Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Fake Adobe Flash update -> MSE deactivated


  • Please log in to reply
16 replies to this topic

#1 emas

emas

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:10:57 AM

Posted 23 September 2012 - 03:18 AM

Hello BC's.

So the situation is that my dad was sitting on his PC (Windows 7, 64-bit). Suddenly the "Microsoft Update Shield" pops up from the processline (the one down the bottom with all the icons - bare with me, I am an Apple dude :-)) saying that a new update is available for Adobe Flash Player. He clicks ignore 3-4 times but it is persistent and keeps popping up until he clicks okay. The update looks legit while updating. After installing it says that the update is not the newest and it supplies a link for something called Adobe Update Center to download the latest update. He does not click the link. He then notices that Microsoft Security Essentials has been deactivated and it is not possible to turn it back on ("The service is not available").

I have found similar topics for this problem;
http://www.bleepingcomputer.com/forums/topic461572.html
http://www.bleepingcomputer.com/forums/topic462201.html

But I am in doubt if I should just go ahead with the steps specified in those topics.

Best regards
Emas/Esben

BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:57 AM

Posted 23 September 2012 - 06:24 AM

Download

TDSSkiller

Launch it.Click on change parameters-Select TDLFS file system

Click on "Scan".Please post the LOG report(log file should be in your C drive)

Do not change the default options on scan results

Download

aswMBR

Launch it, allow it to download latest Avast! virus definitions
Click the "Scan" button to start scan.After scan finishes,click on Save log

Post the log results here

Download

ESET online scanner

Install it

Click on START,it should download the virus definitions
When scan gets completed,click on LIST of found threats

Export the list to desktop,copy the contents of the text file in your reply

#3 emas

emas
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:10:57 AM

Posted 23 September 2012 - 10:00 AM

Alright, here's the logfiles;

