Just nu i M3-nätverket
Gå till innehåll
attigrib

Windows uppdateringar fungerar inte

Rekommendera Poster

Behöver hjälp att lösa ett problem med windows uppdateringarna. Det går inte att installera viktiga uppdateringar längre. Felkod 646 anges. jag har gått till hjälpen och försökt med att åtgärda problemet automatiskt (Fix It) och jag har också försökt att åtgärda problemet manuellt efter beskrivningen att kolla registernycklarna. Registren är ok och ser ut som de ska enligt beskrivningen i Windows hjälp. Datorn är otroligt seg och långsam och jag misstänker att jag har fått in något spionprogram eller annat som inta ska vara där. Tacksam för hjälp.

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

Förutom skadliga program kan en dålig hårddisk ge upphov till att allt som rör hårddisken går mycket långsamt och det brukar upplevas som en seg dator. Det är därför viktigt att du har säkerhetskopior på alla viktiga filer eftersom det är möjligt att Windows kommer att vägra fungera.

 

Följ anvisningarna i tråden Till dig med virus eller andra skadliga program i datorn så gott det går.

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

Hej,

kanske du ska ta och prova i Felsäkert Läge med nätverk. Starta om datorn och under uppstarten tryck på F8 upprepade gånger, välj sedan Felsäkert Läge med nätverk. I annat fall kan du ju prova med att använda eller ladda ned Malwarebytes här:

Malwarebytes' Anti-Malware

kör en snabbskanner och klistra in loggen här i din tråd. Loggen finns att hitta under fliken Loggar om den inte öppnas automatiskt-

Mvh

Mats H

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

Ett alternativ till DDS är OTL. Spara OTL på Skrivbordet.

http://oldtimer.geekstogo.com/OTL.exe

Stäng alla program.

Kör OTL.

 

Under Output högt upp så välj Minimal Output.

Bocka för LOP Check och Purity Check.

Tryck på Run Scan och låt programmet köra ostört.

 

När det är klart så skapas två loggfiler på Skrivbordet, OTL.txt och Extras.txt. I ditt svar klistrar du in loggen OTL.txt. Medan du bifogar Extras.txt som en fil.

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

Här kommer resultatet av skanningen med OTL:

 

 

OTL logfile created on: 2011-10-03 12:07:50 - Run 1

OTL by OldTimer - Version 3.2.29.1 Folder = C:\Users\Birgitta\Downloads

Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 0000041D | Country: Sverige | Language: SVE | Date Format: yyyy-MM-dd

 

1,87 Gb Total Physical Memory | 1,18 Gb Available Physical Memory | 62,77% Memory free

3,99 Gb Paging File | 2,62 Gb Available in Paging File | 65,74% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 284,41 Gb Total Space | 152,91 Gb Free Space | 53,76% Space Free | Partition Type: NTFS

Drive D: | 13,68 Gb Total Space | 1,91 Gb Free Space | 13,95% Space Free | Partition Type: NTFS

Drive K: | 465,64 Gb Total Space | 319,55 Gb Free Space | 68,63% Space Free | Partition Type: FAT32

 

Computer Name: LARSSONSDATOR | User Name: Birgitta | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 

========== Processes (SafeList) ==========

 

PRC - C:\Users\Birgitta\Downloads\OTL.exe (OldTimer Tools)

PRC - c:\Program\McAfee\SiteAdvisor\McSACore.exe (McAfee, Inc.)

PRC - C:\Program\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)

PRC - C:\Program\IObit\Advanced SystemCare 4\PMonitor.exe (IObit)

PRC - C:\Program\IObit\Advanced SystemCare 4\ASCService.exe (IObit)

PRC - C:\Program\Secunia\PSI\sua.exe (Secunia)

PRC - C:\Program\Secunia\PSI\psia.exe (Secunia)

PRC - C:\Users\Birgitta\Forefront UAG Remote Access Agent\portalthomascookse\tcneportal1\uagqecsvc.exe (Microsoft ® Corporation)

PRC - C:\Program\Emsisoft Anti-Malware\a2service.exe (Emsi Software GmbH)

PRC - C:\Program\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)

PRC - C:\Program\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)

PRC - C:\Program\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Microsoft Corp.)

PRC - C:\Program\Telia\Supportassistenten\bin\tgsrvc.exe (SupportSoft, Inc.)

PRC - C:\Program\Telia\Supportassistenten\bin\sprtsvc.exe (SupportSoft, Inc.)

PRC - C:\Program\Norton Internet Security\Engine\17.8.0.5\ccsvchst.exe (Symantec Corporation)

PRC - C:\Program\Hewlett-Packard\Media\DVD\DVDAgent.exe (CyberLink Corp.)

PRC - C:\Windows\explorer.exe (Microsoft Corporation)

PRC - C:\Program\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)

PRC - C:\Program\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)

PRC - C:\Program\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)

PRC - C:\Program\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)

PRC - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40ST7.EXE (SEIKO EPSON CORPORATION)

PRC - C:\hp\support\hpsysdrv.exe (Hewlett-Packard Company)

PRC - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE (SEIKO EPSON CORPORATION)

PRC - C:\Windows\V0220Mon.exe (Creative Technology Ltd.)

 

 

========== Modules (No Company Name) ==========

 

MOD - C:\Program\IObit\Advanced SystemCare 4\ASCv4ExtMenu.dll ()

MOD - C:\Program\IObit\Advanced SystemCare 4\madexcept_.bpl ()

MOD - C:\Program\IObit\Advanced SystemCare 4\madbasic_.bpl ()

MOD - C:\Program\IObit\Advanced SystemCare 4\maddisAsm_.bpl ()

MOD - C:\Program\IZArc\IZArcCM.dll ()

MOD - C:\Program\Common Files\Apple\Apple Application Support\zlib1.dll ()

 

 

========== Win32 Services (SafeList) ==========

 

SRV - (McAfee SiteAdvisor Service) -- c:\Program\McAfee\SiteAdvisor\McSACore.exe (McAfee, Inc.)

SRV - (AdobeARMservice) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)

SRV - (AdvancedSystemCareService) -- C:\Program\IObit\Advanced SystemCare 4\ASCService.exe (IObit)

SRV - (Secunia Update Agent) -- C:\Program Files\Secunia\PSI\sua.exe (Secunia)

SRV - (Secunia PSI Agent) -- C:\Program Files\Secunia\PSI\PSIA.exe (Secunia)

SRV - (uagqecsvc) -- C:\Users\Birgitta\Forefront UAG Remote Access Agent\portalthomascookse\tcneportal1\uagqecsvc.exe (Microsoft ® Corporation)

SRV - (a2AntiMalware) -- C:\Program Files\Emsisoft Anti-Malware\a2service.exe (Emsi Software GmbH)

SRV - (tgsrvc_teliada) SupportSoft Repair Service (teliada) -- C:\Program Files\Telia\Supportassistenten\bin\tgsrvc.exe (SupportSoft, Inc.)

SRV - (sprtsvc_teliada) SupportSoft Sprocket Service (teliada) -- C:\Program Files\Telia\Supportassistenten\bin\sprtsvc.exe (SupportSoft, Inc.)

SRV - (AutoStore) -- C:\Program Files\Storegate\Autostore\AutoStoreSvc.exe (Storegate AB)

SRV - (NIS) -- C:\Program Files\Norton Internet Security\Engine\17.8.0.5\ccSvcHst.exe (Symantec Corporation)

SRV - (ServiceLayer) -- C:\Program Files\Nokia\PC Connectivity Solution\ServiceLayer.exe (Nokia)

SRV - (SBSDWSCService) -- C:\Program\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)

SRV - (SupportSoft RemoteAssist) -- C:\Program\Common Files\supportsoft\bin\ssrc.exe (SupportSoft, Inc.)

SRV - (ezSharedSvc) -- C:\Windows\System32\ezsvc7.dll (EasyBits Sofware AS)

SRV - (WinDefend) -- C:\Program\Windows Defender\MpSvc.dll (Microsoft Corporation)

SRV - (EPSON_EB_RPCV4_01) EPSON V5 Service4(01) -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40ST7.EXE (SEIKO EPSON CORPORATION)

SRV - (EPSON_PM_RPCV4_01) EPSON V3 Service4(01) -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE (SEIKO EPSON CORPORATION)

 

 

========== Driver Services (SafeList) ==========

 

DRV - (BHDrvx86) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.6.0.32\Definitions\BASHDefs\20110920.001\BHDrvx86.sys (Symantec Corporation)

DRV - (IDSVix86) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.6.0.32\Definitions\IPSDefs\20110930.030\IDSvix86.sys (Symantec Corporation)

DRV - (NAVEX15) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.6.0.32\Definitions\VirusDefs\20111001.004\NAVEX15.SYS (Symantec Corporation)

DRV - (NAVENG) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.6.0.32\Definitions\VirusDefs\20111001.004\NAVENG.SYS (Symantec Corporation)

DRV - (EraserUtilRebootDrv) -- C:\Program\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation)

DRV - (eeCtrl) -- C:\Program\Common Files\Symantec Shared\EENGINE\eeCtrl.sys (Symantec Corporation)

DRV - (a2acc) -- C:\Program\Emsisoft Anti-Malware\a2accx86.sys (Emsi Software GmbH)

DRV - (seehcri) -- C:\Windows\System32\drivers\seehcri.sys (Sony Ericsson Mobile Communications)

