Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Sirefef?


  • Please log in to reply
15 replies to this topic

#1 Sebalon

Sebalon

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:13 PM

Posted 23 August 2012 - 01:58 AM

2 days ago MSE went red and notified me that Sirefef malware were detected.
Short after that MSE crached. The firewall as well.
After remowing some higly suspected files from Windows\installer
and their corresponding register values I rescanned the computer
with new installed MSE,Malwarebytes Anti-Malware, Symantec free online security check.
Some tracking cockies found but nothing alarming.
How can I be sure of that the tricky Sirefef is completly remowed?

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:13 AM

Posted 23 August 2012 - 05:40 AM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 Sebalon

Sebalon
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:13 PM

Posted 23 August 2012 - 08:04 AM

Hello and thank's for fast reply!

Here is the logfiles You asked for.
The bin contains 2 files found earlier in documents and settings\Sun\java

13:27:15.0031 1104 TDSS rootkit removing tool 2.8.7.0 Aug 20 2012 17:30:03
13:27:15.0187 1104 ============================================================
13:27:15.0187 1104 Current date / time: 2012/08/23 13:27:15.0187
13:27:15.0187 1104 SystemInfo:
13:27:15.0187 1104
13:27:15.0187 1104 OS Version: 5.1.2600 ServicePack: 3.0
13:27:15.0187 1104 Product type: Workstation
13:27:15.0187 1104 ComputerName: SEBALON
13:27:15.0187 1104 UserName: Svante Bjerner
13:27:15.0187 1104 Windows directory: C:\WINDOWS
13:27:15.0187 1104 System windows directory: C:\WINDOWS
13:27:15.0187 1104 Processor architecture: Intel x86
13:27:15.0187 1104 Number of processors: 2
13:27:15.0187 1104 Page size: 0x1000
13:27:15.0187 1104 Boot type: Normal boot
13:27:15.0187 1104 ============================================================
13:27:17.0906 1104 Drive \Device\Harddisk0\DR0 - Size: 0x4A85C4DE00 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
13:27:17.0921 1104 Drive \Device\Harddisk1\DR1 - Size: 0x7470AFDE00 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
13:27:17.0937 1104 ============================================================
13:27:17.0937 1104 \Device\Harddisk0\DR0:
13:27:17.0937 1104 MBR partitions:
13:27:17.0937 1104 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x2542D682
13:27:17.0937 1104 \Device\Harddisk1\DR1:
13:27:17.0937 1104 MBR partitions:
13:27:17.0937 1104 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x4834EEA
13:27:17.0937 1104 \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x4834F29, BlocksNum 0x35B4FD18
13:27:17.0937 1104 ============================================================
13:27:17.0953 1104 C: <-> \Device\Harddisk1\DR1\Partition1
13:27:17.0968 1104 E: <-> \Device\Harddisk0\DR0\Partition1
13:27:18.0062 1104 F: <-> \Device\Harddisk1\DR1\Partition2
13:27:18.0062 1104 ============================================================
13:27:18.0062 1104 Initialize success
13:27:18.0062 1104 ============================================================
13:27:32.0406 3936 ============================================================
13:27:32.0406 3936 Scan started
13:27:32.0406 3936 Mode: Manual; TDLFS;
13:27:32.0406 3936 ============================================================
13:27:34.0062 3936 ================ Scan system memory ========================
13:27:34.0062 3936 System memory - ok
13:27:34.0062 3936 ================ Scan services =============================
13:27:34.0125 3936 Abiosdsk - ok
13:27:34.0125 3936 abp480n5 - ok
13:27:34.0156 3936 [ 48547E29772BEFE3C554FF5E4855BF51 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
13:27:34.0156 3936 ACPI - ok
13:27:34.0187 3936 [ DECEDC736CEF3C0FFF6E981B31E73A61 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
13:27:34.0187 3936 ACPIEC - ok
13:27:34.0281 3936 [ 177FF6608B48638D4066726F3A3F8444 ] AdobeActiveFileMonitor5.0 C:\Program\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
13:27:34.0281 3936 AdobeActiveFileMonitor5.0 - ok
13:27:34.0281 3936 adpu160m - ok
13:27:34.0296 3936 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
13:27:34.0296 3936 aec - ok
13:27:34.0296 3936 [ FE3EA6E9AFC1A78E6EDCA121E006AFB7 ] Afc C:\WINDOWS\system32\drivers\Afc.sys
13:27:34.0296 3936 Afc - ok
13:27:34.0312 3936 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
13:27:34.0328 3936 AFD - ok
13:27:34.0328 3936 Aha154x - ok
13:27:34.0328 3936 aic78u2 - ok
13:27:34.0328 3936 aic78xx - ok
13:27:34.0343 3936 [ 7E3C83703327499D0B98AE392FF07EDE ] Alerter C:\WINDOWS\system32\alrsvc.dll
13:27:34.0343 3936 Alerter - ok
13:27:34.0359 3936 [ 5DF46F9AD9C1D611A38AF2ABB9365B5B ] ALG C:\WINDOWS\System32\alg.exe
13:27:34.0359 3936 ALG - ok
13:27:34.0359 3936 AliIde - ok
13:27:34.0359 3936 amsint - ok
13:27:34.0406 3936 [ 1FC8A7E5C3AED31F00940C6AB2FD9B49 ] APL531 C:\WINDOWS\system32\Drivers\ov550i.sys
13:27:34.0421 3936 APL531 - ok
13:27:34.0468 3936 [ 20F6F19FE9E753F2780DC2FA083AD597 ] Apple Mobile Device C:\Program\Delade filer\Apple\Mobile Device Support\AppleMobileDeviceService.exe
13:27:34.0468 3936 Apple Mobile Device - ok
13:27:34.0468 3936 AppMgmt - ok
13:27:34.0468 3936 asc - ok
13:27:34.0468 3936 asc3350p - ok
13:27:34.0468 3936 asc3550 - ok
13:27:34.0531 3936 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
13:27:34.0546 3936 aspnet_state - ok
13:27:34.0562 3936 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
13:27:34.0578 3936 AsyncMac - ok
13:27:34.0593 3936 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
13:27:34.0593 3936 atapi - ok
13:27:34.0593 3936 Atdisk - ok
13:27:34.0625 3936 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
13:27:34.0625 3936 Atmarpc - ok
13:27:34.0640 3936 [ 73F7604CFB13A066A93442F431C62C4A ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
13:27:34.0640 3936 AudioSrv - ok
13:27:34.0671 3936 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
13:27:34.0671 3936 audstub - ok
13:27:34.0703 3936 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
13:27:34.0703 3936 Beep - ok
13:27:34.0750 3936 [ 9741942A86E579231D3C41AA51DE042F ] BITS C:\WINDOWS\system32\qmgr.dll
13:27:34.0781 3936 BITS - ok
13:27:34.0812 3936 [ 9EF2F9B552CE42DAB5F70A2DBE633316 ] Browser C:\WINDOWS\System32\browser.dll
13:27:34.0812 3936 Browser - ok
13:27:34.0828 3936 [ 92A964547B96D697E5E9ED43B4297F5A ] BrScnUsb C:\WINDOWS\system32\DRIVERS\BrScnUsb.sys
13:27:34.0828 3936 BrScnUsb - ok
13:27:34.0890 3936 catchme - ok
13:27:34.0906 3936 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
13:27:34.0906 3936 cbidf2k - ok
13:27:34.0937 3936 [ FDC06E2ADA8C468EBB161624E03976CF ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
13:27:34.0937 3936 CCDECODE - ok
13:27:34.0937 3936 cd20xrnt - ok
13:27:34.0953 3936 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
13:27:34.0953 3936 Cdaudio - ok
13:27:34.0968 3936 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
13:27:34.0968 3936 Cdfs - ok
13:27:35.0000 3936 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
13:27:35.0000 3936 Cdrom - ok
13:27:35.0000 3936 Changer - ok
13:27:35.0031 3936 [ 359C676391504438F334478585FD6465 ] cisvc C:\WINDOWS\system32\cisvc.exe
13:27:35.0031 3936 cisvc - ok
13:27:35.0031 3936 [ B8345830C5D789D3DA21B91C0C94D086 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
13:27:35.0046 3936 ClipSrv - ok
13:27:35.0062 3936 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:27:35.0109 3936 clr_optimization_v2.0.50727_32 - ok
13:27:35.0125 3936 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:27:35.0171 3936 clr_optimization_v4.0.30319_32 - ok
13:27:35.0171 3936 CmdIde - ok
13:27:35.0171 3936 COMSysApp - ok
13:27:35.0187 3936 Cpqarray - ok
13:27:35.0203 3936 [ 04FD6585508A7320B2C7453CED231D6B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
13:27:35.0203 3936 CryptSvc - ok
13:27:35.0218 3936 dac2w2k - ok
13:27:35.0218 3936 dac960nt - ok
13:27:35.0234 3936 [ 87DADC3F6E6CD5AAEB913E19CBFF922C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
13:27:35.0234 3936 DcomLaunch - ok
13:27:35.0265 3936 [ 6216FD7FD227DE454238A702B218CEC7 ] dgderdrv C:\WINDOWS\system32\drivers\dgderdrv.sys
13:27:35.0265 3936 dgderdrv - ok
13:27:35.0296 3936 [ 0CE3FA1C1A6803B34022D6C47273930D ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
13:27:35.0296 3936 Dhcp - ok
13:27:35.0328 3936 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
13:27:35.0328 3936 Disk - ok
13:27:35.0328 3936 dmadmin - ok
13:27:35.0359 3936 [ 80008BD0C19D97B0B3F4D1D9CBF190A8 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
13:27:35.0359 3936 dmboot - ok
13:27:35.0375 3936 [ 41862731F82BE80F0CFBA5D0DA36B683 ] dmio C:\WINDOWS\system32\drivers\dmio.sys
13:27:35.0375 3936 dmio - ok
13:27:35.0390 3936 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
13:27:35.0390 3936 dmload - ok
13:27:35.0406 3936 [ 77DB107FD2D8DE42B3ADC7FCE084F653 ] dmserver C:\WINDOWS\System32\dmserver.dll
13:27:35.0406 3936 dmserver - ok
13:27:35.0421 3936 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
13:27:35.0421 3936 DMusic - ok
13:27:35.0453 3936 [ EFAC4D4C80CCD725CC5BD7D3DBF18C74 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
13:27:35.0453 3936 Dnscache - ok
13:27:35.0484 3936 [ C3C6CF67796ACDD8329CB0E44367A1EB ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
13:27:35.0484 3936 Dot3svc - ok
13:27:35.0484 3936 dpti2o - ok
13:27:35.0500 3936 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
13:27:35.0500 3936 drmkaud - ok
13:27:35.0515 3936 [ D9CABE63AF4BC951302D9E508CB5599A ] EapHost C:\WINDOWS\System32\eapsvc.dll
13:27:35.0515 3936 EapHost - ok
13:27:35.0531 3936 [ BC5287DC6DC7EBB13AA825CAA6482F94 ] ERSvc C:\WINDOWS\System32\ersvc.dll
13:27:35.0531 3936 ERSvc - ok
13:27:35.0546 3936 [ 8870B0C4A094C1CE80CEA6F85FA38FF2 ] Eventlog C:\WINDOWS\system32\services.exe
13:27:35.0546 3936 Eventlog - ok
13:27:35.0578 3936 [ 01CEC6DE315F1A06CE5AA70009C6979E ] EventSystem C:\WINDOWS\System32\es.dll
13:27:35.0578 3936 EventSystem - ok
13:27:35.0593 3936 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
13:27:35.0609 3936 Fastfat - ok
13:27:35.0625 3936 [ C5684B98920F9BA98D6A33701CA816E6 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
13:27:35.0625 3936 FastUserSwitchingCompatibility - ok
13:27:35.0640 3936 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
13:27:35.0640 3936 Fdc - ok
13:27:35.0640 3936 [ B66DDB75642F6722468707840C67A394 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
13:27:35.0640 3936 Fips - ok
13:27:35.0671 3936 [ 227846995AFEEFA70D328BF5334A86A5 ] FLEXnet Licensing Service C:\Program\Delade filer\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
13:27:35.0687 3936 FLEXnet Licensing Service - ok
13:27:35.0703 3936 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
13:27:35.0703 3936 Flpydisk - ok
13:27:35.0734 3936 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
13:27:35.0734 3936 FltMgr - ok
13:27:35.0750 3936 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
13:27:35.0750 3936 FontCache3.0.0.0 - ok
13:27:35.0781 3936 [ C6EE3A87FE609D3E1DB9DBD072A248DE ] fssfltr C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys
13:27:35.0781 3936 fssfltr - ok
13:27:35.0843 3936 [ 206AD9A89BF05DFA1621F1FC7B82592D ] fsssvc C:\Program\Windows Live\Family Safety\fsssvc.exe
13:27:35.0843 3936 fsssvc - ok
13:27:35.0875 3936 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
13:27:35.0875 3936 Fs_Rec - ok
13:27:35.0875 3936 [ 45FC410CFE68FF036AD232A141E69C19 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
13:27:35.0875 3936 Ftdisk - ok
13:27:35.0906 3936 [ 54789F9BA0D59072CDD4E7C200E122C4 ] gdrv C:\WINDOWS\gdrv.sys
13:27:35.0906 3936 gdrv - ok
13:27:35.0921 3936 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
13:27:35.0921 3936 Gpc - ok
13:27:35.0937 3936 [ 6003BC70F1A8307262BD3C941BDA0B7E ] grmnusb C:\WINDOWS\system32\drivers\grmnusb.sys
13:27:35.0937 3936 grmnusb - ok
13:27:35.0984 3936 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program\Google\Update\GoogleUpdate.exe
13:27:35.0984 3936 gupdate - ok
13:27:35.0984 3936 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program\Google\Update\GoogleUpdate.exe
13:27:35.0984 3936 gupdatem - ok