TDSS
15:01:57.0934 3540  TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
15:01:58.0012 3540  ============================================================
15:01:58.0012 3540  Current date / time: 2012/09/23 15:01:58.0012
15:01:58.0012 3540  SystemInfo:
15:01:58.0012 3540  
15:01:58.0012 3540  OS Version: 6.1.7601 ServicePack: 1.0
15:01:58.0012 3540  Product type: Workstation
15:01:58.0012 3540  ComputerName: STEFFEN-PC
15:01:58.0012 3540  UserName: Steffen
15:01:58.0012 3540  Windows directory: C:\Windows
15:01:58.0012 3540  System windows directory: C:\Windows
15:01:58.0012 3540  Running under WOW64
15:01:58.0012 3540  Processor architecture: Intel x64
15:01:58.0012 3540  Number of processors: 8
15:01:58.0012 3540  Page size: 0x1000
15:01:58.0012 3540  Boot type: Normal boot
15:01:58.0012 3540  ============================================================
15:01:59.0401 3540  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:01:59.0416 3540  ============================================================
15:01:59.0416 3540  \Device\Harddisk0\DR0:
15:01:59.0416 3540  MBR partitions:
15:01:59.0416 3540  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1A00800, BlocksNum 0x32000
15:01:59.0416 3540  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1A32800, BlocksNum 0x395E7000
15:01:59.0416 3540  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x3B019800, BlocksNum 0x396EC800
15:01:59.0416 3540  ============================================================
15:01:59.0447 3540  C: <-> \Device\Harddisk0\DR0\Partition2
15:01:59.0479 3540  D: <-> \Device\Harddisk0\DR0\Partition3
15:01:59.0479 3540  ============================================================
15:01:59.0479 3540  Initialize success
15:01:59.0479 3540  ============================================================
15:02:37.0043 4276  ============================================================
15:02:37.0043 4276  Scan started
15:02:37.0043 4276  Mode: Manual; TDLFS; 
15:02:37.0043 4276  ============================================================
15:02:37.0621 4276  ================ Scan system memory ========================
15:02:37.0621 4276  System memory - ok
15:02:37.0621 4276  ================ Scan services =============================
15:02:37.0714 4276  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
15:02:37.0730 4276  1394ohci - ok
15:02:37.0761 4276  [ E0A8525A951ADDB4655BC2068566407D ] 61883           C:\Windows\system32\DRIVERS\61883.sys
15:02:37.0761 4276  61883 - ok
15:02:37.0777 4276  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
15:02:37.0792 4276  ACPI - ok
15:02:37.0792 4276  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
15:02:37.0792 4276  AcpiPmi - ok
15:02:37.0995 4276  [ C245E08EC469A52A622EFDC9787A0DCC ] AdobeActiveFileMonitor10.0 C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe
15:02:37.0995 4276  AdobeActiveFileMonitor10.0 - ok
15:02:38.0120 4276  [ B2B64AF436FACCFA854DD397027C5360 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
15:02:38.0120 4276  AdobeFlashPlayerUpdateSvc - ok
15:02:38.0151 4276  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
15:02:38.0151 4276  adp94xx - ok
15:02:38.0182 4276  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
15:02:38.0182 4276  adpahci - ok
15:02:38.0198 4276  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
15:02:38.0198 4276  adpu320 - ok
15:02:38.0229 4276  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
15:02:38.0229 4276  AeLookupSvc - ok
15:02:38.0307 4276  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
15:02:38.0323 4276  AFD - ok
15:02:38.0338 4276  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
15:02:38.0338 4276  agp440 - ok
15:02:38.0354 4276  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
15:02:38.0354 4276  ALG - ok
15:02:38.0369 4276  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
15:02:38.0369 4276  aliide - ok
15:02:38.0385 4276  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
15:02:38.0385 4276  amdide - ok
15:02:38.0401 4276  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
15:02:38.0401 4276  AmdK8 - ok
15:02:38.0416 4276  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
15:02:38.0416 4276  AmdPPM - ok
15:02:38.0447 4276  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
15:02:38.0447 4276  amdsata - ok
15:02:38.0463 4276  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
15:02:38.0463 4276  amdsbs - ok
15:02:38.0479 4276  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
15:02:38.0479 4276  amdxata - ok
15:02:38.0525 4276  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
15:02:38.0525 4276  AppID - ok
15:02:38.0525 4276  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
15:02:38.0525 4276  AppIDSvc - ok
15:02:38.0572 4276  [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo         C:\Windows\System32\appinfo.dll
15:02:38.0572 4276  Appinfo - ok
15:02:38.0572 4276  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\DRIVERS\arc.sys
15:02:38.0572 4276  arc - ok
15:02:38.0588 4276  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
15:02:38.0588 4276  arcsas - ok
15:02:38.0697 4276  [ 9149EC69ACD3EFC97B01D5A1BAEB3B57 ] arXfrSvc        C:\Program Files\Windows Home Server\Microsoft.HomeServer.Archive.TransferService.exe
15:02:38.0713 4276  arXfrSvc - ok
15:02:38.0728 4276  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
15:02:38.0728 4276  AsyncMac - ok
15:02:38.0759 4276  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
15:02:38.0759 4276  atapi - ok
15:02:38.0822 4276  [ 36322190763845975E0D001E90687BF2 ] athur           C:\Windows\system32\DRIVERS\athurx.sys
15:02:38.0853 4276  athur - ok
15:02:38.0962 4276  [ 3EFD964D52221360AF0673CD61C2F4F5 ] atikmdag        C:\Windows\system32\drivers\atikmdag.sys
15:02:39.0087 4276  atikmdag - ok
15:02:39.0149 4276  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:02:39.0165 4276  AudioEndpointBuilder - ok
15:02:39.0165 4276  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
15:02:39.0181 4276  AudioSrv - ok
15:02:39.0227 4276  [ 16FABE84916623D0607E4A975544032C ] Avc             C:\Windows\system32\DRIVERS\avc.sys
15:02:39.0227 4276  Avc - ok
15:02:39.0227 4276  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
15:02:39.0243 4276  AxInstSV - ok
15:02:39.0259 4276  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
15:02:39.0259 4276  b06bdrv - ok
15:02:39.0290 4276  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
15:02:39.0290 4276  b57nd60a - ok
15:02:39.0337 4276  [ 825F81A6F7DD073509DB101F0BA6DC59 ] BBSvc           C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
15:02:39.0337 4276  BBSvc - ok
15:02:39.0368 4276  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
15:02:39.0368 4276  BDESVC - ok
15:02:39.0383 4276  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
15:02:39.0383 4276  Beep - ok
15:02:39.0399 4276  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
15:02:39.0399 4276  blbdrive - ok
15:02:39.0446 4276  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
15:02:39.0446 4276  bowser - ok
15:02:39.0461 4276  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
15:02:39.0461 4276  BrFiltLo - ok
15:02:39.0477 4276  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
15:02:39.0477 4276  BrFiltUp - ok
15:02:39.0508 4276  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
15:02:39.0524 4276  Browser - ok
15:02:39.0539 4276  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
15:02:39.0539 4276  Brserid - ok
15:02:39.0555 4276  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
15:02:39.0571 4276  BrSerWdm - ok
15:02:39.0586 4276  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
15:02:39.0586 4276  BrUsbMdm - ok
15:02:39.0586 4276  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
15:02:39.0586 4276  BrUsbSer - ok
15:02:39.0602 4276  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
15:02:39.0617 4276  BTHMODEM - ok
15:02:39.0617 4276  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
15:02:39.0617 4276  bthserv - ok
15:02:39.0633 4276  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
15:02:39.0633 4276  cdfs - ok
15:02:39.0680 4276  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
15:02:39.0680 4276  cdrom - ok
15:02:39.0695 4276  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
15:02:39.0695 4276  CertPropSvc - ok
15:02:39.0711 4276  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
15:02:39.0711 4276  circlass - ok
15:02:39.0742 4276  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
15:02:39.0742 4276  CLFS - ok
15:02:39.0805 4276  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:02:39.0805 4276  clr_optimization_v2.0.50727_32 - ok
15:02:39.0820 4276  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:02:39.0836 4276  clr_optimization_v2.0.50727_64 - ok
15:02:39.0883 4276  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:02:39.0914 4276  clr_optimization_v4.0.30319_32 - ok
15:02:39.0945 4276  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:02:39.0945 4276  clr_optimization_v4.0.30319_64 - ok
15:02:39.0961 4276  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
15:02:39.0961 4276  CmBatt - ok
15:02:39.0976 4276  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
15:02:39.0976 4276  cmdide - ok
15:02:40.0023 4276  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG             C:\Windows\system32\Drivers\cng.sys
15:02:40.0023 4276  CNG - ok
15:02:40.0039 4276  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
15:02:40.0039 4276  Compbatt - ok
15:02:40.0070 4276  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
15:02:40.0070 4276  CompositeBus - ok
15:02:40.0070 4276  COMSysApp - ok
15:02:40.0085 4276  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
15:02:40.0085 4276  crcdisk - ok
15:02:40.0117 4276  [ 4F5414602E2544A4554D95517948B705 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
15:02:40.0132 4276  CryptSvc - ok
15:02:40.0163 4276  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
15:02:40.0179 4276  DcomLaunch - ok
15:02:40.0179 4276  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
15:02:40.0195 4276  defragsvc - ok
15:02:40.0226 4276  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
15:02:40.0226 4276  DfsC - ok
15:02:40.0288 4276  [ 105373D52E71D2D1355AD3ACD18259C3 ] dg_ssudbus      C:\Windows\system32\DRIVERS\ssudbus.sys
15:02:40.0288 4276  dg_ssudbus - ok
15:02:40.0304 4276  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
15:02:40.0304 4276  Dhcp - ok
15:02:40.0319 4276  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
15:02:40.0319 4276  discache - ok
15:02:40.0351 4276  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\DRIVERS\disk.sys
15:02:40.0351 4276  Disk - ok
15:02:40.0397 4276  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
15:02:40.0397 4276  Dnscache - ok
15:02:40.0429 4276  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
15:02:40.0429 4276  dot3svc - ok
15:02:40.0475 4276  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
15:02:40.0475 4276  DPS - ok
15:02:40.0507 4276  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
15:02:40.0507 4276  drmkaud - ok
15:02:40.0522 4276  [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
15:02:40.0538 4276  DXGKrnl - ok
15:02:40.0569 4276  [ 761B9EDD97A021AA1922501B7A056635 ] e1yexpress      C:\Windows\system32\DRIVERS\e1y62x64.sys
15:02:40.0569 4276  e1yexpress - ok
15:02:40.0585 4276  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
15:02:40.0585 4276  EapHost - ok
15:02:40.0663 4276  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
15:02:40.0741 4276  ebdrv - ok
15:02:40.0787 4276  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
15:02:40.0787 4276  EFS - ok
15:02:40.0850 4276  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
15:02:40.0850 4276  ehRecvr - ok
15:02:40.0881 4276  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
15:02:40.0881 4276  ehSched - ok
15:02:40.0912 4276  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
15:02:40.0928 4276  elxstor - ok
15:02:40.0943 4276  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
15:02:40.0943 4276  ErrDev - ok
15:02:41.0006 4276  [ 94B3C06DCF580695EBA5304F3C750256 ] esClient        C:\Program Files\Windows Home Server\esClient.exe
15:02:41.0006 4276  esClient - ok
15:02:41.0037 4276  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
15:02:41.0037 4276  EventSystem - ok
15:02:41.0084 4276  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
15:02:41.0084 4276  exfat - ok
15:02:41.0099 4276  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
15:02:41.0099 4276  fastfat - ok
15:02:41.0131 4276  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
15:02:41.0131 4276  Fax - ok
15:02:41.0146 4276  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
15:02:41.0146 4276  fdc - ok
15:02:41.0146 4276  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
15:02:41.0162 4276  fdPHost - ok
15:02:41.0162 4276  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
15:02:41.0162 4276  FDResPub - ok
15:02:41.0177 4276  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
15:02:41.0177 4276  FileInfo - ok
15:02:41.0193 4276  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
15:02:41.0193 4276  Filetrace - ok
15:02:41.0271 4276  [ ABEDFD48AC042C6AAAD32452E77217A1 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
15:02:41.0271 4276  FLEXnet Licensing Service - ok
15:02:41.0287 4276  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
15:02:41.0287 4276  flpydisk - ok
15:02:41.0302 4276  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
15:02:41.0302 4276  FltMgr - ok
15:02:41.0349 4276  [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache       C:\Windows\system32\FntCache.dll
15:02:41.0380 4276  FontCache - ok
15:02:41.0427 4276  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:02:41.0427 4276  FontCache3.0.0.0 - ok
15:02:41.0443 4276  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
15:02:41.0443 4276  FsDepends - ok
15:02:41.0521 4276  [ 07DA62C960DDCCC2D35836AEAB4FC578 ] fssfltr         C:\Windows\system32\DRIVERS\fssfltr.sys
15:02:41.0521 4276  fssfltr - ok
15:02:41.0630 4276  [ 28DDEEEC44E988657B732CF404D504CB ] fsssvc          C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
15:02:41.0661 4276  fsssvc - ok
15:02:41.0692 4276  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
15:02:41.0692 4276  Fs_Rec - ok
15:02:41.0708 4276  [ 7442BCA60ED46CC31C2F39728BBDD9AD ] FTDIBUS         C:\Windows\system32\drivers\ftdibus.sys
15:02:41.0708 4276  FTDIBUS - ok
15:02:41.0755 4276  [ 121AF3148CDDA212CFFBC4F6240699C2 ] FTSER2K         C:\Windows\system32\drivers\ftser2k.sys
15:02:41.0755 4276  FTSER2K - ok
15:02:41.0801 4276  [ 1F7B25B858FA27015169FE95E54108ED ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
15:02:41.0801 4276  fvevol - ok
15:02:41.0817 4276  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
15:02:41.0817 4276  gagp30kx - ok
15:02:41.0848 4276  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
15:02:41.0848 4276  gpsvc - ok
15:02:41.0957 4276  [ 816FD5A6F3C2F3D600900096632FC60E ] Greg_Service    C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
15:02:41.0973 4276  Greg_Service - ok
15:02:42.0020 4276  [ 215DCB833B0747FBAD8AE28C85B5381C ] gwfilt64        C:\Windows\system32\drivers\gwfilt64.sys
15:02:42.0020 4276  gwfilt64 - ok
15:02:42.0020 4276  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
15:02:42.0020 4276  hcw85cir - ok
15:02:42.0067 4276  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
15:02:42.0082 4276  HdAudAddService - ok
15:02:42.0113 4276  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
15:02:42.0113 4276  HDAudBus - ok
15:02:42.0129 4276  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
15:02:42.0129 4276  HidBatt - ok
15:02:42.0129 4276  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
15:02:42.0129 4276  HidBth - ok
15:02:42.0145 4276  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
15:02:42.0160 4276  HidIr - ok
15:02:42.0176 4276  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
15:02:42.0176 4276  hidserv - ok
15:02:42.0207 4276  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
15:02:42.0223 4276  HidUsb - ok
15:02:42.0269 4276  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
15:02:42.0285 4276  hkmsvc - ok
15:02:42.0472 4276  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:02:42.0472 4276  HomeGroupListener - ok
15:02:42.0519 4276  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:02:42.0535 4276  HomeGroupProvider - ok
15:02:42.0691 4276  [ 0A3C6AA4A9FC38C20BA4EAC2C3351C05 ] hpqcxs08        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
15:02:42.0706 4276  hpqcxs08 - ok
15:02:42.0722 4276  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
15:02:42.0722 4276  HpSAMD - ok
15:02:42.0784 4276  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
15:02:42.0800 4276  HTTP - ok
15:02:42.0831 4276  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
15:02:42.0831 4276  hwpolicy - ok
15:02:42.0862 4276  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
15:02:42.0862 4276  i8042prt - ok
15:02:42.0925 4276  [ 0E899D0DB39617AA0B2F992E7E95B5EB ] IAANTMON        C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
15:02:42.0925 4276  IAANTMON - ok
15:02:42.0956 4276  [ 87A72502C8AC5E89B5A46FF6E874F5C5 ] IAMTVE          C:\Windows\system32\DRIVERS\IAMTVE.sys
15:02:42.0956 4276  IAMTVE - ok
15:02:42.0971 4276  [ 5516F8E518A2F6A8755498F3E73957CF ] IAMTXPE         C:\Windows\system32\DRIVERS\IAMTXPE.sys
15:02:42.0971 4276  IAMTXPE - ok
15:02:43.0003 4276  [ BBB3B6DF1ABB0FE35802EDE85CC1C011 ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
15:02:43.0018 4276  iaStor - ok
15:02:43.0034 4276  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
15:02:43.0049 4276  iaStorV - ok
15:02:43.0081 4276  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:02:43.0096 4276  idsvc - ok
15:02:43.0127 4276  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
15:02:43.0127 4276  iirsp - ok
15:02:43.0174 4276  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
15:02:43.0174 4276  IKEEXT - ok
15:02:43.0237 4276  [ BC64B75E8E0A0B8982AB773483164E72 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
15:02:43.0237 4276  IntcAzAudAddService - ok
15:02:43.0268 4276  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
15:02:43.0268 4276  intelide - ok
15:02:43.0283 4276  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
15:02:43.0299 4276  intelppm - ok
15:02:43.0330 4276  [ 127F0A7586ACEC7B83131BFF2B4394C1 ] ioatdma1        C:\Windows\System32\Drivers\qd162x64.sys
15:02:43.0330 4276  ioatdma1 - ok
15:02:43.0346 4276  [ 70CC19B5C076F8497CAB4A77D6500E8A ] ioatdma2        C:\Windows\System32\Drivers\qd262x64.sys
15:02:43.0346 4276  ioatdma2 - ok
15:02:43.0377 4276  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
15:02:43.0377 4276  IPBusEnum - ok
15:02:43.0408 4276  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:02:43.0408 4276  IpFilterDriver - ok
15:02:43.0424 4276  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
15:02:43.0424 4276  IPMIDRV - ok
15:02:43.0439 4276  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
15:02:43.0439 4276  IPNAT - ok
15:02:43.0455 4276  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
15:02:43.0455 4276  IRENUM - ok
15:02:43.0471 4276  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
15:02:43.0471 4276  isapnp - ok
15:02:43.0486 4276  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
15:02:43.0486 4276  iScsiPrt - ok
15:02:43.0517 4276  [ 2224ABC439D115A44EDB5630A92C1D7E ] JRAID           C:\Windows\system32\DRIVERS\jraid.sys
15:02:43.0533 4276  JRAID - ok
15:02:43.0533 4276  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
15:02:43.0533 4276  kbdclass - ok
15:02:43.0549 4276  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
15:02:43.0549 4276  kbdhid - ok
15:02:43.0564 4276  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
15:02:43.0564 4276  KeyIso - ok
15:02:43.0595 4276  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
15:02:43.0611 4276  KSecDD - ok
15:02:43.0642 4276  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
15:02:43.0642 4276  KSecPkg - ok
15:02:43.0642 4276  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
15:02:43.0642 4276  ksthunk - ok
15:02:43.0705 4276  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
15:02:43.0720 4276  KtmRm - ok
15:02:43.0751 4276  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
15:02:43.0751 4276  LanmanServer - ok
15:02:43.0767 4276  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:02:43.0767 4276  LanmanWorkstation - ok
15:02:43.0798 4276  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
15:02:43.0798 4276  lltdio - ok
15:02:43.0829 4276  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
15:02:43.0829 4276  lltdsvc - ok
15:02:43.0845 4276  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
15:02:43.0845 4276  lmhosts - ok
15:02:43.0861 4276  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
15:02:43.0861 4276  LSI_FC - ok
15:02:43.0876 4276  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
15:02:43.0892 4276  LSI_SAS - ok
15:02:43.0892 4276  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
15:02:43.0907 4276  LSI_SAS2 - ok
15:02:43.0923 4276  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
15:02:43.0923 4276  LSI_SCSI - ok
15:02:43.0939 4276  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
15:02:43.0939 4276  luafv - ok
15:02:44.0001 4276  [ 024DA28053D57E9E32BEE52600576BBB ] MarvinBus       C:\Windows\system32\DRIVERS\MarvinBus64.sys
15:02:44.0001 4276  MarvinBus - ok
15:02:44.0048 4276  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
15:02:44.0048 4276  Mcx2Svc - ok
15:02:44.0048 4276  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
15:02:44.0048 4276  megasas - ok
15:02:44.0079 4276  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
15:02:44.0079 4276  MegaSR - ok
15:02:44.0095 4276  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
15:02:44.0095 4276  MMCSS - ok
15:02:44.0110 4276  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
15:02:44.0110 4276  Modem - ok
15:02:44.0126 4276  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
15:02:44.0126 4276  monitor - ok
15:02:44.0157 4276  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
15:02:44.0157 4276  mouclass - ok
15:02:44.0188 4276  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
15:02:44.0188 4276  mouhid - ok
15:02:44.0204 4276  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
15:02:44.0204 4276  mountmgr - ok
15:02:44.0251 4276  [ 94C66EDEDCDB6A126880472F9A704D8E ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
15:02:44.0251 4276  MpFilter - ok
15:02:44.0266 4276  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
15:02:44.0266 4276  mpio - ok
15:02:44.0282 4276  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
15:02:44.0297 4276  mpsdrv - ok
15:02:44.0329 4276  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
15:02:44.0329 4276  MRxDAV - ok
15:02:44.0375 4276  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
15:02:44.0375 4276  mrxsmb - ok
15:02:44.0422 4276  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:02:44.0422 4276  mrxsmb10 - ok
15:02:44.0438 4276  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:02:44.0438 4276  mrxsmb20 - ok
15:02:44.0469 4276  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
15:02:44.0469 4276  msahci - ok
15:02:44.0485 4276  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
15:02:44.0485 4276  msdsm - ok
15:02:44.0500 4276  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
15:02:44.0500 4276  MSDTC - ok
15:02:44.0531 4276  [ 72949A24D37A20A54B3D4D3DADBB55E9 ] MSDV            C:\Windows\system32\DRIVERS\msdv.sys
15:02:44.0547 4276  MSDV - ok
15:02:44.0547 4276  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
15:02:44.0547 4276  Msfs - ok
15:02:44.0563 4276  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
15:02:44.0563 4276  mshidkmdf - ok
15:02:44.0578 4276  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
15:02:44.0578 4276  msisadrv - ok
15:02:44.0594 4276  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
15:02:44.0609 4276  MSiSCSI - ok
15:02:44.0609 4276  msiserver - ok
15:02:44.0625 4276  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
15:02:44.0625 4276  MSKSSRV - ok
15:02:44.0656 4276  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
15:02:44.0656 4276  MSPCLOCK - ok
15:02:44.0656 4276  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
15:02:44.0656 4276  MSPQM - ok
15:02:44.0672 4276  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
15:02:44.0687 4276  MsRPC - ok
15:02:44.0687 4276  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
15:02:44.0687 4276  mssmbios - ok
15:02:44.0703 4276  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
15:02:44.0703 4276  MSTEE - ok
15:02:44.0719 4276  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
15:02:44.0719 4276  MTConfig - ok
15:02:44.0734 4276  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
15:02:44.0734 4276  Mup - ok
15:02:44.0765 4276  [ 6FFECC25B39DC7652A0CEC0ADA9DB589 ] mwlPSDFilter    C:\Windows\system32\DRIVERS\mwlPSDFilter.sys
15:02:44.0765 4276  mwlPSDFilter - ok
15:02:44.0781 4276  [ 0BEFE32CA56D6EE89D58175725596A85 ] mwlPSDNServ     C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
15:02:44.0781 4276  mwlPSDNServ - ok
15:02:44.0812 4276  [ D43BC633B8660463E446E28E14A51262 ] mwlPSDVDisk     C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
15:02:44.0812 4276  mwlPSDVDisk - ok
15:02:44.0843 4276  [ 0F5FAAC852DB4C340B7A2F187E3358B8 ] MWLService      C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe
15:02:44.0843 4276  MWLService - ok
15:02:44.0890 4276  [ DFD81776F4CBDBDAEC684E6D8E8F5CF5 ] NAL             C:\Windows\system32\Drivers\iqvw64e.sys
15:02:44.0890 4276  NAL - ok
15:02:44.0906 4276  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
15:02:44.0921 4276  napagent - ok
15:02:44.0937 4276  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
15:02:44.0937 4276  NativeWifiP - ok
15:02:44.0999 4276  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
15:02:44.0999 4276  NDIS - ok
15:02:45.0015 4276  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
15:02:45.0015 4276  NdisCap - ok
15:02:45.0046 4276  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
15:02:45.0046 4276  NdisTapi - ok
15:02:45.0093 4276  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
15:02:45.0093 4276  Ndisuio - ok
15:02:45.0155 4276  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
15:02:45.0155 4276  NdisWan - ok
15:02:45.0202 4276  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
15:02:45.0202 4276  NDProxy - ok
15:02:45.0265 4276  [ B90E093E7A7250906F1054418B5339C0 ] Nero BackItUp Scheduler 4.0 C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
15:02:45.0280 4276  Nero BackItUp Scheduler 4.0 - ok
15:02:45.0296 4276  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
15:02:45.0296 4276  NetBIOS - ok
15:02:45.0311 4276  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
15:02:45.0311 4276  NetBT - ok
15:02:45.0327 4276  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
15:02:45.0327 4276  Netlogon - ok
15:02:45.0374 4276  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
15:02:45.0374 4276  Netman - ok
15:02:45.0405 4276  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
15:02:45.0405 4276  netprofm - ok
15:02:45.0452 4276  [ B72BB9496A126FCFC7FC5945DED9B411 ] netr28x         C:\Windows\system32\DRIVERS\netr28x.sys
15:02:45.0467 4276  netr28x - ok
15:02:45.0483 4276  [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:02:45.0483 4276  NetTcpPortSharing - ok
15:02:45.0514 4276  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
15:02:45.0514 4276  nfrd960 - ok
15:02:45.0530 4276  [ 91B4E0273D2F6C24EF845F2B41311289 ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
15:02:45.0545 4276  NisDrv - ok
15:02:45.0592 4276  [ 10A43829A9E606AF3EEF25A1C1665923 ] NisSrv          C:\Program Files\Microsoft Security Client\NisSrv.exe
15:02:45.0592 4276  NisSrv - ok
15:02:45.0623 4276  [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc          C:\Windows\System32\nlasvc.dll
15:02:45.0623 4276  NlaSvc - ok
15:02:45.0639 4276  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
15:02:45.0639 4276  Npfs - ok
15:02:45.0655 4276  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
15:02:45.0655 4276  nsi - ok
15:02:45.0655 4276  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
15:02:45.0655 4276  nsiproxy - ok
15:02:45.0733 4276  [ A2F74975097F52A00745F9637451FDD8 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
15:02:45.0748 4276  Ntfs - ok
15:02:45.0795 4276  [ BD691091AC7D9713D8F0B07C6B099E6C ] NTI IScheduleSvc C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
15:02:45.0795 4276  NTI IScheduleSvc - ok
15:02:45.0811 4276  [ 64DDD0DEE976302F4BD93E5EFCC2F013 ] NTIDrvr         C:\Windows\system32\drivers\NTIDrvr.sys
15:02:45.0811 4276  NTIDrvr - ok
15:02:45.0811 4276  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
15:02:45.0811 4276  Null - ok
15:02:46.0013 4276  [ 9C1996DD3C0469BC8933321F15709F5A ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
15:02:46.0076 4276  nvlddmkm - ok
15:02:46.0123 4276  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
15:02:46.0138 4276  nvraid - ok
15:02:46.0154 4276  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
15:02:46.0154 4276  nvstor - ok
15:02:46.0201 4276  [ DFDA089BB2CD0FF7E789E2EF6BA1E4BA ] nvsvc           C:\Windows\system32\nvvsvc.exe
15:02:46.0216 4276  nvsvc - ok
15:02:46.0310 4276  [ E7818CD4FB51284C948D68A7A85A69B8 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
15:02:46.0341 4276  nvUpdatusService - ok
15:02:46.0357 4276  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
15:02:46.0372 4276  nv_agp - ok
15:02:46.0450 4276  [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
15:02:46.0450 4276  odserv - ok
15:02:46.0497 4276  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
15:02:46.0497 4276  ohci1394 - ok
15:02:46.0513 4276  [ 5A432A042DAE460ABE7199B758E8606C ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:02:46.0528 4276  ose - ok
15:02:46.0559 4276  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
15:02:46.0559 4276  p2pimsvc - ok
15:02:46.0591 4276  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
15:02:46.0606 4276  p2psvc - ok
15:02:46.0622 4276  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
15:02:46.0622 4276  Parport - ok
15:02:46.0669 4276  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
15:02:46.0684 4276  partmgr - ok
15:02:46.0700 4276  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
15:02:46.0700 4276  PcaSvc - ok
15:02:46.0715 4276  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
15:02:46.0715 4276  pci - ok
15:02:46.0731 4276  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
15:02:46.0731 4276  pciide - ok
15:02:46.0747 4276  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
15:02:46.0762 4276  pcmcia - ok
15:02:46.0778 4276  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
15:02:46.0778 4276  pcw - ok
15:02:46.0793 4276  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
15:02:46.0793 4276  PEAUTH - ok
15:02:46.0871 4276  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
15:02:46.0871 4276  PerfHost - ok
15:02:46.0934 4276  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
15:02:46.0965 4276  pla - ok
15:02:46.0996 4276  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
15:02:47.0012 4276  PlugPlay - ok
15:02:47.0074 4276  [ 627FA58ADC043704F9D14CA44340956F ] PMBDeviceInfoProvider C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
15:02:47.0105 4276  PMBDeviceInfoProvider - ok
15:02:47.0105 4276  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
15:02:47.0121 4276  PNRPAutoReg - ok
15:02:47.0121 4276  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
15:02:47.0137 4276  PNRPsvc - ok
15:02:47.0152 4276  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
15:02:47.0152 4276  PolicyAgent - ok
15:02:47.0183 4276  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
15:02:47.0183 4276  Power - ok
15:02:47.0230 4276  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
15:02:47.0230 4276  PptpMiniport - ok
15:02:47.0261 4276  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\DRIVERS\processr.sys
15:02:47.0261 4276  Processor - ok
15:02:47.0308 4276  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
15:02:47.0324 4276  ProfSvc - ok
15:02:47.0339 4276  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
15:02:47.0339 4276  ProtectedStorage - ok
15:02:47.0386 4276  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
15:02:47.0386 4276  Psched - ok
15:02:47.0433 4276  [ 87B04878A6D59D6C79251DC960C674C1 ] PxHlpa64        C:\Windows\system32\Drivers\PxHlpa64.sys
15:02:47.0433 4276  PxHlpa64 - ok
15:02:47.0495 4276  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
15:02:47.0511 4276  ql2300 - ok
15:02:47.0527 4276  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
15:02:47.0527 4276  ql40xx - ok
15:02:47.0558 4276  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
15:02:47.0558 4276  QWAVE - ok
15:02:47.0558 4276  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
15:02:47.0558 4276  QWAVEdrv - ok
15:02:47.0589 4276  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
15:02:47.0589 4276  RasAcd - ok
15:02:47.0620 4276  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
15:02:47.0620 4276  RasAgileVpn - ok
15:02:47.0636 4276  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
15:02:47.0651 4276  RasAuto - ok
15:02:47.0698 4276  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
15:02:47.0698 4276  Rasl2tp - ok
15:02:47.0792 4276  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
15:02:47.0792 4276  RasMan - ok
15:02:47.0807 4276  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
15:02:47.0807 4276  RasPppoe - ok
15:02:47.0823 4276  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
15:02:47.0823 4276  RasSstp - ok
15:02:47.0839 4276  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
15:02:47.0839 4276  rdbss - ok
15:02:47.0854 4276  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
15:02:47.0854 4276  rdpbus - ok
15:02:47.0870 4276  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
15:02:47.0870 4276  RDPCDD - ok
15:02:47.0885 4276  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
15:02:47.0885 4276  RDPENCDD - ok
15:02:47.0901 4276  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
15:02:47.0901 4276  RDPREFMP - ok
15:02:47.0917 4276  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
15:02:47.0917 4276  RDPWD - ok
15:02:47.0948 4276  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
15:02:47.0948 4276  rdyboost - ok
15:02:47.0963 4276  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
15:02:47.0963 4276  RemoteAccess - ok
15:02:47.0979 4276  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
15:02:47.0979 4276  RemoteRegistry - ok
15:02:47.0995 4276  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
15:02:47.0995 4276  RpcEptMapper - ok
15:02:48.0010 4276  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
15:02:48.0010 4276  RpcLocator - ok
15:02:48.0026 4276  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
15:02:48.0026 4276  RpcSs - ok
15:02:48.0041 4276  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
15:02:48.0041 4276  rspndr - ok
15:02:48.0057 4276  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
15:02:48.0057 4276  SamSs - ok
15:02:48.0088 4276  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\DRIVERS\sbp2port.sys
15:02:48.0104 4276  sbp2port - ok
15:02:48.0104 4276  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
15:02:48.0104 4276  SCardSvr - ok
15:02:48.0151 4276  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
15:02:48.0166 4276  scfilter - ok
15:02:48.0229 4276  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
15:02:48.0260 4276  Schedule - ok
15:02:48.0291 4276  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
15:02:48.0291 4276  SCPolicySvc - ok
15:02:48.0338 4276  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
15:02:48.0338 4276  SDRSVC - ok
15:02:48.0400 4276  [ CC781378E7EDA615D2CDCA3B17829FA4 ] SeaPort         C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
15:02:48.0400 4276  SeaPort - ok
15:02:48.0416 4276  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
15:02:48.0416 4276  secdrv - ok
15:02:48.0447 4276  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
15:02:48.0447 4276  seclogon - ok
15:02:48.0463 4276  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
15:02:48.0463 4276  SENS - ok
15:02:48.0494 4276  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
15:02:48.0494 4276  SensrSvc - ok
15:02:48.0525 4276  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
15:02:48.0525 4276  Serenum - ok
15:02:48.0556 4276  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
15:02:48.0556 4276  Serial - ok
15:02:48.0587 4276  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
15:02:48.0587 4276  sermouse - ok
15:02:48.0603 4276  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
15:02:48.0603 4276  SessionEnv - ok
15:02:48.0619 4276  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
15:02:48.0619 4276  sffdisk - ok
15:02:48.0634 4276  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
15:02:48.0634 4276  sffp_mmc - ok
15:02:48.0634 4276  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
15:02:48.0634 4276  sffp_sd - ok
15:02:48.0650 4276  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
15:02:48.0650 4276  sfloppy - ok
15:02:48.0681 4276  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:02:48.0681 4276  ShellHWDetection - ok
15:02:48.0697 4276  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
15:02:48.0697 4276  SiSRaid2 - ok
15:02:48.0712 4276  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
15:02:48.0712 4276  SiSRaid4 - ok
15:02:48.0853 4276  [ 753D254205E0A62100A050BD8B458D06 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
15:02:48.0915 4276  Skype C2C Service - ok
15:02:48.0993 4276  [ E62ABB10E4E6C2563C8311B7B75E3431 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
15:02:48.0993 4276  SkypeUpdate - ok
15:02:49.0009 4276  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
15:02:49.0009 4276  Smb - ok
15:02:49.0024 4276  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
15:02:49.0040 4276  SNMPTRAP - ok
15:02:49.0040 4276  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
15:02:49.0040 4276  spldr - ok
15:02:49.0102 4276  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
15:02:49.0102 4276  Spooler - ok
15:02:49.0196 4276  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
15:02:49.0258 4276  sppsvc - ok
15:02:49.0289 4276  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
15:02:49.0289 4276  sppuinotify - ok
15:02:49.0321 4276  [ 1D437579B9E02829011BE00E482C63A0 ] Spyder4         C:\Windows\system32\DRIVERS\dccmtr.sys
15:02:49.0321 4276  Spyder4 - ok
15:02:49.0352 4276  [ FB4EB8932FA4AAB36219567732AB32EB ] SQLWriter       C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
15:02:49.0352 4276  SQLWriter - ok
15:02:49.0383 4276  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
15:02:49.0383 4276  srv - ok
15:02:49.0399 4276  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
15:02:49.0414 4276  srv2 - ok
15:02:49.0414 4276  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
15:02:49.0414 4276  srvnet - ok
15:02:49.0445 4276  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
15:02:49.0461 4276  SSDPSRV - ok
15:02:49.0461 4276  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
15:02:49.0461 4276  SstpSvc - ok
15:02:49.0508 4276  [ 74425FFA11C133D045E1C3BE2EAD481D ] ssudmdm         C:\Windows\system32\DRIVERS\ssudmdm.sys
15:02:49.0508 4276  ssudmdm - ok
15:02:49.0523 4276  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
15:02:49.0523 4276  stexstor - ok
15:02:49.0555 4276  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
15:02:49.0570 4276  stisvc - ok
15:02:49.0601 4276  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\drivers\swenum.sys
15:02:49.0601 4276  swenum - ok
15:02:49.0617 4276  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
15:02:49.0633 4276  swprv - ok
15:02:49.0679 4276  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
15:02:49.0726 4276  SysMain - ok
15:02:49.0726 4276  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:02:49.0742 4276  TabletInputService - ok
15:02:49.0773 4276  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
15:02:49.0773 4276  TapiSrv - ok
15:02:49.0789 4276  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
15:02:49.0789 4276  TBS - ok
15:02:49.0867 4276  [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
15:02:49.0898 4276  Tcpip - ok
15:02:49.0929 4276  [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
15:02:49.0945 4276  TCPIP6 - ok
15:02:49.0991 4276  [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
15:02:49.0991 4276  tcpipreg - ok
15:02:50.0007 4276  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
15:02:50.0023 4276  TDPIPE - ok
15:02:50.0054 4276  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
15:02:50.0054 4276  TDTCP - ok
15:02:50.0085 4276  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
15:02:50.0085 4276  tdx - ok
15:02:50.0101 4276  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\drivers\termdd.sys
15:02:50.0101 4276  TermDD - ok
15:02:50.0132 4276  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
15:02:50.0147 4276  TermService - ok
15:02:50.0147 4276  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
15:02:50.0147 4276  Themes - ok
15:02:50.0179 4276  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
15:02:50.0179 4276  THREADORDER - ok
15:02:50.0179 4276  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
15:02:50.0194 4276  TrkWks - ok
15:02:50.0210 4276  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:02:50.0225 4276  TrustedInstaller - ok
15:02:50.0225 4276  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
15:02:50.0225 4276  tssecsrv - ok
15:02:50.0241 4276  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
15:02:50.0257 4276  TsUsbFlt - ok
15:02:50.0288 4276  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
15:02:50.0303 4276  tunnel - ok
15:02:50.0319 4276  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
15:02:50.0319 4276  uagp35 - ok
15:02:50.0335 4276  [ 2E22C1FD397A5A9FFEF55E9D1FC96C00 ] UBHelper        C:\Windows\system32\drivers\UBHelper.sys
15:02:50.0335 4276  UBHelper - ok
15:02:50.0381 4276  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
15:02:50.0381 4276  udfs - ok
15:02:50.0413 4276  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
15:02:50.0413 4276  UI0Detect - ok
15:02:50.0428 4276  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
15:02:50.0428 4276  uliagpkx - ok
15:02:50.0444 4276  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\drivers\umbus.sys
15:02:50.0444 4276  umbus - ok
15:02:50.0459 4276  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
15:02:50.0459 4276  UmPass - ok
15:02:50.0522 4276  [ 70DDE3A86DBEB1D6C3C30AD687B1877A ] Updater Service C:\Program Files\Acer\Acer Updater\UpdaterService.exe
15:02:50.0522 4276  Updater Service - ok
15:02:50.0537 4276  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
15:02:50.0537 4276  upnphost - ok
15:02:50.0569 4276  [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
15:02:50.0569 4276  usbaudio - ok
15:02:50.0600 4276  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
15:02:50.0600 4276  usbccgp - ok
15:02:50.0615 4276  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
15:02:50.0615 4276  usbcir - ok
15:02:50.0647 4276  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
15:02:50.0647 4276  usbehci - ok
15:02:50.0662 4276  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
15:02:50.0662 4276  usbhub - ok
15:02:50.0678 4276  [ 58E546BBAF87664FC57E0F6081E4F609 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
15:02:50.0678 4276  usbohci - ok
15:02:50.0693 4276  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
15:02:50.0693 4276  usbprint - ok
15:02:50.0725 4276  [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
15:02:50.0725 4276  usbscan - ok
15:02:50.0756 4276  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:02:50.0756 4276  USBSTOR - ok
15:02:50.0756 4276  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
15:02:50.0756 4276  usbuhci - ok
15:02:50.0771 4276  [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
15:02:50.0771 4276  usbvideo - ok
15:02:50.0787 4276  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
15:02:50.0787 4276  UxSms - ok
15:02:50.0803 4276  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
15:02:50.0803 4276  VaultSvc - ok
15:02:50.0818 4276  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
15:02:50.0818 4276  vdrvroot - ok
15:02:50.0849 4276  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
15:02:50.0865 4276  vds - ok
15:02:50.0881 4276  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
15:02:50.0881 4276  vga - ok
15:02:50.0896 4276  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
15:02:50.0896 4276  VgaSave - ok
15:02:50.0912 4276  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
15:02:50.0912 4276  vhdmp - ok
15:02:50.0927 4276  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
15:02:50.0927 4276  viaide - ok
15:02:50.0943 4276  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
15:02:50.0943 4276  volmgr - ok
15:02:50.0990 4276  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
15:02:50.0990 4276  volmgrx - ok
15:02:51.0005 4276  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
15:02:51.0005 4276  volsnap - ok
15:02:51.0021 4276  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
15:02:51.0021 4276  vsmraid - ok
15:02:51.0099 4276  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
15:02:51.0115 4276  VSS - ok
15:02:51.0130 4276  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
15:02:51.0130 4276  vwifibus - ok
15:02:51.0161 4276  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
15:02:51.0161 4276  vwififlt - ok
15:02:51.0193 4276  [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
15:02:51.0193 4276  vwifimp - ok
15:02:51.0224 4276  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
15:02:51.0239 4276  W32Time - ok
15:02:51.0255 4276  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
15:02:51.0255 4276  WacomPen - ok
15:02:51.0286 4276  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
15:02:51.0286 4276  WANARP - ok
15:02:51.0302 4276  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
15:02:51.0302 4276  Wanarpv6 - ok
15:02:51.0380 4276  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
15:02:51.0395 4276  WatAdminSvc - ok
15:02:51.0442 4276  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
15:02:51.0458 4276  wbengine - ok
15:02:51.0473 4276  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
15:02:51.0473 4276  WbioSrvc - ok
15:02:51.0520 4276  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
15:02:51.0520 4276  wcncsvc - ok
15:02:51.0536 4276  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:02:51.0536 4276  WcsPlugInService - ok
15:02:51.0551 4276  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\DRIVERS\wd.sys
15:02:51.0551 4276  Wd - ok
15:02:51.0567 4276  [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
15:02:51.0583 4276  Wdf01000 - ok
15:02:51.0583 4276  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
15:02:51.0598 4276  WdiServiceHost - ok
15:02:51.0598 4276  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
15:02:51.0598 4276  WdiSystemHost - ok
15:02:51.0614 4276  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
15:02:51.0614 4276  WebClient - ok
15:02:51.0614 4276  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
15:02:51.0629 4276  Wecsvc - ok
15:02:51.0645 4276  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
15:02:51.0645 4276  wercplsupport - ok
15:02:51.0645 4276  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
15:02:51.0645 4276  WerSvc - ok
15:02:51.0661 4276  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
15:02:51.0661 4276  WfpLwf - ok
15:02:51.0723 4276  [ 1EF54B3220EBF3794439EB072B350F3E ] WHSConnector    C:\Program Files\Windows Home Server\WHSConnector.exe
15:02:51.0723 4276  WHSConnector - ok
15:02:51.0739 4276  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
15:02:51.0739 4276  WIMMount - ok
15:02:51.0739 4276  WinHttpAutoProxySvc - ok
15:02:51.0801 4276  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
15:02:51.0801 4276  Winmgmt - ok
15:02:51.0832 4276  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
15:02:51.0879 4276  WinRM - ok
15:02:51.0941 4276  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
15:02:51.0941 4276  WinUsb - ok
15:02:51.0973 4276  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
15:02:51.0988 4276  Wlansvc - ok
15:02:52.0035 4276  [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
15:02:52.0051 4276  wlcrasvc - ok
15:02:52.0160 4276  [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
15:02:52.0222 4276  wlidsvc - ok
15:02:52.0269 4276  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
15:02:52.0269 4276  WmiAcpi - ok
15:02:52.0300 4276  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
15:02:52.0300 4276  wmiApSrv - ok
15:02:52.0316 4276  WMPNetworkSvc - ok
15:02:52.0331 4276  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
15:02:52.0331 4276  WPCSvc - ok
15:02:52.0378 4276  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
15:02:52.0394 4276  WPDBusEnum - ok
15:02:52.0425 4276  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
15:02:52.0441 4276  ws2ifsl - ok
15:02:52.0441 4276  WSearch - ok
15:02:52.0456 4276  [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
15:02:52.0456 4276  WudfPf - ok
15:02:52.0487 4276  [ CF8D590BE3373029D57AF80914190682 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
15:02:52.0487 4276  WUDFRd - ok
15:02:52.0534 4276  [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
15:02:52.0534 4276  wudfsvc - ok
15:02:52.0565 4276  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc         C:\Windows\System32\wwansvc.dll
15:02:52.0565 4276  WwanSvc - ok
15:02:52.0597 4276  ================ Scan global ===============================
15:02:52.0628 4276  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
15:02:52.0675 4276  [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
15:02:52.0675 4276  [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
15:02:52.0690 4276  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
15:02:52.0706 4276  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
15:02:52.0706 4276  [Global] - ok
15:02:52.0706 4276  ================ Scan MBR ==================================
15:02:52.0721 4276  [ 70E629B51C16B3C007730C6AE57144C9 ] \Device\Harddisk0\DR0
15:02:54.0640 4276  \Device\Harddisk0\DR0 - ok
15:02:54.0640 4276  ================ Scan VBR ==================================
15:02:54.0640 4276  [ 65EA2098DD710455445D7D62777959BE ] \Device\Harddisk0\DR0\Partition1
15:02:54.0640 4276  \Device\Harddisk0\DR0\Partition1 - ok
15:02:54.0671 4276  [ DE47C39D1DB9BAE6F79078585B201865 ] \Device\Harddisk0\DR0\Partition2
15:02:54.0687 4276  \Device\Harddisk0\DR0\Partition2 - ok
15:02:54.0703 4276  [ 402A1C2605983896BFD66CE8106D8EFB ] \Device\Harddisk0\DR0\Partition3
15:02:54.0703 4276  \Device\Harddisk0\DR0\Partition3 - ok
15:02:54.0703 4276  ============================================================
15:02:54.0703 4276  Scan finished
15:02:54.0703 4276  ============================================================
15:02:54.0703 5784  Detected object count: 0
15:02:54.0703 5784  Actual detected object count: 0
15:03:22.0782 3560  Deinitialize success