DRV - (ggsemc) -- C:\Windows\System32\drivers\ggsemc.sys (Sony Ericsson Mobile Communications)

DRV - (ggflt) -- C:\Windows\System32\drivers\ggflt.sys (Sony Ericsson Mobile Communications)

DRV - (PSI) -- C:\Windows\System32\drivers\psi_mf.sys (Secunia)

DRV - (SymEvent) -- C:\Windows\System32\drivers\SYMEVENT.SYS (Symantec Corporation)

DRV - (NVNET) -- C:\Windows\System32\drivers\nvmfdx32.sys (NVIDIA Corporation)

DRV - (UsbserFilt) -- C:\Windows\System32\drivers\usbser_lowerfltj.sys (Nokia)

DRV - (upperdev) -- C:\Windows\System32\drivers\usbser_lowerflt.sys (Nokia)

DRV - (nmwcdc) -- C:\Windows\System32\drivers\ccdcmbo.sys (Nokia)

DRV - (nmwcd) -- C:\Windows\System32\drivers\ccdcmb.sys (Nokia)

DRV - (SASKUTIL) -- C:\Program\SUPERAntiSpyware\SASKUTIL.SYS (SUPERAdBlocker.com and SUPERAntiSpyware.com)

DRV - (SYMTDIv) -- C:\Windows\System32\Drivers\NIS\1108000.005\SYMTDIV.SYS (Symantec Corporation)

DRV - (SymIRON) -- C:\Windows\system32\drivers\NIS\1108000.005\Ironx86.SYS (Symantec Corporation)

DRV - (SymEFA) -- C:\Windows\system32\drivers\NIS\1108000.005\SYMEFA.SYS (Symantec Corporation)

DRV - (SRTSP) -- C:\Windows\System32\Drivers\NIS\1108000.005\SRTSP.SYS (Symantec Corporation)

DRV - (SRTSPX) Symantec Real Time Storage Protection (PEL) -- C:\Windows\system32\drivers\NIS\1108000.005\SRTSPX.SYS (Symantec Corporation)

DRV - (ccHP) -- C:\Windows\system32\drivers\NIS\1108000.005\ccHPx86.sys (Symantec Corporation)

DRV - (SASDIFSV) -- C:\Program\SUPERAntiSpyware\sasdifsv.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)

DRV - (SymDS) -- C:\Windows\system32\drivers\NIS\1108000.005\SYMDS.SYS (Symantec Corporation)

DRV - (pavboot) -- C:\Windows\system32\drivers\pavboot.sys (Panda Security, S.L.)

DRV - (sptd) -- C:\Windows\System32\drivers\sptd.sys (Duplex Secure Ltd.)

DRV - (pccsmcfd) -- C:\Windows\System32\drivers\pccsmcfd.sys (Nokia)

DRV - (nvstor32) -- C:\Windows\system32\drivers\nvstor32.sys (NVIDIA Corporation)

DRV - (nvrd32) -- C:\Windows\system32\drivers\nvrd32.sys (NVIDIA Corporation)

DRV - (PCD5SRVC{BD6912E3-AC9D80E8-05040000}) -- C:\Program\PC-Doctor for Windows\pcd5srvc.pkms (PC-Doctor, Inc.)

DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)

DRV - (nvsmu) -- C:\Windows\system32\drivers\nvsmu.sys (NVIDIA Corporation)

DRV - (SCDEmu) -- C:\Windows\System32\drivers\scdemu.sys (PowerISO Computing, Inc.)

DRV - (Ph3xIB32) -- C:\Windows\System32\drivers\Ph3xIB32.sys (Philips Semiconductors GmbH)

DRV - (NVENETFD) -- C:\Windows\System32\drivers\nvm60x32.sys (NVIDIA Corporation)

DRV - (V0220Dev) -- C:\Windows\System32\drivers\V0220Dev.sys (Creative Technology Ltd.)

DRV - (V0220Vfx) -- C:\Windows\System32\drivers\V0220Vfx.sys (EyePower Games Pte. Ltd.)

 

 

========== Standard Registry (SafeList) ==========

 

 

========== Internet Explorer ==========

 

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page =

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =

IE - HKLM\..\URLSearchHook: {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program\Freecorder\tbFre1.dll (Conduit Ltd.)

 

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page =

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.lindenytt.com/

IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

 

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()

FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: File not found

FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)

FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)

FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@pandasecurity.com/activescan: C:\Program Files\Panda Security\ActiveScan 2.0\npwrapper.dll (Panda Security)

FF - HKLM\Software\MozillaPlugins\@se.nexus/Personal: C:\Program Files\Personal\bin\np_prsnl.dll (Technology Nexus AB)

FF - HKLM\Software\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0: C:\Program Files\Sony\Media Go\npmediago.dll (Sony Media Software and Services Inc)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3: C:\Users\Birgitta\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll ( )

 

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\ekort@orbiscom: C:\Program Files\ekort File not found

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.6.0.32\IPSFFPlgn\ [2011-07-20 20:48:57 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.6.0.32\coFFPlgn_2010_9_0_6 [2011-10-02 11:15:53 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files\McAfee\SiteAdvisor [2011-10-02 11:18:32 | 000,000,000 | ---D | M]

 

 

========== Chrome ==========

 

CHR - default_search_provider: Google (Enabled)

CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}

CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}

CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\15.0.874.58\gcswf32.dll

CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll

CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll

CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll

CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll

CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll

CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll

CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll

CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll

CHR - plugin: Java Platform SE 6 U26 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll

CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll

CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files\Microsoft\Office Live\npOLW.dll

CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer

CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\15.0.874.58\ppGoogleNaClPluginChrome.dll

CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\15.0.874.58\pdf.dll

CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Users\Birgitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.31.137.7_0\McChPlg.dll

CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll

CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

CHR - plugin: Picasa (Enabled) = C:\Program Files\Google\Picasa3\npPicasa3.dll

CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll

CHR - plugin: Panda ActiveScan 2.0 (Enabled) = C:\Program Files\Panda Security\ActiveScan 2.0\npwrapper.dll

CHR - plugin: Nexus Personal (Enabled) = C:\Program Files\Personal\bin\np_prsnl.dll

CHR - plugin: Media Go Detector (Enabled) = C:\Program Files\Sony\Media Go\npmediago.dll

CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll

CHR - plugin: Facebook Plugin (Enabled) = C:\Users\Birgitta\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll

CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

CHR - plugin: Default Plug-in (Enabled) = default_plugin

CHR - Extension: SiteAdvisor = C:\Users\Birgitta\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.40.135.1_0\

 

O1 HOSTS File: ([2010-09-01 10:10:50 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O2 - BHO: (Freecorder Toolbar) - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program\Freecorder\tbFre1.dll (Conduit Ltd.)

O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)

O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program\Norton Internet Security\Engine\17.8.0.5\coIEplg.dll (Symantec Corporation)

O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program\Norton Internet Security\Engine\17.8.0.5\ipsbho.dll (Symantec Corporation)

O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)

O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)

O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

O2 - BHO: (e-kort Helper Class) - {9065E913-4F23-4B47-9B5D-B055D32DB1F3} - C:\Program\ekort\EKortHelper.dll ()

O2 - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)

O2 - BHO: (Windows Live Messenger Companion Helper) - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program\Windows Live\Companion\companioncore.dll (Microsoft Corporation)

O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)

O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)

O3 - HKLM\..\Toolbar: (Freecorder Toolbar) - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program\Freecorder\tbFre1.dll (Conduit Ltd.)

O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program\Norton Internet Security\Engine\17.8.0.5\coIEplg.dll (Symantec Corporation)

O3 - HKLM\..\Toolbar: (e-kort Toolbar) - {8DB2B2E8-579F-48A8-A496-18FEFCF8F4DF} - C:\Program\ekort\EKortToolbar.dll ()

O3 - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)

O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.

O3 - HKCU\..\Toolbar\WebBrowser: (Freecorder Toolbar) - {1392B8D2-5C05-419F-A8F6-B9F15A596612} - C:\Program\Freecorder\tbFre1.dll (Conduit Ltd.)

O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program\Norton Internet Security\Engine\17.8.0.5\coIEplg.dll (Symantec Corporation)

O4 - HKLM..\Run: [DVDAgent] c:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe (CyberLink Corp.)

O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Program\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)

O4 - HKLM..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe (Hewlett-Packard Company)

O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)

O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)

O4 - HKLM..\Run: [sunJavaUpdateReg] C:\Windows\System32\jureg.exe (Sun Microsystems, Inc.)

O4 - HKLM..\Run: [V0220Mon.exe] C:\Windows\V0220Mon.exe (Creative Technology Ltd.)

O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)

O4 - Startup: C:\Users\Birgitta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program\ERUNT\AUTOBACK.EXE ()

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisallowCpl = 1

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowCpl: Välkomstcenter = Välkomstcenter

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowCpl: Personer i närheten = Personer i närheten

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowCpl: Hjälpmedelscenter = Hjälpmedelscenter

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowCpl: Föräldrakontroll = Föräldrakontroll

O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)

O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html File not found

O9 - Extra Button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program\Windows Live\Companion\companioncore.dll (Microsoft Corporation)

O9 - Extra Button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)

O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program\Bonjour\mdnsNSP.dll (Apple Inc.)

