Gå til innhold

Finner ingen virus/malware - fortsatt treg pc


Anbefalte innlegg

Jeg er ganske forsiktig med hvor jeg ferdes på det store internettet, men klarte på en eller annen måte å få virus/malware her om dagen.

 

Det som skjedde var at alle ikonene på skrivebordet forsvant, sammen med alt innholdet på startmenyen og bakgrunnsbildet. Samtidig startet det opp et diagnoseprogram for harddisken som fortalte meg at harddisken holdt på å ta kvelden, og at jeg måtte kjøpe lisens til 500,- NOK for å fikse dette. Dette så ganske troverdig ut, og sammen med 50-ish feilmeldinger som kom opp, er det fort gjort å bite på.

 

Dette viruset heter Data Recovery Software og programvaren som starter, er selvfølgelig bare bløff.

 

Jeg søkte en del på nett, har fulgt et par guider for å bli kvitt dette og tror jeg nå har fått fjernet dette, men pcen er merkbart tregere enn før dette skjedde. Før jeg fikk fjernet dette, startet diagnosen opp hver gang man restartet, men nå virker pcen normal igjen.

 

Jeg har renset med AntiMalware og Spyware Doctor og ingen av disse finner noe galt nå. Har også kjørt HijackThis og legger ved log`en her:

 

 

 

 

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 10:44:22, on 05.05.2012

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v9.00 (9.00.8112.16421)

Boot mode: Normal

Running processes:

C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe

C:\Program Files (x86)\TechSmith\Snagit 10\Snagit32.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Program Files (x86)\PC Tools\PC Tools Security\pctsGui.exe

C:\Program Files (x86)\TechSmith\Snagit 10\TSCHelp.exe

C:\Program Files (x86)\TechSmith\Snagit 10\SnagPriv.exe

C:\Program Files (x86)\TeamViewer\Version7\TeamViewer.exe

C:\Program Files (x86)\TechSmith\Snagit 10\snagiteditor.exe

C:\Program Files (x86)\Stardock\ObjectDockFree\ObjectDock.exe

C:\Program Files (x86)\Opera\opera.exe

C:\Users\Laptop\Downloads\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = my.daemon-search.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

R3 - URLSearchHook: PC Tools Browser Guard - {472734EA-242A-422b-ADF8-83D1E48CC825} - C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll

O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files (x86)\TechSmith\Snagit 10\SnagitBHO.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Browser Guard BHO - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~3\Office12\GR469A~1.DLL

O2 - BHO: Påloggingshjelp for Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O2 - BHO: ClueIEAddin - {c14aa221-bae1-45f6-b0b3-90c23f2daa7d} - C:\Clue\adxloader.dll

O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

O3 - Toolbar: Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\Snagit 10\SnagitIEAddin.dll

O3 - Toolbar: PC Tools Browser Guard - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll

O4 - HKLM\..\Run: [iSTray] "C:\Program Files (x86)\PC Tools\PC Tools Security\pctsGui.exe" /hideGUI

O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun

O4 - Startup: Dropbox.lnk = C:\Users\Laptop\AppData\Roaming\Dropbox\bin\Dropbox.exe

O4 - Startup: Stardock ObjectDock.lnk = C:\Program Files (x86)\Stardock\ObjectDockFree\ObjectDock.exe

O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000

O9 - Extra button: Send til OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: S&end til OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll

O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe

O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL

O9 - Extra button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files (x86)\PokerStars.NET\PokerStarsUpdate.exe

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.co...sreqlab_nvd.cab

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~3\Office12\GRA32A~1.DLL

O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: Bonjour-tjeneste (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Browser Defender Update Service - Unknown owner - C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\BDTUpdateService.exe

O23 - Service: CleanMyPC Watcher (CleanMyPCService) - MacPaw Inc. - C:\Program Files\CleanMyPC\CleanMyPCService.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: iPod-tjeneste (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: jottaVSS - Unknown owner - C:\Program Files\Jotta\jottaVSS.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: NVIDIA Driver Helper Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files (x86)\PC Tools\PC Tools Security\pctsAuxs.exe

O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files (x86)\PC Tools\PC Tools Security\pctsSvc.exe

O23 - Service: Sesam Control Service (SesamService) - Swisscom - C:\Program Files (x86)\Telenor\mobilt bredband\Sesam\BIN\SecMIPService.exe

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe

O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe

O23 - Service: ThreatFire - PC Tools - C:\Program Files (x86)\PC Tools\PC Tools Security\TFEngine\TFService.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--

End of file - 10399 bytes

 

 

Endret av King-Nothing
Lenke til kommentar
Videoannonse
Annonse

Hai,

 

post log av fullscan av disse programmer:

http://support.kaspe.../?qid=208283363 (post loggen ikke fjerne noe enda)

 

etter det:

https://www.diskusjon.no/index.php?showtopic=691246

 

! Combofix (deaktiver alle antivirus Guards før du utfører Combofix og avslutt alle programmer)

Post log.

 

Dette skal fikse startmeny: http://www.bleepingc...ti-virus/unhide

http://www.bleepingc...opic405109.html

Endret av TheGenius
Lenke til kommentar

Kjører TDSSKiller nå, men tror du har linket til feil tråd. ;)

 

Startmenyen er i orden nå og alle ikonene er tilbake, så alt virker normalt, men pcen er betraktlig tregere enn før denne driten kom.

 

Log TDSSSKiller:

 

 

 

 

11:47:40.0925 1004 TDSS rootkit removing tool 2.7.34.0 May 2 2012 09:59:18

11:47:41.0190 1004 ============================================================

11:47:41.0190 1004 Current date / time: 2012/05/05 11:47:41.0190

11:47:41.0190 1004 SystemInfo:

11:47:41.0190 1004

11:47:41.0190 1004 OS Version: 6.1.7601 ServicePack: 1.0

11:47:41.0190 1004 Product type: Workstation

11:47:41.0190 1004 ComputerName: LAPTOP-PC

11:47:41.0191 1004 UserName: Laptop

11:47:41.0191 1004 Windows directory: C:\Windows

11:47:41.0191 1004 System windows directory: C:\Windows

11:47:41.0191 1004 Running under WOW64

11:47:41.0191 1004 Processor architecture: Intel x64

11:47:41.0191 1004 Number of processors: 2

11:47:41.0191 1004 Page size: 0x1000

11:47:41.0191 1004 Boot type: Normal boot

11:47:41.0191 1004 ============================================================

11:47:42.0231 1004 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

11:47:42.0240 1004 ============================================================

11:47:42.0240 1004 \Device\Harddisk0\DR0:

11:47:42.0240 1004 MBR partitions:

11:47:42.0240 1004 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000

11:47:42.0240 1004 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x124C6000

11:47:42.0240 1004 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x124F8800, BlocksNum 0x27E88830

11:47:42.0240 1004 ============================================================

11:47:42.0262 1004 C: &--#60;-&--#62; \Device\Harddisk0\DR0\Partition1

11:47:42.0309 1004 D: &--#60;-&--#62; \Device\Harddisk0\DR0\Partition2

11:47:42.0309 1004 ============================================================

11:47:42.0309 1004 Initialize success

11:47:42.0309 1004 ============================================================

11:47:45.0458 4444 ============================================================

11:47:45.0458 4444 Scan started

11:47:45.0458 4444 Mode: Manual;

11:47:45.0458 4444 ============================================================

11:47:47.0206 4444 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys

11:47:47.0219 4444 1394ohci - ok

11:47:47.0248 4444 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys

11:47:47.0251 4444 ACPI - ok

11:47:47.0279 4444 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys

11:47:47.0283 4444 AcpiPmi - ok

11:47:47.0553 4444 Adobe LM Service (4ae327c9c375d985ff2a2aab92765218) C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe

11:47:47.0556 4444 Adobe LM Service - ok

11:47:47.0648 4444 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

11:47:47.0651 4444 AdobeARMservice - ok

11:47:47.0763 4444 AdobeFlashPlayerUpdateSvc (459ac130c6ab892b1cd5d7544626efc5) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

11:47:47.0765 4444 AdobeFlashPlayerUpdateSvc - ok

11:47:47.0826 4444 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys

11:47:47.0840 4444 adp94xx - ok

11:47:47.0878 4444 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys

11:47:47.0893 4444 adpahci - ok

11:47:47.0910 4444 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys

11:47:47.0915 4444 adpu320 - ok

11:47:47.0941 4444 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll

11:47:47.0941 4444 AeLookupSvc - ok

11:47:48.0006 4444 AFD (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys

11:47:48.0012 4444 AFD - ok

11:47:48.0079 4444 AgereSoftModem (98022774d9930ecbb292e70db7601df6) C:\Windows\system32\DRIVERS\agrsm64.sys

11:47:48.0091 4444 AgereSoftModem - ok

11:47:48.0128 4444 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys

11:47:48.0131 4444 agp440 - ok

11:47:48.0148 4444 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe

11:47:48.0152 4444 ALG - ok

11:47:48.0175 4444 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys

11:47:48.0177 4444 aliide - ok

11:47:48.0187 4444 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys

11:47:48.0190 4444 amdide - ok

11:47:48.0216 4444 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys

11:47:48.0220 4444 AmdK8 - ok

11:47:48.0230 4444 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys

11:47:48.0233 4444 AmdPPM - ok

11:47:48.0277 4444 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys

11:47:48.0281 4444 amdsata - ok

11:47:48.0301 4444 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys

11:47:48.0313 4444 amdsbs - ok

11:47:48.0324 4444 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys

11:47:48.0325 4444 amdxata - ok

11:47:48.0355 4444 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys

11:47:48.0359 4444 AppID - ok

11:47:48.0365 4444 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll

11:47:48.0367 4444 AppIDSvc - ok

11:47:48.0395 4444 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll

11:47:48.0397 4444 Appinfo - ok

11:47:48.0488 4444 Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

11:47:48.0491 4444 Apple Mobile Device - ok

11:47:48.0534 4444 AppMgmt (4aba3e75a76195a3e38ed2766c962899) C:\Windows\System32\appmgmts.dll

11:47:48.0539 4444 AppMgmt - ok

11:47:48.0575 4444 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys

11:47:48.0579 4444 arc - ok

11:47:48.0594 4444 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys

11:47:48.0597 4444 arcsas - ok

11:47:48.0615 4444 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys

11:47:48.0618 4444 AsyncMac - ok

11:47:48.0643 4444 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys

11:47:48.0644 4444 atapi - ok

11:47:48.0706 4444 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll

11:47:48.0721 4444 AudioEndpointBuilder - ok

11:47:48.0730 4444 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll

11:47:48.0734 4444 AudioSrv - ok

11:47:48.0772 4444 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll

11:47:48.0776 4444 AxInstSV - ok

11:47:48.0813 4444 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys

11:47:48.0828 4444 b06bdrv - ok

11:47:48.0864 4444 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys

11:47:48.0880 4444 b57nd60a - ok

11:47:48.0904 4444 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll

11:47:48.0908 4444 BDESVC - ok

11:47:48.0916 4444 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys

11:47:48.0917 4444 Beep - ok

11:47:48.0986 4444 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll

11:47:49.0009 4444 BFE - ok

11:47:49.0053 4444 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\system32\qmgr.dll

11:47:49.0071 4444 BITS - ok

11:47:49.0106 4444 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys

11:47:49.0108 4444 blbdrive - ok

11:47:49.0189 4444 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe

11:47:49.0203 4444 Bonjour Service - ok

11:47:49.0241 4444 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys

11:47:49.0243 4444 bowser - ok

11:47:49.0254 4444 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys

11:47:49.0257 4444 BrFiltLo - ok

11:47:49.0267 4444 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys

11:47:49.0269 4444 BrFiltUp - ok

11:47:49.0295 4444 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys

11:47:49.0299 4444 BridgeMP - ok

11:47:49.0328 4444 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll

11:47:49.0329 4444 Browser - ok

11:47:49.0447 4444 Browser Defender Update Service (9d5fd177db76a7f5d6b8678870820d3c) C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\BDTUpdateService.exe

11:47:49.0465 4444 Browser Defender Update Service - ok

11:47:49.0487 4444 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys

11:47:49.0504 4444 Brserid - ok

11:47:49.0520 4444 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys

11:47:49.0524 4444 BrSerWdm - ok

11:47:49.0533 4444 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys

11:47:49.0535 4444 BrUsbMdm - ok

11:47:49.0540 4444 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys

11:47:49.0542 4444 BrUsbSer - ok

11:47:49.0585 4444 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys

11:47:49.0589 4444 BthEnum - ok

11:47:49.0602 4444 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys

11:47:49.0605 4444 BTHMODEM - ok

11:47:49.0630 4444 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys

11:47:49.0634 4444 BthPan - ok

11:47:49.0856 4444 BTHPORT (0d25b6d300ba26a5f2c3b2a8e96b158b) C:\Windows\System32\Drivers\BTHport.sys

11:47:49.0879 4444 BTHPORT - ok

11:47:49.0904 4444 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll

11:47:49.0907 4444 bthserv - ok

11:47:49.0929 4444 BTHUSB (1f9912f8ec5bfa53432e71e150636a8a) C:\Windows\System32\Drivers\BTHUSB.sys

11:47:49.0932 4444 BTHUSB - ok

11:47:49.0959 4444 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys

11:47:49.0961 4444 cdfs - ok

11:47:50.0000 4444 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys

11:47:50.0002 4444 cdrom - ok

11:47:50.0043 4444 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll

11:47:50.0044 4444 CertPropSvc - ok

11:47:50.0058 4444 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys

11:47:50.0061 4444 circlass - ok

11:47:50.0156 4444 CleanMyPCService (8b4cb7724070b1ac19afb4c572ddf112) C:\Program Files\CleanMyPC\CleanMyPCService.exe

11:47:50.0157 4444 CleanMyPCService - ok

11:47:50.0196 4444 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys

11:47:50.0198 4444 CLFS - ok

11:47:50.0255 4444 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

11:47:50.0258 4444 clr_optimization_v2.0.50727_32 - ok

11:47:50.0295 4444 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

11:47:50.0298 4444 clr_optimization_v2.0.50727_64 - ok

11:47:50.0350 4444 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys

11:47:50.0351 4444 CmBatt - ok

11:47:50.0382 4444 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys

11:47:50.0384 4444 cmdide - ok

11:47:50.0426 4444 CNG (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys

11:47:50.0431 4444 CNG - ok

11:47:50.0449 4444 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys

11:47:50.0450 4444 Compbatt - ok

11:47:50.0462 4444 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys

11:47:50.0463 4444 CompositeBus - ok

11:47:50.0467 4444 COMSysApp - ok

11:47:50.0478 4444 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys

11:47:50.0480 4444 crcdisk - ok

11:47:50.0716 4444 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll

11:47:50.0717 4444 CryptSvc - ok

11:47:50.0747 4444 CSC (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys

11:47:50.0752 4444 CSC - ok

11:47:50.0813 4444 CscService (3ab183ab4d2c79dcf459cd2c1266b043) C:\Windows\System32\cscsvc.dll

11:47:50.0828 4444 CscService - ok

11:47:50.0858 4444 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll

11:47:50.0863 4444 DcomLaunch - ok

11:47:50.0903 4444 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll

11:47:50.0908 4444 defragsvc - ok

11:47:50.0965 4444 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys

11:47:50.0966 4444 DfsC - ok

11:47:51.0007 4444 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll

11:47:51.0009 4444 Dhcp - ok

11:47:51.0030 4444 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys

11:47:51.0031 4444 discache - ok

11:47:51.0050 4444 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys

11:47:51.0051 4444 Disk - ok

11:47:51.0081 4444 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll

11:47:51.0082 4444 Dnscache - ok

11:47:51.0119 4444 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll

11:47:51.0129 4444 dot3svc - ok

11:47:51.0160 4444 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll

11:47:51.0162 4444 DPS - ok

11:47:51.0185 4444 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys

11:47:51.0187 4444 drmkaud - ok

11:47:51.0227 4444 dtsoftbus01 (fb9bef3401ee5ecc2603311b9c64f44a) C:\Windows\system32\DRIVERS\dtsoftbus01.sys

11:47:51.0229 4444 dtsoftbus01 - ok

11:47:51.0281 4444 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys

11:47:51.0290 4444 DXGKrnl - ok

11:47:51.0340 4444 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll

11:47:51.0342 4444 EapHost - ok

11:47:51.0556 4444 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys

11:47:51.0626 4444 ebdrv - ok

11:47:51.0689 4444 EFS (0793f40b9b8a1bdd266296409dbd91ea) C:\Windows\System32\lsass.exe

11:47:51.0692 4444 EFS - ok

11:47:51.0746 4444 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe

11:47:51.0772 4444 ehRecvr - ok

11:47:51.0789 4444 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe

11:47:51.0792 4444 ehSched - ok

11:47:51.0832 4444 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys

11:47:51.0849 4444 elxstor - ok

11:47:51.0881 4444 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys

11:47:51.0883 4444 ErrDev - ok

11:47:51.0943 4444 esgiguard - ok

11:47:51.0991 4444 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll

11:47:51.0994 4444 EventSystem - ok

11:47:52.0031 4444 ewusbnet (6bb25543428878bafbc2f8446343b160) C:\Windows\system32\DRIVERS\ewusbnet.sys