aswMBR
aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-09-23 15:03:38
-----------------------------
15:03:38.406    OS Version: Windows x64 6.1.7601 Service Pack 1
15:03:38.406    Number of processors: 8 586 0x1A05
15:03:38.406    ComputerName: STEFFEN-PC  UserName: Steffen
15:03:46.986    Initialize success
15:04:30.060    AVAST engine defs: 12092300
15:04:41.666    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-2
15:04:41.666    Disk 0 Vendor: ST310005 CC44 Size: 953869MB BusType: 3
15:04:41.682    Disk 0 MBR read successfully
15:04:41.682    Disk 0 MBR scan
15:04:41.697    Disk 0 unknown MBR code
15:04:41.697    Disk 0 Partition 1 00     27 Hidden NTFS WinRE NTFS        13312 MB offset 2048
15:04:41.713    Disk 0 Partition 2 80 (A) 07    HPFS/NTFS NTFS          100 MB offset 27265024
15:04:41.728    Disk 0 Partition 3 00     07    HPFS/NTFS NTFS       469966 MB offset 27469824
15:04:41.744    Disk 0 Partition 4 00     07    HPFS/NTFS NTFS       470489 MB offset 989960192
15:04:41.775    Disk 0 scanning C:\Windows\system32\drivers
15:04:54.567    Service scanning
15:05:13.100    Modules scanning
15:05:13.100    Disk 0 trace - called modules:
15:05:13.131    ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll 
15:05:13.131    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800b989790]
15:05:13.131    3 CLASSPNP.SYS[fffff88000c8b43f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-2[0xfffffa800ab92050]
15:05:14.379    AVAST engine scan C:\Windows
15:05:16.657    AVAST engine scan C:\Windows\system32
15:07:17.760    File: C:\Windows\assembly\GAC_32\Desktop.ini  **INFECTED** Win32:Sirefef-PL [Rtk]
15:07:19.772    File: C:\Windows\assembly\GAC_64\Desktop.ini  **INFECTED** Win32:Sirefef-PL [Rtk]
15:08:28.178    AVAST engine scan C:\Windows\system32\drivers
15:09:06.976    AVAST engine scan C:\Users\Steffen
15:17:26.223    File: C:\Users\Steffen\AppData\Local\Temp\adfm32.exe  **INFECTED** Win32:Sirefef-AHY [Trj]
15:17:53.414    File: C:\Users\Steffen\AppData\Local\Temp\derm32.exe  **INFECTED** Win32:Sirefef-AGN [Trj]
15:18:55.066    File: C:\Users\Steffen\AppData\Local\Temp\nana.exe  **INFECTED** Win32:Susn-AL [Trj]
15:32:02.660    AVAST engine scan C:\ProgramData
15:34:54.471    Scan finished successfully
15:37:30.816    Disk 0 MBR has been saved successfully to "C:\MBR.dat"
15:37:30.819    The log file has been saved successfully to "C:\aswMBR.txt"

ESET Online Scanner
C:\Users\Steffen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\HPQAN2MW\19[1].htm	HTML/Iframe.B.Gen virus	deleted - quarantined
C:\Users\Steffen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\OXRA24Z3\dd65ef9a5579d4e518c6d4abbd0cb1c6[1].htm	HTML/Iframe.B.Gen virus	deleted - quarantined
C:\Users\Steffen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\QBS4YEGM\dd65ef9a5579d4e518c6d4abbd0cb1c6[1].htm	HTML/Iframe.B.Gen virus	deleted - quarantined
C:\Users\Steffen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\UF9V98RJ\19[1].htm	HTML/Iframe.B.Gen virus	deleted - quarantined
C:\Users\Steffen\AppData\Local\Temp\adfm32.exe	a variant of Win32/Kryptik.AKIS trojan	cleaned by deleting - quarantined
C:\Users\Steffen\AppData\Local\Temp\derm32.exe	a variant of Win32/Kryptik.AJOV trojan	cleaned by deleting - quarantined
C:\Users\Steffen\AppData\Local\Temp\Main.class	Java/Exploit.CVE-2011-3544.BK trojan	cleaned by deleting - quarantined
C:\Users\Steffen\AppData\Local\Temp\nana.exe	Win32/Sirefef.EV trojan	cleaned by deleting - quarantined
C:\Users\Steffen\AppData\Local\Temp\V.class	probably a variant of Java/Exploit.CVE-2011-3544.BQ trojan	cleaned by deleting - quarantined
C:\Users\Steffen\AppData\Local\{f7ccbdfe-336d-30d0-d67d-48ff21b60393}\U\00000008.@	Win64/Agent.BA trojan	cleaned by deleting - quarantined
C:\Users\Steffen\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\12\7e63020c-650eb8fc	Java/Exploit.Agent.NAX trojan	cleaned by deleting - quarantined
C:\Users\Steffen\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\4\7e46804-71e57400	Java/Exploit.CVE-2012-0507.BO trojan	cleaned by deleting - quarantined
C:\Windows\Installer\{f7ccbdfe-336d-30d0-d67d-48ff21b60393}\U\000000cb.@	Win64/Sirefef.AI trojan	cleaned by deleting - quarantined
Operating memory	multiple threats	


#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:57 AM

Posted 23 September 2012 - 10:06 AM

Download

http://www.techspot.com/downloads/4716-malwarebytes-anti-malware.html

Install,update and run a full scan

Click on SHOW results.Select all infections and remove it

Reboot the PC and scan MBAM once in regular mode until you get a clean log

Download

mini toolbox

Checkmark following boxes:

Flush DNS
Report IE Proxy Settings
Reset IE Proxy Settings
Report FF Proxy Settings
Reset FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size

Click Go and post the result.

Download

FSS

Checkmark all the boxes

Click on "Scan".
Please copy and paste the log to your reply.



Download

adware cleaner

Launch it click on Delete

post the generated log

#5 emas

emas
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:10:57 AM

Posted 23 September 2012 - 12:21 PM

I succesfully generated a clean log in MBAM the second time.


Mini Toolbox
MiniToolBox by Farbar  Version: 23-07-2012
Ran by Steffen (administrator) on 23-09-2012 at 19:14:22
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP-konfiguration

DNS Resolver Cache blev t›mt.