O16 - DPF: {1C11B948-582A-433F-A98D-A8C4D5CC64F2} http://kitchenplanner.ikea.com/SE/Core/Player/2020PlayerAX_Win32.cab (20-20 3D Viewer)

O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} http://download.bitdefender.com/resources/scanner/sources/en/scan8/oscan8.cab (BDSCANONLINE Control)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab'>http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab'>http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)

O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Value error.)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8C54087E-129B-4453-B6F4-44256F2C4669}: DhcpNameServer = 192.168.1.1

O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)

O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)

O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)

O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)

O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)

O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)

O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)

O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)

O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)

O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)

O24 - Desktop WallPaper: K:\Digitalfoton\2011\07 Juli\P1040645.JPG

O24 - Desktop BackupWallPaper: K:\Digitalfoton\2011\07 Juli\P1040645.JPG

O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No CLSID value found.

O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2008-08-15 19:24:05 | 000,000,074 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]

O34 - HKLM BootExecute: (autocheck autochk *)

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = ComFile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

 

========== Files/Folders - Created Within 30 Days ==========

 

[2011-10-02 19:39:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT

[2011-10-02 19:39:29 | 000,000,000 | ---D | C] -- C:\Program Files\ERUNT

 

========== Files - Modified Within 30 Days ==========

 

[2011-10-03 12:15:35 | 000,000,978 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

[2011-10-03 12:06:00 | 000,000,982 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[2011-10-03 12:00:10 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2011-10-03 03:01:05 | 000,003,744 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0

[2011-10-03 03:01:05 | 000,003,744 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0

[2011-10-02 19:39:51 | 000,000,919 | ---- | M] () -- C:\Users\Birgitta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk

[2011-10-02 19:39:35 | 000,000,739 | ---- | M] () -- C:\Users\Birgitta\Desktop\NTREGOPT.lnk

[2011-10-02 19:39:35 | 000,000,720 | ---- | M] () -- C:\Users\Birgitta\Desktop\ERUNT.lnk

[2011-10-02 13:45:45 | 000,020,958 | ---- | M] () -- C:\Users\Birgitta\Documents\Lord.ods

[2011-10-02 11:45:44 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl

[2011-10-02 11:12:59 | 2011,627,520 | -HS- | M] () -- C:\hiberfil.sys

[2011-09-24 03:00:22 | 000,000,672 | ---- | M] () -- C:\Windows\tasks\Norton Internet Security - Kör fullständig systemsökning - Admin.job

[2011-09-21 19:40:49 | 000,143,806 | ---- | M] () -- C:\Users\Birgitta\Desktop\Räkningar sept.xps

[2011-09-21 19:18:42 | 000,000,334 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForBirgitta.job

[2011-09-11 19:18:09 | 000,018,435 | ---- | M] () -- C:\Users\Birgitta\Desktop\Tjejernas Skulder.ods

 

========== Files Created - No Company Name ==========

 

[2011-10-02 19:39:51 | 000,000,919 | ---- | C] () -- C:\Users\Birgitta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk

[2011-10-02 19:39:35 | 000,000,739 | ---- | C] () -- C:\Users\Birgitta\Desktop\NTREGOPT.lnk

[2011-10-02 19:39:34 | 000,000,720 | ---- | C] () -- C:\Users\Birgitta\Desktop\ERUNT.lnk

[2011-09-21 19:40:44 | 000,143,806 | ---- | C] () -- C:\Users\Birgitta\Desktop\Räkningar sept.xps

[2010-12-29 21:19:22 | 000,011,164 | ---- | C] () -- C:\Windows\System32\drivers\nvphy.bin

[2010-08-30 11:27:16 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe

[2010-08-30 11:27:16 | 000,077,312 | ---- | C] () -- C:\Windows\MBR.exe

[2010-06-30 00:12:16 | 000,013,312 | ---- | C] () -- C:\Windows\LPRES.DLL

[2010-03-22 17:55:41 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat

[2010-01-29 23:03:21 | 000,000,801 | ---- | C] () -- C:\Windows\ScanSpyware.INI

[2009-12-26 01:03:13 | 000,000,178 | ---- | C] () -- C:\Windows\BACKPACK.INI

[2009-12-26 01:03:04 | 000,030,464 | ---- | C] () -- C:\Windows\macromix.dll

[2009-09-03 19:22:25 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin

[2009-09-03 19:22:24 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll

[2009-08-03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll

[2009-08-03 15:07:42 | 000,230,768 | ---- | C] () -- C:\Windows\System32\OGAEXEC.exe

[2009-08-01 19:44:27 | 000,007,728 | ---- | C] () -- C:\Users\Birgitta\AppData\Local\d3d9caps.dat

[2009-03-20 11:09:33 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin

[2009-03-18 15:43:40 | 000,145,920 | ---- | C] () -- C:\Windows\System32\OBroker.exe

[2009-02-24 14:26:10 | 000,399,360 | ---- | C] () -- C:\Windows\System32\Smab.dll

[2009-02-24 14:26:09 | 000,066,560 | ---- | C] () -- C:\Windows\MOTA113.exe

[2009-02-24 14:26:09 | 000,027,648 | ---- | C] () -- C:\Windows\System32\AVSredirect.dll

[2009-02-24 14:26:08 | 000,502,784 | ---- | C] () -- C:\Windows\x2.64.exe

[2009-02-24 14:26:08 | 000,240,128 | ---- | C] () -- C:\Windows\System32\x.264.exe

[2009-02-24 14:26:08 | 000,217,073 | ---- | C] () -- C:\Windows\meta4.exe

[2009-02-24 14:25:31 | 000,027,648 | -HS- | C] () -- C:\Windows\System32\Smab0.dll

[2009-02-19 21:41:49 | 000,000,016 | ---- | C] () -- C:\Windows\popcinfo.dat

[2009-02-17 16:01:10 | 000,041,984 | ---- | C] () -- C:\Users\Birgitta\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2009-02-15 18:45:51 | 000,000,000 | ---- | C] () -- C:\Users\Birgitta\AppData\Roaming\wklnhst.dat

[2009-02-12 20:48:28 | 000,168,448 | ---- | C] () -- C:\Windows\System32\unrar.dll

[2009-02-12 20:48:26 | 000,795,648 | ---- | C] () -- C:\Windows\System32\xvidcore.dll

[2009-02-12 20:48:26 | 000,130,048 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll

[2009-02-12 20:48:25 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll

[2009-02-12 20:48:23 | 000,067,584 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll

[2009-02-12 19:55:08 | 000,000,097 | ---- | C] () -- C:\Windows\System32\PICSDK.ini

[2009-02-12 19:55:07 | 000,111,932 | ---- | C] () -- C:\Windows\System32\EPPICPrinterDB.dat

[2009-02-12 19:55:07 | 000,031,053 | ---- | C] () -- C:\Windows\System32\EPPICPattern131.dat

[2009-02-12 19:55:07 | 000,027,417 | ---- | C] () -- C:\Windows\System32\EPPICPattern121.dat

[2009-02-12 19:55:07 | 000,026,154 | ---- | C] () -- C:\Windows\System32\EPPICPattern1.dat

[2009-02-12 19:55:07 | 000,024,903 | ---- | C] () -- C:\Windows\System32\EPPICPattern3.dat

[2009-02-12 19:55:07 | 000,021,390 | ---- | C] () -- C:\Windows\System32\EPPICPattern5.dat

[2009-02-12 19:55:07 | 000,020,148 | ---- | C] () -- C:\Windows\System32\EPPICPattern2.dat

[2009-02-12 19:55:07 | 000,011,811 | ---- | C] () -- C:\Windows\System32\EPPICPattern4.dat

[2009-02-12 19:55:07 | 000,004,943 | ---- | C] () -- C:\Windows\System32\EPPICPattern6.dat

[2009-02-12 19:55:07 | 000,001,146 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_DU.dat

[2009-02-12 19:55:07 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_PT.dat

[2009-02-12 19:55:07 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_BP.dat

[2009-02-12 19:55:07 | 000,001,136 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_ES.dat

[2009-02-12 19:55:07 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_FR.dat

[2009-02-12 19:55:07 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_CF.dat

[2009-02-12 19:55:07 | 000,001,120 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_IT.dat

[2009-02-12 19:55:07 | 000,001,107 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_GE.dat

[2009-02-12 19:55:07 | 000,001,104 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_EN.dat

[2009-02-12 19:50:56 | 000,000,026 | ---- | C] () -- C:\Windows\CDESX100EXPORT.ini

[2009-01-05 15:44:10 | 000,053,248 | ---- | C] () -- C:\Windows\bdoscandel.exe

[2009-01-05 15:44:10 | 000,000,453 | ---- | C] () -- C:\Windows\bdoscandellang.ini

[2008-08-16 04:32:42 | 000,605,924 | ---- | C] () -- C:\Windows\System32\perfh01D.dat

[2008-08-16 04:32:42 | 000,290,490 | ---- | C] () -- C:\Windows\System32\perfi01D.dat

[2008-08-16 04:32:42 | 000,120,600 | ---- | C] () -- C:\Windows\System32\perfc01D.dat

[2008-08-16 04:32:42 | 000,035,978 | ---- | C] () -- C:\Windows\System32\perfd01D.dat

[2008-08-15 19:35:56 | 000,000,428 | ---- | C] () -- C:\Windows\System32\ezdigsgn.dat

