Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

microsoft security essential alert


  • Please log in to reply
25 replies to this topic

#1 intercept1

intercept1

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:12:14 AM

Posted 14 August 2012 - 05:36 AM

when i start the computer i get a black screen after 2min in the middle of the screen there is a red/white message says, microsoft security essential alert.
then it says that they found trojans and virus, if i buy the program they say the the computer going to be ok.
How to get off this trojan? i have to close some procces vid rgkill first to get out on internet otherwise the alert wanrning comes directly and than you can only restart computer.
How to do?

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:14 AM

Posted 14 August 2012 - 05:50 AM

Boot into safemode with networking


Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 intercept1

intercept1
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:12:14 AM

Posted 14 August 2012 - 07:42 AM

TDSS LOGG:
14:40:00.0062 1048 TDSS rootkit removing tool 2.8.6.0 Aug 13 2012 17:24:05
14:40:00.0156 1048 ============================================================
14:40:00.0156 1048 Current date / time: 2012/08/14 14:40:00.0156
14:40:00.0156 1048 SystemInfo:
14:40:00.0156 1048
14:40:00.0156 1048 OS Version: 5.1.2600 ServicePack: 3.0
14:40:00.0156 1048 Product type: Workstation
14:40:00.0156 1048 ComputerName: PARTYFIL-78AA68
14:40:00.0156 1048 UserName: Administratör
14:40:00.0156 1048 Windows directory: C:\WINDOWS
14:40:00.0156 1048 System windows directory: C:\WINDOWS
14:40:00.0156 1048 Processor architecture: Intel x86
14:40:00.0156 1048 Number of processors: 2
14:40:00.0156 1048 Page size: 0x1000
14:40:00.0156 1048 Boot type: Safe boot with network
14:40:00.0156 1048 ============================================================
14:40:01.0281 1048 Drive \Device\Harddisk0\DR0 - Size: 0x45DD826000 (279.46 Gb), SectorSize: 0x200, Cylinders: 0x8E81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
14:40:01.0296 1048 Drive \Device\Harddisk1\DR1 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
14:40:01.0296 1048 ============================================================
14:40:01.0296 1048 \Device\Harddisk0\DR0:
14:40:01.0296 1048 MBR partitions:
14:40:01.0296 1048 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x22EEAD02
14:40:01.0296 1048 \Device\Harddisk1\DR1:
14:40:01.0296 1048 MBR partitions:
14:40:01.0296 1048 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x7801F1A
14:40:01.0312 1048 \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x7801F98, BlocksNum 0x43051068
14:40:01.0312 1048 ============================================================
14:40:01.0328 1048 C: <-> \Device\Harddisk1\DR1\Partition1
14:40:01.0359 1048 D: <-> \Device\Harddisk1\DR1\Partition2
14:40:01.0375 1048 G: <-> \Device\Harddisk0\DR0\Partition1
14:40:01.0375 1048 ============================================================
14:40:01.0375 1048 Initialize success
14:40:01.0375 1048 ============================================================
14:40:32.0453 1176 ============================================================
14:40:32.0453 1176 Scan started
14:40:32.0453 1176 Mode: Manual; TDLFS;
14:40:32.0453 1176 ============================================================
14:40:33.0156 1176 ================ Scan services =============================
14:40:33.0406 1176 Abiosdsk - ok
14:40:33.0453 1176 abp480n5 - ok
14:40:33.0546 1176 [ 48547e29772befe3c554ff5e4855bf51 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
14:40:33.0546 1176 ACPI - ok
14:40:33.0609 1176 [ decedc736cef3c0fff6e981b31e73a61 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
14:40:33.0609 1176 ACPIEC - ok
14:40:33.0718 1176 [ 459ac130c6ab892b1cd5d7544626efc5 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
14:40:33.0718 1176 AdobeFlashPlayerUpdateSvc - ok
14:40:33.0796 1176 adpu160m - ok
14:40:33.0890 1176 [ 8bed39e3c35d6a489438b8141717a557 ] aec C:\WINDOWS\system32\drivers\aec.sys
14:40:33.0890 1176 aec - ok
14:40:33.0968 1176 [ 322d0e36693d6e24a2398bee62a268cd ] AFD C:\WINDOWS\System32\drivers\afd.sys
14:40:33.0968 1176 AFD - ok
14:40:34.0031 1176 Aha154x - ok
14:40:34.0109 1176 aic78u2 - ok
14:40:34.0187 1176 aic78xx - ok
14:40:34.0296 1176 [ 7e3c83703327499d0b98ae392ff07ede ] Alerter C:\WINDOWS\system32\alrsvc.dll
14:40:34.0312 1176 Alerter - ok
14:40:34.0359 1176 [ 5df46f9ad9c1d611a38af2abb9365b5b ] ALG C:\WINDOWS\System32\alg.exe
14:40:34.0359 1176 ALG - ok
14:40:34.0421 1176 AliIde - ok
14:40:34.0500 1176 [ 6e58654cb25730b2579e45e1fd116a47 ] amdide C:\WINDOWS\system32\DRIVERS\amdide.sys
14:40:34.0500 1176 amdide - ok
14:40:34.0609 1176 [ 220e36c9a6e2979a3d3df37b4ebe471c ] AmdK8 C:\WINDOWS\system32\DRIVERS\AmdK8.sys
14:40:34.0609 1176 AmdK8 - ok
14:40:34.0656 1176 amsint - ok
14:40:34.0796 1176 [ 70d7be78061126dd0c3accdb7e129017 ] Apple Mobile Device C:\Program\Delade filer\Apple\Mobile Device Support\AppleMobileDeviceService.exe
14:40:34.0796 1176 Apple Mobile Device - ok
14:40:34.0890 1176 [ 6912d676607594c3554c2e43f4b1feee ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
14:40:34.0890 1176 AppMgmt - ok
14:40:34.0953 1176 asc - ok
14:40:35.0015 1176 asc3350p - ok
14:40:35.0093 1176 asc3550 - ok
14:40:35.0296 1176 [ 0e5e4957549056e2bf2c49f4f6b601ad ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
14:40:35.0312 1176 aspnet_state - ok
14:40:35.0421 1176 [ b153affac761e7f5fcfa822b9c4e97bc ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
14:40:35.0421 1176 AsyncMac - ok
14:40:35.0500 1176 [ 9f3a2f5aa6875c72bf062c712cfa2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
14:40:35.0500 1176 atapi - ok
14:40:35.0578 1176 [ 0907a12341e56dda7b22f8fd116a981d ] AtcL001 C:\WINDOWS\system32\DRIVERS\l151x86.sys
14:40:35.0578 1176 AtcL001 - ok
14:40:35.0640 1176 Atdisk - ok
14:40:35.0718 1176 [ afca5284ed274e87968d20eeb6ff952d ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe
14:40:35.0734 1176 Ati HotKey Poller - ok
14:40:35.0843 1176 [ b9d5d675da54f643ecad8441f9df3e99 ] ati2mtag C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
14:40:35.0890 1176 ati2mtag - ok
14:40:35.0968 1176 [ 9916c1225104ba14794209cfa8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
14:40:35.0968 1176 Atmarpc - ok
14:40:36.0046 1176 [ 73f7604cfb13a066a93442f431c62c4a ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
14:40:36.0046 1176 AudioSrv - ok
14:40:36.0140 1176 [ d9f724aa26c010a217c97606b160ed68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
14:40:36.0140 1176 audstub - ok
14:40:36.0250 1176 [ da1f27d85e0d1525f6621372e7b685e9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
14:40:36.0250 1176 Beep - ok
14:40:36.0343 1176 [ 9741942a86e579231d3c41aa51de042f ] BITS C:\WINDOWS\system32\qmgr.dll
14:40:36.0437 1176 BITS - ok
14:40:36.0500 1176 [ e0d4a1cc49efb58a32b5e9d35798c9dd ] Browser C:\WINDOWS\System32\browser.dll
14:40:36.0500 1176 Browser - ok
14:40:36.0578 1176 [ 248dfa5762dde38dfddbbd44149e9d7a ] BVRPMPR5 C:\WINDOWS\system32\drivers\BVRPMPR5.SYS
14:40:36.0578 1176 BVRPMPR5 - ok
14:40:36.0656 1176 [ 90a673fc8e12a79afbed2576f6a7aaf9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
14:40:36.0656 1176 cbidf2k - ok
14:40:36.0718 1176 cd20xrnt - ok
14:40:36.0796 1176 [ c1b486a7658353d33a10cc15211a873b ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
14:40:36.0796 1176 Cdaudio - ok
14:40:36.0875 1176 [ c885b02847f5d2fd45a24e219ed93b32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
14:40:36.0875 1176 Cdfs - ok
14:40:36.0953 1176 [ 1f4260cc5b42272d71f79e570a27a4fe ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
14:40:36.0968 1176 Cdrom - ok
14:40:37.0015 1176 Changer - ok
14:40:37.0125 1176 [ 359c676391504438f334478585fd6465 ] CiSvc C:\WINDOWS\system32\cisvc.exe
14:40:37.0125 1176 CiSvc - ok
14:40:37.0187 1176 [ b8345830c5d789d3da21b91c0c94d086 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
14:40:37.0187 1176 ClipSrv - ok
14:40:37.0281 1176 [ d87acaed61e417bba546ced5e7e36d9c ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:40:37.0343 1176 clr_optimization_v2.0.50727_32 - ok
14:40:37.0375 1176 CmdIde - ok
14:40:37.0453 1176 COMSysApp - ok
14:40:37.0609 1176 Cpqarray - ok
14:40:37.0687 1176 [ 04fd6585508a7320b2c7453ced231d6b ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
14:40:37.0687 1176 CryptSvc - ok