========================= IE Proxy Settings: ============================== 

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ============================== 

"network.proxy.type", 0

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

Atheros AR9271 Wireless Network Adapter = Trådløs netværksforbindelse 3 (Connected)
Intel(R) 82567LF-2 Gigabit Network Connection = LAN-forbindelse (Hardware not present)
802.11n Wireless PCI Express Card LAN Adapter = Trådløs netværksforbindelse (Hardware not present)
Microsoft Virtual WiFi Miniport Adapter = Trådløs netværksforbindelse 4 (Media disconnected)


# ----------------------------------
# IPv4-konfiguration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# Slut p† IPv4-konfiguration.



Windows IP-konfiguration

   V‘rtsnavn. . . . . . . . . . . . . . . . . . : Steffen-Pc
   Prim‘rt DNS-suffiks. . . . . . . . . . . . . : 
   Nodetype . . . . . . . . . . . . . . . . . . : Hybrid
   IP-routing aktiveret . . . . . . . . . . . . : Nej
   WINS-proxy aktiveret . . . . . . . . . . . . : Nej
   S›geliste for DNS-suffiks. . . . . . . . . . : mynet

Tr†dl›st LAN-kort Tr†dl›s netv‘rksforbindelse 4:

   Medietilstand. . . . . . . . . . . . . . . . : Mediet afbrudt
   Forbindelsesspecifikt DNS-suffiks. . . . . . : 
   Beskrivelse. . . . . . . . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter #2
   Fysisk adresse . . . . . . . . . . . . . . . : DE-5D-4C-91-0F-7A
   DHCP aktiveret . . . . . . . . . . . . . . . : Ja
   Automatisk konfiguration aktiveret . . . . . : Ja

Tr†dl›st LAN-kort Tr†dl›s netv‘rksforbindelse 3:

   Forbindelsesspecifikt DNS-suffiks. . . . . . : mynet
   Beskrivelse. . . . . . . . . . . . . . . . . : Atheros AR9271 Wireless Network Adapter
   Fysisk adresse . . . . . . . . . . . . . . . : D8-5D-4C-91-0F-7A
   DHCP aktiveret . . . . . . . . . . . . . . . : Ja
   Automatisk konfiguration aktiveret . . . . . : Ja
   Link-local-IPv6-adresse . . . . . : fe80::58b0:f453:e981:e03f%18(Foretrukken) 
   IPv4-adresse . . . . . . . . . . . . . . . . : 192.168.1.101(Foretrukken) 
   Undernetmaske. . . . . . . . . . . . . . . . : 255.255.255.0
   Rettigheden opn†et . . . . . . . . . . . . . : 23. september 2012 18:43:30
   Rettigheden udl›ber. . . . . . . . . . . . . : 24. september 2012 18:43:31
   Standardgateway. . . . . . . . . . . . . . . : 192.168.1.1
   DHCP-server. . . . . . . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 349723980
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-12-79-08-03-00-01-6C-6C-BA-8C
   DNS-servere. . . . . . . . . . . . . . . . . : 192.168.1.1
   NetBIOS over Tcpip . . . . . . . . . . . . . : Aktiveret

Tunnel-netv‘rkskort Teredo Tunneling Pseudo-Interface:

   Medietilstand. . . . . . . . . . . . . . . . : Mediet afbrudt
   Forbindelsesspecifikt DNS-suffiks. . . . . . : 
   Beskrivelse. . . . . . . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Fysisk adresse . . . . . . . . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP aktiveret . . . . . . . . . . . . . . . : Nej
   Automatisk konfiguration aktiveret . . . . . : Ja

Tunnel-netv‘rkskort isatap.opasia.dk:

   Medietilstand. . . . . . . . . . . . . . . . : Mediet afbrudt
   Forbindelsesspecifikt DNS-suffiks. . . . . . : 
   Beskrivelse. . . . . . . . . . . . . . . . . : Microsoft ISATAP-netv‘rkskort
   Fysisk adresse . . . . . . . . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP aktiveret . . . . . . . . . . . . . . . : Nej
   Automatisk konfiguration aktiveret . . . . . : Ja

Tunnel-netv‘rkskort isatap.{C2ACAE78-01A6-4C1B-8D6C-E0AB8A85C89A}:

   Medietilstand. . . . . . . . . . . . . . . . : Mediet afbrudt
   Forbindelsesspecifikt DNS-suffiks. . . . . . : 
   Beskrivelse. . . . . . . . . . . . . . . . . : Microsoft ISATAP-netv‘rkskort #3
   Fysisk adresse . . . . . . . . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP aktiveret . . . . . . . . . . . . . . . : Nej
   Automatisk konfiguration aktiveret . . . . . : Ja

Tunnel-netv‘rkskort isatap.{B80F0D4A-C515-4114-9D73-86FEC710CA26}:

   Medietilstand. . . . . . . . . . . . . . . . : Mediet afbrudt
   Forbindelsesspecifikt DNS-suffiks. . . . . . : 
   Beskrivelse. . . . . . . . . . . . . . . . . : Microsoft ISATAP-netv‘rkskort #4
   Fysisk adresse . . . . . . . . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP aktiveret . . . . . . . . . . . . . . . : Nej
   Automatisk konfiguration aktiveret . . . . . : Ja
Server:   myhome.mynet
Address:  192.168.1.1

Navn:    google.com
Addresses:  2a00:1450:4001:c01::8b
	  173.194.70.138
	  173.194.70.102
	  173.194.70.100
	  173.194.70.113
	  173.194.70.139
	  173.194.70.101


Pinger google.com [173.194.70.138] med 32 byte data:
Svar fra 173.194.70.138: byte=32 tid=34ms TTL=47
Svar fra 173.194.70.138: byte=32 tid=34ms TTL=47

Ping-statistikker for 173.194.70.138:
    Pakker: Sendt = 2, modtaget = 2, tabt = 0 (0% tab),
Beregnet tid for rundtur i millisekunder:
    Minimum = 34ms, Maksimum = 34ms, Gennemsnitlig = 34ms
Server:   myhome.mynet
Address:  192.168.1.1

Navn:    yahoo.com
Addresses:  98.138.253.109
	  98.139.183.24
	  72.30.38.140


Pinger yahoo.com [98.138.253.109] med 32 byte data:
Svar fra 98.138.253.109: byte=32 tid=147ms TTL=48
Svar fra 98.138.253.109: byte=32 tid=194ms TTL=47

Ping-statistikker for 98.138.253.109:
    Pakker: Sendt = 2, modtaget = 2, tabt = 0 (0% tab),
Beregnet tid for rundtur i millisekunder:
    Minimum = 147ms, Maksimum = 194ms, Gennemsnitlig = 170ms
Server:   myhome.mynet
Address:  192.168.1.1

Navn:    bleepingcomputer.com
Address:  208.43.87.2


Pinger bleepingcomputer.com [208.43.87.2] med 32 byte data:
Svar fra 208.43.87.2: Modtagerv‘rt ikke tilg‘ngelig.
Svar fra 208.43.87.2: Modtagerv‘rt ikke tilg‘ngelig.

Ping-statistikker for 208.43.87.2:
    Pakker: Sendt = 2, modtaget = 2, tabt = 0 (0% tab),

Pinger 127.0.0.1 med 32 byte data:
Svar fra 127.0.0.1: byte=32 tid<1ms TTL=128
Svar fra 127.0.0.1: byte=32 tid<1ms TTL=128

Ping-statistikker for 127.0.0.1:
    Pakker: Sendt = 2, modtaget = 2, tabt = 0 (0% tab),
Beregnet tid for rundtur i millisekunder:
    Minimum = 0ms, Maksimum = 0ms, Gennemsnitlig = 0ms
===========================================================================
Liste over gr‘nseflader
 19...de 5d 4c 91 0f 7a ......Microsoft Virtual WiFi Miniport Adapter #2
 18...d8 5d 4c 91 0f 7a ......Atheros AR9271 Wireless Network Adapter
  1...........................Software Loopback Interface 1
 14...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
 15...00 00 00 00 00 00 00 e0 Microsoft ISATAP-netv‘rkskort
 16...00 00 00 00 00 00 00 e0 Microsoft ISATAP-netv‘rkskort #3
 17...00 00 00 00 00 00 00 e0 Microsoft ISATAP-netv‘rkskort #4
===========================================================================

IPv4 Rutetabel
===========================================================================
Aktive ruter:
Netv‘rksdestination     Netmaske        Gateway       Gr‘nseflade  Metrikv‘rdi
          0.0.0.0          0.0.0.0      192.168.1.1    192.168.1.101     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link     192.168.1.101    281
    192.168.1.101  255.255.255.255         On-link     192.168.1.101    281
    192.168.1.255  255.255.255.255         On-link     192.168.1.101    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link     192.168.1.101    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link     192.168.1.101    281
===========================================================================
Vedvarende ruter:
  Ingen

IPv6 Rutetabel
===========================================================================
Aktive ruter:
 Hvis Metrik Netv‘rk Destination      Gateway
  1    306 ::1/128                  On-link
 18    281 fe80::/64                On-link
 18    281 fe80::58b0:f453:e981:e03f/128
                                    On-link
  1    306 ff00::/8                 On-link
 18    281 ff00::/8                 On-link
===========================================================================
Vedvarende ruter:
  Ingen
========================= Winsock entries =====================================

Catalog5 01 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog9 01 mswsock.dll [File Not found] ()
Catalog9 02 mswsock.dll [File Not found] ()
Catalog9 03 mswsock.dll [File Not found] ()
Catalog9 04 mswsock.dll [File Not found] ()
Catalog9 05 mswsock.dll [File Not found] ()
Catalog9 06 mswsock.dll [File Not found] ()
Catalog9 07 mswsock.dll [File Not found] ()
Catalog9 08 mswsock.dll [File Not found] ()
Catalog9 09 mswsock.dll [File Not found] ()
Catalog9 10 mswsock.dll [File Not found] ()
x64-Catalog5 01 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"

x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 mswsock.dll [File Not found] ()
ATTENTION: The LibraryPath should be "%SystemRoot%\System32\mswsock.dll"

x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171392] (Microsoft Corp.)
x64-Catalog9 01 mswsock.dll [File Not found] ()
x64-Catalog9 02 mswsock.dll [File Not found] ()
x64-Catalog9 03 mswsock.dll [File Not found] ()
x64-Catalog9 04 mswsock.dll [File Not found] ()
x64-Catalog9 05 mswsock.dll [File Not found] ()
x64-Catalog9 06 mswsock.dll [File Not found] ()
x64-Catalog9 07 mswsock.dll [File Not found] ()
x64-Catalog9 08 mswsock.dll [File Not found] ()
x64-Catalog9 09 mswsock.dll [File Not found] ()
x64-Catalog9 10 mswsock.dll [File Not found] ()

========================= Event log errors: ===============================

Application errors:
==================
Error: (09/23/2012 06:41:51 PM) (Source: Application Error) (User: )
Description: Navn på program med fejl: svchost.exe, version: 6.1.7600.16385, tidsstempel: 0x4a5bc100
Navn på modul med fejl: 80000032.@_unloaded, version: 0.0.0.0, tidsstempel: 0x504a0466
Undtagelseskode: 0xc0000005
Forskydning med fejl 0x013bb0c2
Proces-id 0x668
Programmets starttidspunkt 0xsvchost.exe0
Programsti: svchost.exe1
Modulsti: svchost.exe2
Rapport-id: svchost.exe3

Error: (09/23/2012 06:40:51 PM) (Source: Application Error) (User: )
Description: Navn på program med fejl: svchost.exe, version: 6.1.7600.16385, tidsstempel: 0x4a5bc100
Navn på modul med fejl: 80000032.@_unloaded, version: 0.0.0.0, tidsstempel: 0x504a0466
Undtagelseskode: 0xc0000005
Forskydning med fejl 0x013bb0c2
Proces-id 0xaa8
Programmets starttidspunkt 0xsvchost.exe0
Programsti: svchost.exe1
Modulsti: svchost.exe2
Rapport-id: svchost.exe3

Error: (09/23/2012 06:39:51 PM) (Source: Application Error) (User: )
Description: Navn på program med fejl: svchost.exe, version: 6.1.7600.16385, tidsstempel: 0x4a5bc100
Navn på modul med fejl: 80000032.@_unloaded, version: 0.0.0.0, tidsstempel: 0x504a0466
Undtagelseskode: 0xc0000005
Forskydning med fejl 0x013bb0c2
Proces-id 0x338
Programmets starttidspunkt 0xsvchost.exe0
Programsti: svchost.exe1
Modulsti: svchost.exe2
Rapport-id: svchost.exe3

Error: (09/23/2012 06:38:51 PM) (Source: Application Error) (User: )
Description: Navn på program med fejl: svchost.exe, version: 6.1.7600.16385, tidsstempel: 0x4a5bc100
Navn på modul med fejl: 80000032.@_unloaded, version: 0.0.0.0, tidsstempel: 0x504a0466
Undtagelseskode: 0xc0000005
Forskydning med fejl 0x013bb0c2
Proces-id 0x12a8
Programmets starttidspunkt 0xsvchost.exe0
Programsti: svchost.exe1
Modulsti: svchost.exe2
Rapport-id: svchost.exe3

Error: (09/23/2012 06:37:50 PM) (Source: Application Error) (User: )
Description: Navn på program med fejl: svchost.exe, version: 6.1.7600.16385, tidsstempel: 0x4a5bc100
Navn på modul med fejl: 80000032.@_unloaded, version: 0.0.0.0, tidsstempel: 0x504a0466
Undtagelseskode: 0xc0000005
Forskydning med fejl 0x013bb0c2
Proces-id 0x32c
Programmets starttidspunkt 0xsvchost.exe0
Programsti: svchost.exe1
Modulsti: svchost.exe2
Rapport-id: svchost.exe3

Error: (09/23/2012 06:36:50 PM) (Source: Application Error) (User: )
Description: Navn på program med fejl: svchost.exe, version: 6.1.7600.16385, tidsstempel: 0x4a5bc100
Navn på modul med fejl: 80000032.@_unloaded, version: 0.0.0.0, tidsstempel: 0x504a0466
Undtagelseskode: 0xc0000005
Forskydning med fejl 0x013bb0c2
Proces-id 0xbf8
Programmets starttidspunkt 0xsvchost.exe0
Programsti: svchost.exe1
Modulsti: svchost.exe2
Rapport-id: svchost.exe3

Error: (09/23/2012 06:35:50 PM) (Source: Application Error) (User: )
Description: Navn på program med fejl: svchost.exe, version: 6.1.7600.16385, tidsstempel: 0x4a5bc100
Navn på modul med fejl: 80000032.@_unloaded, version: 0.0.0.0, tidsstempel: 0x504a0466
Undtagelseskode: 0xc0000005
Forskydning med fejl 0x0137b0c2
Proces-id 0x1514
Programmets starttidspunkt 0xsvchost.exe0
Programsti: svchost.exe1
Modulsti: svchost.exe2
Rapport-id: svchost.exe3

Error: (09/23/2012 06:34:50 PM) (Source: Application Error) (User: )
Description: Navn på program med fejl: svchost.exe, version: 6.1.7600.16385, tidsstempel: 0x4a5bc100
Navn på modul med fejl: 80000032.@_unloaded, version: 0.0.0.0, tidsstempel: 0x504a0466
Undtagelseskode: 0xc0000005
Forskydning med fejl 0x00f3b0c2
Proces-id 0x175c
Programmets starttidspunkt 0xsvchost.exe0
Programsti: svchost.exe1
Modulsti: svchost.exe2
Rapport-id: svchost.exe3

Error: (09/23/2012 06:33:50 PM) (Source: Application Error) (User: )
Description: Navn på program med fejl: svchost.exe, version: 6.1.7600.16385, tidsstempel: 0x4a5bc100
Navn på modul med fejl: 80000032.@_unloaded, version: 0.0.0.0, tidsstempel: 0x504a0466
Undtagelseskode: 0xc0000005
Forskydning med fejl 0x000cb0c2
Proces-id 0x145c
Programmets starttidspunkt 0xsvchost.exe0
Programsti: svchost.exe1
Modulsti: svchost.exe2
Rapport-id: svchost.exe3

Error: (09/23/2012 06:32:49 PM) (Source: Application Error) (User: )
Description: Navn på program med fejl: svchost.exe, version: 6.1.7600.16385, tidsstempel: 0x4a5bc100
Navn på modul med fejl: 80000032.@_unloaded, version: 0.0.0.0, tidsstempel: 0x504a0466
Undtagelseskode: 0xc0000005
Forskydning med fejl 0x0017b0c2
Proces-id 0x165c
Programmets starttidspunkt 0xsvchost.exe0
Programsti: svchost.exe1
Modulsti: svchost.exe2
Rapport-id: svchost.exe3


System errors:
=============
Error: (09/23/2012 06:44:03 PM) (Source: Service Control Manager) (User: )
Description: Tjenesten Udbyder af hjemmegruppe afhænger af tjenesten Udgivelse af funktionsregistreringsressourcer, der ikke kunne starte pga. følgende fejl: 
%%-2147024891

Error: (09/23/2012 06:44:03 PM) (Source: Service Control Manager) (User: )
Description: Tjenesten Udgivelse af funktionsregistreringsressourcer blev afbrudt med følgende fejl: 
%%-2147024891

Error: (09/23/2012 06:43:30 PM) (Source: Service Control Manager) (User: )
Description: Tjenesten IPsec Policy Agent afhænger af følgende tjeneste: BFE. Tjenesten er muligvis ikke installeret.

Error: (09/23/2012 06:43:29 PM) (Source: Service Control Manager) (User: )
Description: Tjenesten IKE- og AuthIP IPsec-nøglemoduler afhænger af følgende tjeneste: BFE. Tjenesten er muligvis ikke installeret.

Error: (09/23/2012 06:43:28 PM) (Source: Service Control Manager) (User: )
Description: Tjenesten Udgivelse af funktionsregistreringsressourcer blev afbrudt med følgende fejl: 
%%-2147024891

Error: (09/23/2012 06:43:28 PM) (Source: Service Control Manager) (User: )
Description: Tjenesten Computerbrowser blev afbrudt med følgende fejl: 
%%1060

Error: (09/23/2012 06:43:26 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (User: NT AUTHORITY)
Description: Det trådløse udvidelsesmodul kunne ikke startes.