13:27:36.0015 3936 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program\Google\Common\Google Updater\GoogleUpdaterService.exe
13:27:36.0015 3936 gusvc - ok
13:27:36.0046 3936 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
13:27:36.0046 3936 HDAudBus - ok
13:27:36.0109 3936 [ 202C95F334C53A5A8BD0D8465512B3F4 ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
13:27:36.0109 3936 helpsvc - ok
13:27:36.0140 3936 [ 71AACE06B5F93CF02D05E4E2EC479AAC ] HidServ C:\WINDOWS\System32\hidserv.dll
13:27:36.0140 3936 HidServ - ok
13:27:36.0171 3936 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
13:27:36.0171 3936 HidUsb - ok
13:27:36.0203 3936 [ 98580E101404565700FD12E03F7EE056 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
13:27:36.0203 3936 hkmsvc - ok
13:27:36.0203 3936 hpn - ok
13:27:36.0203 3936 hpt3xx - ok
13:27:36.0234 3936 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
13:27:36.0234 3936 HTTP - ok
13:27:36.0250 3936 [ F504D07CB25D62AB8D079C1F868651AE ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
13:27:36.0265 3936 HTTPFilter - ok
13:27:36.0265 3936 i2omgmt - ok
13:27:36.0265 3936 i2omp - ok
13:27:36.0281 3936 [ 82E56CD09B2CE1EDEC3FBA9111C7EE3A ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
13:27:36.0281 3936 i8042prt - ok
13:27:36.0359 3936 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program\Delade filer\InstallShield\Driver\11\Intel 32\IDriverT.exe
13:27:36.0359 3936 IDriverT - ok
13:27:36.0406 3936 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
13:27:36.0421 3936 idsvc - ok
13:27:36.0421 3936 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
13:27:36.0421 3936 Imapi - ok
13:27:36.0453 3936 [ 891B69C3DE6C55A7868B3BB52BC131AA ] ImapiService C:\WINDOWS\system32\imapi.exe
13:27:36.0453 3936 ImapiService - ok
13:27:36.0453 3936 ini910u - ok
13:27:36.0546 3936 [ 811B31E0E0AC7BE484EFBFFC42AFCBBE ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
13:27:36.0593 3936 IntcAzAudAddService - ok
13:27:36.0609 3936 IntelIde - ok
13:27:36.0625 3936 [ 02431778E84A525D29929D14BAB71D53 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
13:27:36.0625 3936 intelppm - ok
13:27:36.0640 3936 [ 3BB22519A194418D5FEC05D800A19AD0 ] ip6fw C:\WINDOWS\system32\drivers\ip6fw.sys
13:27:36.0640 3936 ip6fw - ok
13:27:36.0656 3936 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
13:27:36.0656 3936 IpFilterDriver - ok
13:27:36.0671 3936 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
13:27:36.0671 3936 IpInIp - ok
13:27:36.0687 3936 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
13:27:36.0687 3936 IpNat - ok
13:27:36.0703 3936 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
13:27:36.0703 3936 IPSec - ok
13:27:36.0718 3936 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
13:27:36.0718 3936 IRENUM - ok
13:27:36.0734 3936 [ 48F97C77DAF8811598CFAE21368EACB6 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
13:27:36.0734 3936 isapnp - ok
13:27:36.0750 3936 [ C995C0E8B4503FAC38793BB0236AD246 ] JGOGO C:\WINDOWS\system32\DRIVERS\JGOGO.sys
13:27:36.0750 3936 JGOGO - ok
13:27:36.0750 3936 [ F90A4E8657319A652E04C5362926CFEA ] JRAID C:\WINDOWS\system32\DRIVERS\jraid.sys
13:27:36.0750 3936 JRAID - ok
13:27:36.0765 3936 [ D655CA94C8E2E0223C1BC28BCD95723A ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
13:27:36.0765 3936 Kbdclass - ok
13:27:36.0796 3936 [ E1E28876FE7602B0A1D040354DE35C06 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
13:27:36.0796 3936 kbdhid - ok
13:27:36.0812 3936 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
13:27:36.0812 3936 kmixer - ok
13:27:36.0828 3936 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
13:27:36.0828 3936 KSecDD - ok
13:27:36.0859 3936 [ 2C633A578D5ADAAA821C675D65F959C5 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
13:27:36.0859 3936 lanmanserver - ok
13:27:36.0890 3936 [ EAA41D225B9DA1314E0977C774864430 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
13:27:36.0906 3936 lanmanworkstation - ok
13:27:36.0906 3936 lbrtfdc - ok
13:27:36.0937 3936 [ EE155CF65CDC8BE1B4EFFA24A69FC924 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
13:27:36.0937 3936 LmHosts - ok
13:27:36.0968 3936 [ 6DFE7F2E8E8A337263AA5C92A215F161 ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys
13:27:36.0968 3936 MBAMProtector - ok
13:27:37.0015 3936 [ 43683E970F008C93C9429EF428147A54 ] MBAMService C:\Program\Malwarebytes' Anti-Malware\mbamservice.exe
13:27:37.0015 3936 MBAMService - ok
13:27:37.0046 3936 [ 363E8EBAE26BB8B4987C91B4D3CE0F54 ] Messenger C:\WINDOWS\System32\msgsvc.dll
13:27:37.0046 3936 Messenger - ok
13:27:37.0078 3936 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
13:27:37.0078 3936 mnmdd - ok
13:27:37.0093 3936 [ 2BC41300B822562AC0A524DCDD2DA027 ] mnmsrvc C:\WINDOWS\System32\mnmsrvc.exe
13:27:37.0093 3936 mnmsrvc - ok
13:27:37.0125 3936 [ 42CE19726D9C410DFF75D3FF1CC79DB2 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
13:27:37.0125 3936 Modem - ok
13:27:37.0140 3936 [ E0C4C36573BCF0C0D2A1578CAA791F7D ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
13:27:37.0140 3936 Mouclass - ok
13:27:37.0156 3936 [ 98E474ECF11F1DB62FB072157A95EA83 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
13:27:37.0156 3936 mouhid - ok
13:27:37.0156 3936 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
13:27:37.0171 3936 MountMgr - ok
13:27:37.0203 3936 [ D993BEA500E7382DC4E760BF4F35EFCB ] MpFilter C:\WINDOWS\system32\DRIVERS\MpFilter.sys
13:27:37.0203 3936 MpFilter - ok
13:27:37.0312 3936 [ A69630D039C38018689190234F866D77 ] MpKslacf95018 C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{D0E7D807-A3B4-4043-A69C-A97847843610}\MpKslacf95018.sys
13:27:37.0312 3936 MpKslacf95018 - ok
13:27:37.0312 3936 mraid35x - ok
13:27:37.0328 3936 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
13:27:37.0343 3936 MRxDAV - ok
13:27:37.0375 3936 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
13:27:37.0375 3936 MRxSmb - ok
13:27:37.0406 3936 [ 7A73FDEEF6CF45D27EDD73220EAF1C8F ] MSDTC C:\WINDOWS\System32\msdtc.exe
13:27:37.0406 3936 MSDTC - ok
13:27:37.0406 3936 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
13:27:37.0406 3936 Msfs - ok
13:27:37.0406 3936 MSIServer - ok
13:27:37.0437 3936 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
13:27:37.0437 3936 MSKSSRV - ok
13:27:37.0484 3936 [ 24516BF4E12A46CB67302E2CDCB8CDDF ] MsMpSvc C:\Program\Microsoft Security Client\MsMpEng.exe
13:27:37.0484 3936 MsMpSvc - ok
13:27:37.0500 3936 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
13:27:37.0500 3936 MSPCLOCK - ok
13:27:37.0531 3936 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
13:27:37.0531 3936 MSPQM - ok
13:27:37.0531 3936 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
13:27:37.0546 3936 mssmbios - ok
13:27:37.0562 3936 [ D5059366B361F0E1124753447AF08AA2 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
13:27:37.0562 3936 MSTEE - ok
13:27:37.0593 3936 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
13:27:37.0593 3936 Mup - ok
13:27:37.0609 3936 [ AC31B352CE5E92704056D409834BEB74 ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
13:27:37.0609 3936 NABTSFEC - ok
13:27:37.0625 3936 [ 28D11A2ECDFCB280624BD7006D85C38E ] napagent C:\WINDOWS\System32\qagentrt.dll
13:27:37.0625 3936 napagent - ok
13:27:37.0656 3936 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
13:27:37.0656 3936 NDIS - ok
13:27:37.0671 3936 [ ABD7629CF2796250F315C1DD0B6CF7A0 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
13:27:37.0671 3936 NdisIP - ok
13:27:37.0703 3936 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
13:27:37.0703 3936 NdisTapi - ok
13:27:37.0718 3936 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
13:27:37.0718 3936 Ndisuio - ok
13:27:37.0718 3936 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
13:27:37.0718 3936 NdisWan - ok
13:27:37.0750 3936 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
13:27:37.0750 3936 NDProxy - ok
13:27:37.0765 3936 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
13:27:37.0765 3936 NetBIOS - ok
13:27:37.0796 3936 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
13:27:37.0796 3936 NetBT - ok
13:27:37.0812 3936 [ 5A922C8E35BF372F3DD3EC61345634B7 ] NetDDE C:\WINDOWS\system32\netdde.exe
13:27:37.0828 3936 NetDDE - ok
13:27:37.0828 3936 [ 5A922C8E35BF372F3DD3EC61345634B7 ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
13:27:37.0828 3936 NetDDEdsdm - ok
13:27:37.0843 3936 [ FF1805D5DAF41625AF5282750D4A3700 ] Netlogon C:\WINDOWS\system32\lsass.exe
13:27:37.0843 3936 Netlogon - ok
13:27:37.0859 3936 [ 7F791C1C9D3FEC5D3F519C9DB19465D3 ] Netman C:\WINDOWS\System32\netman.dll
13:27:37.0859 3936 Netman - ok
13:27:37.0875 3936 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
13:27:37.0890 3936 NetTcpPortSharing - ok
13:27:37.0937 3936 [ D080A76F42DFE1E7AF0C069AE5BAD8FC ] Nla C:\WINDOWS\System32\mswsock.dll
13:27:37.0937 3936 Nla - ok
13:27:37.0937 3936 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
13:27:37.0937 3936 Npfs - ok
13:27:37.0984 3936 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
13:27:37.0984 3936 Ntfs - ok
13:27:37.0984 3936 [ FF1805D5DAF41625AF5282750D4A3700 ] NtLmSsp C:\WINDOWS\System32\lsass.exe
13:27:37.0984 3936 NtLmSsp - ok
13:27:38.0015 3936 [ 5FD9F539BAF23288D131F1B709A62807 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
13:27:38.0015 3936 NtmsSvc - ok
13:27:38.0015 3936 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
13:27:38.0015 3936 Null - ok
13:27:38.0218 3936 [ 30913CBF518396912E54C2C9F1DD0F09 ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
13:27:38.0390 3936 nv - ok
13:27:38.0421 3936 [ C0204C1A7A2D2433D48F49E4ECC09AB6 ] NVSvc C:\WINDOWS\system32\nvsvc32.exe
13:27:38.0421 3936 NVSvc - ok
13:27:38.0437 3936 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
13:27:38.0437 3936 NwlnkFlt - ok
13:27:38.0437 3936 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
13:27:38.0437 3936 NwlnkFwd - ok
13:27:38.0500 3936 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program\Delade filer\Microsoft Shared\OFFICE12\ODSERV.EXE
13:27:38.0500 3936 odserv - ok
13:27:38.0531 3936 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program\Delade filer\Microsoft Shared\Source Engine\OSE.EXE
13:27:38.0546 3936 ose - ok
13:27:38.0578 3936 [ 19E28ED86E7244D76FDA792C2810188E ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
13:27:38.0578 3936 Parport - ok
13:27:38.0609 3936 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
13:27:38.0609 3936 PartMgr - ok
13:27:38.0640 3936 [ 5CF71E14A108C492C1FB07543D579AF5 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
13:27:38.0640 3936 ParVdm - ok
13:27:38.0656 3936 [ 8A185F0112CF5B42FF1AAFF31B8B3091 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
13:27:38.0656 3936 PCI - ok
13:27:38.0656 3936 PCIDump - ok
13:27:38.0671 3936 [ 239DE4275EE40FDF9912761467025244 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
13:27:38.0671 3936 PCIIde - ok
13:27:38.0687 3936 [ 904053AA6E251C77CF85371CE644CFD7 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
13:27:38.0687 3936 Pcmcia - ok
13:27:38.0687 3936 PDCOMP - ok
13:27:38.0687 3936 PDFRAME - ok
13:27:38.0687 3936 PDRELI - ok
13:27:38.0703 3936 PDRFRAME - ok
13:27:38.0703 3936 perc2 - ok
13:27:38.0703 3936 perc2hib - ok
13:27:38.0718 3936 [ 8870B0C4A094C1CE80CEA6F85FA38FF2 ] PlugPlay C:\WINDOWS\system32\services.exe
13:27:38.0718 3936 PlugPlay - ok
13:27:38.0734 3936 [ FF1805D5DAF41625AF5282750D4A3700 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
13:27:38.0734 3936 PolicyAgent - ok
13:27:38.0734 3936 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
13:27:38.0734 3936 PptpMiniport - ok
13:27:38.0765 3936 [ 992E4B2A91E6A2F3D21DE89B9273353A ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys
13:27:38.0765 3936 Processor - ok
13:27:38.0765 3936 [ FF1805D5DAF41625AF5282750D4A3700 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
13:27:38.0765 3936 ProtectedStorage - ok
13:27:38.0765 3936 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
13:27:38.0765 3936 PSched - ok
13:27:38.0781 3936 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
13:27:38.0796 3936 Ptilink - ok
13:27:38.0812 3936 [ D86B4A68565E444D76457F14172C875A ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
13:27:38.0812 3936 PxHelp20 - ok
13:27:38.0828 3936 ql1080 - ok
13:27:38.0828 3936 Ql10wnt - ok
