Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Adobe Flash Installer virus


  • Please log in to reply
20 replies to this topic

#1 havardml

havardml

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:03:52 AM

Posted 03 September 2012 - 01:33 PM

A Adobe Flash Installer window pops up every 10 minutes on my computer, asking me to install Adobe Flash 11.4. It's obviosly a virus and I'm pretty sure it has destroyed Google Chrome.

Obv; I can't be 100 per cent sure it's a virus, but I'm not gonna risk anything, so I just exit the window every time.

What to do guys?

Edited by hamluis, 04 September 2012 - 12:13 PM.
Moved from Win 7 to Am I Infected - Hamluis.


BC AdBot (Login to Remove)

 


#2 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:52 AM

Posted 03 September 2012 - 01:59 PM

Perform a clean install of adobe flash player.
http://forums.adobe.com/message/4041846

#3 havardml

havardml
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:03:52 AM

Posted 03 September 2012 - 02:53 PM

That didn't help me unfortunately :( The problem's got nothing to do with Adobe Flash Player. The virus is just disguised as a Flash Player installer.

This is what the file looks like in Task Manager: http://i47.tinypic.com/2rwrt5u.jpg

#4 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:52 AM

Posted 03 September 2012 - 03:02 PM

Run Rkill then
http://www.bleepingcomputer.com/download/rkill/

Run updated quick scans with Malwarebytes and superantispyware.
http://www.filehippo.com/download_malwarebytes_anti_malware/download/37befa70d5918267ab7ff946c445c118/
http://www.superantispyware.com/downloadfile.html?productid=SUPERANTISPYWAREFREE

Remove anything they find and reboot if needed.

Then run an online scan with eset.
http://www.eset.com/us/online-scanner/

If the above does not help then I suggest you post in the virus removal forum.

Edited by InadequateInfirmity, 03 September 2012 - 03:02 PM.


#5 havardml

havardml
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:03:52 AM

Posted 03 September 2012 - 03:48 PM

Will try in the virus removal forum. Thank you for your time buddy.

#6 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:52 AM

Posted 03 September 2012 - 03:50 PM

:thumbup2:

#7 havardml

havardml
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:03:52 AM

Posted 04 September 2012 - 04:34 PM

Avast managed to locate the virus and was gonna remove it, but was unable to do that because of a 0xc0000121 error. So I still don't know what to do.

It's a trojan virus.

Avast keeps giving my warnings on my desktop such as these: http://i46.tinypic.com/1wy9y.jpg But that doesn't really help me...

The picture says:

Trojan horse blocked

No further action is necessary (clearly there is)

Object:
Infection:
Action:
Progress:

The threat was detected and blocked when the file was created or modified

Edited by havardml, 04 September 2012 - 04:38 PM.


#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:52 AM

Posted 04 September 2012 - 04:36 PM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#9 havardml

havardml
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:03:52 AM

Posted 04 September 2012 - 06:10 PM

TDDSSkiller log:

