler delningsalternativ...
Musten Postad Juni 7, 2012 Författare Dela Postad Juni 7, 2012 Hej Cecilia! Tack för ett snabbt svar. Jag körde precis DDS och fick fram detta: . DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_30 Run by Sevket at 18:23:55 on 2012-06-07 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.46.1053.18.4010.1783 [GMT 2:00] . AV: Microsoft Security Essentials *Enabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Microsoft Security Essentials *Enabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe -k RPCSS c:\Program Files\Microsoft Security Client\MsMpEng.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe C:\Windows\system32\nvvsvc.exe C:\Windows\system32\WLANExt.exe C:\Windows\system32\conhost.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskhost.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe C:\Program Files\Intel\WiFi\bin\EvtEng.exe C:\ProgramData\DatacardService\HWDeviceService64.exe C:\ProgramData\DatacardService\DCSHelper.exe C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe C:\Program Files\Dell\QuickSet\quickset.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Program Files (x86)\Voipwise.com\Voipwise\voipwise.exe C:\Program Files (x86)\WebcamMax\wcmmon.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe C:\Users\Sevket\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe C:\Program Files (x86)\CyberLink\Shared files\brs.exe C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE C:\ProgramData\Telenor Mobile Partner\OnlineUpdate\ouc.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\UI0Detect.exe C:\Windows\system32\SearchIndexer.exe C:\Windows\System32\alg.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Windows\system32\DllHost.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\svchost.exe -k SDRSVC C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\cvh.exe C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\OfficeVirt.exe C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\System32\svchost.exe -k WerSvcGroup C:\Windows\system32\DllHost.exe C:\Windows\system32\DllHost.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\conhost.exe C:\Windows\SysWOW64\cscript.exe C:\Windows\system32\wbem\wmiprvse.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.sivilmanset.com/ uDefault_Page_URL = hxxp://www.dell.com uURLSearchHooks: UrlSearchHook Class: {00000000-6e41-4fd3-8538-502f5495e5fc} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll mWinlogon: Userinit=userinit.exe BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: McAfee Phishing Filter: {27b4851a-3207-45a2-b947-be8afe6163ab} - c:\progra~1\mcafee\msk\mskapbho.dll BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll BHO: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll TB: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll uRun: [Voipwise] "C:\Program Files (x86)\Voipwise.com\Voipwise\voipwise.exe" -nosplash -minimized uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background uRun: [WebcamMaxAutoRun] "C:\Program Files (x86)\WebcamMax\wcmmon.exe" -a uRun: [Octoshape Streaming Services] "C:\Users\Sevket\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" -inv:bootrun mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2 mRun: [Dell Registration] C:\Program Files (x86)\System Registration\prodreg.exe /boot mRun: [RemoteControl9] "c:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe" mRun: [PDVD9LanguageShortcut] "c:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe" mRun: [bDRegion] c:\Program Files (x86)\Cyberlink\Shared Files\brs.exe mRun: [<NO NAME>] mRun: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe" mRun: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe" mRun: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe" StartupFolder: C:\Users\Sevket\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\INTEL(~1.LNK - C:\Program Files (x86)\Intel\TurboBoost\SignalIslandUi.exe mPolicies-explorer: NoActiveDesktop = 1 (0x1) mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1) mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload.adobe.com/pub/shockwave/cabs/flash/swflash.cab TCP: DhcpNameServer = 192.168.2.1 TCP: Interfaces\{03D5B791-6B1E-4D79-AAB6-0FE61462B7E4} : NameServer = 195.54.122.221 195.54.122.211 TCP: Interfaces\{6CDFA328-59D2-4F23-AA8D-F3B4A2751FF7}\4493350575A50513D22393130303 : DhcpNameServer = 192.168.0.1 192.168.0.1 TCP: Interfaces\{AA501FAE-8CB3-4829-AD7D-632A341FDD4B} : DhcpNameServer = 192.168.2.1 TCP: Interfaces\{AA501FAE-8CB3-4829-AD7D-632A341FDD4B}\2456C6B696E6F5E4F575962756C6563737F5032354533444 : DhcpNameServer = 192.168.2.1 TCP: Interfaces\{AA501FAE-8CB3-4829-AD7D-632A341FDD4B}\3747164656E6127657563747 : DhcpNameServer = 62.88.141.5 62.88.141.6 TCP: Interfaces\{AA501FAE-8CB3-4829-AD7D-632A341FDD4B}\4556C6562394E6475627E65647D25383534463 : DhcpNameServer = 192.168.1.1 192.168.1.1 TCP: Interfaces\{AA501FAE-8CB3-4829-AD7D-632A341FDD4B}\45E4F507279667164756F5131324032373 : DhcpNameServer = 192.168.1.1 TCP: Interfaces\{AA501FAE-8CB3-4829-AD7D-632A341FDD4B}\57C647271437C616E69437675636 : DhcpNameServer = 192.168.2.1 TCP: Interfaces\{AC58B719-048A-46CF-9BD3-7F70777CD774} : DhcpNameServer = 192.168.1.1 192.168.1.1 TCP: Interfaces\{C56D62E1-2A3C-440D-8DD5-F68FFAA20F97} : NameServer = 195.54.122.221 195.54.122.211 Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll {18DF081C-E8AD-4283-A596-FA578C2EBDC3} {27B4851A-3207-45A2-B947-BE8AFE6163AB} {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} {9030D464-4C02-4ABF-8ECC-5164760863C6} {9FDDE16B-836F-4806-AB1F-1455CBEFF289} {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} {D4027C7F-154A-4066-A1AD-4243D8127440} {DBC80044-A445-435b-BC74-9C25C1C588A9} {D4027C7F-154A-4066-A1AD-4243D8127440} mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun-x64: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2 mRun-x64: [Dell Registration] C:\Program Files (x86)\System Registration\prodreg.exe /boot mRun-x64: [RemoteControl9] "c:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe" mRun-x64: [PDVD9LanguageShortcut] "c:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe" mRun-x64: [bDRegion] c:\Program Files (x86)\Cyberlink\Shared Files\brs.exe mRun-x64: [(Standard)] mRun-x64: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe" mRun-x64: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe" mRun-x64: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun-x64: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe" AppInit_DLLs-X64: C:\Windows\SysWOW64\nvinit.dll . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\Sevket\AppData\Roaming\Mozilla\Firefox\Profiles\exgyoeyf.default\ FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll FF - plugin: C:\Program Files (x86)\Veetle\Player\npvlc.dll FF - plugin: C:\Program Files (x86)\Veetle\plugins\npVeetle.dll FF - plugin: C:\Program Files (x86)\Veetle\VLCBroadcast\npvbp.dll FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: C:\Users\Sevket\AppData\Roaming\Mozilla\plugins\npoctoshape.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll . ============= SERVICES / DRIVERS =============== . R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\system32\DRIVERS\MpFilter.sys --> C:\Windows\system32\DRIVERS\MpFilter.sys [?] R0 nvpciflt;nvpciflt;C:\Windows\system32\DRIVERS\nvpciflt.sys --> C:\Windows\system32\DRIVERS\nvpciflt.sys [?] R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?] R0 stdcfltn;Disk Class Filter Driver for Accelerometer;C:\Windows\system32\DRIVERS\stdcfltn.sys --> C:\Windows\system32\DRIVERS\stdcfltn.sys [?] R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?] R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-9-5 64952] R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2011-4-30 98208] R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624] R2 HWDeviceService64.exe;HWDeviceService64.exe;C:\ProgramData\DatacardService\HWDeviceService64.exe [2011-3-14 346976] R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-4-30 1997416] R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776] R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2011-4-30 1692480] R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-11-29 378472] R2 TeamViewer7;TeamViewer 7;C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-2-17 3027840] R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\system32\DRIVERS\TurboB.sys --> C:\Windows\system32\DRIVERS\TurboB.sys [?] R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-4-30 2656280] R2 WCMVCAM;WebcamMax, WDM Video Capture;C:\Windows\system32\DRIVERS\wcmvcam64.sys --> C:\Windows\system32\DRIVERS\wcmvcam64.sys [?] R3 Acceler;Accelerometer Service;C:\Windows\system32\DRIVERS\Accelern.sys --> C:\Windows\system32\DRIVERS\Accelern.sys [?] R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\system32\DRIVERS\CtClsFlt.sys --> C:\Windows\system32\DRIVERS\CtClsFlt.sys [?] R3 huawei_enumerator;huawei_enumerator;C:\Windows\system32\DRIVERS\ew_jubusenum.sys --> C:\Windows\system32\DRIVERS\ew_jubusenum.sys [?] R3 IntcDAud;Intel(R) Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys [?] R3 MEIx64;Intel(R) Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?] R3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\system32\DRIVERS\NETwNs64.sys --> C:\Windows\system32\DRIVERS\NETwNs64.sys [?] R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\system32\DRIVERS\nusb3hub.sys --> C:\Windows\system32\DRIVERS\nusb3hub.sys [?] R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\system32\DRIVERS\nusb3xhc.sys --> C:\Windows\system32\DRIVERS\nusb3xhc.sys [?] R3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184] R3 qicflt;upper Device Filter Driver;C:\Windows\system32\DRIVERS\qicflt.sys --> C:\Windows\system32\DRIVERS\qicflt.sys [?] R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?] R3 Sftfs;Sftfs;C:\Windows\system32\DRIVERS\Sftfslh.sys --> C:\Windows\system32\DRIVERS\Sftfslh.sys [?] R3 Sftplay;Sftplay;C:\Windows\system32\DRIVERS\Sftplaylh.sys --> C:\Windows\system32\DRIVERS\Sftplaylh.sys [?] R3 Sftredir;Sftredir;C:\Windows\system32\DRIVERS\Sftredirlh.sys --> C:\Windows\system32\DRIVERS\Sftredirlh.sys [?] R3 Sftvol;Sftvol;C:\Windows\system32\DRIVERS\Sftvollh.sys --> C:\Windows\system32\DRIVERS\Sftvollh.sys [?] R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496] R3 wdkmd;Intel WiDi KMD;C:\Windows\system32\DRIVERS\WDKMD.sys --> C:\Windows\system32\DRIVERS\WDKMD.sys [?] R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?] S2 CLKMSVC10_9EC60124;CyberLink Product - 2011/04/30 00:12:56;C:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe [2010-10-29 236016] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 gupdate;Tjänsten Google Update (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-2-28 136176] S2 RoxWatch12;Roxio Hard Drive Watcher 12;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-11-25 219632] S2 Telenor Mobile Partner. RunOuc;Telenor Mobile Partner. OUC;C:\Program Files (x86)\Telenor Mobile Partner\UpdateDog\ouc.exe [2012-2-28 246112] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-4-7 257696] S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;C:\Windows\system32\DRIVERS\ew_hwusbdev.sys --> C:\Windows\system32\DRIVERS\ew_hwusbdev.sys [?] S3 ew_usbenumfilter;huawei_CompositeFilter;C:\Windows\system32\DRIVERS\ew_usbenumfilter.sys --> C:\Windows\system32\DRIVERS\ew_usbenumfilter.sys [?] S3 ewusbmbb;HUAWEI USB-WWAN miniport;C:\Windows\system32\DRIVERS\ewusbwwan.sys --> C:\Windows\system32\DRIVERS\ewusbwwan.sys [?] S3 gupdatem;Tjänsten Google Update (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-2-28 136176] S3 Impcd;Impcd;C:\Windows\system32\DRIVERS\Impcd.sys --> C:\Windows\system32\DRIVERS\Impcd.sys [?] S3 JMCR;JMCR;C:\Windows\system32\DRIVERS\jmcr.sys --> C:\Windows\system32\DRIVERS\jmcr.sys [?] S3 massfilter_hs;ZTE HandSet Mass Storage Filter Driver;C:\Windows\system32\drivers\massfilter_hs.sys --> C:\Windows\system32\drivers\massfilter_hs.sys [?] S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-5-5 113120] S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2010-12-17 340240] S3 NisDrv;Microsoft Network Inspection System;C:\Windows\system32\DRIVERS\NisDrvWFP.sys --> C:\Windows\system32\DRIVERS\NisDrvWFP.sys [?] S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2012-3-26 291696] S3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\system32\drivers\nvhda64v.sys --> C:\Windows\system32\drivers\nvhda64v.sys [?] S3 NvStUSB;NVIDIA Stereoscopic 3D USB driver;C:\Windows\system32\DRIVERS\nvstusb.sys --> C:\Windows\system32\DRIVERS\nvstusb.sys [?] S3 RoxMediaDB12OEM;RoxMediaDB12OEM;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-11-25 1116656] S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?] S3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504] S3 WatAdminSvc;Aktiveringsteknologier för Windows-tjänst;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?] S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-23 57184] . =============== Created Last 30 ================ . 2012-06-07 15:53:43 69000 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{37860474-1D9C-4D17-8391-C1C3EE791DDB}\offreg.dll 2012-06-07 15:46:10 -------- d-----w- C:\Users\Sevket\AppData\Local\{B94A15F4-8F2F-43D3-935E-A20419E2D8BA} 2012-06-07 15:45:29 -------- d-----w- C:\Users\Sevket\AppData\Local\{1701EAF8-18BA-45D3-BE76-14A685538CEB} 2012-06-07 15:37:20 306176 ----a-w- C:\Users\Sevket\AppData\Local\uhzpwswpwi.exe 2012-06-06 19:31:28 770384 ----a-w- C:\Program Files (x86)\Mozilla Firefox\msvcr100.dll 2012-06-06 19:31:28 421200 ----a-w- C:\Program Files (x86)\Mozilla Firefox\msvcp100.dll 2012-06-06 16:00:22 8955792 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{37860474-1D9C-4D17-8391-C1C3EE791DDB}\mpengine.dll 2012-06-06 10:59:37 -------- d-----w- C:\Users\Sevket\AppData\Local\{87866375-B9C4-410D-8C16-906D44EA036C} 2012-06-06 10:59:15 -------- d-----w- C:\Users\Sevket\AppData\Local\{55CF67D8-73C5-4A71-8DB5-F65253163136} 2012-06-05 13:03:02 8955792 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2012-06-04 21:03:36 -------- d-----w- C:\Users\Sevket\AppData\Local\{FB04F855-8E1E-480A-9792-F39F34E96976} 2012-06-04 21:03:15 -------- d-----w- C:\Users\Sevket\AppData\Local\{012F0FCA-313A-4A99-97CF-8F79EB7AC829} 2012-06-03 12:20:52 -------- d-----w- C:\Users\Sevket\AppData\Local\{9BFA623E-3E01-4641-843C-520DC3E974FD} 2012-06-03 00:20:15 -------- d-----w- C:\Users\Sevket\AppData\Local\{DA5A3079-8D43-45F9-9E50-924A7FFC00DC} 2012-06-03 00:20:00 -------- d-----w- C:\Users\Sevket\AppData\Local\{D5E90BA6-B796-4969-8E32-CE0A54846075} 2012-06-02 08:00:36 -------- d-----w- C:\Users\Sevket\AppData\Local\{9F4072B7-C916-43D6-9FA6-6E386A262359} 2012-06-02 08:00:25 -------- d-----w- C:\Users\Sevket\AppData\Local\{AAD60CC8-9196-4A8C-92BC-1BD25AC4485A} 2012-06-01 14:01:10 -------- d-----w- C:\Users\Sevket\AppData\Local\{C8A8F95B-ECA9-410E-A03D-FD6306B1A2A4} 2012-06-01 14:00:44 -------- d-----w- C:\Users\Sevket\AppData\Local\{718EDF62-C0E6-4B9D-A0F8-0AB569C11337} 2012-05-31 06:37:53 -------- d-----w- C:\Users\Sevket\AppData\Local\{6FC95CB2-9CC5-4294-8A97-0EF72B396308} 2012-05-31 06:37:42 -------- d-----w- C:\Users\Sevket\AppData\Local\{7FC442B5-6002-4CFF-AA3A-31157B9D0790} 2012-05-29 12:49:56 -------- d-----w- C:\Users\Sevket\AppData\Local\{0B3544D2-1ACE-486A-9CB2-AE3F4A1DAAB0} 2012-05-29 12:49:45 -------- d-----w- C:\Users\Sevket\AppData\Local\{0E63C6F5-26BF-4A9D-BD1F-54CAA9EC4965} 2012-05-28 21:39:21 -------- d-----w- C:\Users\Sevket\AppData\Local\{A2D5CEFC-2E3E-4F94-BAE2-569E08E7C5C9} 2012-05-28 21:39:03 -------- d-----w- C:\Users\Sevket\AppData\Local\{A41159FE-482F-4CA0-87FD-B23967808D6A} 2012-05-24 09:10:03 -------- d-----w- C:\Users\Sevket\AppData\Local\{C332719F-3B05-4F32-9B7C-C4C358F12265} 2012-05-24 09:09:52 -------- d-----w- C:\Users\Sevket\AppData\Local\{A1020D66-E11F-4DC2-B02A-7D31244115EA} 2012-05-21 12:12:05 -------- d-----w- C:\Users\Sevket\AppData\Local\{852E3D51-0401-40B9-B53A-EE23E6E67F82} 2012-05-21 12:11:54 -------- d-----w- C:\Users\Sevket\AppData\Local\{D6B5CC97-1127-450E-97AD-1D7C254836F7} 