14:40:37.0765 1176 dac2w2k - ok
14:40:37.0843 1176 dac960nt - ok
14:40:37.0937 1176 [ ca6c886e70bcd38c4891e26cb4abd2eb ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
14:40:37.0953 1176 DcomLaunch - ok
14:40:38.0000 1176 [ 0ce3fa1c1a6803b34022d6c47273930d ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
14:40:38.0000 1176 Dhcp - ok
14:40:38.0062 1176 [ 044452051f3e02e7963599fc8f4f3e25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
14:40:38.0062 1176 Disk - ok
14:40:38.0140 1176 dmadmin - ok
14:40:38.0234 1176 [ 80008bd0c19d97b0b3f4d1d9cbf190a8 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
14:40:38.0250 1176 dmboot - ok
14:40:38.0296 1176 [ 41862731f82be80f0cfba5d0da36b683 ] dmio C:\WINDOWS\system32\drivers\dmio.sys
14:40:38.0312 1176 dmio - ok
14:40:38.0406 1176 [ e9317282a63ca4d188c0df5e09c6ac5f ] dmload C:\WINDOWS\system32\drivers\dmload.sys
14:40:38.0406 1176 dmload - ok
14:40:38.0468 1176 [ 77db107fd2d8de42b3adc7fce084f653 ] dmserver C:\WINDOWS\System32\dmserver.dll
14:40:38.0468 1176 dmserver - ok
14:40:38.0562 1176 [ 8a208dfcf89792a484e76c40e5f50b45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
14:40:38.0562 1176 DMusic - ok
14:40:38.0625 1176 [ a3140b46bce1d84170bf02dcbce44dc0 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
14:40:38.0625 1176 Dnscache - ok
14:40:38.0703 1176 [ c3c6cf67796acdd8329cb0e44367a1eb ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
14:40:38.0703 1176 Dot3svc - ok
14:40:38.0781 1176 dpti2o - ok
14:40:38.0875 1176 [ 8f5fcff8e8848afac920905fbd9d33c8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
14:40:38.0875 1176 drmkaud - ok
14:40:38.0937 1176 [ 86a8d5e96a68413f3b4403cda933fd5e ] DUBE100B C:\WINDOWS\system32\DRIVERS\DUBE100B.sys
14:40:38.0937 1176 DUBE100B - ok
14:40:39.0031 1176 [ a885ed0bdc9e7dec3a654bb91befef0f ] eamon C:\WINDOWS\system32\DRIVERS\eamon.sys
14:40:39.0031 1176 eamon - ok
14:40:39.0093 1176 [ d9cabe63af4bc951302d9e508cb5599a ] EapHost C:\WINDOWS\System32\eapsvc.dll
14:40:39.0093 1176 EapHost - ok
14:40:39.0171 1176 [ 16d58144cc87f19880760fe757829a38 ] easdrv C:\WINDOWS\system32\DRIVERS\easdrv.sys
14:40:39.0171 1176 easdrv - ok
14:40:39.0250 1176 [ fa028bef19ff959631d0ecc30d86df13 ] EhttpSrv C:\Program\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
14:40:39.0250 1176 EhttpSrv - ok
14:40:39.0328 1176 [ ee81b8b09778351d04e14792b346018a ] ekrn C:\Program\ESET\ESET NOD32 Antivirus\ekrn.exe
14:40:39.0343 1176 ekrn - ok
14:40:39.0406 1176 [ 063ba83a061dbf2a53e1889446be729b ] epfwtdir C:\WINDOWS\system32\DRIVERS\epfwtdir.sys
14:40:39.0406 1176 epfwtdir - ok
14:40:39.0484 1176 [ bc5287dc6dc7ebb13aa825caa6482f94 ] ERSvc C:\WINDOWS\System32\ersvc.dll
14:40:39.0484 1176 ERSvc - ok
14:40:39.0562 1176 [ 9436fee6df0f12aabde97bea8501b538 ] Eventlog C:\WINDOWS\system32\services.exe
14:40:39.0578 1176 Eventlog - ok
14:40:39.0640 1176 [ 4ec63804dc5809dc0d0be0ab1efa0e9e ] EventSystem C:\WINDOWS\system32\es.dll
14:40:39.0640 1176 EventSystem - ok
14:40:39.0703 1176 [ 38d332a6d56af32635675f132548343e ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
14:40:39.0718 1176 Fastfat - ok
14:40:39.0781 1176 [ 187ca499ebd287e7bbac5b9b7aa9321e ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
14:40:39.0781 1176 FastUserSwitchingCompatibility - ok
14:40:39.0875 1176 [ 92cdd60b6730b9f50f6a1a0c1f8cdc81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
14:40:39.0875 1176 Fdc - ok
14:40:39.0953 1176 [ b66ddb75642f6722468707840c67a394 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
14:40:39.0953 1176 Fips - ok
14:40:40.0031 1176 [ 9d27e7b80bfcdf1cdd9b555862d5e7f0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
14:40:40.0031 1176 Flpydisk - ok
14:40:40.0093 1176 [ b2cf4b0786f8212cb92ed2b50c6db6b0 ] FltMgr C:\WINDOWS\system32\DRIVERS\fltMgr.sys
14:40:40.0093 1176 FltMgr - ok
14:40:40.0171 1176 [ 3e1e2bd4f39b0e2b7dc4f4d2bcc2779a ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
14:40:40.0171 1176 Fs_Rec - ok
14:40:40.0234 1176 [ 45fc410cfe68ff036ad232a141e69c19 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
14:40:40.0250 1176 Ftdisk - ok
14:40:40.0328 1176 [ 8182ff89c65e4d38b2de4bb0fb18564e ] GEARAspiWDM C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys
14:40:40.0328 1176 GEARAspiWDM - ok
14:40:40.0406 1176 [ 0a02c63c8b144bd8c86b103dee7c86a2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
14:40:40.0406 1176 Gpc - ok
14:40:40.0515 1176 [ 626a24ed1228580b9518c01930936df9 ] gupdate1ca24e048b45032 C:\Program\Google\Update\GoogleUpdate.exe
14:40:40.0515 1176 gupdate1ca24e048b45032 - ok
14:40:40.0562 1176 [ 626a24ed1228580b9518c01930936df9 ] gupdatem C:\Program\Google\Update\GoogleUpdate.exe
14:40:40.0562 1176 gupdatem - ok
14:40:40.0671 1176 [ 56bf27d7a539f9e6bbc1de201aba0edf ] HdAudAddService C:\WINDOWS\system32\drivers\AtiHdAud.sys
14:40:40.0671 1176 HdAudAddService - ok
14:40:40.0734 1176 [ 573c7d0a32852b48f3058cfd8026f511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
14:40:40.0734 1176 HDAudBus - ok
14:40:40.0828 1176 [ 202c95f334c53a5a8bd0d8465512b3f4 ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
14:40:40.0828 1176 helpsvc - ok
14:40:40.0890 1176 [ 71aace06b5f93cf02d05e4e2ec479aac ] HidServ C:\WINDOWS\System32\hidserv.dll
14:40:40.0890 1176 HidServ - ok
14:40:40.0953 1176 [ ccf82c5ec8a7326c3066de870c06daf1 ] hidusb C:\WINDOWS\system32\DRIVERS\hidusb.sys
14:40:40.0953 1176 hidusb - ok
14:40:41.0046 1176 [ 98580e101404565700fd12e03f7ee056 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
14:40:41.0046 1176 hkmsvc - ok
14:40:41.0093 1176 hpn - ok
14:40:41.0187 1176 [ f6aacf5bce2893e0c1754afeb672e5c9 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
14:40:41.0187 1176 HTTP - ok
14:40:41.0281 1176 [ f504d07cb25d62ab8d079c1f868651ae ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
14:40:41.0281 1176 HTTPFilter - ok
14:40:41.0328 1176 i2omgmt - ok
14:40:41.0421 1176 i2omp - ok
14:40:41.0515 1176 [ 82e56cd09b2ce1edec3fba9111c7ee3a ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
14:40:41.0515 1176 i8042prt - ok
14:40:41.0625 1176 [ 1cf03c69b49acb70c722df92755c0c8c ] IDriverT C:\Program\Delade filer\InstallShield\Driver\11\Intel 32\IDriverT.exe
14:40:41.0625 1176 IDriverT - ok
14:40:41.0671 1176 [ 083a052659f5310dd8b6a6cb05edcf8e ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
14:40:41.0671 1176 Imapi - ok
14:40:41.0750 1176 [ 891b69c3de6c55a7868b3bb52bc131aa ] ImapiService C:\WINDOWS\system32\imapi.exe
14:40:41.0765 1176 ImapiService - ok
14:40:41.0859 1176 ini910u - ok
14:40:42.0078 1176 [ eb5608fd4f2961517ac9f5cac88b023b ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
14:40:42.0125 1176 IntcAzAudAddService - ok
14:40:42.0171 1176 IntelIde - ok
14:40:42.0265 1176 [ 3bb22519a194418d5fec05d800a19ad0 ] Ip6Fw C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
14:40:42.0265 1176 Ip6Fw - ok
14:40:42.0343 1176 [ 731f22ba402ee4b62748adaf6363c182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
14:40:42.0343 1176 IpFilterDriver - ok
14:40:42.0406 1176 [ b87ab476dcf76e72010632b5550955f5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
14:40:42.0406 1176 IpInIp - ok
14:40:42.0484 1176 [ cc748ea12c6effde940ee98098bf96bb ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
14:40:42.0500 1176 IpNat - ok
14:40:42.0593 1176 [ 32cdedd15e2d1a557cd54552ae78ff86 ] iPod Service C:\Program\iPod\bin\iPodService.exe
14:40:42.0593 1176 iPod Service - ok
14:40:42.0656 1176 [ 23c74d75e36e7158768dd63d92789a91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
14:40:42.0656 1176 IPSec - ok
14:40:42.0734 1176 [ c93c9ff7b04d772627a3646d89f7bf89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
14:40:42.0734 1176 IRENUM - ok
14:40:42.0843 1176 [ 48f97c77daf8811598cfae21368eacb6 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
14:40:42.0843 1176 isapnp - ok
14:40:42.0953 1176 [ 0a5709543986843d37a92290b7838340 ] JavaQuickStarterService C:\Program\Java\jre6\bin\jqs.exe
14:40:42.0953 1176 JavaQuickStarterService - ok
14:40:43.0000 1176 [ d655ca94c8e2e0223c1bc28bcd95723a ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
14:40:43.0000 1176 Kbdclass - ok
14:40:43.0078 1176 [ e1e28876fe7602b0a1d040354de35c06 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
14:40:43.0078 1176 kbdhid - ok
14:40:43.0171 1176 [ 692bcf44383d056aed41b045a323d378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