23:38:43.0803 3752 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
23:38:43.0975 3752 ============================================================
23:38:43.0975 3752 Current date / time: 2012/09/04 23:38:43.0975
23:38:43.0975 3752 SystemInfo:
23:38:43.0975 3752
23:38:43.0975 3752 OS Version: 6.1.7600 ServicePack: 0.0
23:38:43.0975 3752 Product type: Workstation
23:38:43.0975 3752 ComputerName: HÅVARD-PC
23:38:43.0975 3752 UserName: Håvard
23:38:43.0975 3752 Windows directory: C:\Windows
23:38:43.0975 3752 System windows directory: C:\Windows
23:38:43.0975 3752 Running under WOW64
23:38:43.0975 3752 Processor architecture: Intel x64
23:38:43.0975 3752 Number of processors: 4
23:38:43.0975 3752 Page size: 0x1000
23:38:43.0975 3752 Boot type: Normal boot
23:38:43.0975 3752 ============================================================
23:38:44.0770 3752 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
23:38:44.0786 3752 ============================================================
23:38:44.0786 3752 \Device\Harddisk0\DR0:
23:38:44.0786 3752 MBR partitions:
23:38:44.0786 3752 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1C5E800, BlocksNum 0x22EE8000
23:38:44.0786 3752 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x24B46800, BlocksNum 0x329FF000
23:38:44.0786 3752 ============================================================
23:38:44.0802 3752 C: <-> \Device\Harddisk0\DR0\Partition1
23:38:44.0848 3752 D: <-> \Device\Harddisk0\DR0\Partition2
23:38:44.0848 3752 ============================================================
23:38:44.0848 3752 Initialize success
23:38:44.0848 3752 ============================================================
23:38:46.0408 3564 ============================================================
23:38:46.0408 3564 Scan started
23:38:46.0408 3564 Mode: Manual;
23:38:46.0408 3564 ============================================================
23:38:47.0157 3564 ================ Scan system memory ========================
23:38:47.0157 3564 System memory - ok
23:38:47.0157 3564 ================ Scan services =============================
23:38:47.0235 3564 [ 7D9D615201A483D6FA99491C2E655A5A ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
23:38:47.0235 3564 !SASCORE - ok
23:38:47.0329 3564 [ 969C91060CBB5D17CB8440B5F78B4C51 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
23:38:47.0329 3564 1394ohci - ok
23:38:47.0360 3564 [ 6F11E88748CDEFD2F76AA215F97DDFE5 ] ACPI C:\Windows\system32\DRIVERS\ACPI.sys
23:38:47.0360 3564 ACPI - ok
23:38:47.0376 3564 [ 63B05A0420CE4BF0E4AF6DCC7CADA254 ] AcpiPmi C:\Windows\system32\DRIVERS\acpipmi.sys
23:38:47.0376 3564 AcpiPmi - ok
23:38:47.0422 3564 [ D44BCAF639E4E45307C2BC80715273D5 ] adfs C:\Windows\system32\drivers\adfs.sys
23:38:47.0422 3564 adfs - ok
23:38:47.0485 3564 [ B2B64AF436FACCFA854DD397027C5360 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
23:38:47.0485 3564 AdobeFlashPlayerUpdateSvc - ok
23:38:47.0500 3564 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
23:38:47.0500 3564 adp94xx - ok
23:38:47.0516 3564 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
23:38:47.0516 3564 adpahci - ok
23:38:47.0532 3564 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
23:38:47.0532 3564 adpu320 - ok
23:38:47.0563 3564 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
23:38:47.0563 3564 AeLookupSvc - ok
23:38:47.0610 3564 [ DB9D6C6B2CD95A9CA414D045B627422E ] AFD C:\Windows\system32\drivers\afd.sys
23:38:47.0610 3564 AFD - ok
23:38:47.0625 3564 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\DRIVERS\agp440.sys
23:38:47.0625 3564 agp440 - ok
23:38:47.0625 3564 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
23:38:47.0641 3564 ALG - ok
23:38:47.0641 3564 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\DRIVERS\aliide.sys
23:38:47.0641 3564 aliide - ok
23:38:47.0656 3564 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\DRIVERS\amdide.sys
23:38:47.0656 3564 amdide - ok
23:38:47.0672 3564 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
23:38:47.0688 3564 AmdK8 - ok
23:38:47.0688 3564 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
23:38:47.0688 3564 AmdPPM - ok
23:38:47.0719 3564 [ EC7EBAB00A4D8448BAB68D1E49B4BEB9 ] amdsata C:\Windows\system32\drivers\amdsata.sys
23:38:47.0750 3564 amdsata - ok
23:38:47.0766 3564 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
23:38:47.0797 3564 amdsbs - ok
23:38:47.0812 3564 [ DB27766102C7BF7E95140A2AA81D042E ] amdxata C:\Windows\system32\drivers\amdxata.sys
23:38:47.0875 3564 amdxata - ok
23:38:47.0890 3564 ANIWConnService - ok
23:38:47.0906 3564 [ 4CCF421E6C4B2A4CBCE000715911F7CC ] anodlwf C:\Windows\system32\DRIVERS\anodlwfx.sys
23:38:47.0906 3564 anodlwf - ok
23:38:47.0922 3564 [ 42FD751B27FA0E9C69BB39F39E409594 ] AppID C:\Windows\system32\drivers\appid.sys
23:38:47.0922 3564 AppID - ok
23:38:47.0937 3564 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
23:38:47.0937 3564 AppIDSvc - ok
23:38:47.0953 3564 [ D065BE66822847B7F127D1F90158376E ] Appinfo C:\Windows\System32\appinfo.dll
23:38:47.0953 3564 Appinfo - ok
23:38:48.0015 3564 [ 7EF47644B74EBE721CC32211D3C35E76 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
23:38:48.0015 3564 Apple Mobile Device - ok
23:38:48.0031 3564 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
23:38:48.0031 3564 arc - ok
23:38:48.0031 3564 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
23:38:48.0046 3564 arcsas - ok
23:38:48.0078 3564 [ A82C01606DC27D05D9D3BFB6BB807E32 ] AsIO C:\Windows\syswow64\drivers\AsIO.sys
23:38:48.0078 3564 AsIO - ok
23:38:48.0093 3564 [ 26D66E32E78D3059715B3A17BC679CD9 ] AsUpIO C:\Windows\syswow64\drivers\AsUpIO.sys
23:38:48.0093 3564 AsUpIO - ok
23:38:48.0109 3564 [ 55142B4F7A7E4C9C151C6000A6BF7809 ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
23:38:48.0109 3564 aswFsBlk - ok
23:38:48.0156 3564 [ AA9FDE3D630160B47DAB21BF8250111C ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
23:38:48.0156 3564 aswMonFlt - ok
23:38:48.0171 3564 [ 2A6675C24DF5159A9506CD13ECE5ABE9 ] aswRdr C:\Windows\System32\Drivers\aswrdr2.sys
23:38:48.0171 3564 aswRdr - ok
23:38:48.0187 3564 [ 4E38475BDB51A867CCBA7D5DF7FDFC0C ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
23:38:48.0202 3564 aswSnx - ok
23:38:48.0218 3564 [ 9A49D80D65451AF22913AEF772CC3DA9 ] aswSP C:\Windows\system32\drivers\aswSP.sys
23:38:48.0218 3564 aswSP - ok
23:38:48.0234 3564 [ C3EC420451AC5300A22190AE38418FBA ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
23:38:48.0234 3564 aswTdi - ok
23:38:48.0249 3564 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
23:38:48.0249 3564 AsyncMac - ok
23:38:48.0265 3564 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\DRIVERS\atapi.sys
23:38:48.0265 3564 atapi - ok
23:38:48.0280 3564 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
23:38:48.0280 3564 AudioEndpointBuilder - ok
23:38:48.0296 3564 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioSrv C:\Windows\System32\Audiosrv.dll
23:38:48.0296 3564 AudioSrv - ok
23:38:48.0343 3564 [ 04AC21E821F259845BD7367CEE057290 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
23:38:48.0343 3564 avast! Antivirus - ok
23:38:48.0390 3564 AVG Security Toolbar Service - ok
23:38:48.0421 3564 [ B20B5FA5CA050E9926E4D1DB81501B32 ] AxInstSV C:\Windows\System32\AxInstSV.dll
23:38:48.0421 3564 AxInstSV - ok
23:38:48.0452 3564 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
23:38:48.0452 3564 b06bdrv - ok
23:38:48.0483 3564 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
23:38:48.0483 3564 b57nd60a - ok
23:38:48.0499 3564 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
23:38:48.0499 3564 BDESVC - ok
23:38:48.0514 3564 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
23:38:48.0514 3564 Beep - ok
23:38:48.0546 3564 [ 4992C609A6315671463E30F6512BC022 ] BFE C:\Windows\System32\bfe.dll
23:38:48.0546 3564 BFE - ok
23:38:48.0561 3564 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
23:38:48.0561 3564 blbdrive - ok
23:38:48.0592 3564 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
23:38:48.0592 3564 Bonjour Service - ok
23:38:48.0624 3564 [ 19D20159708E152267E53B66677A4995 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
23:38:48.0624 3564 bowser - ok
23:38:48.0624 3564 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
23:38:48.0639 3564 BrFiltLo - ok
23:38:48.0639 3564 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
23:38:48.0639 3564 BrFiltUp - ok
23:38:48.0670 3564 [ 6B054C67AAA87843504E8E3C09102009 ] Browser C:\Windows\System32\browser.dll
23:38:48.0670 3564 Browser - ok
23:38:48.0686 3564 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
23:38:48.0686 3564 Brserid - ok
23:38:48.0702 3564 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
23:38:48.0702 3564 BrSerWdm - ok
23:38:48.0702 3564 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
23:38:48.0702 3564 BrUsbMdm - ok
23:38:48.0717 3564 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
23:38:48.0717 3564 BrUsbSer - ok
23:38:48.0733 3564 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
23:38:48.0733 3564 BTHMODEM - ok
23:38:48.0748 3564 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
23:38:48.0748 3564 bthserv - ok
23:38:48.0748 3564 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
23:38:48.0764 3564 cdfs - ok
23:38:48.0780 3564 [ 83D2D75E1EFB81B3450C18131443F7DB ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
23:38:48.0780 3564 cdrom - ok
23:38:48.0795 3564 [ 312E2F82AF11E79906898AC3E3D58A1F ] CertPropSvc C:\Windows\System32\certprop.dll
23:38:48.0795 3564 CertPropSvc - ok
23:38:48.0811 3564 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
23:38:48.0811 3564 circlass - ok
23:38:48.0826 3564 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
23:38:48.0826 3564 CLFS - ok
23:38:48.0889 3564 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:38:48.0889 3564 clr_optimization_v2.0.50727_32 - ok
23:38:48.0920 3564 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
23:38:48.0920 3564 clr_optimization_v2.0.50727_64 - ok
23:38:48.0982 3564 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
23:38:48.0982 3564 clr_optimization_v4.0.30319_32 - ok
23:38:48.0998 3564 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
23:38:48.0998 3564 clr_optimization_v4.0.30319_64 - ok
23:38:49.0014 3564 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
23:38:49.0014 3564 CmBatt - ok
23:38:49.0029 3564 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\DRIVERS\cmdide.sys
23:38:49.0029 3564 cmdide - ok
23:38:49.0045 3564 [ CA7720B73446FDDEC5C69519C1174C98 ] CNG C:\Windows\system32\Drivers\cng.sys
23:38:49.0060 3564 CNG - ok
23:38:49.0076 3564 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
23:38:49.0076 3564 Compbatt - ok
23:38:49.0092 3564 [ F26B3A86F6FA87CA360B879581AB4123 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
23:38:49.0092 3564 CompositeBus - ok
23:38:49.0092 3564 COMSysApp - ok
23:38:49.0201 3564 cpuz134 - ok
23:38:49.0201 3564 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
23:38:49.0201 3564 crcdisk - ok
23:38:49.0232 3564 [ F02786B66375292E58C8777082D4396D ] CryptSvc C:\Windows\system32\cryptsvc.dll
23:38:49.0232 3564 CryptSvc - ok
23:38:49.0279 3564 [ 882FE32D6787C124D9D1F95473CF11CC ] Darusb_win7x C:\Windows\system32\DRIVERS\Darusb_win7x.sys
23:38:49.0279 3564 Darusb_win7x - ok
23:38:49.0310 3564 [ 7266972E86890E2B30C0C322E906B027 ] DcomLaunch C:\Windows\system32\rpcss.dll
23:38:49.0310 3564 DcomLaunch - ok
23:38:49.0341 3564 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
23:38:49.0341 3564 defragsvc - ok
23:38:49.0404 3564 [ 0A403702CB00432AC818523CD416BF67 ] Device Handle Service C:\Windows\SysWOW64\AsHookDevice.exe
23:38:49.0404 3564 Device Handle Service - ok
23:38:49.0435 3564 [ 9C253CE7311CA60FC11C774692A13208 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
23:38:49.0435 3564 DfsC - ok
23:38:49.0466 3564 [ CE3B9562D997F69B330D181A8875960F ] Dhcp C:\Windows\system32\dhcpcore.dll
23:38:49.0466 3564 Dhcp - ok
23:38:49.0482 3564 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
23:38:49.0482 3564 discache - ok
23:38:49.0482 3564 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
23:38:49.0497 3564 Disk - ok
23:38:49.0513 3564 [ 85CF424C74A1D5EC33533E1DBFF9920A ] Dnscache C:\Windows\System32\dnsrslvr.dll
23:38:49.0528 3564 Dnscache - ok
23:38:49.0528 3564 [ 14452ACDB09B70964C8C21BF80A13ACB ] dot3svc C:\Windows\System32\dot3svc.dll
23:38:49.0528 3564 dot3svc - ok
23:38:49.0544 3564 [ 8C2BA6BEA949EE6E68385F5692BAFB94 ] DPS C:\Windows\system32\dps.dll
23:38:49.0544 3564 DPS - ok
23:38:49.0560 3564 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
23:38:49.0560 3564 drmkaud - ok
23:38:49.0606 3564 [ 1633B9ABF52784A1331476397A48CBEF ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
23:38:49.0606 3564 DXGKrnl - ok
23:38:49.0622 3564 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
23:38:49.0622 3564 EapHost - ok
23:38:49.0669 3564 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
23:38:49.0716 3564 ebdrv - ok
23:38:49.0731 3564 [ 156F6159457D0AA7E59B62681B56EB90 ] EFS C:\Windows\System32\lsass.exe
23:38:49.0747 3564 EFS - ok
23:38:49.0778 3564 [ 47C071994C3F649F23D9CD075AC9304A ] ehRecvr C:\Windows\ehome\ehRecvr.exe
23:38:49.0778 3564 ehRecvr - ok
23:38:49.0794 3564 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
23:38:49.0794 3564 ehSched - ok
23:38:49.0825 3564 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
23:38:49.0825 3564 elxstor - ok
23:38:49.0840 3564 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\DRIVERS\errdev.sys
23:38:49.0840 3564 ErrDev - ok
23:38:49.0856 3564 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
23:38:49.0856 3564 EventSystem - ok
23:38:49.0872 3564 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
23:38:49.0887 3564 exfat - ok
23:38:50.0090 3564 Fabs - ok
23:38:50.0090 3564 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
23:38:50.0090 3564 fastfat - ok
23:38:50.0121 3564 [ D607B2F1BEE3992AA6C2C92C0A2F0855 ] Fax C:\Windows\system32\fxssvc.exe
23:38:50.0121 3564 Fax - ok
23:38:50.0137 3564 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
23:38:50.0137 3564 fdc - ok
23:38:50.0137 3564 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
23:38:50.0137 3564 fdPHost - ok
23:38:50.0152 3564 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
23:38:50.0152 3564 FDResPub - ok
23:38:50.0168 3564 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
23:38:50.0168 3564 FileInfo - ok
23:38:50.0184 3564 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
23:38:50.0184 3564 Filetrace - ok
23:38:50.0230 3564 [ FFF1130F7C9FA01D093A1EDFC5CCE8FC ] FirebirdServerMAGIXInstance C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe
23:38:50.0277 3564 FirebirdServerMAGIXInstance - ok
23:38:50.0293 3564 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
23:38:50.0293 3564 flpydisk - ok
23:38:50.0324 3564 [ F7866AF72ABBAF84B1FA5AA195378C59 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
23:38:50.0324 3564 FltMgr - ok
23:38:50.0355 3564 [ CB5E4B9C319E3C6BB363EB7E58A4A051 ] FontCache C:\Windows\system32\FntCache.dll
23:38:50.0371 3564 FontCache - ok
23:38:50.0418 3564 [ 8D89E3131C27FDD6932189CB785E1B7A ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
23:38:50.0418 3564 FontCache3.0.0.0 - ok
23:38:50.0433 3564 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
23:38:50.0433 3564 FsDepends - ok
23:38:50.0464 3564 [ 07DA62C960DDCCC2D35836AEAB4FC578 ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
23:38:50.0464 3564 fssfltr - ok
23:38:50.0542 3564 [ 28DDEEEC44E988657B732CF404D504CB ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
23:38:50.0558 3564 fsssvc - ok
23:38:50.0589 3564 [ D3E3F93D67821A2DB2B3D9FAC2DC2064 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
23:38:50.0589 3564 Fs_Rec - ok
23:38:50.0620 3564 [ AE87BA80D0EC3B57126ED2CDC15B24ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
23:38:50.0620 3564 fvevol - ok
23:38:50.0652 3564 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
23:38:50.0652 3564 gagp30kx - ok
23:38:50.0683 3564 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
23:38:50.0683 3564 GEARAspiWDM - ok
23:38:50.0714 3564 [ FE5AB4525BC2EC68B9119A6E5D40128B ] gpsvc C:\Windows\System32\gpsvc.dll
23:38:50.0714 3564 gpsvc - ok
23:38:50.0761 3564 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
23:38:50.0761 3564 gupdate - ok
23:38:50.0776 3564 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
23:38:50.0776 3564 gupdatem - ok
23:38:50.0808 3564 [ 1E6438D4EA6E1174A3B3B1EDC4DE660B ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys
23:38:50.0808 3564 hamachi - ok
23:38:50.0886 3564 [ F10C3F2E002100BF8B797DCF283FEA7D ] Hamachi2Svc C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
23:38:50.0901 3564 Hamachi2Svc - ok
23:38:50.0917 3564 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
23:38:50.0917 3564 hcw85cir - ok
23:38:50.0932 3564 [ 6410F6F415B2A5A9037224C41DA8BF12 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
23:38:50.0948 3564 HdAudAddService - ok
23:38:50.0964 3564 [ 0A49913402747A0B67DE940FB42CBDBB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
23:38:50.0964 3564 HDAudBus - ok
23:38:50.0979 3564 [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
23:38:50.0995 3564 HECIx64 - ok
23:38:50.0995 3564 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
23:38:50.0995 3564 HidBatt - ok
23:38:51.0010 3564 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
23:38:51.0010 3564 HidBth - ok
23:38:51.0026 3564 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
23:38:51.0026 3564 HidIr - ok
23:38:51.0026 3564 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
23:38:51.0042 3564 hidserv - ok
23:38:51.0042 3564 [ B3BF6B5B50006DEF50B66306D99FCF6F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
23:38:51.0042 3564 HidUsb - ok
23:38:51.0073 3564 [ EFA58EDE58DD74388FFD04CB32681518 ] hkmsvc C:\Windows\system32\kmsvc.dll
23:38:51.0073 3564 hkmsvc - ok
23:38:51.0088 3564 [ 046B2673767CA626E2CFB7FDF735E9E8 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
23:38:51.0088 3564 HomeGroupListener - ok
23:38:51.0104 3564 [ 06A7422224D9865A5613710A089987DF ] HomeGroupProvider C:\Windows\system32\provsvc.dll
23:38:51.0120 3564 HomeGroupProvider - ok
23:38:51.0120 3564 [ 0886D440058F203EBA0E1825E4355914 ] HpSAMD C:\Windows\system32\DRIVERS\HpSAMD.sys
23:38:51.0135 3564 HpSAMD - ok
23:38:51.0151 3564 [ CEE049CAC4EFA7F4E1E4AD014414A5D4 ] HTTP C:\Windows\system32\drivers\HTTP.sys
23:38:51.0166 3564 HTTP - ok
23:38:51.0166 3564 [ F17766A19145F111856378DF337A5D79 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
23:38:51.0166 3564 hwpolicy - ok
23:38:51.0182 3564 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
23:38:51.0182 3564 i8042prt - ok
23:38:51.0213 3564 [ B75E45C564E944A2657167D197AB29DA ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
23:38:51.0229 3564 iaStorV - ok
23:38:51.0260 3564 [ 2F2BE70D3E02B6FA877921AB9516D43C ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
23:38:51.0276 3564 idsvc - ok
23:38:51.0354 3564 [ A87261EF1546325B559374F5689CF5BC ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
23:38:51.0432 3564 igfx - ok
23:38:51.0432 3564 Scan interrupted by user!
23:38:51.0432 3564 ================ Scan global ===============================
23:38:51.0432 3564 Scan interrupted by user!
23:38:51.0432 3564 ================ Scan MBR ==================================
23:38:51.0432 3564 Scan interrupted by user!
23:38:51.0432 3564 ================ Scan VBR ==================================
23:38:51.0432 3564 Scan interrupted by user!
23:38:51.0432 3564 ============================================================
23:38:51.0432 3564 Scan finished
23:38:51.0432 3564 ============================================================
23:38:51.0447 2944 Detected object count: 0
23:38:51.0447 2944 Actual detected object count: 0
23:38:59.0185 5032 ============================================================
23:38:59.0185 5032 Scan started
23:38:59.0185 5032 Mode: Manual; TDLFS;
23:38:59.0185 5032 ============================================================
23:38:59.0590 5032 ================ Scan system memory ========================
23:38:59.0590 5032 System memory - ok
23:38:59.0590 5032 ================ Scan services =============================
23:38:59.0653 5032 [ 7D9D615201A483D6FA99491C2E655A5A ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
23:38:59.0653 5032 !SASCORE - ok
23:38:59.0731 5032 [ 969C91060CBB5D17CB8440B5F78B4C51 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
23:38:59.0731 5032 1394ohci - ok
23:38:59.0746 5032 [ 6F11E88748CDEFD2F76AA215F97DDFE5 ] ACPI C:\Windows\system32\DRIVERS\ACPI.sys
23:38:59.0762 5032 ACPI - ok
23:38:59.0762 5032 [ 63B05A0420CE4BF0E4AF6DCC7CADA254 ] AcpiPmi C:\Windows\system32\DRIVERS\acpipmi.sys
23:38:59.0762 5032 AcpiPmi - ok
23:38:59.0778 5032 [ D44BCAF639E4E45307C2BC80715273D5 ] adfs C:\Windows\system32\drivers\adfs.sys
23:38:59.0778 5032 adfs - ok
23:38:59.0840 5032 [ B2B64AF436FACCFA854DD397027C5360 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
23:38:59.0840 5032 AdobeFlashPlayerUpdateSvc - ok
23:38:59.0856 5032 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
23:38:59.0856 5032 adp94xx - ok
23:38:59.0871 5032 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
23:38:59.0871 5032 adpahci - ok
23:38:59.0902 5032 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
23:38:59.0902 5032 adpu320 - ok
23:38:59.0918 5032 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
23:38:59.0918 5032 AeLookupSvc - ok
23:38:59.0965 5032 [ DB9D6C6B2CD95A9CA414D045B627422E ] AFD C:\Windows\system32\drivers\afd.sys
23:38:59.0965 5032 AFD - ok
23:38:59.0980 5032 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\DRIVERS\agp440.sys
23:38:59.0980 5032 agp440 - ok
23:38:59.0980 5032 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
23:38:59.0980 5032 ALG - ok
23:38:59.0996 5032 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\DRIVERS\aliide.sys
23:38:59.0996 5032 aliide - ok
23:39:00.0012 5032 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\DRIVERS\amdide.sys
23:39:00.0012 5032 amdide - ok
23:39:00.0027 5032 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
23:39:00.0027 5032 AmdK8 - ok
23:39:00.0027 5032 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
23:39:00.0027 5032 AmdPPM - ok
23:39:00.0058 5032 [ EC7EBAB00A4D8448BAB68D1E49B4BEB9 ] amdsata C:\Windows\system32\drivers\amdsata.sys
23:39:00.0058 5032 amdsata - ok
23:39:00.0074 5032 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
23:39:00.0074 5032 amdsbs - ok
23:39:00.0074 5032 [ DB27766102C7BF7E95140A2AA81D042E ] amdxata C:\Windows\system32\drivers\amdxata.sys
23:39:00.0074 5032 amdxata - ok
23:39:00.0090 5032 ANIWConnService - ok
23:39:00.0090 5032 [ 4CCF421E6C4B2A4CBCE000715911F7CC ] anodlwf C:\Windows\system32\DRIVERS\anodlwfx.sys
23:39:00.0090 5032 anodlwf - ok
23:39:00.0105 5032 [ 42FD751B27FA0E9C69BB39F39E409594 ] AppID C:\Windows\system32\drivers\appid.sys
23:39:00.0105 5032 AppID - ok
23:39:00.0121 5032 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
23:39:00.0121 5032 AppIDSvc - ok
23:39:00.0136 5032 [ D065BE66822847B7F127D1F90158376E ] Appinfo C:\Windows\System32\appinfo.dll
23:39:00.0136 5032 Appinfo - ok
23:39:00.0183 5032 [ 7EF47644B74EBE721CC32211D3C35E76 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
23:39:00.0183 5032 Apple Mobile Device - ok
23:39:00.0199 5032 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
23:39:00.0199 5032 arc - ok
23:39:00.0214 5032 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
23:39:00.0214 5032 arcsas - ok
23:39:00.0277 5032 [ A82C01606DC27D05D9D3BFB6BB807E32 ] AsIO C:\Windows\syswow64\drivers\AsIO.sys
23:39:00.0277 5032 AsIO - ok
23:39:00.0277 5032 [ 26D66E32E78D3059715B3A17BC679CD9 ] AsUpIO C:\Windows\syswow64\drivers\AsUpIO.sys
23:39:00.0277 5032 AsUpIO - ok
23:39:00.0292 5032 [ 55142B4F7A7E4C9C151C6000A6BF7809 ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