2012-05-21 00:11:37 -------- d-----w- C:\Users\Sevket\AppData\Local\{DD2D1B6D-C551-4855-AFA0-C66213B06BE2} 2012-05-21 00:11:20 -------- d-----w- C:\Users\Sevket\AppData\Local\{2A5210E7-0312-4DE2-B1FB-5F281FCAE935} 2012-05-20 12:10:49 -------- d-----w- C:\Users\Sevket\AppData\Local\{F74B5FCD-03E0-425B-98DD-220A9D962171} 2012-05-20 12:10:35 -------- d-----w- C:\Users\Sevket\AppData\Local\{60EAB4DF-C35F-456F-84A4-D78252B08A64} 2012-05-20 11:28:36 -------- d---a-w- C:\Users\Sevket\.android 2012-05-20 11:28:32 38424 ----a-w- C:\Windows\System32\drivers\androidusb.sys 2012-05-20 11:28:32 129304 ----a-w- C:\Windows\System32\drivers\zghsvousb.sys 2012-05-20 11:28:32 129304 ----a-w- C:\Windows\System32\drivers\zghsnmea.sys 2012-05-20 11:28:32 129304 ----a-w- C:\Windows\System32\drivers\zghsdiag.sys 2012-05-20 11:28:32 129304 ----a-w- C:\Windows\System32\drivers\zghsat.sys 2012-05-20 11:28:32 127056 ----a-w- C:\Windows\System32\drivers\zghsmdm.sys 2012-05-20 11:28:32 11776 ----a-w- C:\Windows\System32\drivers\massfilter_hs.sys 2012-05-20 11:28:27 96256 ----a-w- C:\Windows\AdbWinApi.dll 2012-05-20 11:28:27 584584 ----a-w- C:\Windows\adb.exe 2012-05-20 11:28:27 -------- d-----w- C:\Program Files\ZTE Handset USB Driver 2012-05-19 10:19:56 -------- d-----w- C:\Users\Sevket\AppData\Local\{E6621AF1-7DBA-4D5F-A576-D39A81383D70} 2012-05-19 10:19:44 -------- d-----w- C:\Users\Sevket\AppData\Local\{9B438B85-8BE5-4B6F-A7A3-744A044A050A} 2012-05-18 20:19:03 -------- d-----w- C:\Users\Sevket\AppData\Local\{63B72367-6370-45DD-B158-CC3FF1B86768} 2012-05-18 20:18:48 -------- d-----w- C:\Users\Sevket\AppData\Local\{93A720B9-0D42-4ED6-8AD5-5938FDF5769B} 2012-05-17 17:30:19 -------- d-----w- C:\Users\Sevket\AppData\Local\{C1E69500-D1B4-44CA-B366-322EBEB2E7F7} 2012-05-17 17:30:08 -------- d-----w- C:\Users\Sevket\AppData\Local\{E7E6D606-0184-4810-88D8-504702B1B9DD} 2012-05-16 22:04:13 -------- d-----w- C:\Users\Sevket\AppData\Local\{478F15A1-0568-4A9F-97F9-83718AF278CE} 2012-05-16 22:04:01 -------- d-----w- C:\Users\Sevket\AppData\Local\{220199A6-ACF7-425F-A979-64F0441DEB3B} 2012-05-14 13:06:42 -------- d-----w- C:\Users\Sevket\AppData\Local\{B1F88348-CFE8-43F5-94AB-80BDD652EFDC} 2012-05-14 13:06:31 -------- d-----w- C:\Users\Sevket\AppData\Local\{C1AA0329-45F9-43EE-9BFD-0790766B8D5C} 2012-05-12 23:12:43 -------- d-----w- C:\Users\Sevket\AppData\Local\{7A55E381-DEA8-46F3-91A8-6DA10BBF35F5} 2012-05-12 23:12:32 -------- d-----w- C:\Users\Sevket\AppData\Local\{743497AD-6788-403F-8E90-66776FF7D850} 2012-05-12 19:57:24 -------- d-----w- C:\Users\Sevket\AppData\Local\{4D6D8F6E-FC07-41CD-96B5-A17AFED93972} 2012-05-12 19:56:59 -------- d-----w- C:\Users\Sevket\AppData\Local\{344A5395-59CE-4333-9A0D-295430B4AE55} 2012-05-11 19:02:12 -------- d-----w- C:\Users\Sevket\AppData\Local\{B16D0A71-CB5B-4198-BC01-2B563FB8500D} 2012-05-11 19:01:53 -------- d-----w- C:\Users\Sevket\AppData\Local\{9BAC8E84-9E0B-4575-B42E-32F41256F5B3} 2012-05-10 02:01:29 -------- d-----w- C:\Users\Sevket\AppData\Local\{B92B4582-A1D1-4FE3-BEE7-2796DD35A13B} 2012-05-10 02:01:18 -------- d-----w- C:\Users\Sevket\AppData\Local\{73AF87B3-D701-4A4D-8203-BCCEF98CE1E3} 2012-05-09 22:12:11 1544704 ----a-w- C:\Windows\System32\DWrite.dll 2012-05-09 22:12:11 1077248 ----a-w- C:\Windows\SysWow64\DWrite.dll 2012-05-09 22:12:10 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe 2012-05-09 22:12:09 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe 2012-05-09 22:12:09 3146240 ----a-w- C:\Windows\System32\win32k.sys 2012-05-09 22:12:08 3913072 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe 2012-05-09 22:11:09 75120 ----a-w- C:\Windows\System32\drivers\partmgr.sys 2012-05-09 22:10:30 1918320 ----a-w- C:\Windows\System32\drivers\tcpip.sys 2012-05-09 22:10:23 936960 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\ink\journal.dll 2012-05-09 22:10:23 1732096 ----a-w- C:\Program Files\Windows Journal\NBDoc.DLL 2012-05-09 22:10:23 1367552 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll 2012-05-09 22:10:22 1402880 ----a-w- C:\Program Files\Windows Journal\JNWDRV.dll 2012-05-09 22:10:22 1393664 ----a-w- C:\Program Files\Windows Journal\JNTFiltr.dll 2012-05-09 11:51:24 -------- d-----w- C:\Users\Sevket\AppData\Local\{3C6057E0-A54F-44D6-AA8A-80085FDF884A} 2012-05-09 11:51:13 -------- d-----w- C:\Users\Sevket\AppData\Local\{F5AD9EDE-73B6-4D15-8B94-1A461B3D8369} . ==================== Find3M ==================== . 2012-05-05 14:58:35 70304 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2012-05-05 14:58:35 419488 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2012-05-05 14:58:23 8744608 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe 2012-03-20 18:44:12 98688 ----a-w- C:\Windows\System32\drivers\NisDrvWFP.sys 2012-03-20 18:44:12 203888 ----a-w- C:\Windows\System32\drivers\MpFilter.sys . ============= FINISH: 18:24:40,45 =============== Attach.txt Citera Länk till kommentar Dela på andra webbplatser Fler delningsalternativ...
Musten Postad Juni 7, 2012 Författare Dela Postad Juni 7, 2012 Funkar denna länk ? http://www.2-viruses...security-shield Hej! Den funkar bra, och rent i allmänhet så funkar datorn just nu utan problem och jag får inte upp något skit. T.ex. kollade jag det med proxy inställningen på din länk och det var inte så trots att jag inte kört MalWarebytes ännu... Jag har inte riktigt gjort något mot viruset men inte heller något för att installera det liksom så vill vara säker på att det inte finns nåt kvar alls. Citera Länk till kommentar Dela på andra webbplatser Fler delningsalternativ...
Cecilia Postad Juni 7, 2012 Dela Postad Juni 7, 2012 Funkar denna länk ? http://www.2-viruses...security-shield Den sidan är bara en reklamsida för SpyHunter som inte tar bort något utan att man betalar för programmet. Informationen är också alldeles för gammal för att vara korrekt för en ny infektion. Citera Länk till kommentar Dela på andra webbplatser Fler delningsalternativ...
Cecilia Postad Juni 7, 2012 Dela Postad Juni 7, 2012 Där finns åtminstone en skadlig fil i loggen så kör MBAM så får vi se om den tas bort. Citera Länk till kommentar Dela på andra webbplatser Fler delningsalternativ...
jarru Postad Juni 7, 2012 Dela Postad Juni 7, 2012 Den sidan är bara en reklamsida för SpyHunter som inte tar bort något utan att man betalar för programmet. Informationen är också alldeles för gammal för att vara korrekt för en ny infektion. Ursäkta mig, men jag la in en länk ifall du inte var på plats, och den visar inte bara reklam. Citera Länk till kommentar Dela på andra webbplatser Fler delningsalternativ...
Cecilia Postad Juni 7, 2012 Dela Postad Juni 7, 2012 Ursäkta mig, men jag la in en länk ifall du inte var på plats, och den visar inte bara reklam. Snällt tänkt, men tyvärr så finns det så många opålitliga, även rent skadliga, sidor som kommer upp när man googlar på skadliga programs namn. Citera Länk till kommentar Dela på andra webbplatser Fler delningsalternativ...
jarru Postad Juni 7, 2012 Dela Postad Juni 7, 2012 Snällt tänkt, men tyvärr så finns det så många opålitliga, även rent skadliga, sidor som kommer upp när man googlar på skadliga programs namn. Jodå, nog är det så, men det går att rensa manuellt också, och jag uppfattade att det var tanken bakom det hela. Vet nu inte hur snabbt antivirusföretagen reagerar på "nya saker" numera. Citera Länk till kommentar Dela på andra webbplatser Fler delningsalternativ...
Cecilia Postad Juni 7, 2012 Dela Postad Juni 7, 2012 Jovisst, men informationen på sidan räcker inte till. T ex står det så här: Stop these Security Shield processes:[random].exe Hur ska man veta vad man ska stoppa för process?Remove these Security Shield files:C:\Documents and Settings\[user]\Local Settings\Application Data\[random].exe Mappen finns inte i Vista och Windows 7 och om där finns två exe-filer i mappen är det ju omöjligt att veta vilken det gäller.Och den manuella instruktionen avslutas med: It is impossible to list all file names and locations of modern parasites. Det blir en rätt värdelös instruktion. Citera Länk till kommentar Dela på andra webbplatser Fler delningsalternativ...
Musten Postad Juni 7, 2012 Författare Dela Postad Juni 7, 2012 Där finns åtminstone en skadlig fil i loggen så kör MBAM så får vi se om den tas bort. MBAM hittar inget fel? Behöver jag köra den i felsäkert läge kanske? Var så länge sen jag rensade virus... Citera Länk till kommentar Dela på andra webbplatser Fler delningsalternativ...
Cecilia Postad Juni 7, 2012 Dela Postad Juni 7, 2012 Då tar vi till ComboFix i stället. Spara ComboFix på Skrivbordet: http://download.bleepingcomputer.com/sUBs/ComboFix.exe Stäng av alla program du ser inklusive antivirusprogram och antispionprogram, men lämna brandväggen på. Hur? Se http://www.bleepingcomputer.com/forums/topic114351.html Kör ComboFix och följ anvisningarna som visas. Om det kommer upp en fråga om du vill installera återställningskonsolen så svara Ja. Mer detaljerad vägledning finns på http://www.bleepingcomputer.com/combofix/se/hur-combofix-ska-anvandas Om det kommer upp något meddelande, t ex att ett rootkit har hittats, från ComboFix skriv ner det och skriv det sedan i ditt svar. VIKTIGT! Klicka inte på ComboFix-fönstret med musen när det körs eftersom så det kan hänga upp sig då. När ComboFix är färdig ska en logg komma upp, klistra in den i ditt svar. Kontrollera att antivirusprogram mm är igång innan du ansluter till internet. Om du får problem med att komma ut på internet: Kontrollpanelen - Nätverksanslutningar högerklicka på din internetanslutning och välj Reparera och/eller starta om datorn. Citera Länk till kommentar Dela på andra webbplatser Fler delningsalternativ...
Musten Postad Juni 7, 2012 Författare Dela Postad Juni 7, 2012 (redigerade) Det var jobbigt med ComboFix.... gick inte med internet sen blev en omstart istället.... Nu är det klart iaf ComboFix 12-06-07.03 - Sevket 2012-06-07 21:21:40.1.4 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.46.1053.18.4010.2336 [GMT 2:00] Körs från: c:\users\Sevket\Desktop\ComboFix.exe AV: Microsoft Security Essentials *Disabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6} SP: Microsoft Security Essentials *Disabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Skapade en ny återställningspunkt . . ((((((((((((((((((((((((((((((((((((((( Andra raderingar )))))))))))))))))))))))))))))))))))))))))))))))) . . c:\programdata\Roaming c:\users\Sevket\AppData\Local\uhzpwswpwi.exe c:\windows\system32\drivers\etc\hosts.ics . . (((((((((((((((((((((((( Filer skapade från 2012-05-07 till 2012-06-07 )))))))))))))))))))))))))))))) . . 2012-06-07 19:25 . 2012-06-07 19:25 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-06-07 19:25 . 2012-06-07 19:25 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp 2012-06-07 19:15 . 2012-05-08 17:02 8955792 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{4166747A-73C9-4B05-A497-8A2919ECA440}\mpengine.dll 2012-06-07 16:35 . 2012-06-07 16:35 -------- d-----w- c:\users\Sevket\AppData\Roaming\Malwarebytes 2012-06-07 16:35 . 2012-06-07 16:35 -------- d-----w- c:\programdata\Malwarebytes 2012-06-07 16:35 . 2012-06-07 16:35 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware 2012-06-07 16:35 . 2012-04-04 13:56 24904 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-06-06 19:31 . 2012-06-06 19:31 770384 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcr100.dll 2012-06-06 19:31 . 2012-06-06 19:31 421200 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcp100.dll 2012-06-06 16:00 . 2012-05-08 17:02 8955792 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2012-05-20 11:28 . 2012-05-20 11:28 -------- d---a-w- c:\users\Sevket\.android 2012-05-20 11:28 . 2010-10-20 14:10 11776 ----a-w- c:\windows\system32\drivers\massfilter_hs.sys 2012-05-20 11:28 . 2010-10-18 12:29 129304 ----a-w- c:\windows\system32\drivers\zghsvousb.sys 2012-05-20 11:28 . 2010-10-18 12:28 129304 ----a-w- c:\windows\system32\drivers\zghsnmea.sys 2012-05-20 11:28 . 2010-10-18 12:26 127056 ----a-w- c:\windows\system32\drivers\zghsmdm.sys 2012-05-20 11:28 . 2010-10-18 12:26 129304 ----a-w- c:\windows\system32\drivers\zghsdiag.sys 2012-05-20 11:28 . 2010-10-18 12:26 129304 ----a-w- c:\windows\system32\drivers\zghsat.sys 2012-05-20 11:28 . 2010-10-18 12:24 38424 ----a-w- c:\windows\system32\drivers\androidusb.sys 2012-05-20 11:28 . 2012-05-20 11:28 -------- d-----w- c:\program files\ZTE Handset USB Driver 2012-05-20 11:28 . 2011-01-07 07:43 584584 ----a-w- c:\windows\adb.exe 2012-05-20 11:28 . 2010-05-07 09:48 96256 ----a-w- c:\windows\AdbWinApi.dll 2012-05-09 22:12 . 2012-03-03 06:35 1544704 ----a-w- c:\windows\system32\DWrite.dll 2012-05-09 22:12 . 2012-03-03 05:31 1077248 ----a-w- c:\windows\SysWow64\DWrite.dll 2012-05-09 22:12 . 2012-03-31 06:05 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe 2012-05-09 22:12 . 2012-03-31 04:39 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe 2012-05-09 22:12 . 2012-03-31 03:10 3146240 ----a-w- c:\windows\system32\win32k.sys 2012-05-09 22:12 . 2012-03-31 04:39 3913072 ----a-w- c:\windows\SysWow64\ntoskrnl.exe 2012-05-09 22:11 . 2012-03-17 07:58 75120 ----a-w- c:\windows\system32\drivers\partmgr.sys 2012-05-09 22:10 . 2012-03-30 11:35 1918320 ----a-w- c:\windows\system32\drivers\tcpip.sys 2012-05-09 22:10 . 2012-03-31 05:42 1732096 ----a-w- c:\program files\Windows Journal\NBDoc.DLL 2012-05-09 22:10 . 2012-03-31 05:40 1367552 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll 2012-05-09 22:10 . 2012-03-31 04:29 936960 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\ink\journal.dll 2012-05-09 22:10 . 2012-03-31 05:40 1402880 ----a-w- c:\program files\Windows Journal\JNWDRV.dll 2012-05-09 22:10 . 2012-03-31 05:40 1393664 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll . . . (((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-05-05 14:58 . 2012-04-07 19:43 419488 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2012-05-05 14:58 . 2011-12-19 22:38 70304 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2012-05-05 14:58 . 2012-04-07 19:58 8744608 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe 2012-03-20 18:44 . 2011-04-27 14:25 98688 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys 2012-03-20 18:44 . 2011-04-18 12:18 203888 ----a-w- c:\windows\system32\drivers\MpFilter.sys 2012-03-15 02:03 . 2011-12-21 14:05 2136512 ----a-w- c:\programdata\Microsoft\VisualStudio\10.0\1033\ResourceCache.dll . . (((((((((((((((((((((((((((((((((( Startpunkter i registret ))))))))))))))))))))))))))))))))))))))))))))))) . . *Not* tomma poster & legitima standardposter visas inte. REGEDIT4 . [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] "{00000000-6E41-4FD3-8538-502F5495E5FC}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2012-01-03 1514152] . [HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}] . [HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}] 2012-01-03 15:31 1514152 ----a-w- c:\program files (x86)\Ask.com\GenericAskToolbar.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar] "{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2012-01-03 1514152] . [HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}] [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1] [HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}] [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd] . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Voipwise"="c:\program files (x86)\Voipwise.com\Voipwise\voipwise.exe" [2012-04-12 17792376] "WebcamMaxAutoRun"="c:\program files (x86)\WebcamMax\wcmmon.exe" [2011-07-17 1038848] "Octoshape Streaming Services"="c:\users\Sevket\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" [2011-03-24 107800] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2011-09-05 35736] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920] "Dell Webcam Central"="c:\program files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" [2010-08-19 487562] "Dell Registration"="c:\program files (x86)\System Registration\prodreg.exe" [2010-11-10 4144448] "RemoteControl9"="c:\program files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe" [2010-10-01 87336] "PDVD9LanguageShortcut"="c:\program files (x86)\CyberLink\PowerDVD9\Language\Language.exe" [2010-09-17 50472] "BDRegion"="c:\program files (x86)\Cyberlink\Shared Files\brs.exe" [2010-10-29 75048] "RoxWatchTray"="c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe" [2010-11-25 240112] "Desktop Disc Tool"="c:\program files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe" [2010-11-17 514544] "VirtualCloneDrive"="c:\program files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2011-03-07 89456] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696] "ApnUpdater"="c:\program files (x86)\Ask.com\Updater\Updater.exe" [2012-01-03 1391272] . c:\users\Sevket\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Intel(R) Turbo Boost Technology Monitor 2.0.lnk - c:\program files\Intel\TurboBoost\SignalIslandUi.exe [2010-11-29 204288] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "aux1"=wdmaud.drv . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] @="" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] @="Service" . R2 CLKMSVC10_9EC60124;CyberLink Product - 2011/04/30 00:12;c:\program files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe [2010-10-29 236016] R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 gupdate;Tjänsten Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-02-28 136176] R2 RoxWatch12;Roxio Hard Drive Watcher 12;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-11-25 219632] R2 Telenor Mobile Partner. RunOuc;Telenor Mobile Partner. OUC;c:\program files (x86)\Telenor Mobile Partner\UpdateDog\ouc.exe [2012-02-28 246112] R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-05 257696] R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys [x] R3 ew_usbenumfilter;huawei_CompositeFilter;c:\windows\system32\DRIVERS\ew_usbenumfilter.sys [x] R3 ewusbmbb;HUAWEI USB-WWAN miniport;c:\windows\system32\DRIVERS\ewusbwwan.sys [x] R3 gupdatem;Tjänsten Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-02-28 136176] R3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [x] R3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [x] R3 massfilter_hs;ZTE HandSet Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter_hs.sys [x] R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-06-06 113120] R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [2010-12-17 340240] R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [x] R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe [2012-03-26 291696] R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x] R3 NvStUSB;NVIDIA Stereoscopic 3D USB driver;c:\windows\system32\DRIVERS\nvstusb.sys [x] R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184] R3 RoxMediaDB12OEM;RoxMediaDB12OEM;c:\program files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-11-25 1116656] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x] R3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0;c:\program files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504] R3 WatAdminSvc;Aktiveringsteknologier för Windows-tjänst;c:\windows\system32\Wat\WatAdminSvc.exe [x] R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184] S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [x] S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x] S0 stdcfltn;Disk Class Filter Driver for Accelerometer;c:\windows\system32\DRIVERS\stdcfltn.sys [x] S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-09-05 64952] S2 AERTFilters;Andrea RT Filters Service;c:\program files\Realtek\Audio\HDA\AERTSr64.exe [2009-11-18 98208] S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624] S2 HWDeviceService64.exe;HWDeviceService64.exe;c:\programdata\DatacardService\HWDeviceService64.exe [2011-03-14 346976] S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2010-11-30 1997416] S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776] S2 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [2011-08-18 1692480] S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-11-29 378472] S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-01-19 3027840] S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [x] S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-12-20 2656280] S2 WCMVCAM;WebcamMax, WDM Video Capture;c:\windows\system32\DRIVERS\wcmvcam64.sys [x] S3 Acceler;Accelerometer Service;c:\windows\system32\DRIVERS\Accelern.sys [x] S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys [x] S3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys [x] S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x] S3 MEIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x] S3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;c:\windows\system32\DRIVERS\NETwNs64.sys [x] S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [x] S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [x] S3 qicflt;upper Device Filter Driver;c:\windows\system32\DRIVERS\qicflt.sys [x] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x] S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [x] S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [x] S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [x] S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [x] S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496] S3 wdkmd;Intel WiDi KMD;c:\windows\system32\DRIVERS\WDKMD.sys [x] . . --- Övriga tjänster/drivrutiner i minnet --- . *NewlyCreated* - WS2IFSL *Deregistered* - CLKMDRV10_9EC60124 . Innehåll i mappen 'Schemalagda aktiviteter': . 2012-06-07 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-07 14:58] . 2012-06-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-02-28 17:01] . 2012-06-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-02-28 17:01] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2010-12-14 6561384] "RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2010-12-11 2186856] "NVHotkey"="c:\windows\system32\nvHotkey.dll" [2010-11-29 312936] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-02-12 167960] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-02-12 391704] "Persistence"="c:\windows\system32\igfxpers.exe" [2011-02-12 418328] "FreeFallProtection"="c:\program files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe" [2010-12-17 686704] "IntelWireless"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2010-12-17 1933584] "QuickSet"="c:\program files\Dell\QuickSet\QuickSet.exe" [2011-01-25 4479648] "IntelTBRunOnce"="wscript.exe" [2009-07-14 168960] "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-03-26 1271168] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "LoadAppInit_DLLs"=0x1 "AppInit_DLLs"=c:\windows\System32\nvinitx.dll . ------- Extra genomsökning ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://www.sivilmanset.com/ mLocal Page = c:\windows\SysWOW64\blank.htm TCP: DhcpNameServer = 192.168.2.1 TCP: Interfaces\{03D5B791-6B1E-4D79-AAB6-0FE61462B7E4}: NameServer = 195.54.122.221 195.54.122.211 TCP: Interfaces\{C56D62E1-2A3C-440D-8DD5-F68FFAA20F97}: NameServer = 195.54.122.221 195.54.122.211 FF - ProfilePath - c:\users\Sevket\AppData\Roaming\Mozilla\Firefox\Profiles\exgyoeyf.default\ . - - - - FÖRÄLDRALÖSA POSTER SOM TAGITS BORT - - - - . Toolbar-Locked - (no file) Toolbar-Locked - (no file) HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe . . . --------------------- LÅSTA REGISTERNYCKLAR --------------------- . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\software\McAfee] "SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79, 00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\ . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Andra processer som körs ------------------------ . c:\programdata\Telenor Mobile Partner\OnlineUpdate\ouc.exe c:\program files (x86)\Dell DataSafe Local Backup\TOASTER.EXE c:\program files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE c:\program files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe . ************************************************************************** . Sluttid: 2012-06-07 21:31:15 - datorn startades om. ComboFix-quarantined-files.txt 2012-06-07 19:31 . Före genomsökningen: 421 728 002 048 byte ledigt Efter genomsökningen: 422 151 114 752 byte ledigt . - - End Of File - - 4209532BDC824AF2DA5857D5728FFB34 Det dyker dessutom upp en bildruta nu när man startar datorn. Bifogar en bild. Redigerad Juni 7, 2012 av Musten Citera Länk till kommentar Dela på andra webbplatser Fler delningsalternativ...
Cecilia Postad Juni 7, 2012 Dela Postad Juni 7, 2012 Bra där försvann filen som hörde ihop med Security Shield. Ask Toolbar anses vara olämplig så den bör du avinstallera. När du har gjort det så starta om datorn och kör DDS igen. Klistra in DDS.txt, men Attach.txt behövs inte. Citera Länk till kommentar Dela på andra webbplatser Fler delningsalternativ...
Cecilia Postad Juni 7, 2012 Dela Postad Juni 7, 2012 Kommer det fram något program om du klickar på "Växla till"? Citera Länk till kommentar Dela på andra webbplatser Fler delningsalternativ...
Musten Postad Juni 7, 2012 Författare Dela Postad Juni 7, 2012 Hej! Tog bort Ask Toolbar, något som någon annan måste råkat klicka i.... Detta är inte min egna dator så.Här är output från DDS . DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_30 Run by Sevket at 22:27:09 on 2012-06-07 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.46.1053.18.4010.2014 [GMT 2:00] . AV: Microsoft Security Essentials *Enabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Microsoft Security Essentials *Enabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe -k RPCSS c:\Program Files\Microsoft Security Client\MsMpEng.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\WLANExt.exe C:\Windows\system32\conhost.exe C:\Windows\System32\spoolsv.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskhost.exe C:\Windows\system32\taskeng.exe C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe C:\Program Files\Intel\WiFi\bin\EvtEng.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\ProgramData\DatacardService\HWDeviceService64.exe C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe C:\ProgramData\DatacardService\DCSHelper.exe C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Program Files (x86)\Voipwise.com\Voipwise\voipwise.exe C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files (x86)\WebcamMax\wcmmon.exe C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE C:\Users\Sevket\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE C:\Program Files\Intel\TurboBoost\SignalIslandUi.exe C:\ProgramData\Telenor Mobile Partner\OnlineUpdate\ouc.exe C:\Program Files (x86)\Adobe\Reader 10.0\Reader\reader_sl.exe C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe C:\Program Files (x86)\CyberLink\Shared files\brs.exe C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE C:\Windows\system32\wbem\unsecapp.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\System32\alg.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\servicing\TrustedInstaller.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Program Files\Intel\TurboBoost\TurboBoost.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\DllHost.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\conhost.exe C:\Windows\SysWOW64\cscript.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.sivilmanset.com/ BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: McAfee Phishing Filter: {27b4851a-3207-45a2-b947-be8afe6163ab} - c:\progra~1\mcafee\msk\mskapbho.dll BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll uRun: [Voipwise] "C:\Program Files (x86)\Voipwise.com\Voipwise\voipwise.exe" -nosplash -minimized uRun: [WebcamMaxAutoRun] "C:\Program Files (x86)\WebcamMax\wcmmon.exe" -a uRun: [Octoshape Streaming Services] "C:\Users\Sevket\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe" -inv:bootrun mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2 mRun: [Dell Registration] C:\Program Files (x86)\System Registration\prodreg.exe /boot mRun: [RemoteControl9] "c:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe" mRun: [PDVD9LanguageShortcut] "c:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe" mRun: [bDRegion] c:\Program Files (x86)\Cyberlink\Shared Files\brs.exe mRun: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe" mRun: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe" mRun: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" StartupFolder: C:\Users\Sevket\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\INTEL(~1.LNK - C:\Program Files (x86)\Intel\TurboBoost\SignalIslandUi.exe mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload.adobe.com/pub/shockwave/cabs/flash/swflash.cab TCP: DhcpNameServer = 192.168.2.1 TCP: Interfaces\{03D5B791-6B1E-4D79-AAB6-0FE61462B7E4} : NameServer = 195.54.122.221 195.54.122.211 TCP: Interfaces\{6CDFA328-59D2-4F23-AA8D-F3B4A2751FF7}\4493350575A50513D22393130303 : DhcpNameServer = 192.168.0.1 192.168.0.1 TCP: Interfaces\{AA501FAE-8CB3-4829-AD7D-632A341FDD4B} : DhcpNameServer = 192.168.2.1 TCP: Interfaces\{AA501FAE-8CB3-4829-AD7D-632A341FDD4B}\2456C6B696E6F5E4F575962756C6563737F5032354533444 : DhcpNameServer = 192.168.2.1 TCP: Interfaces\{AA501FAE-8CB3-4829-AD7D-632A341FDD4B}\3747164656E6127657563747 : DhcpNameServer = 62.88.141.5 62.88.141.6 TCP: Interfaces\{AA501FAE-8CB3-4829-AD7D-632A341FDD4B}\4556C6562394E6475627E65647D25383534463 : DhcpNameServer = 192.168.1.1 192.168.1.1 TCP: Interfaces\{AA501FAE-8CB3-4829-AD7D-632A341FDD4B}\45E4F507279667164756F5131324032373 : DhcpNameServer = 192.168.1.1 TCP: Interfaces\{AA501FAE-8CB3-4829-AD7D-632A341FDD4B}\57C647271437C616E69437675636 : DhcpNameServer = 192.168.2.1 TCP: Interfaces\{C56D62E1-2A3C-440D-8DD5-F68FFAA20F97} : NameServer = 195.54.122.221 195.54.122.211 Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll {18DF081C-E8AD-4283-A596-FA578C2EBDC3} {27B4851A-3207-45A2-B947-BE8AFE6163AB} {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} {9030D464-4C02-4ABF-8ECC-5164760863C6} {9FDDE16B-836F-4806-AB1F-1455CBEFF289} {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} {DBC80044-A445-435b-BC74-9C25C1C588A9} mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun-x64: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2 mRun-x64: [Dell Registration] C:\Program Files (x86)\System Registration\prodreg.exe /boot mRun-x64: [RemoteControl9] "c:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe" mRun-x64: [PDVD9LanguageShortcut] "c:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe" mRun-x64: [bDRegion] c:\Program Files (x86)\Cyberlink\Shared Files\brs.exe mRun-x64: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe" mRun-x64: [Desktop Disc Tool] "C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe" mRun-x64: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" AppInit_DLLs-X64: C:\Windows\SysWOW64\nvinit.dll . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\Sevket\AppData\Roaming\Mozilla\Firefox\Profiles\exgyoeyf.default\ FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll FF - plugin: C:\Program Files (x86)\Veetle\Player\npvlc.dll FF - plugin: C:\Program Files (x86)\Veetle\plugins\npVeetle.dll FF - plugin: C:\Program Files (x86)\Veetle\VLCBroadcast\npvbp.dll FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: C:\Users\Sevket\AppData\Roaming\Mozilla\plugins\npoctoshape.