14:40:43.0171 1176 kmixer - ok
14:40:43.0218 1176 [ 1705745d900dabf2d89f90ebaddc7517 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
14:40:43.0218 1176 KSecDD - ok
14:40:43.0312 1176 [ 0e107abf190fbeacd1e273afc552f7d2 ] L8042Kbd C:\WINDOWS\system32\DRIVERS\L8042Kbd.sys
14:40:43.0312 1176 L8042Kbd - ok
14:40:43.0390 1176 [ 9071f39d6d399771ff662020a7a9d410 ] LanmanServer C:\WINDOWS\System32\srvsvc.dll
14:40:43.0390 1176 LanmanServer - ok
14:40:43.0468 1176 [ f50c36f1b3dfad611a60715c81772cb2 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
14:40:43.0468 1176 lanmanworkstation - ok
14:40:43.0578 1176 [ 193146149076b331c008c1c0af6fa5b9 ] Lavasoft Ad-Aware Service C:\Program\Lavasoft\Ad-Aware\AAWService.exe
14:40:43.0593 1176 Lavasoft Ad-Aware Service - ok
14:40:43.0656 1176 [ 419590ebe7855215bb157ea0cf0d0531 ] Lbd C:\WINDOWS\system32\DRIVERS\Lbd.sys
14:40:43.0656 1176 Lbd - ok
14:40:43.0718 1176 lbrtfdc - ok
14:40:43.0843 1176 [ 706f3eb3add1b6ef8815cf0ec88c1ef3 ] LHidKe C:\WINDOWS\system32\DRIVERS\LHidKE.Sys
14:40:43.0843 1176 LHidKe - ok
14:40:43.0921 1176 [ 46265677d8741d808e24bc8528bfb8d1 ] LHidUsbK C:\WINDOWS\system32\Drivers\LHidUsbK.Sys
14:40:43.0937 1176 LHidUsbK - ok
14:40:44.0078 1176 [ 984ecb68ed2a2b2e6a544e87e24fba2d ] LightScribeService C:\Program\Delade filer\LightScribe\LSSrvc.exe
14:40:44.0093 1176 LightScribeService - ok
14:40:44.0171 1176 [ ee155cf65cdc8be1b4effa24a69fc924 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
14:40:44.0171 1176 LmHosts - ok
14:40:44.0250 1176 [ c4eeb836d5596fb590f6ff538b66d092 ] LMouKE C:\WINDOWS\system32\DRIVERS\LMouKE.Sys
14:40:44.0250 1176 LMouKE - ok
14:40:44.0328 1176 [ 0caf7eb39b3cfb900312019fac58e979 ] LUsbKbd C:\WINDOWS\system32\Drivers\LUsbKbd.Sys
14:40:44.0328 1176 LUsbKbd - ok
14:40:44.0421 1176 [ 363e8ebae26bb8b4987c91b4d3ce0f54 ] Messenger C:\WINDOWS\System32\msgsvc.dll
14:40:44.0421 1176 Messenger - ok
14:40:44.0500 1176 [ 4ae068242760a1fb6e1a44bf4e16afa6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
14:40:44.0500 1176 mnmdd - ok
14:40:44.0578 1176 [ 2bc41300b822562ac0a524dcdd2da027 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
14:40:44.0578 1176 mnmsrvc - ok
14:40:44.0640 1176 [ 42ce19726d9c410dff75d3ff1cc79db2 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
14:40:44.0640 1176 Modem - ok
14:40:44.0718 1176 [ e0c4c36573bcf0c0d2a1578caa791f7d ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
14:40:44.0718 1176 Mouclass - ok
14:40:44.0796 1176 [ 98e474ecf11f1db62fb072157a95ea83 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
14:40:44.0796 1176 mouhid - ok
14:40:44.0859 1176 [ a80b9a0bad1b73637dbcbba7df72d3fd ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
14:40:44.0859 1176 MountMgr - ok
14:40:44.0937 1176 mraid35x - ok
14:40:45.0015 1176 [ 11d42bb6206f33fbb3ba0288d3ef81bd ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
14:40:45.0031 1176 MRxDAV - ok
14:40:45.0109 1176 [ 68755f0ff16070178b54674fe5b847b0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
14:40:45.0109 1176 MRxSmb - ok
14:40:45.0187 1176 [ 7a73fdeef6cf45d27edd73220eaf1c8f ] MSDTC C:\WINDOWS\system32\msdtc.exe
14:40:45.0187 1176 MSDTC - ok
14:40:45.0250 1176 [ c941ea2454ba8350021d774daf0f1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
14:40:45.0250 1176 Msfs - ok
14:40:45.0328 1176 MSIServer - ok
14:40:45.0421 1176 [ d1575e71568f4d9e14ca56b7b0453bf1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
14:40:45.0421 1176 MSKSSRV - ok
14:40:45.0484 1176 [ 325bb26842fc7ccc1fcce2c457317f3e ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
14:40:45.0484 1176 MSPCLOCK - ok
14:40:45.0562 1176 [ bad59648ba099da4a17680b39730cb3d ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
14:40:45.0562 1176 MSPQM - ok
14:40:45.0656 1176 [ af5f4f3f14a8ea2c26de30f7a1e17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
14:40:45.0656 1176 mssmbios - ok
14:40:45.0718 1176 [ d48659bb24c48345d926ecb45c1ebdf5 ] MTsensor C:\WINDOWS\system32\DRIVERS\ASACPI.sys
14:40:45.0718 1176 MTsensor - ok
14:40:45.0781 1176 [ 2f625d11385b1a94360bfc70aaefdee1 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
14:40:45.0781 1176 Mup - ok
14:40:45.0890 1176 [ 28d11a2ecdfcb280624bd7006d85c38e ] napagent C:\WINDOWS\System32\qagentrt.dll
14:40:45.0890 1176 napagent - ok
14:40:45.0937 1176 [ 1df7f42665c94b825322fae71721130d ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
14:40:45.0937 1176 NDIS - ok
14:40:46.0031 1176 [ 1ab3d00c991ab086e69db84b6c0ed78f ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
14:40:46.0031 1176 NdisTapi - ok
14:40:46.0109 1176 [ f927a4434c5028758a842943ef1a3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
14:40:46.0109 1176 Ndisuio - ok
14:40:46.0171 1176 [ edc1531a49c80614b2cfda43ca8659ab ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
14:40:46.0187 1176 NdisWan - ok
14:40:46.0265 1176 [ 6215023940cfd3702b46abc304e1d45a ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
14:40:46.0265 1176 NDProxy - ok
14:40:46.0406 1176 [ 6d4028d458eaaa1782099750790dc8c9 ] Nero BackItUp Scheduler 3 C:\Program\Nero\Nero8\Nero BackItUp\NBService.exe
14:40:46.0421 1176 Nero BackItUp Scheduler 3 - ok
14:40:46.0468 1176 [ 29c45722e20572b6440b57e3359e73ee ] Netaapl C:\WINDOWS\system32\DRIVERS\netaapl.sys
14:40:46.0468 1176 Netaapl - ok
14:40:46.0531 1176 [ 5d81cf9a2f1a3a756b66cf684911cdf0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
14:40:46.0531 1176 NetBIOS - ok
14:40:46.0609 1176 [ 74b2b2f5bea5e9a3dc021d685551bd3d ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
14:40:46.0625 1176 NetBT - ok
14:40:46.0687 1176 [ 5a922c8e35bf372f3dd3ec61345634b7 ] NetDDE C:\WINDOWS\system32\netdde.exe
14:40:46.0703 1176 NetDDE - ok
14:40:46.0765 1176 [ 5a922c8e35bf372f3dd3ec61345634b7 ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
14:40:46.0765 1176 NetDDEdsdm - ok
14:40:46.0859 1176 [ ff1805d5daf41625af5282750d4a3700 ] Netlogon C:\WINDOWS\system32\lsass.exe
14:40:46.0859 1176 Netlogon - ok
14:40:46.0921 1176 [ 7f791c1c9d3fec5d3f519c9db19465d3 ] Netman C:\WINDOWS\System32\netman.dll
14:40:46.0937 1176 Netman - ok
14:40:47.0000 1176 [ babb92bc3369ac9e2dd47db5976a11d0 ] Nla C:\WINDOWS\System32\mswsock.dll
14:40:47.0015 1176 Nla - ok
14:40:47.0140 1176 [ 9df82b4b75d3ca7f068019f8c4c368f1 ] NMIndexingService C:\Program\Delade filer\Nero\Lib\NMIndexingService.exe
14:40:47.0140 1176 NMIndexingService - ok
14:40:47.0203 1176 [ 3182d64ae053d6fb034f44b6def8034a ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
14:40:47.0203 1176 Npfs - ok
14:40:47.0281 1176 [ 78a08dd6a8d65e697c18e1db01c5cdca ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
14:40:47.0281 1176 Ntfs - ok
14:40:47.0343 1176 [ ff1805d5daf41625af5282750d4a3700 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
14:40:47.0343 1176 NtLmSsp - ok
14:40:47.0437 1176 [ 5fd9f539baf23288d131f1b709a62807 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
14:40:47.0437 1176 NtmsSvc - ok
14:40:47.0484 1176 [ 73c1e1f395918bc2c6dd67af7591a3ad ] Null C:\WINDOWS\system32\drivers\Null.sys
14:40:47.0484 1176 Null - ok
14:40:47.0578 1176 [ b305f3fad35083837ef46a0bbce2fc57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
14:40:47.0578 1176 NwlnkFlt - ok
14:40:47.0640 1176 [ c99b3415198d1aab7227f2c88fd664b9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
14:40:47.0656 1176 NwlnkFwd - ok
14:40:47.0734 1176 [ 7a56cf3e3f12e8af599963b16f50fb6a ] ose C:\Program\Delade filer\Microsoft Shared\Source Engine\OSE.EXE
14:40:47.0734 1176 ose - ok
14:40:47.0796 1176 [ 19e28ed86e7244d76fda792c2810188e ] Parport C:\WINDOWS\system32\drivers\Parport.sys
14:40:47.0796 1176 Parport - ok
14:40:47.0875 1176 [ beb3ba25197665d82ec7065b724171c6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
14:40:47.0875 1176 PartMgr - ok
14:40:47.0953 1176 [ 5cf71e14a108c492c1fb07543d579af5 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
14:40:47.0953 1176 ParVdm - ok
14:40:48.0015 1176 [ 8a185f0112cf5b42ff1aaff31b8b3091 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
14:40:48.0015 1176 PCI - ok
14:40:48.0093 1176 PCIDump - ok
14:40:48.0171 1176 [ 239de4275ee40fdf9912761467025244 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
14:40:48.0171 1176 PCIIde - ok
14:40:48.0250 1176 [ 904053aa6e251c77cf85371ce644cfd7 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
14:40:48.0250 1176 Pcmcia - ok