[2008-08-15 19:25:06 | 000,108,888 | ---- | C] () -- C:\Windows\hpqins13.dat

[2008-08-15 19:05:02 | 000,327,680 | ---- | C] () -- C:\Windows\System32\pythoncom25.dll

[2008-08-15 19:05:02 | 000,102,400 | ---- | C] () -- C:\Windows\System32\pywintypes25.dll

[2006-11-02 14:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat

[2006-11-02 14:47:37 | 000,436,624 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT

[2006-11-02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll

[2006-11-02 12:33:01 | 000,595,306 | ---- | C] () -- C:\Windows\System32\perfh009.dat

[2006-11-02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat

[2006-11-02 12:33:01 | 000,104,442 | ---- | C] () -- C:\Windows\System32\perfc009.dat

[2006-11-02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat

[2006-11-02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat

[2006-11-02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin

[2006-11-02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT

[2006-11-02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini

[2006-11-02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat

 

========== LOP Check ==========

 

[2009-12-19 20:57:31 | 000,000,000 | ---D | M] -- C:\Users\Birgitta\AppData\Roaming\AnvSoft

[2010-11-28 21:35:54 | 000,000,000 | ---D | M] -- C:\Users\Birgitta\AppData\Roaming\Canneverbe Limited

[2009-03-03 12:43:57 | 000,000,000 | ---D | M] -- C:\Users\Birgitta\AppData\Roaming\EPSON

[2011-03-28 21:33:42 | 000,000,000 | ---D | M] -- C:\Users\Birgitta\AppData\Roaming\f-secure

[2010-06-06 11:42:58 | 000,000,000 | ---D | M] -- C:\Users\Birgitta\AppData\Roaming\Facebook

[2011-07-03 21:16:42 | 000,000,000 | ---D | M] -- C:\Users\Birgitta\AppData\Roaming\IObit

[2011-07-31 17:42:15 | 000,000,000 | ---D | M] -- C:\Users\Birgitta\AppData\Roaming\LimeWire

[2010-05-09 20:30:59 | 000,000,000 | ---D | M] -- C:\Users\Birgitta\AppData\Roaming\Nokia

[2009-02-12 20:58:25 | 000,000,000 | ---D | M] -- C:\Users\Birgitta\AppData\Roaming\OpenOffice.org

[2010-01-17 21:20:10 | 000,000,000 | ---D | M] -- C:\Users\Birgitta\AppData\Roaming\Panasonic

[2010-05-09 20:55:58 | 000,000,000 | ---D | M] -- C:\Users\Birgitta\AppData\Roaming\PC Suite

[2009-02-20 11:53:02 | 000,000,000 | ---D | M] -- C:\Users\Birgitta\AppData\Roaming\Personal

[2010-08-22 20:37:07 | 000,000,000 | ---D | M] -- C:\Users\Birgitta\AppData\Roaming\ScanSpyware

[2010-12-13 20:12:51 | 000,000,000 | ---D | M] -- C:\Users\Birgitta\AppData\Roaming\Sony

[2011-08-07 14:23:58 | 000,000,000 | ---D | M] -- C:\Users\Birgitta\AppData\Roaming\Spotify

[2009-02-15 18:45:52 | 000,000,000 | ---D | M] -- C:\Users\Birgitta\AppData\Roaming\Template

[2010-08-31 13:12:32 | 000,000,000 | ---D | M] -- C:\Users\Birgitta\AppData\Roaming\Tific

[2011-07-02 13:49:58 | 000,000,000 | ---D | M] -- C:\Users\Birgitta\AppData\Roaming\TweakNow PowerPack 2011

[2010-09-02 13:53:25 | 000,000,000 | ---D | M] -- C:\Users\Birgitta\AppData\Roaming\TweakNow RegCleaner

[2011-07-02 13:50:27 | 000,000,000 | ---D | M] -- C:\Users\Birgitta\AppData\Roaming\TweakNow RegCleaner 2011

[2010-08-31 18:39:25 | 000,000,000 | ---D | M] -- C:\Users\Birgitta\AppData\Roaming\Uniblue

[2009-02-13 10:03:44 | 000,000,000 | ---D | M] -- C:\Users\Birgitta\AppData\Roaming\WildTangent

[2009-02-28 11:48:47 | 000,000,000 | ---D | M] -- C:\Users\Birgitta\AppData\Roaming\WinBatch

[2011-09-24 07:58:28 | 000,032,574 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

 

========== Purity Check ==========

 

 

 

========== Alternate Data Streams ==========

 

@Alternate Data Stream - 95 bytes -> C:\ProgramData\Temp:5C321E34

@Alternate Data Stream - 941 bytes -> C:\Users\Birgitta\Documents\Aktuellt värde, Värdebevakaren.eml:OECustomProperty

@Alternate Data Stream - 368 bytes -> C:\Users\Birgitta\AppData\Local\desktop.ini:722b2b1c349a06abf0e866180e5a7e63

 

< End of report >

Extras.Txt

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

Och här kommer loggen från malwarebytes:

 

 

Malwarebytes' Anti-Malware 1.51.2.1300

www.malwarebytes.org

 

Databasversion: 7856

 

Windows 6.0.6002 Service Pack 2

Internet Explorer 9.0.8112.16421

 

2011-10-03 19:32:44

mbam-log-2011-10-03 (19-32-44).txt

 

Skanningstyp: Snabbskanning

Antal skannade objekt: 253479

Förfluten tid: 9 minut(er), 6 sekund(er)

 

Infekterade minnesprocesser: 0

Infekterade minnesmoduler: 0

Infekterade registernycklar: 0

Infekterade registervärden: 0

Infekterade registerdataposter: 0

Infekterade mappar: 0

Infekterade filer: 0

 

Infekterade minnesprocesser:

(Inga skadliga poster hittades)

 

Infekterade minnesmoduler:

(Inga skadliga poster hittades)

 

Infekterade registernycklar:

(Inga skadliga poster hittades)

 

Infekterade registervärden:

(Inga skadliga poster hittades)

 

Infekterade registerdataposter:

(Inga skadliga poster hittades)

 

Infekterade mappar:

(Inga skadliga poster hittades)

 

Infekterade filer:

(Inga skadliga poster hittades)

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser
Postad (redigerade)

Hej,

avinstallera detta program:

Kontrollpanelen\Program

C:\Program\Freecorder\tbFre1.dll (Conduit Ltd.)

 

Prova sedan att återställa ändringar från detta program eller Windows till en tidpunkt före dess installation

C:\Program\IObit\Advanced SystemCare 4\ASCv

 

Ta bort/inaktivera, följande PLug-ins:

C:\Program Files\McAfee\SiteAdvisor\npmcffplg32.dll

C:\Program Files\Panda Security\ActiveScan 2.0\npwrapper.dll

 

Ladda upp följande: C:\Windows\MOTA113.exe, på Virus Total, hittas här:

http://www.virustotal.com/index.html

Tryck på Bläddraknappen och hitta filen, tryck sedan Send File.

Posta svarslänken här i din tråd, "färdiganalyserad".

 

Mvh

Mats H

Redigerad av Mats H

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

Registerstädningsprogram och liknande som dessa:

Advanced SystemCare 4

CCleaner

TweakNow PowerPack 2011 SP2

TweakNow RegCleaner 2011

orsakar ofta problem, t ex att Windows-uppdateringen slutar att fungera därför att de har tagit bort något som borde vara kvar. Men avinstallera inte programmen utan se om du kan återställa alla ändringar de har gjort sedan Windows-uppdateringen fungerade senast.

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

Nu har jag följt stegen som Mats har beskrivit ovan. Tyvärr kan jag inte komma åt återställningspunkter längre bort än i augusti. De angivna programmen som kan ställa till det har funnits längre tid på datorn. Därför har jag inte gjort någon återställning. Ska jag ändå göra det så långt jag kan?

 

Här kommer svarslänken till virustotal:

http://www.virustotal.com/file-scan/report.html?id=350f4d9c3a9d016394a35152eb13ddfb9df625171eec838f71937da2c8d498c6-1317925437

 

Mvh

Birgitta

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser
Postad (redigerade)

Ett felmeddelande kom upp vid omstart av datorn efter de åtgärder jag gjorde ovan. Bifogar fil.

Ett annat felmeddelande som har kommit upp under en tid gäller Add-In, bifogar fil för detta också.

ERU.docx

Add-In.docx

Redigerad av attigrib

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

1.

Förstår jag dig rätt att det inte finns någon backup eller ångra-funktion inne i de 4 programmen?

Att göra en systemåterställning så långt tillbaka i tiden kan leda till andra konstigheter.

När slutade uppdateringarna att fungera?

 

2.

Första felmeddelandet handlar om att ERDNT inte fungerar ordentligt och det andra är:

"Microsoft Office Live Add-in Sign-in har slutat att fungera".

 

3.

Spara Gmer på Skrivbordet från:

http://www2.gmer.net/download.php

Den har ett slumpmässigt namn så notera vad programmet sparas som.

 

Dra ur internetanslutningen.

Stäng alla program, även antivirusprogram och brandvägg.

Starta det nedladdade programmet.

En första snabbskanning startar.

Om det kommer upp en WARNING som nämner ROOTKIT och frågar om "fully scan" så välj Nej/No. Spara loggen och klistra in i ditt svar. Gör inte mer.