11:47:52.0036 4444 ewusbnet - ok

11:47:52.0059 4444 ew_hwusbdev (e2cbb821c7cae0ef8b56de28ed85c740) C:\Windows\system32\DRIVERS\ew_hwusbdev.sys

11:47:52.0063 4444 ew_hwusbdev - ok

11:47:52.0081 4444 ew_usbenumfilter (55e0eda185869f7ea67ea97fd0655b39) C:\Windows\system32\DRIVERS\ew_usbenumfilter.sys

11:47:52.0084 4444 ew_usbenumfilter - ok

11:47:52.0101 4444 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys

11:47:52.0106 4444 exfat - ok

11:47:52.0123 4444 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys

11:47:52.0127 4444 fastfat - ok

11:47:52.0179 4444 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe

11:47:52.0199 4444 Fax - ok

11:47:52.0212 4444 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys

11:47:52.0215 4444 fdc - ok

11:47:52.0226 4444 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll

11:47:52.0227 4444 fdPHost - ok

11:47:52.0238 4444 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll

11:47:52.0240 4444 FDResPub - ok

11:47:52.0252 4444 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys

11:47:52.0253 4444 FileInfo - ok

11:47:52.0269 4444 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys

11:47:52.0272 4444 Filetrace - ok

11:47:52.0281 4444 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys

11:47:52.0284 4444 flpydisk - ok

11:47:52.0303 4444 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys

11:47:52.0306 4444 FltMgr - ok

11:47:52.0369 4444 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll

11:47:52.0395 4444 FontCache - ok

11:47:52.0474 4444 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

11:47:52.0475 4444 FontCache3.0.0.0 - ok

11:47:52.0512 4444 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys

11:47:52.0515 4444 FsDepends - ok

11:47:52.0527 4444 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys

11:47:52.0528 4444 Fs_Rec - ok

11:47:52.0575 4444 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys

11:47:52.0578 4444 fvevol - ok

11:47:52.0593 4444 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys

11:47:52.0596 4444 gagp30kx - ok

11:47:52.0624 4444 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys

11:47:52.0625 4444 GEARAspiWDM - ok

11:47:52.0686 4444 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll

11:47:52.0705 4444 gpsvc - ok

11:47:52.0716 4444 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys

11:47:52.0718 4444 hcw85cir - ok

11:47:52.0766 4444 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys

11:47:52.0770 4444 HdAudAddService - ok

11:47:52.0794 4444 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys

11:47:52.0796 4444 HDAudBus - ok

11:47:52.0802 4444 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys

11:47:52.0804 4444 HidBatt - ok

11:47:52.0818 4444 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys

11:47:52.0822 4444 HidBth - ok

11:47:52.0832 4444 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys

11:47:52.0835 4444 HidIr - ok

11:47:52.0851 4444 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll

11:47:52.0853 4444 hidserv - ok

11:47:52.0876 4444 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys

11:47:52.0877 4444 HidUsb - ok

11:47:52.0914 4444 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll

11:47:52.0917 4444 hkmsvc - ok

11:47:52.0954 4444 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll

11:47:52.0966 4444 HomeGroupListener - ok

11:47:52.0998 4444 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll

11:47:53.0001 4444 HomeGroupProvider - ok

11:47:53.0031 4444 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys

11:47:53.0034 4444 HpSAMD - ok

11:47:53.0088 4444 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys

11:47:53.0095 4444 HTTP - ok

11:47:53.0143 4444 hwdatacard (6e05228393cd614b983568ec40c262c3) C:\Windows\system32\DRIVERS\ewusbmdm.sys

11:47:53.0152 4444 hwdatacard - ok

11:47:53.0181 4444 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys

11:47:53.0182 4444 hwpolicy - ok

11:47:53.0214 4444 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys

11:47:53.0215 4444 i8042prt - ok

11:47:53.0255 4444 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys

11:47:53.0271 4444 iaStorV - ok

11:47:53.0392 4444 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

11:47:53.0416 4444 idsvc - ok

11:47:53.0440 4444 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys

11:47:53.0444 4444 iirsp - ok

11:47:53.0509 4444 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll

11:47:53.0535 4444 IKEEXT - ok

11:47:53.0558 4444 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys

11:47:53.0561 4444 intelide - ok

11:47:53.0581 4444 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys

11:47:53.0582 4444 intelppm - ok

11:47:53.0604 4444 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll

11:47:53.0607 4444 IPBusEnum - ok

11:47:53.0638 4444 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys

11:47:53.0641 4444 IpFilterDriver - ok

11:47:53.0884 4444 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll

11:47:53.0888 4444 iphlpsvc - ok

11:47:53.0900 4444 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys

11:47:53.0904 4444 IPMIDRV - ok

11:47:53.0923 4444 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys

11:47:53.0927 4444 IPNAT - ok

11:47:54.0005 4444 iPod Service (50d6ccc6ff5561f9f56946b3e6164fb8) C:\Program Files\iPod\bin\iPodService.exe

11:47:54.0034 4444 iPod Service - ok

11:47:54.0055 4444 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys

11:47:54.0058 4444 IRENUM - ok

11:47:54.0069 4444 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys

11:47:54.0071 4444 isapnp - ok

11:47:54.0094 4444 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys

11:47:54.0104 4444 iScsiPrt - ok

11:47:54.0165 4444 jottaVSS (4181f43513d30bdd8a44a564c3c8e314) C:\Program Files\Jotta\jottaVSS.exe

11:47:54.0167 4444 jottaVSS - ok

11:47:54.0186 4444 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys

11:47:54.0187 4444 kbdclass - ok

11:47:54.0210 4444 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys

11:47:54.0213 4444 kbdhid - ok

11:47:54.0231 4444 KeyIso (0793f40b9b8a1bdd266296409dbd91ea) C:\Windows\system32\lsass.exe

11:47:54.0232 4444 KeyIso - ok

11:47:54.0256 4444 KSecDD (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys

11:47:54.0257 4444 KSecDD - ok

11:47:54.0293 4444 KSecPkg (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys

11:47:54.0295 4444 KSecPkg - ok

11:47:54.0317 4444 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys

11:47:54.0318 4444 ksthunk - ok

11:47:54.0341 4444 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll

11:47:54.0359 4444 KtmRm - ok

11:47:54.0394 4444 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\System32\srvsvc.dll

11:47:54.0397 4444 LanmanServer - ok

11:47:54.0416 4444 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll

11:47:54.0419 4444 LanmanWorkstation - ok

11:47:54.0464 4444 libusb0 (285954c6c6ef43b78ab84034750fac6a) C:\Windows\system32\drivers\libusb0.sys

11:47:54.0466 4444 libusb0 - ok

11:47:54.0490 4444 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys

11:47:54.0491 4444 lltdio - ok

11:47:54.0511 4444 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll

11:47:54.0527 4444 lltdsvc - ok

11:47:54.0537 4444 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll

11:47:54.0538 4444 lmhosts - ok

11:47:54.0577 4444 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys

11:47:54.0581 4444 LSI_FC - ok

11:47:54.0593 4444 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys

11:47:54.0596 4444 LSI_SAS - ok

11:47:54.0606 4444 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys

11:47:54.0609 4444 LSI_SAS2 - ok

11:47:54.0625 4444 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys

11:47:54.0629 4444 LSI_SCSI - ok

11:47:54.0646 4444 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys

11:47:54.0648 4444 luafv - ok

11:47:54.0660 4444 MBAMProtector - ok

11:47:54.0759 4444 MBAMService (ba400ed640bca1eae5c727ae17c10207) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

11:47:54.0787 4444 MBAMService - ok

11:47:54.0827 4444 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll

11:47:54.0831 4444 Mcx2Svc - ok

11:47:54.0842 4444 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys

11:47:54.0844 4444 megasas - ok

11:47:55.0055 4444 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys

11:47:55.0071 4444 MegaSR - ok

11:47:55.0144 4444 Microsoft Office Groove Audit Service (fafe367d032ed82e9332b4c741a20216) C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe

11:47:55.0147 4444 Microsoft Office Groove Audit Service - ok

11:47:55.0175 4444 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll

11:47:55.0177 4444 MMCSS - ok

11:47:55.0186 4444 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys

11:47:55.0187 4444 Modem - ok

11:47:55.0213 4444 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys

11:47:55.0214 4444 monitor - ok

11:47:55.0263 4444 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys

11:47:55.0265 4444 mouclass - ok

11:47:55.0294 4444 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys

11:47:55.0295 4444 mouhid - ok

11:47:55.0338 4444 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys

11:47:55.0340 4444 mountmgr - ok

11:47:55.0361 4444 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys

11:47:55.0365 4444 mpio - ok

11:47:55.0380 4444 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys

11:47:55.0381 4444 mpsdrv - ok

11:47:55.0448 4444 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll

11:47:55.0476 4444 MpsSvc - ok

11:47:55.0491 4444 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys

11:47:55.0495 4444 MRxDAV - ok

11:47:55.0524 4444 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys

11:47:55.0526 4444 mrxsmb - ok

11:47:55.0551 4444 mrxsmb10 (2086d463bd371d8a37d153897430916d) C:\Windows\system32\DRIVERS\mrxsmb10.sys

11:47:55.0554 4444 mrxsmb10 - ok

11:47:55.0573 4444 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys

11:47:55.0574 4444 mrxsmb20 - ok

11:47:55.0585 4444 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys

11:47:55.0586 4444 msahci - ok

11:47:55.0601 4444 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys

11:47:55.0606 4444 msdsm - ok

11:47:55.0634 4444 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe

11:47:55.0638 4444 MSDTC - ok

11:47:55.0665 4444 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys

11:47:55.0666 4444 Msfs - ok

11:47:55.0680 4444 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys

11:47:55.0684 4444 mshidkmdf - ok

11:47:55.0694 4444 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys

11:47:55.0695 4444 msisadrv - ok

11:47:55.0720 4444 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll

11:47:55.0726 4444 MSiSCSI - ok

11:47:55.0731 4444 msiserver - ok

11:47:55.0755 4444 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys

11:47:55.0758 4444 MSKSSRV - ok

11:47:55.0774 4444 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys

11:47:55.0776 4444 MSPCLOCK - ok

11:47:55.0785 4444 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys

11:47:55.0787 4444 MSPQM - ok

11:47:55.0829 4444 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys

11:47:55.0833 4444 MsRPC - ok

11:47:55.0848 4444 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys

11:47:55.0848 4444 mssmbios - ok

11:47:55.0864 4444 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys

11:47:55.0867 4444 MSTEE - ok

11:47:55.0875 4444 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys

11:47:55.0877 4444 MTConfig - ok

11:47:55.0892 4444 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys

11:47:55.0894 4444 Mup - ok

11:47:55.0929 4444 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll

11:47:55.0946 4444 napagent - ok

11:47:55.0985 4444 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys

11:47:55.0989 4444 NativeWifiP - ok

11:47:56.0037 4444 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys

11:47:56.0043 4444 NDIS - ok

11:47:56.0080 4444 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys

11:47:56.0083 4444 NdisCap - ok

11:47:56.0109 4444 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys

11:47:56.0110 4444 NdisTapi - ok

11:47:56.0151 4444 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys

11:47:56.0152 4444 Ndisuio - ok

11:47:56.0198 4444 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys

11:47:56.0200 4444 NdisWan - ok

11:47:56.0210 4444 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys

11:47:56.0211 4444 NDProxy - ok

11:47:56.0225 4444 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys

11:47:56.0227 4444 NetBIOS - ok

11:47:56.0256 4444 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys

11:47:56.0259 4444 NetBT - ok

11:47:56.0278 4444 Netlogon (0793f40b9b8a1bdd266296409dbd91ea) C:\Windows\system32\lsass.exe

11:47:56.0279 4444 Netlogon - ok

11:47:56.0322 4444 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll

11:47:56.0326 4444 Netman - ok

11:47:56.0347 4444 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll

11:47:56.0352 4444 netprofm - ok

11:47:56.0436 4444 NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe

11:47:56.0440 4444 NetTcpPortSharing - ok

11:47:56.0738 4444 NETw5s64 (4d85a450edef10c38882182753a49aae) C:\Windows\system32\DRIVERS\NETw5s64.sys

11:47:56.0862 4444 NETw5s64 - ok

11:47:57.0253 4444 netw5v64 (64428dfdaf6e88366cb51f45a79c5f69) C:\Windows\system32\DRIVERS\netw5v64.sys

11:47:57.0346 4444 netw5v64 - ok

11:47:57.0401 4444 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys

11:47:57.0404 4444 nfrd960 - ok

11:47:57.0463 4444 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll

11:47:57.0466 4444 NlaSvc - ok

11:47:57.0481 4444 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys

11:47:57.0483 4444 Npfs - ok

11:47:57.0511 4444 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll

11:47:57.0512 4444 nsi - ok

11:47:57.0527 4444 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys

11:47:57.0528 4444 nsiproxy - ok

11:47:57.0618 4444 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys

11:47:57.0635 4444 Ntfs - ok

11:47:57.0695 4444 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys

11:47:57.0695 4444 Null - ok

11:47:57.0732 4444 NVHDA (857fb74754ebff94ee3ad40788740916) C:\Windows\system32\drivers\nvhda64v.sys

11:47:57.0734 4444 NVHDA - ok

11:47:58.0239 4444 nvlddmkm (f12c5f17d48d9f5c70e4408b3ccb5443) C:\Windows\system32\DRIVERS\nvlddmkm.sys

11:47:58.0472 4444 nvlddmkm - ok

11:47:58.0544 4444 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys

11:47:58.0548 4444 nvraid - ok

11:47:58.0581 4444 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys

11:47:58.0585 4444 nvstor - ok

11:47:58.0649 4444 NVSvc (8a55543c379b0582f0c33db447d1c892) C:\Windows\system32\nvvsvc.exe

11:47:58.0676 4444 NVSvc - ok

11:47:58.0695 4444 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys

11:47:58.0699 4444 nv_agp - ok

11:47:58.0775 4444 odserv (84de1dd996b48b05ace31ad015fa108a) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE

11:47:58.0790 4444 odserv - ok

11:47:58.0814 4444 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys

11:47:58.0817 4444 ohci1394 - ok

11:47:58.0851 4444 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

11:47:58.0855 4444 ose - ok

11:47:58.0888 4444 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll

11:47:58.0905 4444 p2pimsvc - ok

11:47:58.0935 4444 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll

11:47:58.0950 4444 p2psvc - ok

11:47:58.0975 4444 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys

11:47:58.0979 4444 Parport - ok

11:47:59.0012 4444 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys

11:47:59.0014 4444 partmgr - ok

11:47:59.0028 4444 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll

11:47:59.0031 4444 PcaSvc - ok

11:47:59.0049 4444 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys

11:47:59.0051 4444 pci - ok

11:47:59.0067 4444 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys

11:47:59.0070 4444 pciide - ok

11:47:59.0087 4444 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys

11:47:59.0092 4444 pcmcia - ok

11:47:59.0121 4444 PCTBD (99a3a277a99c437283324067970e1d37) C:\Windows\system32\Drivers\PCTBD64.sys

11:47:59.0124 4444 PCTBD - ok

11:47:59.0176 4444 PCTCore (dbb55b4da79a6f59b63e233907ba6bae) C:\Windows\system32\drivers\PCTCore64.sys

11:47:59.0179 4444 PCTCore - ok

11:47:59.0230 4444 pctDS (ba1f42a42f405f62ceff6b69a2797f7c) C:\Windows\system32\drivers\pctDS64.sys

11:47:59.0248 4444 pctDS - ok

11:47:59.0299 4444 pctEFA (146cc91c93ced13e7fe40e8d8615be39) C:\Windows\system32\drivers\pctEFA64.sys

11:47:59.0326 4444 pctEFA - ok

11:47:59.0386 4444 PCTFW-PacketFilter (f48e1ee1e1819e6d3641b676848d4130) C:\Windows\system32\drivers\pctNdis-PacketFilter64.sys

11:47:59.0390 4444 PCTFW-PacketFilter - ok

11:47:59.0451 4444 pctgntdi (5b4b9d0e748aa06a8887fe79351c91f3) C:\Windows\System32\drivers\pctgntdi64.sys

11:47:59.0454 4444 pctgntdi - ok

11:47:59.0488 4444 pctNdisLW64 (2cd661d05c2049fb1264e70b2226a845) C:\Windows\system32\DRIVERS\pctNdisLW64.sys

11:47:59.0490 4444 pctNdisLW64 - ok

11:47:59.0525 4444 pctplfw (60aaf5f37104d77e328b96eea4cf0a01) C:\Windows\System32\drivers\pctplfw64.sys

11:47:59.0530 4444 pctplfw - ok

11:47:59.0569 4444 pctplsg (db1f94051396af34fe521bfeececdb53) C:\Windows\System32\drivers\pctplsg64.sys

11:47:59.0571 4444 pctplsg - ok

11:47:59.0605 4444 PCTSD (afa19eff0197c474379ed904e25a995d) C:\Windows\system32\Drivers\PCTSD64.sys