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll . ============= SERVICES / DRIVERS =============== . R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\system32\DRIVERS\MpFilter.sys --> C:\Windows\system32\DRIVERS\MpFilter.sys [?] R0 nvpciflt;nvpciflt;C:\Windows\system32\DRIVERS\nvpciflt.sys --> C:\Windows\system32\DRIVERS\nvpciflt.sys [?] R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?] R0 stdcfltn;Disk Class Filter Driver for Accelerometer;C:\Windows\system32\DRIVERS\stdcfltn.sys --> C:\Windows\system32\DRIVERS\stdcfltn.sys [?] R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?] R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-9-5 64952] R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2011-4-30 98208] R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624] R2 HWDeviceService64.exe;HWDeviceService64.exe;C:\ProgramData\DatacardService\HWDeviceService64.exe [2011-3-14 346976] R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-4-30 1997416] R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776] R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2011-4-30 1692480] R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-11-29 378472] R2 TeamViewer7;TeamViewer 7;C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-2-17 3027840] R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\system32\DRIVERS\TurboB.sys --> C:\Windows\system32\DRIVERS\TurboB.sys [?] R2 WCMVCAM;WebcamMax, WDM Video Capture;C:\Windows\system32\DRIVERS\wcmvcam64.sys --> C:\Windows\system32\DRIVERS\wcmvcam64.sys [?] R3 Acceler;Accelerometer Service;C:\Windows\system32\DRIVERS\Accelern.sys --> C:\Windows\system32\DRIVERS\Accelern.sys [?] R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\system32\DRIVERS\CtClsFlt.sys --> C:\Windows\system32\DRIVERS\CtClsFlt.sys [?] R3 huawei_enumerator;huawei_enumerator;C:\Windows\system32\DRIVERS\ew_jubusenum.sys --> C:\Windows\system32\DRIVERS\ew_jubusenum.sys [?] R3 IntcDAud;Intel(R) Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys [?] R3 MEIx64;Intel(R) Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?] R3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\system32\DRIVERS\NETwNs64.sys --> C:\Windows\system32\DRIVERS\NETwNs64.sys [?] R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\system32\DRIVERS\nusb3hub.sys --> C:\Windows\system32\DRIVERS\nusb3hub.sys [?] R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\system32\DRIVERS\nusb3xhc.sys --> C:\Windows\system32\DRIVERS\nusb3xhc.sys [?] R3 qicflt;upper Device Filter Driver;C:\Windows\system32\DRIVERS\qicflt.sys --> C:\Windows\system32\DRIVERS\qicflt.sys [?] R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?] R3 Sftfs;Sftfs;C:\Windows\system32\DRIVERS\Sftfslh.sys --> C:\Windows\system32\DRIVERS\Sftfslh.sys [?] R3 Sftplay;Sftplay;C:\Windows\system32\DRIVERS\Sftplaylh.sys --> C:\Windows\system32\DRIVERS\Sftplaylh.sys [?] R3 Sftredir;Sftredir;C:\Windows\system32\DRIVERS\Sftredirlh.sys --> C:\Windows\system32\DRIVERS\Sftredirlh.sys [?] R3 Sftvol;Sftvol;C:\Windows\system32\DRIVERS\Sftvollh.sys --> C:\Windows\system32\DRIVERS\Sftvollh.sys [?] R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496] R3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504] R3 wdkmd;Intel WiDi KMD;C:\Windows\system32\DRIVERS\WDKMD.sys --> C:\Windows\system32\DRIVERS\WDKMD.sys [?] R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?] S2 CLKMSVC10_9EC60124;CyberLink Product - 2011/04/30 00:12:56;C:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe [2010-10-29 236016] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 gupdate;Tjänsten Google Update (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-2-28 136176] S2 RoxWatch12;Roxio Hard Drive Watcher 12;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-11-25 219632] S2 Telenor Mobile Partner. RunOuc;Telenor Mobile Partner. OUC;C:\Program Files (x86)\Telenor Mobile Partner\UpdateDog\ouc.exe [2012-2-28 246112] S2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-4-30 2656280] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-4-7 257696] S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;C:\Windows\system32\DRIVERS\ew_hwusbdev.sys --> C:\Windows\system32\DRIVERS\ew_hwusbdev.sys [?] S3 ew_usbenumfilter;huawei_CompositeFilter;C:\Windows\system32\DRIVERS\ew_usbenumfilter.sys --> C:\Windows\system32\DRIVERS\ew_usbenumfilter.sys [?] S3 ewusbmbb;HUAWEI USB-WWAN miniport;C:\Windows\system32\DRIVERS\ewusbwwan.sys --> C:\Windows\system32\DRIVERS\ewusbwwan.sys [?] S3 gupdatem;Tjänsten Google Update (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-2-28 136176] S3 Impcd;Impcd;C:\Windows\system32\DRIVERS\Impcd.sys --> C:\Windows\system32\DRIVERS\Impcd.sys [?] S3 JMCR;JMCR;C:\Windows\system32\DRIVERS\jmcr.sys --> C:\Windows\system32\DRIVERS\jmcr.sys [?] S3 massfilter_hs;ZTE HandSet Mass Storage Filter Driver;C:\Windows\system32\drivers\massfilter_hs.sys --> C:\Windows\system32\drivers\massfilter_hs.sys [?] S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-5-5 113120] S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2010-12-17 340240] S3 NisDrv;Microsoft Network Inspection System;C:\Windows\system32\DRIVERS\NisDrvWFP.sys --> C:\Windows\system32\DRIVERS\NisDrvWFP.sys [?] S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2012-3-26 291696] S3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\system32\drivers\nvhda64v.sys --> C:\Windows\system32\drivers\nvhda64v.sys [?] S3 NvStUSB;NVIDIA Stereoscopic 3D USB driver;C:\Windows\system32\DRIVERS\nvstusb.sys --> C:\Windows\system32\DRIVERS\nvstusb.sys [?] S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184] S3 RoxMediaDB12OEM;RoxMediaDB12OEM;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-11-25 1116656] S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?] S3 WatAdminSvc;Aktiveringsteknologier för Windows-tjänst;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?] S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-23 57184] . =============== Created Last 30 ================ . 2012-06-07 19:39:42 8955792 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{EF1B6B55-2677-4E6D-AF72-FE0BDA252F29}\mpengine.dll 2012-06-07 19:38:07 -------- d-sh--w- C:\$RECYCLE.BIN 2012-06-07 19:20:09 98816 ----a-w- C:\Windows\sed.exe 2012-06-07 19:20:09 518144 ----a-w- C:\Windows\SWREG.exe 2012-06-07 19:20:09 256000 ----a-w- C:\Windows\PEV.exe 2012-06-07 19:20:09 208896 ----a-w- C:\Windows\MBR.exe 2012-06-07 16:35:29 -------- d-----w- C:\Users\Sevket\AppData\Roaming\Malwarebytes 2012-06-07 16:35:12 -------- d-----w- C:\ProgramData\Malwarebytes 2012-06-07 16:35:11 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys 2012-06-07 16:35:11 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2012-06-07 15:46:10 -------- d-----w- C:\Users\Sevket\AppData\Local\{B94A15F4-8F2F-43D3-935E-A20419E2D8BA} 2012-06-07 15:45:29 -------- d-----w- C:\Users\Sevket\AppData\Local\{1701EAF8-18BA-45D3-BE76-14A685538CEB} 2012-06-06 19:31:28 770384 ----a-w- C:\Program Files (x86)\Mozilla Firefox\msvcr100.dll 2012-06-06 19:31:28 421200 ----a-w- C:\Program Files (x86)\Mozilla Firefox\msvcp100.dll 2012-06-06 16:00:22 8955792 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2012-06-06 10:59:37 -------- d-----w- C:\Users\Sevket\AppData\Local\{87866375-B9C4-410D-8C16-906D44EA036C} 2012-06-06 10:59:15 -------- d-----w- C:\Users\Sevket\AppData\Local\{55CF67D8-73C5-4A71-8DB5-F65253163136} 2012-06-04 21:03:36 -------- d-----w- C:\Users\Sevket\AppData\Local\{FB04F855-8E1E-480A-9792-F39F34E96976} 2012-06-04 21:03:15 -------- d-----w- C:\Users\Sevket\AppData\Local\{012F0FCA-313A-4A99-97CF-8F79EB7AC829} 2012-06-03 12:20:52 -------- d-----w- C:\Users\Sevket\AppData\Local\{9BFA623E-3E01-4641-843C-520DC3E974FD} 2012-06-03 00:20:15 -------- d-----w- C:\Users\Sevket\AppData\Local\{DA5A3079-8D43-45F9-9E50-924A7FFC00DC} 2012-06-03 00:20:00 -------- d-----w- C:\Users\Sevket\AppData\Local\{D5E90BA6-B796-4969-8E32-CE0A54846075} 2012-06-02 08:00:36 -------- d-----w- C:\Users\Sevket\AppData\Local\{9F4072B7-C916-43D6-9FA6-6E386A262359} 2012-06-02 08:00:25 -------- d-----w- C:\Users\Sevket\AppData\Local\{AAD60CC8-9196-4A8C-92BC-1BD25AC4485A} 2012-06-01 14:01:10 -------- d-----w- C:\Users\Sevket\AppData\Local\{C8A8F95B-ECA9-410E-A03D-FD6306B1A2A4} 2012-06-01 14:00:44 -------- d-----w- C:\Users\Sevket\AppData\Local\{718EDF62-C0E6-4B9D-A0F8-0AB569C11337} 2012-05-31 06:37:53 -------- d-----w- C:\Users\Sevket\AppData\Local\{6FC95CB2-9CC5-4294-8A97-0EF72B396308} 2012-05-31 06:37:42 -------- d-----w- C:\Users\Sevket\AppData\Local\{7FC442B5-6002-4CFF-AA3A-31157B9D0790} 2012-05-29 12:49:56 -------- d-----w- C:\Users\Sevket\AppData\Local\{0B3544D2-1ACE-486A-9CB2-AE3F4A1DAAB0} 2012-05-29 12:49:45 -------- d-----w- C:\Users\Sevket\AppData\Local\{0E63C6F5-26BF-4A9D-BD1F-54CAA9EC4965} 2012-05-28 21:39:21 -------- d-----w- C:\Users\Sevket\AppData\Local\{A2D5CEFC-2E3E-4F94-BAE2-569E08E7C5C9} 2012-05-28 21:39:03 -------- d-----w- C:\Users\Sevket\AppData\Local\{A41159FE-482F-4CA0-87FD-B23967808D6A} 2012-05-24 09:10:03 -------- d-----w- C:\Users\Sevket\AppData\Local\{C332719F-3B05-4F32-9B7C-C4C358F12265} 2012-05-24 09:09:52 -------- d-----w- C:\Users\Sevket\AppData\Local\{A1020D66-E11F-4DC2-B02A-7D31244115EA} 2012-05-21 12:12:05 -------- d-----w- C:\Users\Sevket\AppData\Local\{852E3D51-0401-40B9-B53A-EE23E6E67F82} 2012-05-21 12:11:54 -------- d-----w- C:\Users\Sevket\AppData\Local\{D6B5CC97-1127-450E-97AD-1D7C254836F7} 2012-05-21 00:11:37 -------- d-----w- C:\Users\Sevket\AppData\Local\{DD2D1B6D-C551-4855-AFA0-C66213B06BE2} 2012-05-21 00:11:20 -------- d-----w- C:\Users\Sevket\AppData\Local\{2A5210E7-0312-4DE2-B1FB-5F281FCAE935} 2012-05-20 12:10:49 -------- d-----w- C:\Users\Sevket\AppData\Local\{F74B5FCD-03E0-425B-98DD-220A9D962171} 2012-05-20 12:10:35 -------- d-----w- C:\Users\Sevket\AppData\Local\{60EAB4DF-C35F-456F-84A4-D78252B08A64} 2012-05-20 11:28:36 -------- d---a-w- C:\Users\Sevket\.android 2012-05-20 11:28:32 38424 ----a-w- C:\Windows\System32\drivers\androidusb.sys 2012-05-20 11:28:32 129304 ----a-w- C:\Windows\System32\drivers\zghsvousb.sys 2012-05-20 11:28:32 129304 ----a-w- C:\Windows\System32\drivers\zghsnmea.sys 2012-05-20 11:28:32 129304 ----a-w- C:\Windows\System32\drivers\zghsdiag.sys 2012-05-20 11:28:32 129304 ----a-w- C:\Windows\System32\drivers\zghsat.sys 2012-05-20 11:28:32 127056 ----a-w- C:\Windows\System32\drivers\zghsmdm.sys 2012-05-20 11:28:32 11776 ----a-w- C:\Windows\System32\drivers\massfilter_hs.sys 2012-05-20 11:28:27 96256 ----a-w- C:\Windows\AdbWinApi.dll 2012-05-20 11:28:27 584584 ----a-w- C:\Windows\adb.exe 2012-05-20 11:28:27 -------- d-----w- C:\Program Files\ZTE Handset USB Driver 2012-05-19 10:19:56 -------- d-----w- C:\Users\Sevket\AppData\Local\{E6621AF1-7DBA-4D5F-A576-D39A81383D70} 2012-05-19 10:19:44 -------- d-----w- C:\Users\Sevket\AppData\Local\{9B438B85-8BE5-4B6F-A7A3-744A044A050A} 2012-05-18 20:19:03 -------- d-----w- C:\Users\Sevket\AppData\Local\{63B72367-6370-45DD-B158-CC3FF1B86768} 2012-05-18 20:18:48 -------- d-----w- C:\Users\Sevket\AppData\Local\{93A720B9-0D42-4ED6-8AD5-5938FDF5769B} 2012-05-17 17:30:19 -------- d-----w- C:\Users\Sevket\AppData\Local\{C1E69500-D1B4-44CA-B366-322EBEB2E7F7} 2012-05-17 17:30:08 -------- d-----w- C:\Users\Sevket\AppData\Local\{E7E6D606-0184-4810-88D8-504702B1B9DD} 2012-05-16 22:04:13 -------- d-----w- C:\Users\Sevket\AppData\Local\{478F15A1-0568-4A9F-97F9-83718AF278CE} 2012-05-16 22:04:01 -------- d-----w- C:\Users\Sevket\AppData\Local\{220199A6-ACF7-425F-A979-64F0441DEB3B} 2012-05-14 13:06:42 -------- d-----w- C:\Users\Sevket\AppData\Local\{B1F88348-CFE8-43F5-94AB-80BDD652EFDC} 2012-05-14 13:06:31 -------- d-----w- C:\Users\Sevket\AppData\Local\{C1AA0329-45F9-43EE-9BFD-0790766B8D5C} 2012-05-12 23:12:43 -------- d-----w- C:\Users\Sevket\AppData\Local\{7A55E381-DEA8-46F3-91A8-6DA10BBF35F5} 2012-05-12 23:12:32 -------- d-----w- C:\Users\Sevket\AppData\Local\{743497AD-6788-403F-8E90-66776FF7D850} 2012-05-12 19:57:24 -------- d-----w- C:\Users\Sevket\AppData\Local\{4D6D8F6E-FC07-41CD-96B5-A17AFED93972} 2012-05-12 19:56:59 -------- d-----w- C:\Users\Sevket\AppData\Local\{344A5395-59CE-4333-9A0D-295430B4AE55} 2012-05-11 19:02:12 -------- d-----w- C:\Users\Sevket\AppData\Local\{B16D0A71-CB5B-4198-BC01-2B563FB8500D} 2012-05-11 19:01:53 -------- d-----w- C:\Users\Sevket\AppData\Local\{9BAC8E84-9E0B-4575-B42E-32F41256F5B3} 2012-05-10 02:01:29 -------- d-----w- C:\Users\Sevket\AppData\Local\{B92B4582-A1D1-4FE3-BEE7-2796DD35A13B} 2012-05-10 02:01:18 -------- d-----w- C:\Users\Sevket\AppData\Local\{73AF87B3-D701-4A4D-8203-BCCEF98CE1E3} 2012-05-09 22:12:11 1544704 ----a-w- C:\Windows\System32\DWrite.dll 2012-05-09 22:12:11 1077248 ----a-w- C:\Windows\SysWow64\DWrite.dll 2012-05-09 22:12:10 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe 2012-05-09 22:12:09 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe 2012-05-09 22:12:09 3146240 ----a-w- C:\Windows\System32\win32k.sys 2012-05-09 22:12:08 3913072 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe 2012-05-09 22:11:09 75120 ----a-w- C:\Windows\System32\drivers\partmgr.sys 2012-05-09 22:10:30 1918320 ----a-w- C:\Windows\System32\drivers\tcpip.sys 2012-05-09 22:10:23 936960 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\ink\journal.dll 2012-05-09 22:10:23 1732096 ----a-w- C:\Program Files\Windows Journal\NBDoc.DLL 2012-05-09 22:10:23 1367552 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ink\journal.dll 2012-05-09 22:10:22 1402880 ----a-w- C:\Program Files\Windows Journal\JNWDRV.dll 2012-05-09 22:10:22 1393664 ----a-w- C:\Program Files\Windows Journal\JNTFiltr.dll 2012-05-09 11:51:24 -------- d-----w- C:\Users\Sevket\AppData\Local\{3C6057E0-A54F-44D6-AA8A-80085FDF884A} 2012-05-09 11:51:13 -------- d-----w- C:\Users\Sevket\AppData\Local\{F5AD9EDE-73B6-4D15-8B94-1A461B3D8369} . ==================== Find3M ==================== . 2012-05-05 14:58:35 70304 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2012-05-05 14:58:35 419488 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2012-05-05 14:58:23 8744608 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe 2012-03-20 18:44:12 98688 ----a-w- C:\Windows\System32\drivers\NisDrvWFP.sys 2012-03-20 18:44:12 203888 ----a-w- C:\Windows\System32\drivers\MpFilter.sys . ============= FINISH: 22:28:22,69 =============== Citera Länk till kommentar Dela på andra webbplatser Fler delningsalternativ...
Musten Postad Juni 7, 2012 Författare Dela Postad Juni 7, 2012 Och den där rutan kom inte upp denna gången, och den gav ingen respons när man tryckte på "växla till" tidigare.... Citera Länk till kommentar Dela på andra webbplatser Fler delningsalternativ...
Cecilia Postad Juni 7, 2012 Dela Postad Juni 7, 2012 Vad bra att rutan har försvunnit. Nu återstår bara en sista städomgång: 1. Avinstallation av ComboFix Tryck Windows-tangenten + R Kopiera och klistra in denna rad: ComboFix /Uninstall Observera att det är ett mellanrum före / Klicka på OK. 2. Ladda ner avinstallationsprogrammet OTC till Skrivbordet. http://oldtimer.geekstogo.com/OTC.exe Dubbelklicka på filen för att starta programmet. Tryck på knappen CleanUp! och DDS kommer att avinstalleras efter en omstart av datorn. Ta bort eventuella loggar. 3. Byt alla lösenord som du använder i datorn och på internet eftersom dessa kan ha kommit i orätta händer. http://mnin.blogspot.com/2009/02/why-i-enjoyed-tiggersyzor.html beskriver ett skadligt program som spionerar genom att ta skärmbilder, logga tangentbordsnedtryckningar och läsa lösenord som är lagrade i webbläsare, epostprogram etc. 4. Förbättra skyddet i datorn, se mina Råd för en säkrare dator: http://ceciliasec.wordpress.com/rad/ Det är väldigt viktigt att hålla alla program i datorn uppdaterade, och inte bara Windows. Det ser ut som att det finns en gammal Java-version med kända säkerhetshål installerad och det kan vara anledningen till att datorn blev infekterad av Security Shield. Men eftersom det kan finnas fler gamla versioner så kör gärna Secunias program som jag har en länk till på min webbsida. Citera Länk till kommentar Dela på andra webbplatser Fler delningsalternativ...
jarru Postad Juni 8, 2012 Dela Postad Juni 8, 2012 Det blir en rätt värdelös instruktion. Jag säger inte emot, men vet man vilken "random-process" och vilka "random-mappar" inte ska finnas med, går det att rensa manuellt. Det beror på hur insatt man är i OS:et, men du håller på och löser problemet hursomhelst. Citera Länk till kommentar Dela på andra webbplatser Fler delningsalternativ...
bengsi Postad Augusti 2, 2012 Dela Postad Augusti 2, 2012 Hej! Fick precis också Security Shield på dator, och har panik - får inte bort det. Har redan försökt med den här guiden, http://www.bleepingcomputer.com/virus-removal/remove-security-shield, men det funkade inte :/ Någon snäll och kunnig människa som kan hjälpa mig? Citera Länk till kommentar Dela på andra webbplatser Fler delningsalternativ...