14:40:48.0328 1176 PDCOMP - ok
14:40:48.0406 1176 PDFRAME - ok
14:40:48.0484 1176 PDRELI - ok
14:40:48.0562 1176 PDRFRAME - ok
14:40:48.0640 1176 perc2 - ok
14:40:48.0718 1176 perc2hib - ok
14:40:48.0953 1176 [ 9436fee6df0f12aabde97bea8501b538 ] PlugPlay C:\WINDOWS\system32\services.exe
14:40:48.0953 1176 PlugPlay - ok
14:40:49.0046 1176 [ a1dd33d16f277ce34124ee52ab2c0f14 ] PnkBstrA C:\WINDOWS\system32\PnkBstrA.exe
14:40:49.0046 1176 PnkBstrA - ok
14:40:49.0125 1176 [ cf45c455c3cdb71584b7e02c4b9237c6 ] PnkBstrB C:\WINDOWS\system32\PnkBstrB.exe
14:40:49.0125 1176 PnkBstrB - ok
14:40:49.0187 1176 [ 335070925fce12af4341bf0b71d8a4b6 ] PnkBstrK C:\WINDOWS\system32\drivers\PnkBstrK.sys
14:40:49.0187 1176 PnkBstrK - ok
14:40:49.0250 1176 [ ff1805d5daf41625af5282750d4a3700 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
14:40:49.0250 1176 PolicyAgent - ok
14:40:49.0328 1176 [ efeec01b1d3cf84f16ddd24d9d9d8f99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
14:40:49.0328 1176 PptpMiniport - ok
14:40:49.0406 1176 [ 992e4b2a91e6a2f3d21de89b9273353a ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys
14:40:49.0421 1176 Processor - ok
14:40:49.0484 1176 [ ff1805d5daf41625af5282750d4a3700 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
14:40:49.0484 1176 ProtectedStorage - ok
14:40:49.0562 1176 [ 09298ec810b07e5d582cb3a3f9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
14:40:49.0562 1176 PSched - ok
14:40:49.0640 1176 [ 80d317bd1c3dbc5d4fe7b1678c60cadd ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
14:40:49.0640 1176 Ptilink - ok
14:40:49.0718 1176 [ d86b4a68565e444d76457f14172c875a ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
14:40:49.0718 1176 PxHelp20 - ok
14:40:49.0796 1176 qcserxp - ok
14:40:49.0859 1176 ql1080 - ok
14:40:49.0937 1176 Ql10wnt - ok
14:40:50.0015 1176 ql12160 - ok
14:40:50.0093 1176 ql1240 - ok
14:40:50.0171 1176 ql1280 - ok
14:40:50.0265 1176 [ fe0d99d6f31e4fad8159f690d68ded9c ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
14:40:50.0265 1176 RasAcd - ok
14:40:50.0328 1176 [ 15d787dffce46cfc4c7f567095ce8323 ] RasAuto C:\WINDOWS\System32\rasauto.dll
14:40:50.0328 1176 RasAuto - ok
14:40:50.0437 1176 [ 11b4a627bc9614b885c4969bfa5ff8a6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
14:40:50.0437 1176 Rasl2tp - ok
14:40:50.0500 1176 [ 1e86de6b0df33953cf9ce449dd6e8442 ] RasMan C:\WINDOWS\System32\rasmans.dll
14:40:50.0500 1176 RasMan - ok
14:40:50.0578 1176 [ 5bc962f2654137c9909c3d4603587dee ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
14:40:50.0578 1176 RasPppoe - ok
14:40:50.0656 1176 [ fdbb1d60066fcfbb7452fd8f9829b242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
14:40:50.0656 1176 Raspti - ok
14:40:50.0734 1176 [ 7ad224ad1a1437fe28d89cf22b17780a ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
14:40:50.0734 1176 Rdbss - ok
14:40:50.0812 1176 [ 4912d5b403614ce99c28420f75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
14:40:50.0812 1176 RDPCDD - ok
14:40:50.0921 1176 [ 15cabd0f7c00c47c70124907916af3f1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
14:40:50.0937 1176 rdpdr - ok
14:40:51.0046 1176 [ 6728e45b66f93c08f11de2e316fc70dd ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
14:40:51.0062 1176 RDPWD - ok
14:40:51.0109 1176 [ fe7c16fa5cbc560579c9728534fbaf6f ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
14:40:51.0109 1176 RDSessMgr - ok
14:40:51.0187 1176 [ 97130d37842819fa39fd5f1e90a5d676 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
14:40:51.0187 1176 redbook - ok
14:40:51.0281 1176 [ fcd42d82c6f5e0e1506eca01d692dde7 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
14:40:51.0281 1176 RemoteAccess - ok
14:40:51.0359 1176 [ 66bc81fea0c86632255b696a69ba9827 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
14:40:51.0359 1176 RemoteRegistry - ok
14:40:51.0421 1176 [ d8b0b4ade32574b2d9c5cc34dc0dbbe7 ] ROOTMODEM C:\WINDOWS\system32\Drivers\RootMdm.sys
14:40:51.0421 1176 ROOTMODEM - ok
14:40:51.0500 1176 [ 2cfb81b412a5d3cbd55cefaccb5e2cee ] RpcLocator C:\WINDOWS\system32\locator.exe
14:40:51.0500 1176 RpcLocator - ok
14:40:51.0578 1176 [ ca6c886e70bcd38c4891e26cb4abd2eb ] RpcSs C:\WINDOWS\system32\rpcss.dll
14:40:51.0578 1176 RpcSs - ok
14:40:51.0640 1176 [ 72407e48f912ed57213ae474b8a6798b ] RSVP C:\WINDOWS\system32\rsvp.exe
14:40:51.0640 1176 RSVP - ok
14:40:51.0734 1176 [ d507c1400284176573224903819ffda3 ] rtl8139 C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
14:40:51.0734 1176 rtl8139 - ok
14:40:51.0812 1176 [ 71b7026d61293c1e91145bdad11c53bf ] RTL8169 C:\WINDOWS\system32\DRIVERS\Rtlh86.sys
14:40:51.0812 1176 RTL8169 - ok
14:40:51.0890 1176 [ ff1805d5daf41625af5282750d4a3700 ] SamSs C:\WINDOWS\system32\lsass.exe
14:40:51.0890 1176 SamSs - ok
14:40:51.0968 1176 [ d339f34d824a7d42ff4d61f1d9d06029 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
14:40:51.0968 1176 SCardSvr - ok
14:40:52.0046 1176 [ c7dc69a9d8c9ab2fbca3238c989d598f ] Schedule C:\WINDOWS\system32\schedsvc.dll
14:40:52.0046 1176 Schedule - ok
14:40:52.0109 1176 [ 90a3935d05b494a5a39d37e71f09a677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
14:40:52.0109 1176 Secdrv - ok
14:40:52.0187 1176 [ ed70eb06f13062366b126b1c7475c127 ] seclogon C:\WINDOWS\System32\seclogon.dll
14:40:52.0187 1176 seclogon - ok
14:40:52.0265 1176 [ ea7b436a948c875dc94c6062fcbbc2d9 ] SENS C:\WINDOWS\system32\sens.dll
14:40:52.0281 1176 SENS - ok
14:40:52.0343 1176 [ 0f29512ccd6bead730039fb4bd2c85ce ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
14:40:52.0343 1176 serenum - ok
14:40:52.0421 1176 [ f7d35464062edc08909e568bcd8ae77d ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
14:40:52.0421 1176 Serial - ok
14:40:52.0500 1176 [ 8e6b8c671615d126fdc553d1e2de5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
14:40:52.0500 1176 Sfloppy - ok
14:40:52.0578 1176 [ 30e1a46734bdf836c8770949c86b42a4 ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
14:40:52.0593 1176 SharedAccess - ok
14:40:52.0656 1176 [ 187ca499ebd287e7bbac5b9b7aa9321e ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
14:40:52.0656 1176 ShellHWDetection - ok
14:40:52.0718 1176 Simbad - ok
14:40:52.0796 1176 Sparrow - ok
14:40:52.0890 1176 [ ab8b92451ecb048a4d1de7c3ffcb4a9f ] splitter C:\WINDOWS\system32\drivers\splitter.sys
14:40:52.0890 1176 splitter - ok
14:40:52.0968 1176 [ ac6a8ceaaf03081da74ee70ea2124495 ] Spooler C:\WINDOWS\system32\spoolsv.exe
14:40:52.0968 1176 Spooler - ok
14:40:53.0062 1176 [ 71e276f6d189413266ea22171806597b ] sptd C:\WINDOWS\system32\Drivers\sptd.sys
14:40:53.0062 1176 Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\sptd.sys. md5: 71e276f6d189413266ea22171806597b
14:40:53.0062 1176 sptd ( LockedFile.Multi.Generic ) - warning
14:40:53.0062 1176 sptd - detected LockedFile.Multi.Generic (1)
14:40:53.0109 1176 [ 1193ef00869f6367367e6e7cb96be325 ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
14:40:53.0109 1176 sr - ok
14:40:53.0203 1176 [ 25edb60132f9d82cb1b7961c1d0d13f2 ] srservice C:\WINDOWS\system32\srsvc.dll
14:40:53.0203 1176 srservice - ok
14:40:53.0265 1176 [ 5252605079810904e31c332e241cd59b ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
14:40:53.0281 1176 Srv - ok
14:40:53.0359 1176 [ 53ffc29dc150e0107f28f0a622ff8d1a ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
14:40:53.0359 1176 SSDPSRV - ok
14:40:53.0468 1176 [ 5835d4ad35905215e1059a973b022ea1 ] stisvc C:\WINDOWS\system32\wiaservc.dll
14:40:53.0468 1176 stisvc - ok
14:40:53.0515 1176 [ 3941d127aef12e93addf6fe6ee027e0f ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
14:40:53.0515 1176 swenum - ok
14:40:53.0593 1176 [ 8ce882bcc6cf8a62f2b2323d95cb3d01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
14:40:53.0593 1176 swmidi - ok
14:40:53.0656 1176 SwPrv - ok
14:40:53.0734 1176 symc810 - ok
14:40:53.0812 1176 symc8xx - ok
14:40:53.0890 1176 sym_hi - ok
14:40:53.0953 1176 sym_u3 - ok
14:40:54.0031 1176 [ 8b83f3ed0f1688b4958f77cd6d2bf290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
14:40:54.0046 1176 sysaudio - ok
14:40:54.0140 1176 [ 71a08eec00a703445a2cbc0e91ef0952 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
14:40:54.0140 1176 SysmonLog - ok
14:40:54.0203 1176 [ 18261106524f7a93ceceacdc03a5b989 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
14:40:54.0203 1176 TapiSrv - ok
14:40:54.0281 1176 [ 93ea8d04ec73a85db02eb8805988f733 ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