11:47:59.0608 4444 PCTSD - ok

11:47:59.0630 4444 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys

11:47:59.0631 4444 pcw - ok

11:47:59.0670 4444 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys

11:47:59.0677 4444 PEAUTH - ok

11:47:59.0758 4444 PeerDistSvc (b9b0a4299dd2d76a4243f75fd54dc680) C:\Windows\system32\peerdistsvc.dll

11:47:59.0799 4444 PeerDistSvc - ok

11:47:59.0869 4444 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe

11:47:59.0872 4444 PerfHost - ok

11:48:00.0545 4444 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll

11:48:00.0587 4444 pla - ok

11:48:00.0631 4444 PlugPlay (b806e50427511bcf4ad8e8239c3e25fa) C:\Windows\system32\umpnpmgr.dll

11:48:00.0635 4444 PlugPlay - ok

11:48:00.0653 4444 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll

11:48:00.0657 4444 PNRPAutoReg - ok

11:48:00.0685 4444 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll

11:48:00.0688 4444 PNRPsvc - ok

11:48:00.0718 4444 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll

11:48:00.0722 4444 PolicyAgent - ok

11:48:00.0754 4444 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll

11:48:00.0757 4444 Power - ok

11:48:00.0836 4444 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys

11:48:00.0838 4444 PptpMiniport - ok

11:48:00.0865 4444 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys

11:48:00.0868 4444 Processor - ok

11:48:00.0895 4444 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll

11:48:00.0898 4444 ProfSvc - ok

11:48:00.0922 4444 ProtectedStorage (0793f40b9b8a1bdd266296409dbd91ea) C:\Windows\system32\lsass.exe

11:48:00.0924 4444 ProtectedStorage - ok

11:48:00.0958 4444 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys

11:48:00.0959 4444 Psched - ok

11:48:01.0034 4444 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys

11:48:01.0068 4444 ql2300 - ok

11:48:01.0145 4444 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys

11:48:01.0149 4444 ql40xx - ok

11:48:01.0178 4444 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll

11:48:01.0189 4444 QWAVE - ok

11:48:01.0208 4444 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys

11:48:01.0211 4444 QWAVEdrv - ok

11:48:01.0227 4444 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys

11:48:01.0229 4444 RasAcd - ok

11:48:01.0268 4444 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys

11:48:01.0270 4444 RasAgileVpn - ok

11:48:01.0308 4444 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll

11:48:01.0313 4444 RasAuto - ok

11:48:01.0348 4444 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys

11:48:01.0350 4444 Rasl2tp - ok

11:48:01.0393 4444 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll

11:48:01.0397 4444 RasMan - ok

11:48:01.0421 4444 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys

11:48:01.0423 4444 RasPppoe - ok

11:48:01.0441 4444 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys

11:48:01.0443 4444 RasSstp - ok

11:48:01.0482 4444 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys

11:48:01.0485 4444 rdbss - ok

11:48:01.0497 4444 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys

11:48:01.0499 4444 rdpbus - ok

11:48:01.0508 4444 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys

11:48:01.0509 4444 RDPCDD - ok

11:48:01.0551 4444 RDPDR (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys

11:48:01.0556 4444 RDPDR - ok

11:48:01.0579 4444 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys

11:48:01.0580 4444 RDPENCDD - ok

11:48:01.0598 4444 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys

11:48:01.0599 4444 RDPREFMP - ok

11:48:01.0633 4444 RdpVideoMiniport (70cba1a0c98600a2aa1863479b35cb90) C:\Windows\system32\drivers\rdpvideominiport.sys

11:48:01.0636 4444 RdpVideoMiniport - ok

11:48:01.0654 4444 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys

11:48:01.0661 4444 RDPWD - ok

11:48:01.0689 4444 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys

11:48:01.0692 4444 rdyboost - ok

11:48:01.0713 4444 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll

11:48:01.0717 4444 RemoteAccess - ok

11:48:01.0735 4444 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll

11:48:01.0740 4444 RemoteRegistry - ok

11:48:01.0763 4444 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys

11:48:01.0767 4444 RFCOMM - ok

11:48:01.0794 4444 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll

11:48:01.0795 4444 RpcEptMapper - ok

11:48:01.0820 4444 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe

11:48:01.0823 4444 RpcLocator - ok

11:48:01.0855 4444 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll

11:48:01.0860 4444 RpcSs - ok

11:48:01.0887 4444 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys

11:48:01.0888 4444 rspndr - ok

11:48:01.0920 4444 s3cap (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys

11:48:01.0922 4444 s3cap - ok

11:48:01.0937 4444 SamSs (0793f40b9b8a1bdd266296409dbd91ea) C:\Windows\system32\lsass.exe

11:48:01.0938 4444 SamSs - ok

11:48:01.0973 4444 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys

11:48:01.0977 4444 sbp2port - ok

11:48:01.0998 4444 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll

11:48:02.0001 4444 SCardSvr - ok

11:48:02.0036 4444 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys

11:48:02.0039 4444 scfilter - ok

11:48:02.0103 4444 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll

11:48:02.0139 4444 Schedule - ok

11:48:02.0180 4444 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll

11:48:02.0181 4444 SCPolicySvc - ok

11:48:02.0264 4444 sdAuxService (17d6a03103586d7954ba74c2219ce1bb) C:\Program Files (x86)\PC Tools\PC Tools Security\pctsAuxs.exe

11:48:02.0266 4444 sdAuxService - ok

11:48:02.0321 4444 sdCoreService (697e0a2a300ee8719cafae55b4771053) C:\Program Files (x86)\PC Tools\PC Tools Security\pctsSvc.exe

11:48:02.0328 4444 sdCoreService - ok

11:48:02.0400 4444 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll

11:48:02.0406 4444 SDRSVC - ok

11:48:02.0461 4444 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys

11:48:02.0462 4444 secdrv - ok

11:48:02.0499 4444 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll

11:48:02.0501 4444 seclogon - ok

11:48:02.0519 4444 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\system32\sens.dll

11:48:02.0521 4444 SENS - ok

11:48:02.0532 4444 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll

11:48:02.0537 4444 SensrSvc - ok

11:48:02.0548 4444 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys

11:48:02.0551 4444 Serenum - ok

11:48:02.0564 4444 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys

11:48:02.0567 4444 Serial - ok

11:48:02.0603 4444 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys

11:48:02.0606 4444 sermouse - ok

11:48:02.0774 4444 SesamService (ac105dbbb2506a8c7285b628c2b0a3a1) C:\Program Files (x86)\Telenor\mobilt bredband\Sesam\BIN\SecMIPService.exe

11:48:02.0811 4444 SesamService - ok

11:48:02.0842 4444 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll

11:48:02.0846 4444 SessionEnv - ok

11:48:02.0891 4444 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys

11:48:02.0893 4444 sffdisk - ok

11:48:02.0908 4444 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys

11:48:02.0911 4444 sffp_mmc - ok

11:48:02.0926 4444 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys

11:48:02.0928 4444 sffp_sd - ok

11:48:02.0946 4444 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys

11:48:02.0949 4444 sfloppy - ok

11:48:02.0984 4444 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll

11:48:03.0001 4444 SharedAccess - ok

11:48:03.0026 4444 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll

11:48:03.0031 4444 ShellHWDetection - ok

11:48:03.0049 4444 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys

11:48:03.0052 4444 SiSRaid2 - ok

11:48:03.0069 4444 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys

11:48:03.0072 4444 SiSRaid4 - ok

11:48:03.0103 4444 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys

11:48:03.0107 4444 Smb - ok

11:48:03.0142 4444 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe

11:48:03.0145 4444 SNMPTRAP - ok

11:48:03.0430 4444 speedfan (12583af6cbe0050651eaf2723b3ad7b3) C:\Windows\syswow64\speedfan.sys

11:48:03.0433 4444 speedfan - ok

11:48:03.0443 4444 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys

11:48:03.0444 4444 spldr - ok

11:48:03.0477 4444 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe

11:48:03.0497 4444 Spooler - ok

11:48:03.0652 4444 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe

11:48:03.0696 4444 sppsvc - ok

11:48:03.0777 4444 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll

11:48:03.0782 4444 sppuinotify - ok

11:48:03.0829 4444 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys

11:48:03.0833 4444 srv - ok

11:48:03.0871 4444 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys

11:48:03.0876 4444 srv2 - ok

11:48:03.0905 4444 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys

11:48:03.0908 4444 srvnet - ok

11:48:03.0935 4444 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll

11:48:03.0938 4444 SSDPSRV - ok

11:48:03.0952 4444 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll

11:48:03.0955 4444 SstpSvc - ok

11:48:03.0983 4444 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys

11:48:03.0986 4444 stexstor - ok

11:48:04.0040 4444 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll

11:48:04.0045 4444 stisvc - ok

11:48:04.0073 4444 storflt (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys

11:48:04.0074 4444 storflt - ok

11:48:04.0090 4444 storvsc (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys

11:48:04.0094 4444 storvsc - ok

11:48:04.0110 4444 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys

11:48:04.0111 4444 swenum - ok

11:48:04.0203 4444 SwitchBoard (f577910a133a592234ebaad3f3afa258) C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

11:48:04.0218 4444 SwitchBoard - ok

11:48:04.0254 4444 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll

11:48:04.0273 4444 swprv - ok

11:48:04.0289 4444 Synth3dVsc - ok

11:48:04.0383 4444 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll

11:48:04.0421 4444 SysMain - ok

11:48:04.0515 4444 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll

11:48:04.0519 4444 TabletInputService - ok

11:48:04.0563 4444 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll

11:48:04.0567 4444 TapiSrv - ok

11:48:04.0583 4444 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll

11:48:04.0587 4444 TBS - ok

11:48:04.0692 4444 Tcpip (92ce29d95ac9dd2d0ee9061d551ba250) C:\Windows\system32\drivers\tcpip.sys

11:48:04.0703 4444 Tcpip - ok

11:48:04.0832 4444 TCPIP6 (92ce29d95ac9dd2d0ee9061d551ba250) C:\Windows\system32\DRIVERS\tcpip.sys

11:48:04.0844 4444 TCPIP6 - ok

11:48:04.0924 4444 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys

11:48:04.0925 4444 tcpipreg - ok

11:48:04.0951 4444 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys

11:48:04.0954 4444 TDPIPE - ok

11:48:04.0959 4444 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys

11:48:04.0962 4444 TDTCP - ok

11:48:04.0999 4444 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys

11:48:05.0001 4444 tdx - ok

11:48:05.0165 4444 TeamViewer6 (7c2f4d20af8267605607b483d88c8302) C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe

11:48:05.0219 4444 TeamViewer6 - ok

11:48:05.0415 4444 TeamViewer7 (33966a658ff37e0c65d46e59f37e2380) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe

11:48:05.0482 4444 TeamViewer7 - ok

11:48:05.0594 4444 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys

11:48:05.0595 4444 TermDD - ok

11:48:05.0643 4444 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll

11:48:05.0660 4444 TermService - ok

11:48:05.0703 4444 TfFsMon (9cd5c339754e2310790ca27dbbd31f88) C:\Windows\system32\drivers\TfFsMon.sys

11:48:05.0704 4444 TfFsMon - ok

11:48:05.0723 4444 TfNetMon (00809507fafa1be93dbbace5029f27bb) C:\Windows\system32\drivers\TfNetMon.sys

11:48:05.0724 4444 TfNetMon - ok

11:48:05.0777 4444 TFSysMon (3593a7b1264fba24fe9e097a99b3e848) C:\Windows\system32\drivers\TfSysMon.sys

11:48:05.0781 4444 TFSysMon - ok

11:48:05.0809 4444 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll

11:48:05.0811 4444 Themes - ok

11:48:05.0833 4444 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll

11:48:05.0835 4444 THREADORDER - ok

11:48:05.0904 4444 ThreatFire - ok

11:48:05.0930 4444 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll

11:48:05.0933 4444 TrkWks - ok

11:48:05.0977 4444 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe

11:48:05.0980 4444 TrustedInstaller - ok

11:48:06.0014 4444 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys

11:48:06.0017 4444 tssecsrv - ok

11:48:06.0045 4444 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys

11:48:06.0049 4444 TsUsbFlt - ok

11:48:06.0053 4444 tsusbhub - ok

11:48:06.0092 4444 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys

11:48:06.0095 4444 tunnel - ok

11:48:06.0115 4444 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys

11:48:06.0118 4444 uagp35 - ok

11:48:06.0156 4444 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys

11:48:06.0172 4444 udfs - ok

11:48:06.0196 4444 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe

11:48:06.0200 4444 UI0Detect - ok

11:48:06.0232 4444 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys

11:48:06.0235 4444 uliagpkx - ok

11:48:06.0270 4444 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys

11:48:06.0271 4444 umbus - ok

11:48:06.0288 4444 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys

11:48:06.0291 4444 UmPass - ok

11:48:06.0322 4444 UmRdpService (a293dcd756d04d8492a750d03b9a297c) C:\Windows\System32\umrdp.dll

11:48:06.0333 4444 UmRdpService - ok

11:48:06.0357 4444 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll

11:48:06.0374 4444 upnphost - ok

11:48:06.0611 4444 USBAAPL64 (fb251567f41bc61988b26731dec19e4b) C:\Windows\system32\Drivers\usbaapl64.sys

11:48:06.0616 4444 USBAAPL64 - ok

11:48:06.0649 4444 usbccgp (481dff26b4dca8f4cbac1f7dce1d6829) C:\Windows\system32\DRIVERS\usbccgp.sys

11:48:06.0651 4444 usbccgp - ok

11:48:06.0703 4444 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys

11:48:06.0707 4444 usbcir - ok

11:48:06.0733 4444 usbehci (2ea4aff7be7eb4632e3aa8595b0803b5) C:\Windows\system32\DRIVERS\usbehci.sys

11:48:06.0734 4444 usbehci - ok

11:48:06.0769 4444 usbhub (dc96bd9ccb8403251bcf25047573558e) C:\Windows\system32\drivers\usbhub.sys

11:48:06.0773 4444 usbhub - ok

11:48:06.0797 4444 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\DRIVERS\usbohci.sys

11:48:06.0800 4444 usbohci - ok

11:48:06.0813 4444 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys

11:48:06.0816 4444 usbprint - ok

11:48:06.0835 4444 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS

11:48:06.0839 4444 USBSTOR - ok

11:48:06.0857 4444 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\DRIVERS\usbuhci.sys

11:48:06.0858 4444 usbuhci - ok

11:48:06.0889 4444 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys

11:48:06.0892 4444 usbvideo - ok

11:48:06.0916 4444 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll

11:48:06.0918 4444 UxSms - ok

11:48:06.0937 4444 VaultSvc (0793f40b9b8a1bdd266296409dbd91ea) C:\Windows\system32\lsass.exe

11:48:06.0938 4444 VaultSvc - ok

11:48:06.0961 4444 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys

11:48:06.0962 4444 vdrvroot - ok

11:48:07.0000 4444 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe

11:48:07.0017 4444 vds - ok

11:48:07.0033 4444 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys

11:48:07.0036 4444 vga - ok

11:48:07.0049 4444 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys

11:48:07.0050 4444 VgaSave - ok

11:48:07.0062 4444 VGPU - ok

11:48:07.0087 4444 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys

11:48:07.0093 4444 vhdmp - ok

11:48:07.0110 4444 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys

11:48:07.0113 4444 viaide - ok

11:48:07.0135 4444 vmbus (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys

11:48:07.0138 4444 vmbus - ok

11:48:07.0156 4444 VMBusHID (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys

11:48:07.0160 4444 VMBusHID - ok

11:48:07.0180 4444 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys

11:48:07.0182 4444 volmgr - ok

11:48:07.0224 4444 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys

11:48:07.0228 4444 volmgrx - ok

11:48:07.0271 4444 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys

11:48:07.0274 4444 volsnap - ok

11:48:07.0296 4444 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys

11:48:07.0301 4444 vsmraid - ok

11:48:07.0385 4444 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe

11:48:07.0420 4444 VSS - ok

11:48:07.0494 4444 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys

11:48:07.0495 4444 vwifibus - ok

11:48:07.0511 4444 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys

11:48:07.0512 4444 vwififlt - ok

11:48:07.0560 4444 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll

11:48:07.0579 4444 W32Time - ok

11:48:07.0596 4444 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys

11:48:07.0599 4444 WacomPen - ok

11:48:07.0640 4444 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys

11:48:07.0641 4444 WANARP - ok

11:48:07.0645 4444 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys

11:48:07.0646 4444 Wanarpv6 - ok

11:48:07.0722 4444 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe

11:48:07.0759 4444 WatAdminSvc - ok

11:48:07.0836 4444 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe

11:48:07.0872 4444 wbengine - ok

11:48:07.0949 4444 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll

11:48:07.0956 4444 WbioSrvc - ok

11:48:07.0985 4444 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll

11:48:08.0004 4444 wcncsvc - ok

11:48:08.0027 4444 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll

11:48:08.0032 4444 WcsPlugInService - ok

11:48:08.0054 4444 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys

11:48:08.0057 4444 Wd - ok

11:48:08.0095 4444 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys

11:48:08.0102 4444 Wdf01000 - ok

11:48:08.0154 4444 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll

11:48:08.0157 4444 WdiServiceHost - ok

11:48:08.0167 4444 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll

11:48:08.0169 4444 WdiSystemHost - ok

11:48:08.0215 4444 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll

11:48:08.0232 4444 WebClient - ok

11:48:08.0258 4444 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll

11:48:08.0269 4444 Wecsvc - ok

11:48:08.0288 4444 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll

11:48:08.0291 4444 wercplsupport - ok

11:48:08.0311 4444 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll

11:48:08.0314 4444 WerSvc - ok

11:48:08.0334 4444 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys

11:48:08.0335 4444 WfpLwf - ok

11:48:08.0349 4444 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys

11:48:08.0352 4444 WIMMount - ok

11:48:08.0373 4444 WinDefend - ok

11:48:08.0388 4444 WinHttpAutoProxySvc - ok

11:48:08.0440 4444 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll

11:48:08.0443 4444 Winmgmt - ok

11:48:08.0549 4444 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll

11:48:08.0606 4444 WinRM - ok

11:48:08.0736 4444 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys

11:48:08.0739 4444 WinUsb - ok

11:48:08.0795 4444 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll

11:48:08.0829 4444 Wlansvc - ok

11:48:08.0972 4444 wlidsvc (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