 

Om frågan inte kommer så välj fliken Rootkit/Malware, kontrollera att allt är förbockat till höger utom IAT/EAT, Files, Show All och andra partitioner än C:\. Tryck på Scan. Låt datorn stå ifred medan Gmer håller på och det kan ta några timmar.

Tryck på Save och spara resultatet på Skrivbordet.

Sätt igång antivirusprogram och brandvägg innan du ansluter till internet.

Klistra in resultatet i ditt svar.

 

4.

Skanna datorn online på http://www.eset.com/onlinescan/

För att inte skannern ska ta för lång tid på sig stäng av ditt antivirusprogram under tiden.

 

Avbocka alternativet Remove found threats

Bocka för Scan Archives

 

Klicka på Advanced Settings

Bocka för:

Scan for potentially unwanted applications

Scan for potentially unsafe applications

Enable Anti-Stealth Technology

 

Klicka på Scan

 

När skanningen är klar skapas loggfilen C:\Program\Eset\Eset Online Scanner\log.txt. Öppna den i Anteckningar och klistra sedan in innehållet i ditt svar.

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

Svar på din fråga 1 Cecilia:

Jag trodde att återställning menades systemåterställning. Jag har nu tittat i de olika programmen du angav i inlägg #9. Det enda program jag kunde återställa i var Advanced System Care. Det har jag gjort nu. Återställningen som fanns var till den 3 juli och det kan nog vara där någonstans som uppdateringarna började krångla.

Din fråga 2:

Hur kommer jag tillrätta med dessa felmeddelanden. De beror väl på någonting?

 

Jag ska följa de andra stegen du skrev och återkommer med svar.

 

Tack så länge :)

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

Meddelandet med ERDNT hänger ihop med ERUNT som du installerade i samband med att du försökte med DDS, och det fixar vi när uppdateringarna väl är igång och du inte behöver ERUNT längre.

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

Här kommer loggen från Gmer (jag fick upp WARNING om ROOTKIT)

 

 

GMER 1.0.15.15641 - http://www.gmer.net

Rootkit quick scan 2011-10-07 12:57:58

Windows 6.0.6002 Service Pack 2 Harddisk0\DR0 -> \Device\0000005d Hitachi_ rev.GM3O

Running: m9bml94n (1).exe; Driver: C:\Users\Birgitta\AppData\Local\Temp\fwddikod.sys

 

 

---- Devices - GMER 1.0.15 ----

 

AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys (Filterhanteraren för Microsofts filsystem/Microsoft Corporation)

AttachedDevice \Driver\tdx \Device\Ip SYMTDIV.SYS (Network Dispatch Driver/Symantec Corporation)

AttachedDevice \Driver\tdx \Device\Tcp SYMTDIV.SYS (Network Dispatch Driver/Symantec Corporation)

AttachedDevice \Driver\tdx \Device\Udp SYMTDIV.SYS (Network Dispatch Driver/Symantec Corporation)

AttachedDevice \Driver\tdx \Device\RawIp SYMTDIV.SYS (Network Dispatch Driver/Symantec Corporation)

 

---- Services - GMER 1.0.15 ----

 

Service C:\Program (*** hidden *** ) [AUTO] gupdate1c9ec1239f805e0 <-- ROOTKIT !!!

Service C:\Program (*** hidden *** ) [MANUAL] gupdatem <-- ROOTKIT !!!

Service C:\Program (*** hidden *** ) [AUTO] sprtsvc_teliada <-- ROOTKIT !!!

Service C:\Program (*** hidden *** ) [AUTO] tgsrvc_teliada <-- ROOTKIT !!!

 

---- EOF - GMER 1.0.15 ----

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

Det där ser ut som falsklarm, men det döljer sig kanske något annat i datorn eftersom de pekas ut. Spara ComboFix på Skrivbordet: http://download.bleepingcomputer.com/sUBs/ComboFix.exe

 

Stäng av alla program du ser inklusive antivirusprogram och antispionprogram, men lämna brandväggen på.

Hur? Se http://www.bleepingcomputer.com/forums/topic114351.html

Kör ComboFix och följ anvisningarna som visas.

Om det kommer upp en fråga om du vill installera återställningskonsolen så svara Ja.

Mer detaljerad vägledning finns på http://www.bleepingcomputer.com/combofix/se/hur-combofix-ska-anvandas

 

VIKTIGT! Klicka inte på ComboFix-fönstret med musen när det körs eftersom så det kan hänga upp sig då.

 

När ComboFix är färdig ska en logg komma upp, klistra in den i ditt svar. Kontrollera att antivirusprogram mm är igång innan du ansluter till internet.

 

Om du får problem med att komma ut på internet:

Kontrollpanelen - Nätverksanslutningar

högerklicka på din internetanslutning och välj Reparera och/eller starta om datorn.

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

Combo Fix logg här:

 

 

ComboFix 11-10-10.01 - Birgitta 2011-10-10 13:20:15.5.2 - x86

Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.46.1053.18.1918.824 [GMT 2:00]

Körs från: c:\users\Birgitta\Downloads\ComboFix.exe

AV: Norton Internet Security *Disabled/Updated* {88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855}

FW: Norton Internet Security *Enabled* {B0F2DB13-C654-2E74-30D4-99C9310F0F2E}

SP: Norton Internet Security *Disabled/Updated* {33A8BBD2-AA01-20A2-213B-0B8EB45B02E8}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

(((((((((((((((((((((((( Filer skapade från 2011-09-10 till 2011-10-10 ))))))))))))))))))))))))))))))

.

.

2011-10-10 11:41 . 2011-10-10 11:41 -------- d-----w- c:\users\Sanna\AppData\Local\temp

2011-10-10 11:41 . 2011-10-10 11:41 -------- d-----w- c:\users\Public\AppData\Local\temp

2011-10-10 11:41 . 2011-10-10 11:41 -------- d-----w- c:\users\Elin\AppData\Local\temp

2011-10-10 11:41 . 2011-10-10 11:42 -------- d-----w- c:\users\Birgitta\AppData\Local\temp

2011-10-10 11:41 . 2011-10-10 11:41 -------- d-----w- c:\users\Default\AppData\Local\temp

2011-10-10 11:41 . 2011-10-10 11:41 -------- d-----w- c:\users\Christer\AppData\Local\temp

2011-10-10 11:41 . 2011-10-10 11:41 -------- d-----w- c:\users\Admin\AppData\Local\temp

2011-10-09 17:52 . 2011-10-09 17:52 -------- d-----w- c:\users\Birgitta\AppData\Roaming\Complitly

2011-10-09 17:52 . 2011-10-09 17:52 -------- d-----w- c:\program files\Complitly

2011-10-09 17:51 . 2011-10-09 17:51 -------- d-----w- c:\program files\ConduitEngine

2011-10-09 17:51 . 2011-10-09 17:51 -------- d-----w- c:\users\Birgitta\AppData\Local\Conduit

2011-10-07 10:38 . 2011-10-07 10:38 -------- d-----w- c:\users\Birgitta\AppData\Roaming\TweakNow RegCleaner 2011

2011-10-07 10:37 . 2011-10-07 10:37 -------- d-----w- c:\users\Birgitta\AppData\Roaming\TweakNow PowerPack 2011

2011-10-02 17:39 . 2011-10-02 17:39 -------- d-----w- c:\program files\ERUNT

2011-09-11 11:19 . 2011-09-11 11:19 -------- d-----w- c:\users\Elin\AppData\Local\Windows Live

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))

.

2011-10-02 09:45 . 2011-05-18 19:29 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2011-08-31 15:00 . 2010-09-02 12:07 22216 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-07-22 02:54 . 2011-08-10 01:06 1797632 ----a-w- c:\windows\system32\jscript9.dll

2011-07-22 02:48 . 2011-08-10 01:06 1126912 ----a-w- c:\windows\system32\wininet.dll

2011-07-22 02:44 . 2011-08-10 01:06 2382848 ----a-w- c:\windows\system32\mshtml.tlb

2006-05-03 10:06 163328 --sh--r- c:\windows\System32\flvDX.dll

2007-02-21 11:47 31232 --sh--r- c:\windows\System32\msfDX.dll

2007-12-17 13:43 27648 --sh--w- c:\windows\System32\Smab0.dll

.

.

(((((((((((((((((((((((((((((((((( Startpunkter i registret )))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Not* tomma poster & legitima standardposter visas inte.

REGEDIT4

.

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]

"{1392b8d2-5c05-419f-a8f6-b9f15a596612}"= "c:\program files\Freecorder\prxtbFree.dll" [2011-01-17 175912]

.

[HKEY_CLASSES_ROOT\clsid\{1392b8d2-5c05-419f-a8f6-b9f15a596612}]

.

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{1392b8d2-5c05-419f-a8f6-b9f15a596612}]

2011-01-17 14:54 175912 ----a-w- c:\program files\Freecorder\prxtbFree.dll

.

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]

2011-01-17 14:54 175912 ----a-w- c:\program files\ConduitEngine\prxConduitEngine.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

"{1392b8d2-5c05-419f-a8f6-b9f15a596612}"= "c:\program files\Freecorder\prxtbFree.dll" [2011-01-17 175912]

"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files\ConduitEngine\prxConduitEngine.dll" [2011-01-17 175912]

.

[HKEY_CLASSES_ROOT\clsid\{1392b8d2-5c05-419f-a8f6-b9f15a596612}]

.

[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]

.