23:39:00.0292 5032 aswFsBlk - ok
23:39:00.0324 5032 [ AA9FDE3D630160B47DAB21BF8250111C ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
23:39:00.0324 5032 aswMonFlt - ok
23:39:00.0339 5032 [ 2A6675C24DF5159A9506CD13ECE5ABE9 ] aswRdr C:\Windows\System32\Drivers\aswrdr2.sys
23:39:00.0339 5032 aswRdr - ok
23:39:00.0370 5032 [ 4E38475BDB51A867CCBA7D5DF7FDFC0C ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
23:39:00.0370 5032 aswSnx - ok
23:39:00.0386 5032 [ 9A49D80D65451AF22913AEF772CC3DA9 ] aswSP C:\Windows\system32\drivers\aswSP.sys
23:39:00.0386 5032 aswSP - ok
23:39:00.0402 5032 [ C3EC420451AC5300A22190AE38418FBA ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
23:39:00.0402 5032 aswTdi - ok
23:39:00.0417 5032 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
23:39:00.0417 5032 AsyncMac - ok
23:39:00.0417 5032 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\DRIVERS\atapi.sys
23:39:00.0433 5032 atapi - ok
23:39:00.0448 5032 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
23:39:00.0448 5032 AudioEndpointBuilder - ok
23:39:00.0448 5032 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioSrv C:\Windows\System32\Audiosrv.dll
23:39:00.0448 5032 AudioSrv - ok
23:39:00.0511 5032 [ 04AC21E821F259845BD7367CEE057290 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
23:39:00.0511 5032 avast! Antivirus - ok
23:39:00.0526 5032 AVG Security Toolbar Service - ok
23:39:00.0542 5032 [ B20B5FA5CA050E9926E4D1DB81501B32 ] AxInstSV C:\Windows\System32\AxInstSV.dll
23:39:00.0542 5032 AxInstSV - ok
23:39:00.0558 5032 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
23:39:00.0558 5032 b06bdrv - ok
23:39:00.0573 5032 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
23:39:00.0573 5032 b57nd60a - ok
23:39:00.0604 5032 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
23:39:00.0604 5032 BDESVC - ok
23:39:00.0620 5032 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
23:39:00.0620 5032 Beep - ok
23:39:00.0636 5032 [ 4992C609A6315671463E30F6512BC022 ] BFE C:\Windows\System32\bfe.dll
23:39:00.0636 5032 BFE - ok
23:39:00.0651 5032 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
23:39:00.0651 5032 blbdrive - ok
23:39:00.0682 5032 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
23:39:00.0682 5032 Bonjour Service - ok
23:39:00.0714 5032 [ 19D20159708E152267E53B66677A4995 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
23:39:00.0714 5032 bowser - ok
23:39:00.0714 5032 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
23:39:00.0714 5032 BrFiltLo - ok
23:39:00.0729 5032 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
23:39:00.0729 5032 BrFiltUp - ok
23:39:00.0745 5032 [ 6B054C67AAA87843504E8E3C09102009 ] Browser C:\Windows\System32\browser.dll
23:39:00.0745 5032 Browser - ok
23:39:00.0760 5032 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
23:39:00.0760 5032 Brserid - ok
23:39:00.0776 5032 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
23:39:00.0776 5032 BrSerWdm - ok
23:39:00.0792 5032 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
23:39:00.0792 5032 BrUsbMdm - ok
23:39:00.0792 5032 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
23:39:00.0792 5032 BrUsbSer - ok
23:39:00.0807 5032 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
23:39:00.0807 5032 BTHMODEM - ok
23:39:00.0823 5032 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
23:39:00.0823 5032 bthserv - ok
23:39:00.0838 5032 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
23:39:00.0838 5032 cdfs - ok
23:39:00.0854 5032 [ 83D2D75E1EFB81B3450C18131443F7DB ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
23:39:00.0854 5032 cdrom - ok
23:39:00.0870 5032 [ 312E2F82AF11E79906898AC3E3D58A1F ] CertPropSvc C:\Windows\System32\certprop.dll
23:39:00.0870 5032 CertPropSvc - ok
23:39:00.0885 5032 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
23:39:00.0885 5032 circlass - ok
23:39:00.0901 5032 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
23:39:00.0901 5032 CLFS - ok
23:39:00.0932 5032 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:39:00.0932 5032 clr_optimization_v2.0.50727_32 - ok
23:39:00.0979 5032 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
23:39:00.0979 5032 clr_optimization_v2.0.50727_64 - ok
23:39:01.0010 5032 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
23:39:01.0010 5032 clr_optimization_v4.0.30319_32 - ok
23:39:01.0026 5032 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
23:39:01.0026 5032 clr_optimization_v4.0.30319_64 - ok
23:39:01.0026 5032 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
23:39:01.0026 5032 CmBatt - ok
23:39:01.0041 5032 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\DRIVERS\cmdide.sys
23:39:01.0041 5032 cmdide - ok
23:39:01.0072 5032 [ CA7720B73446FDDEC5C69519C1174C98 ] CNG C:\Windows\system32\Drivers\cng.sys
23:39:01.0072 5032 CNG - ok
23:39:01.0088 5032 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
23:39:01.0088 5032 Compbatt - ok
23:39:01.0104 5032 [ F26B3A86F6FA87CA360B879581AB4123 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
23:39:01.0104 5032 CompositeBus - ok
23:39:01.0104 5032 COMSysApp - ok
23:39:01.0182 5032 cpuz134 - ok
23:39:01.0197 5032 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
23:39:01.0197 5032 crcdisk - ok
23:39:01.0244 5032 [ F02786B66375292E58C8777082D4396D ] CryptSvc C:\Windows\system32\cryptsvc.dll
23:39:01.0244 5032 CryptSvc - ok
23:39:01.0275 5032 [ 882FE32D6787C124D9D1F95473CF11CC ] Darusb_win7x C:\Windows\system32\DRIVERS\Darusb_win7x.sys
23:39:01.0275 5032 Darusb_win7x - ok
23:39:01.0306 5032 [ 7266972E86890E2B30C0C322E906B027 ] DcomLaunch C:\Windows\system32\rpcss.dll
23:39:01.0306 5032 DcomLaunch - ok
23:39:01.0306 5032 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
23:39:01.0322 5032 defragsvc - ok
23:39:01.0353 5032 [ 0A403702CB00432AC818523CD416BF67 ] Device Handle Service C:\Windows\SysWOW64\AsHookDevice.exe
23:39:01.0353 5032 Device Handle Service - ok
23:39:01.0384 5032 [ 9C253CE7311CA60FC11C774692A13208 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
23:39:01.0400 5032 DfsC - ok
23:39:01.0431 5032 [ CE3B9562D997F69B330D181A8875960F ] Dhcp C:\Windows\system32\dhcpcore.dll
23:39:01.0431 5032 Dhcp - ok
23:39:01.0431 5032 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
23:39:01.0431 5032 discache - ok
23:39:01.0447 5032 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
23:39:01.0447 5032 Disk - ok
23:39:01.0462 5032 [ 85CF424C74A1D5EC33533E1DBFF9920A ] Dnscache C:\Windows\System32\dnsrslvr.dll
23:39:01.0462 5032 Dnscache - ok
23:39:01.0478 5032 [ 14452ACDB09B70964C8C21BF80A13ACB ] dot3svc C:\Windows\System32\dot3svc.dll
23:39:01.0478 5032 dot3svc - ok
23:39:01.0494 5032 [ 8C2BA6BEA949EE6E68385F5692BAFB94 ] DPS C:\Windows\system32\dps.dll
23:39:01.0494 5032 DPS - ok
23:39:01.0509 5032 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
23:39:01.0509 5032 drmkaud - ok
23:39:01.0540 5032 [ 1633B9ABF52784A1331476397A48CBEF ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
23:39:01.0540 5032 DXGKrnl - ok
23:39:01.0556 5032 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
23:39:01.0556 5032 EapHost - ok
23:39:01.0603 5032 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
23:39:01.0618 5032 ebdrv - ok
23:39:01.0634 5032 [ 156F6159457D0AA7E59B62681B56EB90 ] EFS C:\Windows\System32\lsass.exe
23:39:01.0634 5032 EFS - ok
23:39:01.0665 5032 [ 47C071994C3F649F23D9CD075AC9304A ] ehRecvr C:\Windows\ehome\ehRecvr.exe
23:39:01.0665 5032 ehRecvr - ok
23:39:01.0696 5032 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
23:39:01.0696 5032 ehSched - ok
23:39:01.0712 5032 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
23:39:01.0712 5032 elxstor - ok
23:39:01.0728 5032 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\DRIVERS\errdev.sys
23:39:01.0728 5032 ErrDev - ok
23:39:01.0743 5032 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
23:39:01.0743 5032 EventSystem - ok
23:39:01.0759 5032 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
23:39:01.0759 5032 exfat - ok
23:39:01.0806 5032 Fabs - ok
23:39:01.0821 5032 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
23:39:01.0821 5032 fastfat - ok
23:39:01.0837 5032 [ D607B2F1BEE3992AA6C2C92C0A2F0855 ] Fax C:\Windows\system32\fxssvc.exe
23:39:01.0837 5032 Fax - ok
23:39:01.0852 5032 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
23:39:01.0852 5032 fdc - ok
23:39:01.0868 5032 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
23:39:01.0868 5032 fdPHost - ok
23:39:01.0868 5032 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
23:39:01.0868 5032 FDResPub - ok
23:39:01.0884 5032 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
23:39:01.0884 5032 FileInfo - ok
23:39:01.0884 5032 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
23:39:01.0884 5032 Filetrace - ok
23:39:01.0930 5032 [ FFF1130F7C9FA01D093A1EDFC5CCE8FC ] FirebirdServerMAGIXInstance C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe
23:39:01.0946 5032 FirebirdServerMAGIXInstance - ok
23:39:01.0977 5032 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
23:39:01.0977 5032 flpydisk - ok
23:39:01.0993 5032 [ F7866AF72ABBAF84B1FA5AA195378C59 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
23:39:01.0993 5032 FltMgr - ok
23:39:02.0024 5032 [ CB5E4B9C319E3C6BB363EB7E58A4A051 ] FontCache C:\Windows\system32\FntCache.dll
23:39:02.0040 5032 FontCache - ok
23:39:02.0102 5032 [ 8D89E3131C27FDD6932189CB785E1B7A ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
23:39:02.0102 5032 FontCache3.0.0.0 - ok
23:39:02.0118 5032 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
23:39:02.0118 5032 FsDepends - ok
23:39:02.0133 5032 [ 07DA62C960DDCCC2D35836AEAB4FC578 ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
23:39:02.0133 5032 fssfltr - ok
23:39:02.0211 5032 [ 28DDEEEC44E988657B732CF404D504CB ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
23:39:02.0227 5032 fsssvc - ok
23:39:02.0242 5032 [ D3E3F93D67821A2DB2B3D9FAC2DC2064 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
23:39:02.0242 5032 Fs_Rec - ok
23:39:02.0274 5032 [ AE87BA80D0EC3B57126ED2CDC15B24ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
23:39:02.0274 5032 fvevol - ok
23:39:02.0274 5032 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
23:39:02.0274 5032 gagp30kx - ok
23:39:02.0305 5032 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
23:39:02.0305 5032 GEARAspiWDM - ok
23:39:02.0320 5032 [ FE5AB4525BC2EC68B9119A6E5D40128B ] gpsvc C:\Windows\System32\gpsvc.dll
23:39:02.0336 5032 gpsvc - ok
23:39:02.0367 5032 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
23:39:02.0367 5032 gupdate - ok
23:39:02.0367 5032 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
23:39:02.0367 5032 gupdatem - ok
23:39:02.0398 5032 [ 1E6438D4EA6E1174A3B3B1EDC4DE660B ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys
23:39:02.0398 5032 hamachi - ok
23:39:02.0461 5032 [ F10C3F2E002100BF8B797DCF283FEA7D ] Hamachi2Svc C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
23:39:02.0476 5032 Hamachi2Svc - ok
23:39:02.0492 5032 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
23:39:02.0492 5032 hcw85cir - ok
23:39:02.0508 5032 [ 6410F6F415B2A5A9037224C41DA8BF12 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
23:39:02.0508 5032 HdAudAddService - ok
23:39:02.0523 5032 [ 0A49913402747A0B67DE940FB42CBDBB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
23:39:02.0523 5032 HDAudBus - ok
23:39:02.0539 5032 [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
23:39:02.0539 5032 HECIx64 - ok
23:39:02.0539 5032 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
23:39:02.0539 5032 HidBatt - ok
23:39:02.0554 5032 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
23:39:02.0554 5032 HidBth - ok
23:39:02.0570 5032 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
23:39:02.0570 5032 HidIr - ok
23:39:02.0586 5032 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
23:39:02.0586 5032 hidserv - ok
23:39:02.0586 5032 [ B3BF6B5B50006DEF50B66306D99FCF6F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
23:39:02.0586 5032 HidUsb - ok
23:39:02.0617 5032 [ EFA58EDE58DD74388FFD04CB32681518 ] hkmsvc C:\Windows\system32\kmsvc.dll
23:39:02.0617 5032 hkmsvc - ok
23:39:02.0632 5032 [ 046B2673767CA626E2CFB7FDF735E9E8 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
23:39:02.0632 5032 HomeGroupListener - ok
23:39:02.0648 5032 [ 06A7422224D9865A5613710A089987DF ] HomeGroupProvider C:\Windows\system32\provsvc.dll
23:39:02.0664 5032 HomeGroupProvider - ok
23:39:02.0679 5032 [ 0886D440058F203EBA0E1825E4355914 ] HpSAMD C:\Windows\system32\DRIVERS\HpSAMD.sys
23:39:02.0679 5032 HpSAMD - ok
23:39:02.0695 5032 [ CEE049CAC4EFA7F4E1E4AD014414A5D4 ] HTTP C:\Windows\system32\drivers\HTTP.sys
23:39:02.0695 5032 HTTP - ok
23:39:02.0710 5032 [ F17766A19145F111856378DF337A5D79 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
23:39:02.0710 5032 hwpolicy - ok
23:39:02.0726 5032 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
23:39:02.0726 5032 i8042prt - ok
23:39:02.0757 5032 [ B75E45C564E944A2657167D197AB29DA ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
23:39:02.0757 5032 iaStorV - ok
23:39:02.0788 5032 [ 2F2BE70D3E02B6FA877921AB9516D43C ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
23:39:02.0788 5032 idsvc - ok
23:39:02.0882 5032 [ A87261EF1546325B559374F5689CF5BC ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
23:39:02.0913 5032 igfx - ok
23:39:02.0944 5032 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
23:39:02.0944 5032 iirsp - ok
23:39:02.0960 5032 [ C5B4683680DF085B57BC53E5EF34861F ] IKEEXT C:\Windows\System32\ikeext.dll
23:39:02.0976 5032 IKEEXT - ok
23:39:03.0132 5032 [ F04D22D7A49A1B2210DBADF0B803E870 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
23:39:03.0163 5032 IntcAzAudAddService - ok
23:39:03.0163 5032 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\DRIVERS\intelide.sys
23:39:03.0163 5032 intelide - ok
23:39:03.0194 5032 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
23:39:03.0194 5032 intelppm - ok
23:39:03.0194 5032 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
23:39:03.0194 5032 IPBusEnum - ok
23:39:03.0210 5032 [ 722DD294DF62483CECAAE6E094B4D695 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
23:39:03.0210 5032 IpFilterDriver - ok
23:39:03.0210 5032 [ E2B4A4494DB7CB9B89B55CA268C337C5 ] IPMIDRV C:\Windows\system32\DRIVERS\IPMIDrv.sys
23:39:03.0225 5032 IPMIDRV - ok
23:39:03.0256 5032 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
23:39:03.0256 5032 IPNAT - ok
23:39:03.0319 5032 [ 755E4BA6DCE627A2683BB7640553C8D6 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
23:39:03.0319 5032 iPod Service - ok
23:39:03.0334 5032 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
23:39:03.0334 5032 IRENUM - ok
23:39:03.0350 5032 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\DRIVERS\isapnp.sys
23:39:03.0350 5032 isapnp - ok
23:39:03.0366 5032 [ FA4D2557DE56D45B0A346F93564BE6E1 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
23:39:03.0366 5032 iScsiPrt - ok
23:39:03.0381 5032 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
23:39:03.0381 5032 kbdclass - ok
23:39:03.0397 5032 [ 6DEF98F8541E1B5DCEB2C822A11F7323 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
23:39:03.0397 5032 kbdhid - ok
23:39:03.0412 5032 [ 156F6159457D0AA7E59B62681B56EB90 ] KeyIso C:\Windows\system32\lsass.exe
23:39:03.0412 5032 KeyIso - ok
23:39:03.0444 5032 [ 4F4B5FDE429416877DE7143044582EB5 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
23:39:03.0444 5032 KSecDD - ok
23:39:03.0475 5032 [ 6F40465A44ECDC1731BEFAFEC5BDD03C ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
23:39:03.0475 5032 KSecPkg - ok
23:39:03.0490 5032 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
23:39:03.0490 5032 ksthunk - ok
23:39:03.0506 5032 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
23:39:03.0522 5032 KtmRm - ok
23:39:03.0537 5032 [ 2AC603C3188C704CFCE353659AA7AD71 ] L1E C:\Windows\system32\DRIVERS\L1E62x64.sys
23:39:03.0537 5032 L1E - ok
23:39:03.0553 5032 [ 81F1D04D4D0E433099365127375FD501 ] LanmanServer C:\Windows\system32\srvsvc.dll
23:39:03.0568 5032 LanmanServer - ok
23:39:03.0584 5032 [ 27026EAC8818E8A6C00A1CAD2F11D29A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
23:39:03.0584 5032 LanmanWorkstation - ok
23:39:03.0631 5032 [ 87D6731F70D017590E12735ECC746CDE ] LGDDCDevice C:\Program Files (x86)\LG Soft India\forteManager\bin\I2CDriver.sys
23:39:03.0631 5032 LGDDCDevice - ok
23:39:03.0646 5032 [ 089010666D9EA3BD17AFEDE301950B09 ] LGII2CDevice C:\Program Files (x86)\LG Soft India\forteManager\bin\PII2CDriver.sys
23:39:03.0646 5032 LGII2CDevice - ok
23:39:03.0662 5032 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
23:39:03.0662 5032 lltdio - ok
23:39:03.0678 5032 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
23:39:03.0693 5032 lltdsvc - ok
23:39:03.0709 5032 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
23:39:03.0709 5032 lmhosts - ok
23:39:03.0756 5032 [ A1C148801B4AF64847AEB9F3AD9594EF ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
23:39:03.0756 5032 LMS - ok
23:39:03.0787 5032 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
23:39:03.0787 5032 LSI_FC - ok
23:39:03.0787 5032 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
23:39:03.0787 5032 LSI_SAS - ok
23:39:03.0802 5032 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
23:39:03.0802 5032 LSI_SAS2 - ok
23:39:03.0818 5032 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
23:39:03.0818 5032 LSI_SCSI - ok
23:39:03.0834 5032 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
23:39:03.0834 5032 luafv - ok
23:39:03.0849 5032 [ F84C8F1000BC11E3B7B23CBD3BAFF111 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
23:39:03.0849 5032 Mcx2Svc - ok
23:39:03.0865 5032 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
23:39:03.0865 5032 megasas - ok
23:39:03.0880 5032 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
23:39:03.0880 5032 MegaSR - ok
23:39:03.0912 5032 Microsoft SharePoint Workspace Audit Service - ok
23:39:03.0927 5032 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
23:39:03.0927 5032 MMCSS - ok
23:39:03.0943 5032 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
23:39:03.0943 5032 Modem - ok
23:39:03.0958 5032 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
23:39:03.0958 5032 monitor - ok
23:39:03.0974 5032 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
23:39:03.0974 5032 mouclass - ok
23:39:03.0974 5032 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
23:39:03.0974 5032 mouhid - ok
23:39:03.0990 5032 [ 791AF66C4D0E7C90A3646066386FB571 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
23:39:03.0990 5032 mountmgr - ok
23:39:04.0021 5032 [ E8D79312373F254DC13F3965BDB3D521 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
23:39:04.0021 5032 MozillaMaintenance - ok
23:39:04.0036 5032 [ 609D1D87649ECC19796F4D76D4C15CEA ] mpio C:\Windows\system32\DRIVERS\mpio.sys
23:39:04.0036 5032 mpio - ok
23:39:04.0052 5032 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
23:39:04.0052 5032 mpsdrv - ok
23:39:04.0068 5032 [ 30524261BB51D96D6FCBAC20C810183C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
23:39:04.0068 5032 MRxDAV - ok
23:39:04.0083 5032 [ 040D62A9D8AD28922632137ACDD984F2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
23:39:04.0099 5032 mrxsmb - ok
23:39:04.0130 5032 [ F0067552F8F9B33D7C59403AB808A3CB ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
23:39:04.0130 5032 mrxsmb10 - ok
23:39:04.0146 5032 [ 3C142D31DE9F2F193218A53FE2632051 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
23:39:04.0146 5032 mrxsmb20 - ok
23:39:04.0161 5032 [ 5C37497276E3B3A5488B23A326A754B7 ] msahci C:\Windows\system32\DRIVERS\msahci.sys
23:39:04.0161 5032 msahci - ok
23:39:04.0161 5032 [ 8D27B597229AED79430FB9DB3BCBFBD0 ] msdsm C:\Windows\system32\DRIVERS\msdsm.sys
23:39:04.0161 5032 msdsm - ok
23:39:04.0177 5032 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
23:39:04.0177 5032 MSDTC - ok
23:39:04.0208 5032 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
23:39:04.0208 5032 Msfs - ok
23:39:04.0208 5032 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
23:39:04.0208 5032 mshidkmdf - ok
23:39:04.0224 5032 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\DRIVERS\msisadrv.sys
23:39:04.0224 5032 msisadrv - ok
23:39:04.0239 5032 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
23:39:04.0239 5032 MSiSCSI - ok
23:39:04.0255 5032 msiserver - ok
23:39:04.0270 5032 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
23:39:04.0270 5032 MSKSSRV - ok
23:39:04.0270 5032 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
23:39:04.0286 5032 MSPCLOCK - ok
23:39:04.0286 5032 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
23:39:04.0286 5032 MSPQM - ok
23:39:04.0302 5032 [ 89CB141AA8616D8C6A4610FA26C60964 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
23:39:04.0317 5032 MsRPC - ok
23:39:04.0317 5032 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
23:39:04.0317 5032 mssmbios - ok
23:39:04.0317 5032 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
23:39:04.0317 5032 MSTEE - ok
23:39:04.0333 5032 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
23:39:04.0333 5032 MTConfig - ok
23:39:04.0364 5032 [ 19B006B181E3875FD254F7B67ACF1E7C ] MTsensor C:\Windows\system32\DRIVERS\ASACPI.sys
23:39:04.0364 5032 MTsensor - ok
23:39:04.0380 5032 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
23:39:04.0380 5032 Mup - ok
23:39:04.0411 5032 [ 4987E079A4530FA737A128BE54B63B12 ] napagent C:\Windows\system32\qagentRT.dll
23:39:04.0411 5032 napagent - ok
23:39:04.0442 5032 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
23:39:04.0442 5032 NativeWifiP - ok
23:39:04.0473 5032 [ CAD515DBD07D082BB317D9928CE8962C ] NDIS C:\Windows\system32\drivers\ndis.sys
23:39:04.0473 5032 NDIS - ok
23:39:04.0489 5032 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
23:39:04.0489 5032 NdisCap - ok
23:39:04.0504 5032 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
23:39:04.0504 5032 NdisTapi - ok
23:39:04.0536 5032 [ F105BA1E22BF1F2EE8F005D4305E4BEC ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
23:39:04.0551 5032 Ndisuio - ok
23:39:04.0551 5032 [ 557DFAB9CA1FCB036AC77564C010DAD3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
23:39:04.0567 5032 NdisWan - ok
23:39:04.0567 5032 [ 659B74FB74B86228D6338D643CD3E3CF ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
23:39:04.0567 5032 NDProxy - ok
23:39:04.0614 5032 [ DC6530A291D4BDF6DF399F1F128E7F8F ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
23:39:04.0614 5032 Net Driver HPZ12 - ok
23:39:04.0614 5032 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
23:39:04.0629 5032 NetBIOS - ok
23:39:04.0629 5032 [ 9162B273A44AB9DCE5B44362731D062A ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
23:39:04.0629 5032 NetBT - ok
23:39:04.0629 5032 [ 156F6159457D0AA7E59B62681B56EB90 ] Netlogon C:\Windows\system32\lsass.exe
23:39:04.0645 5032 Netlogon - ok
23:39:04.0660 5032 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
23:39:04.0676 5032 Netman - ok
23:39:04.0692 5032 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
23:39:04.0692 5032 netprofm - ok
23:39:04.0707 5032 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
23:39:04.0707 5032 NetTcpPortSharing - ok
23:39:04.0723 5032 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
23:39:04.0738 5032 nfrd960 - ok
23:39:04.0754 5032 [ D9A0CE66046D6EFA0C61BAA885CBA0A8 ] NlaSvc C:\Windows\System32\nlasvc.dll
23:39:04.0754 5032 NlaSvc - ok
23:39:04.0754 5032 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
23:39:04.0754 5032 Npfs - ok
23:39:04.0770 5032 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
23:39:04.0770 5032 nsi - ok
23:39:04.0785 5032 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
23:39:04.0785 5032 nsiproxy - ok
23:39:04.0816 5032 [ 378E0E0DFEA67D98AE6EA53ADBBD76BC ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