11:48:09.0034 4444 wlidsvc - ok

11:48:09.0077 4444 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys

11:48:09.0079 4444 WmiAcpi - ok

11:48:09.0132 4444 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe

11:48:09.0137 4444 wmiApSrv - ok

11:48:09.0157 4444 WMPNetworkSvc - ok

11:48:09.0185 4444 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll

11:48:09.0189 4444 WPCSvc - ok

11:48:09.0215 4444 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll

11:48:09.0220 4444 WPDBusEnum - ok

11:48:09.0236 4444 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys

11:48:09.0238 4444 ws2ifsl - ok

11:48:09.0255 4444 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\system32\wscsvc.dll

11:48:09.0257 4444 wscsvc - ok

11:48:09.0261 4444 WSearch - ok

11:48:09.0302 4444 wtsmpadap (15e19ca129f1df640bebdebf71b34faf) C:\Windows\system32\DRIVERS\wtsmpadap.sys

11:48:09.0304 4444 wtsmpadap - ok

11:48:09.0362 4444 WtSmpFlt (abc42ff9e22a38ef12d69e18774ad5e2) C:\Windows\system32\DRIVERS\wtsmpflt.sys

11:48:09.0366 4444 WtSmpFlt - ok

11:48:09.0485 4444 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll

11:48:09.0541 4444 wuauserv - ok

11:48:09.0884 4444 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys

11:48:09.0885 4444 WudfPf - ok

11:48:09.0918 4444 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys

11:48:09.0924 4444 WUDFRd - ok

11:48:09.0960 4444 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll

11:48:09.0963 4444 wudfsvc - ok

11:48:09.0995 4444 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll

11:48:10.0007 4444 WwanSvc - ok

11:48:10.0062 4444 yukonw7 (64f88af327aa74e03658ae32b48ccb8b) C:\Windows\system32\DRIVERS\yk62x64.sys

11:48:10.0065 4444 yukonw7 - ok

11:48:10.0125 4444 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0

11:48:10.0199 4444 \Device\Harddisk0\DR0 - ok

11:48:10.0207 4444 Boot (0x1200) (77cc36da26401847b5e571cebe105c83) \Device\Harddisk0\DR0\Partition0

11:48:10.0210 4444 \Device\Harddisk0\DR0\Partition0 - ok

11:48:10.0222 4444 Boot (0x1200) (476258172112364159a54c64c73f5a4f) \Device\Harddisk0\DR0\Partition1

11:48:10.0225 4444 \Device\Harddisk0\DR0\Partition1 - ok

11:48:10.0244 4444 Boot (0x1200) (34cc3622699f64ebcff9ef6585174c13) \Device\Harddisk0\DR0\Partition2

11:48:10.0247 4444 \Device\Harddisk0\DR0\Partition2 - ok

11:48:10.0247 4444 ============================================================

11:48:10.0247 4444 Scan finished

11:48:10.0247 4444 ============================================================

11:48:10.0261 3456 Detected object count: 0

11:48:10.0261 3456 Actual detected object count: 0

 

 

Endret av King-Nothing
Lenke til kommentar

Vel, du linket faktisk til en diskusjon om kabinett, sjekk linken selv. ;)

 

Her er log fra ComboFix:

 

 

 

ComboFix 12-05-05.05 - Laptop 05.05.2012 12:27:53.5.2 - x64

Microsoft Windows 7 Ultimate 6.1.7601.1.1252.47.1044.18.4091.2391 [GMT 2:00]

Kjører fra: c:\users\Laptop\Downloads\ComboFix.exe

AV: PC Tools Internet Security Anti-Virus *Disabled/Updated* {2F668A56-D5E0-2DF1-A0AE-CB1284F42AB2}

FW: PC Tools Internet Security Firewall *Disabled* {175D0B73-9F8F-2CA9-8BF1-62277A276DC9}

SP: PC Tools Internet Security Anti-Spyware *Disabled/Updated* {94076BB2-F3DA-227F-9A1E-F060FF73600F}

SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

((((((((((((((((((((((((((((((((((((((( Andre slettinger )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

---- Forrige skanning -------

.

c:\programdata\Local

c:\programdata\xsivsBNQ9ebjPf

.

.

((((((((((((((((((((((((((( Filer Opprettet Fra 2012-04-05 til 2012-05-05 )))))))))))))))))))))))))))))))))

.

.

2012-05-05 10:33 . 2012-05-05 10:33 -------- d-----w- c:\users\Default\AppData\Local\temp

2012-05-05 09:09 . 2012-05-05 09:09 -------- d-----w- c:\users\Laptop\DoctorWeb

2012-05-05 08:11 . 2012-05-05 08:11 -------- d-----w- c:\users\Laptop\AppData\Roaming\CleanMyPC

2012-05-04 18:41 . 2012-03-20 09:11 706776 --s---w- c:\windows\system32\drivers\TfSysMon.sys

2012-05-04 18:41 . 2012-03-20 09:11 65664 --s---w- c:\windows\system32\drivers\TfFsMon.sys

2012-05-04 18:41 . 2012-03-20 09:11 41968 --s---w- c:\windows\system32\drivers\TfNetMon.sys

2012-05-03 17:14 . 2012-05-03 17:14 -------- d-----w- c:\windows\system32\appmgmt

2012-05-03 17:07 . 2012-05-03 17:07 -------- d-----w- c:\users\Laptop\AppData\Roaming\PC Tools

2012-05-03 17:07 . 2012-05-03 17:07 -------- d-----w- c:\users\Laptop\AppData\Roaming\Spam Monitor

2012-05-03 17:00 . 2012-05-03 17:00 181512 ----a-w- c:\windows\system32\drivers\pctplfw64.sys

2012-05-03 17:00 . 2012-05-03 17:00 77976 ----a-w- c:\windows\system32\drivers\pctNdisLW64.sys

2012-05-03 17:00 . 2012-05-03 17:00 122784 ----a-w- c:\windows\system32\drivers\pctNdis-PacketFilter64.sys

2012-05-03 06:15 . 2012-05-03 17:13 -------- d-----w- C:\sh4ldr

2012-05-03 06:15 . 2012-05-03 06:15 -------- d-----w- c:\program files\Enigma Software Group

2012-05-03 06:14 . 2012-05-03 17:13 -------- d-----w- c:\windows\5B210B8AB66E4702B44D0D6F388D29EB.TMP

2012-05-02 17:16 . 2012-05-02 17:16 -------- d-----w- c:\users\Laptop\AppData\Roaming\Malwarebytes

2012-05-02 17:16 . 2012-05-02 17:16 -------- d-----w- c:\programdata\Malwarebytes

2012-05-02 17:16 . 2012-05-02 17:16 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware

2012-05-02 17:12 . 2012-03-20 10:21 85192 ----a-w- c:\windows\system32\drivers\PCTBD64.sys

2012-05-02 17:12 . 2012-03-20 10:20 767928 ----a-w- c:\windows\BDTSupport.dll

2012-05-02 17:12 . 2012-03-20 10:21 149432 ----a-w- c:\windows\SGDetectionTool.dll

2012-05-02 17:12 . 2012-03-20 10:21 2271160 ----a-w- c:\windows\PCTBDCore.dll

2012-05-02 17:12 . 2012-03-20 10:21 1681336 ----a-w- c:\windows\PCTBDRes.dll

2012-05-02 17:11 . 2012-03-20 11:43 145432 ----a-w- c:\windows\system32\drivers\pctwfpfilter64.sys

2012-05-02 17:11 . 2012-03-20 11:43 339608 ----a-w- c:\windows\system32\drivers\pctgntdi64.sys

2012-05-02 17:10 . 2012-03-20 11:49 14776 ----a-w- c:\windows\system32\drivers\pctBTFix64.sys

2012-05-02 17:10 . 2012-03-20 11:50 92896 ----a-w- c:\windows\system32\drivers\pctplsg64.sys

2012-05-02 17:09 . 2012-05-02 17:09 -------- d-----w- c:\program files (x86)\PC Tools

2012-05-02 17:08 . 2012-02-28 09:43 1096176 ----a-w- c:\windows\system32\drivers\pctEFA64.sys

2012-05-02 17:08 . 2012-02-28 09:43 453896 ----a-w- c:\windows\system32\drivers\pctDS64.sys

2012-05-02 17:08 . 2012-03-16 10:15 426104 ----a-w- c:\windows\system32\drivers\PCTCore64.sys

2012-05-02 17:08 . 2012-03-20 11:50 251528 ----a-w- c:\windows\system32\drivers\PCTSD64.sys

2012-05-02 17:07 . 2012-05-03 17:00 -------- d-----w- c:\program files (x86)\Common Files\PC Tools

2012-05-02 17:07 . 2012-05-04 18:41 -------- d-----w- c:\programdata\PC Tools

2012-05-02 17:07 . 2012-05-02 17:07 -------- d-----w- c:\users\Laptop\AppData\Roaming\TestApp

2012-04-29 14:57 . 2004-03-29 14:23 90112 ----a-w- c:\windows\unvise32.exe

2012-04-29 14:55 . 2012-04-29 14:57 -------- d-----w- c:\program files (x86)\Josefine

2012-04-22 09:23 . 2012-04-22 09:23 -------- d-----w- c:\program files (x86)\MSECache

2012-04-19 05:17 . 2012-04-19 05:17 -------- d-----w- c:\program files\Windows Live

2012-04-15 17:17 . 2012-04-15 17:17 418464 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe

2012-04-11 20:47 . 2012-04-11 20:48 -------- d-----w- c:\users\Laptop\AppData\Local\Facebook

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-04-15 17:17 . 2011-06-05 07:48 70304 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2012-03-20 09:39 . 2012-05-02 17:12 3488 ----a-w- c:\windows\UDB.zip

2012-03-20 09:39 . 2012-05-02 17:12 131 ----a-w- c:\windows\IDB.zip

2012-03-08 16:50 . 2012-03-08 16:50 49016 ----a-w- c:\windows\SysWow64\sirenacm.dll

2012-02-15 09:01 . 2012-02-15 09:01 52736 ----a-w- c:\windows\system32\drivers\usbaapl64.sys

2012-02-15 09:01 . 2012-02-15 09:01 4547944 ----a-w- c:\windows\system32\usbaaplrc.dll

.

.

((((((((((((((((((((((((((((( SnapShot@2012-05-03_22.10.51 )))))))))))))))))))))))))))))))))))))))))

.

- 2009-07-14 04:54 . 2012-05-03 19:23 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

+ 2009-07-14 04:54 . 2012-05-05 09:30 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

+ 2009-07-14 04:54 . 2012-05-05 09:30 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

- 2009-07-14 04:54 . 2012-05-03 19:23 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

- 2009-07-14 04:54 . 2012-05-03 19:23 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

+ 2009-07-14 04:54 . 2012-05-05 09:30 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

+ 2011-03-13 18:30 . 2012-05-04 19:05 39364 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin

+ 2009-07-14 05:10 . 2012-05-05 09:32 38272 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin

+ 2011-03-05 18:44 . 2012-05-05 09:34 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

- 2011-03-05 18:44 . 2012-05-03 17:20 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

- 2011-03-05 18:44 . 2012-05-03 17:20 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

+ 2011-03-05 18:44 . 2012-05-05 09:34 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

- 2009-07-14 04:54 . 2012-05-03 17:20 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

+ 2009-07-14 04:54 . 2012-05-05 09:34 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

+ 2009-07-14 04:46 . 2012-05-03 23:12 88128 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat

+ 2011-03-05 20:17 . 2012-05-04 19:05 8572 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1051396789-1699662356-3098169049-1000_UserData.bin

+ 2012-05-04 19:02 . 2012-05-05 09:30 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat

- 2012-05-03 17:40 . 2012-05-03 17:40 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat

+ 2012-05-04 19:02 . 2012-05-05 09:30 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat

- 2012-05-03 17:40 . 2012-05-03 17:40 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat

+ 2009-07-14 09:16 . 2012-05-05 09:34 891280 c:\windows\system32\perfc014.dat

+ 2009-07-14 02:36 . 2012-05-05 09:34 897894 c:\windows\system32\perfc009.dat

+ 2011-12-26 13:53 . 2012-05-04 19:01 931728 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat

- 2011-12-26 13:53 . 2012-05-03 17:38 931728 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache3.0.0.0.dat

- 2009-07-14 05:01 . 2012-05-03 17:38 509772 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat

+ 2009-07-14 05:01 . 2012-05-04 19:01 509772 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat

+ 2009-07-14 09:16 . 2012-05-05 09:34 2798460 c:\windows\system32\perfh014.dat

+ 2009-07-14 02:36 . 2012-05-05 09:34 1440526 c:\windows\system32\perfh009.dat

+ 2011-03-15 09:15 . 2012-05-04 19:01 15843776 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1051396789-1699662356-3098169049-1000-12288.dat

- 2011-03-15 09:15 . 2012-05-03 17:38 15843776 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1051396789-1699662356-3098169049-1000-12288.dat

.

(((((((((((((((((((((((((((((((( Oppstartspunkter I Registeret )))))))))))))))))))))))))))))))))))))))))))))

.

.

*Merk* tomme oppføringer & gyldige standardoppføringer vises ikke

REGEDIT4

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]

@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]

2011-02-18 05:12 94208 ----a-w- c:\users\Laptop\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]

@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]

2011-02-18 05:12 94208 ----a-w- c:\users\Laptop\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]

@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]

2011-02-18 05:12 94208 ----a-w- c:\users\Laptop\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]

@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]

2011-02-18 05:12 94208 ----a-w- c:\users\Laptop\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2011-01-20 1305408]

.

c:\users\Laptop\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

Dropbox.lnk - c:\users\Laptop\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-2-15 24246216]

Stardock ObjectDock.lnk - c:\program files (x86)\Stardock\ObjectDockFree\ObjectDock.exe [2010-10-6 3768176]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 0 (0x0)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableLUA"= 0 (0x0)

"EnableUIADesktopToggle"= 0 (0x0)

"PromptOnSecureDesktop"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]

"mixer"=wdmaud.drv

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

.

R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-04-04 654408]

R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-15 253088]

R3 esgiguard;esgiguard;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [x]

R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys [x]

R3 ew_usbenumfilter;huawei_CompositeFilter;c:\windows\system32\DRIVERS\ew_usbenumfilter.sys [x]

R3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\DRIVERS\ewusbnet.sys [x]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]

R3 netw5v64;Intel® trådløs WiFi-kobling 5000-kortdriver for 64-biters Windows Vista;c:\windows\system32\DRIVERS\netw5v64.sys [x]

R3 pctplfw;pctplfw;c:\windows\System32\drivers\pctplfw64.sys [x]

R3 pctplsg;pctplsg;c:\windows\System32\drivers\pctplsg64.sys [x]

R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]

R3 sdAuxService;PC Tools Auxiliary Service;c:\program files (x86)\PC Tools\PC Tools Security\pctsAuxs.exe [2012-03-20 402336]

R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]

R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]

R3 ThreatFire;ThreatFire;c:\program files (x86)\PC Tools\PC Tools Security\TFEngine\TFService.exe service [x]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]

R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]

R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]

R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]

R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]

S0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore64.sys [x]

S0 pctDS;PC Tools Data Store;c:\windows\system32\drivers\pctDS64.sys [x]

S0 pctEFA;PC Tools Extended File Attributes;c:\windows\system32\drivers\pctEFA64.sys [x]

S0 TfFsMon;TfFsMon;c:\windows\system32\drivers\TfFsMon.sys [x]

S0 TFSysMon;TFSysMon;c:\windows\system32\drivers\TfSysMon.sys [x]

S1 pctgntdi;pctgntdi;c:\windows\System32\drivers\pctgntdi64.sys [x]

S1 pctNdisLW64;PC Tools NDIS 6 LightWeight filter;c:\windows\system32\DRIVERS\pctNdisLW64.sys [x]

S1 PCTSD;PC Tools Spyware Doctor Driver;c:\windows\system32\Drivers\PCTSD64.sys [x]

S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]

S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]

S2 Browser Defender Update Service;Browser Defender Update Service;c:\program files (x86)\PC Tools\PC Tools Security\BDT\BDTUpdateService.exe [2012-03-20 571320]

S2 CleanMyPCService;CleanMyPC Watcher;c:\program files\CleanMyPC\CleanMyPCService.exe [2012-04-12 87344]

S2 jottaVSS;jottaVSS;c:\program files\Jotta\jottaVSS.exe [2011-12-01 53760]

S2 SesamService;Sesam Control Service;c:\program files (x86)\Telenor\mobilt bredband\Sesam\BIN\SecMIPService.exe [2009-02-17 1237800]

S2 TeamViewer6;TeamViewer 6;c:\program files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-03-18 2271608]

S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2011-12-14 2984832]

S3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]

S3 libusb0;libusb-win32 - Kernel Driver, Version 1.2.2.0;c:\windows\system32\drivers\libusb0.sys [2010-10-02 43456]

S3 NETw5s64;Intel® Wireless WiFi Link-kortdriver for Windows 7 64-bit;c:\windows\system32\DRIVERS\NETw5s64.sys [x]

S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x]

S3 PCTBD;PC Tools Browser Defender Driver;c:\windows\system32\Drivers\PCTBD64.sys [x]

S3 PCTFW-PacketFilter;PCTools Firewall - Packet filter driver;c:\windows\system32\drivers\pctNdis-PacketFilter64.sys [x]

S3 TfNetMon;TfNetMon;c:\windows\system32\drivers\TfNetMon.sys [x]

S3 wtsmpadap;Sesam Virtual Adapter;c:\windows\system32\DRIVERS\wtsmpadap.sys [x]

S3 WtSmpFlt;Sesam Adapter;c:\windows\system32\DRIVERS\wtsmpflt.sys [x]

S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [x]

.