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]

"{1392B8D2-5C05-419F-A8F6-B9F15A596612}"= "c:\program files\Freecorder\prxtbFree.dll" [2011-01-17 175912]

.

[HKEY_CLASSES_ROOT\clsid\{1392b8d2-5c05-419f-a8f6-b9f15a596612}]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"hpsysdrv"="c:\hp\support\hpsysdrv.exe" [2007-04-18 65536]

"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-05-22 13539872]

"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-05-22 92704]

"HP Health Check Scheduler"="c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2008-06-02 75008]

"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]

"V0220Mon.exe"="c:\windows\V0220Mon.exe" [2006-06-28 32768]

"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2011-01-12 49208]

"SunJavaUpdateReg"="c:\windows\system32\jureg.exe" [2007-04-07 54936]

"DVDAgent"="c:\program files\Hewlett-Packard\Media\DVD\DVDAgent.exe" [2009-09-09 1148200]

"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-06-07 421160]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]

"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-07-05 421888]

"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-08-31 449608]

"Freecorder FLV Service"="k:\musik\Elins musik\Limewire\FLVSrvc.exe" [2011-03-24 167936]

.

c:\users\Birgitta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

ERUNT AutoBackup.lnk - c:\program files\ERUNT\AUTOBACK.EXE [2005-10-20 38912]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]

"DisallowCpl"= 1 (0x1)

.

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^BankID säkerhetsprogram.lnk]

path=

backup=c:\windows\pss\BankID säkerhetsprogram.lnk.CommonStartup

backupExtension=.CommonStartup

.

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Telia AutoStore.lnk]

path=

backup=c:\windows\pss\Telia AutoStore.lnk.CommonStartup

backupExtension=.CommonStartup

.

[HKLM\~\startupfolder\C:^Users^Admin^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.0.lnk]

path=

backup=c:\windows\pss\OpenOffice.org 3.0.lnk.Startup

backupExtension=.Startup

.

[HKLM\~\startupfolder\C:^Users^Birgitta^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.0.lnk]

path=

backup=c:\windows\pss\OpenOffice.org 3.0.lnk.Startup

backupExtension=.Startup

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]

2011-06-06 10:55 937920 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\e-kort]

2008-12-11 12:14 377856 ----a-w- c:\progra~1\ekort\ekort.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPADVISOR]

2010-06-29 22:14 1689144 ----a-w- c:\program files\Hewlett-Packard\HP Advisor\HPAdvisor.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]

2011-06-07 15:51 421160 ----a-w- c:\program files\iTunes\iTunesHelper.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]

2010-11-10 01:54 4240760 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]

2007-04-09 12:23 200704 ----a-w- c:\program files\PowerISO\PWRISOVM.EXE

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

2011-07-05 16:36 421888 ----a-w- c:\program files\QuickTime\QTTask.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]

2009-03-05 14:07 2260480 --sha-r- c:\program files\Spybot - Search & Destroy\TeaTimer.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]

2011-07-02 11:27 2424192 ----a-w- c:\program files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]

2009-10-29 21:54 39408 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\V0220Cfg.exe]

2006-04-13 17:00 20480 ----a-w- c:\windows\V0220Cfg.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\V0220Mon.exe]

2006-06-28 17:01 32768 ----a-w- c:\windows\V0220Mon.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]

"DisableMonitoring"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]

"DisableMonitoring"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]

"DisableMonitoring"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-1878330491-2714151332-3157387515-1001]

"EnableNotifications"=dword:00000001

"EnableNotificationsRef"=dword:00000001

.

R2 gupdate1c9ec1239f805e0;Tjänsten Google Update (gupdate1c9ec1239f805e0);c:\program files\Google\Update\GoogleUpdate.exe [2009-06-13 133104]

R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\progra~1\mcafee\SITEAD~1\mcsacore.exe [2011-08-10 94880]

R2 uagqecsvc;Microsoft Forefront UAG Quarantine Enforcement Client;c:\users\Birgitta\Forefront UAG Remote Access Agent\portalthomascookse\tcneportal1\uagqecsvc.exe [2010-11-03 149904]

R3 a2acc;a2acc;c:\program files\EMSISOFT ANTI-MALWARE\a2accx86.sys [2011-03-28 73728]

R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys [2010-12-13 13224]

R3 gupdatem;Tjänsten Google Update (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2009-06-13 133104]

R3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files\Lavasoft\Ad-Aware\KernExplorer.sys [x]

R3 PCD5SRVC{BD6912E3-AC9D80E8-05040000};PCD5SRVC{BD6912E3-AC9D80E8-05040000} - PCDR Kernel Mode Service Helper Driver;c:\progra~1\PC-DOC~1\PCD5SRVC.pkms [2008-05-22 20640]

R3 Ph3xIB32;Philips 713x Inbox PCI TV Card;c:\windows\system32\DRIVERS\Ph3xIB32.sys [2007-04-03 1131136]

R4 sptd;sptd;c:\windows\system32\Drivers\sptd.sys [2009-06-15 682232]

R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 51040]

S0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [2009-06-30 28552]

S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NIS\1108000.005\SYMDS.SYS [2010-02-04 328752]

S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NIS\1108000.005\SYMEFA.SYS [2010-04-22 173104]

S1 BHDrvx86;BHDrvx86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.6.0.32\Definitions\BASHDefs\20110929.001\BHDrvx86.sys [2011-09-29 816760]

S1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\NIS\1108000.005\ccHPx86.sys [2010-02-26 501888]

S1 IDSVix86;IDSVix86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.6.0.32\Definitions\IPSDefs\20111007.030\IDSvix86.sys [2011-08-22 368248]

S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2010-02-17 12872]

S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2010-05-10 67656]

S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NIS\1108000.005\Ironx86.SYS [2010-04-29 116784]

S1 SYMTDIv;Symantec Vista Network Dispatch Driver;c:\windows\System32\Drivers\NIS\1108000.005\SYMTDIV.SYS [2010-05-06 339504]

S2 a2AntiMalware;Emsisoft Anti-Malware 5.0 - Service;c:\program files\Emsisoft Anti-Malware\a2service.exe [2010-10-28 2806000]

S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]

S2 AdvancedSystemCareService;Advanced SystemCare Service;c:\program files\IObit\Advanced SystemCare 4\ASCService.exe [2011-05-28 353168]

S2 ezSharedSvc;Easybits Shared Services for Windows;c:\windows\system32\svchost.exe [2008-01-21 21504]

S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2011-08-31 366152]

S2 NIS;Norton Internet Security;c:\program files\Norton Internet Security\Engine\17.8.0.5\ccSvcHst.exe [2010-02-26 126392]

S2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]

S2 Secunia PSI Agent;Secunia PSI Agent;c:\program files\Secunia\PSI\PSIA.exe [2011-01-05 988216]

S2 Secunia Update Agent;Secunia Update Agent;c:\program files\Secunia\PSI\sua.exe [2011-01-05 399416]

S2 sprtsvc_teliada;SupportSoft Sprocket Service (teliada);c:\program files\Telia\Supportassistenten\bin\sprtsvc.exe [2010-05-10 206120]

S2 tgsrvc_teliada;SupportSoft Repair Service (teliada);c:\program files\Telia\Supportassistenten\bin\tgsrvc.exe [2010-05-10 185640]

S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2011-07-29 105592]

S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-08-31 22216]

S3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf.sys [2010-09-01 15544]

S3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\DRIVERS\seehcri.sys [2010-12-13 27632]

S3 V0220Dev;Live! Cam Video IM;c:\windows\system32\DRIVERS\V0220Dev.sys [2006-06-29 146112]

S3 V0220Vfx;V0220Vfx;c:\windows\system32\DRIVERS\V0220Vfx.sys [2006-06-08 6272]

.

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache

.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs

ezSharedSvc

.

Innehåll i mappen 'Schemalagda aktiviteter':

.

2011-10-10 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2009-06-13 10:31]

.

2011-10-10 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2009-06-13 10:31]

.

2011-09-21 c:\windows\Tasks\HPCeeScheduleForBirgitta.job

- c:\program files\Hewlett-Packard\SDP\Ceement\HPCEE.exe [2008-08-15 18:03]

.

2011-10-07 c:\windows\Tasks\Norton Internet Security - Kör fullständig systemsökning - Admin.job

- c:\program files\Norton Internet Security\Engine\17.8.0.5\navw32.exe [2010-09-24 19:24]

.

.

------- Extra genomsökning -------

.

uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT1060933

uLocal Page =

mLocal Page =

uInternet Settings,ProxyOverride = *.local

IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200

IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html

TCP: DhcpNameServer = 192.168.1.1

.

- - - - FÖRÄLDRALÖSA POSTER SOM TAGITS BORT - - - -

.

Toolbar-Locked - (no file)

MSConfigStartUp-Adobe Reader Speed Launcher - c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe

.

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2011-10-10 13:42

Windows 6.0.6002 Service Pack 2 NTFS

.

scanning hidden processes ...

.

scanning hidden autostart entries ...

.

scanning hidden files ...

.

scan completed successfully

hidden files: 0

.

**************************************************************************

.

--------------------- LÅSTA REGISTERNYCKLAR ---------------------

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

--------------------- DLL'er som "laddats" under processer som körs ---------------------

.

- - - - - - - > 'Explorer.exe'(5904)

c:\users\Birgitta\AppData\Local\FLVService\lib\FLVSrvLib.dll

.