23:39:04.0848 5032 Ntfs - ok
23:39:04.0863 5032 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
23:39:04.0863 5032 Null - ok
23:39:04.0879 5032 [ E20ABD5B229760158F753CA90B97E090 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
23:39:04.0894 5032 NVHDA - ok
23:39:05.0066 5032 [ 9D5229F2193E44E1A0928A8EA8CD21EC ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
23:39:05.0206 5032 nvlddmkm - ok
23:39:05.0238 5032 [ A4D9C9A608A97F59307C2F2600EDC6A4 ] nvraid C:\Windows\system32\drivers\nvraid.sys
23:39:05.0253 5032 nvraid - ok
23:39:05.0269 5032 [ 6C1D5F70E7A6A3FD1C90D840EDC048B9 ] nvstor C:\Windows\system32\drivers\nvstor.sys
23:39:05.0269 5032 nvstor - ok
23:39:05.0284 5032 [ F6EA7DC571335D95DD689E6269C5B55A ] nvsvc C:\Windows\system32\nvvsvc.exe
23:39:05.0284 5032 nvsvc - ok
23:39:05.0316 5032 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\DRIVERS\nv_agp.sys
23:39:05.0316 5032 nv_agp - ok
23:39:05.0316 5032 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
23:39:05.0316 5032 ohci1394 - ok
23:39:05.0362 5032 [ 4965B005492CBA7719E82B71E3245495 ] ose64 C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
23:39:05.0362 5032 ose64 - ok
23:39:05.0472 5032 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
23:39:05.0534 5032 osppsvc - ok
23:39:05.0550 5032 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
23:39:05.0550 5032 p2pimsvc - ok
23:39:05.0565 5032 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
23:39:05.0565 5032 p2psvc - ok
23:39:05.0581 5032 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
23:39:05.0581 5032 Parport - ok
23:39:05.0612 5032 [ 90061B1ACFE8CCAA5345750FFE08D8B8 ] partmgr C:\Windows\system32\drivers\partmgr.sys
23:39:05.0612 5032 partmgr - ok
23:39:05.0612 5032 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
23:39:05.0612 5032 PcaSvc - ok
23:39:05.0628 5032 [ F36F6504009F2FB0DFD1B17A116AD74B ] pci C:\Windows\system32\DRIVERS\pci.sys
23:39:05.0643 5032 pci - ok
23:39:05.0643 5032 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\DRIVERS\pciide.sys
23:39:05.0643 5032 pciide - ok
23:39:05.0659 5032 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
23:39:05.0659 5032 pcmcia - ok
23:39:05.0674 5032 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
23:39:05.0674 5032 pcw - ok
23:39:05.0690 5032 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
23:39:05.0706 5032 PEAUTH - ok
23:39:05.0752 5032 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
23:39:05.0752 5032 PerfHost - ok
23:39:05.0784 5032 [ 557E9A86F65F0DE18C9B6751DFE9D3F1 ] pla C:\Windows\system32\pla.dll
23:39:05.0815 5032 pla - ok
23:39:05.0846 5032 [ 98B1721B8718164293B9701B98C52D77 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
23:39:05.0846 5032 PlugPlay - ok
23:39:05.0877 5032 [ 71F62C51DFDFBC04C83C5C64B2B8058E ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
23:39:05.0877 5032 Pml Driver HPZ12 - ok
23:39:05.0893 5032 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
23:39:05.0908 5032 PNRPAutoReg - ok
23:39:05.0908 5032 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
23:39:05.0908 5032 PNRPsvc - ok
23:39:05.0924 5032 [ 166EB40D1F5B47E615DE3D0FFFE5F243 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
23:39:05.0924 5032 PolicyAgent - ok
23:39:05.0940 5032 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
23:39:05.0955 5032 Power - ok
23:39:05.0971 5032 [ 27CC19E81BA5E3403C48302127BDA717 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
23:39:05.0971 5032 PptpMiniport - ok
23:39:05.0986 5032 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
23:39:05.0986 5032 Processor - ok
23:39:06.0002 5032 [ 97293447431311C06703368AD0F6C4BE ] ProfSvc C:\Windows\system32\profsvc.dll
23:39:06.0002 5032 ProfSvc - ok
23:39:06.0018 5032 [ 156F6159457D0AA7E59B62681B56EB90 ] ProtectedStorage C:\Windows\system32\lsass.exe
23:39:06.0018 5032 ProtectedStorage - ok
23:39:06.0049 5032 [ EE992183BD8EAEFD9973F352E587A299 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
23:39:06.0049 5032 Psched - ok
23:39:06.0080 5032 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
23:39:06.0096 5032 ql2300 - ok
23:39:06.0111 5032 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
23:39:06.0111 5032 ql40xx - ok
23:39:06.0127 5032 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
23:39:06.0127 5032 QWAVE - ok
23:39:06.0142 5032 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
23:39:06.0142 5032 QWAVEdrv - ok
23:39:06.0158 5032 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
23:39:06.0158 5032 RasAcd - ok
23:39:06.0174 5032 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
23:39:06.0174 5032 RasAgileVpn - ok
23:39:06.0189 5032 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
23:39:06.0189 5032 RasAuto - ok
23:39:06.0205 5032 [ 87A6E852A22991580D6D39ADC4790463 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
23:39:06.0205 5032 Rasl2tp - ok
23:39:06.0220 5032 [ 47394ED3D16D053F5906EFE5AB51CC83 ] RasMan C:\Windows\System32\rasmans.dll
23:39:06.0236 5032 RasMan - ok
23:39:06.0236 5032 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
23:39:06.0252 5032 RasPppoe - ok
23:39:06.0252 5032 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
23:39:06.0252 5032 RasSstp - ok
23:39:06.0267 5032 [ 3BAC8142102C15D59A87757C1D41DCE5 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
23:39:06.0267 5032 rdbss - ok
23:39:06.0283 5032 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
23:39:06.0283 5032 rdpbus - ok
23:39:06.0298 5032 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
23:39:06.0298 5032 RDPCDD - ok
23:39:06.0314 5032 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
23:39:06.0314 5032 RDPENCDD - ok
23:39:06.0314 5032 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
23:39:06.0314 5032 RDPREFMP - ok
23:39:06.0330 5032 [ 447DE7E3DEA39D422C1504F245B668B1 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
23:39:06.0330 5032 RDPWD - ok
23:39:06.0345 5032 [ 634B9A2181D98F15941236886164EC8B ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
23:39:06.0345 5032 rdyboost - ok
23:39:06.0361 5032 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
23:39:06.0376 5032 RemoteAccess - ok
23:39:06.0392 5032 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
23:39:06.0392 5032 RemoteRegistry - ok
23:39:06.0408 5032 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
23:39:06.0408 5032 RpcEptMapper - ok
23:39:06.0423 5032 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
23:39:06.0423 5032 RpcLocator - ok
23:39:06.0439 5032 [ 7266972E86890E2B30C0C322E906B027 ] RpcSs C:\Windows\system32\rpcss.dll
23:39:06.0439 5032 RpcSs - ok
23:39:06.0454 5032 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
23:39:06.0454 5032 rspndr - ok
23:39:06.0486 5032 [ 3B01789EE4EAEE97F5EB46B711387D5E ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
23:39:06.0486 5032 RTL8167 - ok
23:39:06.0501 5032 [ 156F6159457D0AA7E59B62681B56EB90 ] SamSs C:\Windows\system32\lsass.exe
23:39:06.0501 5032 SamSs - ok
23:39:06.0548 5032 [ 3289766038DB2CB14D07DC84392138D5 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
23:39:06.0548 5032 SASDIFSV - ok
23:39:06.0564 5032 [ 58A38E75F3316A83C23DF6173D41F2B5 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
23:39:06.0564 5032 SASKUTIL - ok
23:39:06.0579 5032 [ E3BBB89983DAF5622C1D50CF49F28227 ] sbp2port C:\Windows\system32\DRIVERS\sbp2port.sys
23:39:06.0579 5032 sbp2port - ok
23:39:06.0595 5032 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
23:39:06.0595 5032 SCardSvr - ok
23:39:06.0610 5032 [ C94DA20C7E3BA1DCA269BC8460D98387 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
23:39:06.0610 5032 scfilter - ok
23:39:06.0642 5032 [ 624D0F5FF99428BB90A5B8A4123E918E ] Schedule C:\Windows\system32\schedsvc.dll
23:39:06.0642 5032 Schedule - ok
23:39:06.0657 5032 [ 312E2F82AF11E79906898AC3E3D58A1F ] SCPolicySvc C:\Windows\System32\certprop.dll
23:39:06.0657 5032 SCPolicySvc - ok
23:39:06.0688 5032 [ 765A27C3279CE11D14CB9E4F5869FCA5 ] SDRSVC C:\Windows\System32\SDRSVC.dll
23:39:06.0688 5032 SDRSVC - ok
23:39:06.0720 5032 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
23:39:06.0720 5032 secdrv - ok
23:39:06.0720 5032 [ 463B386EBC70F98DA5DFF85F7E654346 ] seclogon C:\Windows\system32\seclogon.dll
23:39:06.0720 5032 seclogon - ok
23:39:06.0735 5032 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
23:39:06.0735 5032 SENS - ok
23:39:06.0735 5032 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
23:39:06.0735 5032 SensrSvc - ok
23:39:06.0766 5032 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
23:39:06.0766 5032 Serenum - ok
23:39:06.0766 5032 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
23:39:06.0766 5032 Serial - ok
23:39:06.0782 5032 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
23:39:06.0782 5032 sermouse - ok
23:39:06.0798 5032 [ C3BC61CE47FF6F4E88AB8A3B429A36AF ] SessionEnv C:\Windows\system32\sessenv.dll
23:39:06.0798 5032 SessionEnv - ok
23:39:06.0813 5032 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
23:39:06.0813 5032 sffdisk - ok
23:39:06.0829 5032 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\DRIVERS\sffp_mmc.sys
23:39:06.0829 5032 sffp_mmc - ok
23:39:06.0844 5032 [ 178298F767FE638C9FEDCBDEF58BB5E4 ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
23:39:06.0844 5032 sffp_sd - ok
23:39:06.0860 5032 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
23:39:06.0860 5032 sfloppy - ok
23:39:06.0876 5032 [ 0298AC45D0EFFFB2DB4BAA7DD186E7BF ] ShellHWDetection C:\Windows\System32\shsvcs.dll
23:39:06.0876 5032 ShellHWDetection - ok
23:39:06.0907 5032 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
23:39:06.0907 5032 SiSRaid2 - ok
23:39:06.0922 5032 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
23:39:06.0922 5032 SiSRaid4 - ok
23:39:06.0922 5032 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
23:39:06.0922 5032 Smb - ok
23:39:06.0954 5032 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
23:39:06.0954 5032 SNMPTRAP - ok
23:39:06.0969 5032 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
23:39:06.0969 5032 spldr - ok
23:39:07.0000 5032 [ 567977DC43CC13C4C35ED7084C0B84D5 ] Spooler C:\Windows\System32\spoolsv.exe
23:39:07.0000 5032 Spooler - ok
23:39:07.0047 5032 [ 913D843498553A1BC8F8DBAD6358E49F ] sppsvc C:\Windows\system32\sppsvc.exe
23:39:07.0063 5032 sppsvc - ok
23:39:07.0078 5032 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
23:39:07.0078 5032 sppuinotify - ok
23:39:07.0125 5032 [ 602884696850C86434530790B110E8EB ] sptd C:\Windows\system32\Drivers\sptd.sys
23:39:07.0125 5032 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 602884696850C86434530790B110E8EB
23:39:07.0125 5032 sptd ( LockedFile.Multi.Generic ) - warning
23:39:07.0125 5032 sptd - detected LockedFile.Multi.Generic (1)
23:39:07.0156 5032 [ 2408C0366D96BCDF63E8F1C78E4A29C5 ] srv C:\Windows\system32\DRIVERS\srv.sys
23:39:07.0156 5032 srv - ok
23:39:07.0172 5032 [ 76548F7B818881B47D8D1AE1BE9C11F8 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
23:39:07.0172 5032 srv2 - ok
23:39:07.0188 5032 [ 0AF6E19D39C70844C5CAA8FB0183C36E ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
23:39:07.0188 5032 srvnet - ok
23:39:07.0203 5032 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
23:39:07.0203 5032 SSDPSRV - ok
23:39:07.0219 5032 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
23:39:07.0219 5032 SstpSvc - ok
23:39:07.0281 5032 Steam Client Service - ok
23:39:07.0281 5032 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
23:39:07.0281 5032 stexstor - ok
23:39:07.0312 5032 [ 52D0E33B681BD0F33FDC08812FEE4F7D ] stisvc C:\Windows\System32\wiaservc.dll
23:39:07.0328 5032 stisvc - ok
23:39:07.0328 5032 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
23:39:07.0328 5032 swenum - ok
23:39:07.0390 5032 [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
23:39:07.0390 5032 SwitchBoard - ok
23:39:07.0406 5032 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
23:39:07.0422 5032 swprv - ok
23:39:07.0437 5032 [ 3C1284516A62078FB68F768DE4F1A7BE ] SysMain C:\Windows\system32\sysmain.dll
23:39:07.0453 5032 SysMain - ok
23:39:07.0468 5032 [ 238935C3CF2854886DC7CBB2A0E2CC66 ] TabletInputService C:\Windows\System32\TabSvc.dll
23:39:07.0468 5032 TabletInputService - ok
23:39:07.0484 5032 [ 884264AC597B690C5707C89723BB8E7B ] TapiSrv C:\Windows\System32\tapisrv.dll
23:39:07.0484 5032 TapiSrv - ok
23:39:07.0500 5032 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
23:39:07.0500 5032 TBS - ok
23:39:07.0546 5032 [ 624C5B3AA4C99B3184BB922D9ECE3FF0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
23:39:07.0578 5032 Tcpip - ok
23:39:07.0609 5032 [ 624C5B3AA4C99B3184BB922D9ECE3FF0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
23:39:07.0624 5032 TCPIP6 - ok
23:39:07.0640 5032 [ 76D078AF6F587B162D50210F761EB9ED ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
23:39:07.0640 5032 tcpipreg - ok
23:39:07.0656 5032 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
23:39:07.0656 5032 TDPIPE - ok
23:39:07.0687 5032 [ 7518F7BCFD4B308ABC9192BACAF6C970 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
23:39:07.0687 5032 TDTCP - ok
23:39:07.0702 5032 [ 079125C4B17B01FCAEEBCE0BCB290C0F ] tdx C:\Windows\system32\DRIVERS\tdx.sys
23:39:07.0702 5032 tdx - ok
23:39:07.0702 5032 [ C448651339196C0E869A355171875522 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
23:39:07.0718 5032 TermDD - ok
23:39:07.0734 5032 [ 0F05EC2887BFE197AD82A13287D2F404 ] TermService C:\Windows\System32\termsrv.dll
23:39:07.0734 5032 TermService - ok
23:39:07.0749 5032 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
23:39:07.0749 5032 Themes - ok
23:39:07.0765 5032 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
23:39:07.0765 5032 THREADORDER - ok
23:39:07.0780 5032 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
23:39:07.0780 5032 TrkWks - ok
23:39:07.0812 5032 [ 840F7FB849F5887A49BA18C13B2DA920 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
23:39:07.0812 5032 TrustedInstaller - ok
23:39:07.0812 5032 [ 61B96C26131E37B24E93327A0BD1FB95 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
23:39:07.0827 5032 tssecsrv - ok
23:39:07.0858 5032 [ 3836171A2CDF3AF8EF10856DB9835A70 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
23:39:07.0858 5032 tunnel - ok
23:39:07.0874 5032 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
23:39:07.0874 5032 uagp35 - ok
23:39:07.0890 5032 [ D47BAEAD86C65D4F4069D7CE0A4EDCEB ] udfs C:\Windows\system32\DRIVERS\udfs.sys
23:39:07.0890 5032 udfs - ok
23:39:07.0905 5032 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
23:39:07.0905 5032 UI0Detect - ok
23:39:07.0921 5032 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\DRIVERS\uliagpkx.sys
23:39:07.0921 5032 uliagpkx - ok
23:39:07.0936 5032 [ EAB6C35E62B1B0DB0D1B48B671D3A117 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
23:39:07.0936 5032 umbus - ok
23:39:07.0952 5032 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
23:39:07.0952 5032 UmPass - ok
23:39:08.0014 5032 [ 41118D920B2B268C0ADC36421248CDCF ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
23:39:08.0030 5032 UNS - ok
23:39:08.0061 5032 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
23:39:08.0061 5032 upnphost - ok
23:39:08.0092 5032 [ FB251567F41BC61988B26731DEC19E4B ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
23:39:08.0092 5032 USBAAPL64 - ok
23:39:08.0124 5032 [ 77B01BC848298223A95D4EC23E1785A1 ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
23:39:08.0124 5032 usbaudio - ok
23:39:08.0217 5032 [ 7B6A127C93EE590E4D79A5F2A76FE46F ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
23:39:08.0217 5032 usbccgp - ok
23:39:08.0248 5032 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\DRIVERS\usbcir.sys
23:39:08.0248 5032 usbcir - ok
23:39:08.0248 5032 [ 92969BA5AC44E229C55A332864F79677 ] usbehci C:\Windows\system32\drivers\usbehci.sys
23:39:08.0264 5032 usbehci - ok
23:39:08.0280 5032 [ E7DF1CFD28CA86B35EF5ADD0735CEEF3 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
23:39:08.0280 5032 usbhub - ok
23:39:08.0295 5032 [ 58E546BBAF87664FC57E0F6081E4F609 ] usbohci C:\Windows\system32\drivers\usbohci.sys
23:39:08.0295 5032 usbohci - ok
23:39:08.0295 5032 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
23:39:08.0295 5032 usbprint - ok
23:39:08.0326 5032 [ F39983647BC1F3E6100778DDFE9DCE29 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
23:39:08.0326 5032 USBSTOR - ok
23:39:08.0342 5032 [ 81FB2216D3A60D1284455D511797DB3D ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
23:39:08.0342 5032 usbuhci - ok
23:39:08.0358 5032 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
23:39:08.0358 5032 UxSms - ok
23:39:08.0373 5032 [ 156F6159457D0AA7E59B62681B56EB90 ] VaultSvc C:\Windows\system32\lsass.exe
23:39:08.0373 5032 VaultSvc - ok
23:39:08.0389 5032 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\DRIVERS\vdrvroot.sys
23:39:08.0389 5032 vdrvroot - ok
23:39:08.0404 5032 [ 44D73E0BBC1D3C8981304BA15135C2F2 ] vds C:\Windows\System32\vds.exe
23:39:08.0404 5032 vds - ok
23:39:08.0420 5032 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
23:39:08.0420 5032 vga - ok
23:39:08.0420 5032 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
23:39:08.0420 5032 VgaSave - ok
23:39:08.0436 5032 [ C82E748660F62A242B2DFAC1442F22A4 ] vhdmp C:\Windows\system32\DRIVERS\vhdmp.sys
23:39:08.0436 5032 vhdmp - ok
23:39:08.0436 5032 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\DRIVERS\viaide.sys
23:39:08.0436 5032 viaide - ok
23:39:08.0451 5032 [ 2B1A3DAE2B4E70DBBA822B7A03FBD4A3 ] volmgr C:\Windows\system32\DRIVERS\volmgr.sys
23:39:08.0451 5032 volmgr - ok
23:39:08.0467 5032 [ 99B0CBB569CA79ACAED8C91461D765FB ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
23:39:08.0467 5032 volmgrx - ok
23:39:08.0482 5032 [ 58F82EED8CA24B461441F9C3E4F0BF5C ] volsnap C:\Windows\system32\DRIVERS\volsnap.sys
23:39:08.0482 5032 volsnap - ok
23:39:08.0498 5032 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
23:39:08.0498 5032 vsmraid - ok
23:39:08.0529 5032 [ 787898BF9FB6D7BD87A36E2D95C899BA ] VSS C:\Windows\system32\vssvc.exe
23:39:08.0560 5032 VSS - ok
23:39:08.0576 5032 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
23:39:08.0576 5032 vwifibus - ok
23:39:08.0592 5032 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
23:39:08.0592 5032 vwififlt - ok
23:39:08.0607 5032 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
23:39:08.0607 5032 W32Time - ok
23:39:08.0623 5032 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
23:39:08.0623 5032 WacomPen - ok
23:39:08.0654 5032 [ 47CA49400643EFFD3F1C9A27E1D69324 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
23:39:08.0654 5032 WANARP - ok
23:39:08.0654 5032 [ 47CA49400643EFFD3F1C9A27E1D69324 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
23:39:08.0654 5032 Wanarpv6 - ok
23:39:08.0701 5032 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
23:39:08.0716 5032 WatAdminSvc - ok
23:39:08.0763 5032 [ 5AB1BB85BD8B5089CC5D64200DEDAE68 ] wbengine C:\Windows\system32\wbengine.exe
23:39:08.0779 5032 wbengine - ok
23:39:08.0794 5032 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
23:39:08.0794 5032 WbioSrvc - ok
23:39:08.0826 5032 [ DD1BAE8EBFC653824D29CCF8C9054D68 ] wcncsvc C:\Windows\System32\wcncsvc.dll
23:39:08.0826 5032 wcncsvc - ok
23:39:08.0826 5032 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
23:39:08.0826 5032 WcsPlugInService - ok
23:39:08.0841 5032 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
23:39:08.0857 5032 Wd - ok
23:39:08.0872 5032 [ A3D04EBF5227886029B4532F20D026F7 ] WDC_SAM C:\Windows\system32\DRIVERS\wdcsam64.sys
23:39:08.0872 5032 WDC_SAM - ok
23:39:08.0888 5032 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
23:39:08.0904 5032 Wdf01000 - ok
23:39:08.0919 5032 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
23:39:08.0919 5032 WdiServiceHost - ok
23:39:08.0919 5032 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
23:39:08.0919 5032 WdiSystemHost - ok
23:39:08.0950 5032 [ 733006127F235BE7C35354EBEE7B9A7B ] WebClient C:\Windows\System32\webclnt.dll
23:39:08.0950 5032 WebClient - ok
23:39:08.0950 5032 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
23:39:08.0966 5032 Wecsvc - ok
23:39:08.0966 5032 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
23:39:08.0982 5032 wercplsupport - ok
23:39:08.0997 5032 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
23:39:08.0997 5032 WerSvc - ok
23:39:09.0013 5032 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
23:39:09.0013 5032 WfpLwf - ok
23:39:09.0028 5032 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
23:39:09.0028 5032 WIMMount - ok
23:39:09.0028 5032 WinHttpAutoProxySvc - ok
23:39:09.0075 5032 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
23:39:09.0075 5032 Winmgmt - ok
23:39:09.0106 5032 [ 41FBB751936B387F9179E7F03A74FE29 ] WinRM C:\Windows\system32\WsmSvc.dll
23:39:09.0138 5032 WinRM - ok
23:39:09.0169 5032 [ 817EAFF5D38674EDD7713B9DFB8E9791 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
23:39:09.0169 5032 WinUsb - ok
23:39:09.0200 5032 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
23:39:09.0200 5032 Wlansvc - ok
23:39:09.0278 5032 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
23:39:09.0309 5032 wlidsvc - ok
23:39:09.0325 5032 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
23:39:09.0325 5032 WmiAcpi - ok
23:39:09.0356 5032 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
23:39:09.0356 5032 wmiApSrv - ok
23:39:09.0372 5032 WMPNetworkSvc - ok
23:39:09.0387 5032 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
23:39:09.0387 5032 WPCSvc - ok
23:39:09.0403 5032 [ 2E57DDF2880A7E52E76F41C7E96D327B ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
23:39:09.0403 5032 WPDBusEnum - ok
23:39:09.0418 5032 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
23:39:09.0418 5032 ws2ifsl - ok
23:39:09.0434 5032 WSearch - ok
23:39:09.0434 5032 [ 7CADC74271DD6461C452C271B30BD378 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
23:39:09.0434 5032 WudfPf - ok
23:39:09.0450 5032 [ 3B197AF0FFF08AA66B6B2241CA538D64 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
23:39:09.0450 5032 WUDFRd - ok
23:39:09.0465 5032 [ B551D6637AA0E132C18AC6E504F7B79B ] wudfsvc C:\Windows\System32\WUDFSvc.dll
23:39:09.0465 5032 wudfsvc - ok
23:39:09.0481 5032 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
23:39:09.0496 5032 WwanSvc - ok
23:39:09.0512 5032 ================ Scan global ===============================
23:39:09.0528 5032 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
23:39:09.0559 5032 [ 0CB6EBF4B461A6043353C570BD72A1E1 ] C:\Windows\system32\winsrv.dll
23:39:09.0559 5032 [ 0CB6EBF4B461A6043353C570BD72A1E1 ] C:\Windows\system32\winsrv.dll
23:39:09.0590 5032 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
23:39:09.0621 5032 [ 50BEA589F7D7958BDD2528A8F69D05CC ] C:\Windows\system32\services.exe
23:39:09.0637 5032 [Global] - ok
23:39:09.0637 5032 ================ Scan MBR ==================================
23:39:09.0637 5032 [ 4976D4A7A40B83FC7F06EE4BDD84EB9B ] \Device\Harddisk0\DR0
23:39:09.0902 5032 \Device\Harddisk0\DR0 - ok
23:39:09.0902 5032 ================ Scan VBR ==================================
23:39:09.0918 5032 [ 86F07A53CA595404BFA9BCD0A4473A01 ] \Device\Harddisk0\DR0\Partition1
23:39:09.0933 5032 \Device\Harddisk0\DR0\Partition1 - ok
23:39:09.0949 5032 [ 782A4DA93956322A994D127B3CFC3DE9 ] \Device\Harddisk0\DR0\Partition2
23:39:09.0949 5032 \Device\Harddisk0\DR0\Partition2 - ok
23:39:09.0949 5032 ============================================================
23:39:09.0949 5032 Scan finished
23:39:09.0949 5032 ============================================================
23:39:09.0949 3556 Detected object count: 1
23:39:09.0949 3556 Actual detected object count: 1
23:39:16.0594 3556 sptd ( LockedFile.Multi.Generic ) - skipped by user
23:39:16.0594 3556 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
23:40:54.0098 3584 Deinitialize success