13:27:38.0828 3936 ql12160 - ok
13:27:38.0828 3936 ql1240 - ok
13:27:38.0828 3936 ql1280 - ok
13:27:38.0828 3936 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
13:27:38.0828 3936 RasAcd - ok
13:27:38.0859 3936 [ 15D787DFFCE46CFC4C7F567095CE8323 ] RasAuto C:\WINDOWS\System32\rasauto.dll
13:27:38.0859 3936 RasAuto - ok
13:27:38.0859 3936 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
13:27:38.0859 3936 Rasl2tp - ok
13:27:38.0875 3936 [ 1E86DE6B0DF33953CF9CE449DD6E8442 ] RasMan C:\WINDOWS\System32\rasmans.dll
13:27:38.0875 3936 RasMan - ok
13:27:38.0875 3936 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
13:27:38.0890 3936 RasPppoe - ok
13:27:38.0890 3936 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
13:27:38.0890 3936 Raspti - ok
13:27:38.0906 3936 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
13:27:38.0906 3936 Rdbss - ok
13:27:38.0906 3936 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
13:27:38.0906 3936 RDPCDD - ok
13:27:38.0937 3936 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
13:27:38.0937 3936 RDPWD - ok
13:27:38.0953 3936 [ FE7C16FA5CBC560579C9728534FBAF6F ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
13:27:38.0953 3936 RDSessMgr - ok
13:27:38.0968 3936 [ 97130D37842819FA39FD5F1E90A5D676 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
13:27:38.0968 3936 redbook - ok
13:27:39.0000 3936 [ FCD42D82C6F5E0E1506ECA01D692DDE7 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
13:27:39.0000 3936 RemoteAccess - ok
13:27:39.0015 3936 [ 2CFB81B412A5D3CBD55CEFACCB5E2CEE ] RpcLocator C:\WINDOWS\System32\locator.exe
13:27:39.0015 3936 RpcLocator - ok
13:27:39.0031 3936 [ 87DADC3F6E6CD5AAEB913E19CBFF922C ] RpcSs C:\WINDOWS\System32\rpcss.dll
13:27:39.0031 3936 RpcSs - ok
13:27:39.0062 3936 [ 72407E48F912ED57213AE474B8A6798B ] RSVP C:\WINDOWS\System32\rsvp.exe
13:27:39.0062 3936 RSVP - ok
13:27:39.0093 3936 [ CF84B1F0E8B14D4120AAF9CF35CBB265 ] RTL8023xp C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys
13:27:39.0093 3936 RTL8023xp - ok
13:27:39.0125 3936 [ A1AD65718870DBF2BCB81E3C1406469E ] RTLE8023xp C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
13:27:39.0125 3936 RTLE8023xp - ok
13:27:39.0140 3936 [ FF1805D5DAF41625AF5282750D4A3700 ] SamSs C:\WINDOWS\system32\lsass.exe
13:27:39.0140 3936 SamSs - ok
13:27:39.0156 3936 [ D339F34D824A7D42FF4D61F1D9D06029 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
13:27:39.0156 3936 SCardSvr - ok
13:27:39.0187 3936 [ C7DC69A9D8C9AB2FBCA3238C989D598F ] Schedule C:\WINDOWS\system32\schedsvc.dll
13:27:39.0187 3936 Schedule - ok
13:27:39.0234 3936 [ 54196CDAC7E1D81D71C652E100B99E77 ] ScsiAccess C:\Program\Photodex\ProShowProducer\ScsiAccess.exe
13:27:39.0234 3936 ScsiAccess - ok
13:27:39.0296 3936 [ 4A5809A1D796E2675AC0332BF7B0CB11 ] SeaPort C:\Program\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
13:27:39.0296 3936 SeaPort - ok
13:27:39.0328 3936 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
13:27:39.0359 3936 Secdrv - ok
13:27:39.0359 3936 [ ED70EB06F13062366B126B1C7475C127 ] seclogon C:\WINDOWS\System32\seclogon.dll
13:27:39.0359 3936 seclogon - ok
13:27:39.0375 3936 [ EA7B436A948C875DC94C6062FCBBC2D9 ] SENS C:\WINDOWS\system32\sens.dll
13:27:39.0375 3936 SENS - ok
13:27:39.0390 3936 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
13:27:39.0390 3936 serenum - ok
13:27:39.0406 3936 [ F7D35464062EDC08909E568BCD8AE77D ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
13:27:39.0406 3936 Serial - ok
13:27:39.0421 3936 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
13:27:39.0421 3936 Sfloppy - ok
13:27:39.0468 3936 [ 30E1A46734BDF836C8770949C86B42A4 ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
13:27:39.0468 3936 SharedAccess - ok
13:27:39.0468 3936 [ C5684B98920F9BA98D6A33701CA816E6 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
13:27:39.0468 3936 ShellHWDetection - ok
13:27:39.0484 3936 Simbad - ok
13:27:39.0500 3936 [ 1FFC44D6787EC1EA9A2B1440A90FA5C1 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
13:27:39.0500 3936 SLIP - ok
13:27:39.0515 3936 Sparrow - ok
13:27:39.0531 3936 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
13:27:39.0531 3936 splitter - ok
13:27:39.0562 3936 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
13:27:39.0562 3936 Spooler - ok
13:27:39.0562 3936 [ 1193EF00869F6367367E6E7CB96BE325 ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
13:27:39.0578 3936 sr - ok
13:27:39.0593 3936 [ 25EDB60132F9D82CB1B7961C1D0D13F2 ] srservice C:\WINDOWS\system32\srsvc.dll
13:27:39.0593 3936 srservice - ok
13:27:39.0609 3936 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
13:27:39.0625 3936 Srv - ok
13:27:39.0640 3936 [ 53FFC29DC150E0107F28F0A622FF8D1A ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
13:27:39.0640 3936 SSDPSRV - ok
13:27:39.0656 3936 [ 5835D4AD35905215E1059A973B022EA1 ] stisvc C:\WINDOWS\system32\wiaservc.dll
13:27:39.0656 3936 stisvc - ok
13:27:39.0687 3936 [ A9F9FD0212E572B84EDB9EB661F6BC04 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
13:27:39.0687 3936 streamip - ok
13:27:39.0703 3936 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
13:27:39.0703 3936 swenum - ok
13:27:39.0718 3936 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
13:27:39.0718 3936 swmidi - ok
13:27:39.0718 3936 SwPrv - ok
13:27:39.0718 3936 symc810 - ok
13:27:39.0718 3936 symc8xx - ok
13:27:39.0718 3936 sym_hi - ok
13:27:39.0734 3936 sym_u3 - ok
13:27:39.0734 3936 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
13:27:39.0734 3936 sysaudio - ok
13:27:39.0750 3936 [ 71A08EEC00A703445A2CBC0E91EF0952 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
13:27:39.0750 3936 SysmonLog - ok
13:27:39.0765 3936 [ 18261106524F7A93CECEACDC03A5B989 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
13:27:39.0781 3936 TapiSrv - ok
13:27:39.0796 3936 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
13:27:39.0812 3936 Tcpip - ok
13:27:39.0828 3936 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
13:27:39.0828 3936 TDPIPE - ok
13:27:39.0843 3936 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
13:27:39.0859 3936 TDTCP - ok
13:27:39.0875 3936 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
13:27:39.0875 3936 TermDD - ok
13:27:39.0890 3936 [ F89C53D455420DF4D66E45842FB3A46E ] TermService C:\WINDOWS\System32\termsrv.dll
13:27:39.0906 3936 TermService - ok
13:27:39.0921 3936 [ C5684B98920F9BA98D6A33701CA816E6 ] Themes C:\WINDOWS\System32\shsvcs.dll
13:27:39.0921 3936 Themes - ok
13:27:39.0921 3936 TosIde - ok
13:27:39.0953 3936 [ 548867E040CB81A82B5DF09D074F95F8 ] TrkWks C:\WINDOWS\system32\trkwks.dll
13:27:39.0953 3936 TrkWks - ok
13:27:39.0968 3936 [ E266683FC95ABDEC17CD378564E1B54B ] TVICHW32 C:\WINDOWS\system32\DRIVERS\TVICHW32.SYS
13:27:39.0968 3936 TVICHW32 - ok
13:27:39.0984 3936 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
13:27:39.0984 3936 Udfs - ok
13:27:39.0984 3936 ultra - ok
13:27:40.0031 3936 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
13:27:40.0031 3936 Update - ok
13:27:40.0046 3936 [ B1222A2302480D56A32C5343150BB16D ] upnphost C:\WINDOWS\System32\upnphost.dll
13:27:40.0062 3936 upnphost - ok
13:27:40.0062 3936 [ 7B07AF3D4545AD6FEE34B5F2EB247C8F ] UPS C:\WINDOWS\System32\ups.exe
13:27:40.0078 3936 UPS - ok
13:27:40.0093 3936 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
13:27:40.0093 3936 usbccgp - ok
13:27:40.0125 3936 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
13:27:40.0125 3936 usbehci - ok
13:27:40.0125 3936 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
13:27:40.0125 3936 usbhub - ok
13:27:40.0140 3936 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
13:27:40.0140 3936 usbprint - ok
13:27:40.0171 3936 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
13:27:40.0171 3936 usbscan - ok
13:27:40.0171 3936 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
13:27:40.0171 3936 USBSTOR - ok
13:27:40.0203 3936 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
13:27:40.0203 3936 usbuhci - ok
13:27:40.0203 3936 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
13:27:40.0203 3936 VgaSave - ok
13:27:40.0203 3936 ViaIde - ok
13:27:40.0234 3936 [ 57187EC04878147E1F4F2D9224B12205 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
13:27:40.0234 3936 VolSnap - ok
13:27:40.0265 3936 [ 940950DC9E34B05986BBBB1D1A33B74F ] VSS C:\WINDOWS\System32\vssvc.exe
13:27:40.0265 3936 VSS - ok
13:27:40.0296 3936 [ 4BF06A1DCD6A91C482E79340FEE527CA ] W32Time C:\WINDOWS\system32\w32time.dll
13:27:40.0296 3936 W32Time - ok
13:27:40.0312 3936 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
13:27:40.0312 3936 Wanarp - ok
13:27:40.0312 3936 WDICA - ok
13:27:40.0343 3936 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
13:27:40.0343 3936 wdmaud - ok
13:27:40.0343 3936 [ E6DFCADF5089A68ECD288E9A803A892C ] WebClient C:\WINDOWS\System32\webclnt.dll
13:27:40.0359 3936 WebClient - ok
13:27:40.0421 3936 [ CF4E2A27495F7EA6B3128D9A731B3716 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
13:27:40.0421 3936 winmgmt - ok
13:27:40.0437 3936 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
13:27:40.0437 3936 WmdmPmSN - ok
13:27:40.0453 3936 [ 9BFADC02A9E27BFDFF59E61302F92517 ] WmiApSrv C:\WINDOWS\System32\wbem\wmiapsrv.exe
13:27:40.0453 3936 WmiApSrv - ok
13:27:40.0515 3936 [ DE188DD69CA74B1512ADC5A7639523B2 ] WMPNetworkSvc C:\Program\Windows Media Player\WMPNetwk.exe
13:27:40.0531 3936 WMPNetworkSvc - ok
13:27:40.0578 3936 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
13:27:40.0609 3936 WPFFontCache_v0400 - ok
13:27:40.0640 3936 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
13:27:40.0640 3936 WS2IFSL - ok
13:27:40.0671 3936 [ 4AC32513FA47C8219448269BF895FC34 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
13:27:40.0671 3936 wscsvc - ok
13:27:40.0687 3936 [ 233CDD1C06942115802EB7CE6669E099 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
13:27:40.0687 3936 WSTCODEC - ok
13:27:40.0703 3936 [ 4CEAF29D35C2608C6463E80574DDCA10 ] wuauserv C:\WINDOWS\system32\wuauserv.dll
13:27:40.0703 3936 wuauserv - ok
13:27:40.0718 3936 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
13:27:40.0718 3936 WudfPf - ok
13:27:40.0734 3936 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
13:27:40.0734 3936 WudfRd - ok
13:27:40.0750 3936 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
13:27:40.0750 3936 WudfSvc - ok
13:27:40.0765 3936 [ 5EC7D7F83640A921B5C616D9650520FD ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
13:27:40.0781 3936 WZCSVC - ok
13:27:40.0796 3936 [ 5B3D475AA8629320686FBFFBE67AB492 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
13:27:40.0828 3936 xmlprov - ok
13:27:40.0828 3936 ================ Scan global ===============================
13:27:40.0859 3936 [ FCCF29A7B803601E170EE8E6C57BFB84 ] C:\WINDOWS\system32\basesrv.dll
13:27:40.0875 3936 [ 86412FDB78ECC79E964645E0196B5CC2 ] C:\WINDOWS\system32\winsrv.dll
13:27:40.0890 3936 [ 86412FDB78ECC79E964645E0196B5CC2 ] C:\WINDOWS\system32\winsrv.dll
13:27:40.0906 3936 [ 8870B0C4A094C1CE80CEA6F85FA38FF2 ] C:\WINDOWS\system32\services.exe
13:27:40.0906 3936 [Global] - ok
13:27:40.0906 3936 ================ Scan MBR ==================================
13:27:40.0906 3936 [ C8919AE61419C5625F9EF0AEF12523A8 ] \Device\Harddisk0\DR0
13:27:40.0968 3936 \Device\Harddisk0\DR0 - ok
13:27:40.0984 3936 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR1
13:27:41.0171 3936 \Device\Harddisk1\DR1 - ok
13:27:41.0171 3936 ================ Scan VBR ==================================
13:27:41.0171 3936 [ 5A12DA578728492D768CF932E4E55EDB ] \Device\Harddisk0\DR0\Partition1
13:27:41.0171 3936 \Device\Harddisk0\DR0\Partition1 - ok
13:27:41.0171 3936 [ FAF7A99740FB1CBB2658800C5C3CF778 ] \Device\Harddisk1\DR1\Partition1
13:27:41.0171 3936 \Device\Harddisk1\DR1\Partition1 - ok
13:27:41.0203 3936 [ 3FB56FD47FEADDDE31C0F61DF6B95E5D ] \Device\Harddisk1\DR1\Partition2
13:27:41.0203 3936 \Device\Harddisk1\DR1\Partition2 - ok
13:27:41.0203 3936 ============================================================
13:27:41.0203 3936 Scan finished
13:27:41.0203 3936 ============================================================
13:27:41.0203 1772 Detected object count: 0
13:27:41.0203 1772 Actual detected object count: 0
13:27:46.0062 3088 Deinitialize success