Sluttid: 2011-10-10 13:51:46

ComboFix-quarantined-files.txt 2011-10-10 11:51

.

Före genomsökningen: 162 724 179 968 byte ledigt

Efter genomsökningen: 163 241 492 480 byte ledigt

.

- - End Of File - - 082228BCBAFD920289F3146B5DF9F0D1

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

Avinstallera de fyra registerstädningsprogrammen samt "Freecorder Toolbar" om du inte redan har gjort det.

 

Stäng av alla program du ser inklusive antivirusprogram och antispionprogram så att de inte krockar med OTL.

Hur? Se http://www.bleepingcomputer.com/forums/topic114351.html

 

Starta programmet OTL (i Vista/Windows7 högerklicka och välj Kör som administratör).

Kopiera alla raderna i rutan:

:OTL
@Alternate Data Stream - 95 bytes -> C:\ProgramData\Temp:5C321E34
@Alternate Data Stream - 368 bytes -> C:\Users\Birgitta\AppData\Local\desktop.ini:722b2b1c349a06abf0e866180e5a7e63
:Commands
[CREATERESTOREPOINT]
[EMPTYTEMP]
[REBOOT]

Klistra in dem i rutan Custom Scans/Fixes. Kontrollera att det ser exakt likadant ut, t ex när det gäller radbrytningar.

Tryck på Run Fix.

Om du blir tillfrågad om att starta om datorn så gör det.

Det kommer upp en logg i Anteckningar. Kopiera den och klistra in i ditt svar.

 

Om den inte kommer automatiskt så hittar du den i mappen c:\_OTL\Moved Files med ett namn som innehåller dagens datum och klockslaget för körningen.

 

Se till att aktivera antivirusprogram mm innan du ansluter datorn till internet.

 

Kör OTL som du gjorde första gången och klistra in loggen OTL.txt.

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

Loggfil från ESET Online scanner:

 

 

ESETSmartInstaller@High as CAB hook log:

OnlineScanner.ocx - registred OK

ESETSmartInstaller@High as downloader log:

all ok

# version=7

# OnlineScannerApp.exe=1.0.0.1

# OnlineScanner.ocx=1.0.0.6419

# api_version=3.0.2

# EOSSerial=0493a91b4bb372498b3a8d70cbcc9437

# end=finished

# remove_checked=true

# archives_checked=false

# unwanted_checked=true

# unsafe_checked=false

# antistealth_checked=true

# utc_time=2011-01-16 05:45:49

# local_time=2011-01-16 06:45:49 (+0100, Västeuropa, normaltid)

# country="Sweden"

# lang=1033

# osver=6.0.6002 NT Service Pack 2

# compatibility_mode=512 16777215 100 0 12222160 12222160 0 0

# compatibility_mode=3588 16777214 85 88 3127516 34705844 0 0

# compatibility_mode=5892 16776574 100 100 11873644 132658542 0 0

# compatibility_mode=8192 67108863 100 0 37192317 37192317 0 0

# scanned=319709

# found=3

# cleaned=3

# scan_time=30933

K:\Musik\Elins musik\Incomplete\T-3877629-Perry Farrell - Go All Way (Into the Twilight).mp3 a variant of WMA/TrojanDownloader.GetCodec.gen trojan (cleaned - quarantined) 00000000000000000000000000000000 C

K:\Musik\Elins musik\Incomplete\T-3877629-Mutemath - Spotlight (Twilight Mix3).mp3 a variant of WMA/TrojanDownloader.GetCodec.gen trojan (cleaned - quarantined) 00000000000000000000000000000000 C

K:\Musik\Elins musik\Incomplete\T-39456-Kingdom Come - Rather Be On My Own.mp3 a variant of WMA/TrojanDownloader.GetCodec.gen trojan (cleaned - quarantined) 00000000000000000000000000000000 C

ESETSmartInstaller@High as downloader log:

all ok

# version=7

# OnlineScannerApp.exe=1.0.0.1

# OnlineScanner.ocx=1.0.0.6528

# api_version=3.0.2

# EOSSerial=0493a91b4bb372498b3a8d70cbcc9437

# end=finished

# remove_checked=true

# archives_checked=true

# unwanted_checked=true

# unsafe_checked=false

# antistealth_checked=true

# utc_time=2011-10-10 07:14:40

# local_time=2011-10-10 09:14:40 (+0100, Västeuropa, sommartid)

# country="Sweden"

# lang=1033

# osver=6.0.6002 NT Service Pack 2

# compatibility_mode=512 16777215 100 0 35358670 35358670 0 0

# compatibility_mode=3588 16777214 85 88 7074605 57842354 0 0

# compatibility_mode=5892 16776574 100 100 35010154 155795052 0 0

# compatibility_mode=8192 67108863 100 0 60328827 60328827 0 0

# scanned=292943

# found=1

# cleaned=1

# scan_time=11756

C:\Users\Birgitta\Downloads\m-mp4-to-mp3-converter6.exe Win32/Toolbar.Zugo application (deleted - quarantined) 00000000000000000000000000000000 C

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

De fyra registerstädningsprogrammen och "freerecorder toolbar" är nu avinstallerade.

Jag körde OTL enligt dina anvisningar i inlägg #18. Det kom upp ett felmeddelande att programmet hade slutat att fungera. Jag startade om datorn och då fanns i alla fall loggen där. Vet inte om det är komplett. Men här kommer den:

 

 

Files\Folders moved on Reboot...

 

Registry entries deleted on Reboot...

 

 

 

Återkommer med OTL.txt strax...

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

1.

Fixen med OTL fungerade inte, du får försöka göra det med ComboFix i stället.

 

Kopiera alla rader i rutan:

Killall::
ADS:: 
C:\ProgramData\Temp
C:\Users\Birgitta\AppData\Local\desktop.ini

och klistra in i Anteckningar. Kontrollera att det ser exakt likadant ut, t ex när det gäller radbrytningar.

Spara filen på Skrivbordet med namnet CFScript.

 

Förbered datorn på samma sätt som tidigare för ComboFix.

Dra CFScript med musen och släpp den ovanpå ComboFix-ikonen på Skrivbordet så startar programmet på ett särskilt sätt.

Klistra in loggen som kommer ut.

 

2.

Spara TDSSKiller på Skrivbordet:

http://support.kaspersky.com/downloads/utils/tdsskiller.zip

 

Högerklicka och välj Extrahera alla. Kom ihåg var du packar upp filen.

Stäng av dina vanliga program, men du kan lämna antivirusprogram och liknande igång.

Kör programmet TDSSKiller.exe som finns i mappen där du packade upp filerna.

 

Klicka på Start Scan.

 

Om några hot hittas så välj Cure och klicka på Continue. Om inte Cure finns så välj Skip. Välj INTE Quarantine eller Delete. Eventuellt behöver datorn startas om.

 

Klistra in innehållet i loggen som du hittar i C:\ med namnet TDSSKiller följt av version och tidpunkt.

 

3.

Ja, kör OTL efter att ha valt"scan all users".

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

Har försökt köra ComboFix 2 ggr. Det enda som händer är att skärmen stängs av och inte får någon signal från datorn längre.

Har kört TDSSKiller och loggen kommer här:

 

 

17:32:19.0063 1588 TDSS rootkit removing tool 2.6.8.0 Oct 12 2011 07:30:54

17:32:20.0296 1588 ============================================================

17:32:20.0296 1588 Current date / time: 2011/10/12 17:32:20.0296

17:32:20.0296 1588 SystemInfo:

17:32:20.0296 1588

17:32:20.0296 1588 OS Version: 6.0.6002 ServicePack: 2.0

17:32:20.0296 1588 Product type: Workstation

17:32:20.0296 1588 ComputerName: LARSSONSDATOR

17:32:20.0296 1588 UserName: Birgitta

17:32:20.0296 1588 Windows directory: C:\Windows

17:32:20.0296 1588 System windows directory: C:\Windows

17:32:20.0296 1588 Processor architecture: Intel x86

17:32:20.0296 1588 Number of processors: 2

17:32:20.0296 1588 Page size: 0x1000

17:32:20.0296 1588 Boot type: Normal boot

17:32:20.0296 1588 ============================================================

17:32:20.0686 1588 Initialize success

17:32:25.0725 1932 ============================================================

17:32:25.0725 1932 Scan started

17:32:25.0725 1932 Mode: Manual;

17:32:25.0725 1932 ============================================================

17:32:27.0175 1932 a2acc (71574a98093d94bdbb3cb74e272d29a5) C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\a2accx86.sys

17:32:27.0191 1932 a2acc - ok

17:32:27.0300 1932 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys

17:32:27.0316 1932 ACPI - ok

17:32:27.0409 1932 adp94xx (04f0fcac69c7c71a3ac4eb97fafc8303) C:\Windows\system32\drivers\adp94xx.sys

17:32:27.0425 1932 adp94xx - ok

17:32:27.0519 1932 adpahci (60505e0041f7751bdbb80f88bf45c2ce) C:\Windows\system32\drivers\adpahci.sys

17:32:27.0534 1932 adpahci - ok

17:32:27.0565 1932 adpu160m (8a42779b02aec986eab64ecfc98f8bd7) C:\Windows\system32\drivers\adpu160m.sys

17:32:27.0597 1932 adpu160m - ok

17:32:27.0690 1932 adpu320 (241c9e37f8ce45ef51c3de27515ca4e5) C:\Windows\system32\drivers\adpu320.sys