14:40:54.0281 1176 Tcpip - ok
14:40:54.0359 1176 [ 6471a66807f5e104e4885f5b67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
14:40:54.0359 1176 TDPIPE - ok
14:40:54.0437 1176 [ c56b6d0402371cf3700eb322ef3aaf61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
14:40:54.0437 1176 TDTCP - ok
14:40:54.0515 1176 [ 88155247177638048422893737429d9e ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
14:40:54.0515 1176 TermDD - ok
14:40:54.0593 1176 [ f89c53d455420df4d66e45842fb3a46e ] TermService C:\WINDOWS\System32\termsrv.dll
14:40:54.0593 1176 TermService - ok
14:40:54.0671 1176 [ 187ca499ebd287e7bbac5b9b7aa9321e ] Themes C:\WINDOWS\System32\shsvcs.dll
14:40:54.0671 1176 Themes - ok
14:40:54.0734 1176 [ cc4c1aae22088304c715ac9d26f2d4c1 ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
14:40:54.0734 1176 TlntSvr - ok
14:40:54.0812 1176 TosIde - ok
14:40:54.0890 1176 [ 548867e040cb81a82b5df09d074f95f8 ] TrkWks C:\WINDOWS\system32\trkwks.dll
14:40:54.0890 1176 TrkWks - ok
14:40:55.0000 1176 [ 5787b80c2e3c5e2f56c2a233d91fa2c9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
14:40:55.0015 1176 Udfs - ok
14:40:55.0078 1176 ultra - ok
14:40:55.0187 1176 [ 402ddc88356b1bac0ee3dd1580c76a31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
14:40:55.0187 1176 Update - ok
14:40:55.0250 1176 [ b1222a2302480d56a32c5343150bb16d ] upnphost C:\WINDOWS\System32\upnphost.dll
14:40:55.0250 1176 upnphost - ok
14:40:55.0312 1176 [ 7b07af3d4545ad6fee34b5f2eb247c8f ] UPS C:\WINDOWS\System32\ups.exe
14:40:55.0312 1176 UPS - ok
14:40:55.0406 1176 [ 4b8a9c16b6d9258ed99c512aecb8c555 ] USBAAPL C:\WINDOWS\system32\Drivers\usbaapl.sys
14:40:55.0406 1176 USBAAPL - ok
14:40:55.0484 1176 [ e919708db44ed8543a7c017953148330 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
14:40:55.0484 1176 usbaudio - ok
14:40:55.0562 1176 [ adb68aa60ef991ce2e217223fa20b4ff ] usbbus C:\WINDOWS\system32\DRIVERS\lgusbbus.sys
14:40:55.0562 1176 usbbus - ok
14:40:55.0625 1176 [ 173f317ce0db8e21322e71b7e60a27e8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
14:40:55.0625 1176 usbccgp - ok
14:40:55.0718 1176 [ d4a6201dd361f019e44483645b490e4e ] UsbDiag C:\WINDOWS\system32\DRIVERS\lgusbdiag.sys
14:40:55.0718 1176 UsbDiag - ok
14:40:55.0781 1176 [ 65dcf09d0e37d4c6b11b5b0b76d470a7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
14:40:55.0781 1176 usbehci - ok
14:40:55.0843 1176 [ 1ab3cdde553b6e064d2e754efe20285c ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
14:40:55.0843 1176 usbhub - ok
14:40:55.0953 1176 [ a2b99411e10287f327a9820d260e7fe4 ] USBModem C:\WINDOWS\system32\DRIVERS\lgusbmodem.sys
14:40:55.0953 1176 USBModem - ok
14:40:56.0015 1176 [ 0daecce65366ea32b162f85f07c6753b ] usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys
14:40:56.0015 1176 usbohci - ok
14:40:56.0093 1176 [ a717c8721046828520c9edf31288fc00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
14:40:56.0093 1176 usbprint - ok
14:40:56.0171 1176 [ a0b8cf9deb1184fbdd20784a58fa75d4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
14:40:56.0171 1176 usbscan - ok
14:40:56.0250 1176 [ a32426d9b14a089eaa1d922e0c5801a9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
14:40:56.0250 1176 USBSTOR - ok
14:40:56.0312 1176 [ 0d3a8fafceacd8b7625cd549757a7df1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
14:40:56.0312 1176 VgaSave - ok
14:40:56.0406 1176 ViaIde - ok
14:40:56.0484 1176 [ 57187ec04878147e1f4f2d9224b12205 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
14:40:56.0484 1176 VolSnap - ok
14:40:56.0546 1176 [ 940950dc9e34b05986bbbb1d1a33b74f ] VSS C:\WINDOWS\System32\vssvc.exe
14:40:56.0562 1176 VSS - ok
14:40:56.0640 1176 [ 4bf06a1dcd6a91c482e79340fee527ca ] W32Time C:\WINDOWS\system32\w32time.dll
14:40:56.0640 1176 W32Time - ok
14:40:56.0750 1176 [ e20b95baedb550f32dd489265c1da1f6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
14:40:56.0750 1176 Wanarp - ok
14:40:56.0843 1176 [ fd47474bd21794508af449d9d91af6e6 ] Wdf01000 C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
14:40:56.0843 1176 Wdf01000 - ok
14:40:56.0890 1176 WDICA - ok
14:40:57.0000 1176 [ 6768acf64b18196494413695f0c3a00f ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
14:40:57.0000 1176 wdmaud - ok
14:40:57.0078 1176 [ e6dfcadf5089a68ecd288e9a803a892c ] WebClient C:\WINDOWS\System32\webclnt.dll
14:40:57.0078 1176 WebClient - ok
14:40:57.0187 1176 [ cf4e2a27495f7ea6b3128d9a731b3716 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
14:40:57.0187 1176 winmgmt - ok
14:40:57.0359 1176 [ bdcb1149152beb87154d42aeaf148c90 ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
14:40:57.0359 1176 WmdmPmSN - ok
14:40:57.0421 1176 [ 724a81413ad87d83cecb5264efd97b51 ] Wmi C:\WINDOWS\System32\advapi32.dll
14:40:57.0421 1176 Wmi - ok
14:40:57.0500 1176 [ c42584fd66ce9e17403aebca199f7bdb ] WmiAcpi C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
14:40:57.0500 1176 WmiAcpi - ok
14:40:57.0609 1176 [ 9bfadc02a9e27bfdff59e61302f92517 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
14:40:57.0609 1176 WmiApSrv - ok
14:40:57.0718 1176 [ 0c1d6294d4794c6c2b38e983aac9c10f ] WMPNetworkSvc C:\Program\Windows Media Player\WMPNetwk.exe
14:40:57.0734 1176 WMPNetworkSvc - ok
14:40:57.0812 1176 [ f6c0eb46c66c7be80f22115ecb44b1f0 ] WpdUsb C:\WINDOWS\system32\Drivers\wpdusb.sys
14:40:57.0828 1176 WpdUsb - ok
14:40:57.0937 1176 [ 4ac32513fa47c8219448269bf895fc34 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
14:40:57.0953 1176 wscsvc - ok
14:40:58.0015 1176 [ 4ceaf29d35c2608c6463e80574ddca10 ] wuauserv C:\WINDOWS\system32\wuauserv.dll
14:40:58.0015 1176 wuauserv - ok
14:40:58.0093 1176 [ 443f0a35cb3be5d176053da39157a898 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
14:40:58.0093 1176 WudfPf - ok
14:40:58.0156 1176 [ e12d4c486d7eb4e0961c27558dc25af7 ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
14:40:58.0171 1176 WudfRd - ok
14:40:58.0234 1176 [ 8a92b1f02571b634f50db35a934989f6 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
14:40:58.0281 1176 WudfSvc - ok
14:40:58.0359 1176 [ 5ec7d7f83640a921b5c616d9650520fd ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
14:40:58.0375 1176 WZCSVC - ok
14:40:58.0437 1176 [ 5b3d475aa8629320686fbffbe67ab492 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
14:40:58.0468 1176 xmlprov - ok
14:40:58.0656 1176 ================ Scan global ===============================
14:40:58.0703 1176 (fccf29a7b803601e170ee8e6c57bfb84) C:\WINDOWS\system32\basesrv.dll
14:40:58.0750 1176 (2265332bf5290c5309663e4ea4d9cea6) C:\WINDOWS\system32\winsrv.dll
14:40:58.0781 1176 (2265332bf5290c5309663e4ea4d9cea6) C:\WINDOWS\system32\winsrv.dll
14:40:58.0828 1176 (9436fee6df0f12aabde97bea8501b538) C:\WINDOWS\system32\services.exe
14:40:58.0828 1176 [Global] - ok
14:40:58.0843 1176 ================ Scan MBR ==================================
14:40:58.0890 1176 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
14:40:58.0937 1176 \Device\Harddisk0\DR0 - ok
14:40:58.0984 1176 MBR (0x1B8) (c8919ae61419c5625f9ef0aef12523a8) \Device\Harddisk1\DR1
14:40:59.0671 1176 \Device\Harddisk1\DR1 - ok
14:40:59.0671 1176 ================ Scan VBR ==================================
14:40:59.0703 1176 Boot (0x1200) (96ad621e1ba2ba5bafea9c14b7ebdeb1) \Device\Harddisk0\DR0\Partition1
14:40:59.0703 1176 \Device\Harddisk0\DR0\Partition1 - ok
14:40:59.0828 1176 Boot (0x1200) (20a352ace85550128d2ad7541a5800bf) \Device\Harddisk1\DR1\Partition1
14:40:59.0828 1176 \Device\Harddisk1\DR1\Partition1 - ok
14:40:59.0890 1176 Boot (0x1200) (896c7082ba5e020d82f07da7a5143a20) \Device\Harddisk1\DR1\Partition2
14:40:59.0890 1176 \Device\Harddisk1\DR1\Partition2 - ok
14:40:59.0921 1176 ============================================================
14:40:59.0921 1176 Scan finished
14:40:59.0921 1176 ============================================================
14:41:00.0078 0920 Detected object count: 1
14:41:00.0078 0920 Actual detected object count: 1
14:41:41.0328 0920 C:\WINDOWS\system32\Drivers\sptd.sys - copied to quarantine
14:41:41.0328 0920 HKLM\SYSTEM\ControlSet001\services\sptd - will be deleted on reboot
14:41:41.0359 0920 HKLM\SYSTEM\ControlSet002\services\sptd - will be deleted on reboot
14:41:41.0359 0920 C:\WINDOWS\system32\Drivers\sptd.sys - will be deleted on reboot
14:41:41.0359 0920 sptd ( LockedFile.Multi.Generic ) - User select action: Delete