Eset:
C:\Documents and Settings\Svante Bjerner\Application Data\Sun\Java\Deployment\cache\6.0\35\23637da3-6785c734 multiple threats
C:\RECYCLER\S-1-5-21-839522115-1004336348-2147062339-1004\Dc1 multiple threats





aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-08-23 13:38:05
-----------------------------
13:38:05.484 OS Version: Windows 5.1.2600 Service Pack 3
13:38:05.484 Number of processors: 2 586 0xF0B
13:38:05.484 ComputerName: SEBALON UserName:
13:38:05.984 Initialize success
13:38:11.640 AVAST engine defs: 12082300
13:38:23.687 Disk 0 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-4
13:38:23.687 Disk 0 Vendor: Hitachi_HDP725032GLA360 GM3OA50E Size: 305244MB BusType: 3
13:38:23.703 Disk 1 (boot) \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP0T1L0-c
13:38:23.703 Disk 1 Vendor: Hitachi_HDP725050GLA360 GM4OA52A Size: 476938MB BusType: 3
13:38:23.718 Disk 1 MBR read successfully
13:38:23.718 Disk 1 MBR scan
13:38:23.734 Disk 1 Windows XP default MBR code
13:38:23.734 Disk 1 Partition 1 80 (A) 07 HPFS/NTFS NTFS 36969 MB offset 63
13:38:23.750 Disk 1 Partition 2 00 07 HPFS/NTFS NTFS 439967 MB offset 75714345
13:38:23.765 Disk 1 scanning sectors +976768065
13:38:23.875 Disk 1 scanning C:\WINDOWS\system32\drivers
13:38:38.156 Service scanning
13:38:45.484 Service MpKslacf95018 C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{D0E7D807-A3B4-4043-A69C-A97847843610}\MpKslacf95018.sys **LOCKED** 32
13:38:53.656 Modules scanning
13:39:00.453 Disk 1 trace - called modules:
13:39:00.468 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS
13:39:00.468 1 nt!IofCallDriver -> \Device\Harddisk1\DR1[0x8b0dfab8]
13:39:00.468 3 CLASSPNP.SYS[b80f8fd7] -> nt!IofCallDriver -> \Device\00000067[0x8b0f5f18]
13:39:00.484 5 ACPI.sys[b7f7f620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T1L0-c[0x8b0e4d98]
13:39:00.828 AVAST engine scan C:\WINDOWS
13:39:14.390 AVAST engine scan C:\WINDOWS\system32
13:42:50.093 AVAST engine scan C:\WINDOWS\system32\drivers
13:43:07.906 AVAST engine scan C:\Documents and Settings\Svante Bjerner
13:47:32.921 Disk 1 MBR has been saved successfully to "C:\Documents and Settings\Svante Bjerner\Skrivbord\MBR.dat"
13:47:32.937 The log file has been saved successfully to "C:\Documents and Settings\Svante Bjerner\Skrivbord\aswMBR.txt"