.

--- Andre tjenester/drivere lastet i minnet ---

.

*NewlyCreated* - 07868855

*Deregistered* - 07868855

*Deregistered* - PCTSDInjDriver64

.

Innholdet i mappen 'Scheduled Tasks' (planlagte oppgaver)

.

2012-05-05 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-15 17:17]

.

2012-05-04 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1051396789-1699662356-3098169049-1000Core.job

- c:\users\Laptop\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-04-11 20:47]

.

2012-05-05 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1051396789-1699662356-3098169049-1000UA.job

- c:\users\Laptop\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-04-11 20:47]

.

2012-05-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1051396789-1699662356-3098169049-1000Core.job

- c:\users\Laptop\AppData\Local\Google\Update\GoogleUpdate.exe [2012-01-14 19:29]

.

2012-05-05 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1051396789-1699662356-3098169049-1000UA.job

- c:\users\Laptop\AppData\Local\Google\Update\GoogleUpdate.exe [2012-01-14 19:29]

.

.

--------- x86-64 -----------

.

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]

@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]

2011-02-18 05:12 97792 ----a-w- c:\users\Laptop\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]

@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]

2011-02-18 05:12 97792 ----a-w- c:\users\Laptop\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]

@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]

2011-02-18 05:12 97792 ----a-w- c:\users\Laptop\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]

@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]

2011-02-18 05:12 97792 ----a-w- c:\users\Laptop\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

.

------- Tilleggsskanning -------

.

uLocal Page = c:\windows\system32\blank.htm

uStart Page = my.daemon-search.com

mLocal Page = c:\windows\SysWOW64\blank.htm

uInternet Settings,ProxyOverride = *.local

IE: E&ksporter til Microsoft Excel - c:\progra~2\MICROS~3\Office12\EXCEL.EXE/3000

LSP: c:\program files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll

TCP: DhcpNameServer = 192.168.0.1

FF - ProfilePath - c:\users\Laptop\AppData\Roaming\Mozilla\Firefox\Profiles\txv6mpnk.default\

FF - prefs.js: browser.search.selectedEngine - hxxp://no.woofi.info/

FF - prefs.js: browser.startup.homepage - hxxp://no.woofi.info/

.

- - - - TOMME PEKERE FJERNET - - - -

.

WebBrowser-{8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - (no file)

.

.

.

--------------------- LÅSTE REGISTERNØKLER ---------------------

.

[HKEY_USERS\S-1-5-21-1051396789-1699662356-3098169049-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.032\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.032"

.

[HKEY_USERS\S-1-5-21-1051396789-1699662356-3098169049-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.abr\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.abr"

.

[HKEY_USERS\S-1-5-21-1051396789-1699662356-3098169049-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.amr\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.amr"

.

[HKEY_USERS\S-1-5-21-1051396789-1699662356-3098169049-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ani\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.ani"

.

[HKEY_USERS\S-1-5-21-1051396789-1699662356-3098169049-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.arw\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.arw"

.

[HKEY_USERS\S-1-5-21-1051396789-1699662356-3098169049-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bay\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.bay"

.

[HKEY_USERS\S-1-5-21-1051396789-1699662356-3098169049-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bmp\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.bmp"

.

[HKEY_USERS\S-1-5-21-1051396789-1699662356-3098169049-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bw\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.bw"

.

[HKEY_USERS\S-1-5-21-1051396789-1699662356-3098169049-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.bwf\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.bwf"

.

[HKEY_USERS\S-1-5-21-1051396789-1699662356-3098169049-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cr2\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.cr2"

.

[HKEY_USERS\S-1-5-21-1051396789-1699662356-3098169049-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.crw\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.crw"

.

[HKEY_USERS\S-1-5-21-1051396789-1699662356-3098169049-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cs1\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.cs1"

.

[HKEY_USERS\S-1-5-21-1051396789-1699662356-3098169049-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cur\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.cur"

.

[HKEY_USERS\S-1-5-21-1051396789-1699662356-3098169049-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcr\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.dcr"

.

[HKEY_USERS\S-1-5-21-1051396789-1699662356-3098169049-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dcx\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.dcx"

.

[HKEY_USERS\S-1-5-21-1051396789-1699662356-3098169049-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dib\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.dib"

.

[HKEY_USERS\S-1-5-21-1051396789-1699662356-3098169049-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djv\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.djv"

.

[HKEY_USERS\S-1-5-21-1051396789-1699662356-3098169049-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.djvu\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.djvu"

.

[HKEY_USERS\S-1-5-21-1051396789-1699662356-3098169049-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.dng\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.dng"

.

[HKEY_USERS\S-1-5-21-1051396789-1699662356-3098169049-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.emf\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.emf"

.

[HKEY_USERS\S-1-5-21-1051396789-1699662356-3098169049-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="WindowsLiveMail.Email.1"

.

[HKEY_USERS\S-1-5-21-1051396789-1699662356-3098169049-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eps\UserChoice]

@Denied: (2) (S-1-5-21-1051396789-1699662356-3098169049-1000)

@Denied: (2) (LocalSystem)

"Progid"="Applications\\Illustrator.exe"

.

[HKEY_USERS\S-1-5-21-1051396789-1699662356-3098169049-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.erf\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.erf"

.

[HKEY_USERS\S-1-5-21-1051396789-1699662356-3098169049-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fff\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.fff"

.

[HKEY_USERS\S-1-5-21-1051396789-1699662356-3098169049-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.flc\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.flc"

.

[HKEY_USERS\S-1-5-21-1051396789-1699662356-3098169049-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fli\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.fli"

.

[HKEY_USERS\S-1-5-21-1051396789-1699662356-3098169049-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.fpx\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.fpx"

.

[HKEY_USERS\S-1-5-21-1051396789-1699662356-3098169049-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.gif\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.gif"

.

[HKEY_USERS\S-1-5-21-1051396789-1699662356-3098169049-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.hdr\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.hdr"

.

[HKEY_USERS\S-1-5-21-1051396789-1699662356-3098169049-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icl\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.icl"

.

[HKEY_USERS\S-1-5-21-1051396789-1699662356-3098169049-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.icn\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.icn"

.

[HKEY_USERS\S-1-5-21-1051396789-1699662356-3098169049-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iff\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.iff"

.

[HKEY_USERS\S-1-5-21-1051396789-1699662356-3098169049-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ilbm\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.ilbm"

.

[HKEY_USERS\S-1-5-21-1051396789-1699662356-3098169049-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.int\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.int"

.

[HKEY_USERS\S-1-5-21-1051396789-1699662356-3098169049-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.inta\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.inta"

.

[HKEY_USERS\S-1-5-21-1051396789-1699662356-3098169049-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.iw4\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.iw4"

.

[HKEY_USERS\S-1-5-21-1051396789-1699662356-3098169049-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2c\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.j2c"

.

[HKEY_USERS\S-1-5-21-1051396789-1699662356-3098169049-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.j2k\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.j2k"

.

[HKEY_USERS\S-1-5-21-1051396789-1699662356-3098169049-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jbr\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.jbr"

.

[HKEY_USERS\S-1-5-21-1051396789-1699662356-3098169049-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jfif\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.jfif"

.

[HKEY_USERS\S-1-5-21-1051396789-1699662356-3098169049-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jif\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.jif"

.

[HKEY_USERS\S-1-5-21-1051396789-1699662356-3098169049-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jp2\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.jp2"

.

[HKEY_USERS\S-1-5-21-1051396789-1699662356-3098169049-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpc\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.jpc"

.

[HKEY_USERS\S-1-5-21-1051396789-1699662356-3098169049-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpe\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.jpe"

.

[HKEY_USERS\S-1-5-21-1051396789-1699662356-3098169049-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpeg\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.jpeg"

.

[HKEY_USERS\S-1-5-21-1051396789-1699662356-3098169049-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpg\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.jpg"

.

[HKEY_USERS\S-1-5-21-1051396789-1699662356-3098169049-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpk\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.jpk"

.

[HKEY_USERS\S-1-5-21-1051396789-1699662356-3098169049-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.jpx\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.jpx"

.

[HKEY_USERS\S-1-5-21-1051396789-1699662356-3098169049-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.kar\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.kar"

.

[HKEY_USERS\S-1-5-21-1051396789-1699662356-3098169049-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.kdc\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.kdc"

.

[HKEY_USERS\S-1-5-21-1051396789-1699662356-3098169049-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.lbm\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.lbm"

.

[HKEY_USERS\S-1-5-21-1051396789-1699662356-3098169049-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m15\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.m15"

.

[HKEY_USERS\S-1-5-21-1051396789-1699662356-3098169049-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m1a\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.m1a"

.

[HKEY_USERS\S-1-5-21-1051396789-1699662356-3098169049-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m2a\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.m2a"

.

[HKEY_USERS\S-1-5-21-1051396789-1699662356-3098169049-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m75\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.m75"

.

[HKEY_USERS\S-1-5-21-1051396789-1699662356-3098169049-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mef\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.mef"

.

[HKEY_USERS\S-1-5-21-1051396789-1699662356-3098169049-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mos\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.mos"

.

[HKEY_USERS\S-1-5-21-1051396789-1699662356-3098169049-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpv\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.mpv"

.

[HKEY_USERS\S-1-5-21-1051396789-1699662356-3098169049-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mrw\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.mrw"

.

[HKEY_USERS\S-1-5-21-1051396789-1699662356-3098169049-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nef\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.nef"

.

[HKEY_USERS\S-1-5-21-1051396789-1699662356-3098169049-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.orf\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.orf"

.

[HKEY_USERS\S-1-5-21-1051396789-1699662356-3098169049-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbm\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.pbm"

.

[HKEY_USERS\S-1-5-21-1051396789-1699662356-3098169049-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pbr\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.pbr"

.

[HKEY_USERS\S-1-5-21-1051396789-1699662356-3098169049-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcd\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.pcd"

.

[HKEY_USERS\S-1-5-21-1051396789-1699662356-3098169049-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pct\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.pct"

.

[HKEY_USERS\S-1-5-21-1051396789-1699662356-3098169049-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pcx\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.pcx"

.

[HKEY_USERS\S-1-5-21-1051396789-1699662356-3098169049-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pef\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.pef"

.

[HKEY_USERS\S-1-5-21-1051396789-1699662356-3098169049-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pgm\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.pgm"

.

[HKEY_USERS\S-1-5-21-1051396789-1699662356-3098169049-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pic\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.pic"

.

[HKEY_USERS\S-1-5-21-1051396789-1699662356-3098169049-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pics\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.pics"

.

[HKEY_USERS\S-1-5-21-1051396789-1699662356-3098169049-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pict\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.pict"

.

[HKEY_USERS\S-1-5-21-1051396789-1699662356-3098169049-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pix\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.pix"

.

[HKEY_USERS\S-1-5-21-1051396789-1699662356-3098169049-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.png\UserChoice]

@Denied: (2) (LocalSystem)

@Denied: (2) (S-1-5-21-1051396789-1699662356-3098169049-1000)

"Progid"="ACDSee Pro 2.5.png"

.

[HKEY_USERS\S-1-5-21-1051396789-1699662356-3098169049-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ppm\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.ppm"

.

[HKEY_USERS\S-1-5-21-1051396789-1699662356-3098169049-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psd\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.psd"

.

[HKEY_USERS\S-1-5-21-1051396789-1699662356-3098169049-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.psp\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.psp"

.

[HKEY_USERS\S-1-5-21-1051396789-1699662356-3098169049-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspbrush\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.pspbrush"

.

[HKEY_USERS\S-1-5-21-1051396789-1699662356-3098169049-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.pspimage\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.pspimage"

.

[HKEY_USERS\S-1-5-21-1051396789-1699662356-3098169049-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.qcp\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.qcp"

.

[HKEY_USERS\S-1-5-21-1051396789-1699662356-3098169049-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.qtpf\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.qtpf"

.

[HKEY_USERS\S-1-5-21-1051396789-1699662356-3098169049-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raf\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.raf"

.

[HKEY_USERS\S-1-5-21-1051396789-1699662356-3098169049-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ras\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.ras"

.

[HKEY_USERS\S-1-5-21-1051396789-1699662356-3098169049-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.raw\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.raw"

.

[HKEY_USERS\S-1-5-21-1051396789-1699662356-3098169049-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgb\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.rgb"

.

[HKEY_USERS\S-1-5-21-1051396789-1699662356-3098169049-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rgba\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.rgba"

.

[HKEY_USERS\S-1-5-21-1051396789-1699662356-3098169049-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rle\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.rle"

.

[HKEY_USERS\S-1-5-21-1051396789-1699662356-3098169049-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rsb\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.rsb"

.

[HKEY_USERS\S-1-5-21-1051396789-1699662356-3098169049-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rw2\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.rw2"

.

[HKEY_USERS\S-1-5-21-1051396789-1699662356-3098169049-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sdv\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.sdv"

.

[HKEY_USERS\S-1-5-21-1051396789-1699662356-3098169049-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sfil\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.sfil"

.

[HKEY_USERS\S-1-5-21-1051396789-1699662356-3098169049-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sgi\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.sgi"

.

[HKEY_USERS\S-1-5-21-1051396789-1699662356-3098169049-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.smf\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.smf"

.

[HKEY_USERS\S-1-5-21-1051396789-1699662356-3098169049-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.smi\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.smi"

.

[HKEY_USERS\S-1-5-21-1051396789-1699662356-3098169049-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.smil\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.smil"

.

[HKEY_USERS\S-1-5-21-1051396789-1699662356-3098169049-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sml\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.sml"

.

[HKEY_USERS\S-1-5-21-1051396789-1699662356-3098169049-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.sr2\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.sr2"

.

[HKEY_USERS\S-1-5-21-1051396789-1699662356-3098169049-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.srf\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.srf"

.

[HKEY_USERS\S-1-5-21-1051396789-1699662356-3098169049-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.swa\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.swa"

.

[HKEY_USERS\S-1-5-21-1051396789-1699662356-3098169049-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tga\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.tga"

.

[HKEY_USERS\S-1-5-21-1051396789-1699662356-3098169049-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.thm\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.thm"

.

[HKEY_USERS\S-1-5-21-1051396789-1699662356-3098169049-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tif\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.tif"

.

[HKEY_USERS\S-1-5-21-1051396789-1699662356-3098169049-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tiff\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.tiff"

.

[HKEY_USERS\S-1-5-21-1051396789-1699662356-3098169049-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttc\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.ttc"

.

[HKEY_USERS\S-1-5-21-1051396789-1699662356-3098169049-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ttf\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.ttf"

.

[HKEY_USERS\S-1-5-21-1051396789-1699662356-3098169049-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ulw\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.ulw"

.

[HKEY_USERS\S-1-5-21-1051396789-1699662356-3098169049-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v25po\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.v25po"

.

[HKEY_USERS\S-1-5-21-1051396789-1699662356-3098169049-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v25pp\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.v25pp"

.

[HKEY_USERS\S-1-5-21-1051396789-1699662356-3098169049-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.v25ppf\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.v25ppf"

.

[HKEY_USERS\S-1-5-21-1051396789-1699662356-3098169049-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="WindowsLiveMail.VCard.1"

.

[HKEY_USERS\S-1-5-21-1051396789-1699662356-3098169049-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vfw\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.vfw"

.

[HKEY_USERS\S-1-5-21-1051396789-1699662356-3098169049-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbm\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.wbm"

.

[HKEY_USERS\S-1-5-21-1051396789-1699662356-3098169049-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wbmp\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.wbmp"

.

[HKEY_USERS\S-1-5-21-1051396789-1699662356-3098169049-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmf\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.wmf"

.

[HKEY_USERS\S-1-5-21-1051396789-1699662356-3098169049-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xbm\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.xbm"

.

[HKEY_USERS\S-1-5-21-1051396789-1699662356-3098169049-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xif\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.xif"

.

[HKEY_USERS\S-1-5-21-1051396789-1699662356-3098169049-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xmp\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.xmp"

.