aswMBR log:

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-09-04 23:47:09
-----------------------------
23:47:09.997 OS Version: Windows x64 6.1.7600
23:47:09.997 Number of processors: 4 586 0x2505
23:47:09.997 ComputerName: HÅVARD-PC UserName: Håvard
23:47:11.120 Initialize success
23:47:11.261 AVAST engine defs: 12090401
23:47:14.771 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
23:47:14.771 Disk 0 Vendor: ST3750528AS CC46 Size: 715404MB BusType: 3
23:47:14.786 Disk 0 MBR read successfully
23:47:14.786 Disk 0 MBR scan
23:47:14.786 Disk 0 unknown MBR code
23:47:14.802 Disk 0 Partition 1 00 1B Hidd FAT32 NTFS 14524 MB offset 2048
23:47:14.802 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 286160 MB offset 29747200
23:47:14.818 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 414718 MB offset 615802880
23:47:14.849 Disk 0 scanning C:\Windows\system32\drivers
23:47:23.165 Service scanning
23:47:36.331 Service sptd C:\Windows\System32\Drivers\sptd.sys **LOCKED** 32
23:47:39.373 Modules scanning
23:47:39.373 Disk 0 trace - called modules:
23:47:39.389 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys >>UNKNOWN [0xfffffa80035372c0]<<spvh.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys
23:47:39.389 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800466c060]
23:47:39.404 3 CLASSPNP.SYS[fffff880017d043f] -> nt!IofCallDriver -> [0xfffffa80043bb580]
23:47:39.404 5 ACPI.sys[fffff8800117a781] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa80043bd060]
23:47:39.404 \Driver\atapi[0xfffffa80043a8e70] -> IRP_MJ_CREATE -> 0xfffffa80035372c0
23:47:41.385 AVAST engine scan C:\Windows
23:47:44.240 AVAST engine scan C:\Windows\system32
23:48:28.623 File: C:\Windows\system32\services.exe **INFECTED** Win32:Sirefef-ZT [Trj]
23:48:48.770 File: C:\Windows\assembly\GAC_32\Desktop.ini **INFECTED** Win32:Sirefef-PL [Rtk]
23:48:50.361 File: C:\Windows\assembly\GAC_64\Desktop.ini **INFECTED** Win32:Sirefef-PL [Rtk]
23:49:44.603 AVAST engine scan C:\Windows\system32\drivers
23:49:52.637 AVAST engine scan C:\Users\Håvard
23:52:13.073 Disk 0 MBR has been saved successfully to "C:\Users\Håvard\Desktop\MBR.dat"
23:52:13.073 The log file has been saved successfully to "C:\Users\Håvard\Desktop\aswMBR.txt"
23:53:22.219 Disk 0 MBR has been saved successfully to "C:\Users\Håvard\Desktop\MBR.dat"
23:53:22.234 The log file has been saved successfully to "C:\Users\Håvard\Desktop\log.txt"