#4 intercept1

intercept1
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:12:14 AM

Posted 14 August 2012 - 07:52 AM

AVAST:

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-08-14 14:43:20
-----------------------------
14:43:20.531 OS Version: Windows 5.1.2600 Service Pack 3
14:43:20.531 Number of processors: 2 586 0x6B02
14:43:20.531 ComputerName: PARTYFIL-78AA68 UserName: Administratör
14:43:20.796 Initialize success
14:46:36.875 AVAST engine defs: 12081400
14:47:59.812 Disk 0 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
14:47:59.875 Disk 0 Vendor: ST3300622AS 3.AAH Size: 286168MB BusType: 3
14:47:59.921 Disk 1 (boot) \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP3T0L0-19
14:47:59.968 Disk 1 Vendor: SAMSUNG_HD642JJ 1AA01113 Size: 610480MB BusType: 3
14:48:00.062 Disk 1 MBR read successfully
14:48:00.125 Disk 1 MBR scan
14:48:00.203 Disk 1 Windows XP default MBR code
14:48:00.265 Disk 1 Partition 1 80 (A) 07 HPFS/NTFS NTFS 61443 MB offset 63
14:48:00.328 Disk 1 Partition - 00 0F Extended LBA 549026 MB offset 125837145
14:48:00.406 Disk 1 Partition 2 00 07 HPFS/NTFS NTFS 549026 MB offset 125837208
14:48:00.468 Disk 1 scanning sectors +1250242560
14:48:00.593 Disk 1 scanning C:\WINDOWS\system32\drivers
14:48:06.750 Service scanning
14:48:15.734 Service sptd C:\WINDOWS\System32\Drivers\sptd.sys **LOCKED** 32
14:48:18.687 Modules scanning
14:48:22.703 Disk 1 trace - called modules:
14:48:22.875 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys spbg.sys >>UNKNOWN [0x8a336938]<<
14:48:23.046 1 nt!IofCallDriver -> \Device\Harddisk1\DR1[0x8a2ceab8]
14:48:23.218 3 CLASSPNP.SYS[f7637fd7] -> nt!IofCallDriver -> \Device\0000006b[0x8a3692f0]
14:48:23.390 5 ACPI.sys[f7496620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP3T0L0-19[0x8a2e0d98]
14:48:23.750 AVAST engine scan C:\WINDOWS
14:48:26.953 AVAST engine scan C:\WINDOWS\system32
14:50:29.000 AVAST engine scan C:\WINDOWS\system32\drivers
14:50:36.828 AVAST engine scan C:\Documents and Settings\Administratör.PARTYFIL-78AA68
14:50:48.875 AVAST engine scan C:\Documents and Settings\All Users
14:51:33.906 Disk 1 MBR has been saved successfully to "C:\Documents and Settings\Administratör.PARTYFIL-78AA68\Skrivbord\MBR.dat"
14:51:34.093 The log file has been saved successfully to "C:\Documents and Settings\Administratör.PARTYFIL-78AA68\Skrivbord\aswMBR.txt"

#5 intercept1

intercept1
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:12:14 AM

Posted 14 August 2012 - 08:27 AM

when i try to scan with eset program the computer reboots everytime it reach 99% so i cant get a log file.

#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:14 AM

Posted 14 August 2012 - 08:31 AM

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.


Download

adware cleaner

Launch it click on Delete

post the generated log

#7 intercept1

intercept1
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:12:14 AM

Posted 14 August 2012 - 11:15 AM

Malwarebytes Anti-Malware (Testversion) 1.62.0.1300
www.malwarebytes.org

Databasversion: v2012.08.14.03

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Don :: PARTYFIL-78AA68 [administratör]

Skydd: Aktiverad

2012-08-14 17:40:33
mbam-log-2012-08-14 (17-40-33).txt

Skanningstyp: Fullständig skanning (C:\|D:\|G:\|)
Aktiverade skanningsalternativ: Minne | Start | Register | Filsystem | Heuristik/Extra | Heuristik/Shuriken | PUP | PUM
Inaktiverade skanningsalternativ: P2P
Antal skannade objekt: 354050
Förfluten tid: 34 minut(er), 31 sekund(er)

Upptäckta minnesprocesser: 0
(Inga skadliga poster hittades)

Upptäckta minnesmoduler: 0
(Inga skadliga poster hittades)

Upptäckta registernycklar: 0
(Inga skadliga poster hittades)

Upptäckta registervärden: 0
(Inga skadliga poster hittades)

Upptäckta registerdataposter: 0
(Inga skadliga poster hittades)

Upptäckta mappar: 0
(Inga skadliga poster hittades)

Upptäckta filer: 0
(Inga skadliga poster hittades)

(klar)

#8 intercept1

intercept1
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:12:14 AM

Posted 14 August 2012 - 11:18 AM

MiniToolBox by Farbar Version: 23-07-2012
Ran by Don (administrator) on 14-08-2012 at 18:17:37
Microsoft Windows XP Professional Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================


IP-konfiguration för Windows



DNS-matcharens cacheminne har rensats.


========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================


127.0.0.1 localhost

========================= IP Configuration: ================================

Atheros L1 Gigabit Ethernet 10/100/1000Base-T Controller = Anslutning till lokalt nätverk (Disconnected)
Realtek RTL8139 Family PCI Fast Ethernet NIC = Anslutning till lokalt nätverk 4 (Connected)


# ----------------------------------
# IP-konfiguration f”r gr„nssnitt
# ----------------------------------
pushd interface ip


# IP-konfiguration f”r gr„nssnitt f”r "Anslutning till lokalt n„tverk 4"

set address name="Anslutning till lokalt n„tverk 4" source=dhcp
set dns name="Anslutning till lokalt n„tverk 4" source=dhcp register=PRIMARY
set wins name="Anslutning till lokalt n„tverk 4" source=dhcp


popd
# Slut p† IP-konfiguration f”r gr„nssnitt




IP-konfiguration för Windows



Värddatornamn . . . . . . . . . . : partyfil-78aa68

Primärt DNS-suffix . . . . . . . :

Nodtyp . . . . . . . . . . . . . : Okänd

IP-routning aktiverat . . . . . . : Nej

WINS-proxy aktiverat . . . . . . : Nej



Ethernet-kort Anslutning till lokalt nätverk 4:



Anslutningsspecifika DNS-suffix . :

Beskrivning . . . . . . . . . . . : Realtek RTL8139 Family PCI Fast Ethernet NIC

Fysisk adress . . . . . . . . . . : 20-80-12-46-04-03

DHCP aktiverat . . . . . . . . . : Ja

Autokonfiguration aktiverat . . . : Ja

IP-adress . . . . . . . . . . . . : 10.0.0.3

Nätmask . . . . . . . . . . . . . : 255.255.255.0

Standard-gateway . . . . . . . . : 10.0.0.1

DHCP-server . . . . . . . . . . . : 10.0.0.1

DNS-servrar . . . . . . . . . . . : 10.0.0.1

Lånet erhölls . . . . . . . . . . : den 14 augusti 2012 17:35:53

Lånet upphör . . . . . . . . . . : den 15 augusti 2012 17:35:53

Server: UnKnown
Address: 10.0.0.1

Name: google.com
Addresses: 173.194.32.5, 173.194.32.6, 173.194.32.7, 173.194.32.8
173.194.32.9, 173.194.32.14, 173.194.32.0, 173.194.32.1, 173.194.32.2
173.194.32.3, 173.194.32.4



Skickar signaler till google.com [173.194.32.4] med 32 byte data:



Svar fr†n 173.194.32.4: byte=32 tid=7ms TTL=52

Svar fr†n 173.194.32.4: byte=32 tid=6ms TTL=52



Ping-statistik f”r 173.194.32.4:

Paket: Skickade = 2, mottagna = 2, F”rlorade = 0 (0 %),

Ungef„rligt ”verf”ringstid i millisekunder:

L„gsta = 6 ms, H”gsta = 7 ms, Medel = 6 ms

Server: UnKnown
Address: 10.0.0.1

Name: yahoo.com
Addresses: 98.139.183.24, 72.30.38.140, 98.138.253.109



Skickar signaler till yahoo.com [98.138.253.109] med 32 byte data:



Svar fr†n 98.138.253.109: byte=32 tid=193ms TTL=43

Svar fr†n 98.138.253.109: byte=32 tid=252ms TTL=43



Ping-statistik f”r 98.138.253.109:

Paket: Skickade = 2, mottagna = 2, F”rlorade = 0 (0 %),

Ungef„rligt ”verf”ringstid i millisekunder:

L„gsta = 193 ms, H”gsta = 252 ms, Medel = 222 ms

Server: UnKnown
Address: 10.0.0.1

Name: bleepingcomputer.com
Address: 208.43.87.2



Skickar signaler till bleepingcomputer.com [208.43.87.2] med 32 byte data:



Svar fr†n 208.43.87.2: M†lv„rddatorn kan inte n†s.

Svar fr†n 208.43.87.2: M†lv„rddatorn kan inte n†s.



Ping-statistik f”r 208.43.87.2:

Paket: Skickade = 2, mottagna = 2, F”rlorade = 0 (0 %),

Ungef„rligt ”verf”ringstid i millisekunder:

L„gsta = 0 ms, H”gsta = 0 ms, Medel = 0 ms



Skickar signaler till 127.0.0.1 med 32 byte data:



Svar fr†n 127.0.0.1: byte=32 tid < 1 ms TTL=128

Svar fr†n 127.0.0.1: byte=32 tid < 1 ms TTL=128



Ping-statistik f”r 127.0.0.1:

Paket: Skickade = 2, mottagna = 2, F”rlorade = 0 (0 %),

Ungef„rligt ”verf”ringstid i millisekunder:

L„gsta = 0 ms, H”gsta = 0 ms, Medel = 0 ms

===========================================================================
Gr„nssnittslista
0x1 ........................... MS TCP Loopback interface
0x2 ...20 80 12 46 04 03 ...... Realtek RTL8139 Family PCI Fast Ethernet NIC - Miniport för paketschemaläggning
===========================================================================
===========================================================================
Aktiva v„gar:
N„tverksadress N„tmask Gateway-adress Gr„nssnitt M†tt
0.0.0.0 0.0.0.0 10.0.0.1 10.0.0.3 20
10.0.0.0 255.255.255.0 10.0.0.3 10.0.0.3 20
10.0.0.3 255.255.255.255 127.0.0.1 127.0.0.1 20
10.255.255.255 255.255.255.255 10.0.0.3 10.0.0.3 20
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
224.0.0.0 240.0.0.0 10.0.0.3 10.0.0.3 20
255.255.255.255 255.255.255.255 10.0.0.3 10.0.0.3 1
Standard-gateway: 10.0.0.1
===========================================================================
Best„ndiga v„gar:
Inga
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\System32\mswsock.dll [247296] (Microsoft Corporation)
Catalog5 02 C:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\Windows\System32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [247296] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (08/14/2012 00:10:00 PM) (Source: Application Error) (User: )
Description: Felaktigt program mbam.exe, version 1.62.0.87, felaktig modul mbamcore.dll, version 1.62.0.0, felaktig adress 0x00093507.
Mediespecifik händelse behandlas för [mbam.exe!ws!]