Modulsti: C:\Windows\system32\athExt.dll
Fejlkode: 126

Error: (09/23/2012 04:16:52 PM) (Source: Service Control Manager) (User: )
Description: Tjenesten Udbyder af hjemmegruppe afhænger af tjenesten Udgivelse af funktionsregistreringsressourcer, der ikke kunne starte pga. følgende fejl: 
%%-2147024891

Error: (09/23/2012 04:16:52 PM) (Source: Service Control Manager) (User: )
Description: Tjenesten Udgivelse af funktionsregistreringsressourcer blev afbrudt med følgende fejl: 
%%-2147024891

Error: (09/23/2012 03:00:13 PM) (Source: Service Control Manager) (User: )
Description: Tjenesten Udbyder af hjemmegruppe afhænger af tjenesten Udgivelse af funktionsregistreringsressourcer, der ikke kunne starte pga. følgende fejl: 
%%-2147024891


Microsoft Office Sessions:
=========================
Error: (06/25/2012 10:13:55 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 0 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (06/25/2012 10:13:38 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 3162 seconds with 1680 seconds of active time.  This session ended with a crash.

Error: (11/21/2011 10:39:18 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6612.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 0 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (09/12/2011 08:34:32 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 0 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (09/12/2011 08:32:59 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 0 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (05/22/2011 08:05:19 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 4 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (05/04/2011 05:43:24 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 0 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (04/25/2011 05:32:21 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 2 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (03/01/2011 10:07:24 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 2 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (02/15/2011 08:39:29 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 0 seconds with 0 seconds of active time.  This session ended with a crash.


=========================== Installed Programs ============================

 Update for Microsoft Office 2007 (KB2508958)
Acer Arcade Deluxe (Version: 3.2.6929)
Acer Backup Manager (Version: 2.0.2.19)
Acer eRecovery Management (Version: 4.05.3003)
Acer Registration (Version: 1.02.3006)
Acer ScreenSaver (Version: 1.1.0812)
Acer Updater (Version: 1.01.3014)
Acrobat.com (Version: 1.6.65)
ActiveX sikkerhedssoftware (Version: 1.30)
Adobe AIR (Version: 2.6.0.19140)
Adobe Community Help (Version: 3.5.23)
Adobe Flash Player 11 ActiveX (Version: 11.4.402.265)
Adobe Photoshop Elements 10 (Version: 10.0)
Adobe Premiere Elements 10 (Version: 10.0)
Adobe Reader 9.5.2 MUI (Version: 9.5.2)
Advertising Center (Version: 0.0.0.2)
Backup Manager Advance (Version: 2.0.2.19)
Bing Bar (Version: 7.0.609.0)
BufferChm (Version: 130.0.331.000)
CanoScan Toolbox Ver4.1
D3DX10 (Version: 15.4.2368.0902)
Destinations (Version: 140.0.77.000)
DivX Setup (Version: 2.6.1.9)
DocProc (Version: 13.0.0.0)
Dropbox (Version: 1.4.8)
DVD Decrypter (Remove Only)
Elements 10 Organizer (Version: 10.0)
ESET Online Scanner v3
eSobi v2 (Version: 2.0.4.000274)
Facebook Video Calling 1.2.0.159 (Version: 1.2.159)
GPBaseService2 (Version: 130.0.371.000)
Hotkey Utility (Version: 1.00.3003)
HP Imaging Device Functions 13.0 (Version: 13.0)
HP Photosmart Essential 3.5 (Version: 3.5)
HP Scanjet G4000 Series (Version: 13.0)
HP Solution Center 13.0 (Version: 13.0)
HP Update (Version: 5.003.001.001)
hpg4000 (Version: 13.0.0.0)
HPPhotosmartEssential (Version: 2.04.0000)
HPProductAssistant (Version: 130.0.371.000)
Identity Card (Version: 1.00.3001)
ImagXpress (Version: 7.0.74.0)
ImgBurn (Version: 2.5.5.0)
Intel(R) Network Connections 14.3.100.0 (Version: 14.3.100.0)
Intel® Matrix Storage Manager
Java Auto Updater (Version: 2.0.2.1)
Java(TM) 6 Update 20 (Version: 6.0.200)
JMicron JMB36X Driver (Version: 1.00.0000)
Junk Mail filter update (Version: 15.4.3502.0922)
Knoll Light Factory EZ Studio
Kompatibilitetspakke til Office 2007-systemet (Version: 12.0.6612.1000)
Magic Bullet Looks Studio
Malwarebytes Anti-Malware version 1.65.0.1400 (Version: 1.65.0.1400)
Manual CanoScan 9900F
Mesh Runtime (Version: 15.4.5722.2)
Messenger Companion (Version: 15.4.3502.0922)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30320)
Microsoft .NET Framework 4 Client Profile DAN Language Pack (Version: 4.0.30320)
Microsoft .NET Framework 4 Client Profile DAN sprogpakke (Version: 4.0.30320)
Microsoft Antimalware Service DA-DK Language Pack (Version: 3.0.8402.2)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (Danish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (Danish) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Groove MUI (Danish) 2007 (Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (Danish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Language Pack 2007 - Danish/dansk (Version: 12.0.6612.1000)
Microsoft Office Live Add-in 1.5 (Version: 2.0.4024.1)
Microsoft Office O MUI (Danish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (Danish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook Connector (Version: 14.0.5118.5000)
Microsoft Office Outlook MUI (Danish) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (Danish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Professional 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Danish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (Danish) 2007 (Version: 12.0.4518.1021)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (Danish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit MUI (Danish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (Danish) 2007 (Version: 12.0.6612.1000)
Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3)
Microsoft Office SharePoint Designer MUI (Danish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (Danish) 2007 (Version: 12.0.6612.1000)
Microsoft Office X MUI (Danish) 2007 (Version: 12.0.6612.1000)
Microsoft Security Client (Version: 4.0.1526.0)
Microsoft Security Client DA-DK Language Pack (Version: 2.1.1116.0)
Microsoft Security Essentials (Version: 4.0.1526.0)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft SQL Server Native Client (Version: 9.00.2047.00)
Microsoft SQL Server Setup Support Files (English) (Version: 9.00.2047.00)
Microsoft SQL Server VSS Writer (Version: 9.00.2047.00)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Works (Version: 9.7.0621)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MyFreeCodec
MyWinLocker (Version: 3.1.72.0)
Nero 9 Essentials
Nero ControlCenter (Version: 9.0.0.1)
Nero DiscSpeed (Version: 5.4.7.201)
Nero DiscSpeed Help (Version: 5.4.4.100)
Nero DriveSpeed (Version: 4.4.7.201)
Nero DriveSpeed Help (Version: 4.4.4.100)
Nero Express Help (Version: 9.4.9.100)
Nero InfoTool (Version: 6.4.7.201)
Nero InfoTool Help (Version: 6.4.4.100)
Nero Installer (Version: 4.4.8.1)
Nero Online Upgrade (Version: 1.3.0.0)
Nero StartSmart (Version: 9.4.11.209)
Nero StartSmart Help (Version: 9.4.1.100)
Nero StartSmart OEM (Version: 9.16.0.100)
NeroExpress (Version: 9.4.10.505)
neroxml (Version: 1.0.0)
NVIDIA Display Control Panel (Version: 1.10)
NVIDIA Grafikdriver 275.33 (Version: 275.33)
NVIDIA Install Application (Version: 2.275.78.0)
NVIDIA Kontrolpanel 275.33 (Version: 275.33)
NVIDIA Opdateringer 1.3.5 (Version: 1.3.5)
NVIDIA PhysX (Version: 9.09.0428)
NVIDIA Update Components (Version: 1.3.5)
OCR Software by I.R.I.S. 13.0 (Version: 13.0)
Opdatering til Microsoft Office Excel 2007 Help (KB963678)
Opdatering til Microsoft Office Powerpoint 2007 Help (KB963669)
Opdatering til Microsoft Office Word 2007 Help (KB963665)
Pinnacle Studio 14 (Version: 14.0.0.7255)
Pinnacle Studio Ultimate Collection Plugins (Version: 14.0.0.7255)
Pinnacle Video-driver (Version: 12.1.0.030)
PMB (Version: 5.0.02.11130)
PRE10STI64Installer (Version: 1.0)
PSE10 STI Installer (Version: 10.0)
PVSonyDll (Version: 1.00.0001)
Realtek High Definition Audio Driver (Version: 6.0.1.5898)
Red Giant ToonIt Studio
Samsung Kies (Version: 2.3.3.12085_7)
SAMSUNG PC Share Manager (Version: 2.3.0)
SAMSUNG USB Driver for Mobile Phones (Version: 1.5.9.0)
Scan (Version: 140.0.80.000)
Skype Click to Call (Version: 6.2.10687)
Skype™ 5.10 (Version: 5.10.116)
SmartCopy
SmartLauncher
SmartSound Common Data (Version: 1.1.0)
SmartSound Premiere Elements 10 x64 Plugin (Version: 5.70.0001)
SmartSound Sonicfire Pro 5 (Version: 5.7.1)
SolutionCenter (Version: 130.0.373.000)
Spyder4Elite
SureThing Express Labeler
TegnClipart
Topaz Adjust 5 (64-bit) (Version: 5.0.0)
Topaz Adjust 5 (Version: 5.0.0)
Trapcode 3DStroke Studio
Trapcode Particular Studio
Trapcode Shine Studio
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft Office Outlook 2007 (KB2596598) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687407) 32-Bit Edition
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0)
Visual C++ 2008 x86 Runtime - (v9.0.30729) (Version: 9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (Version: 9.0.30729.01)
Visual C++ 8.0 Runtime Setup Package (x64) (Version: 9.0.0.623)
VLC media player 1.1.7 (Version: 1.1.7)
WebReg (Version: 130.0.132.017)
Welcome Center (Version: 1.00.3005)
Windows Home Server Connector (Version: 6.0.3436.0)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3555.0308)
Windows Live Family Safety (Version: 15.4.3555.0308)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3555.0308)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX-objekt til fjernforbindelser (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live Messenger Companion Core (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live Sync (Version: 14.0.8089.726)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)

========================= Memory info: ===================================

Percentage of memory in use: 17%
Total physical RAM: 12279.17 MB
Available physical RAM: 10080.86 MB
Total Pagefile: 24556.54 MB
Available Pagefile: 22195.62 MB
Total Virtual: 4095.88 MB
Available Virtual: 3960.94 MB

========================= Partitions: =====================================

1 Drive c: (Acer) (Fixed) (Total:458.95 GB) (Free:107.21 GB) NTFS
2 Drive d: (DATA) (Fixed) (Total:459.46 GB) (Free:260.37 GB) NTFS

========================= Users: ========================================

Brugerkonti for \\STEFFEN-PC

Administrator            G‘st                     Steffen                  
UpdatusUser              
Kommandoen blev udf›rt.


**** End of log ****

FSS
Farbar Service Scanner Version: 19-09-2012
Ran by Steffen (administrator) on 23-09-2012 at 19:15:26
Running from "C:\Users\Steffen\Downloads"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============
mpsdrv Service is not running. Checking service configuration:
The start type of mpsdrv service is OK.
The ImagePath of mpsdrv service is OK.

MpsSvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open MpsSvc registry key. The service key does not exist.

bfe Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.


Firewall Disabled Policy: 
==================


System Restore:
============

System Restore Disabled Policy: 
========================


Action Center:
============
wscsvc Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wscsvc registry key. The service key does not exist.


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open wuauserv registry key. The service key does not exist.

BITS Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open BITS registry key. The service key does not exist.


Windows Autoupdate Disabled Policy: 
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.
Checking ServiceDll: ATTENTION!=====> Unable to open WinDefend registry key. The service key does not exist.


Other Services:
==============
Checking Start type of SharedAccess: ATTENTION!=====> Unable to retrieve start type of SharedAccess. The value does not exist.
Checking ImagePath of SharedAccess: ATTENTION!=====> Unable to retrieve ImagePath of SharedAccess. The value does not exist.
Checking ServiceDll of SharedAccess: ATTENTION!=====> Unable to retrieve ServiceDll of SharedAccess. The value does not exist.


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

Adware Cleaner
# AdwCleaner v2.002 - Logfile created 09/23/2012 at 19:16:13
# Updated 16/09/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Steffen - STEFFEN-PC
# Boot Mode : Normal
# Running from : C:\Users\Steffen\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\ProgramData\Partner
Folder Deleted : C:\Users\Steffen\AppData\LocalLow\boost_interprocess

***** [Registry] *****

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

Restored : [HKCU\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKCU\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-21-1374881175-432106482-3839465829-1004\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]

-\\ Mozilla Firefox v [Unable to get version]

Profile name : default 
File : C:\Users\Steffen\AppData\Roaming\Mozilla\Firefox\Profiles\7x33rbem.default\prefs.js

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [2028 octets] - [23/09/2012 19:16:13]

########## EOF - C:\AdwCleaner[S1].txt - [2088 octets] ##########


#6 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:57 AM

Posted 23 September 2012 - 12:24 PM

Run the services repair tool

http://kb.eset.com/library/ESET/KB%20Team%20Only/Malware/ServicesRepair.exe

Post the new FSS log

download

http://www.bleepingcomputer.com/download/rkill/

Run it and after scan finishes,post the contents of RKILL log located on the desktop here


Download

Autoruns

Extract and launch autoruns.exe

Allow the scan to get finished

Now click on FILE-SAVE

Filename:Autoruns.txt
Save as :Text

Paste the text contents here

#7 emas

emas
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:10:57 AM

Posted 23 September 2012 - 12:57 PM

FSS (New)
Farbar Service Scanner Version: 19-09-2012
Ran by Steffen (administrator) on 23-09-2012 at 19:50:08
Running from "C:\Users\Steffen\Downloads"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy: 
==================


System Restore:
============

System Restore Disabled Policy: 
========================


Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy: 
============================


Windows Defender:
==============

Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

RKILL
Rkill 2.4.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 09/23/2012 07:51:07 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

 * No malware services found to stop.

Checking for processes to terminate:

 * No malware processes found to kill.

Checking Registry for malware related settings:

 * Explorer Policy Removed:  NoActiveDesktopChanges [HKLM]

Backup Registry file created at:
 C:\Users\Steffen\Desktop\rkill\rkill-09-23-2012-07-51-11.reg

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

 * ALERT: ZEROACCESS rootkit symptoms found!

     * HKEY_CLASSES_ROOT\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InprocServer32 [ZA Reg Hijack]
     * HKEY_CLASSES_ROOT\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InprocServer32 [ZA Reg Hijack]
     * HKEY_CLASSES_ROOT\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InprocServer32 [ZA Reg Hijack]
     * C:\$Recycle.Bin\S-1-5-18\$f7ccbdfe336d30d0d67d48ff21b60393\ [ZA Dir]
     * C:\$Recycle.Bin\S-1-5-21-1374881175-432106482-3839465829-1000\$f7ccbdfe336d30d0d67d48ff21b60393\ [ZA Dir]
     * C:\Windows\assembly\GAC_32\Desktop.ini [ZA File]
     * C:\Windows\assembly\GAC_64\Desktop.ini [ZA File]

Checking Windows Service Integrity: 

 * No issues found.

Searching for Missing Digital Signatures: 

 * No issues found.

Checking HOSTS File: 

 * No issues found.

Program finished at: 09/23/2012 07:51:21 PM
Execution time: 0 hours(s), 0 minute(s), and 14 seconds(s)