ESET Online Scanner log:

C:\Windows\Installer\{642ddf8e-c4ee-9957-de32-0b4edb37cdf4}\U\00000008.@ Win64/Agent.BA trojan cleaned by deleting - quarantined
C:\Windows\Installer\{642ddf8e-c4ee-9957-de32-0b4edb37cdf4}\U\000000cb.@ Win64/Conedex.B trojan cleaned by deleting - quarantined
C:\Windows\Installer\{642ddf8e-c4ee-9957-de32-0b4edb37cdf4}\U\80000000.@ Win64/Sirefef.AP trojan cleaned by deleting - quarantined
Operating memory a variant of Win32/Sirefef.EZ trojan

#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:52 AM

Posted 04 September 2012 - 06:11 PM

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.


Download

adware cleaner

Launch it click on Delete

post the generated log

#11 havardml

havardml
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:03:52 AM

Posted 05 September 2012 - 08:47 AM

MiniToolBox by Farbar Version: 23-07-2012
Ran by Håvard (administrator) on 05-09-2012 at 15:40:26
Microsoft Windows 7 Home Premium (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP-konfigurasjon

DNS Resolver-bufferen ble t›mt.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

Realtek PCIe GBE Family Controller = Lokal tilkobling (Connected)
Hamachi Network Interface = Hamachi (Connected)
F›lgende hjelper-DLL kan ikke lastes inn: WSHELPER.DLL.


# ----------------------------------
# IPv4-konfigurasjon
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
add route prefix=0.0.0.0/0 interface="Hamachi" nexthop=5.0.0.1 publish=Ja
set interface interface="Hamachi" forwarding=disabled advertise=disabled metric=9000 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled advertisedrouterlifetime=0 advertisedefaultroute=disabled currenthoplimit=0 forcearpndwolpattern=disabled enabledirectedmacwolpattern=disabled


popd
# Slutt p† IPv4-konfigurasjon



Windows IP-konfigurasjon

Vertsnavn . . . . . . . . . . . : H†vard-PC
Prim‘r DNS-suffiks . . . . . . . :
Nodetype . . . . . . . . . . . . : Hybrid
IP-ruting aktivert . . . . . . . : Nei
WINS Proxy aktivert . . . . . . . : Nei

Ethernet-kort Lokal tilkobling:

Tilkoblingsspesifikt DNS-suffiks :
Beskrivelse . . . . . . . . . . : Realtek PCIe GBE Family Controller
Fysisk adresse . . . . . . . . . : 20-CF-30-B5-FB-45
DHCP aktivert . . . . . . . . . . : Ja
Automatisk konfigurasjon aktivert : Ja
Koblingslokal IPv6-adresse. . . . : fe80::ddc7:a6a1:8b20:73ab%11(Foretrukket)
IPv4-adresse. . . . . . . . . . . : 192.168.0.188(Foretrukket)
Nettverksmaske . . . . . . . . . .: 255.255.255.0
Leieavtale inng†tt. . . . . . . . : 5. september 2012 15:34:13
Leieavtale utl›per. . . . . . . . : 6. september 2012 15:34:12
Standard gateway . . . . . . . . .: 192.168.0.1
DHCP-server . . . . . . . . . . . : 192.168.0.1
DHCPv6-IAID . . . . . . . . . . . : 237031216
DHCPv6 klient-DUID. . . . . . . . : 00-01-00-01-14-9E-49-E9-20-CF-30-B5-FB-45
DNS-servere . . . . . . . . . . . : 192.168.0.1
NetBIOS over Tcpip. . . . . . . . : Aktivert

Ethernet-kort Hamachi:

Tilkoblingsspesifikt DNS-suffiks :
Beskrivelse . . . . . . . . . . : Hamachi Network Interface
Fysisk adresse . . . . . . . . . : 7A-79-05-19-B0-89
DHCP aktivert . . . . . . . . . . : Ja
Automatisk konfigurasjon aktivert : Ja
IPv6-adresse. . . . . . . . . . . : 2620:9b::519:b089(Foretrukket)
Koblingslokal IPv6-adresse. . . . : fe80::d4d:7a7a:49e0:5b4a%15(Foretrukket)
IPv4-adresse. . . . . . . . . . . : 5.25.176.137(Foretrukket)
Nettverksmaske . . . . . . . . . .: 255.0.0.0
Leieavtale inng†tt. . . . . . . . : 5. september 2012 15:34:13
Leieavtale utl›per. . . . . . . . : 5. september 2013 15:36:20
Standard gateway . . . . . . . . .: 5.0.0.1
DHCP-server . . . . . . . . . . . : 5.0.0.1
DHCPv6-IAID . . . . . . . . . . . : 360347967
DHCPv6 klient-DUID. . . . . . . . : 00-01-00-01-14-9E-49-E9-20-CF-30-B5-FB-45
DNS-servere . . . . . . . . . . . : fec0:0:0:ffff::1%1
fec0:0:0:ffff::2%1
fec0:0:0:ffff::3%1
NetBIOS over Tcpip. . . . . . . . : Aktivert

Tunnelkort isatap.{61A49A51-945D-4219-833B-E5E3A30EA128}:

Medietilstand . . . . . . . . . . : Medium frakoblet
Tilkoblingsspesifikt DNS-suffiks :
Beskrivelse . . . . . . . . . . : Microsoft ISATAP Adapter
Fysisk adresse . . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP aktivert . . . . . . . . . . : Nei
Automatisk konfigurasjon aktivert : Ja

Tunnelkort Teredo Tunneling Pseudo-Interface:

Medietilstand . . . . . . . . . . : Medium frakoblet
Tilkoblingsspesifikt DNS-suffiks :
Beskrivelse . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Fysisk adresse . . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP aktivert . . . . . . . . . . : Nei
Automatisk konfigurasjon aktivert : Ja

Tunnelkort isatap.{8DC31FB0-013A-4517-A396-DA3E6243D02C}:

Medietilstand . . . . . . . . . . : Medium frakoblet
Tilkoblingsspesifikt DNS-suffiks :
Beskrivelse . . . . . . . . . . : Microsoft ISATAP Adapter #2
Fysisk adresse . . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP aktivert . . . . . . . . . . : Nei
Automatisk konfigurasjon aktivert : Ja

Pinger google.com [173.194.32.0] med 32 byte data:
Svar fra 173.194.32.0: byte=32 tid=42ms TTL=52
Svar fra 173.194.32.0: byte=32 tid=48ms TTL=52

Ping-statistikker for 173.194.32.0:
Pakker: sendt = 2, mottatt = 2, tapt = 0 (0% tap),
Gjennomsnittlig tid for tur-retur i millisekunder:
minimum = 42ms, maksimum = 48ms, gjennomsnittlig = 45ms

Pinger yahoo.com [98.139.183.24] med 32 byte data:
Svar fra 98.139.183.24: byte=32 tid=911ms TTL=49
Svar fra 98.139.183.24: byte=32 tid=874ms TTL=49

Ping-statistikker for 98.139.183.24:
Pakker: sendt = 2, mottatt = 2, tapt = 0 (0% tap),
Gjennomsnittlig tid for tur-retur i millisekunder:
minimum = 874ms, maksimum = 911ms, gjennomsnittlig = 892ms

Pinger bleepingcomputer.com [208.43.87.2] med 32 byte data:
Svar fra 208.43.87.2: M†lverten kan ikke n†s.
Svar fra 208.43.87.2: M†lverten kan ikke n†s.