#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:13 AM

Posted 23 August 2012 - 08:06 AM

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.

Download

adware cleaner

Launch it click on Delete

post the generated log

Edited by narenxp, 23 August 2012 - 08:07 AM.


#5 Sebalon

Sebalon
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:13 PM

Posted 23 August 2012 - 09:11 AM

Hello!
MBAM did not find any infected files after full scan.


Here is the log from minitoolbox.

MiniToolBox by Farbar Version: 23-07-2012
Ran by Svante Bjerner (administrator) on 23-08-2012 at 16:08:18
Microsoft Windows XP Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================


IP-konfiguration för Windows



DNS-matcharens cacheminne har rensats.


========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

127.0.0.1 localhost

========================= IP Configuration: ================================


VARNING! Det gick inte att läsa värddatorinformation från datorn SEBALON. Vissa kommandon är kanske inte tillgängliga.
Det går inte att hitta nätverksplatsen. Information om hur nätverksfel kan felsökas finns i Windows Hjälp.



# ----------------------------------
# IP-konfiguration för gränssnitt
# ----------------------------------
pushd interface ip


# IP-konfiguration för gränssnitt för "Anslutning till lokalt nätverk 4"

set address name="Anslutning till lokalt nätverk 4" source=dhcp
set dns name="Anslutning till lokalt nätverk 4" source=dhcp register=PRIMARY
set wins name="Anslutning till lokalt nätverk 4" source=dhcp


popd
# Slut på IP-konfiguration för gränssnitt




IP-konfiguration för Windows



Värddatornamn . . . . . . . . . . : Sebalon

Primärt DNS-suffix . . . . . . . :

Nodtyp . . . . . . . . . . . . . : Okänd

IP-routning aktiverat . . . . . . : Nej

WINS-proxy aktiverat . . . . . . : Nej

Söklista för DNS-suffix . . . . . : lan



Ethernet-kort Anslutning till lokalt nätverk 4:



Anslutningsspecifika DNS-suffix . : lan

Beskrivning . . . . . . . . . . . : Realtek RTL8169/8110 Family Gigabit Ethernet NIC #2

Fysisk adress . . . . . . . . . . : 00-0A-CD-1E-B2-07

DHCP aktiverat . . . . . . . . . : Ja

Autokonfiguration aktiverat . . . : Ja

IP-adress . . . . . . . . . . . . : 192.168.1.68

Nätmask . . . . . . . . . . . . . : 255.255.255.0

Standard-gateway . . . . . . . . : 192.168.1.1

DHCP-server . . . . . . . . . . . : 192.168.1.1

DNS-servrar . . . . . . . . . . . : 192.168.1.1

Lånet erhölls . . . . . . . . . . : den 23 augusti 2012 15:40:22

Lånet upphör . . . . . . . . . . : den 23 augusti 2012 16:40:22

Server: dsldevice.lan
Address: 192.168.1.1

Name: google.com
Addresses: 173.194.32.32, 173.194.32.33, 173.194.32.34, 173.194.32.35
173.194.32.36, 173.194.32.37, 173.194.32.38, 173.194.32.39, 173.194.32.40
173.194.32.41, 173.194.32.46



Skickar signaler till google.com [173.194.32.5] med 32 byte data:



Svar fr†n 173.194.32.5: byte=32 tid=36ms TTL=52

Svar fr†n 173.194.32.5: byte=32 tid=35ms TTL=52



Ping-statistik f”r 173.194.32.5:

Paket: Skickade = 2, mottagna = 2, F”rlorade = 0 (0 %),

Ungef„rligt ”verf”ringstid i millisekunder:

L„gsta = 35 ms, H”gsta = 36 ms, Medel = 35 ms

Server: dsldevice.lan
Address: 192.168.1.1

Name: yahoo.com
Addresses: 98.139.183.24, 72.30.38.140, 98.138.253.109



Skickar signaler till yahoo.com [98.139.183.24] med 32 byte data:



Svar fr†n 98.139.183.24: byte=32 tid=821ms TTL=48

Svar fr†n 98.139.183.24: byte=32 tid=895ms TTL=48



Ping-statistik f”r 98.139.183.24:

Paket: Skickade = 2, mottagna = 2, F”rlorade = 0 (0 %),

Ungef„rligt ”verf”ringstid i millisekunder:

L„gsta = 821 ms, H”gsta = 895 ms, Medel = 858 ms

Server: dsldevice.lan
Address: 192.168.1.1

Name: bleepingcomputer.com
Address: 208.43.87.2



Skickar signaler till bleepingcomputer.com [208.43.87.2] med 32 byte data:



Svar fr†n 208.43.87.2: M†lv„rddatorn kan inte n†s.