AutoRuns
"HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms"	""	""	""
+ "rdpclip"	""	""	"File not found: rdpclip"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run"	""	""	""
+ "AdobeAAMUpdater-1.0"	"Adobe Updater Startup Utility"	"Adobe Systems Incorporated"	"c:\program files (x86)\common files\adobe\oobe\pdapp\uwa\updaterstartuputility.exe"
+ "IAAnotif"	"Event Monitor User Notification Tool"	"Intel Corporation"	"c:\program files (x86)\intel\intel matrix storage manager\iaanotif.exe"
+ "KiesTrayAgent"	"Kies TrayAgent Application"	"Samsung Electronics Co., Ltd."	"c:\program files (x86)\samsung\kies\kiestrayagent.exe"
+ "MSC"	"Microsoft Security Client User Interface"	"Microsoft Corporation"	"c:\program files\microsoft security client\msseces.exe"
+ "mwlDaemon"	"MyWinLocker"	"Egis Technology Inc."	"c:\program files (x86)\egistec\mywinlocker 3\x86\mwldaemon.exe"
+ "RtHDVCpl"	"HD Audio Control Panel"	"Realtek Semiconductor"	"c:\program files\realtek\audio\hda\ravcpl64.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run"	""	""	""
+ "Adobe ARM"	"Adobe Reader and Acrobat Manager"	"Adobe Systems Incorporated"	"c:\program files (x86)\common files\adobe\arm\1.0\adobearm.exe"
+ "Adobe Reader Speed Launcher"	"Adobe Acrobat SpeedLauncher"	"Adobe Systems Incorporated"	"c:\program files (x86)\adobe\reader 9.0\reader\reader_sl.exe"
+ "ArcadeDeluxeAgent"	"Acer Arcade Deluxe Resident Program"	"CyberLink Corp."	"c:\program files (x86)\acer arcade deluxe\acer arcade deluxe\arcadedeluxeagent.exe"
+ "BackupManagerTray"	"Acer Backup Manager"	"NewTech Infosystems, Inc."	"c:\program files (x86)\newtech infosystems\acer backup manager\backupmanagertray.exe"
+ "DivXUpdate"	"DivX Update"	""	"c:\program files (x86)\divx\divx update\divxupdate.exe"
+ "EgisTecLiveUpdate"	"EgisUpdate Release Application"	"Egis Technology Inc."	"c:\program files (x86)\egistec egis software update\egisupdate.exe"
+ "Hotkey Utility"	"Hotkey Utility"	""	"c:\program files (x86)\acer\hotkey utility\hotkeyutility.exe"
+ "HP Software Update"	"hpwuSchd Application"	"Hewlett-Packard"	"c:\program files (x86)\hp\hp software update\hpwuschd2.exe"
+ "hpqSRMon"	"HpqSRmon"	"Hewlett-Packard"	"c:\program files (x86)\hp\digital imaging\bin\hpqsrmon.exe"
+ "JMB36X IDE Setup"	""	""	"c:\windows\raidtool\xinside.exe"
+ "KiesTrayAgent"	"Kies TrayAgent Application"	"Samsung Electronics Co., Ltd."	"c:\program files (x86)\samsung\kies\kiestrayagent.exe"
+ "PlayMovie"	"Acer Arcade Deluxe PlayMovie Resident Program"	"Acer Corp."	"c:\program files (x86)\acer arcade deluxe\playmovie\pmvservice.exe"
+ "PMBVolumeWatcher"	"Media Check Tool"	"Sony Corporation"	"c:\program files (x86)\sony\pmb\pmbvolumewatcher.exe"
+ "SunJavaUpdateSched"	""	""	"File not found: C:\Program Files (x86)\Java\jre6\bin\jusched.exe"
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup"	""	""	""
+ "SmartCopy.lnk"	"SmartCopy MFC Application"	""	"c:\program files (x86)\northstar\smartcopy\smartcopy.exe"
+ "SmartLauncher.lnk"	"SmartLauncher"	"North Star com."	"c:\program files (x86)\northstar\smartlauncher\smartlauncher.exe"
+ "SpyderUtility.lnk"	"SpyderUtility 1.2.3"	" "	"c:\program files (x86)\datacolor\spyder4elite\utility\spyderutility.exe"
"C:\Users\Steffen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup"	""	""	""
+ "Dropbox.lnk"	"Dropbox"	"Dropbox, Inc."	"c:\users\steffen\appdata\roaming\dropbox\bin\dropbox.exe"
"HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components"	""	""	""
+ "Microsoft Windows"	"Windows Mail"	"Microsoft Corporation"	"c:\program files\windows mail\winmail.exe"
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components"	""	""	""
+ "Microsoft Windows"	"Windows Mail"	"Microsoft Corporation"	"c:\program files (x86)\windows mail\winmail.exe"
"HKCU\Software\Microsoft\Windows\CurrentVersion\Run"	""	""	""
+ "Facebook Update"	"Facebook Installer"	"Facebook Inc."	"c:\users\steffen\appdata\local\facebook\update\facebookupdate.exe"
+ "KiesAirMessage"	""	""	"File not found: C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup"
+ "KiesPDLR"	"KiesPDLR"	""	"c:\program files (x86)\samsung\kies\external\firmwareupdate\kiespdlr.exe"
+ "KiesPreload"	"Kies"	"Samsung"	"c:\program files (x86)\samsung\kies\kies.exe"
+ "msnmsgr"	"Windows Live Messenger"	"Microsoft Corporation"	"c:\program files (x86)\windows live\messenger\msnmsgr.exe"
+ "Sidebar"	"Windows Skrivebordsgadgets"	"Microsoft Corporation"	"c:\program files\windows sidebar\sidebar.exe"
+ "Skype"	"Skype "	"Skype Technologies S.A."	"c:\program files (x86)\skype\phone\skype.exe"
"HKLM\SOFTWARE\Classes\Protocols\Filter"	""	""	""
+ "text/xml"	"Microsoft Office XML MIME Filter"	"Microsoft Corporation"	"c:\program files\common files\microsoft shared\office12\msoxmlmf.dll"
"HKLM\SOFTWARE\Classes\Protocols\Handler"	""	""	""
+ "skype-ie-addon-data"	"Skype Click to Call for Internet Explorer"	"Skype Technologies S.A."	"c:\program files (x86)\skype\toolbars\internet explorer x64\skypeieplugin.dll"
"HKCU\Software\Classes\*\ShellEx\ContextMenuHandlers"	""	""	""
+ "DropboxExt"	"Dropbox Shell Extension"	"Dropbox, Inc."	"c:\users\steffen\appdata\roaming\dropbox\bin\dropboxext64.14.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers"	""	""	""
+ "EDSshellExt"	"Shell Extention"	"Egis Technology Inc."	"c:\program files (x86)\egistec\mywinlocker 3\x64\mwlshellext.dll"
+ "EPP"	"Microsoft Security Client Shell Extension"	"Microsoft Corporation"	"c:\program files\microsoft security client\shellext.dll"
+ "LavasoftShellExt"	""	""	"File not found: C:\Program Files (x86)\Lavasoft\Ad-Aware\ShellExt_64.dll"
"HKLM\Software\Wow6432Node\Classes\*\ShellEx\ContextMenuHandlers"	""	""	""
+ "EDSshellExt"	"Shell Extention"	"Egis Technology Inc."	"c:\program files (x86)\egistec\mywinlocker 3\x86\mwlshellext.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers"	""	""	""
+ "MBAMShlExt"	"Malwarebytes Anti-Malware"	"Malwarebytes Corporation"	"c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
"HKCU\Software\Classes\Directory\ShellEx\ContextMenuHandlers"	""	""	""
+ "DropboxExt"	"Dropbox Shell Extension"	"Dropbox, Inc."	"c:\users\steffen\appdata\roaming\dropbox\bin\dropboxext64.14.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers"	""	""	""
+ "EDSshellExt"	"Shell Extention"	"Egis Technology Inc."	"c:\program files (x86)\egistec\mywinlocker 3\x64\mwlshellext.dll"
+ "EPP"	"Microsoft Security Client Shell Extension"	"Microsoft Corporation"	"c:\program files\microsoft security client\shellext.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\ShellEx\ContextMenuHandlers"	""	""	""
+ "EDSshellExt"	"Shell Extention"	"Egis Technology Inc."	"c:\program files (x86)\egistec\mywinlocker 3\x86\mwlshellext.dll"
"HKCU\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers"	""	""	""
+ "DropboxExt"	"Dropbox Shell Extension"	"Dropbox, Inc."	"c:\users\steffen\appdata\roaming\dropbox\bin\dropboxext64.14.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers"	""	""	""
+ "Gadgets"	"Sidebar-droptarget"	"Microsoft Corporation"	"c:\program files\windows sidebar\sbdrop.dll"
+ "NvCplDesktopContext"	""	"NVIDIA Corporation"	"c:\windows\system32\nvshext.dll"
"HKLM\Software\Wow6432Node\Classes\Directory\Background\ShellEx\ContextMenuHandlers"	""	""	""
+ "Gadgets"	"Sidebar-droptarget"	"Microsoft Corporation"	"c:\program files (x86)\windows sidebar\sbdrop.dll"
"HKLM\Software\Wow6432Node\Classes\Folder\Shellex\ColumnHandlers"	""	""	""
+ "PDF Shell Extension"	"PDF Shell Extension"	"Adobe Systems, Inc."	"c:\program files (x86)\common files\adobe\acrobat\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers"	""	""	""
+ "LavasoftShellExt"	""	""	"File not found: C:\Program Files (x86)\Lavasoft\Ad-Aware\ShellExt_64.dll"
+ "MBAMShlExt"	"Malwarebytes Anti-Malware"	"Malwarebytes Corporation"	"c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers"	""	""	""
+ "DropboxExt1"	"Dropbox Shell Extension"	"Dropbox, Inc."	"c:\users\steffen\appdata\roaming\dropbox\bin\dropboxext64.14.dll"
+ "DropboxExt2"	"Dropbox Shell Extension"	"Dropbox, Inc."	"c:\users\steffen\appdata\roaming\dropbox\bin\dropboxext64.14.dll"
+ "DropboxExt3"	"Dropbox Shell Extension"	"Dropbox, Inc."	"c:\users\steffen\appdata\roaming\dropbox\bin\dropboxext64.14.dll"
+ "DropboxExt4"	"Dropbox Shell Extension"	"Dropbox, Inc."	"c:\users\steffen\appdata\roaming\dropbox\bin\dropboxext64.14.dll"
+ "egisPSDP"	"PSD DragDrop Protection"	"Egis Technology Inc."	"c:\program files (x86)\egistec\mywinlocker 3\x64\psdprotect.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers"	""	""	""
+ "DropboxExt1"	"Dropbox Shell Extension"	"Dropbox, Inc."	"c:\users\steffen\appdata\roaming\dropbox\bin\dropboxext.14.dll"
+ "DropboxExt2"	"Dropbox Shell Extension"	"Dropbox, Inc."	"c:\users\steffen\appdata\roaming\dropbox\bin\dropboxext.14.dll"
+ "DropboxExt3"	"Dropbox Shell Extension"	"Dropbox, Inc."	"c:\users\steffen\appdata\roaming\dropbox\bin\dropboxext.14.dll"
+ "egisPSDP"	"PSD DragDrop Protection"	"Egis Technology Inc."	"c:\program files (x86)\egistec\mywinlocker 3\x86\psdprotect.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects"	""	""	""
+ "BrowserHelper Class"	"Home Server Desk Bands"	"Microsoft Corporation"	"c:\program files\windows home server\whsdeskbands.dll"
+ "Skype add-on for Internet Explorer"	"Skype Click to Call for Internet Explorer"	"Skype Technologies S.A."	"c:\program files (x86)\skype\toolbars\internet explorer x64\skypeieplugin.dll"
+ "Windows Live ID Sign-in Helper"	"Microsoft® Windows Live ID Login Helper"	"Microsoft Corp."	"c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll"
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects"	""	""	""
+ "Adobe PDF Link Helper"	"Adobe PDF Helper for Internet Explorer"	"Adobe Systems Incorporated"	"c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll"
+ "Bing Bar Helper"	"Bing Client Extensions"	"Microsoft Corporation."	"c:\program files (x86)\microsoft\bingbar\bingext.dll"
+ "DivX Plus Web Player HTML5 <video>"	"DivX Plus Web Player HTML5 <video> version 2.1.2.145"	"DivX, LLC"	"c:\program files (x86)\divx\divx plus web player\ie\divxhtml5\divxhtml5.dll"
+ "Hjælp til logon til Windows Live ID"	"Microsoft® Windows Live ID Login Helper"	"Microsoft Corp."	"c:\program files (x86)\common files\microsoft shared\windows live\windowslivelogin.dll"
+ "Java(tm) Plug-In 2 SSV Helper"	"Java(TM) Platform SE binary"	"Sun Microsystems, Inc."	"c:\program files (x86)\java\jre6\bin\jp2ssv.dll"
+ "Skype Browser Helper"	"Skype Click to Call for Internet Explorer"	"Skype Technologies S.A."	"c:\program files (x86)\skype\toolbars\internet explorer\skypeieplugin.dll"
+ "SSVHelper Class"	"Java(TM) Platform SE binary"	"Sun Microsystems, Inc."	"c:\program files (x86)\java\jre6\bin\ssv.dll"
+ "Windows Live Messenger Companion Helper"	"Windows Live Messenger Companion Core"	"Microsoft Corporation"	"c:\program files (x86)\windows live\companion\companioncore.dll"
"HKLM\Software\Microsoft\Internet Explorer\Toolbar"	""	""	""
+ "Home Server Banner"	"Home Server Desk Bands"	"Microsoft Corporation"	"c:\program files\windows home server\whsdeskbands.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar"	""	""	""
+ "Bing"	"Bing Client Extensions"	"Microsoft Corporation."	"c:\program files (x86)\microsoft\bingbar\bingext.dll"
"HKLM\Software\Microsoft\Internet Explorer\Extensions"	""	""	""
+ "Skype Click to Call"	"Skype Click to Call for Internet Explorer"	"Skype Technologies S.A."	"c:\program files (x86)\skype\toolbars\internet explorer x64\skypeieplugin.dll"
"HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Extensions"	""	""	""
+ "&Blog det i Windows Live Writer"	"Windows Live Writer Blog This Extension"	"Microsoft Corporation"	"c:\program files (x86)\windows live\writer\writerbrowserextension.dll"
+ "Messenger Companion (Ctrl+Skift+C)"	"Windows Live Messenger Companion Core"	"Microsoft Corporation"	"c:\program files (x86)\windows live\companion\companioncore.dll"
+ "Skype Click to Call"	"Skype Click to Call for Internet Explorer"	"Skype Technologies S.A."	"c:\program files (x86)\skype\toolbars\internet explorer\skypeieplugin.dll"
"Task Scheduler"	""	""	""
+ "\AdobeAAMUpdater-1.0-Steffen-Pc-Steffen"	"Adobe Updater Startup Utility"	"Adobe Systems Incorporated"	"c:\program files (x86)\common files\adobe\oobe\pdapp\uwa\updaterstartuputility.exe"
+ "\FacebookUpdateTaskUserS-1-5-21-1374881175-432106482-3839465829-1000Core"	"Facebook Installer"	"Facebook Inc."	"c:\users\steffen\appdata\local\facebook\update\facebookupdate.exe"
+ "\FacebookUpdateTaskUserS-1-5-21-1374881175-432106482-3839465829-1000UA"	"Facebook Installer"	"Facebook Inc."	"c:\users\steffen\appdata\local\facebook\update\facebookupdate.exe"
+ "\Microsoft\Windows Defender\MP Scheduled Scan"	"Microsoft Malware Protection Command Line Utility"	"Microsoft Corporation"	"c:\program files\windows defender\mpcmdrun.exe"
+ "\Microsoft\Windows Defender\MpIdleTask"	"Microsoft Malware Protection Command Line Utility"	"Microsoft Corporation"	"c:\program files\windows defender\mpcmdrun.exe"
+ "\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task"	"Windows Live Social Object Extractor Engine"	"Microsoft Corporation"	"c:\program files (x86)\windows live\soxe\wlsoxe.dll"
+ "\Microsoft\Windows\NetTrace\GatherNetworkInfo"	""	""	"c:\windows\system32\gathernetworkinfo.vbs"
+ "\Microsoft\Windows\Windows Media Sharing\UpdateLibrary"	"Konfigurationsprogram til Windows Media Player Network Sharing Service"	"Microsoft Corporation"	"c:\program files\windows media player\wmpnscfg.exe"
"HKLM\System\CurrentControlSet\Services"	""	""	""
+ "AdobeActiveFileMonitor10.0"	"Tracks files that are managed by Elements Organizer"	"Adobe Systems Incorporated"	"c:\program files (x86)\adobe\elements 10 organizer\photoshopelementsfileagent.exe"
+ "AdobeFlashPlayerUpdateSvc"	"This service keeps your Adobe Flash Player installation up to date with the latest enhancements and security fixes."	"Adobe Systems Incorporated"	"c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe"
+ "arXfrSvc"	"Transfers Media Center recordings to your Windows Home Server"	"Microsoft Corporation"	"c:\program files\windows home server\microsoft.homeserver.archive.transferservice.exe"
+ "BBSvc"	"Keeps Bing Bar up-to-date. Disabling this service might prevent updates and expose your computer to security vulnerabilities or functional flaws in Bing Bar."	"Microsoft Corporation."	"c:\program files (x86)\microsoft\bingbar\bbsvc.exe"
+ "esClient"	"Windows Media Center Client Service"	"Microsoft Corporation"	"c:\program files\windows home server\esclient.exe"
+ "FLEXnet Licensing Service"	"This service performs licensing functions on behalf of FLEXnet enabled products."	"Acresso Software Inc."	"c:\program files (x86)\common files\macrovision shared\flexnet publisher\fnplicensingservice.exe"
+ "fsssvc"	"This service enables Family Safety on the computer. If this service is not running, Family Safety will not work."	"Microsoft Corporation"	"c:\program files (x86)\windows live\family safety\fsssvc.exe"
+ "Greg_Service"	"Global Registration Service"	"Acer Incorporated"	"c:\program files (x86)\acer\registration\greghsrw.exe"
+ "hpqcxs08"	"HP CUE Context Manager Objects"	"Hewlett-Packard Co."	"c:\program files (x86)\hp\digital imaging\bin\hpqcxs08.dll"
+ "IAANTMON"	"RAID Monitor"	"Intel Corporation"	"c:\program files (x86)\intel\intel matrix storage manager\iaantmon.exe"
+ "MBAMScheduler"	"Malwarebytes Anti-Malware scheduler"	"Malwarebytes Corporation"	"c:\program files (x86)\malwarebytes' anti-malware\mbamscheduler.exe"
+ "MBAMService"	"Malwarebytes Anti-Malware service"	"Malwarebytes Corporation"	"c:\program files (x86)\malwarebytes' anti-malware\mbamservice.exe"
+ "MWLService"	"MyWinLocker Service"	"Egis Technology Inc."	"c:\program files (x86)\egistec\mywinlocker 3\x86\mwlservice.exe"
+ "Nero BackItUp Scheduler 4.0"	"Nero BackItUp Scheduler 4.0 is responsible to control all jobs created using Nero BackItUp. These jobs can create backups of selected files/folders/partitions or complete hard disk to hard disk, network drive, disc or FTP."	"Nero AG"	"c:\program files (x86)\common files\nero\nero backitup 4\nbservice.exe"
+ "NisSrv"	"Er med til at beskytte mod forsøg på indtrængen, der er målrettet mod kendte og nyopdagede sikkerhedsrisici i netværksprotokoller"	"Microsoft Corporation"	"c:\program files\microsoft security client\nissrv.exe"
+ "NTI IScheduleSvc"	"NTI IShadow Manage backup/Sync jobs and  etc..."	"NewTech Infosystems, Inc."	"c:\program files (x86)\newtech infosystems\acer backup manager\ischedulesvc.exe"
+ "nvsvc"	"Provides system and desktop level support to the NVIDIA display driver"	"NVIDIA Corporation"	"c:\windows\system32\nvvsvc.exe"
+ "nvUpdatusService"	"NVIDIA Settings Update Manager service, used to check new updates from NVIDIA server."	"NVIDIA Corporation"	"c:\program files (x86)\nvidia corporation\nvidia updatus\daemonu.exe"
+ "odserv"	"Kør dele af Microsoft Office Diagnosticering."	"Microsoft Corporation"	"c:\program files (x86)\common files\microsoft shared\office12\odserv.exe"
+ "ose"	"Gemmer installationsfiler, som bruges til opdateringer og reparationer og er nødvendige ved overførsel af installationsopdateringer og Watson-fejlrapporter."	"Microsoft Corporation"	"c:\program files (x86)\common files\microsoft shared\source engine\ose.exe"
+ "PMBDeviceInfoProvider"	"Enables PMB to communicate with the device."	"Sony Corporation"	"c:\program files (x86)\sony\pmb\pmbdeviceinfoprovider.exe"
+ "SeaPort"	"Enables the detection, download and installation of up-to-date configuration files for Bing Bar. Also provides server communication for the customer experience improvement program. Stopping or disabling this service may prevent you from getting the latest updates for Bing Bar, which may expose your computer to security vulnerabilities or functional flaws in the Bing Bar."	"Microsoft Corporation"	"c:\program files (x86)\microsoft\bingbar\seaport.exe"
+ "Skype C2C Service"	"Skype Click to Call Update Service"	"Skype Technologies S.A."	"c:\programdata\skype\toolbars\skype c2c service\c2c_service.exe"
+ "SkypeUpdate"	"Enables the detection, download and installation of updates for Skype."	"Skype Technologies"	"c:\program files (x86)\skype\updater\updater.exe"
+ "SQLWriter"	"Provides the interface to backup/restore Microsoft SQL server through the Windows VSS infrastructure."	"Microsoft Corporation"	"c:\program files\microsoft sql server\90\shared\sqlwriter.exe"
+ "Updater Service"	"Acer Update Service"	"Acer"	"c:\program files\acer\acer updater\updaterservice.exe"
+ "WHSConnector"	"Maintains the connection between this computer and the Windows Home Server.  If this service is stopped, this computer appears offline to the home server."	"Microsoft Corporation"	"c:\program files\windows home server\whsconnector.exe"
+ "WinDefend"	"Beskyttelse mod spyware og potentielt uønsket software"	"Microsoft Corporation"	"c:\program files\windows defender\mpsvc.dll"
+ "wlidsvc"	"Aktiverer Windows Live ID-godkendelse."	"Microsoft Corp."	"c:\program files\common files\microsoft shared\windows live\wlidsvc.exe"
+ "WMPNetworkSvc"	"Deler Windows Media Player-biblioteker med andre afspillere og medieenheder på netværket ved hjælp af Universal Plug and Play"	"Microsoft Corporation"	"c:\program files\windows media player\wmpnetwk.exe"
"HKLM\System\CurrentControlSet\Services"	""	""	""
+ "adp94xx"	"Adaptec Windows SAS/SATA Storport Driver"	"Adaptec, Inc."	"c:\windows\system32\drivers\adp94xx.sys"
+ "adpahci"	"Adaptec Windows SATA Storport Driver"	"Adaptec, Inc."	"c:\windows\system32\drivers\adpahci.sys"
+ "adpu320"	"Adaptec StorPort Ultra320 SCSI Driver (X64)"	"Adaptec, Inc."	"c:\windows\system32\drivers\adpu320.sys"
+ "aliide"	"ALi mini IDE Driver"	"Acer Laboratories Inc."	"c:\windows\system32\drivers\aliide.sys"
+ "amdsata"	"AHCI 1.2 Device Driver"	"Advanced Micro Devices"	"c:\windows\system32\drivers\amdsata.sys"
+ "amdsbs"	"AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform"	"AMD Technologies Inc."	"c:\windows\system32\drivers\amdsbs.sys"
+ "amdxata"	"Storage Filter Driver"	"Advanced Micro Devices"	"c:\windows\system32\drivers\amdxata.sys"
+ "arc"	"Adaptec RAID Storport Driver"	"Adaptec, Inc."	"c:\windows\system32\drivers\arc.sys"
+ "arcsas"	"Adaptec SAS RAID WS03 Driver"	"Adaptec, Inc."	"c:\windows\system32\drivers\arcsas.sys"
+ "athur"	"Atheros Extensible Wireless LAN device driver"	"Atheros Communications, Inc."	"c:\windows\system32\drivers\athurx.sys"
+ "atikmdag"	"Driver til ATI Radeon Kernel Mode"	"ATI Technologies Inc."	"c:\windows\system32\drivers\atikmdag.sys"
+ "b06bdrv"	"Broadcom NetXtreme II GigE VBD"	"Broadcom Corporation"	"c:\windows\system32\drivers\bxvbda.sys"
+ "b57nd60a"	"Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver."	"Broadcom Corporation"	"c:\windows\system32\drivers\b57nd60a.sys"
+ "BrFiltLo"	"Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver"	"Brother Industries, Ltd."	"c:\windows\system32\drivers\brfiltlo.sys"
+ "BrFiltUp"	"Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver"	"Brother Industries, Ltd."	"c:\windows\system32\drivers\brfiltup.sys"
+ "Brserid"	"Brotehr Serial I/F Driver (WDM)"	"Brother Industries Ltd."	"c:\windows\system32\drivers\brserid.sys"
+ "BrSerWdm"	"Brother Serial driver (WDM version)"	"Brother Industries Ltd."	"c:\windows\system32\drivers\brserwdm.sys"
+ "BrUsbMdm"	"Brother USB MDM Driver "	"Brother Industries Ltd."	"c:\windows\system32\drivers\brusbmdm.sys"