Ping-statistikker for 208.43.87.2:
Pakker: sendt = 2, mottatt = 2, tapt = 0 (0% tap),

Pinger 127.0.0.1 med 32 byte data:
Svar fra 127.0.0.1: byte=32 tid=3ms TTL=128
Svar fra 127.0.0.1: byte=32 tid=2ms TTL=128

Ping-statistikker for 127.0.0.1:
Pakker: sendt = 2, mottatt = 2, tapt = 0 (0% tap),
Gjennomsnittlig tid for tur-retur i millisekunder:
minimum = 2ms, maksimum = 3ms, gjennomsnittlig = 2ms
===========================================================================
Grensesnittliste
11...20 cf 30 b5 fb 45 ......Realtek PCIe GBE Family Controller
15...7a 79 05 19 b0 89 ......Hamachi Network Interface
1...........................Software Loopback Interface 1
14...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
16...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
===========================================================================

IPv4 rutetabell
===========================================================================
Aktive ruter:
Nettverksm†l Nettverksmaske Gateway Grensesnitt Metrikk
0.0.0.0 0.0.0.0 5.0.0.1 5.25.176.137 9256
0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.188 10
5.0.0.0 255.0.0.0 Ved LAN 5.25.176.137 9256
5.25.176.137 255.255.255.255 Ved LAN 5.25.176.137 9256
5.255.255.255 255.255.255.255 Ved LAN 5.25.176.137 9256
127.0.0.0 255.0.0.0 Ved LAN 127.0.0.1 306
127.0.0.1 255.255.255.255 Ved LAN 127.0.0.1 306
127.255.255.255 255.255.255.255 Ved LAN 127.0.0.1 306
192.168.0.0 255.255.255.0 Ved LAN 192.168.0.188 266
192.168.0.188 255.255.255.255 Ved LAN 192.168.0.188 266
192.168.0.255 255.255.255.255 Ved LAN 192.168.0.188 266
224.0.0.0 240.0.0.0 Ved LAN 127.0.0.1 306
224.0.0.0 240.0.0.0 Ved LAN 192.168.0.188 266
224.0.0.0 240.0.0.0 Ved LAN 5.25.176.137 9256
255.255.255.255 255.255.255.255 Ved LAN 127.0.0.1 306
255.255.255.255 255.255.255.255 Ved LAN 192.168.0.188 266
255.255.255.255 255.255.255.255 Ved LAN 5.25.176.137 9256
===========================================================================
Faste ruter:
Nettverksadresse Nettverksmaske Gateway-adresse Metrisk
0.0.0.0 0.0.0.0 5.0.0.1 Standard
===========================================================================

IPv6 rutetabell
===========================================================================
Aktive ruter:
Gr Metr. Nettv. M†l Gateway
1 306 ::1/128 Ved LAN
15 276 2620:9b::/96 Ved LAN
15 276 2620:9b::519:b089/128 Ved LAN
11 266 fe80::/64 Ved LAN
15 276 fe80::/64 Ved LAN
15 276 fe80::d4d:7a7a:49e0:5b4a/128
Ved LAN
11 266 fe80::ddc7:a6a1:8b20:73ab/128
Ved LAN
1 306 ff00::/8 Ved LAN
11 266 ff00::/8 Ved LAN
15 276 ff00::/8 Ved LAN
===========================================================================
Faste ruter:
Gr Metr. Nettv. M†l Gateway
0 4294967295 2620:9b::/96 Ved LAN
===========================================================================
========================= Winsock entries =====================================

Catalog5 01 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

Catalog5 02 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

Catalog5 03 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog9 01 mswsock.dll [File Not found] ()
Catalog9 02 mswsock.dll [File Not found] ()
Catalog9 03 mswsock.dll [File Not found] ()
Catalog9 04 mswsock.dll [File Not found] ()
Catalog9 05 mswsock.dll [File Not found] ()
Catalog9 06 mswsock.dll [File Not found] ()
Catalog9 07 mswsock.dll [File Not found] ()
Catalog9 08 mswsock.dll [File Not found] ()
Catalog9 09 mswsock.dll [File Not found] ()
Catalog9 10 mswsock.dll [File Not found] ()
x64-Catalog5 01 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

x64-Catalog5 02 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

x64-Catalog5 03 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog9 01 mswsock.dll [File Not found] ()
x64-Catalog9 02 mswsock.dll [File Not found] ()
x64-Catalog9 03 mswsock.dll [File Not found] ()
x64-Catalog9 04 mswsock.dll [File Not found] ()
x64-Catalog9 05 mswsock.dll [File Not found] ()
x64-Catalog9 06 mswsock.dll [File Not found] ()
x64-Catalog9 07 mswsock.dll [File Not found] ()
x64-Catalog9 08 mswsock.dll [File Not found] ()
x64-Catalog9 09 mswsock.dll [File Not found] ()
x64-Catalog9 10 mswsock.dll [File Not found] ()

========================= Event log errors: ===============================

Application errors:
==================
Error: (09/05/2012 03:33:13 PM) (Source: Application Error) (User: )
Description: Programnavn med feil: svchost.exe, versjon: 6.1.7600.16385, tidsangivelse: 0x4a5bc100
Modulnavn med feil: unknown, versjon: 0.0.0.0, tidsangivelse: 0x00000000
Unntakskode: 0xc0000005
Feilforskyvning: 0x737cc9f1
Feil prosess-ID: 0x10e4
Feil starttid for program: 0xsvchost.exe0
Feil programbane: svchost.exe1
Feil modulbane: svchost.exe2
Rapport-ID: svchost.exe3

Error: (09/05/2012 03:32:12 PM) (Source: Application Error) (User: )
Description: Programnavn med feil: svchost.exe, versjon: 6.1.7600.16385, tidsangivelse: 0x4a5bc100
Modulnavn med feil: unknown, versjon: 0.0.0.0, tidsangivelse: 0x00000000
Unntakskode: 0xc0000005
Feilforskyvning: 0x737cc9f1
Feil prosess-ID: 0x17f0
Feil starttid for program: 0xsvchost.exe0
Feil programbane: svchost.exe1
Feil modulbane: svchost.exe2
Rapport-ID: svchost.exe3

Error: (09/05/2012 03:31:11 PM) (Source: Application Error) (User: )
Description: Programnavn med feil: svchost.exe, versjon: 6.1.7600.16385, tidsangivelse: 0x4a5bc100
Modulnavn med feil: unknown, versjon: 0.0.0.0, tidsangivelse: 0x00000000
Unntakskode: 0xc0000005
Feilforskyvning: 0x737cc9f1
Feil prosess-ID: 0x1f0
Feil starttid for program: 0xsvchost.exe0
Feil programbane: svchost.exe1
Feil modulbane: svchost.exe2
Rapport-ID: svchost.exe3

Error: (09/05/2012 03:30:11 PM) (Source: Application Error) (User: )
Description: Programnavn med feil: svchost.exe, versjon: 6.1.7600.16385, tidsangivelse: 0x4a5bc100
Modulnavn med feil: unknown, versjon: 0.0.0.0, tidsangivelse: 0x00000000
Unntakskode: 0xc0000005
Feilforskyvning: 0x737cc9f1
Feil prosess-ID: 0xdcc
Feil starttid for program: 0xsvchost.exe0
Feil programbane: svchost.exe1
Feil modulbane: svchost.exe2
Rapport-ID: svchost.exe3

Error: (09/05/2012 03:29:11 PM) (Source: Application Error) (User: )
Description: Programnavn med feil: svchost.exe, versjon: 6.1.7600.16385, tidsangivelse: 0x4a5bc100
Modulnavn med feil: unknown, versjon: 0.0.0.0, tidsangivelse: 0x00000000
Unntakskode: 0xc0000005
Feilforskyvning: 0x737cc9f1
Feil prosess-ID: 0x1470
Feil starttid for program: 0xsvchost.exe0
Feil programbane: svchost.exe1
Feil modulbane: svchost.exe2
Rapport-ID: svchost.exe3

Error: (09/05/2012 03:28:10 PM) (Source: Application Error) (User: )
Description: Programnavn med feil: svchost.exe, versjon: 6.1.7600.16385, tidsangivelse: 0x4a5bc100
Modulnavn med feil: unknown, versjon: 0.0.0.0, tidsangivelse: 0x00000000
Unntakskode: 0xc0000005
Feilforskyvning: 0x737cc9f1
Feil prosess-ID: 0xc0c
Feil starttid for program: 0xsvchost.exe0
Feil programbane: svchost.exe1
Feil modulbane: svchost.exe2
Rapport-ID: svchost.exe3

Error: (09/05/2012 03:27:10 PM) (Source: Application Error) (User: )
Description: Programnavn med feil: svchost.exe, versjon: 6.1.7600.16385, tidsangivelse: 0x4a5bc100
Modulnavn med feil: unknown, versjon: 0.0.0.0, tidsangivelse: 0x00000000
Unntakskode: 0xc0000005
Feilforskyvning: 0x737cc9f1
Feil prosess-ID: 0x128c
Feil starttid for program: 0xsvchost.exe0
Feil programbane: svchost.exe1
Feil modulbane: svchost.exe2
Rapport-ID: svchost.exe3

Error: (09/05/2012 03:26:09 PM) (Source: Application Error) (User: )
Description: Programnavn med feil: svchost.exe, versjon: 6.1.7600.16385, tidsangivelse: 0x4a5bc100
Modulnavn med feil: unknown, versjon: 0.0.0.0, tidsangivelse: 0x00000000
Unntakskode: 0xc0000005
Feilforskyvning: 0x737cc9f1
Feil prosess-ID: 0x163c
Feil starttid for program: 0xsvchost.exe0
Feil programbane: svchost.exe1
Feil modulbane: svchost.exe2
Rapport-ID: svchost.exe3

Error: (09/05/2012 03:25:09 PM) (Source: Application Error) (User: )
Description: Programnavn med feil: svchost.exe, versjon: 6.1.7600.16385, tidsangivelse: 0x4a5bc100
Modulnavn med feil: unknown, versjon: 0.0.0.0, tidsangivelse: 0x00000000
Unntakskode: 0xc0000005
Feilforskyvning: 0x737cc9f1
Feil prosess-ID: 0xbb4
Feil starttid for program: 0xsvchost.exe0
Feil programbane: svchost.exe1
Feil modulbane: svchost.exe2
Rapport-ID: svchost.exe3

Error: (09/05/2012 03:24:07 PM) (Source: Application Error) (User: )
Description: Programnavn med feil: svchost.exe, versjon: 6.1.7600.16385, tidsangivelse: 0x4a5bc100
Modulnavn med feil: unknown, versjon: 0.0.0.0, tidsangivelse: 0x00000000
Unntakskode: 0xc0000005
Feilforskyvning: 0x737cc9f1
Feil prosess-ID: 0x169c
Feil starttid for program: 0xsvchost.exe0
Feil programbane: svchost.exe1
Feil modulbane: svchost.exe2
Rapport-ID: svchost.exe3


System errors:
=============
Error: (09/05/2012 03:35:27 PM) (Source: Service Control Manager) (User: )
Description: Tjenesten Hjemmenettverksleverandør avhenger av tjenesten Function Discovery Resource Publication som ikke kan starte på grunn av følgende feil:
%%-2147024891

Error: (09/05/2012 03:35:27 PM) (Source: Service Control Manager) (User: )
Description: Tjenesten Function Discovery Resource Publication terminerte med følgende feil:
%%-2147024891

Error: (09/05/2012 03:34:34 PM) (Source: Service Control Manager) (User: )
Description: Tjenesten Computer Browser terminerte med følgende feil:
%%1060

Error: (09/05/2012 01:51:01 PM) (Source: Service Control Manager) (User: )
Description: Tjenesten Hjemmenettverksleverandør avhenger av tjenesten Function Discovery Resource Publication som ikke kan starte på grunn av følgende feil:
%%-2147024891

Error: (09/05/2012 01:51:01 PM) (Source: Service Control Manager) (User: )
Description: Tjenesten Function Discovery Resource Publication terminerte med følgende feil:
%%-2147024891

Error: (09/05/2012 01:50:08 PM) (Source: Service Control Manager) (User: )
Description: Tjenesten Computer Browser terminerte med følgende feil:
%%1060

Error: (09/04/2012 11:45:45 PM) (Source: Service Control Manager) (User: )
Description: Tjenesten Function Discovery Resource Publication terminerte med følgende feil:
%%-2147024891

Error: (09/04/2012 11:45:45 PM) (Source: Service Control Manager) (User: )
Description: Tjenesten Hjemmenettverksleverandør avhenger av tjenesten Function Discovery Resource Publication som ikke kan starte på grunn av følgende feil:
%%-2147024891

Error: (09/04/2012 11:44:56 PM) (Source: Service Control Manager) (User: )
Description: Tjenesten Computer Browser terminerte med følgende feil:
%%1060

Error: (09/04/2012 11:44:28 PM) (Source: BugCheck) (User: )
Description: 0x00000109 (0xa3a039d898ca6919, 0xb3b7465eeb48a4ef, 0xfffff88002f6e5c0, 0x0000000000000002)C:\Windows\MEMORY.DMP090412-19250-01


Microsoft Office Sessions:
=========================
Error: (09/05/2012 03:33:13 PM) (Source: Application Error)(User: )
Description: svchost.exe6.1.7600.163854a5bc100unknown0.0.0.000000000c0000005737cc9f110e401cd8b6aff477b92C:\Windows\SysWOW64\svchost.exeunknown3d030a73-f75e-11e1-b908-20cf30b5fb45

Error: (09/05/2012 03:32:12 PM) (Source: Application Error)(User: )
Description: svchost.exe6.1.7600.163854a5bc100unknown0.0.0.000000000c0000005737cc9f117f001cd8b6adb5c9eefC:\Windows\SysWOW64\svchost.exeunknown190d3127-f75e-11e1-b908-20cf30b5fb45

Error: (09/05/2012 03:31:11 PM) (Source: Application Error)(User: )
Description: svchost.exe6.1.7600.163854a5bc100unknown0.0.0.000000000c0000005737cc9f11f001cd8b6ab6ed9c3dC:\Windows\SysWOW64\svchost.exeunknownf4d19b46-f75d-11e1-b908-20cf30b5fb45

Error: (09/05/2012 03:30:11 PM) (Source: Application Error)(User: )
Description: svchost.exe6.1.7600.163854a5bc100unknown0.0.0.000000000c0000005737cc9f1dcc01cd8b6a930cf8f1C:\Windows\SysWOW64\svchost.exeunknownd0bd15f8-f75d-11e1-b908-20cf30b5fb45

Error: (09/05/2012 03:29:11 PM) (Source: Application Error)(User: )
Description: svchost.exe6.1.7600.163854a5bc100unknown0.0.0.000000000c0000005737cc9f1147001cd8b6a6f0719daC:\Windows\SysWOW64\svchost.exeunknownacc6c77a-f75d-11e1-b908-20cf30b5fb45

Error: (09/05/2012 03:28:10 PM) (Source: Application Error)(User: )
Description: svchost.exe6.1.7600.163854a5bc100unknown0.0.0.000000000c0000005737cc9f1c0c01cd8b6a4b27fd33C:\Windows\SysWOW64\svchost.exeunknown88d8b67c-f75d-11e1-b908-20cf30b5fb45

Error: (09/05/2012 03:27:10 PM) (Source: Application Error)(User: )
Description: svchost.exe6.1.7600.163854a5bc100unknown0.0.0.000000000c0000005737cc9f1128c01cd8b6a2728ade4C:\Windows\SysWOW64\svchost.exeunknown64f8af72-f75d-11e1-b908-20cf30b5fb45

Error: (09/05/2012 03:26:09 PM) (Source: Application Error)(User: )
Description: svchost.exe6.1.7600.163854a5bc100unknown0.0.0.000000000c0000005737cc9f1163c01cd8b6a0305f790C:\Windows\SysWOW64\svchost.exeunknown40da8d0f-f75d-11e1-b908-20cf30b5fb45

Error: (09/05/2012 03:25:09 PM) (Source: Application Error)(User: )
Description: svchost.exe6.1.7600.163854a5bc100unknown0.0.0.000000000c0000005737cc9f1bb401cd8b69de7c197aC:\Windows\SysWOW64\svchost.exeunknown1cd4adf8-f75d-11e1-b908-20cf30b5fb45