Beg„ran gjorde timeout.



Ping-statistik f”r 208.43.87.2:

Paket: Skickade = 2, mottagna = 1, F”rlorade = 1 (50 %),

Ungef„rligt ”verf”ringstid i millisekunder:

L„gsta = 0 ms, H”gsta = 0 ms, Medel = 0 ms



Skickar signaler till 127.0.0.1 med 32 byte data:



Svar fr†n 127.0.0.1: byte=32 tid < 1 ms TTL=128

Svar fr†n 127.0.0.1: byte=32 tid < 1 ms TTL=128



Ping-statistik f”r 127.0.0.1:

Paket: Skickade = 2, mottagna = 2, F”rlorade = 0 (0 %),

Ungef„rligt ”verf”ringstid i millisekunder:

L„gsta = 0 ms, H”gsta = 0 ms, Medel = 0 ms

===========================================================================
Gr„nssnittslista
0x1 ........................... MS TCP Loopback interface
0x2 ...00 0a cd 1e b2 07 ...... Realtek RTL8169/8110 Family Gigabit Ethernet NIC #2 - Miniport för paketschemaläggning
===========================================================================
===========================================================================
Aktiva v„gar:
N„tverksadress N„tmask Gateway-adress Gr„nssnitt M†tt
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.68 20
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
192.168.1.0 255.255.255.0 192.168.1.68 192.168.1.68 20
192.168.1.68 255.255.255.255 127.0.0.1 127.0.0.1 20
192.168.1.255 255.255.255.255 192.168.1.68 192.168.1.68 20
224.0.0.0 240.0.0.0 192.168.1.68 192.168.1.68 20
255.255.255.255 255.255.255.255 192.168.1.68 192.168.1.68 1
Standard-gateway: 192.168.1.1
===========================================================================
Best„ndiga v„gar:
Inga
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\System32\mswsock.dll [247296] (Microsoft Corporation)
Catalog5 02 C:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\Windows\System32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [247296] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [247296] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (08/23/2012 06:40:36 AM) (Source: SecurityCenter) (User: )
Description: Det gick inte att upprätta händelsefrågor i WMI för att övervaka brandvägg och antivirus från en tredjepartstillverkare.

Error: (08/23/2012 06:40:36 AM) (Source: WinMgmt) (User: )
Description: Kärndelarna i WinMgmt kunde inte initieras. Detta kan bero på att WinMgmt installeras felaktigt, uppgradering av WinMgmt misslyckades, diskutrymme saknas eller på att arbetsminne saknas.

Error: (08/22/2012 10:37:00 PM) (Source: SecurityCenter) (User: )
Description: Det gick inte att upprätta händelsefrågor i WMI för att övervaka brandvägg och antivirus från en tredjepartstillverkare.

Error: (08/22/2012 10:37:00 PM) (Source: WinMgmt) (User: )
Description: Kärndelarna i WinMgmt kunde inte initieras. Detta kan bero på att WinMgmt installeras felaktigt, uppgradering av WinMgmt misslyckades, diskutrymme saknas eller på att arbetsminne saknas.

Error: (08/22/2012 10:25:27 PM) (Source: SecurityCenter) (User: )
Description: Det gick inte att upprätta händelsefrågor i WMI för att övervaka brandvägg och antivirus från en tredjepartstillverkare.

Error: (08/22/2012 10:25:27 PM) (Source: WinMgmt) (User: )
Description: Kärndelarna i WinMgmt kunde inte initieras. Detta kan bero på att WinMgmt installeras felaktigt, uppgradering av WinMgmt misslyckades, diskutrymme saknas eller på att arbetsminne saknas.

Error: (08/22/2012 07:53:02 PM) (Source: Application Hang) (User: )
Description: Stoppat program iexplore.exe, version 8.0.6001.18702, stoppad modul hungapp, version 0.0.0.0, stoppad adress 0x00000000.

Error: (08/22/2012 07:08:36 PM) (Source: SecurityCenter) (User: )
Description: Det gick inte att upprätta händelsefrågor i WMI för att övervaka brandvägg och antivirus från en tredjepartstillverkare.

Error: (08/22/2012 07:08:36 PM) (Source: WinMgmt) (User: )
Description: Kärndelarna i WinMgmt kunde inte initieras. Detta kan bero på att WinMgmt installeras felaktigt, uppgradering av WinMgmt misslyckades, diskutrymme saknas eller på att arbetsminne saknas.

Error: (08/22/2012 06:00:45 PM) (Source: WinMgmt) (User: )
Description: Kärndelarna i WinMgmt kunde inte initieras. Detta kan bero på att WinMgmt installeras felaktigt, uppgradering av WinMgmt misslyckades, diskutrymme saknas eller på att arbetsminne saknas.


System errors:
=============
Error: (08/22/2012 07:06:46 PM) (Source: DCOM) (User: NT INSTANS)
Description: DCOM fick felet %%1084 vid försök att starta tjänsten EventSystem med argumenten
för att köra servern:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (08/22/2012 06:00:58 PM) (Source: DCOM) (User: NT INSTANS)
Description: DCOM fick felet %%1084 vid försök att starta tjänsten EventSystem med argumenten
för att köra servern:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (08/22/2012 07:20:00 AM) (Source: Windows Update Agent) (User: )
Description: Installationsfel: Det gick inte att installera följande uppdatering på grund av fel 0x80070643: Bing Bar 7.0(KB2626808).

Error: (08/22/2012 06:30:43 AM) (Source: Windows Update Agent) (User: )
Description: Installationsfel: Det gick inte att installera följande uppdatering på grund av fel 0x80070643: Bing Bar 7.0(KB2626808).

Error: (08/22/2012 00:29:34 AM) (Source: Windows Update Agent) (User: )
Description: Installationsfel: Det gick inte att installera följande uppdatering på grund av fel 0x80070643: Bing Bar 7.0(KB2626808).

Error: (08/21/2012 11:31:16 PM) (Source: DCOM) (User: NT INSTANS)
Description: DCOM fick felet %%1084 vid försök att starta tjänsten EventSystem med argumenten
för att köra servern:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (08/21/2012 11:18:57 PM) (Source: DCOM) (User: NT INSTANS)
Description: DCOM fick felet %%1084 vid försök att starta tjänsten EventSystem med argumenten
för att köra servern:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (08/21/2012 10:50:16 PM) (Source: DCOM) (User: NT INSTANS)
Description: DCOM fick felet %%1084 vid försök att starta tjänsten EventSystem med argumenten
för att köra servern:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (08/21/2012 10:39:32 PM) (Source: DCOM) (User: NT INSTANS)
Description: DCOM fick felet %%1084 vid försök att starta tjänsten EventSystem med argumenten
för att köra servern:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (08/21/2012 07:41:07 PM) (Source: Windows Update Agent) (User: )
Description: Installationsfel: Det gick inte att installera följande uppdatering på grund av fel 0x80070643: Bing Bar 7.0(KB2626808).


Microsoft Office Sessions:
=========================
Error: (05/23/2011 09:20:30 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 8 seconds with 0 seconds of active time. This session ended with a crash.

Error: (05/23/2011 09:20:16 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 16 seconds with 0 seconds of active time. This session ended with a crash.

Error: (10/07/2008 06:29:50 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6323.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 575 seconds with 420 seconds of active time. This session ended with a crash.

Error: (10/05/2008 07:17:20 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6323.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 297 seconds with 240 seconds of active time. This session ended with a crash.

Error: (10/05/2008 07:12:19 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6323.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 209 seconds with 180 seconds of active time. This session ended with a crash.

Error: (10/05/2008 07:08:39 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6323.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 299 seconds with 240 seconds of active time. This session ended with a crash.

Error: (10/05/2008 07:03:37 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6323.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 110 seconds with 60 seconds of active time. This session ended with a crash.

Error: (10/05/2008 07:01:43 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6323.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 11 seconds with 0 seconds of active time. This session ended with a crash.

Error: (10/05/2008 07:01:24 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6323.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 2596 seconds with 2100 seconds of active time. This session ended with a crash.

Error: (10/05/2008 06:10:44 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6323.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 358 seconds with 300 seconds of active time. This session ended with a crash.