+ "BrUsbSer"	"Brother USB Serial Driver"	"Brother Industries Ltd."	"c:\windows\system32\drivers\brusbser.sys"
+ "cmdide"	"CMD PCI IDE Bus Driver"	"CMD Technology, Inc."	"c:\windows\system32\drivers\cmdide.sys"
+ "dg_ssudbus"	"SAMSUNG USB Composite Device Driver (MSS Ver.3)"	"DEVGURU Co., LTD.(www.devguru.co.kr)"	"c:\windows\system32\drivers\ssudbus.sys"
+ "e1yexpress"	"Intel(R) Gigabit Network Connection NDIS 6 deserialized driver"	"Intel Corporation"	"c:\windows\system32\drivers\e1y62x64.sys"
+ "ebdrv"	"Broadcom NetXtreme II 10 GigE VBD"	"Broadcom Corporation"	"c:\windows\system32\drivers\evbda.sys"
+ "elxstor"	"Storport Miniport Driver for LightPulse HBAs"	"Emulex"	"c:\windows\system32\drivers\elxstor.sys"
+ "FTDIBUS"	"FTDIBUS USB Driver"	"FTDI Ltd."	"c:\windows\system32\drivers\ftdibus.sys"
+ "FTSER2K"	"FTDIBUS Serial Device Driver"	"FTDI Ltd."	"c:\windows\system32\drivers\ftser2k.sys"
+ "gwfilt64"	"Creative Audio Driver"	"Creative Technology Ltd."	"c:\windows\system32\drivers\gwfilt64.sys"
+ "hcw85cir"	"Hauppauge WinTV 885 Consumer IR Driver for eHome"	"Hauppauge Computer Works, Inc."	"c:\windows\system32\drivers\hcw85cir.sys"
+ "HpSAMD"	"Smart Array SAS/SATA Controller Media Driver"	"Hewlett-Packard Company"	"c:\windows\system32\drivers\hpsamd.sys"
+ "IAMTVE"	"Intel® Active Management Technology – KCS"	"Intel Corporation"	"c:\windows\system32\drivers\iamtve.sys"
+ "IAMTXPE"	"Intel® Active Management Technology – KCS"	"Intel Corporation"	"c:\windows\system32\drivers\iamtxpe.sys"
+ "iaStor"	"Intel Matrix Storage Manager driver - x64"	"Intel Corporation"	"c:\windows\system32\drivers\iastor.sys"
+ "iaStorV"	"Intel Matrix Storage Manager driver - x64"	"Intel Corporation"	"c:\windows\system32\drivers\iastorv.sys"
+ "iirsp"	"Intel/ICP Raid Storport Driver"	"Intel Corp./ICP vortex GmbH"	"c:\windows\system32\drivers\iirsp.sys"
+ "IntcAzAudAddService"	"Realtek(r) High Definition Audio Function Driver"	"Realtek Semiconductor Corp."	"c:\windows\system32\drivers\rtkvhd64.sys"
+ "ioatdma1"	"Intel(R) 5000 Series Chipsets Integrated Device - 1A38"	"Intel Corporation"	"c:\windows\system32\drivers\qd162x64.sys"
+ "ioatdma2"	"Intel(R) 5000 Series Chipsets Integrated Device - 1A38"	"Intel Corporation"	"c:\windows\system32\drivers\qd262x64.sys"
+ "JRAID"	"JMicron JMB36X RAID Driver"	"JMicron Technology Corp."	"c:\windows\system32\drivers\jraid.sys"
+ "LSI_FC"	"LSI Fusion-MPT FC Driver (StorPort)"	"LSI Corporation"	"c:\windows\system32\drivers\lsi_fc.sys"
+ "LSI_SAS"	"LSI Fusion-MPT SAS Driver (StorPort)"	"LSI Corporation"	"c:\windows\system32\drivers\lsi_sas.sys"
+ "LSI_SAS2"	"LSI SAS Gen2 Driver (StorPort)"	"LSI Corporation"	"c:\windows\system32\drivers\lsi_sas2.sys"
+ "LSI_SCSI"	"LSI Fusion-MPT SCSI Driver (StorPort)"	"LSI Corporation"	"c:\windows\system32\drivers\lsi_scsi.sys"
+ "MarvinBus"	"Pinnacle Marvin Discrete Bus Enumerator"	"Pinnacle Systems GmbH"	"c:\windows\system32\drivers\marvinbus64.sys"
+ "MBAMProtector"	"Malwarebytes Anti-Malware"	"Malwarebytes Corporation"	"c:\windows\system32\drivers\mbam.sys"
+ "megasas"	"MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64"	"LSI Corporation"	"c:\windows\system32\drivers\megasas.sys"
+ "MegaSR"	"LSI MegaRAID Software RAID Driver"	"LSI Corporation, Inc."	"c:\windows\system32\drivers\megasr.sys"
+ "mwlPSDFilter"	"mwlPSDFilter Filter Driver"	"Egis Technology Inc."	"c:\windows\system32\drivers\mwlpsdfilter.sys"
+ "mwlPSDNServ"	"mwlPSDNServ Driver"	"Egis Technology Inc."	"c:\windows\system32\drivers\mwlpsdnserv.sys"
+ "mwlPSDVDisk"	"mwlPSDVdisk Driver"	"Egis Technology Inc."	"c:\windows\system32\drivers\mwlpsdvdisk.sys"
+ "NAL"	"Intel(R) Network Adapter Diagnostic Driver"	"Intel Corporation "	"c:\windows\system32\drivers\iqvw64e.sys"
+ "netr28x"	"Ralink 802.11 Wireless Adapter Driver"	"Ralink Technology, Corp."	"c:\windows\system32\drivers\netr28x.sys"
+ "nfrd960"	"IBM ServeRAID Controller Driver"	"IBM Corporation"	"c:\windows\system32\drivers\nfrd960.sys"
+ "NTIDrvr"	"NTI CD-ROM Filter Driver"	"NewTech Infosystems, Inc."	"c:\windows\system32\drivers\ntidrvr.sys"
+ "nvlddmkm"	"NVIDIA Windows Kernel Mode Driver, Version 295.73 "	"NVIDIA Corporation"	"c:\windows\system32\drivers\nvlddmkm.sys"
+ "nvraid"	"NVIDIA® nForce(TM) RAID Driver"	"NVIDIA Corporation"	"c:\windows\system32\drivers\nvraid.sys"
+ "nvstor"	"NVIDIA® nForce(TM) Sata Performance Driver"	"NVIDIA Corporation"	"c:\windows\system32\drivers\nvstor.sys"
+ "PxHlpa64"	"Px Engine Device Driver for 64-bit Windows"	"Sonic Solutions"	"c:\windows\system32\drivers\pxhlpa64.sys"
+ "ql2300"	"QLogic Fibre Channel Stor Miniport Driver"	"QLogic Corporation"	"c:\windows\system32\drivers\ql2300.sys"
+ "ql40xx"	"QLogic iSCSI Storport Miniport Driver"	"QLogic Corporation"	"c:\windows\system32\drivers\ql40xx.sys"
+ "secdrv"	"Macrovision SECURITY Driver"	"Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K."	"c:\windows\system32\drivers\secdrv.sys"
+ "SiSRaid2"	"SiS RAID Stor Miniport Driver"	"Silicon Integrated Systems Corp."	"c:\windows\system32\drivers\sisraid2.sys"
+ "SiSRaid4"	"SiS AHCI Stor-Miniport Driver"	"Silicon Integrated Systems"	"c:\windows\system32\drivers\sisraid4.sys"
+ "Spyder4"	"Colorimeter USB Driver 1.0-1"	"Datacolor"	"c:\windows\system32\drivers\dccmtr.sys"
+ "ssudmdm"	"SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.)"	"DEVGURU Co., LTD.(www.devguru.co.kr)"	"c:\windows\system32\drivers\ssudmdm.sys"
+ "stexstor"	"Promise  SuperTrak EX Series Driver for Windows "	"Promise Technology"	"c:\windows\system32\drivers\stexstor.sys"
+ "UBHelper"	"NTI CDROM Filter Driver"	"NewTech Infosystems Corporation"	"c:\windows\system32\drivers\ubhelper.sys"
+ "viaide"	"VIA Generic PCI IDE Bus Driver"	"VIA Technologies, Inc."	"c:\windows\system32\drivers\viaide.sys"
+ "vsmraid"	"VIA RAID DRIVER FOR AMD-X86-64"	"VIA Technologies Inc.,Ltd"	"c:\windows\system32\drivers\vsmraid.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32"	""	""	""
+ "msacm.l3acm"	"MPEG Layer-3 Audio Codec for MSACM"	"Fraunhofer Institut Integrierte Schaltungen IIS"	"c:\windows\system32\l3codeca.acm"
"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32"	""	""	""
+ "msacm.l3acm"	"MPEG Layer-3 Audio Codec for MSACM"	"Fraunhofer Institut Integrierte Schaltungen IIS"	"c:\windows\syswow64\l3codeca.acm"
+ "vidc.cvid"	"Cinepak® Codec"	"Radius Inc."	"c:\windows\syswow64\iccvid.dll"
+ "vidc.DIVX"	"DivX"	"DivX, Inc."	"c:\windows\syswow64\divx.dll"
+ "vidc.mjpg"	""	""	"File not found: pvmjpg30.dll"
+ "vidc.yv12"	"DivX"	"DivX, Inc."	"c:\windows\syswow64\divx.dll"
"HKLM\Software\Classes\Filter"	""	""	""
+ "MainConcept (Adobe2) AVC/H.264 Video Encoder"	""	""	"File not found: C:\Program Files (x86)\Adobe\Elements Organizer 8.0\CAHeadless\ad2h264ve.ax"
+ "MainConcept (Adobe2) MPEG Demultiplexer"	""	""	"File not found: C:\Program Files (x86)\Adobe\Elements Organizer 8.0\CAHeadless\ad2mpgdmx.ax"
+ "MainConcept (Adobe2) MPEG Push Demultiplexer"	""	""	"File not found: C:\Program Files (x86)\Adobe\Elements Organizer 8.0\CAHeadless\ad2mpgpdmx.ax"
+ "MainConcept MPEG Demultiplexer"	"MPEG-1/2 Demultiplexer"	"MainConcept GmbH"	"c:\program files (x86)\adobe\elements 10 organizer\mc_codecs\mc_demux_mp2_ds.ax"
+ "MainConcept MPEG Push Demultiplexer"	"MPEG Push Demultiplexer"	"MainConcept GmbH"	"c:\program files (x86)\adobe\elements 10 organizer\mc_codecs\mc_demuxpush_mp2_ds.ax"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance"	""	""	""
+ "MainConcept Dolby Digital Audio Decoder"	"Dolby Digital Audio Decoder"	"MainConcept GmbH"	"c:\program files\adobe\adobe premiere elements 10\mc_dec_dd_ds.ax"
+ "{D517CC93-7066-4D06-A2AF-2F4298738C2A}"	""	""	"File not found: C:\Program Files\Adobe\Adobe Premiere Elements 10\plug-ins\en_US\DvFileWriter.prm"
"HKLM\Software\Wow6432Node\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance"	""	""	""
+ "AC3 Decoder Filter"	"TODO: <파일 설명>"	"TODO: <회사 이름>"	"c:\program files (x86)\myfree codec\1.0b beta\ac-3\ac3dx.ax"
+ "Capture File Writer"	"Windows Live Video Acquisition Filters"	"Microsoft Corporation"	"c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "CL_EVRWindow"	"CLEvr"	"CyberLink Corp."	"c:\program files (x86)\acer arcade deluxe\homemedia\kernel\dmp\clevr.dll"
+ "CyberLink Audio Decoder"	"CyberLink Audio Decoder Filter"	"CyberLink Corp."	"c:\program files (x86)\acer arcade deluxe\homemedia\kernel\dmp\claud61.ax"
+ "CyberLink Audio Decoder (PLAYMV)"	"CyberLink Audio Decoder Filter"	"CyberLink Corp."	"c:\program files (x86)\acer arcade deluxe\playmovie\audiofilter\claud.ax"
+ "CyberLink Audio Effect (PLAYMV)"	"CyberLink Audio Effect Filter"	"CyberLink Corporation"	"c:\program files (x86)\acer arcade deluxe\playmovie\audiofilter\claudfx.ax"
+ "CyberLink Audio Spectrum Analyzer (HomeNetwork)"	"CLAudSpa.ax"	"CyberLink Corp."	"c:\program files (x86)\acer arcade deluxe\homemedia\kernel\dmp\claudspa.ax"
+ "CyberLink Demultiplexer(Scramble)"	"MPEG-2 Dempltiplexer"	"CyberLink Corp."	"c:\program files (x86)\acer arcade deluxe\homemedia\kernel\dmp\cldemuxer.ax"
+ "CyberLink DVD Navigator (PLAYMV)"	"CyberLink DVD Navigation Filter"	"CyberLink Corp."	"c:\program files (x86)\acer arcade deluxe\playmovie\navfilter\clnavx.ax"
+ "CyberLink Line21 Decoder (PLAYMV)"	"CyberLink Line21 Decoder Filter"	"CyberLink Corp."	"c:\program files (x86)\acer arcade deluxe\playmovie\videofilter\clline21.ax"
+ "CyberLink MPEG Splitter"	"CyberLink MPEG Splitter"	"CyberLink Corp."	"c:\program files (x86)\acer arcade deluxe\homemedia\kernel\dmp\clsplter.ax"
+ "CyberLink Push-Mode CLStream"	"CLStream"	"CyberLink"	"c:\program files (x86)\acer arcade deluxe\homemedia\kernel\dmp\clstream(pushmode).ax"
+ "CyberLink Push-Mode CLStream (cURL)"	"CLStream"	"CyberLink"	"c:\program files (x86)\acer arcade deluxe\homemedia\kernel\dmp\clstream(multilib).ax"
+ "CyberLink SAC Video Decoder"	"CyberLink Video/SP Filter"	"CyberLink Corp."	"c:\program files (x86)\acer arcade deluxe\homemedia\kernel\dmp\clvsd.ax"
+ "Cyberlink Streamming Filter"	"Cyberlink Streaming Source Filter(Scramble)"	"CyberLink Corp."	"c:\program files (x86)\acer arcade deluxe\homemedia\kernel\dmp\clstream.ax"
+ "Cyberlink SubTitle (PMV)"	"CLSubTitle.ax"	"CyberLink Corp."	"c:\program files (x86)\acer arcade deluxe\playmovie\videofilter\clsubtitle.ax"
+ "CyberLink TimeStretch Filter (PLAYMV)"	"CLAuTS.ax"	"CyberLink Corp."	"c:\program files (x86)\acer arcade deluxe\playmovie\audiofilter\clauts.ax"
+ "CyberLink TimeStretch Filter(HomeNetwork)"	"CLAuTS.ax"	"CyberLink Corp."	"c:\program files (x86)\acer arcade deluxe\homemedia\kernel\dmp\clauts.ax"
+ "CyberLink Tzan Filter (PLAYMV)"	"Cyberlink Tzan Filter"	"CyberLink Corp."	"c:\program files (x86)\acer arcade deluxe\playmovie\videofilter\cltzan.ax"
+ "CyberLink Video/SP Decoder (PLAYMV)"	"CyberLink Video/SP Filter"	"CyberLink Corp."	"c:\program files (x86)\acer arcade deluxe\playmovie\videofilter\clvsd.ax"
+ "CyberLink WMV/WMA Demultiplexer"	"WMV/WMA Demux"	"CyberLink"	"c:\program files (x86)\acer arcade deluxe\homemedia\kernel\dmp\clwmfdemux.ax"
+ "DivX AAC Decoder"	"AAC audio decoder filter"	"DivX, Inc."	"c:\program files (x86)\divx\divx plus directshow filters\daac.ax"
+ "DivX Decoder Filter"	"DivX Decoder Filter"	"DivX, Inc."	"c:\program files (x86)\divx\divx codec\divxdec.ax"
+ "DivX Demux Filter"	"DivX Plus DMF Navigator Filter"	"DivX, Inc."	"c:\program files (x86)\divx\divx plus directshow filters\directshowdemuxfilter.dll"
+ "DivX Demux Filter (Unrestricted Edition)"	"DivX Plus DMF Navigator Filter"	"DivX, Inc."	"c:\program files (x86)\divx\divx plus directshow filters\directshowdemuxfilter.dll"
+ "DivX H.264 Decoder"	"DivX H.264 Decoder Filter"	"DivX, Inc."	"c:\program files (x86)\divx\divx plus directshow filters\divxdech264.ax"
+ "DivX Video Decoder 0004"	"DivX® Decoder Filter"	"DivX, Inc."	"c:\program files (x86)\pinnacle\shared files\filter\divxdec.ax"
+ "MACSReaderMP3 Filter"	"MACSReaderMP3 Filter"	""	"c:\program files (x86)\samsung\kies\external\mediamodules\macsreaderavi.ax"
+ "MainConcept (Adobe2) AAC Decoder"	""	""	"File not found: C:\Program Files (x86)\Adobe\Elements Organizer 8.0\CAHeadless\ad2daac.ax"
+ "MainConcept (Adobe2) AAC Encoder"	""	""	"File not found: C:\Program Files (x86)\Adobe\Elements Organizer 8.0\CAHeadless\ad2eaac.ax"
+ "MainConcept (Adobe2) AVC/H.264 Video Decoder"	""	""	"File not found: C:\Program Files (x86)\Adobe\Elements Organizer 8.0\CAHeadless\ad2avcvd.ax"
+ "MainConcept (Adobe2) AVC/H.264 Video Encoder"	""	""	"File not found: C:\Program Files (x86)\Adobe\Elements Organizer 8.0\CAHeadless\ad2h264ve.ax"
+ "MainConcept (Adobe2) DV Video Decoder"	""	""	"File not found: C:\Program Files (x86)\Adobe\Elements Organizer 8.0\CAHeadless\ad2dsdv.ax"
+ "MainConcept (Adobe2) DV Video Encoder"	""	""	"File not found: C:\Program Files (x86)\Adobe\Elements Organizer 8.0\CAHeadless\ad2dsdv.ax"
+ "MainConcept (Adobe2) MPEG Demultiplexer"	""	""	"File not found: C:\Program Files (x86)\Adobe\Elements Organizer 8.0\CAHeadless\ad2mpgdmx.ax"
+ "MainConcept (Adobe2) MPEG Push Demultiplexer"	""	""	"File not found: C:\Program Files (x86)\Adobe\Elements Organizer 8.0\CAHeadless\ad2mpgpdmx.ax"
+ "MainConcept (Adobe2) Stream Parser"	""	""	"File not found: C:\Program Files (x86)\Adobe\Elements Organizer 8.0\CAHeadless\ad2mpgdmx.ax"
+ "MainConcept (Broadcast) AVC/H.264 Video Decoder"	"AVC/H.264 Decoder DirectShow Filter"	"MainConcept GmbH"	"c:\program files (x86)\adobe\elements 10 organizer\mc_codecs\mc_bc_dec_avc_ds.ax"
+ "MainConcept AAC Decoder"	"AAC audio decoder filter"	"MainConcept GmbH"	"c:\program files (x86)\adobe\elements 10 organizer\mc_codecs\mc_dec_aac_ds.ax"
+ "MainConcept AVC/H.264 Video Decoder"	"AVC/H.264 Decoder DirectShow Filter"	"MainConcept GmbH"	"c:\program files (x86)\adobe\elements 10 organizer\mc_codecs\mc_dec_avc_ds.ax"
+ "MainConcept Dolby Digital Audio Decoder"	"Dolby Digital Audio Decoder"	"MainConcept GmbH"	"c:\program files\adobe\adobe premiere elements 10\32\mc_dec_dd_ds.ax"
+ "MainConcept MPEG Demultiplexer"	"MPEG-1/2 Demultiplexer"	"MainConcept GmbH"	"c:\program files (x86)\adobe\elements 10 organizer\mc_codecs\mc_demux_mp2_ds.ax"
+ "MainConcept MPEG Push Demultiplexer"	"MPEG Push Demultiplexer"	"MainConcept GmbH"	"c:\program files (x86)\adobe\elements 10 organizer\mc_codecs\mc_demuxpush_mp2_ds.ax"
+ "MainConcept Stream Parser"	"MPEG-1/2 Demultiplexer"	"MainConcept GmbH"	"c:\program files (x86)\adobe\elements 10 organizer\mc_codecs\mc_demux_mp2_ds.ax"
+ "MusicCity MPEG Splitter"	"PCube MPEG Splitter Filter"	"(c) MusicCity"	"c:\windows\syswow64\muzmpgsp.ax"
+ "MusicCity OGG Splitter"	"OGG Splitter"	"(c) PeeringPortal"	"c:\windows\syswow64\muzoggsp.ax"
+ "MyFree Codec Filter"	""	""	"c:\program files (x86)\myfree codec\1.0b beta\myfree.ax"
+ "NEDFilter4Samsung Filter"	"MACSReaderMP3 Filter"	"L544™ Technology"	"c:\program files (x86)\samsung\kies\external\mediamodules\nedfilter4samsung.ax"
+ "P3Audio"	"PCube Audio Decoder Filter"	"(c) MusicCity"	"c:\windows\syswow64\muzdecode.ax"
+ "P3AudioEffect"	"P3AudioEffect Filter"	"(c) MUSICCITY"	"c:\windows\syswow64\muzeffect.ax"
+ "P3MP4Splitter"	"P3MP4Splitter Filter"	"(c) MusicCity"	"c:\windows\syswow64\muzmp4sp.ax"
+ "P3Sourcer"	"AOD Sourcer Filter"	"Musiccity Co.Ltd."	"c:\windows\syswow64\muzaf1.dll"
+ "P3WMTSplitter"	"P3WMTSplitter Filter"	" (c) MusicCity"	"c:\windows\syswow64\muzwmts.dll"
+ "PICVideo M-JPEG 3 Compressor"	"PICVideo M-JPEG 3 codec"	"Pegasus Imaging Corporation"	"c:\program files (x86)\common files\pegasus imaging\pvmjpg30.dll"
+ "PICVideo M-JPEG 3 Decompressor"	"PICVideo M-JPEG 3 codec"	"Pegasus Imaging Corporation"	"c:\program files (x86)\common files\pegasus imaging\pvmjpg30.dll"
+ "Pinnacle MCE Multiplexer"	"Pinnacle MPEG Codec - DirectX Filter"	"Avid Development GmbH"	"c:\program files (x86)\pinnacle\shared files\filter\pclempegbox.ax"
+ "Pinnacle MP3 Encoder"	"Pinnacle MP3 compressor"	"Pinnacle Systems"	"c:\program files (x86)\pinnacle\studio 14\programs\pclemp3encoder.ax"
+ "Pinnacle MPEG 2 Decoder"	"Pinnacle MPEG Codec - DirectX Filter"	"Avid Development GmbH"	"c:\program files (x86)\pinnacle\shared files\filter\pclempegbox.ax"
+ "Pinnacle MPEG 2 Encoder"	"Pinnacle MPEG Codec - DirectX Filter"	"Avid Development GmbH"	"c:\program files (x86)\pinnacle\shared files\filter\pclempegbox.ax"
+ "Pinnacle MPEG 2 Splicer"	"Pinnacle MPEG Codec - DirectX Filter"	"Avid Development GmbH"	"c:\program files (x86)\pinnacle\shared files\filter\pclempegbox.ax"
+ "Pinnacle MPEG 2/AVC Multiplexer"	"Pinnacle MPEG Codec - DirectX Filter"	"Avid Development GmbH"	"c:\program files (x86)\pinnacle\shared files\filter\pclempegbox.ax"
+ "Pinnacle MPEG Adjust"	"Pinnacle MPEG Codec - DirectX Filter"	"Avid Development GmbH"	"c:\program files (x86)\pinnacle\shared files\filter\pclempegbox.ax"
+ "Pinnacle MPEG Demuxer"	"MPEG Demuxer Filter - Program stream demuxer"	"Avid Development GmbH"	"c:\program files (x86)\pinnacle\shared files\filter\pclempgdemux.ax"
+ "Pinnacle MPEG Layer-1/2 Audio Decoder"	"Pinnacle MPEG Codec - DirectX Filter"	"Avid Development GmbH"	"c:\program files (x86)\pinnacle\shared files\filter\pclempegbox.ax"
+ "Pinnacle MPEG Layer-2 Audio Encoder"	"Pinnacle MPEG Codec - DirectX Filter"	"Avid Development GmbH"	"c:\program files (x86)\pinnacle\shared files\filter\pclempegbox.ax"
+ "Pinnacle(dicas) AMR Audio Decoder"	"dsamrauddec"	"dicas digital image coding GmbH"	"c:\program files (x86)\pinnacle\shared files\filter\pcleamrauddec.ax"
+ "Pinnacle(dicas) AMR Audio Encoder"	"dsamraudenc"	"dicas digital image coding GmbH"	"c:\program files (x86)\pinnacle\studio 14\programs\pcleamraudenc.ax"
+ "Pinnacle(dicas) H263 Video Encoder"	"dsh263videnc"	"dicas digital image coding GmbH"	"c:\program files (x86)\pinnacle\studio 14\programs\pcleh263videnc.ax"
+ "Pinnacle(dicas) MPEG-4 Audio Decoder"	"dsmpeg4auddec"	"dicas digital image coding GmbH"	"c:\program files (x86)\pinnacle\shared files\filter\pclempeg4auddec.ax"
+ "Pinnacle(dicas) MPEG-4 File Reader"	"dsmp4filereader"	"dicas digital image coding GmbH"	"c:\program files (x86)\pinnacle\shared files\filter\pclemp4filereader.ax"
+ "Pinnacle(dicas) MPEG-4 Video Decoder"	"dsmpeg4viddec"	"dicas digital image coding GmbH"	"c:\program files (x86)\pinnacle\shared files\filter\pclempeg4viddec.ax"
+ "RealMediaRenderer2"	"Real Media Renderer 2"	"Pinnacle Systems, Inc."	"c:\program files (x86)\pinnacle\shared files\realvideo\pclermrenderer2.ax"
+ "Record Queue"	"Windows Live Video Acquisition Filters"	"Microsoft Corporation"	"c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "SelfMusicVideo Dump Filter"	"SelfMusicVideo Dump Filter (DShow)"	"ENJsoft Corporation"	"c:\program files (x86)\samsung\kies\external\transmodules\tg_dump0708.dll"
+ "SpatialStereo Filter"	""	""	"c:\windows\syswow64\3daudio.ax"
+ "Track1Filter"	"Adobe Photoshop Elements 10.0 (component)"	"Adobe Systems Incorporated"	"c:\program files (x86)\adobe\elements 10 organizer\track1filter.dll"
+ "Track2Filter"	"Adobe Photoshop Elements 10.0 (component)"	"Adobe Systems Incorporated"	"c:\program files (x86)\adobe\elements 10 organizer\track2filter.dll"
+ "WM VIH2 Fix"	"Windows Live Video Acquisition Filters"	"Microsoft Corporation"	"c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT DV Extract Filter"	"Windows Live Video Acquisition Filters"	"Microsoft Corporation"	"c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Sample Info Filter"	"Windows Live Video Acquisition Filters"	"Microsoft Corporation"	"c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Switch Filter"	"Windows Live Video Acquisition Filters"	"Microsoft Corporation"	"c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Renderer"	"Windows Live Video Acquisition Filters"	"Microsoft Corporation"	"c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "WMT Virtual Source"	"Windows Live Video Acquisition Filters"	"Microsoft Corporation"	"c:\program files (x86)\windows live\photo gallery\wlxvafilt.dll"
+ "Xvid MPEG-4 Video Decoder"	""	""	"c:\program files (x86)\myfree codec\1.0b beta\xvid-core\xvid.ax"
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers"	""	""	""
+ "WLIDCredentialProvider"	"Microsoft® Windows Live ID Credential Provider"	"Microsoft Corp."	"c:\program files\common files\microsoft shared\windows live\wlidcredprov.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries"	""	""	""
+ "WindowsLive Local NSP"	"Microsoft® Windows Live ID Namespace Provider"	"Microsoft Corp."	"c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP"	"Microsoft® Windows Live ID Namespace Provider"	"Microsoft Corp."	"c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64"	""	""	""
+ "WindowsLive Local NSP"	"Microsoft® Windows Live ID Namespace Provider"	"Microsoft Corp."	"c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
+ "WindowsLive NSP"	"Microsoft® Windows Live ID Namespace Provider"	"Microsoft Corp."	"c:\program files\common files\microsoft shared\windows live\wlidnsp.dll"
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors"	""	""	""
+ "BJ Language Monitor3_2"	"Canon Inkjet Printer Driver"	"CANON INC."	"c:\windows\system32\cnblm3_2.dll"
"C:\Users\Steffen\AppData\Local\Microsoft\Windows Sidebar\Settings.ini"	""	""	""
+ "CPU-måling"	"Se computerens processor, og systemhukommelse (RAM)."	"Microsoft Corporation"	"C:\Program Files\Windows Sidebar\Gadgets\CPU.Gadget\da-DK\Gadget.xml"
+ "Kalender"	"Gennemse dagene i kalenderen."	"Microsoft Corporation"	"C:\Program Files\Windows Sidebar\Gadgets\Calendar.Gadget\da-DK\Gadget.xml"