Error: (09/05/2012 03:24:07 PM) (Source: Application Error)(User: )
Description: svchost.exe6.1.7600.163854a5bc100unknown0.0.0.000000000c0000005737cc9f1169c01cd8b69ba5ac2bbC:\Windows\SysWOW64\svchost.exeunknownf80a6a90-f75c-11e1-b908-20cf30b5fb45


=========================== Installed Programs ============================

64 Bit HP CIO Components Installer (Version: 1.2.0)
Acrobat.com (Version: 1.6.65)
Adobe AIR (Version: 1.5.3.9120)
Adobe Community Help (Version: 3.0.0)
Adobe Community Help (Version: 3.0.0.400)
Adobe Flash Player 11 Plugin (Version: 11.4.402.265)
Adobe Media Player (Version: 0.0.0)
Adobe Media Player (Version: 1.1)
Adobe Photoshop CS5 (Version: 12.0)
Adobe Reader X (10.0.1) - Norsk (Version: 10.0.1)
Advanced Sound Recorder v6.0
AI Manager (Version: 1.08.07)
ANIWZCS2 Service
Any Video Converter 3.3.9
Apple Application Support (Version: 2.1.7)
Apple Mobile Device Support (Version: 5.1.1.4)
Apple Software Update (Version: 2.1.3.127)
ASUS Backup Wizard (Version: 1.00.09)
ASUS VIBE (Version: 1.0.188)
ASUSUpdate (Version: 7.18.03)
avast! Free Antivirus (Version: 7.0.1466.0)
Bonjour (Version: 3.0.0.10)
CCleaner (Version: 3.22)
Conduit Engine (Version: )
D-Link Wireless N Dual Band DWA-160
D3DX10 (Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition
DivX Setup (Version: 2.2.1.2)
Dropbox (Version: 1.4.8)
ebi.BookReader3J (Version: 3.75.14)
EPU-4 Engine (Version: 1.01.02)
ESET Online Scanner v3
Explorer Suite III
Firebird SQL Server - MAGIX Edition (Version: 2.1.27.0)
Football Manager 2012
FormatFactory 2.70 (Version: 2.70)
forteManager (Version: 3.18)
Google Chrome (Version: 21.0.1180.89)
Google Update Helper (Version: 1.3.21.111)
HandBrake 0.9.5 (Version: 0.9.5)
Intel® Management Engine Components (Version: 6.0.0.1179)
iTunes (Version: 10.6.0.40)
Java 7 Update 7 (64-bit) (Version: 7.0.70)
Java Auto Updater (Version: 2.0.6.1)
Java™ 6 Update 20 (Version: 6.0.200)
Java™ 6 Update 30 (Version: 6.0.300)
Junk Mail filter update (Version: 15.4.3502.0922)
K-Lite Mega Codec Pack 9.1.0 (Version: 9.1.0)
LogMeIn Hamachi (Version: 2.1.0.215)
Magic Bullet Looks Vegas
Magic DVD Ripper V7.0.0
MAGIX Speed burnR (MSI) (Version: 7.0.1.27)
Malwarebytes Anti-Malware versjon 1.62.0.1300 (Version: 1.62.0.1300)
MediaFire Express (Version: 0.12.3.3540)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile NOR Language Pack (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Office 32-bit Components 2010 (Version: 14.0.4734.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Professional Plus 2010 (Version: 14.0.4734.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.4734.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.4734.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Shared 32-bit MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft_VC80_ATL_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053)
Microsoft_VC90_ATL_x86 (Version: 1.00.0000)
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000)
mkv2vob (Version: 2.4.9)
Movie Looks Vegas HD
Mozilla Firefox (3.6.13) (Version: 3.6.13 (nb-NO))
Mozilla Firefox 15.0 (x86 nb-NO) (Version: 15.0)
Mozilla Maintenance Service (Version: 15.0)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT Redists (Version: 1.0)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 4.0 SP3 Parser (KB2721691) (Version: 4.30.2114.0)
MSXML 4.0 SP3 Parser (KB973685) (Version: 4.30.2107.0)
NVIDIA Display Control Panel (Version: 6.14.12.5913)
NVIDIA Drivers (Version: 1.10.62.40)
NVIDIA PhysX (Version: 9.10.0224)
PDF Settings CS5 (Version: 10.0)
QuickTime (Version: 7.69.80.9)
Realtek Ethernet Controller Driver For Windows Vista and Later (Version: 1.00.0009)
Realtek High Definition Audio Driver (Version: 6.0.1.5919)
Reimage Repair (Version: 1.6.2.5)
SES Driver (Version: 1.0.0)
Skype™ 5.5 (Version: 5.5.124)
SopCast 3.5.0 (Version: 3.5.0)
Spotify (Version: 0.4.10)
Spotify (Version: 0.8.3.222.g317ab79d)
StartNow Toolbar (Version: 2.1.0)
Steam (Version: 1.0.0.0)
SUPERAntiSpyware (Version: 5.5.1012)
TmNationsForever
Uninstall 1.0.0.1
Unity Web Player (Version: )
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553092)
VC80CRTRedist - 8.0.50727.4053 (Version: 1.1.0)
Veetle TV 0.9.18 (Version: 0.9.18)
Vegas Pro 10.0 (Version: 10.0.469)
Visual Studio 2008 x64 Redistributables (Version: 10.0.0.2)
VLC media player 1.1.5 (Version: 1.1.5)
Vuze (Version: 4.5)
Vuze Remote Toolbar (Version: 6.2.7.3)
Windows Driver Package - Western Digital Technologies (WDC_SAM) WDC_SAM (03/06/2009 1.0.0008.0) (Version: 03/06/2009 1.0.0008.0)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3555.0308)
Windows Live Family Safety (Version: 15.4.3555.0308)
Windows Live Fotogalleri (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3555.0308)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live OneCare safety scanner
Windows Live OneCare safety scanner (Version: 1.0.0.0)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live Sync (Version: 14.0.8117.416)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Windows Media Player Firefox Plugin (Version: 1.0.0.8)
WinRAR Arkiverer
Xilisoft HD Video Converter 6 (Version: 6.5.3.0310)
YouTube Downloader 2.7

========================= Memory info: ===================================

Percentage of memory in use: 44%
Total physical RAM: 3959.05 MB
Available physical RAM: 2205.07 MB
Total Pagefile: 7916.25 MB
Available Pagefile: 5813.3 MB
Total Virtual: 4095.88 MB
Available Virtual: 3968.8 MB

========================= Partitions: =====================================

1 Drive c: (WIN7) (Fixed) (Total:279.45 GB) (Free:83.81 GB) NTFS
2 Drive d: (DATA) (Fixed) (Total:405 GB) (Free:210.5 GB) NTFS
3 Drive e: (AFC Season Review 08-09) (CDROM) (Total:7.01 GB) (Free:0 GB) UDF

========================= Users: ========================================

Brukerkontoer for \\HVARD-PC

Administrator Gjest H†vard
Kommandoen er fullf›rt.


**** End of log ****

FSS:

Farbar Service Scanner Version: 06-08-2012
Ran by Håvard (administrator) on 05-09-2012 at 15:42:10
Running from "C:\Users\Håvard\Downloads"
Microsoft Windows 7 Home Premium (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============
mpsdrv Service is not running. Checking service configuration:
The start type of mpsdrv service is OK.
The ImagePath of mpsdrv service is OK.

MpsSvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.


Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============
wscsvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.

BITS Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.


Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============
Checking Start type of SharedAccess: ATTENTION!=====> Unable to retrieve start type of SharedAccess. The value does not exist.
Checking ImagePath of SharedAccess: ATTENTION!=====> Unable to retrieve ImagePath of SharedAccess. The value does not exist.
Checking ServiceDll of SharedAccess: ATTENTION!=====> Unable to retrieve ServiceDll of SharedAccess. The value does not exist.


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys
[2012-02-16 15:38] - [2011-12-28 05:59] - 0499200 ____A (Microsoft Corporation) DB9D6C6B2CD95A9CA414D045B627422E

C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys
[2012-05-09 21:08] - [2012-03-30 13:09] - 1895280 ____A (Microsoft Corporation) 624C5B3AA4C99B3184BB922D9ECE3FF0

C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll
[2009-07-14 02:09] - [2009-07-14 03:41] - 0824832 ____A (Microsoft Corporation) AECAB449567D1846DAD63ECE49E893E3

C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll
[2009-07-14 01:36] - [2009-07-14 03:41] - 0170496 ____A (Microsoft Corporation) 765A27C3279CE11D14CB9E4F5869FCA5

C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll
[2012-06-14 10:16] - [2012-04-24 07:59] - 0182272 ____A (Microsoft Corporation) F02786B66375292E58C8777082D4396D

C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

adware cleaner:

# AdwCleaner v2.000 - Logfile created 09/05/2012 at 15:44:10
# Updated 30/08/2012 by Xplode
# Operating system : Windows 7 Home Premium (64 bits)
# User : Håvard - HÅVARD-PC
# Boot Mode : Normal
# Running from : C:\Users\Håvard\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\avg-secure-search.xml
File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml
File Deleted : C:\Users\HVARD~1\AppData\Local\Temp\Uninstall.exe
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\ConduitEngine
Folder Deleted : C:\Program Files (x86)\Vuze_Remote
Folder Deleted : C:\Program Files\Babylon
Folder Deleted : C:\ProgramData\AVG Secure Search
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\boost_interprocess
Folder Deleted : C:\Users\Håvard\AppData\Local\Babylon
Folder Deleted : C:\Users\Håvard\AppData\LocalLow\BabylonToolbar
Folder Deleted : C:\Users\Håvard\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Håvard\AppData\LocalLow\ConduitEngine
Folder Deleted : C:\Users\Håvard\AppData\LocalLow\Vuze_Remote
Folder Deleted : C:\Users\Håvard\AppData\Roaming\Babylon

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\conduitEngine
Key Deleted : HKCU\Software\AppDataLow\Software\Vuze_Remote
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5911488E-9D1E-40EC-8CBB-06B231CC153F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6E13D095-45C3-4271-9475-F3B48227DD9F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BA14329E-9550-4989-B3F2-9732E92D17CC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA14329E-9550-4989-B3F2-9732E92D17CC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\Zugo
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{7E8A36EA-2501-4ED3-A3C8-CFA9143FB169}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\Toolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\Conduit.Engine
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.BandObject
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.BandObject.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2504091
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.ToolbarHelperObject
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.ToolbarHelperObject.1
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6857AC4A-95B4-4E2C-B2D2-8A235FCCEF4A}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\conduitEngine
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{767240DA-13ED-44B2-8A32-F5A74A75E6C8}
Key Deleted : HKLM\Software\StartNow Toolbar
Key Deleted : HKLM\Software\Vuze_Remote
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{767240DA-13ED-44B2-8A32-F5A74A75E6C8}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{BA14329E-9550-4989-B3F2-9732E92D17CC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1C888195-0160-4883-91B7-294C0CE2F277}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{99ACA0F7-D864-45CB-8C40-FD42A077E7CA}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{04459125-DA10-4E4C-AF6D-6E2383E3AFDE}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AC02E61B-268E-490A-A039-602C86A52C30}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA14329E-9550-4989-B3F2-9732E92D17CC}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\StartNow Toolbar
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Vuze_Remote Toolbar
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1C888195-0160-4883-91B7-294C0CE2F277}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{99ACA0F7-D864-45CB-8C40-FD42A077E7CA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{BA14329E-9550-4989-B3F2-9732E92D17CC}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{BA14329E-9550-4989-B3F2-9732E92D17CC}]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{30F9B915-B755-4826-820B-08FBA6BD249D}]
Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{BA14329E-9550-4989-B3F2-9732E92D17CC}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

Restored : [HKCU\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKCU\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://isearch.babylon.com/?babsrc=HP_ss&mntrId=f841170e00000000000020cf30b5fb45 --> hxxp://www.google.com

-\\ Mozilla Firefox v15.0 (nb-NO)

Profile name : default
File : C:\Users\Håvard\AppData\Roaming\Mozilla\Firefox\Profiles\3b0j9oth.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v [Unable to get version]

File : C:\Users\Håvard\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S2].txt - [8868 octets] - [05/09/2012 15:44:10]

########## EOF - C:\AdwCleaner[S2].txt - [8928 octets] ##########

#12 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:52 AM

Posted 05 September 2012 - 09:03 AM

Malwarebytes log?


Run the services repair tool

http://kb.eset.com/library/ESET/KB%20Team%20Only/Malware/ServicesRepair.exe

Post the new FSS log

download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here

Edited by narenxp, 05 September 2012 - 12:50 PM.


#13 havardml

havardml
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:03:52 AM

Posted 05 September 2012 - 11:04 AM

New FSS log:

Farbar Service Scanner Version: 06-08-2012
Ran by Håvard (administrator) on 05-09-2012 at 18:02:39
Running from "C:\Users\Håvard\Downloads"
Microsoft Windows 7 Home Premium (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys
[2012-02-16 15:38] - [2011-12-28 05:59] - 0499200 ____A (Microsoft Corporation) DB9D6C6B2CD95A9CA414D045B627422E

C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys
[2012-05-09 21:08] - [2012-03-30 13:09] - 1895280 ____A (Microsoft Corporation) 624C5B3AA4C99B3184BB922D9ECE3FF0

C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll
[2009-07-14 02:09] - [2009-07-14 03:41] - 0824832 ____A (Microsoft Corporation) AECAB449567D1846DAD63ECE49E893E3

C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll
[2009-07-14 01:36] - [2009-07-14 03:41] - 0170496 ____A (Microsoft Corporation) 765A27C3279CE11D14CB9E4F5869FCA5

C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll
[2012-06-14 10:16] - [2012-04-24 07:59] - 0182272 ____A (Microsoft Corporation) F02786B66375292E58C8777082D4396D

C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

Rkill log:

Rkill 2.3.5 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 09/05/2012 06:00:47 PM in x64 mode.
Windows Version: Windows 7 Home Premium

Checking for Windows services to stop.

* No malware services found to stop.

Checking for processes to terminate.

* C:\Windows\SysWOW64\ANIWConnService.exe (PID: 1992) [WD-HEUR]

1 proccess terminated!

Checking Registry for malware related settings.

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks.

* Windows Defender Disabled

[HKLM\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware" = dword:00000001
* C:\Windows\assembly\GAC_32\Desktop.ini [ZA File]
* C:\Windows\assembly\GAC_64\Desktop.ini [ZA File]

Checking Windows Service Integrity:

* Windows Defender (WinDefend) is not Running.
Startup Type set to: Manual

* AppMgmt [Missing Service]
* CscService [Missing Service]
* PeerDistSvc [Missing Service]
* UmRdpService [Missing Service]

Searching for Missing Digital Signatures:

* No issues found.

Program finished at: 09/05/2012 06:00:55 PM
Execution time: 0 hours(s), 0 minute(s), and 8 seconds(s)

#14 havardml

havardml
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:03:52 AM

Posted 05 September 2012 - 11:29 AM

Here's a log of a Malwarebytes scan I did right now. (Everything's in Norwegian though, so I doubt you'll understand, unless you use google translate or something lol).

Spoiler


Looks like the virus is gone/blocked. The computer have been on for half an hour or so, without any Adobe Flash Installer pop-ups, nor have my anti-virus programs notified me about anything wrong.

Unreal service on this forum. Absolutely amazing. Can't even begin to tell you how much I appreciate your help.

#15 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:52 AM

Posted 05 September 2012 - 12:50 PM

Restart the PC and run RKILL again and post the new log




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users