=========================== Installed Programs ============================

Adobe Flash Player 10 Plugin (Version: 10.0.45.2)
Adobe Flash Player 11 ActiveX (Version: 11.3.300.257)
Adobe Help Center 2.1 (Version: 2.1)
Adobe Photoshop Elements 5.0 (Version: 5.0)
Adobe Reader X (10.1.3) - Svenska (Version: 10.1.3)
Adobe Shockwave Player 11.5 (Version: 11.5)
Apple Application Support (Version: 1.5.1)
Apple Mobile Device Support (Version: 3.4.0.25)
Apple Software Update (Version: 2.1.2.120)
Ask Toolbar (Version: 1.14.1.0)
Ask Toolbar Updater (Version: 1.2.0.20007)
AutoHotkey 1.0.48.05 (Version: 1.0.48.05)
AxCrypt (Endast Avinstallation)
BankID säkerhetsprogram (Version: 4.19.1)
Boxee
Brother MFL-Pro Suite (Version: 1.00)
CCleaner (Version: 3.21)
ClearType Tuning Control Panel Applet (Version: 1.01.0000)
CygnusMedia 3.0
DreamChess 0.2.0
Driver Detective (Version: 8.0.1)
DriverAgent by TouchStone Software
DV NETWORK SOLUTION DISK (Version: 1.00.0000)
File Type Assistant
Flight Simulator X Service Pack 1
Garmin Communicator Plugin (Version: 2.9.1)
Garmin POI Loader (Version: 2.5.3.0)
Garmin USB Drivers (Version: 2.3.0.0)
Garmin WebUpdater (Version: 2.5.4)
Gigabyte Raid Configurer (Version: 1.00.0000)
Google Chrome (Version: 21.0.1180.83)
Google Earth (Version: 6.1.0.5001)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.4.3203.136)
Google Update Helper (Version: 1.3.21.115)
Google Updater (Version: 2.4.2432.1652)
Handley Page W8b for FSX or FS2004 (Version: 1.00.0000)
HijackThis 2.0.0 (Version: 2.0.0)
Java Auto Updater (Version: 2.0.7.1)
Java™ 6 Update 31 (Version: 6.0.310)
Junk Mail filter update (Version: 14.0.8089.726)
KU 2008 (Version: 1.0.0)
KU 2009 (Version: 1.0.0)
KU 2010 (Version: 1.0.0)
KU 2011 (Version: 1.0.0)
KU2008
Ku2009
Malwarebytes Anti-Malware version 1.62.0.1300 (Version: 1.62.0.1300)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - SVE (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - SVE (Version: 3.2.30729)
Microsoft .NET Framework 3.5 Language Pack SP1 - sve (Version: 3.5.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30320)
Microsoft .NET Framework 4 Extended (Version: 4.0.30320)
Microsoft .NET Framework 4 Multi-Targeting Pack (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools (Version: 2.0.50217.0)
Microsoft ASP.NET MVC 2 (Version: 2.0.50217.0)
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1)
Microsoft Download Manager (Version: 1.2.1)
Microsoft Flight Simulator 2004 A Century of Flight (Version: 9.0)
Microsoft Flight Simulator X (Version: 10.0.60905)
Microsoft Flight Simulator X: Acceleration (Version: 10.0.61637.0)
Microsoft Help Viewer 1.0 (Version: 1.0.30319)
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (Swedish) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000)
Microsoft Office Live Add-in 1.3 (Version: 2.0.2313.0)
Microsoft Office OneNote MUI (Swedish) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (Swedish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Finnish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Swedish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (Swedish) 2007 (Version: 12.0.4518.1018)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared MUI (Swedish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (Swedish) 2007 (Version: 12.0.6612.1000)
Microsoft Search Enhancement Pack (Version: 3.0.127.0)
Microsoft Security Client (Version: 4.0.1526.0)
Microsoft Security Essentials (Version: 4.0.1526.0)
Microsoft Silverlight (Version: 4.1.10329.0)
Microsoft Silverlight 3 SDK (Version: 3.0.40818.0)
Microsoft Software Update for Web Folders (Swedish) 12 (Version: 12.0.6612.1000)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft SQL Server 2008 R2 Data-Tier Application Framework (Version: 10.50.1447.4)
Microsoft SQL Server 2008 R2 Data-Tier Application Project (Version: 10.50.1447.4)
Microsoft SQL Server 2008 R2 Management Objects (Version: 10.50.1447.4)
Microsoft SQL Server 2008 R2 Transact-SQL Language Service (Version: 10.50.1447.4)
Microsoft SQL Server Compact 3.5 SP2 ENU (Version: 3.5.8080.0)
Microsoft SQL Server Database Publishing Wizard 1.4 (Version: 10.1.2512.8)
Microsoft SQL Server System CLR Types (Version: 10.50.1447.4)
Microsoft Sync Framework Runtime Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft Sync Framework Runtime v1.0 SP1 (x86) (Version: 1.0.3010.0)
Microsoft Sync Framework SDK v1.0 SP1 (Version: 1.0.3010.0)
Microsoft Sync Framework Services Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft Sync Framework Services v1.0 SP1 (x86) (Version: 1.0.3010.0)
Microsoft Sync Services for ADO.NET v2.0 SP1 (x86) (Version: 2.0.3010.0)
Microsoft Team Foundation Server 2010 Object Model - ENU (Version: 10.0.30319)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 (Version: 9.0.30729.4974)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010 x86 Runtime - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual F# 2.0 Runtime (Version: 10.0.30319)
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (Version: 10.0.30319)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (Version: 10.0.30319)
Microsoft Visual Studio Macro Tools (Version: 9.0.30729)
MobileMe Control Panel (Version: 3.1.6.0)
Move Networks Media Player for Internet Explorer
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB936181) (Version: 4.20.9848.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 4.0 SP2 Parser and SDK (Version: 4.20.9818.0)
MSXML 6.0 Parser (KB933579) (Version: 6.10.1200.0)
Need for Speed™ Most Wanted
neroxml (Version: 1.0.0)
Norton Security Scan (Version: 2.3.0.44)
NVIDIA Drivers (Version: 1.10.59.37)
NVIDIA nView Desktop Manager (Version: 6.14.10.12561)
NVIDIA PhysX (Version: 9.09.0814)
OGA Notifier 1.7.0105.35.0 (Version: 1.7.0105.35.0)
OVT Scanner X86 (Version: 1.00.0000)
PaperPort Image Printer (Version: 1.00.0000)
Photodex Presenter
ProShow Gold
ProShow Producer
QuickTime (Version: 7.69.80.9)
REALTEK GbE & FE Ethernet PCI NIC Driver (Version: 1.23.0000)
Realtek High Definition Audio Driver (Version: 5.10.0.5532)
Samsung Kies (Version: 2.0.3.11082_152)
SAMSUNG USB Driver for Mobile Phones (Version: 1.5.4.0)
ScanSoft PaperPort 11 (Version: 11.1.0000)
Segoe UI (Version: 14.0.4327.805)
Snabbkorrigering för Windows Internet Explorer 7 (KB947864) (Version: 1)
Säkerhetsuppdatering för Windows Internet Explorer 7 (KB938127) (Version: 1)
Säkerhetsuppdatering för Windows Internet Explorer 7 (KB942615) (Version: 1)
Säkerhetsuppdatering för Windows Internet Explorer 7 (KB944533) (Version: 1)
Säkerhetsuppdatering för Windows Internet Explorer 7 (KB950759) (Version: 1)
Säkerhetsuppdatering för Windows Internet Explorer 7 (KB953838) (Version: 1)
Säkerhetsuppdatering för Windows Internet Explorer 7 (KB956390) (Version: 1)
Säkerhetsuppdatering för Windows Internet Explorer 7 (KB958215) (Version: 1)
Säkerhetsuppdatering för Windows Internet Explorer 7 (KB960714) (Version: 1)
Säkerhetsuppdatering för Windows Internet Explorer 7 (KB961260) (Version: 1)
Säkerhetsuppdatering för Windows Internet Explorer 7 (KB963027) (Version: 1)
Säkerhetsuppdatering för Windows Internet Explorer 8 (KB2510531) (Version: 1)
Säkerhetsuppdatering för Windows Internet Explorer 8 (KB2544521) (Version: 1)
Säkerhetsuppdatering för Windows Internet Explorer 8 (KB2722913) (Version: 1)
Säkerhetsuppdatering för Windows Media Player (KB911564)
Säkerhetsuppdatering för Windows Media Player 6.4 (KB925398)
Säkerhetsuppdatering för Windows Media Player 9 (KB936782)
Säkerhetsuppdatering för Windows XP (KB923689)
Säkerhetsuppdatering för Windows XP (KB923789)
Spotify (Version: 0.4.8)
Språkpaket för Microsoft .NET Framework 3.5 SP 1 - sve
Spybot - Search & Destroy (Version: 1.6.2)
Spybot - Search & Destroy 1.5.2.20
System Requirements Lab
Tand353
ToggleSW Toolbar (Version: 6.9.0.16)
Trainz Simulator 2009: World Builder Edition
Unity Web Player (Version: 2.6.1f3_31223)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)
USB Downloader (Version: 1.40.0000)
Web Deployment Tool (Version: 1.1.0618)
WebFldrs XP (Version: 9.50.5318)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Genuine Advantage Validation Tool (KB892130) (Version: 1.7.0069.2)
Windows Internet Explorer 7 (Version: 20070813.185237)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Live Communications Platform (Version: 14.0.8098.930)
Windows Live Essentials (Version: 14.0.8089.0726)
Windows Live Essentials (Version: 14.0.8089.726)
Windows Live Family Safety (Version: 14.0.8093.805)
Windows Live inloggningsassistenten (Version: 5.000.818.6)
Windows Live Mail (Version: 14.0.8089.0726)
Windows Live Messenger (Version: 14.0.8089.0726)
Windows Live OneCare safety scanner
Windows Live Photo Gallery (Version: 14.0.8081.709)
Windows Live Sync (Version: 14.0.8089.726)
Windows Live Toolbar (Version: 14.0.8064.206)
Windows Live Upload Tool (Version: 14.0.8014.1029)
Windows Live Writer (Version: 14.0.8089.0726)
Windows Media Format 11 runtime
Windows Media Player 11
Windows XP Service Pack 3 (Version: 20080414.175804)
WinRAR archiver
Winspector
WinZip (Version: 8.1 (4331))
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU (Version: 4.0.8080.0)
VLC media player 1.1.11 (Version: 1.1.11)
XML Paper Specification Shared Components Language Pack 1.0
Xvid 1.1.3 final uninstall (Version: 1.1)
ZipGenius 6 (6.0.3.1150) (Version: 6.0)

========================= Memory info: ===================================

Percentage of memory in use: 29%
Total physical RAM: 3582.42 MB
Available physical RAM: 2528.99 MB
Total Pagefile: 5464.84 MB
Available Pagefile: 4672.31 MB
Total Virtual: 2047.88 MB
Available Virtual: 1975.63 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:36.1 GB) (Free:3.99 GB) NTFS
3 Drive e: (Ny volym) (Fixed) (Total:298.09 GB) (Free:175.53 GB) NTFS
4 Drive f: (Ny volym) (Fixed) (Total:429.66 GB) (Free:309.99 GB) NTFS

========================= Users: ========================================

Anv„ndarkonton f”r \\SEBALON

Administrat”r ASPNET G„st
Hj„lpassistent SUPPORT_388945a0 Svante Bjerner
Kommandot har utf”rts.