#8 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:57 AM

Posted 23 September 2012 - 09:44 PM

Run RKILL again and post the new log

Edited by narenxp, 24 September 2012 - 07:07 AM.


#9 emas

emas
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:10:57 AM

Posted 24 September 2012 - 07:06 AM

RKill (New)
Rkill 2.4.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 09/24/2012 02:05:01 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

 * No malware services found to stop.

Checking for processes to terminate:

 * No malware processes found to kill.

Checking Registry for malware related settings:

 * No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

 * No issues found.

Checking Windows Service Integrity: 

 * No issues found.

Searching for Missing Digital Signatures: 

 * No issues found.

Checking HOSTS File: 

 * No issues found.

Program finished at: 09/24/2012 02:05:09 PM
Execution time: 0 hours(s), 0 minute(s), and 7 seconds(s)


#10 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:57 AM

Posted 24 September 2012 - 07:07 AM

Download

Junkware removal tool

Launch it and scan should start running.After scan gets completed,post the generated log here.

Any current issues?

#11 emas

emas
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:10:57 AM

Posted 24 September 2012 - 07:19 AM

Junkware Removal Tool
Junkware Removal Tool (JRT) by Thisisu 
Version: 1.0.6 (09.24.2012) 
OS: Windows 7 Home Premium x64 
Ran by Steffen on 24-09-2012 at 14:16:44,39 
Blog: http://thisisudax.blogspot.com 
************************************************************** 
 
 
 
 
*** Registry Values: 0 Detections 
 
 
 
*** Registry Keys: 
 
Successfully deleted: [KEY] hkey_current_user\software\microsoft\internet explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a} 
FEJL: Adgang n‘gtet. **Means access denied in English**

Failed to delete: [KEY-LOCKED] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a} 
FEJL: Adgang n‘gtet. **]Means access denied in English**

Failed to delete: [KEY-LOCKED] hkey_local_machine\software\wow6432node\microsoft\internet explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a} 
 
 
 
*** Files: 0 Detections 
 
 
 
*** Folders: 0 Detections 
 
 
 
*** Ask Toolbar: - Remnants removed 
 
 
 
 
 
 
 
*** Event Viewer Logs - Cleared 
 
 
 
 
 
************************************************************** 
Scan was completed on 24-09-2012 at 14:16:52,95 
End of Report 


The system still runs fine, but I'm not able to start MSE.

Edited by emas, 24 September 2012 - 07:21 AM.


#12 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:57 AM

Posted 24 September 2012 - 07:23 AM

The system still runs fine, but I'm not able to start MSE.


Reinstall microsoft security essentials.It should work.I want you to run a quick scan with it and let me know it comes out clean.

#13 emas

emas
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:10:57 AM

Posted 24 September 2012 - 07:45 AM

It worked after reinstall. The quick scan did not find anything.

Should I go for something else than MSE or maybe supplement it with another application?

#14 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:57 AM

Posted 24 September 2012 - 07:48 AM

You're clean

Remove temporary and junk files

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode


Create a new restore point

Follow this guide to turn off and turn on your restore points

http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Turn off your system restore-It deletes old infected restore points

Turn on system restore and create a new restore point

Update JAVA and Flash player

Uninstall old version of java from control panel-Add or remove programs.Download the latest version from here

http://java.com/en/

Update your flash player

Antivirus recommendations

Update your antivirus frequently.Two free antivirus that i would suggest are

Microsoft security essentials or Avast.You can select either one of them.

If you have a paid one,make sure to update it frequently.Do not use multiple security softwares.

Informative guides that could prevent you from being infected again

How did I get infected?

http://www.bleepingcomputer.com/forums/topic2520.html

Best Practices for Safe Computing - Prevention of Malware Infection

http://www.bleepingcomputer.com/forums/topic407147.html

Simple and easy ways to keep your computer safe and secure on the Internet

http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/

Safe surfing :)

#15 emas

emas
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:10:57 AM

Posted 24 September 2012 - 09:01 AM

Thank you so much. I owe you sooo much for saving my dad's computer.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users