[HKEY_USERS\S-1-5-21-1051396789-1699662356-3098169049-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xpm\UserChoice]

@Denied: (2) (LocalSystem)

"Progid"="ACDSee Pro 2.5.xpm"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10n_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10n_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10n.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.10"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10n.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10n.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10n.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]

@Denied: (A 2) (Everyone)

@="IFlashBroker4"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

"MSCurrentCountry"=dword:000000b5

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Tidspunkt ferdig: 2012-05-05 12:36:45

ComboFix-quarantined-files.txt 2012-05-05 10:36

ComboFix2.txt 2012-05-03 22:35

.

Pre-Run: 105 865 854 976 byte ledig

Post-Run: 105 674 280 960 byte ledig

.

- - End Of File - - AA4BA0D43D49C8F2FD1924BD8207BC55

 

 

Lenke til kommentar

Otl.txt:

 

 

 

 

OTL logfile created on: 05.05.2012 13:05:50 - Run 1

OTL by OldTimer - Version 3.2.42.1 Folder = C:\Users\Laptop\Desktop

64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000414 | Country: Norge | Language: NOR | Date Format: dd.MM.yyyy

 

3,99 Gb Total Physical Memory | 1,81 Gb Available Physical Memory | 45,20% Memory free

7,99 Gb Paging File | 5,78 Gb Available in Paging File | 72,40% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 146,39 Gb Total Space | 98,49 Gb Free Space | 67,28% Space Free | Partition Type: NTFS

Drive D: | 319,27 Gb Total Space | 283,62 Gb Free Space | 88,84% Space Free | Partition Type: NTFS

Drive E: | 699,59 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

 

Computer Name: LAPTOP-PC | User Name: Laptop | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

 

========== Processes (SafeList) ==========

 

PRC - [2012.05.05 13:05:10 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Laptop\Desktop\OTL.exe

PRC - [2012.03.31 17:37:33 | 000,949,104 | ---- | M] (Opera Software) -- C:\Program Files (x86)\Opera\opera.exe

PRC - [2012.03.20 12:20:52 | 000,571,320 | ---- | M] (Threat Expert Ltd.) -- C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\BDTUpdateService.exe

PRC - [2012.01.03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

PRC - [2011.12.14 13:59:20 | 002,984,832 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe

PRC - [2011.03.18 17:50:58 | 002,271,608 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe

PRC - [2011.01.29 00:17:28 | 001,523,712 | ---- | M] (Don HO [email protected]) -- C:\Program Files (x86)\Notepad++\notepad++.exe

PRC - [2010.10.06 22:28:12 | 003,768,176 | ---- | M] (Stardock) -- C:\Program Files (x86)\Stardock\ObjectDockFree\ObjectDock.exe

PRC - [2009.02.17 11:27:30 | 001,237,800 | ---- | M] (Swisscom) -- C:\Program Files (x86)\Telenor\mobilt bredband\Sesam\BIN\SecMIPService.exe

 

 

========== Modules (No Company Name) ==========

 

MOD - [2012.04.15 19:17:19 | 008,797,344 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_233.dll

MOD - [2012.04.10 22:04:39 | 001,673,728 | ---- | M] () -- C:\Program Files (x86)\Notepad++\plugins\NppFTP.dll

MOD - [2012.03.31 17:38:09 | 000,276,480 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstwebmdec.dll

MOD - [2012.03.31 17:38:09 | 000,078,336 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstwavparse.dll

MOD - [2012.03.31 17:38:09 | 000,064,000 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstautodetect.dll

MOD - [2012.03.31 17:38:09 | 000,046,592 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstwaveform.dll

MOD - [2012.03.31 17:38:09 | 000,045,568 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gsttypefindfunctions.dll

MOD - [2012.03.31 17:38:08 | 000,316,928 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstoggdec.dll

MOD - [2012.03.31 17:38:07 | 000,168,448 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstffmpegcolorspace.dll

MOD - [2012.03.31 17:38:07 | 000,076,800 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstdirectsound.dll

MOD - [2012.03.31 17:38:06 | 000,783,360 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\gstreamer.dll

MOD - [2012.03.31 17:38:06 | 000,099,840 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstcoreplugins.dll

MOD - [2012.03.31 17:38:06 | 000,098,816 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstaudioresample.dll

MOD - [2012.03.31 17:38:06 | 000,098,816 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstaudioconvert.dll

MOD - [2012.03.31 17:38:06 | 000,068,608 | ---- | M] () -- C:\Program Files (x86)\Opera\gstreamer\plugins\gstdecodebin2.dll

MOD - [2010.10.04 19:54:31 | 000,053,760 | ---- | M] () -- C:\Program Files (x86)\Stardock\ObjectDockFree\zlib.dll

MOD - [2010.10.04 19:54:29 | 000,807,936 | ---- | M] () -- C:\Program Files (x86)\Stardock\ObjectDockFree\CrashRpt.dll

MOD - [2010.10.04 19:54:29 | 000,675,840 | ---- | M] () -- C:\Program Files (x86)\Stardock\ObjectDockFree\DockShellHook.dll

MOD - [2010.08.15 20:34:24 | 000,204,800 | ---- | M] () -- C:\Program Files (x86)\Notepad++\plugins\ComparePlugin.dll

MOD - [2008.09.06 14:51:16 | 000,014,336 | ---- | M] () -- C:\Program Files (x86)\Notepad++\plugins\NppExport.dll

MOD - [2007.08.05 03:10:52 | 000,250,368 | ---- | M] () -- C:\Program Files (x86)\Notepad++\plugins\Config\tidy\libTidy.dll

 

 

========== Win32 Services (SafeList) ==========

 

SRV:64bit: - [2012.04.12 17:28:06 | 000,087,344 | ---- | M] (MacPaw Inc.) [Auto | Running] -- C:\Program Files\CleanMyPC\CleanMyPCService.exe -- (CleanMyPCService)

SRV:64bit: - [2011.12.01 12:19:46 | 000,053,760 | ---- | M] () [Auto | Running] -- C:\Program Files\Jotta\jottaVSS.exe -- (jottaVSS)

SRV:64bit: - [2009.07.14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)

SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)

SRV - [2012.04.15 19:17:20 | 000,253,088 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)

SRV - [2012.04.04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)

SRV - [2012.03.20 13:49:22 | 001,118,648 | ---- | M] (PC Tools) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Tools\PC Tools Security\pctsSvc.exe -- (sdCoreService)

SRV - [2012.03.20 12:20:52 | 000,571,320 | ---- | M] (Threat Expert Ltd.) [Auto | Running] -- C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\BDTUpdateService.exe -- (Browser Defender Update Service)

SRV - [2012.03.20 11:11:50 | 000,402,336 | ---- | M] (PC Tools) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Tools\PC Tools Security\pctsAuxs.exe -- (sdAuxService)

SRV - [2012.03.20 11:11:46 | 000,071,008 | ---- | M] (PC Tools) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Tools\PC Tools Security\TFEngine\TFService.exe -- (ThreatFire)

SRV - [2012.01.03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)

SRV - [2011.12.14 13:59:20 | 002,984,832 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7)

SRV - [2011.03.18 17:50:58 | 002,271,608 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6)

SRV - [2010.02.19 14:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)

SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

SRV - [2009.02.17 11:27:30 | 001,237,800 | ---- | M] (Swisscom) [Auto | Running] -- C:\Program Files (x86)\Telenor\mobilt bredband\Sesam\BIN\SecMIPService.exe -- (SesamService)

 

 

========== Driver Services (SafeList) ==========

 

DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys -- (esgiguard)

DRV:64bit: - [2012.05.03 19:00:29 | 000,181,512 | ---- | M] (PC Tools) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pctplfw64.sys -- (pctplfw)

DRV:64bit: - [2012.05.03 19:00:28 | 000,077,976 | ---- | M] (PC Tools) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\pctNdisLW64.sys -- (pctNdisLW64)

DRV:64bit: - [2012.05.03 19:00:26 | 000,122,784 | ---- | M] (PC Tools) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\pctNdis-PacketFilter64.sys -- (PCTFW-PacketFilter)

DRV:64bit: - [2012.03.20 13:50:48 | 000,092,896 | ---- | M] (PC Tools) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pctplsg64.sys -- (pctplsg)

DRV:64bit: - [2012.03.20 13:50:18 | 000,251,528 | ---- | M] (PC Tools) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\PCTSD64.sys -- (PCTSD)

DRV:64bit: - [2012.03.20 13:43:36 | 000,339,608 | ---- | M] (PC Tools) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\pctgntdi64.sys -- (pctgntdi)

DRV:64bit: - [2012.03.20 12:21:14 | 000,085,192 | ---- | M] (PC Tools) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\PCTBD64.sys -- (PCTBD)

DRV:64bit: - [2012.03.20 11:11:48 | 000,706,776 | --S- | M] (PC Tools) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TfSysMon.sys -- (TFSysMon)

DRV:64bit: - [2012.03.20 11:11:46 | 000,065,664 | --S- | M] (PC Tools) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TfFsMon.sys -- (TfFsMon)

DRV:64bit: - [2012.03.20 11:11:46 | 000,041,968 | --S- | M] (PC Tools) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\TfNetMon.sys -- (TfNetMon)

DRV:64bit: - [2012.03.16 12:15:42 | 000,426,104 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PCTCore64.sys -- (PCTCore)

DRV:64bit: - [2012.02.28 11:43:18 | 001,096,176 | ---- | M] (PC Tools) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\pctEFA64.sys -- (pctEFA)

DRV:64bit: - [2012.02.28 11:43:12 | 000,453,896 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pctDS64.sys -- (pctDS)

DRV:64bit: - [2012.02.15 11:01:50 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)

DRV:64bit: - [2011.03.15 12:46:36 | 000,254,528 | ---- | M] (DT Soft Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)

DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)

DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)

DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)

DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)

DRV:64bit: - [2010.11.20 13:03:42 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)

DRV:64bit: - [2010.11.12 01:10:49 | 000,155,752 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)

DRV:64bit: - [2010.10.02 10:08:56 | 000,043,456 | ---- | M] (http://libusb-win32.sourceforge.net) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\libusb0.sys -- (libusb0)

DRV:64bit: - [2010.08.27 13:54:02 | 000,138,752 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbnet.sys -- (ewusbnet)

DRV:64bit: - [2010.08.07 17:49:04 | 000,121,600 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbmdm.sys -- (hwdatacard)

DRV:64bit: - [2010.03.20 12:06:58 | 000,013,952 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ew_usbenumfilter.sys -- (ew_usbenumfilter)

DRV:64bit: - [2010.03.20 10:56:56 | 000,114,560 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ew_hwusbdev.sys -- (ew_hwusbdev)

DRV:64bit: - [2009.09.28 09:22:00 | 000,395,264 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)

DRV:64bit: - [2009.09.15 19:40:42 | 006,952,960 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETw5s64.sys -- (NETw5s64) Intel®

DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)

DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)

DRV:64bit: - [2009.07.14 03:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)

DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)

DRV:64bit: - [2009.06.10 23:01:06 | 001,146,880 | ---- | M] (LSI Corp) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem)

DRV:64bit: - [2009.06.10 22:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64) Intel®

DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)

DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)

DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)

DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)

DRV:64bit: - [2009.05.18 14:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)

DRV:64bit: - [2009.01.31 00:30:52 | 000,383,784 | ---- | M] (Swisscom) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wtsmpflt.sys -- (WtSmpFlt)

DRV:64bit: - [2009.01.31 00:30:52 | 000,056,104 | ---- | M] (Swisscom) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wtsmpadap.sys -- (wtsmpadap)

DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

DRV - [2009.07.07 19:53:02 | 000,028,160 | ---- | M] (http://libusb-win32.sourceforge.net) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\libusb0.sys -- (libusb0)

 

 

========== Standard Registry (SafeList) ==========

 

 

========== Internet Explorer ==========

 

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

 

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = my.daemon-search.com

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = no

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 28 7A A4 6C D4 8C CB 01 [binary data]

IE - HKCU\..\URLSearchHook: {472734EA-242A-422b-ADF8-83D1E48CC825} - C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)

IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC

IE - HKCU\..\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}: "URL" = http://www.daemon-search.com/search/web?q={searchTerms}

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

 

========== FireFox ==========

 

FF - prefs.js..browser.search.selectedEngine: "http://no.woofi.info/"

FF - prefs.js..browser.startup.homepage: "http://no.woofi.info/"

FF - prefs.js..extensions.enabledItems: [email protected]:1.6.2

FF - prefs.js..extensions.enabledItems: {75CEEE46-9B64-46f8-94BF-54012DE155F0}:0.4.8

FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.2.0.7165

FF - prefs.js..extensions.enabledItems: [email protected]:0.9.7

FF - user.js - File not found

 

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_2_202_233.dll File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_233.dll ()

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Laptop\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Laptop\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

FF - HKCU\Software\MozillaPlugins\facebook.com/fbDesktopPlugin: C:\Users\Laptop\AppData\Local\Facebook\Messenger\2.0.4478.0\npFbDesktopPlugin.dll (Facebook, Inc.)

 

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{cb84136f-9c44-433a-9048-c5cd9df1dc16}: C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\Firefox\ [2012.05.02 19:13:08 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.03.23 21:57:25 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.04.11 15:14:00 | 000,000,000 | ---D | M]

 

[2011.03.14 23:33:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Laptop\AppData\Roaming\Mozilla\Extensions

[2012.04.29 15:58:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Laptop\AppData\Roaming\Mozilla\Firefox\Profiles\txv6mpnk.default\extensions

[2012.03.23 21:59:16 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\Laptop\AppData\Roaming\Mozilla\Firefox\Profiles\txv6mpnk.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}

[2011.03.15 12:46:10 | 000,002,059 | ---- | M] () -- C:\Users\Laptop\AppData\Roaming\Mozilla\Firefox\Profiles\txv6mpnk.default\searchplugins\daemon-search.xml

[2012.03.23 21:57:31 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions

() (No name found) -- C:\USERS\LAPTOP\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TXV6MPNK.DEFAULT\EXTENSIONS\{75CEEE46-9B64-46F8-94BF-54012DE155F0}.XPI

() (No name found) -- C:\USERS\LAPTOP\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TXV6MPNK.DEFAULT\EXTENSIONS\{FBF6D7FB-F305-4445-BB3D-FEF66579A033}.XPI

() (No name found) -- C:\USERS\LAPTOP\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TXV6MPNK.DEFAULT\EXTENSIONS\[email protected]

() (No name found) -- C:\USERS\LAPTOP\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TXV6MPNK.DEFAULT\EXTENSIONS\[email protected]

() (No name found) -- C:\USERS\LAPTOP\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TXV6MPNK.DEFAULT\EXTENSIONS\[email protected]

[2012.03.23 21:57:25 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll

[2011.05.04 04:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll

[2012.03.23 21:57:22 | 000,001,525 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazon-en-GB.xml

[2012.03.23 21:57:22 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml

[2012.03.23 21:57:22 | 000,001,218 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bok-NO.xml

[2012.03.23 21:57:22 | 000,000,968 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\qxl-NO.xml

[2012.03.23 21:57:22 | 000,001,203 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\telefonkatalogen-NO.xml

[2012.03.23 21:57:22 | 000,001,176 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-NO.xml

[2012.03.23 21:57:22 | 000,001,192 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-NO.xml

 

========== Chrome ==========

 

CHR - default_search_provider: Google (Enabled)

CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}

CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}

CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer

CHR - plugin: Native Client (Enabled) = C:\Users\Laptop\AppData\Local\Google\Chrome\Application\18.0.1025.168\ppGoogleNaClPluginChrome.dll

CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Laptop\AppData\Local\Google\Chrome\Application\18.0.1025.168\pdf.dll

CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Laptop\AppData\Local\Google\Chrome\Application\18.0.1025.168\gcswf32.dll

CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_233.dll

CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll

CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll

CHR - plugin: Java Platform SE 6 U26 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll

CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll

CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL

CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll

CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll

CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll

CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll

CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll

CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll

CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll

CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll

CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll

CHR - plugin: Facebook Desktop (Enabled) = C:\Users\Laptop\AppData\Local\Facebook\Messenger\2.0.4478.0\npFbDesktopPlugin.dll

CHR - plugin: Google Update (Enabled) = C:\Users\Laptop\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll

 

O1 HOSTS File: ([2012.05.05 12:14:50 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O2:64bit: - BHO: (SnagIt Toolbar Loader) - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files (x86)\TechSmith\Snagit 10\DLLx64\SnagitBHO64.dll (TechSmith Corporation)

O2 - BHO: (SnagIt Toolbar Loader) - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files (x86)\TechSmith\Snagit 10\SnagitBHO.dll (TechSmith Corporation)

O2 - BHO: (PC Tools Browser Guard BHO) - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)

O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O2 - BHO: (ClueIEAddin) - {c14aa221-bae1-45f6-b0b3-90c23f2daa7d} - C:\Clue\adxloader.dll (Add-in Express Ltd)

O3:64bit: - HKLM\..\Toolbar: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.

O3:64bit: - HKLM\..\Toolbar: (Snagit) - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\Snagit 10\DLLx64\SnagitIEAddin64.dll (TechSmith Corporation)

O3 - HKLM\..\Toolbar: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files (x86)\PC Tools\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)

O3 - HKLM\..\Toolbar: (Snagit) - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\Snagit 10\SnagitIEAddin.dll (TechSmith Corporation)

O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.

O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No CLSID value found.