Error: (08/14/2012 00:09:42 PM) (Source: Application Error) (User: )
Description: Felaktigt program mbam.exe, version 1.62.0.87, felaktig modul kernel32.dll, version 5.1.2600.5512, felaktig adress 0x00010b7a.
Mediespecifik händelse behandlas för [mbam.exe!ws!]

Error: (08/14/2012 00:09:20 PM) (Source: Application Error) (User: )
Description: Felaktigt program mbam.exe, version 1.62.0.87, felaktig modul mbamcore.dll, version 1.62.0.0, felaktig adress 0x00031120.
Mediespecifik händelse behandlas för [mbam.exe!ws!]


System errors:
=============
Error: (08/14/2012 05:35:22 PM) (Source: Service Control Manager) (User: )
Description: Tjänsten Ati HotKey Poller avslutades oväntat. Detta har skett 1 gånger.

Error: (08/14/2012 05:34:28 PM) (Source: System Error) (User: )
Description: Felkod 10000050, parameter1 f7f7c54a, parameter2 00000000, parameter3 f7f7c54a, parameter4 00000000.

Error: (08/14/2012 05:34:00 PM) (Source: Service Control Manager) (User: )
Description: Följande start- eller systemstartdrivrutin(er) avbröts på grund av fel under start:
sptd

Error: (08/14/2012 03:27:18 PM) (Source: DCOM) (User: NT INSTANS)
Description: DCOM fick felet %%1084 vid försök att starta tjänsten EventSystem med argumenten
för att köra servern:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (08/14/2012 03:25:10 PM) (Source: DCOM) (User: NT INSTANS)
Description: DCOM fick felet %%1084 vid försök att starta tjänsten EventSystem med argumenten
för att köra servern:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (08/14/2012 03:24:59 PM) (Source: Service Control Manager) (User: )
Description: Följande start- eller systemstartdrivrutin(er) avbröts på grund av fel under start:
AmdK8
easdrv
Fips
sptd

Error: (08/14/2012 03:12:03 PM) (Source: DCOM) (User: PARTYFIL-78AA68)
Description: DCOM fick felet %%1084 vid försök att starta tjänsten StiSvc med argumenten
för att köra servern:
{A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error: (08/14/2012 03:11:27 PM) (Source: DCOM) (User: NT INSTANS)
Description: DCOM fick felet %%1084 vid försök att starta tjänsten EventSystem med argumenten
för att köra servern:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (08/14/2012 03:11:17 PM) (Source: Service Control Manager) (User: )
Description: Följande start- eller systemstartdrivrutin(er) avbröts på grund av fel under start:
AmdK8
easdrv
Fips
sptd

Error: (08/14/2012 03:07:58 PM) (Source: DCOM) (User: NT INSTANS)
Description: DCOM fick felet %%1084 vid försök att starta tjänsten EventSystem med argumenten
för att köra servern:
{1BE1F766-5536-11D1-B726-00C04FB926AF}


Microsoft Office Sessions:
=========================
Error: (08/14/2012 00:10:00 PM) (Source: Application Error)(User: )
Description: mbam.exe1.62.0.87mbamcore.dll1.62.0.000093507

Error: (08/14/2012 00:09:42 PM) (Source: Application Error)(User: )
Description: mbam.exe1.62.0.87kernel32.dll5.1.2600.551200010b7a

Error: (08/14/2012 00:09:20 PM) (Source: Application Error)(User: )
Description: mbam.exe1.62.0.87mbamcore.dll1.62.0.000031120


=========================== Installed Programs ============================

Ad-Aware
Ad-Aware (Version: 8.0.0)
Adobe Flash Player 10 ActiveX (Version: 10.1.53.64)
Adobe Flash Player 11 Plugin (Version: 11.2.202.233)
Adobe Reader 9.5.1 - Svenska (Version: 9.5.1)
Adobe Shockwave Player 11.5 (Version: 11.5.6.606)
AMD Processor Driver (Version: 1.3.2.0053)
AMDAway INF
Apple Application Support (Version: 1.5.1)
Apple Mobile Device Support (Version: 3.2.0.47)
Apple Software Update (Version: 2.1.2.120)
Atheros Communications Inc.® L1 Gigabit Ethernet Driver (Version: 2.3.7.8)
ATI - Hjälp för avinstallation av program (Version: 6.14.10.1020)
ATI AVIVO Codecs (Version: 9.15.0.20713)
ATI Catalyst Control Center (Version: 2.008.0208.2146)
ATI Display Driver (Version: 8.47-080208a-059506E-Asus)
ATI Parental Control & Encoder (Version: 3.0)
µTorrent (Version: 1.8.2)
µTorrent (Version: 3.1.3)
BankID säkerhetsprogram 4.16.1
Catalyst Control Center Core Implementation (Version: 2008.0208.2147.38873)
Catalyst Control Center Graphics Full Existing (Version: 2008.0208.2147.38873)
Catalyst Control Center Graphics Full New (Version: 2008.0208.2147.38873)
Catalyst Control Center Graphics Light (Version: 2008.0208.2147.38873)
Catalyst Control Center Graphics Previews Common (Version: 2008.0208.2147.38873)
Catalyst Control Center Localization Chinese Standard (Version: 2008.0208.2147.38873)
Catalyst Control Center Localization Chinese Traditional (Version: 2008.0208.2147.38873)
Catalyst Control Center Localization Czech (Version: 2008.0208.2147.38873)
Catalyst Control Center Localization Danish (Version: 2008.0208.2147.38873)
Catalyst Control Center Localization Dutch (Version: 2008.0208.2147.38873)
Catalyst Control Center Localization Finnish (Version: 2008.0208.2147.38873)
Catalyst Control Center Localization French (Version: 2008.0208.2147.38873)
Catalyst Control Center Localization German (Version: 2008.0208.2147.38873)
Catalyst Control Center Localization Greek (Version: 2008.0208.2147.38873)
Catalyst Control Center Localization Hungarian (Version: 2008.0208.2147.38873)
Catalyst Control Center Localization Italian (Version: 2008.0208.2147.38873)
Catalyst Control Center Localization Japanese (Version: 2008.0208.2147.38873)
Catalyst Control Center Localization Korean (Version: 2008.0208.2147.38873)
Catalyst Control Center Localization Norwegian (Version: 2008.0208.2147.38873)
Catalyst Control Center Localization Polish (Version: 2008.0208.2147.38873)
Catalyst Control Center Localization Portuguese (Version: 2008.0208.2147.38873)
Catalyst Control Center Localization Russian (Version: 2008.0208.2147.38873)
Catalyst Control Center Localization Spanish (Version: 2008.0208.2147.38873)
Catalyst Control Center Localization Swedish (Version: 2008.0208.2147.38873)
Catalyst Control Center Localization Thai (Version: 2008.0208.2147.38873)
Catalyst Control Center Localization Turkish (Version: 2008.0208.2147.38873)
ccc-core-preinstall (Version: 2008.0208.2147.38873)
ccc-core-static (Version: 2008.0208.2147.38873)
ccc-utility (Version: 2008.0208.2147.38873)
CCC Help Chinese Standard (Version: 2008.0208.2146.38873)
CCC Help Chinese Traditional (Version: 2008.0208.2146.38873)
CCC Help Czech (Version: 2008.0208.2146.38873)
CCC Help Danish (Version: 2008.0208.2146.38873)
CCC Help Dutch (Version: 2008.0208.2146.38873)
CCC Help English (Version: 2008.0208.2146.38873)
CCC Help Finnish (Version: 2008.0208.2146.38873)
CCC Help French (Version: 2008.0208.2146.38873)
CCC Help German (Version: 2008.0208.2146.38873)
CCC Help Greek (Version: 2008.0208.2146.38873)
CCC Help Hungarian (Version: 2008.0208.2146.38873)
CCC Help Italian (Version: 2008.0208.2146.38873)
CCC Help Japanese (Version: 2008.0208.2146.38873)
CCC Help Korean (Version: 2008.0208.2146.38873)
CCC Help Norwegian (Version: 2008.0208.2146.38873)
CCC Help Polish (Version: 2008.0208.2146.38873)
CCC Help Portuguese (Version: 2008.0208.2146.38873)
CCC Help Russian (Version: 2008.0208.2146.38873)
CCC Help Spanish (Version: 2008.0208.2146.38873)
CCC Help Swedish (Version: 2008.0208.2146.38873)
CCC Help Thai (Version: 2008.0208.2146.38873)
CCC Help Turkish (Version: 2008.0208.2146.38873)
CCleaner (remove only)
Cheat Engine 5.6.1
Compatibility Pack för Office 2007-systemet (Version: 12.0.6021.5000)
DivX Web Player (Version: 1.5.0)
ESET NOD32 Antivirus (Version: 3.0.650.0)
Flight Simulator X Service Pack 1
Google Earth (Version: 6.1.0.5001)
Google Update Helper (Version: 1.3.21.115)
HP Deskjet 3740 Series
iTunes (Version: 10.0.1.22)
Java Auto Updater (Version: 2.0.7.1)
Java™ 6 Update 31 (Version: 6.0.310)
K-Lite Mega Codec Pack 4.4.5 (Version: 4.4.5)
Ladbrokes Poker
LG USB Modem Drivers (Version: 4.9.6)
LightScribe System Software 1.12.33.2 (Version: 1.12.33.2)
Logitech SetPoint (Version: 2.40)
Malwarebytes Anti-Malware version 1.62.0.1300 (Version: 1.62.0.1300)
Marsu-Fix (Version: 2.2)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft Flight Simulator X (Version: 10.0.60905)
Microsoft Flight Simulator X: Acceleration (Version: 10.0.61637.0)
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft Office Professional Edition 2003 (Version: 11.0.8173.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft User-Mode Driver Framework Feature Pack 1.0.0 (Pre-Release 5348)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft XML Parser (Version: 8.70.1104.04)
Mozilla Firefox (3.0.19) (Version: 3.0.19 (sv-SE))
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP2 Parser and SDK (Version: 4.20.9818.0)
MSXML 4.0 SP3 Parser (Version: 4.30.2100.0)
Nero 8 Essentials (Version: 8.10.387)
neroxml (Version: 1.0.0)
NVIDIA PhysX (Version: 9.09.0720)
OpenAL
Opera 11.61 (Version: 11.61.1250)
Poker at bet365
Pontifex II
PunkBuster Services (Version: 0.988)
Quake Live Internet Explorer Plugin (Version: 1.0.382)
QuickTime (Version: 7.68.75.0)
Realtek High Definition Audio Driver (Version: 5.10.0.5506)
Replay Music (Version: 3.45)
Robot Wars: Arenas of Destruction
Safari (Version: 5.33.21.1)
Segoe UI (Version: 14.0.4327.805)
Skins (Version: 2008.0208.2147.38873)
Skype™ 4.1 (Version: 4.1.166)
Spotify (Version: 0.3.12)
Spotify (Version: 0.8.3.222.g317ab79d)
Svenska Spels Poker
VC80CRTRedist - 8.0.50727.762 (Version: 1.0.0)
VCRedistSetup (Version: 1.0.0)
WebFldrs XP (Version: 9.50.7523)
Winamp (Version: 5.541 )
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Live Communications Platform (Version: 14.0.8117.416)
Windows Live Essentials (Version: 14.0.8117.0416)
Windows Live Essentials (Version: 14.0.8117.416)
Windows Live inloggningsassistenten (Version: 5.000.818.5)
Windows Live Messenger (Version: 14.0.8117.0416)
Windows Live Photo Gallery (Version: 14.0.8117.416)
Windows Live Sync (Version: 14.0.8117.416)
Windows Live Upload Tool (Version: 14.0.8014.1029)
Windows Media Format 11 runtime
Windows Media Player 11
WinRAR archiver
Visual C++ 2008 x86 Runtime - (v9.0.30729) (Version: 9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (Version: 9.0.30729.01)
VLC media player 1.1.7 (Version: 1.1.7)
Volvo - The Game
Write-N-Cite (Version: 2.0)