bengsi Postad Augusti 3, 2012 Dela Postad Augusti 3, 2012 . DDS (Ver_2011-08-26.01) - NTFSAMD64 NETWORK Internet Explorer: 9.0.8112.16421 Run by Emma at 9:50:28 on 2012-08-03 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.46.1053.18.3950.3237 [GMT 2:00] . AV: McAfee Antivirus och antispionprogram *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: McAfee Antivirus och antispionprogram *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A} FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\SYSTEM32\WISPTIS.EXE C:\Windows\system32\mfevtps.exe C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\SYSTEM32\WISPTIS.EXE C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe C:\Windows\Explorer.EXE C:\Windows\system32\ctfmon.exe c:\PROGRA~1\mcafee.com\agent\mcagent.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\conhost.exe C:\Windows\SysWOW64\cscript.exe C:\Windows\system32\wbem\wmiprvse.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.google.com/ uDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=SVEC&bmod=EU01 mStart Page = hxxp://search.myheritage.com uURLSearchHooks: MHURLSearchHook Class: {1c4ab6a5-595f-4e86-b15f-f93cce2bbd48} - C:\Program Files (x86)\Celebrity Toolbar\tbhelper.dll uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll BHO: MHTBPos00 Class: {0c37b053-fd68-456a-82e1-d788ee342e6f} - C:\Program Files (x86)\Celebrity Toolbar\tbcore3.dll BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120629133947.dll BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: e-kort Helper Class: {9065e913-4f23-4b47-9b5d-b055d32db1f3} - C:\Program Files (x86)\ekort\EKortHelper.dll BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll BHO: CMySite Class: {d62ec836-bf1e-4cac-81be-fb9179835d8e} - C:\Program Files (x86)\Celebrity Toolbar\mhxpcomi.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll TB: e-kort Toolbar: {8db2b2e8-579f-48a8-a496-18fefcf8f4df} - C:\Program Files (x86)\ekort\EKortToolbar.dll TB: Celebrity Toolbar: {fd2fd708-1f6f-4b68-b141-c5778f0c19bb} - C:\Program Files (x86)\Celebrity Toolbar\tbcore3.dll TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" uRun: [sansaDispatch] C:\Users\Emma\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe uRun: [spotify Web Helper] "C:\Users\Emma\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" uRun: [AdobeBridge] mRun: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe mRun: [iSBMgr.exe] "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe" mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun mRun: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED mRun: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe mRun: [MarketingTools] C:\Program Files (x86)\Sony\Marketing Tools\MarketingTools.exe mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [e-kort] C:\PROGRA~2\ekort\ekort.exe /dontopenmycards /Autostart mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey mRun: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin mRun: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe StartupFolder: C:\Users\Emma\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ADOBEG~1.LNK - C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe StartupFolder: C:\Users\Emma\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\SKRMUR~1.LNK - C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BANKID~1.LNK - C:\Program Files (x86)\Personal\bin\Personal.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files (x86)\WIDCOMM\Bluetooth Software\BTTray.exe mPolicies-explorer: NoActiveDesktop = 1 (0x1) mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0) mPolicies-system: ConsentPromptBehaviorUser = 0 (0x0) mPolicies-system: EnableLUA = 0 (0x0) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL IE: {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - {BC0E0A5D-AB5A-4fa4-A5FA-280E1D58EEEE} - C:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/sites/production/ieawsdc32.cab DPF: {402EE96E-2CE8-482D-ADA5-CECEEA07E16D} - hxxp://www.turntool.com/ViewerInstall.exe DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} - hxxp://www.fujidirekt.se/aurigma/ImageUploader5.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab TCP: DhcpNameServer = 192.168.1.1 TCP: Interfaces\{36601CEE-D5D8-49CC-9878-7011DD745294} : DhcpNameServer = 192.168.1.1 TCP: Interfaces\{6D7BD819-48F2-4E64-8CDB-988BAD52DF69} : DhcpNameServer = 195.54.122.199 195.54.122.204 Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\McAfee\MSC\McSnIePl.dll Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\McAfee\SITEAD~1\McIEPlg.dll Handler: mhtb - {669A2A3A-F19C-452D-800D-1240299756C1} - C:\Program Files (x86)\Celebrity Toolbar\mhxpcomi.dll Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\McAfee\SITEAD~1\McIEPlg.dll Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll Notify: VESWinlogon - VESWinlogon.dll {0C37B053-FD68-456a-82E1-D788EE342E6F} {18DF081C-E8AD-4283-A596-FA578C2EBDC3} {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} {7DB2D5A0-7241-4E79-B68D-6309F01C5231} {9030D464-4C02-4ABF-8ECC-5164760863C6} {9065E913-4F23-4B47-9B5D-B055D32DB1F3} {AA58ED58-01DD-4d91-8333-CF10577473F7} {B164E929-A1B6-4A06-B104-2CD0E90A88FF} {D62EC836-BF1E-4CAC-81BE-FB9179835D8E} {DBC80044-A445-435b-BC74-9C25C1C588A9} {8DB2B2E8-579F-48A8-A496-18FEFCF8F4DF} {FD2FD708-1F6F-4B68-B141-C5778F0C19BB} {2318C2B1-4965-11d4-9B18-009027A5CD4F} {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} mRun-x64: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe mRun-x64: [iSBMgr.exe] "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe" mRun-x64: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun mRun-x64: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED mRun-x64: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe mRun-x64: [MarketingTools] C:\Program Files (x86)\Sony\Marketing Tools\MarketingTools.exe mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun-x64: [e-kort] C:\PROGRA~2\ekort\ekort.exe /dontopenmycards /Autostart mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun-x64: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey mRun-x64: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin mRun-x64: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe IE-X64: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm Hosts: 78.46.61.26 www.google-analytics.com. Hosts: 78.46.61.26 ad-emea.doubleclick.net. Hosts: 78.46.61.26 www.statcounter.com. Hosts: 108.163.215.51 www.google-analytics.com. Hosts: 108.163.215.51 ad-emea.doubleclick.net. . Note: multiple HOSTS entries found. Please refer to Attach.txt . ============= SERVICES / DRIVERS =============== . R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\system32\drivers\mfehidk.sys --> C:\Windows\system32\drivers\mfehidk.sys [?] R0 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\system32\drivers\mfewfpk.sys --> C:\Windows\system32\drivers\mfewfpk.sys [?] R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?] R1 mfenlfk;McAfee NDIS Light Filter;C:\Windows\system32\DRIVERS\mfenlfk.sys --> C:\Windows\system32\DRIVERS\mfenlfk.sys [?] R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?] R2 McMPFSvc;McAfee Personal Firewall Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-6-29 249936] R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [2012-6-29 210616] R2 mfevtp;McAfee Validation Trust Protection Service;"C:\Windows\system32\mfevtps.exe" --> C:\Windows\system32\mfevtps.exe [?] R2 rimspci;rimspci;C:\Windows\system32\drivers\rimssne64.sys --> C:\Windows\system32\drivers\rimssne64.sys [?] R2 risdsnpe;risdsnpe;C:\Windows\system32\drivers\risdsne64.sys --> C:\Windows\system32\drivers\risdsne64.sys [?] R3 HECIx64;Intel® Management Engine Interface;C:\Windows\system32\drivers\HECIx64.sys --> C:\Windows\system32\drivers\HECIx64.sys [?] R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\system32\drivers\mfefirek.sys --> C:\Windows\system32\drivers\mfefirek.sys [?] R3 SFEP;Sony Firmware Extension Parser;C:\Windows\system32\drivers\SFEP.sys --> C:\Windows\system32\drivers\SFEP.sys [?] R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk62x64.sys --> C:\Windows\system32\DRIVERS\yk62x64.sys [?] S2 0048881343150844mcinstcleanup;McAfee Application Installer Cleanup (0048881343150844);C:\Windows\TEMP\004888~1.EXE -cleanup -nolog --> C:\Windows\TEMP\004888~1.EXE -cleanup -nolog [?] S2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-1-13 133104] S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2009-12-28 13336] S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-8-2 655944] S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-6-29 249936] S2 McNaiAnn;McAfee VirusScan Announcer;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-6-29 249936] S2 McProxy;McAfee Proxy Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-6-29 249936] S2 McShield;McAfee McShield;C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe [2012-6-29 199304] S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;C:\Program Files (x86)\SONY\PMB\PMBDeviceInfoProvider.exe [2009-10-24 360224] S2 Roxio Upnp Server 10;Roxio Upnp Server 10;C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe [2009-8-31 362992] S2 SampleCollector;VAIO Care Performance Service;C:\Program Files\Sony\VAIO Care\VCPerfService.exe [2011-12-15 259192] S2 uCamMonitor;CamMonitor;C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2010-1-13 104960] S2 UNS;Intel® Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2009-12-28 2320920] S2 VCFw;VAIO Content Folder Watcher;C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2009-9-14 642416] S2 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2010-2-19 529776] S2 VSNService;VSNService;C:\Program Files\Sony\VAIO Smart Network\VSNService.exe [2010-1-13 821760] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-4-2 250056] S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys --> C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys [?] S3 btusbflt;Bluetooth USB Filter;C:\Windows\system32\drivers\btusbflt.sys --> C:\Windows\system32\drivers\btusbflt.sys [?] S3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\system32\DRIVERS\btwl2cap.sys --> C:\Windows\system32\DRIVERS\btwl2cap.sys [?] S3 cfwids;McAfee Inc. cfwids;C:\Windows\system32\drivers\cfwids.sys --> C:\Windows\system32\drivers\cfwids.sys [?] S3 fssfltr;fssfltr;C:\Windows\system32\DRIVERS\fssfltr.sys --> C:\Windows\system32\DRIVERS\fssfltr.sys [?] S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-3-8 1492840] S3 gupdatem;Tjänsten Google Update (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-1-13 133104] S3 Impcd;Impcd;C:\Windows\system32\drivers\Impcd.sys --> C:\Windows\system32\drivers\Impcd.sys [?] S3 IntcDAud;Intel® Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys --> C:\Windows\system32\DRIVERS\IntcDAud.sys [?] S3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?] S3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\system32\drivers\mfeavfk.sys --> C:\Windows\system32\drivers\mfeavfk.sys [?] S3 mferkdet;McAfee Inc. mferkdet;C:\Windows\system32\drivers\mferkdet.sys --> C:\Windows\system32\drivers\mferkdet.sys [?] S3 Roxio UPnP Renderer 10;Roxio UPnP Renderer 10;C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [2009-8-31 313840] S3 SOHCImp;VAIO Media plus Content Importer;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2010-1-13 120104] S3 SOHDBSvr;VAIO Media plus Database Manager;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe [2010-1-13 70952] S3 SOHDms;VAIO Media plus Digital Media Server;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2010-1-13 427304] S3 SOHDs;VAIO Media plus Device Searcher;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2010-1-13 75048] S3 SOHPlMgr;VAIO Media plus Playlist Manager;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe [2010-1-13 91432] S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096] S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?] S3 VAIO Power Management;VAIO Power Management;C:\Program Files\Sony\VAIO Power Management\SPMService.exe [2010-1-13 571248] S3 WatAdminSvc;Aktiveringsteknologier för Windows-tjänst;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?] S3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2010-1-13 361840] S3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2010-2-19 115568] S3 VCService;VCService;C:\Program Files\Sony\VAIO Care\VCService.exe [2011-12-15 44736] S3 VUAgent;VUAgent;C:\Program Files\Sony\VAIO Update Common\VUAgent.exe [2012-1-13 1256040] . =============== Created Last 30 ================ . 2012-08-02 20:00:52 98816 ----a-w- C:\Windows\sed.exe 2012-08-02 20:00:52 518144 ----a-w- C:\Windows\SWREG.exe 2012-08-02 20:00:52 256000 ----a-w- C:\Windows\PEV.exe 2012-08-02 20:00:52 208896 ----a-w- C:\Windows\MBR.exe 2012-08-02 20:00:44 -------- d-s---w- C:\ComboFix 2012-08-02 18:06:31 -------- d-----w- C:\Users\Emma\AppData\Roaming\Malwarebytes 2012-08-02 18:06:21 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys 2012-08-02 18:06:21 -------- d-----w- C:\ProgramData\Malwarebytes 2012-08-02 18:06:21 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2012-08-02 15:26:44 454656 ----a-w- C:\Users\Emma\AppData\Local\eodpmun.exe 2012-08-01 22:50:34 -------- d-----w- C:\ProgramData\7531CC77000844B0C9AE2DF4F875F002 2012-07-12 20:05:44 -------- d-----w- C:\Users\Emma\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1 2012-07-12 20:02:52 -------- d-----w- C:\ProgramData\regid.1986-12.com.adobe 2012-07-12 20:00:48 -------- d-----w- C:\ProgramData\ALM 2012-07-12 18:50:37 -------- d-----w- C:\Users\Emma\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant 2012-07-12 18:50:32 -------- d-----w- C:\Program Files (x86)\Adobe Download Assistant 2012-07-12 00:02:14 3148800 ----a-w- C:\Windows\System32\win32k.sys 2012-07-11 23:58:00 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2012-07-11 23:58:00 2382848 ----a-w- C:\Windows\System32\mshtml.tlb 2012-07-11 17:18:22 2004480 ----a-w- C:\Windows\System32\msxml6.dll 2012-07-11 17:17:59 212992 ----a-w- C:\Program Files (x86)\Common Files\System\msadc\msadco.dll 2012-07-11 17:17:58 372736 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msadox.dll 2012-07-11 17:17:58 143360 ----a-w- C:\Program Files (x86)\Common Files\System\ado\msjro.dll 2012-07-11 17:17:57 1133568 ----a-w- C:\Windows\System32\cdosys.dll . ==================== Find3M ==================== . 2012-07-28 11:43:33 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2012-07-28 11:43:33 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2012-06-06 06:06:16 1881600 ----a-w- C:\Windows\System32\msxml3.dll 2012-06-06 05:05:52 1390080 ----a-w- C:\Windows\SysWow64\msxml6.dll 2012-06-06 05:05:52 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll 2012-06-06 05:03:06 805376 ----a-w- C:\Windows\SysWow64\cdosys.dll 2012-06-02 22:15:31 2622464 ----a-w- C:\Windows\System32\wucltux.dll 2012-06-02 22:15:08 99840 ----a-w- C:\Windows\System32\wudriver.dll 2012-06-02 13:19:42 186752 ----a-w- C:\Windows\System32\wuwebv.dll 2012-06-02 13:15:12 36864 ----a-w- C:\Windows\System32\wuapp.exe 2012-06-02 12:12:17 2311680 ----a-w- C:\Windows\System32\jscript9.dll 2012-06-02 12:05:28 1392128 ----a-w- C:\Windows\System32\wininet.dll 2012-06-02 12:04:50 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl 2012-06-02 12:01:40 173056 ----a-w- C:\Windows\System32\ieUnatt.exe 2012-06-02 08:33:25 1800192 ----a-w- C:\Windows\SysWow64\jscript9.dll 2012-06-02 08:25:08 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll 2012-06-02 08:25:03 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl 2012-06-02 08:20:33 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe 2012-06-02 05:50:10 458704 ----a-w- C:\Windows\System32\drivers\cng.sys 2012-06-02 05:48:16 95600 ----a-w- C:\Windows\System32\drivers\ksecdd.sys 2012-06-02 05:48:16 151920 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys 2012-06-02 05:45:31 340992 ----a-w- C:\Windows\System32\schannel.dll 2012-06-02 05:44:21 307200 ----a-w- C:\Windows\System32\ncrypt.dll 2012-06-02 04:40:42 22016 ----a-w- C:\Windows\SysWow64\secur32.dll 2012-06-02 04:40:39 225280 ----a-w- C:\Windows\SysWow64\schannel.dll 2012-06-02 04:39:10 219136 ----a-w- C:\Windows\SysWow64\ncrypt.dll 2012-06-02 04:34:09 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll 2012-05-25 15:13:54 162224 ----a-w- C:\Windows\System32\mfevtps.exe . ============= FINISH: 9:51:52,28 =============== Attach.zip Citera Länk till kommentar Dela på andra webbplatser Fler delningsalternativ...
bengsi Postad Augusti 3, 2012 Dela Postad Augusti 3, 2012 Detta var vad jag fick fram från DDS. Körde den i felsäkert läge, vet inte om det spelar någon roll. Citera Länk till kommentar Dela på andra webbplatser Fler delningsalternativ...