O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)

O4 - Startup: C:\Users\Laptop\APPDATA\ROAMING\MICROSOFT\WINDOWS\START MENU\PROGRAMS\Startup\Dropbox.lnk = C:\Users\Laptop\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

O4 - Startup: C:\Users\Laptop\APPDATA\ROAMING\MICROSOFT\WINDOWS\START MENU\PROGRAMS\Startup\Stardock ObjectDock.lnk = C:\Program Files (x86)\Stardock\ObjectDockFree\ObjectDock.exe (Stardock)

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0

O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Recovery present

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe (PokerStars)

O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O9 - Extra Button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files (x86)\PokerStars.NET\PokerStarsUpdate.exe (PokerStars)

O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)

O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp64.dll (PC Tools Research Pty Ltd.)

O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp64.dll (PC Tools Research Pty Ltd.)

O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp64.dll (PC Tools Research Pty Ltd.)

O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp64.dll (PC Tools Research Pty Ltd.)

O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp64.dll (PC Tools Research Pty Ltd.)

O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp64.dll (PC Tools Research Pty Ltd.)

O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000018 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp64.dll (PC Tools Research Pty Ltd.)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)

O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)

O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)

O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)

O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)

O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)

O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)

O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)

O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab (System Requirements Lab Class)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)

O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{09082641-F8F3-4877-A085-99AAB573CF9A}: DhcpNameServer = 193.213.112.4 130.67.15.198

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C218959D-3D1A-45E5-B2DA-4B1A2A5A94C5}: DhcpNameServer = 192.168.0.1

O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found

O18:64bit: - Protocol\Handler\livecall - No CLSID value found

O18:64bit: - Protocol\Handler\ms-help - No CLSID value found

O18:64bit: - Protocol\Handler\msnim - No CLSID value found

O18:64bit: - Protocol\Handler\skype4com - No CLSID value found

O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found

O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2009.03.24 12:11:04 | 000,000,053 | R--- | M] () - E:\AUTORUN.INF -- [ CDFS ]

O34 - HKLM BootExecute: (autocheck autochk *)

O35:64bit: - HKLM\..comfile [open] -- "%1" %*

O35:64bit: - HKLM\..exefile [open] -- "%1" %*

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*

O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKLM\...com [@ = ComFile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

 

========== Files/Folders - Created Within 30 Days ==========

 

[2012.05.05 13:05:10 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Users\Laptop\Desktop\OTL.exe

[2012.05.05 12:36:47 | 000,000,000 | ---D | C] -- C:\Windows\temp

[2012.05.05 11:47:35 | 000,000,000 | ---D | C] -- C:\Users\Laptop\Desktop\tdsskiller

[2012.05.05 11:32:57 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{80450B2C-3422-4C5B-9AA7-1262653B77F0}

[2012.05.05 11:32:12 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{A35F2DDA-0494-4858-9ACB-7B7EAF25F03B}

[2012.05.05 11:09:20 | 000,000,000 | ---D | C] -- C:\Users\Laptop\DoctorWeb

[2012.05.05 10:55:45 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{2DEB05AB-3A09-4908-96BF-9300F79E4AFD}

[2012.05.05 10:25:05 | 000,000,000 | ---D | C] -- C:\Windows\pss

[2012.05.05 10:11:48 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Roaming\CleanMyPC

[2012.05.04 21:06:24 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{A2729AEF-B1D5-4BDC-B21E-8F2274739C3B}

[2012.05.04 21:05:41 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{26F97EC1-B30F-4428-B70B-AED52ADD3FBA}

[2012.05.04 20:41:39 | 000,706,776 | --S- | C] (PC Tools) -- C:\Windows\SysNative\drivers\TfSysMon.sys

[2012.05.04 20:41:39 | 000,065,664 | --S- | C] (PC Tools) -- C:\Windows\SysNative\drivers\TfFsMon.sys

[2012.05.04 20:41:39 | 000,041,968 | --S- | C] (PC Tools) -- C:\Windows\SysNative\drivers\TfNetMon.sys

[2012.05.04 01:07:22 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN

[2012.05.03 19:14:01 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\appmgmt

[2012.05.03 19:07:21 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Roaming\PC Tools

[2012.05.03 19:07:20 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Roaming\Spam Monitor

[2012.05.03 19:00:29 | 000,181,512 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\pctplfw64.sys

[2012.05.03 19:00:28 | 000,077,976 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\pctNdisLW64.sys

[2012.05.03 19:00:26 | 000,122,784 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\pctNdis-PacketFilter64.sys

[2012.05.03 09:43:12 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{E76F55BF-5304-44E5-B3C8-1463B3570868}

[2012.05.03 09:42:31 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{31FD9E45-606D-4A73-92DE-F7E80A9C9E3D}

[2012.05.03 08:15:51 | 000,000,000 | ---D | C] -- C:\sh4ldr

[2012.05.03 08:15:51 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group

[2012.05.02 19:16:47 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Roaming\Malwarebytes

[2012.05.02 19:16:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware

[2012.05.02 19:16:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes

[2012.05.02 19:16:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware

[2012.05.02 19:15:15 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe

[2012.05.02 19:15:15 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe

[2012.05.02 19:15:15 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe

[2012.05.02 19:13:45 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT

[2012.05.02 19:12:54 | 000,085,192 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\PCTBD64.sys

[2012.05.02 19:12:51 | 000,149,432 | ---- | C] (PC Tools) -- C:\Windows\SGDetectionTool.dll

[2012.05.02 19:12:49 | 002,271,160 | ---- | C] (Threat Expert Ltd.) -- C:\Windows\PCTBDCore.dll

[2012.05.02 19:12:48 | 001,681,336 | ---- | C] (Threat Expert Ltd.) -- C:\Windows\PCTBDRes.dll

[2012.05.02 19:11:22 | 000,000,000 | ---D | C] -- C:\Qoobox

[2012.05.02 19:11:09 | 000,339,608 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\pctgntdi64.sys

[2012.05.02 19:11:09 | 000,145,432 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\pctwfpfilter64.sys

[2012.05.02 19:10:56 | 000,014,776 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\pctBTFix64.sys

[2012.05.02 19:10:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Tools Security

[2012.05.02 19:10:43 | 000,092,896 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\pctplsg64.sys

[2012.05.02 19:09:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PC Tools

[2012.05.02 19:08:15 | 001,096,176 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\pctEFA64.sys

[2012.05.02 19:08:15 | 000,453,896 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\pctDS64.sys

[2012.05.02 19:08:07 | 000,426,104 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\PCTCore64.sys

[2012.05.02 19:08:02 | 000,251,528 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\PCTSD64.sys

[2012.05.02 19:07:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PC Tools

[2012.05.02 19:07:32 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP

[2012.05.02 19:07:23 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Tools

[2012.05.02 19:07:21 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Roaming\TestApp

[2012.05.02 18:45:19 | 000,000,000 | ---D | C] -- C:\USERS\LAPTOP\APPDATA\ROAMING\MICROSOFT\WINDOWS\START MENU\PROGRAMS\Data Recovery

[2012.05.02 17:05:35 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{A03C80F8-7578-49E6-BEB1-096595523F05}

[2012.05.02 17:04:55 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{4D2A7420-C2DF-417F-A89D-CD3D2AC8030B}

[2012.05.02 05:04:01 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{CBF387F5-45D7-45D6-959A-E7E99850FDCB}

[2012.05.02 05:03:21 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{782DC2C1-6AC5-4C7D-B21C-1B83A1FB0AD0}

[2012.05.01 17:02:27 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{163F6D07-167F-4842-B644-3BC644AE9220}

[2012.05.01 17:01:47 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{D5E5227D-F6EB-4CA2-B309-B7235D2501C1}

[2012.04.30 23:04:00 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{A5961688-843E-46EF-9817-F4F7DE3ECA97}

[2012.04.30 23:03:20 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{C47856CF-8A0D-4241-8034-585AF923B485}

[2012.04.30 11:02:24 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{9A64F6FC-CCA3-499D-87E5-45F18B6A6A0A}

[2012.04.30 11:01:44 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{D4DD0248-1167-4389-B777-66921483345B}

[2012.04.29 23:01:01 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{6A6C4D5C-78BA-426E-93B5-E3B0DA040F56}

[2012.04.29 23:00:21 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{A15F43C1-B271-40A6-B432-10EDA87A5D2E}

[2012.04.29 16:58:50 | 000,000,000 | ---D | C] -- C:\Users\Laptop\Documents\Josefine

[2012.04.29 16:57:25 | 000,090,112 | ---- | C] (MindVision Software) -- C:\Windows\unvise32.exe

[2012.04.29 16:55:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Josefine

[2012.04.29 16:55:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Josefine

[2012.04.29 10:59:39 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{33B1AD16-7A34-4B72-B7CA-F80DC97495B5}

[2012.04.29 10:58:59 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{A1952A4B-9617-4EAF-A921-DF10E0EDD9F8}

[2012.04.28 22:58:17 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{80AB3DC3-F369-4ED6-9218-D549DB3D304D}

[2012.04.28 22:57:37 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{B72E74B0-5CE6-474F-AA13-BD135FFA8D17}

[2012.04.28 10:56:54 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{E8CC4CD8-C320-43A1-800B-C147B70245CE}

[2012.04.28 10:56:15 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{158E8810-A634-4640-9BB3-E9C8A6493FAA}

[2012.04.27 16:05:16 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{963E5C9D-85AB-42FE-AC4A-3B0EA7C6F133}

[2012.04.27 16:04:37 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{1E969B5D-D8F9-48C5-AD16-116601E08B97}

[2012.04.27 16:03:57 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{0A6AB7E6-B23B-4DE2-8075-52CFA700E426}

[2012.04.27 16:03:18 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{39D7125B-0D27-4CCE-BC01-726C299189AC}

[2012.04.26 14:25:16 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{58DA51F7-8508-4FD8-B6CB-EEBBFF69973D}

[2012.04.26 14:24:36 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{7F67F20A-7A9A-4C79-BF94-C167344880D6}

[2012.04.26 02:23:52 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{B5B01041-8933-4408-BF91-A36BDF6F60AA}

[2012.04.26 02:23:12 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{4F4B804E-7257-433A-AE00-78A757AEB561}

[2012.04.25 14:22:31 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{047C35C6-478C-42DC-A6A1-7D319622F44A}

[2012.04.25 14:21:52 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{000B4989-6C30-48B0-AD80-17394D489C1E}

[2012.04.25 14:21:12 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{A7496789-8AFF-48C9-8153-8828A70856B4}

[2012.04.25 14:20:33 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{A3B44EDF-72E2-4D88-B866-404CD4D938F0}

[2012.04.24 14:27:33 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{1BFA9AD5-7726-4571-8E16-625BF9562D45}

[2012.04.24 14:26:54 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{BDE94828-FE9B-4152-91FB-1E7A604573E5}

[2012.04.24 14:26:15 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{519AC19F-3A54-42A3-B950-21442FB47801}

[2012.04.24 14:25:36 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{71051F96-B08B-4319-9ACD-1752F6FB7EE3}

[2012.04.24 02:24:55 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{1DCCDFBD-02CD-4A1C-A532-A245A3898B3B}

[2012.04.24 02:24:16 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{6F7E2E3B-0D92-43BD-B058-BD0B3FB8EC3E}

[2012.04.24 02:23:36 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{D96794CE-C1D9-41F9-ADD0-ED2CD34A1F7F}

[2012.04.24 02:22:57 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{CEA10573-9DCE-48D7-8F89-D0A10FCFB5CA}

[2012.04.23 14:22:15 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{83C3864A-6DC2-4F3D-B464-0684867EB0F6}

[2012.04.23 14:21:34 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{803133FE-BF43-41B4-BEB8-5C83581B2502}

[2012.04.22 11:23:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSECache

[2012.04.22 10:25:12 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{D42ED5A1-7E4A-4246-841D-889FC1C22E85}

[2012.04.21 21:57:41 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{27B4C794-EB3E-4CB9-89C2-E88E3A294CFE}

[2012.04.21 21:57:02 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{53F95BCE-ECCB-42D4-B9D0-0F5CB8BBC536}

[2012.04.21 21:56:23 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{CD2B9236-4826-48C9-A311-0D1139C7DE85}

[2012.04.21 21:55:44 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{34D842E0-5090-4531-8796-51F7BD6E446C}

[2012.04.21 09:54:48 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{306FEFCA-EF6B-411F-BBD1-F2DA1E893124}

[2012.04.21 09:54:08 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{CE251F2D-99DC-427F-AFC0-D331F6CA72E0}

[2012.04.21 09:53:48 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{3CAFB1DE-5DC0-4351-B2E4-A84865307857}

[2012.04.20 19:12:01 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{32FA2382-57E7-457B-B82B-BC01D2B2D453}

[2012.04.20 19:11:22 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{59B65628-DB65-43D5-978F-F564C0CF14AA}

[2012.04.20 19:10:41 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{7479100E-32A8-499D-B5AC-9C35B4AD08B8}

[2012.04.20 19:10:02 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{E1449031-3C91-4397-86F5-A7A8B6FB208D}

[2012.04.19 19:23:41 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{6315524D-2ED0-4872-ACC9-F2F343976693}

[2012.04.19 19:23:01 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{9B11B4A6-C865-4C4C-BB06-B7C054E3D387}

[2012.04.19 19:22:22 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{BDA74F8E-0E30-47B8-8B09-DA295F2C6531}

[2012.04.19 19:21:43 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{A7F0B463-B7B3-4CF6-8746-FE8A3C02007C}

[2012.04.19 07:21:01 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{47B1D19B-5B31-4269-8100-AEF348BF4C07}

[2012.04.19 07:20:42 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{1C58B21B-6811-439A-864B-D8EA5D737463}

[2012.04.19 07:20:03 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{BB5A41A5-3813-4BFB-B002-A66A4F3EC49E}

[2012.04.19 07:17:48 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live

[2012.04.18 22:13:17 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{CF4B2DA1-D0A2-4976-9668-68053684006E}

[2012.04.18 22:12:38 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{CAE73196-1419-4E14-B7D9-B0844EC037B9}

[2012.04.18 15:56:18 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{519BC042-4D5F-4930-918C-8CEAC4DDFA29}

[2012.04.18 15:55:39 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{5AA87E87-83CA-4B03-B909-DACA5C4C65C1}

[2012.04.18 14:19:07 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{FA166906-056A-473B-9EAD-2958F90CF964}

[2012.04.18 14:18:27 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{92686BA0-1A6E-40FD-86C1-3DA9BF560FF4}

[2012.04.18 13:36:27 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{1ADBA1C4-3B72-413B-B433-E210CC14501C}

[2012.04.18 13:35:47 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{FAC5099E-3B7E-449B-A215-AE53FC64BD4A}

[2012.04.18 13:33:17 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{75134DC1-B2EA-404C-9411-1F894BDE90D1}

[2012.04.18 13:28:01 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{B20BC6F7-C1F5-423A-9922-2FEA6BEFBFF2}

[2012.04.18 13:27:21 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{EC1A7845-62DB-4BB5-94FC-9BC13EAE639C}

[2012.04.18 09:59:22 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{ED279A21-5209-435F-B06B-2A32351E538B}

[2012.04.18 09:58:43 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{A185E36A-58D1-48E1-9DD2-27DB13B5410C}

[2012.04.17 23:51:21 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{66C74371-5E0B-45C3-BEAB-5A4EBF96F4F2}

[2012.04.17 23:50:40 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{DF7879E1-E186-4C26-9BBA-D579584F2524}

[2012.04.17 22:57:57 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{3A2A520F-C434-40E4-9B52-8B58BA25008D}

[2012.04.17 22:57:16 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{96915DD3-2478-4B8F-839C-ED88EA06BE45}

[2012.04.17 12:36:16 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{9C72C47B-14D1-406F-BAA1-2150A000D42D}

[2012.04.17 12:35:37 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{8B7B57E8-47D7-4BE3-B1E7-0D3906A1AF76}

[2012.04.17 12:30:08 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{14F720F7-3264-4C2F-9BA1-41065E41D733}

[2012.04.17 12:24:03 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{273B457A-1EB8-4071-9389-087FD28E0786}

[2012.04.17 11:26:51 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{67B6C5E5-146F-4057-9581-D0DECB94EFFA}

[2012.04.17 11:26:12 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{DBB3099E-9595-40B8-98A3-2A88CD6DAFE2}

[2012.04.17 10:43:13 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{E6C95607-845F-4C2A-A90F-138D90E2FADB}

[2012.04.17 10:42:34 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{106F0B84-F4D1-4F02-A938-BD8B629768F0}

[2012.04.17 10:39:36 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{763A12FF-B3B2-49BF-84C3-F7F14167AE79}

[2012.04.17 07:36:31 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{4E487997-4F45-40D9-8255-97DCD2C2BBD8}

[2012.04.17 07:35:52 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{25676CDB-4056-437A-82BF-7ECB57DD6374}

[2012.04.17 00:19:37 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{E37CA754-D343-4E84-9C9F-78748E48BF85}

[2012.04.17 00:18:58 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{8B9F6375-910C-45AC-BF09-C620908E155A}

[2012.04.16 23:45:37 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{053283B6-01E7-4C90-A148-8211FD75252F}

[2012.04.16 23:44:58 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{2AA4D95C-CF9F-4AD5-9EEC-A1A0805B2CC0}

[2012.04.16 13:56:46 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{08F737B3-DCF1-49B0-8247-9F5F26AD3597}