========================= Memory info: ===================================

Percentage of memory in use: 34%
Total physical RAM: 3327.23 MB
Available physical RAM: 2174.56 MB
Total Pagefile: 5211.42 MB
Available Pagefile: 4092.54 MB
Total Virtual: 2047.88 MB
Available Virtual: 1969.68 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:60 GB) (Free:40.92 GB) NTFS
2 Drive d: () (Fixed) (Total:536.16 GB) (Free:353.45 GB) NTFS
4 Drive g: () (Fixed) (Total:279.46 GB) (Free:230.76 GB) NTFS

========================= Users: ========================================

Anv„ndarkonton f”r \\PARTYFIL-78AA68

Administrat”r Don G„st
Hj„lpassistent SUPPORT_388945a0
Kommandot har utf”rts.


**** End of log ****

#9 intercept1

intercept1
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:12:14 AM

Posted 14 August 2012 - 11:19 AM

Farbar Service Scanner Version: 06-08-2012
Ran by Don (administrator) on 14-08-2012 at 18:19:24
Running from "D:\Program\Trojan"
Microsoft Windows XP Professional Service Pack 3 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll
[2008-04-15 14:00] - [2008-04-15 14:00] - 0126464 ____A (Microsoft Corporation) 0CE3FA1C1A6803B34022D6C47273930D

C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll
[2008-04-15 14:00] - [2008-04-15 14:00] - 0045568 ____A (Microsoft Corporation) A3140B46BCE1D84170BF02DCBCE44DC0

C:\WINDOWS\system32\ipnathlp.dll
[2008-04-15 14:00] - [2008-04-15 14:00] - 0330752 ____A (Microsoft Corporation) 30E1A46734BDF836C8770949C86B42A4

C:\WINDOWS\system32\netman.dll
[2008-04-15 14:00] - [2008-04-15 14:00] - 0198144 ____A (Microsoft Corporation) 7F791C1C9D3FEC5D3F519C9DB19465D3

C:\WINDOWS\system32\wbem\WMIsvc.dll
[2009-01-17 18:51] - [2008-04-15 14:00] - 0145408 ____A (Microsoft Corporation) CF4E2A27495F7EA6B3128D9A731B3716

C:\WINDOWS\system32\srsvc.dll
[2009-01-17 18:52] - [2008-04-15 14:00] - 0171008 ____A (Microsoft Corporation) 25EDB60132F9D82CB1B7961C1D0D13F2

C:\WINDOWS\system32\Drivers\sr.sys
[2009-01-17 18:52] - [2008-04-15 14:00] - 0073344 ____A (Microsoft Corporation) 1193EF00869F6367367E6E7CB96BE325

C:\WINDOWS\system32\wscsvc.dll
[2008-04-15 14:00] - [2008-04-15 14:00] - 0080896 ____A (Microsoft Corporation) 4AC32513FA47C8219448269BF895FC34

C:\WINDOWS\system32\wbem\WMIsvc.dll
[2009-01-17 18:51] - [2008-04-15 14:00] - 0145408 ____A (Microsoft Corporation) CF4E2A27495F7EA6B3128D9A731B3716

C:\WINDOWS\system32\wuauserv.dll
[2009-01-17 18:53] - [2008-04-15 14:00] - 0006656 ____A (Microsoft Corporation) 4CEAF29D35C2608C6463E80574DDCA10

C:\WINDOWS\system32\qmgr.dll
[2009-01-17 18:53] - [2008-04-15 14:00] - 0409088 ____A (Microsoft Corporation) 9741942A86E579231D3C41AA51DE042F

C:\WINDOWS\system32\es.dll
[2008-04-15 14:00] - [2008-04-15 14:00] - 0246272 ____A (Microsoft Corporation) 4EC63804DC5809DC0D0BE0AB1EFA0E9E

C:\WINDOWS\system32\cryptsvc.dll
[2008-04-15 14:00] - [2008-04-15 14:00] - 0062464 ____A (Microsoft Corporation) 04FD6585508A7320B2C7453CED231D6B

C:\WINDOWS\system32\svchost.exe
[2008-04-15 14:00] - [2008-04-15 14:00] - 0014336 ____A (Microsoft Corporation) 6CCEF19D7301D9861F90E299C798AD3F

C:\WINDOWS\system32\rpcss.dll
[2008-04-15 14:00] - [2008-04-15 14:00] - 0399360 ____A (Microsoft Corporation) CA6C886E70BCD38C4891E26CB4ABD2EB

C:\WINDOWS\system32\services.exe
[2008-04-15 14:00] - [2008-04-15 14:00] - 0108544 ____A (Microsoft Corporation) 9436FEE6DF0F12AABDE97BEA8501B538


Extra List:
=======
epfwtdir(8) Gpc(3) IPSec(5) NetBT(6) PSched(7) Tcpip(4)
0x080000000500000001000000020000000300000004000000060000000700000008000000
IpSec Tag value is correct.

**** End of log ****

#10 intercept1

intercept1
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:12:14 AM

Posted 14 August 2012 - 11:31 AM

# AdwCleaner v1.801 - Logfile created 08/14/2012 at 18:30:11
# Updated 14/08/2012 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : Don - PARTYFIL-78AA68
# Boot Mode : Normal
# Running from : D:\Program\Trojan\adwcleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****


***** [Registre - GUID] *****


***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

[OK] Registry is clean.

-\\ Opera v11.61.1250.0

File : C:\Documents and Settings\Don\Application Data\Opera\Opera\operaprefs.ini

[OK] File is clean.

File : C:\Documents and Settings\Administratör.PARTYFIL-78AA68\Application Data\Opera\Opera\operaprefs.ini

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [1043 octets] - [14/08/2012 18:20:22]
AdwCleaner[S1].txt - [1107 octets] - [14/08/2012 18:20:49]
AdwCleaner[S2].txt - [1063 octets] - [14/08/2012 18:27:03]
AdwCleaner[R2].txt - [995 octets] - [14/08/2012 18:30:11]

########## EOF - C:\AdwCleaner[R2].txt - [1122 octets] ##########

#11 intercept1

intercept1
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:12:14 AM

Posted 14 August 2012 - 12:14 PM

when i press on the delete button on the adwcleaner then the computer freeze every time.

#12 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:14 AM

Posted 14 August 2012 - 12:39 PM

Can you please run ESET scan again.Do you still have pop ups?

Disable your antivirus and run adware cleaner

#13 intercept1

intercept1
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:12:14 AM

Posted 14 August 2012 - 04:34 PM

when i run eset the program found nothing.
even if i disable my antivirus and run adware its freeze the computer when i push the delete button.
yes i still have the same problem with the computer, if i start the computer without network cable then its works but if i put the cable in the message displays on the screen.
the only thing is to start without network then run rgkill and after that i can put the network cable in the computer and then its works like normal.

Edited by intercept1, 14 August 2012 - 04:34 PM.


#14 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:12:14 AM

Posted 14 August 2012 - 05:37 PM

yes i still have the same problem with the computer, if i start the computer without network cable then its works but if i put the cable in the message displays on the screen.


Did you update MBAM before running the scan?

#15 intercept1

intercept1
  • Topic Starter

  • Members
  • 19 posts
  • OFFLINE
  •  
  • Local time:12:14 AM

Posted 15 August 2012 - 03:26 AM

yes i updated today and run a scan without founding enything, hers the log.

Malwarebytes Anti-Malware (Testversion) 1.62.0.1300
www.malwarebytes.org

Databasversion: v2012.08.15.02

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Don :: PARTYFIL-78AA68 [administratör]

Skydd: Aktiverad

2012-08-15 09:50:38
mbam-log-2012-08-15 (09-50-38).txt

Skanningstyp: Fullständig skanning (C:\|D:\|G:\|)
Aktiverade skanningsalternativ: Minne | Start | Register | Filsystem | Heuristik/Extra | Heuristik/Shuriken | PUP | PUM
Inaktiverade skanningsalternativ: P2P
Antal skannade objekt: 354242
Förfluten tid: 32 minut(er), 52 sekund(er)

Upptäckta minnesprocesser: 0
(Inga skadliga poster hittades)

Upptäckta minnesmoduler: 0
(Inga skadliga poster hittades)

Upptäckta registernycklar: 0
(Inga skadliga poster hittades)

Upptäckta registervärden: 0
(Inga skadliga poster hittades)

Upptäckta registerdataposter: 0
(Inga skadliga poster hittades)

Upptäckta mappar: 0
(Inga skadliga poster hittades)

Upptäckta filer: 0
(Inga skadliga poster hittades)

(klar)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users