MrO Postad Augusti 3, 2012 Dela Postad Augusti 3, 2012 (redigerade) Hej! 1.Avinstallera Celebrity Toolbar,läs om den här: http://www.systemloo...helper_dll.html 2.Spara TDSSKiller på Skrivbordet: http://support.kaspe.../tdsskiller.zip Högerklicka och välj Extrahera alla. Kom ihåg var du packar upp filen. Stäng av dina vanliga program, men du kan lämna antivirusprogram och liknande igång. Kör programmet TDSSKiller.exe som finns i mappen där du packade upp filerna. Klicka på Start Scan. Om några malicious hittas så välj Cure och klicka på Continue. Om inte Cure finns så välj Skip. Om några suspicious hittas så välj Skip och klicka på Continue. Välj INTE Quarantine eller Delete. Eventuellt behöver datorn startas om. Klistra in innehållet i loggen som du hittar i C:\ med namnet TDSSKiller följt av version och tidpunkt. 3.Spara aswMBR på skrivbordet: http://public.avast....erek/aswMBR.exe Starta om datorn och låt bli att starta några program. Dubbel-klicka på aswMBR.exe för att köra programmet. Klicka på Scan-knappen för att börja genomsökningen. När den är klar så spara (Save) loggen på skrivbordet. Klistra in loggen i ditt svar här. 4.Spara RougueKiller på Skrivbordet. http://www.sur-la-to...om/RogueKiller/ Stäng av alla program. Kör RogueKiller. Om det inte går att köra så pröva med att döpa om programmet till winlogon. Vänta tills "Prescan" har avslutats. Klicka på "Scan"-knappen uppe till höger. Vänta tills skanningen är klar. En rapport ska då ha skapats på Skrivbordet. Om något har hittats så klicka på "Delete"-knappen. En till rapport ska då ha skapats på Skrivbordet. Klicka på "ShortcutsFix"-knappen. En till rapport ska då ha skapats på Skrivbordet. Klistra in innehållet i alla "RKreport.txt", som finns på Skrivbordet, i ditt svar! Mvh MrO Redigerad Augusti 3, 2012 av MrO Citera Länk till kommentar Dela på andra webbplatser Fler delningsalternativ...
bengsi Postad Augusti 3, 2012 Dela Postad Augusti 3, 2012 11:23:17.0739 3600 TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32 11:23:18.0269 3600 ============================================================ 11:23:18.0269 3600 Current date / time: 2012/08/03 11:23:18.0269 11:23:18.0269 3600 SystemInfo: 11:23:18.0269 3600 11:23:18.0269 3600 OS Version: 6.1.7601 ServicePack: 1.0 11:23:18.0269 3600 Product type: Workstation 11:23:18.0269 3600 ComputerName: EMMA-VAIO 11:23:18.0269 3600 UserName: Emma 11:23:18.0269 3600 Windows directory: C:\Windows 11:23:18.0269 3600 System windows directory: C:\Windows 11:23:18.0269 3600 Running under WOW64 11:23:18.0269 3600 Processor architecture: Intel x64 11:23:18.0269 3600 Number of processors: 4 11:23:18.0269 3600 Page size: 0x1000 11:23:18.0269 3600 Boot type: Safe boot with network 11:23:18.0269 3600 ============================================================ 11:23:18.0722 3600 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 11:23:18.0722 3600 ============================================================ 11:23:18.0722 3600 \Device\Harddisk0\DR0: 11:23:18.0722 3600 MBR partitions: 11:23:18.0722 3600 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1C6C800, BlocksNum 0x32000 11:23:18.0722 3600 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1C9E800, BlocksNum 0x386E7030 11:23:18.0722 3600 ============================================================ 11:23:18.0737 3600 C: <-> \Device\Harddisk0\DR0\Partition1 11:23:18.0737 3600 ============================================================ 11:23:18.0737 3600 Initialize success 11:23:18.0737 3600 ============================================================ 11:23:32.0403 2528 ============================================================ 11:23:32.0403 2528 Scan started 11:23:32.0403 2528 Mode: Manual; 11:23:32.0403 2528 ============================================================ 11:23:33.0089 2528 0048881343150844mcinstcleanup - ok 11:23:33.0245 2528 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys 11:23:33.0448 2528 1394ohci - ok 11:23:33.0542 2528 ACDaemon (adc420616c501b45d26c0fd3ef1e54e4) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe 11:23:33.0542 2528 ACDaemon - ok 11:23:33.0604 2528 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys 11:23:33.0604 2528 ACPI - ok 11:23:33.0651 2528 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys 11:23:33.0651 2528 AcpiPmi - ok 11:23:33.0713 2528 Adobe LM Service (8b46d5a1d3ef08232c04d0eafb871fb2) C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe 11:23:33.0713 2528 Adobe LM Service - ok 11:23:33.0854 2528 AdobeFlashPlayerUpdateSvc (6c40d5ed8951ab7b90d08af655224ee4) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 11:23:33.0854 2528 AdobeFlashPlayerUpdateSvc - ok 11:23:33.0932 2528 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys 11:23:33.0963 2528 adp94xx - ok 11:23:34.0010 2528 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys 11:23:34.0025 2528 adpahci - ok 11:23:34.0057 2528 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys 11:23:34.0072 2528 adpu320 - ok 11:23:34.0103 2528 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll 11:23:34.0103 2528 AeLookupSvc - ok 11:23:34.0181 2528 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys 11:23:34.0181 2528 AFD - ok 11:23:34.0228 2528 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys 11:23:34.0228 2528 agp440 - ok 11:23:34.0259 2528 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe 11:23:34.0275 2528 ALG - ok 11:23:34.0306 2528 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys 11:23:34.0306 2528 aliide - ok 11:23:34.0369 2528 AMD External Events Utility (0773999e53bce395f2c76df004f1b814) C:\Windows\system32\atiesrxx.exe 11:23:34.0369 2528 AMD External Events Utility - ok 11:23:34.0400 2528 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys 11:23:34.0400 2528 amdide - ok 11:23:34.0447 2528 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys 11:23:34.0447 2528 AmdK8 - ok 11:23:34.0478 2528 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys 11:23:34.0478 2528 AmdPPM - ok 11:23:34.0525 2528 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys 11:23:34.0525 2528 amdsata - ok 11:23:34.0571 2528 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys 11:23:34.0587 2528 amdsbs - ok 11:23:34.0603 2528 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys 11:23:34.0603 2528 amdxata - ok 11:23:34.0649 2528 ApfiltrService (1661f9c9e4b0049fa0a5e30264375a87) C:\Windows\system32\drivers\Apfiltr.sys 11:23:34.0665 2528 ApfiltrService - ok 11:23:34.0712 2528 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys 11:23:34.0712 2528 AppID - ok 11:23:34.0727 2528 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll 11:23:34.0727 2528 AppIDSvc - ok 11:23:34.0774 2528 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll 11:23:34.0774 2528 Appinfo - ok 11:23:34.0837 2528 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys 11:23:34.0837 2528 arc - ok 11:23:34.0868 2528 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys 11:23:34.0868 2528 arcsas - ok 11:23:34.0899 2528 ArcSoftKsUFilter (c130bc4a51b1382b2be8e44579ec4c0a) C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys 11:23:34.0899 2528 ArcSoftKsUFilter - ok 11:23:34.0946 2528 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys 11:23:34.0946 2528 AsyncMac - ok 11:23:34.0993 2528 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys 11:23:34.0993 2528 atapi - ok 11:23:35.0133 2528 athr (0acc06fcf46f64ed4f11e57ee461c1f4) C:\Windows\system32\DRIVERS\athrx.sys 11:23:35.0164 2528 athr - ok 11:23:35.0710 2528 atikmdag (89a3d56ce4044f35b9d08dd37193bbfc) C:\Windows\system32\DRIVERS\atikmdag.sys 11:23:35.0819 2528 atikmdag - ok 11:23:36.0022 2528 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll 11:23:36.0038 2528 AudioEndpointBuilder - ok 11:23:36.0038 2528 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll 11:23:36.0038 2528 AudioSrv - ok 11:23:36.0100 2528 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll 11:23:36.0100 2528 AxInstSV - ok 11:23:36.0178 2528 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys 11:23:36.0194 2528 b06bdrv - ok 11:23:36.0256 2528 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys 11:23:36.0256 2528 b57nd60a - ok 11:23:36.0303 2528 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll 11:23:36.0303 2528 BDESVC - ok 11:23:36.0319 2528 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys 11:23:36.0319 2528 Beep - ok 11:23:36.0412 2528 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll 11:23:36.0459 2528 BFE - ok 11:23:36.0568 2528 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll 11:23:36.0615 2528 BITS - ok 11:23:36.0709 2528 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys 11:23:36.0709 2528 blbdrive - ok 11:23:36.0740 2528 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys 11:23:36.0740 2528 bowser - ok 11:23:36.0787 2528 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys 11:23:36.0787 2528 BrFiltLo - ok 11:23:36.0802 2528 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys 11:23:36.0802 2528 BrFiltUp - ok 11:23:36.0896 2528 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys 11:23:36.0896 2528 BridgeMP - ok 11:23:36.0927 2528 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll 11:23:36.0927 2528 Browser - ok 11:23:36.0974 2528 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys 11:23:36.0989 2528 Brserid - ok 11:23:37.0021 2528 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys 11:23:37.0021 2528 BrSerWdm - ok 11:23:37.0052 2528 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys 11:23:37.0052 2528 BrUsbMdm - ok 11:23:37.0067 2528 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys 11:23:37.0083 2528 BrUsbSer - ok 11:23:37.0145 2528 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys 11:23:37.0145 2528 BthEnum - ok 11:23:37.0208 2528 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys 11:23:37.0208 2528 BTHMODEM - ok 11:23:37.0239 2528 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys 11:23:37.0239 2528 BthPan - ok 11:23:37.0317 2528 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys 11:23:37.0333 2528 BTHPORT - ok 11:23:37.0379 2528 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll 11:23:37.0379 2528 bthserv - ok 11:23:37.0395 2528 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys 11:23:37.0395 2528 BTHUSB - ok 11:23:37.0442 2528 btusbflt (6e04458e98daf28826482e41a7a62df5) C:\Windows\system32\drivers\btusbflt.sys 11:23:37.0442 2528 btusbflt - ok 11:23:37.0489 2528 btwaudio (4bdbdb86abba924e029fb2683be7c505) C:\Windows\system32\drivers\btwaudio.sys 11:23:37.0489 2528 btwaudio - ok 11:23:37.0551 2528 btwavdt (5c849bd7c78791c5cee9f4651d7fe38d) C:\Windows\system32\drivers\btwavdt.sys 11:23:37.0551 2528 btwavdt - ok 11:23:37.0738 2528 btwdins (31da517946ffe416442e864592548f8a) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe 11:23:37.0754 2528 btwdins - ok 11:23:37.0785 2528 btwl2cap (6149301dc3f81d6f9667a3fbac410975) C:\Windows\system32\DRIVERS\btwl2cap.sys 11:23:37.0785 2528 btwl2cap - ok 11:23:37.0816 2528 btwrchid (3e1991afa851a36dc978b0a1b0535c8b) C:\Windows\system32\drivers\btwrchid.sys 11:23:37.0816 2528 btwrchid - ok 11:23:37.0847 2528 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys 11:23:37.0847 2528 cdfs - ok 11:23:37.0894 2528 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys 11:23:37.0894 2528 cdrom - ok 11:23:37.0941 2528 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll 11:23:37.0957 2528 CertPropSvc - ok 11:23:38.0019 2528 cfwids (274ce03459896006f7a5069266e0469e) C:\Windows\system32\drivers\cfwids.sys 11:23:38.0019 2528 cfwids - ok 11:23:38.0050 2528 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys 11:23:38.0050 2528 circlass - ok 11:23:38.0097 2528 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys 11:23:38.0113 2528 CLFS - ok 11:23:38.0175 2528 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 11:23:38.0175 2528 clr_optimization_v2.0.50727_32 - ok 11:23:38.0237 2528 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 11:23:38.0237 2528 clr_optimization_v2.0.50727_64 - ok 11:23:38.0331 2528 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 11:23:38.0331 2528 clr_optimization_v4.0.30319_32 - ok 11:23:38.0409 2528 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 11:23:38.0409 2528 clr_optimization_v4.0.30319_64 - ok 11:23:38.0440 2528 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys 11:23:38.0440 2528 CmBatt - ok 11:23:38.0471 2528 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys 11:23:38.0471 2528 cmdide - ok 11:23:38.0518 2528 CNG (9ac4f97c2d3e93367e2148ea940cd2cd) C:\Windows\system32\Drivers\cng.sys 11:23:38.0518 2528 CNG - ok 11:23:38.0581 2528 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys 11:23:38.0581 2528 Compbatt - ok 11:23:38.0612 2528 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys 11:23:38.0612 2528 CompositeBus - ok 11:23:38.0627 2528 COMSysApp - ok 11:23:38.0659 2528 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys 11:23:38.0659 2528 crcdisk - ok 11:23:38.0705 2528 CryptSvc (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll 11:23:38.0705 2528 CryptSvc - ok 11:23:38.0768 2528 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll 11:23:38.0768 2528 DcomLaunch - ok 11:23:38.0815 2528 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll 11:23:38.0830 2528 defragsvc - ok 11:23:38.0861 2528 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys 11:23:38.0861 2528 DfsC - ok 11:23:38.0924 2528 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll 11:23:38.0924 2528 Dhcp - ok 11:23:38.0955 2528 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys 11:23:38.0955 2528 discache - ok 11:23:38.0986 2528 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys 11:23:38.0986 2528 Disk - ok 11:23:39.0017 2528 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll 11:23:39.0033 2528 Dnscache - ok 11:23:39.0080 2528 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll 11:23:39.0080 2528 dot3svc - ok 11:23:39.0111 2528 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll 11:23:39.0111 2528 DPS - ok 11:23:39.0158 2528 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys 11:23:39.0158 2528 drmkaud - ok 11:23:39.0251 2528 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys 11:23:39.0267 2528 DXGKrnl - ok 11:23:39.0298 2528 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll 11:23:39.0298 2528 EapHost - ok 11:23:39.0501 2528 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys 11:23:39.0579 2528 ebdrv - ok 11:23:39.0688 2528 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe 11:23:39.0688 2528 EFS - ok 11:23:39.0782 2528 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe 11:23:39.0797 2528 ehRecvr - ok 11:23:39.0829 2528 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe 11:23:39.0829 2528 ehSched - ok 11:23:39.0907 2528 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys 11:23:39.0922 2528 elxstor - ok 11:23:39.0953 2528 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys 11:23:39.0953 2528 ErrDev - ok 11:23:40.0031 2528 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll 11:23:40.0031 2528 EventSystem - ok 11:23:40.0094 2528 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys 11:23:40.0094 2528 exfat - ok 11:23:40.0125 2528 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys 11:23:40.0141 2528 fastfat - ok 11:23:40.0203 2528 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe 11:23:40.0219 2528 Fax - ok 11:23:40.0250 2528 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys 11:23:40.0250 2528 fdc - ok 11:23:40.0281 2528 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll 11:23:40.0281 2528 fdPHost - ok 11:23:40.0297 2528 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll 11:23:40.0297 2528 FDResPub - ok 11:23:40.0328 2528 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys 11:23:40.0328 2528 FileInfo - ok 11:23:40.0328 2528 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys 11:23:40.0328 2528 Filetrace - ok 11:23:40.0359 2528 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys 11:23:40.0359 2528 flpydisk - ok 11:23:40.0421 2528 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys 11:23:40.0437 2528 FltMgr - ok 11:23:40.0531 2528 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll 11:23:40.0546 2528 FontCache - ok 11:23:40.0655 2528 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 11:23:40.0655 2528 FontCache3.0.0.0 - ok 11:23:40.0702 2528 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys 11:23:40.0702 2528 FsDepends - ok 11:23:40.0733 2528 fssfltr (07da62c960ddccc2d35836aeab4fc578) C:\Windows\system32\DRIVERS\fssfltr.sys 11:23:40.0733 2528 fssfltr - ok 11:23:40.0936 2528 fsssvc (28ddeeec44e988657b732cf404d504cb) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe 11:23:40.0999 2528 fsssvc - ok 11:23:41.0123 2528 Fs_Rec (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys 11:23:41.0139 2528 Fs_Rec - ok 11:23:41.0186 2528 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys 11:23:41.0186 2528 fvevol - ok 11:23:41.0248 2528 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys 11:23:41.0248 2528 gagp30kx - ok 11:23:41.0326 2528 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll 11:23:41.0342 2528 gpsvc - ok 11:23:41.0420 2528 gupdate (626a24ed1228580b9518c01930936df9) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 11:23:41.0435 2528 gupdate - ok 11:23:41.0482 2528 gupdatem (626a24ed1228580b9518c01930936df9) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 11:23:41.0482 2528 gupdatem - ok 11:23:41.0498 2528 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe 11:23:41.0498 2528 gusvc - ok 11:23:41.0529 2528 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys 11:23:41.0529 2528 hcw85cir - ok 11:23:41.0607 2528 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys 11:23:41.0623 2528 HdAudAddService - ok 11:23:41.0654 2528 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys 11:23:41.0654 2528 HDAudBus - ok 11:23:41.0701 2528 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\drivers\HECIx64.sys 11:23:41.0701 2528 HECIx64 - ok 11:23:41.0732 2528 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys 11:23:41.0732 2528 HidBatt - ok 11:23:41.0779 2528 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys 11:23:41.0779 2528 HidBth - ok 11:23:41.0794 2528 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys 11:23:41.0810 2528 HidIr - ok 11:23:41.0825 2528 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll 11:23:41.0825 2528 hidserv - ok 11:23:41.0872 2528 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys 11:23:41.0872 2528 HidUsb - ok 11:23:41.0919 2528 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll 11:23:41.0919 2528 hkmsvc - ok 11:23:41.0966 2528 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll 11:23:41.0981 2528 HomeGroupListener - ok 11:23:42.0028 2528 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll 11:23:42.0044 2528 HomeGroupProvider - ok 11:23:42.0091 2528 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys 11:23:42.0091 2528 HpSAMD - ok 11:23:42.0169 2528 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys 11:23:42.0169 2528 HTTP - ok 11:23:42.0200 2528 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys 11:23:42.0200 2528 hwpolicy - ok 11:23:42.0262 2528 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys 11:23:42.0262 2528 i8042prt - ok 11:23:42.0340 2528 iaStor (073a606333b6f7bbf20aa856df7f0997) C:\Windows\system32\drivers\iaStor.sys 11:23:42.0340 2528 iaStor - ok 11:23:42.0418 2528 IAStorDataMgrSvc (cc800d2d9fd467542bac7c186c4774ad) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe 11:23:42.0418 2528 IAStorDataMgrSvc - ok 11:23:42.0496 2528 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys 11:23:42.0496 2528 iaStorV - ok 11:23:42.0637 2528 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 11:23:42.0668 2528 idsvc - ok 11:23:43.0089 2528 igfx (31d1aff484d8a0906cf8d44251ec390f) C:\Windows\system32\DRIVERS\igdkmd64.sys 11:23:43.0261 2528 igfx - ok 11:23:43.0401 2528 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys 11:23:43.0401 2528 iirsp - ok 11:23:43.0479 2528 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll 11:23:43.0510 2528 IKEEXT - ok 11:23:43.0604 2528 Impcd (36fdf367a1dabff903e2214023d71368) C:\Windows\system32\drivers\Impcd.sys 11:23:43.0604 2528 Impcd - ok 11:23:43.0791 2528 IntcAzAudAddService (0f144e5f46cb9043004b5e84aa4bca6a) C:\Windows\system32\drivers\RTKVHD64.sys 11:23:43.0822 2528 IntcAzAudAddService - ok 11:23:43.0978 2528 IntcDAud (408b401cd7cdb075c7470b0ff7ba8d0b) C:\Windows\system32\DRIVERS\IntcDAud.sys 11:23:43.0978 2528 IntcDAud - ok 11:23:44.0025 2528 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys 11:23:44.0025 2528 intelide - ok 11:23:44.0072 2528 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\drivers\intelppm.sys 11:23:44.0072 2528 intelppm - ok 11:23:44.0103 2528 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll 11:23:44.0103 2528 IPBusEnum - ok 11:23:44.0150 2528 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys 11:23:44.0150 2528 IpFilterDriver - ok 11:23:44.0212 2528 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll 11:23:44.0228 2528 iphlpsvc - ok 11:23:44.0275 2528 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys 11:23:44.0275 2528 IPMIDRV - ok 11:23:44.0321 2528 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys 11:23:44.0321 2528 IPNAT - ok 11:23:44.0337 2528 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys 11:23:44.0337 2528 IRENUM - ok 11:23:44.0368 2528 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys 11:23:44.0368 2528 isapnp - ok 11:23:44.0431 2528 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys 11:23:44.0431 2528 iScsiPrt - ok 11:23:44.0477 2528 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys 11:23:44.0477 2528 kbdclass - ok 11:23:44.0509 2528 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys 11:23:44.0509 2528 kbdhid - ok 11:23:44.0555 2528 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 11:23:44.0555 2528 KeyIso - ok 11:23:44.0587 2528 KSecDD (97a7070aea4c058b6418519e869a63b4) C:\Windows\system32\Drivers\ksecdd.sys 11:23:44.0587 2528 KSecDD - ok 11:23:44.0633 2528 KSecPkg (26c43a7c2862447ec59deda188d1da07) C:\Windows\system32\Drivers\ksecpkg.sys 11:23:44.0633 2528 KSecPkg - ok 11:23:44.0680 2528 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys 11:23:44.0680 2528 ksthunk - ok 11:23:44.0743 2528 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll 11:23:44.0758 2528 KtmRm - ok 11:23:44.0821 2528 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\System32\srvsvc.dll 11:23:44.0836 2528 LanmanServer - ok 11:23:44.0867 2528 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll 11:23:44.0867 2528 LanmanWorkstation - ok 11:23:44.0914 2528 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys 11:23:44.0914 2528 lltdio - ok 11:23:44.0977 2528 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll 11:23:44.0992 2528 lltdsvc - ok 11:23:45.0023 2528 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll 11:23:45.0023 2528 lmhosts - ok 11:23:45.0117 2528 LMS (5460828f8951d310b42b442877603b8d) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe 11:23:45.0148 2528 LMS - ok 11:23:45.0195 2528 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys 11:23:45.0195 2528 LSI_FC - ok 11:23:45.0226 2528 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys 11:23:45.0226 2528 LSI_SAS - ok 11:23:45.0273 2528 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys 11:23:45.0273 2528 LSI_SAS2 - ok 11:23:45.0320 2528 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys 11:23:45.0320 2528 LSI_SCSI - ok 11:23:45.0367 2528 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys 11:23:45.0367 2528 luafv - ok 11:23:45.0445 2528 MBAMProtector (dc8490812a3b72811ae534f423b4c206) C:\Windows\system32\drivers\mbam.sys 11:23:45.0445 2528 MBAMProtector - ok 11:23:45.0523 2528 MBAMService (43683e970f008c93c9429ef428147a54) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe 11:23:45.0554 2528 MBAMService - ok 11:23:45.0694 2528 McAfee SiteAdvisor Service (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe 11:23:45.0694 2528 McAfee SiteAdvisor Service - ok 11:23:45.0710 2528 McMPFSvc (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe 11:23:45.0710 2528 McMPFSvc - ok 11:23:45.0741 2528 mcmscsvc (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe 11:23:45.0741 2528 mcmscsvc - ok 11:23:45.0741 2528 McNaiAnn (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe 11:23:45.0741 2528 McNaiAnn - ok 11:23:45.0741 2528 McNASvc (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe 11:23:45.0757 2528 McNASvc - ok 11:23:45.0835 2528 McODS (dd2321925274f2902929d76ce2b0eb45) C:\Program Files\McAfee\VirusScan\mcods.exe 11:23:45.0850 2528 McODS - ok 11:23:45.0866 2528 McProxy (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe 11:23:45.0866 2528 McProxy - ok 11:23:45.0944 2528 McShield (597c77235621e7ddd32a68574fde6464) C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe 11:23:45.0944 2528 McShield - ok 11:23:46.0069 2528 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll 11:23:46.0069 2528 Mcx2Svc - ok 11:23:46.0100 2528 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys 11:23:46.0100 2528 megasas - ok 11:23:46.0162 2528 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys 11:23:46.0162 2528 MegaSR - ok 11:23:46.0225 2528 mfeapfk (01884cb7655c8908b43ff5e364fe6fd2) C:\Windows\system32\drivers\mfeapfk.sys 11:23:46.0225 2528 mfeapfk - ok 11:23:46.0287 2528 mfeavfk (dab9a9cdfb04e4d68924492aa043019d) C:\Windows\system32\drivers\mfeavfk.sys 11:23:46.0287 2528 mfeavfk - ok 11:23:46.0318 2528 mfefire (134bb16f93a07c2c89b0b9c399382bdb) C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe 11:23:46.0334 2528 mfefire - ok 11:23:46.0381 2528 mfefirek (ce9a3680675c0907ade16404ca967b49) C:\Windows\system32\drivers\mfefirek.sys 11:23:46.0396 2528 mfefirek - ok 11:23:46.0474 2528 mfehidk (60cf67458dd29cd17e77f2327b1a9a54) C:\Windows\system32\drivers\mfehidk.sys 11:23:46.0474 2528 mfehidk - ok 11:23:46.0521 2528 mfenlfk (a8129cfb919347f8533c934b365e9202) C:\Windows\system32\DRIVERS\mfenlfk.sys 11:23:46.0521 2528 mfenlfk - ok 11:23:46.0568 2528 mferkdet (5041fa2bd2b3a2693b015771bfbf6dca) C:\Windows\system32\drivers\mferkdet.sys 11:23:46.0583 2528 mferkdet - ok 11:23:46.0630 2528 mfevtp (4d0ecd05abb518ea323f651f4ab8458f) C:\Windows\system32\mfevtps.exe 11:23:46.0630 2528 mfevtp - ok 11:23:46.0724 2528 mfewfpk (919c56db14a0e1e2ab6da5d2821dc26e) C:\Windows\system32\drivers\mfewfpk.sys 11:23:46.0724 2528 mfewfpk - ok 11:23:46.0771 2528 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll 11:23:46.0771 2528 MMCSS - ok 11:23:46.0817 2528 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys 11:23:46.0817 2528 Modem - ok 11:23:46.0833 2528 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys 11:23:46.0833 2528 monitor - ok 11:23:46.0864 2528 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys 11:23:46.0880 2528 mouclass - ok 11:23:46.0911 2528 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys 11:23:46.0911 2528 mouhid - ok 11:23:46.0958 2528 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys 11:23:46.0958 2528 mountmgr - ok 11:23:46.0989 2528 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys 11:23:46.0989 2528 mpio - ok 11:23:47.0020 2528 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys 11:23:47.0020 2528 mpsdrv - ok 11:23:47.0098 2528 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll 11:23:47.0114 2528 MpsSvc - ok 11:23:47.0145 2528 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys 11:23:47.0145 2528 MRxDAV - ok 11:23:47.0192 2528 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys 11:23:47.0192 2528 mrxsmb - ok 11:23:47.0239 2528 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys 11:23:47.0239 2528 mrxsmb10 - ok 11:23:47.0270 2528 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys 11:23:47.0270 2528 mrxsmb20 - ok 11:23:47.0301 2528 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys 11:23:47.0317 2528 msahci - ok 11:23:47.0332 2528 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys 11:23:47.0332 2528 msdsm - ok 11:23:47.0379 2528 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe 11:23:47.0379 2528 MSDTC - ok 11:23:47.0426 2528 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys 11:23:47.0426 2528 Msfs - ok 11:23:47.0441 2528 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys 11:23:47.0441 2528 mshidkmdf - ok 11:23:47.0473 2528 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys 11:23:47.0473 2528 msisadrv - ok 11:23:47.0535 2528 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll 11:23:47.0535 2528 MSiSCSI - ok 11:23:47.0551 2528 msiserver - ok 11:23:47.0660 2528 MSK80Service (acb01bf1a905356ab7f978c7fe852209) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe 11:23:47.0660 2528 MSK80Service - ok 11:23:47.0707 2528 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys 11:23:47.0707 2528 MSKSSRV - ok 11:23:47.0738 2528 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys 11:23:47.0738 2528 MSPCLOCK - ok 11:23:47.0753 2528 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys 11:23:47.0753 2528 MSPQM - ok 11:23:47.0800 2528 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys 11:23:47.0816 2528 MsRPC - ok 11:23:47.0831 2528 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys 11:23:47.0831 2528 mssmbios - ok 11:23:47.0847 2528 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys 11:23:47.0847 2528 MSTEE - ok 11:23:47.0878 2528 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys 11:23:47.0878 2528 MTConfig - ok 11:23:47.0909 2528 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys 11:23:47.0909 2528 Mup - ok 11:23:47.0972 2528 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll 11:23:47.0972 2528 napagent - ok 11:23:48.0019 2528 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys 11:23:48.0034 2528 NativeWifiP - ok 11:23:48.0128 2528 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys 11:23:48.0143 2528 NDIS - ok 11:23:48.0175 2528 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys 11:23:48.0175 2528 NdisCap - ok 11:23:48.0221 2528 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys 11:23:48.0221 2528 NdisTapi - ok 11:23:48.0284 2528 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys 11:23:48.0284 2528 Ndisuio - ok 11:23:48.0331 2528 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys 11:23:48.0331 2528 NdisWan - ok 11:23:48.0362 2528 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys 11:23:48.0362 2528 NDProxy - ok 11:23:48.0393 2528 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys 11:23:48.0393 2528 NetBIOS - ok 11:23:48.0440 2528 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys 11:23:48.0455 2528 NetBT - ok 11:23:48.0471 2528 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 11:23:48.0471 2528 Netlogon - ok 11:23:48.0549 2528 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll 11:23:48.0565 2528 Netman - ok 11:23:48.0596 2528 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll 11:23:48.0596 2528 netprofm - ok 11:23:48.0689 2528 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe 11:23:48.0705 2528 NetTcpPortSharing - ok 11:23:48.0736 2528 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys 11:23:48.0736 2528 nfrd960 - ok 11:23:48.0783 2528 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll 11:23:48.0814 2528 NlaSvc - ok 11:23:48.0845 2528 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys 11:23:48.0845 2528 Npfs - ok 11:23:48.0877 2528 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll 11:23:48.0877 2528 nsi - ok 11:23:48.0892 2528 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys 11:23:48.0892 2528 nsiproxy - ok 11:23:49.0064 2528 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys 11:23:49.0095 2528 Ntfs - ok 11:23:49.0220 2528 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys 11:23:49.0220 2528 Null - ok 11:23:49.0282 2528 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys 11:23:49.0282 2528 nvraid - ok 11:23:49.0313 2528 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys 11:23:49.0313 2528 nvstor - ok 11:23:49.0345 2528 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys 11:23:49.0345 2528 nv_agp - ok 11:23:49.0469 2528 odserv (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE 11:23:49.0469 2528 odserv - ok 11:23:49.0516 2528 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys 11:23:49.0516 2528 ohci1394 - ok 11:23:49.0563 2528 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 11:23:49.0579 2528 ose - ok 11:23:49.0610 2528 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll 11:23:49.0610 2528 p2pimsvc - ok 11:23:49.0657 2528 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll 11:23:49.0657 2528 p2psvc - ok 11:23:49.0703 2528 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys 11:23:49.0703 2528 Parport - ok 11:23:49.0750 2528 partmgr (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys 11:23:49.0766 2528 partmgr - ok 11:23:49.0781 2528 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll 11:23:49.0797 2528 PcaSvc - ok 11:23:49.0828 2528 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys 11:23:49.0828 2528 pci - ok 11:23:49.0859 2528 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys 11:23:49.0859 2528 pciide - ok 11:23:49.0906 2528 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys 11:23:49.0922 2528 pcmcia - ok 11:23:49.0937 2528 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys 11:23:49.0953 2528 pcw - ok 11:23:50.0000 2528 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys 11:23:50.0015 2528 PEAUTH - ok 11:23:50.0093 2528 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe 11:23:50.0109 2528 PerfHost - ok 11:23:50.0218 2528 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll 11:23:50.0249 2528 pla - ok 11:23:50.0327 2528 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll 11:23:50.0327 2528 PlugPlay - ok 11:23:50.0515 2528 PMBDeviceInfoProvider (627fa58adc043704f9d14ca44340956f) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe 11:23:50.0577 2528 PMBDeviceInfoProvider - ok 11:23:50.0608 2528 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll 11:23:50.0608 2528 PNRPAutoReg - ok 11:23:50.0655 2528 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll 11:23:50.0655 2528 PNRPsvc - ok 11:23:50.0717 2528 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll 11:23:50.0733 2528 PolicyAgent - ok 11:23:50.0764 2528 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll 11:23:50.0764 2528 Power - ok 11:23:50.0842 2528 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys 11:23:50.0842 2528 PptpMiniport - ok 11:23:50.0873 2528 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys 11:23:50.0873 2528 Processor - ok 11:23:50.0936 2528 ProfSvc (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll 11:23:50.0951 2528 ProfSvc - ok 11:23:50.0983 2528 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 11:23:50.0998 2528 ProtectedStorage - ok 11:23:51.0045 2528 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys 11:23:51.0045 2528 Psched - ok 11:23:51.0076 2528 PxHlpa64 (aed797cca02783296c68aa10d0cff8a9) C:\Windows\system32\Drivers\PxHlpa64.sys 11:23:51.0076 2528 PxHlpa64 - ok 11:23:51.0217 2528 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys 11:23:51.0232 2528 ql2300 - ok 11:23:51.0373 2528 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys 11:23:51.0388 2528 ql40xx - ok 11:23:51.0419 2528 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll 11:23:51.0435 2528 QWAVE - ok 11:23:51.0451 2528 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys 11:23:51.0451 2528 QWAVEdrv - ok 11:23:51.0466 2528 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys 11:23:51.0482 2528 RasAcd - ok 11:23:51.0529 2528 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys 11:23:51.0529 2528 RasAgileVpn - ok 11:23:51.0560 2528 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll 11:23:51.0560 2528 RasAuto - ok 11:23:51.0607 2528 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys 11:23:51.0607 2528 Rasl2tp - ok 11:23:51.0638 2528 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll 11:23:51.0653 2528 RasMan - ok 11:23:51.0685 2528 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys 11:23:51.0685 2528 RasPppoe - ok 11:23:51.0716 2528 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys 11:23:51.0716 2528 RasSstp - ok 11:23:51.0778 2528 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys 11:23:51.0794 2528 rdbss - ok 11:23:51.0809 2528 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys 11:23:51.0809 2528 rdpbus - ok 11:23:51.0841 2528 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys 11:23:51.0841 2528 RDPCDD - ok 11:23:51.0872 2528 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys 11:23:51.0872 2528 RDPENCDD - ok 11:23:51.0872 2528 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys 11:23:51.0872 2528 RDPREFMP - ok 11:23:51.0903 2528 RDPWD (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys 11:23:51.0919 2528 RDPWD - ok 11:23:51.0965 2528 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys 11:23:51.0981 2528 rdyboost - ok 11:23:52.0012 2528 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll 11:23:52.0012 2528 RemoteAccess - ok 11:23:52.0059 2528 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll 11:23:52.0059 2528 RemoteRegistry - ok 11:23:52.0121 2528 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys 11:23:52.0121 2528 RFCOMM - ok 11:23:52.0184 2528 rimspci (5ca4abd888b602551b59baa26941c167) C:\Windows\system32\drivers\rimssne64.sys 11:23:52.0184 2528 rimspci - ok 11:23:52.0215 2528 risdsnpe (bb6e138aeb351728959da5e2731d8140) C:\Windows\system32\drivers\risdsne64.sys 11:23:52.0215 2528 risdsnpe - ok 11:23:52.0340 2528 Roxio UPnP Renderer 10 (d151224bc11078895a60fa970728ff59) C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe 11:23:52.0355 2528 