**** End of log ****

Running adware cleaner now...

#6 Sebalon

Sebalon
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:13 PM

Posted 23 August 2012 - 09:14 AM

Here is adware cleaners logfile:

# AdwCleaner v1.801 - Logfile created 08/23/2012 at 16:12:34
# Updated 14/08/2012 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : Svante Bjerner - SEBALON
# Boot Mode : Normal
# Running from : C:\Documents and Settings\Svante Bjerner\Lokala inställningar\Temporary Internet Files\Content.IE5\QXT8IKIZ\adwcleaner[1].exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****

Folder Found : C:\Documents and Settings\Svante Bjerner\Application Data\PriceGong
Folder Found : C:\Documents and Settings\All Users\Application Data\Ask
Folder Found : C:\Documents and Settings\All Users\Application Data\boost_interprocess
Folder Found : C:\Program\Ask.com
Folder Found : C:\Program\Conduit
Folder Found : C:\Program\ToggleSW
Folder Found : C:\WINDOWS\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
File Found : C:\WINDOWS\system32\conduitEngine.tmp
File Found : C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job

***** [Registry] *****

[*] Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2088752
Key Found : HKCU\Software\APN
Key Found : HKCU\Software\Ask.com
Key Found : HKCU\Software\AskToolbar
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Found : HKCU\Software\PriceGong
Key Found : HKCU\Software\ToggleSW
Key Found : HKCU\Toolbar
Key Found : HKLM\SOFTWARE\APN
Key Found : HKLM\SOFTWARE\AskToolbar
Key Found : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Found : HKLM\SOFTWARE\Classes\Conduit.Engine
Key Found : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Found : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Found : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Key Found : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Found : HKLM\SOFTWARE\Conduit
Key Found : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ApnUpdater
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ToggleSW Toolbar
Key Found : HKLM\SOFTWARE\ToggleSW

***** [Registre - GUID] *****

Key Found : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{6DABBDA0-1DA5-4A2F-BC89-2AE084C572FA}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{9320A715-7CFB-4E3F-9A38-B0ADF1ED4FB3}
Key Found : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Found : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Found : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Found : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{515FC347-DD09-4DFA-AD40-83695C89603F}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8EDAB9D0-444D-4FC9-B3FC-9ED4966ADC13}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6DABBDA0-1DA5-4A2F-BC89-2AE084C572FA}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9320A715-7CFB-4E3F-9A38-B0ADF1ED4FB3}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6DABBDA0-1DA5-4A2F-BC89-2AE084C572FA}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6DABBDA0-1DA5-4A2F-BC89-2AE084C572FA}
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{6DABBDA0-1DA5-4A2F-BC89-2AE084C572FA}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{6DABBDA0-1DA5-4A2F-BC89-2AE084C572FA}]

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

[OK] Registry is clean.

*************************

AdwCleaner[S1].txt - [384 octets] - [23/08/2012 16:11:54]
AdwCleaner[R1].txt - [5420 octets] - [23/08/2012 16:12:34]

########## EOF - C:\AdwCleaner[R1].txt - [5548 octets] ##########

#7 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:13 AM

Posted 23 August 2012 - 09:46 AM

FSS LOG?

#8 Sebalon

Sebalon
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:13 PM

Posted 23 August 2012 - 10:20 AM

Sorry!

Here we are:

Farbar Service Scanner Version: 06-08-2012
Ran by Svante Bjerner (administrator) on 23-08-2012 at 17:19:54
Running from "C:\Documents and Settings\Svante Bjerner\Lokala inställningar\Temporary Internet Files\Content.IE5\XKK8F3AH"
Microsoft Windows XP Service Pack 3 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll
[2001-09-07 14:00] - [2008-04-14 18:04] - 0126464 ____A (Microsoft Corporation) 0CE3FA1C1A6803B34022D6C47273930D

C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll
[2001-09-07 14:00] - [2009-04-20 19:20] - 0045568 ____A (Microsoft Corporation) EFAC4D4C80CCD725CC5BD7D3DBF18C74

C:\WINDOWS\system32\ipnathlp.dll
[2007-12-25 15:41] - [2008-04-14 18:04] - 0330752 ____A (Microsoft Corporation) 30E1A46734BDF836C8770949C86B42A4

C:\WINDOWS\system32\netman.dll
[2001-09-07 14:00] - [2008-04-14 18:04] - 0198144 ____A (Microsoft Corporation) 7F791C1C9D3FEC5D3F519C9DB19465D3

C:\WINDOWS\system32\wbem\WMIsvc.dll
[2007-12-25 14:14] - [2008-04-14 18:04] - 0145408 ____A (Microsoft Corporation) CF4E2A27495F7EA6B3128D9A731B3716

C:\WINDOWS\system32\srsvc.dll
[2007-12-25 14:15] - [2008-04-14 18:04] - 0171008 ____A (Microsoft Corporation) 25EDB60132F9D82CB1B7961C1D0D13F2

C:\WINDOWS\system32\Drivers\sr.sys
[2007-12-25 14:15] - [2008-04-14 17:45] - 0073344 ____A (Microsoft Corporation) 1193EF00869F6367367E6E7CB96BE325

C:\WINDOWS\system32\wscsvc.dll
[2004-08-04 10:34] - [2008-04-14 18:04] - 0080896 ____A (Microsoft Corporation) 4AC32513FA47C8219448269BF895FC34

C:\WINDOWS\system32\wbem\WMIsvc.dll
[2007-12-25 14:14] - [2008-04-14 18:04] - 0145408 ____A (Microsoft Corporation) CF4E2A27495F7EA6B3128D9A731B3716

C:\WINDOWS\system32\wuauserv.dll
[2007-12-25 14:14] - [2008-04-14 18:04] - 0006656 ____A (Microsoft Corporation) 4CEAF29D35C2608C6463E80574DDCA10

C:\WINDOWS\system32\qmgr.dll
[2007-12-25 14:16] - [2008-04-14 18:04] - 0409088 ____A (Microsoft Corporation) 9741942A86E579231D3C41AA51DE042F

C:\WINDOWS\system32\es.dll
[2007-12-25 15:40] - [2008-07-07 22:29] - 0253952 ____A (Microsoft Corporation) 01CEC6DE315F1A06CE5AA70009C6979E

C:\WINDOWS\system32\cryptsvc.dll
[2001-09-07 14:00] - [2008-04-14 18:04] - 0062464 ____A (Microsoft Corporation) 04FD6585508A7320B2C7453CED231D6B

C:\WINDOWS\system32\svchost.exe
[2001-09-07 14:00] - [2008-04-14 18:05] - 0014336 ____A (Microsoft Corporation) 6CCEF19D7301D9861F90E299C798AD3F

C:\WINDOWS\system32\rpcss.dll
[2007-12-25 15:40] - [2009-02-09 12:56] - 0401408 ____A (Microsoft Corporation) 87DADC3F6E6CD5AAEB913E19CBFF922C

C:\WINDOWS\system32\services.exe
[2001-09-07 14:00] - [2009-02-09 13:27] - 0110592 ____A (Microsoft Corporation) 8870B0C4A094C1CE80CEA6F85FA38FF2


Extra List:
=======
fssfltr(9) Gpc(3) IPSec(5) NetBT(6) PSched(7) Tcpip(4)
0x080000000500000001000000020000000300000004000000060000000700000009000000
IpSec Tag value is correct.

**** End of log ****

#9 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:13 AM

Posted 23 August 2012 - 10:24 AM

download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here

Any current issues?

#10 Sebalon

Sebalon
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:13 PM

Posted 23 August 2012 - 10:33 AM

Rkill started in DOS and did not generate any log...
Tryed it 3 times with the same result.
No errormessages.

Best regards,
Sebalon

#11 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:13 AM

Posted 23 August 2012 - 10:35 AM

Try to run it in safemode

#12 Sebalon

Sebalon
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:13 PM

Posted 23 August 2012 - 10:50 AM

Hi again! Same result in safe mod
It leaves no log.
The program try to open it itself but
gets the answer "File not found"

#13 Sebalon

Sebalon
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:13 PM

Posted 23 August 2012 - 11:04 AM

Tryed it once more with the same result.

Best regars,
Sebalon

#14 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:10:13 AM

Posted 23 August 2012 - 01:01 PM

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot

Turn off your system restore,restart the PC,create a new restore point

http://support.microsoft.com/kb/310405

Update your flash player

Update your JAVA from here

http://java.com/en/download/inc/windows_upgrade_xpi.jsp

Update your antivirus frequently,do not click on suspicious links

Safe surfing :)

#15 Sebalon

Sebalon
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:13 PM

Posted 23 August 2012 - 02:14 PM

Thank you!

Best regards!

Sebalon




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users