[2012.04.16 13:56:07 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{6A395DB8-ABC1-44C1-9880-BB19096CDF70}

[2012.04.16 11:08:03 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{8FC1B109-BE2C-4F27-A145-2F628C497F89}

[2012.04.16 11:07:24 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{0E863BDF-06D8-4378-98AD-42EBAB599761}

[2012.04.16 10:07:22 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{683FE1E4-9970-4401-9150-3F8C380F6546}

[2012.04.16 10:06:43 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{B3E1180A-C07A-4846-8FF1-09056723FEAF}

[2012.04.16 09:45:03 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{D1B1FD10-E050-4560-AEA5-69CA1E9731FD}

[2012.04.16 09:44:22 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{13B2866A-79C8-4BFD-9476-ADA2BC81D46B}

[2012.04.16 07:48:19 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{B647EEAC-FF4A-4B9E-8E10-F2BC22AFA4D9}

[2012.04.15 23:13:20 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{BD19DA5A-8018-4F26-9BF7-7336E6C2DA0C}

[2012.04.15 23:12:39 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{F0BB1EA1-933A-4D84-8180-956A746D1499}

[2012.04.15 19:19:10 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{4BB1ECB2-F507-4178-BF12-E24B007921CD}

[2012.04.15 19:18:29 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{CE7F20E9-DC50-482F-A1FA-6652C19142F3}

[2012.04.15 19:17:47 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{3B945E3E-F09D-4D15-8C62-B4920CE26BB3}

[2012.04.15 19:17:02 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{91DF9219-A2A1-4CDA-9336-85BB2DFE34D4}

[2012.04.14 23:13:47 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{70A0A2FE-81D7-4D20-8398-4319249BA822}

[2012.04.13 22:53:24 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{A94BEE6D-4C00-41F9-90BC-9CCA09B45E9F}

[2012.04.13 22:19:09 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{FDA6E48D-FCB8-4763-9484-B41FB3C711E8}

[2012.04.13 22:18:29 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{E2A78A62-6FFD-44CA-8042-9F7AFA9C7DA6}

[2012.04.13 21:16:12 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{466B0F5D-966F-4C0E-85BE-029B98435BC9}

[2012.04.13 21:15:32 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{3E8B4E59-4D5E-4E2C-A989-566D68487977}

[2012.04.13 20:16:14 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{61A8ED8B-BAB4-43B9-B646-E8385EF86CF3}

[2012.04.12 19:49:47 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{92963F40-9CD5-4E6C-BA5C-E96629AEA165}

[2012.04.12 19:49:07 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{10ABE373-D5BA-4E81-B9B7-6A83F377D381}

[2012.04.12 07:48:27 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{20552589-101C-408C-B2CC-57EEE0925D8B}

[2012.04.11 22:48:12 | 000,000,000 | ---D | C] -- C:\USERS\LAPTOP\APPDATA\ROAMING\MICROSOFT\WINDOWS\START MENU\PROGRAMS\Facebook

[2012.04.11 22:47:52 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\Facebook

[2012.04.11 19:07:47 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{9C0E3A41-9BCC-4E9B-B211-F4648688B5F0}

[2012.04.11 07:06:54 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{BC8F905C-C4DA-40D1-85CE-B25DF28BAEE9}

[2012.04.10 18:58:20 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{F7B34465-DFF0-49B2-84EB-F2FD36ADC2A3}

[2012.04.10 06:57:39 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{4787CB10-F564-4772-9745-E8240238A8C2}

[2012.04.09 13:02:41 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{BFFF6A91-1784-4B2E-80F9-4F7572AB6CA6}

[2012.04.09 10:49:59 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{8F78EA1D-5C9F-4075-AD03-44AF3C4BB156}

[2012.04.08 14:56:05 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{FD89B733-CF2B-47E1-A439-C9272A886F66}

[2012.04.07 09:35:58 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{F0DBFB22-982B-4479-82C7-B0385DF89780}

[2012.04.06 21:35:16 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{4DFA9229-33E5-44C9-9043-A44FC7D8D18E}

[2012.04.06 09:34:10 | 000,000,000 | ---D | C] -- C:\Users\Laptop\AppData\Local\{8AB9D9D5-1699-47E6-BBFD-A0FDA9E3255F}

[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

 

========== Files - Modified Within 30 Days ==========

 

[2012.05.05 13:05:10 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Laptop\Desktop\OTL.exe

[2012.05.05 12:48:00 | 000,001,006 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1051396789-1699662356-3098169049-1000UA.job

[2012.05.05 12:26:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job

[2012.05.05 12:14:50 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts

[2012.05.05 11:47:23 | 002,055,783 | ---- | M] () -- C:\Users\Laptop\Desktop\tdsskiller.zip

[2012.05.05 11:38:04 | 000,014,192 | ---- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2012.05.05 11:38:04 | 000,014,192 | ---- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2012.05.05 11:34:41 | 002,798,460 | ---- | M] () -- C:\Windows\SysNative\perfh014.dat

[2012.05.05 11:34:41 | 001,440,526 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat

[2012.05.05 11:34:41 | 000,897,894 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat

[2012.05.05 11:34:41 | 000,891,280 | ---- | M] () -- C:\Windows\SysNative\perfc014.dat

[2012.05.05 11:34:41 | 000,004,974 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI

[2012.05.05 11:31:45 | 001,433,571 | ---- | M] () -- C:\Windows\SysNative\drivers\Cat.DB

[2012.05.05 11:30:01 | 000,067,584 | ---- | M] () -- C:\Windows\bootstat.dat

[2012.05.05 11:08:42 | 084,638,576 | ---- | M] () -- C:\Users\Laptop\Desktop\9nm435bk.exe

[2012.05.05 10:52:02 | 000,000,932 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1051396789-1699662356-3098169049-1000UA.job

[2012.05.04 22:52:01 | 000,000,910 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1051396789-1699662356-3098169049-1000Core.job

[2012.05.04 17:48:01 | 000,000,954 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1051396789-1699662356-3098169049-1000Core.job

[2012.05.04 01:08:25 | 000,000,184 | ---- | M] () -- C:\ProgramData\-xsivsBNQ9ebjPfr

[2012.05.04 01:08:25 | 000,000,000 | ---- | M] () -- C:\ProgramData\-xsivsBNQ9ebjPf

[2012.05.03 19:00:29 | 000,181,512 | ---- | M] (PC Tools) -- C:\Windows\SysNative\drivers\pctplfw64.sys

[2012.05.03 19:00:28 | 000,077,976 | ---- | M] (PC Tools) -- C:\Windows\SysNative\drivers\pctNdisLW64.sys

[2012.05.03 19:00:26 | 000,122,784 | ---- | M] (PC Tools) -- C:\Windows\SysNative\drivers\pctNdis-PacketFilter64.sys

[2012.05.02 18:49:42 | 005,143,472 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT

[2012.04.30 18:55:00 | 000,001,456 | ---- | M] () -- C:\Users\Laptop\AppData\Local\Adobe Save for Web 12.0 Prefs

[2012.04.21 22:52:44 | 000,004,096 | ---- | M] () -- C:\Users\Laptop\AppData\Local\keyfile3.drm

[2012.04.08 19:26:09 | 000,147,904 | ---- | M] () -- C:\Windows\SysWow64\mlfcache.dat

[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

 

========== Files Created - No Company Name ==========

 

[2012.05.05 11:47:22 | 002,055,783 | ---- | C] () -- C:\Users\Laptop\Desktop\tdsskiller.zip

[2012.05.05 11:08:02 | 084,638,576 | ---- | C] () -- C:\Users\Laptop\Desktop\9nm435bk.exe

[2012.05.04 20:53:22 | 000,002,503 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Safari.lnk

[2012.05.04 20:53:22 | 000,002,496 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk

[2012.05.04 20:53:22 | 000,001,547 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk

[2012.05.04 20:53:22 | 000,001,452 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk

[2012.05.04 20:53:22 | 000,001,330 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk

[2012.05.04 20:53:22 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk

[2012.05.04 20:53:22 | 000,001,246 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk

[2012.05.04 20:53:22 | 000,001,210 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk

[2012.05.04 20:53:22 | 000,001,184 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 7.lnk

[2012.05.04 20:53:22 | 000,001,108 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 6.lnk

[2012.05.04 20:53:21 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk

[2012.05.04 20:53:21 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk

[2012.05.04 20:53:21 | 000,002,047 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Audition 3.0.lnk

[2012.05.04 20:53:21 | 000,001,903 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk

[2012.05.04 20:53:21 | 000,001,851 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk

[2012.05.04 20:53:21 | 000,001,529 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS5.lnk

[2012.05.04 20:53:21 | 000,001,363 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS5.lnk

[2012.05.04 20:53:21 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk

[2012.05.04 20:53:21 | 000,001,272 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Device Central CS5.lnk

[2012.05.04 20:53:21 | 000,001,217 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS5.lnk

[2012.05.04 20:53:21 | 000,001,179 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS5.lnk

[2012.05.04 20:53:21 | 000,001,160 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk

[2012.05.04 20:53:21 | 000,001,081 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS5 (64 Bit).lnk

[2012.05.04 20:53:21 | 000,001,003 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk

[2012.05.02 19:15:15 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe

[2012.05.02 19:15:15 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe

[2012.05.02 19:15:15 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe

[2012.05.02 19:15:15 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe

[2012.05.02 19:15:15 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe

[2012.05.02 19:12:52 | 000,767,928 | ---- | C] () -- C:\Windows\BDTSupport.dll

[2012.05.02 19:12:51 | 000,003,488 | ---- | C] () -- C:\Windows\UDB.zip

[2012.05.02 19:12:51 | 000,000,882 | ---- | C] () -- C:\Windows\RegSDImport.xml

[2012.05.02 19:12:51 | 000,000,879 | ---- | C] () -- C:\Windows\RegISSImport.xml

[2012.05.02 19:12:51 | 000,000,131 | ---- | C] () -- C:\Windows\IDB.zip

[2012.05.02 19:08:16 | 001,433,571 | ---- | C] () -- C:\Windows\SysNative\drivers\Cat.DB

[2012.05.02 18:45:19 | 000,000,184 | ---- | C] () -- C:\ProgramData\-xsivsBNQ9ebjPfr

[2012.05.02 18:45:19 | 000,000,000 | ---- | C] () -- C:\ProgramData\-xsivsBNQ9ebjPf

[2012.04.21 22:52:44 | 000,004,096 | ---- | C] () -- C:\Users\Laptop\AppData\Local\keyfile3.drm

[2012.04.15 19:17:49 | 000,000,830 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job

[2012.04.11 22:47:57 | 000,000,932 | ---- | C] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1051396789-1699662356-3098169049-1000UA.job

[2012.04.11 22:47:54 | 000,000,910 | ---- | C] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1051396789-1699662356-3098169049-1000Core.job

[2011.06.01 21:35:34 | 000,147,904 | ---- | C] () -- C:\Windows\SysWow64\mlfcache.dat

[2011.05.12 20:17:27 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat

[2011.03.27 16:46:52 | 001,250,322 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI

[2011.03.17 00:04:24 | 000,001,456 | ---- | C] () -- C:\Users\Laptop\AppData\Local\Adobe Save for Web 12.0 Prefs

[2011.03.15 13:58:10 | 000,000,056 | ---- | C] () -- C:\Windows\SysWow64\ezsidmv.dat

 

========== LOP Check ==========

 

[2011.04.01 22:21:07 | 000,000,000 | ---D | M] -- C:\Users\Laptop\AppData\Roaming\ACD Systems

[2011.05.05 00:17:53 | 000,000,000 | ---D | M] -- C:\Users\Laptop\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1

[2012.05.05 10:11:59 | 000,000,000 | ---D | M] -- C:\Users\Laptop\AppData\Roaming\CleanMyPC

[2011.03.15 10:50:09 | 000,000,000 | ---D | M] -- C:\Users\Laptop\AppData\Roaming\Clue

[2011.03.15 12:53:28 | 000,000,000 | ---D | M] -- C:\Users\Laptop\AppData\Roaming\DAEMON Tools Lite

[2012.05.03 16:22:25 | 000,000,000 | ---D | M] -- C:\Users\Laptop\AppData\Roaming\Dropbox

[2012.05.02 15:55:51 | 000,000,000 | ---D | M] -- C:\Users\Laptop\AppData\Roaming\FileZilla

[2011.05.08 10:58:09 | 000,000,000 | ---D | M] -- C:\Users\Laptop\AppData\Roaming\LPC

[2012.05.05 10:11:19 | 000,000,000 | ---D | M] -- C:\Users\Laptop\AppData\Roaming\Notepad++

[2011.12.19 17:12:56 | 000,000,000 | ---D | M] -- C:\Users\Laptop\AppData\Roaming\Obsidium

[2011.06.27 13:05:01 | 000,000,000 | ---D | M] -- C:\Users\Laptop\AppData\Roaming\Opera

[2011.06.27 13:08:14 | 000,000,000 | ---D | M] -- C:\Users\Laptop\AppData\Roaming\Option

[2011.07.08 23:39:49 | 000,000,000 | ---D | M] -- C:\Users\Laptop\AppData\Roaming\PacificPoker

[2012.05.03 19:07:20 | 000,000,000 | ---D | M] -- C:\Users\Laptop\AppData\Roaming\Spam Monitor

[2012.04.29 18:37:58 | 000,000,000 | ---D | M] -- C:\Users\Laptop\AppData\Roaming\Spotify

[2011.03.15 13:43:37 | 000,000,000 | ---D | M] -- C:\Users\Laptop\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1

[2011.03.13 20:40:30 | 000,000,000 | ---D | M] -- C:\Users\Laptop\AppData\Roaming\Stardock

[2011.03.17 23:16:32 | 000,000,000 | ---D | M] -- C:\Users\Laptop\AppData\Roaming\Steinberg

[2011.03.17 18:56:15 | 000,000,000 | ---D | M] -- C:\Users\Laptop\AppData\Roaming\SWiSH Max4

[2012.05.04 21:37:50 | 000,000,000 | ---D | M] -- C:\Users\Laptop\AppData\Roaming\TeamViewer

[2012.05.02 19:07:21 | 000,000,000 | ---D | M] -- C:\Users\Laptop\AppData\Roaming\TestApp

[2011.03.15 21:15:10 | 000,000,000 | ---D | M] -- C:\Users\Laptop\AppData\Roaming\Thinstall

[2012.05.04 21:37:50 | 000,000,000 | ---D | M] -- C:\Users\Laptop\AppData\Roaming\uTorrent

[2011.03.14 23:41:56 | 000,000,000 | ---D | M] -- C:\Users\Laptop\AppData\Roaming\Windows Live Writer

[2012.05.04 22:52:01 | 000,000,910 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1051396789-1699662356-3098169049-1000Core.job

[2012.05.05 10:52:02 | 000,000,932 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1051396789-1699662356-3098169049-1000UA.job

[2009.07.14 07:08:49 | 000,020,952 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

 

========== Purity Check ==========

 

 

 

========== Alternate Data Streams ==========

 

@Alternate Data Stream - 195 bytes -> C:\ProgramData\TEMP:DFC5A2B2

@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:430C6D84

< End of report >

 

Lenke til kommentar

Otl.txt:

 

 

OTL Fix.

 

Avslutt alle aktive programer og deaktiver alle Antivirus Guards.

åpne OTL.exe som Administrator.

Kopier og lim in

følgende text in i den hvite textboksen til OTL.

 

 

:OTL

DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys -- (esgiguard)

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = my.daemon-search.com

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = no

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 28 7A A4 6C D4 8C CB 01 [binary data]

IE - HKCU\..\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}: "URL" = http://www.daemon-se...q={searchTerms}

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

FF - prefs.js..browser.search.selectedEngine: "http://no.woofi.info/"

FF - prefs.js..browser.startup.homepage: "http://no.woofi.info/"

O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.

O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} - No CLSID value found.

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0

O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Recovery present

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

[2012.05.03 08:15:51 | 000,000,000 | ---D | C] -- C:\sh4ldr

[2012.05.04 01:08:25 | 000,000,184 | ---- | M] () -- C:\ProgramData\-xsivsBNQ9ebjPfr

[2012.05.04 01:08:25 | 000,000,000 | ---- | M] () -- C:\ProgramData\-xsivsBNQ9ebjPf

[2012.04.21 22:52:44 | 000,004,096 | ---- | M] () -- C:\Users\Laptop\AppData\Local\keyfile3.drm

@Alternate Data Stream - 195 bytes -> C:\ProgramData\TEMP:DFC5A2B2

@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:430C6D84

:Commands

[purity]

[emptytemp]

[emtyflash]

[resethosts]

Klick deretter: FIX

PC vil restarte og det kommer opp et log. Post det.

Lenke til kommentar

Bli med i samtalen

Du kan publisere innhold nå og registrere deg senere. Hvis du har en konto, logg inn nå for å poste med kontoen din.

Gjest
Skriv svar til emnet...

×   Du har limt inn tekst med formatering.   Lim inn uten formatering i stedet

  Du kan kun bruke opp til 75 smilefjes.

×   Lenken din har blitt bygget inn på siden automatisk.   Vis som en ordinær lenke i stedet

×   Tidligere tekst har blitt gjenopprettet.   Tøm tekstverktøy

×   Du kan ikke lime inn bilder direkte. Last opp eller legg inn bilder fra URL.

Laster...
  • Hvem er aktive   0 medlemmer

    • Ingen innloggede medlemmer aktive
×
×
  • Opprett ny...