Roxio UPnP Renderer 10 - ok 11:23:52.0387 2528 Roxio Upnp Server 10 (5022a927944878bd750960bd21e751af) C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe 11:23:52.0402 2528 Roxio Upnp Server 10 - ok 11:23:52.0433 2528 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll 11:23:52.0449 2528 RpcEptMapper - ok 11:23:52.0496 2528 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe 11:23:52.0496 2528 RpcLocator - ok 11:23:52.0543 2528 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll 11:23:52.0558 2528 RpcSs - ok 11:23:52.0636 2528 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys 11:23:52.0636 2528 rspndr - ok 11:23:52.0699 2528 RTHDMIAzAudService (4e821c740a675f6d040be41d59a62b1d) C:\Windows\system32\drivers\RtHDMIVX.sys 11:23:52.0714 2528 RTHDMIAzAudService - ok 11:23:52.0808 2528 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 11:23:52.0808 2528 SamSs - ok 11:23:52.0839 2528 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys 11:23:52.0839 2528 sbp2port - ok 11:23:52.0886 2528 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll 11:23:52.0901 2528 SCardSvr - ok 11:23:52.0933 2528 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys 11:23:52.0933 2528 scfilter - ok 11:23:53.0026 2528 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll 11:23:53.0042 2528 Schedule - ok 11:23:53.0073 2528 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll 11:23:53.0089 2528 SCPolicySvc - ok 11:23:53.0135 2528 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\drivers\sdbus.sys 11:23:53.0151 2528 sdbus - ok 11:23:53.0198 2528 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll 11:23:53.0198 2528 SDRSVC - ok 11:23:53.0229 2528 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys 11:23:53.0229 2528 secdrv - ok 11:23:53.0260 2528 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll 11:23:53.0260 2528 seclogon - ok 11:23:53.0291 2528 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll 11:23:53.0307 2528 SENS - ok 11:23:53.0338 2528 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll 11:23:53.0338 2528 SensrSvc - ok 11:23:53.0385 2528 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys 11:23:53.0385 2528 Serenum - ok 11:23:53.0401 2528 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys 11:23:53.0401 2528 Serial - ok 11:23:53.0432 2528 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys 11:23:53.0432 2528 sermouse - ok 11:23:53.0479 2528 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll 11:23:53.0479 2528 SessionEnv - ok 11:23:53.0510 2528 SFEP (70f9c476b62de4f2823e918a6c181ade) C:\Windows\system32\drivers\SFEP.sys 11:23:53.0510 2528 SFEP - ok 11:23:53.0541 2528 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys 11:23:53.0541 2528 sffdisk - ok 11:23:53.0572 2528 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys 11:23:53.0572 2528 sffp_mmc - ok 11:23:53.0588 2528 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys 11:23:53.0588 2528 sffp_sd - ok 11:23:53.0635 2528 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys 11:23:53.0635 2528 sfloppy - ok 11:23:53.0697 2528 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll 11:23:53.0713 2528 SharedAccess - ok 11:23:53.0775 2528 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll 11:23:53.0791 2528 ShellHWDetection - ok 11:23:53.0822 2528 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys 11:23:53.0822 2528 SiSRaid2 - ok 11:23:53.0853 2528 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys 11:23:53.0853 2528 SiSRaid4 - ok 11:23:53.0900 2528 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys 11:23:53.0900 2528 Smb - ok 11:23:53.0962 2528 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe 11:23:53.0962 2528 SNMPTRAP - ok 11:23:54.0056 2528 SOHCImp (98886c88a1cb13d61672ae2c638b7e1c) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe 11:23:54.0071 2528 SOHCImp - ok 11:23:54.0087 2528 SOHDBSvr (442a13f395546f4564c377296d43b564) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe 11:23:54.0087 2528 SOHDBSvr - ok 11:23:54.0134 2528 SOHDms (556681be668d71dc162391a45422b52c) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe 11:23:54.0149 2528 SOHDms - ok 11:23:54.0181 2528 SOHDs (72b46103e4111439109acf5882627c24) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe 11:23:54.0181 2528 SOHDs - ok 11:23:54.0196 2528 SOHPlMgr (725b6e9cd1959271ac993dc035e1606d) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe 11:23:54.0212 2528 SOHPlMgr - ok 11:23:54.0243 2528 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys 11:23:54.0243 2528 spldr - ok 11:23:54.0321 2528 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe 11:23:54.0337 2528 Spooler - ok 11:23:54.0602 2528 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe 11:23:54.0680 2528 sppsvc - ok 11:23:54.0789 2528 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll 11:23:54.0805 2528 sppuinotify - ok 11:23:54.0867 2528 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys 11:23:54.0914 2528 srv - ok 11:23:54.0992 2528 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys 11:23:55.0039 2528 srv2 - ok 11:23:55.0054 2528 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys 11:23:55.0070 2528 srvnet - ok 11:23:55.0117 2528 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll 11:23:55.0132 2528 SSDPSRV - ok 11:23:55.0148 2528 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll 11:23:55.0148 2528 SstpSvc - ok 11:23:55.0179 2528 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys 11:23:55.0179 2528 stexstor - ok 11:23:55.0241 2528 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll 11:23:55.0257 2528 stisvc - ok 11:23:55.0288 2528 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys 11:23:55.0288 2528 swenum - ok 11:23:55.0522 2528 SwitchBoard (f577910a133a592234ebaad3f3afa258) C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe 11:23:55.0522 2528 SwitchBoard - ok 11:23:55.0600 2528 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll 11:23:55.0616 2528 swprv - ok 11:23:55.0756 2528 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll 11:23:55.0787 2528 SysMain - ok 11:23:55.0897 2528 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll 11:23:55.0897 2528 TabletInputService - ok 11:23:56.0053 2528 TabletService (fda7fb3830cc7cf5c809f976a57cef6d) C:\Windows\system32\Tablet.exe 11:23:56.0084 2528 TabletService - ok 11:23:56.0209 2528 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll 11:23:56.0224 2528 TapiSrv - ok 11:23:56.0255 2528 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll 11:23:56.0255 2528 TBS - ok 11:23:56.0443 2528 Tcpip (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys 11:23:56.0474 2528 Tcpip - ok 11:23:56.0755 2528 TCPIP6 (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys 11:23:56.0755 2528 TCPIP6 - ok 11:23:56.0957 2528 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys 11:23:56.0957 2528 tcpipreg - ok 11:23:56.0989 2528 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys 11:23:56.0989 2528 TDPIPE - ok 11:23:57.0020 2528 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys 11:23:57.0020 2528 TDTCP - ok 11:23:57.0067 2528 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys 11:23:57.0067 2528 tdx - ok 11:23:57.0098 2528 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys 11:23:57.0098 2528 TermDD - ok 11:23:57.0160 2528 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll 11:23:57.0176 2528 TermService - ok 11:23:57.0191 2528 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll 11:23:57.0191 2528 Themes - ok 11:23:57.0223 2528 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll 11:23:57.0223 2528 THREADORDER - ok 11:23:57.0254 2528 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll 11:23:57.0254 2528 TrkWks - ok 11:23:57.0301 2528 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe 11:23:57.0316 2528 TrustedInstaller - ok 11:23:57.0347 2528 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys 11:23:57.0347 2528 tssecsrv - ok 11:23:57.0394 2528 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys 11:23:57.0394 2528 TsUsbFlt - ok 11:23:57.0441 2528 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys 11:23:57.0441 2528 tunnel - ok 11:23:57.0488 2528 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys 11:23:57.0488 2528 uagp35 - ok 11:23:57.0550 2528 uCamMonitor (63f6d08c54d5b3c1b12a6172032055c7) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe 11:23:57.0550 2528 uCamMonitor - ok 11:23:57.0613 2528 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys 11:23:57.0628 2528 udfs - ok 11:23:57.0675 2528 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe 11:23:57.0675 2528 UI0Detect - ok 11:23:57.0706 2528 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys 11:23:57.0706 2528 uliagpkx - ok 11:23:57.0753 2528 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys 11:23:57.0753 2528 umbus - ok 11:23:57.0784 2528 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys 11:23:57.0784 2528 UmPass - ok 11:23:57.0987 2528 UNS (9e89c2d6945389270de067ce51ff7425) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe 11:23:58.0018 2528 UNS - ok 11:23:58.0159 2528 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll 11:23:58.0174 2528 upnphost - ok 11:23:58.0237 2528 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys 11:23:58.0237 2528 usbccgp - ok 11:23:58.0268 2528 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys 11:23:58.0283 2528 usbcir - ok 11:23:58.0283 2528 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys 11:23:58.0299 2528 usbehci - ok 11:23:58.0330 2528 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys 11:23:58.0346 2528 usbhub - ok 11:23:58.0377 2528 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys 11:23:58.0393 2528 usbohci - ok 11:23:58.0439 2528 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys 11:23:58.0439 2528 usbprint - ok 11:23:58.0471 2528 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys 11:23:58.0471 2528 usbscan - ok 11:23:58.0517 2528 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS 11:23:58.0517 2528 USBSTOR - ok 11:23:58.0564 2528 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys 11:23:58.0564 2528 usbuhci - ok 11:23:58.0611 2528 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys 11:23:58.0627 2528 usbvideo - ok 11:23:58.0642 2528 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll 11:23:58.0642 2528 UxSms - ok 11:23:58.0751 2528 VAIO Entertainment TV Device Arbitration Service (4e7135d6d0127067e4cfee12259f895d) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe 11:23:58.0751 2528 VAIO Entertainment TV Device Arbitration Service - ok 11:23:58.0861 2528 VAIO Event Service (6b31c9cb94927dbeeb62e15275f4cc54) C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe 11:23:58.0876 2528 VAIO Event Service - ok 11:23:59.0032 2528 VAIO Power Management (b8c9a7010afd5cbbe194cb9ef7c4fd14) C:\Program Files\Sony\VAIO Power Management\SPMService.exe 11:23:59.0048 2528 VAIO Power Management - ok 11:23:59.0095 2528 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe 11:23:59.0095 2528 VaultSvc - ok 11:23:59.0204 2528 VCFw (6a740f5ff3246c3be3dd317299efc88e) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe 11:23:59.0219 2528 VCFw - ok 11:23:59.0313 2528 VcmIAlzMgr (10e212bfb7eab152a64c1aaec2f7f4e0) C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe 11:23:59.0329 2528 VcmIAlzMgr - ok 11:23:59.0391 2528 VcmINSMgr (9d9b34b430b4dc683112f59c80d20ab8) C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe 11:23:59.0407 2528 VcmINSMgr - ok 11:23:59.0500 2528 VcmXmlIfHelper (8efaaccc7bfa1e9031efdfb01a1b0d69) C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe 11:23:59.0500 2528 VcmXmlIfHelper - ok 11:23:59.0578 2528 VCService (d347d3abe070aa09c22fc37121555d52) C:\Program Files\Sony\VAIO Care\VCService.exe 11:23:59.0578 2528 VCService - ok 11:23:59.0703 2528 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys 11:23:59.0703 2528 vdrvroot - ok 11:23:59.0765 2528 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe 11:23:59.0781 2528 vds - ok 11:23:59.0828 2528 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys 11:23:59.0828 2528 vga - ok 11:23:59.0843 2528 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys 11:23:59.0843 2528 VgaSave - ok 11:23:59.0906 2528 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys 11:23:59.0906 2528 vhdmp - ok 11:23:59.0937 2528 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys 11:23:59.0937 2528 viaide - ok 11:23:59.0984 2528 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys 11:23:59.0984 2528 volmgr - ok 11:24:00.0031 2528 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys 11:24:00.0031 2528 volmgrx - ok 11:24:00.0093 2528 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys 11:24:00.0109 2528 volsnap - ok 11:24:00.0155 2528 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys 11:24:00.0155 2528 vsmraid - ok 11:24:00.0358 2528 VSNService (33655f6b36aa8702960ab1568ed82a01) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe 11:24:00.0374 2528 VSNService - ok 11:24:00.0514 2528 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe 11:24:00.0577 2528 VSS - ok 11:24:00.0811 2528 VUAgent (fb4a1695d2d74f9c92ca5e84795cdbe1) C:\Program Files\Sony\VAIO Update Common\VUAgent.exe 11:24:00.0826 2528 VUAgent - ok 11:24:00.0951 2528 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys 11:24:00.0951 2528 vwifibus - ok 11:24:00.0998 2528 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys 11:24:00.0998 2528 vwififlt - ok 11:24:01.0091 2528 VzCdbSvc (d8bef4ac1eac809dbdbd441d6cff6c4c) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe 11:24:01.0091 2528 VzCdbSvc - ok 11:24:01.0138 2528 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll 11:24:01.0154 2528 W32Time - ok 11:24:01.0201 2528 wacommousefilter (b91a4688b5ac49328f1159a97e914d58) C:\Windows\system32\DRIVERS\wacommousefilter.sys 11:24:01.0201 2528 wacommousefilter - ok 11:24:01.0247 2528 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys 11:24:01.0247 2528 WacomPen - ok 11:24:01.0279 2528 wacomvhid (79ff5ff4a64c8e9f6e0929aa53d9920b) C:\Windows\system32\DRIVERS\wacomvhid.sys 11:24:01.0279 2528 wacomvhid - ok 11:24:01.0325 2528 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 11:24:01.0325 2528 WANARP - ok 11:24:01.0341 2528 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys 11:24:01.0341 2528 Wanarpv6 - ok 11:24:01.0466 2528 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe 11:24:01.0481 2528 WatAdminSvc - ok 11:24:01.0606 2528 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe 11:24:01.0637 2528 wbengine - ok 11:24:01.0778 2528 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll 11:24:01.0793 2528 WbioSrvc - ok 11:24:01.0840 2528 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll 11:24:01.0856 2528 wcncsvc - ok 11:24:01.0871 2528 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll 11:24:01.0871 2528 WcsPlugInService - ok 11:24:01.0918 2528 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys 11:24:01.0918 2528 Wd - ok 11:24:01.0981 2528 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys 11:24:01.0996 2528 Wdf01000 - ok 11:24:02.0012 2528 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll 11:24:02.0027 2528 WdiServiceHost - ok 11:24:02.0027 2528 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll 11:24:02.0027 2528 WdiSystemHost - ok 11:24:02.0074 2528 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll 11:24:02.0074 2528 WebClient - ok 11:24:02.0105 2528 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll 11:24:02.0121 2528 Wecsvc - ok 11:24:02.0137 2528 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll 11:24:02.0137 2528 wercplsupport - ok 11:24:02.0168 2528 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll 11:24:02.0168 2528 WerSvc - ok 11:24:02.0230 2528 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys 11:24:02.0230 2528 WfpLwf - ok 11:24:02.0246 2528 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys 11:24:02.0246 2528 WIMMount - ok 11:24:02.0308 2528 WinDefend - ok 11:24:02.0308 2528 WinHttpAutoProxySvc - ok 11:24:02.0355 2528 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll 11:24:02.0371 2528 Winmgmt - ok 11:24:02.0542 2528 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll 11:24:02.0605 2528 WinRM - ok 11:24:02.0745 2528 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys 11:24:02.0745 2528 WinUsb - ok 11:24:02.0823 2528 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll 11:24:02.0839 2528 Wlansvc - ok 11:24:03.0073 2528 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 11:24:03.0104 2528 wlidsvc - ok 11:24:03.0244 2528 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys 11:24:03.0244 2528 WmiAcpi - ok 11:24:03.0322 2528 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe 11:24:03.0322 2528 wmiApSrv - ok 11:24:03.0400 2528 WMPNetworkSvc - ok 11:24:03.0431 2528 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll 11:24:03.0431 2528 WPCSvc - ok 11:24:03.0478 2528 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll 11:24:03.0478 2528 WPDBusEnum - ok 11:24:03.0509 2528 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys 11:24:03.0509 2528 ws2ifsl - ok 11:24:03.0525 2528 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\system32\wscsvc.dll 11:24:03.0525 2528 wscsvc - ok 11:24:03.0541 2528 WSearch - ok 11:24:03.0728 2528 wuauserv (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll 11:24:03.0743 2528 wuauserv - ok 11:24:03.0899 2528 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys 11:24:03.0899 2528 WudfPf - ok 11:24:03.0931 2528 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys 11:24:03.0931 2528 WUDFRd - ok 11:24:03.0977 2528 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll 11:24:03.0977 2528 wudfsvc - ok 11:24:04.0009 2528 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll 11:24:04.0024 2528 WwanSvc - ok 11:24:04.0102 2528 yukonw7 (64f88af327aa74e03658ae32b48ccb8b) C:\Windows\system32\DRIVERS\yk62x64.sys 11:24:04.0102 2528 yukonw7 - ok 11:24:04.0133 2528 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0 11:24:04.0367 2528 \Device\Harddisk0\DR0 - ok 11:24:04.0383 2528 Boot (0x1200) (583885de7a3d8b8bc47410dd489b64fa) \Device\Harddisk0\DR0\Partition0 11:24:04.0383 2528 \Device\Harddisk0\DR0\Partition0 - ok 11:24:04.0383 2528 Boot (0x1200) (613de3d6af3ec8dd7d3da0e98d4ca9e0) \Device\Harddisk0\DR0\Partition1 11:24:04.0383 2528 \Device\Harddisk0\DR0\Partition1 - ok 11:24:04.0383 2528 ============================================================ 11:24:04.0383 2528 Scan finished 11:24:04.0383 2528 ============================================================ 11:24:04.0399 2752 Detected object count: 0 11:24:04.0399 2752 Actual detected object count: 0 11:24:41.0199 3092 Deinitialize success Citera Länk till kommentar Dela på andra webbplatser Fler delningsalternativ...
Recommended Posts
Delta i dialogen
Du kan skriva svaret nu och registrera dig senare, Om du har ett konto, logga in nu för att svara på inlägget.