17:32:27.0706 1932 adpu320 - ok

17:32:27.0768 1932 AFD (3911b972b55fea0478476b2e777b29fa) C:\Windows\system32\drivers\afd.sys

17:32:27.0784 1932 AFD - ok

17:32:27.0862 1932 agp440 (13f9e33747e6b41a3ff305c37db0d360) C:\Windows\system32\drivers\agp440.sys

17:32:27.0862 1932 agp440 - ok

17:32:27.0893 1932 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys

17:32:27.0909 1932 aic78xx - ok

17:32:27.0940 1932 aliide (9eaef5fc9b8e351afa7e78a6fae91f91) C:\Windows\system32\drivers\aliide.sys

17:32:27.0940 1932 aliide - ok

17:32:28.0002 1932 amdagp (c47344bc706e5f0b9dce369516661578) C:\Windows\system32\drivers\amdagp.sys

17:32:28.0018 1932 amdagp - ok

17:32:28.0033 1932 amdide (9b78a39a4c173fdbc1321e0dd659b34c) C:\Windows\system32\drivers\amdide.sys

17:32:28.0033 1932 amdide - ok

17:32:28.0065 1932 AmdK7 (18f29b49ad23ecee3d2a826c725c8d48) C:\Windows\system32\drivers\amdk7.sys

17:32:28.0065 1932 AmdK7 - ok

17:32:28.0080 1932 AmdK8 (93ae7f7dd54ab986a6f1a1b37be7442d) C:\Windows\system32\DRIVERS\amdk8.sys

17:32:28.0096 1932 AmdK8 - ok

17:32:28.0205 1932 arc (5d2888182fb46632511acee92fdad522) C:\Windows\system32\drivers\arc.sys

17:32:28.0205 1932 arc - ok

17:32:28.0236 1932 arcsas (5e2a321bd7c8b3624e41fdec3e244945) C:\Windows\system32\drivers\arcsas.sys

17:32:28.0252 1932 arcsas - ok

17:32:28.0283 1932 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys

17:32:28.0283 1932 AsyncMac - ok

17:32:28.0377 1932 atapi (1f05b78ab91c9075565a9d8a4b880bc4) C:\Windows\system32\drivers\atapi.sys

17:32:28.0377 1932 atapi - ok

17:32:28.0455 1932 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys

17:32:28.0470 1932 Beep - ok

17:32:28.0657 1932 BHDrvx86 (163340a63f197c91d65ca9ce4b5811f7) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\BASHDefs\20110929.001\BHDrvx86.sys

17:32:28.0673 1932 BHDrvx86 - ok

17:32:28.0782 1932 blbdrive (d4df28447741fd3d953526e33a617397) C:\Windows\system32\drivers\blbdrive.sys

17:32:28.0798 1932 blbdrive - ok

17:32:28.0829 1932 bowser (35f376253f687bde63976ccb3f2108ca) C:\Windows\system32\DRIVERS\bowser.sys

17:32:28.0845 1932 bowser - ok

17:32:28.0876 1932 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys

17:32:28.0876 1932 BrFiltLo - ok

17:32:28.0907 1932 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys

17:32:28.0938 1932 BrFiltUp - ok

17:32:29.0016 1932 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys

17:32:29.0032 1932 Brserid - ok

17:32:29.0063 1932 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys

17:32:29.0063 1932 BrSerWdm - ok

17:32:29.0094 1932 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys

17:32:29.0125 1932 BrUsbMdm - ok

17:32:29.0219 1932 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys

17:32:29.0219 1932 BrUsbSer - ok

17:32:29.0266 1932 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys

17:32:29.0266 1932 BTHMODEM - ok

17:32:29.0406 1932 catchme - ok

17:32:29.0547 1932 ccSet_NIS (2b2f9b4a08190334a9c36446b208bae9) C:\Windows\system32\drivers\NIS\1301010.003\ccSetx86.sys

17:32:29.0547 1932 ccSet_NIS - ok

17:32:29.0593 1932 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys

17:32:29.0593 1932 cdfs - ok

17:32:29.0687 1932 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys

17:32:29.0703 1932 cdrom - ok

17:32:29.0749 1932 circlass (e5d4133f37219dbcfe102bc61072589d) C:\Windows\system32\drivers\circlass.sys

17:32:29.0749 1932 circlass - ok

17:32:29.0843 1932 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys

17:32:29.0874 1932 CLFS - ok

17:32:29.0952 1932 cmdide (0ca25e686a4928484e9fdabd168ab629) C:\Windows\system32\drivers\cmdide.sys

17:32:29.0952 1932 cmdide - ok

17:32:30.0030 1932 Compbatt (6afef0b60fa25de07c0968983ee4f60a) C:\Windows\system32\drivers\compbatt.sys

17:32:30.0030 1932 Compbatt - ok

17:32:30.0093 1932 cpuz132 - ok

17:32:30.0171 1932 crcdisk (741e9dff4f42d2d8477d0fc1dc0df871) C:\Windows\system32\drivers\crcdisk.sys

17:32:30.0171 1932 crcdisk - ok

17:32:30.0249 1932 Crusoe (1f07becdca750766a96cda811ba86410) C:\Windows\system32\drivers\crusoe.sys

17:32:30.0249 1932 Crusoe - ok

17:32:30.0342 1932 DfsC (622c41a07ca7e6dd91770f50d532cb6c) C:\Windows\system32\Drivers\dfsc.sys

17:32:30.0358 1932 DfsC - ok

17:32:30.0436 1932 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys

17:32:30.0436 1932 disk - ok

17:32:30.0483 1932 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys

17:32:30.0514 1932 drmkaud - ok

17:32:30.0576 1932 DXGKrnl (c68ac676b0ef30cfbb1080adce49eb1f) C:\Windows\System32\drivers\dxgkrnl.sys

17:32:30.0592 1932 DXGKrnl - ok

17:32:30.0670 1932 E1G60 (5425f74ac0c1dbd96a1e04f17d63f94c) C:\Windows\system32\DRIVERS\E1G60I32.sys

17:32:30.0670 1932 E1G60 - ok

17:32:30.0732 1932 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\DRIVERS\ECACHE.SYS

17:32:30.0732 1932 Ecache - ok

17:32:30.0810 1932 eeCtrl (8f7dbc4be48f5388a6fe1f285e7948ef) C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys

17:32:30.0826 1932 eeCtrl - ok

17:32:30.0951 1932 elxstor (23b62471681a124889978f6295b3f4c6) C:\Windows\system32\drivers\elxstor.sys

17:32:30.0966 1932 elxstor - ok

17:32:31.0091 1932 EraserUtilRebootDrv (3ee14d400e0fdd0d214275a4a20b7022) C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys

17:32:31.0107 1932 EraserUtilRebootDrv - ok

17:32:31.0185 1932 ErrDev (3db974f3935483555d7148663f726c61) C:\Windows\system32\drivers\errdev.sys

17:32:31.0185 1932 ErrDev - ok

17:32:31.0263 1932 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys

17:32:31.0278 1932 exfat - ok

17:32:31.0372 1932 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys

17:32:31.0387 1932 fastfat - ok

17:32:31.0419 1932 fdc (afe1e8b9782a0dd7fb46bbd88e43f89a) C:\Windows\system32\DRIVERS\fdc.sys

17:32:31.0419 1932 fdc - ok

17:32:31.0512 1932 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys

17:32:31.0512 1932 FileInfo - ok

17:32:31.0543 1932 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys

17:32:31.0543 1932 Filetrace - ok

17:32:31.0575 1932 flpydisk (85b7cf99d532820495d68d747fda9ebd) C:\Windows\system32\DRIVERS\flpydisk.sys

17:32:31.0575 1932 flpydisk - ok

17:32:31.0653 1932 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys

17:32:31.0668 1932 FltMgr - ok

17:32:31.0699 1932 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys

17:32:31.0699 1932 Fs_Rec - ok

17:32:31.0746 1932 gagp30kx (34582a6e6573d54a07ece5fe24a126b5) C:\Windows\system32\drivers\gagp30kx.sys

17:32:31.0746 1932 gagp30kx - ok

17:32:31.0824 1932 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\Drivers\GEARAspiWDM.sys

17:32:31.0840 1932 GEARAspiWDM - ok

17:32:31.0918 1932 ggflt (007aea2e06e7cef7372e40c277163959) C:\Windows\system32\DRIVERS\ggflt.sys

17:32:31.0933 1932 ggflt - ok

17:32:31.0996 1932 ggsemc (c73de35960ca75c5ab4ae636b127c64e) C:\Windows\system32\DRIVERS\ggsemc.sys

17:32:31.0996 1932 ggsemc - ok

17:32:32.0121 1932 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys

17:32:32.0136 1932 HDAudBus - ok

17:32:32.0245 1932 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys

17:32:32.0245 1932 HidBth - ok

17:32:32.0308 1932 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys

17:32:32.0308 1932 HidIr - ok

17:32:32.0401 1932 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys

17:32:32.0401 1932 HidUsb - ok

17:32:32.0495 1932 HpCISSs (16ee7b23a009e00d835cdb79574a91a6) C:\Windows\system32\drivers\hpcisss.sys

17:32:32.0495 1932 HpCISSs - ok

17:32:32.0573 1932 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys

17:32:32.0573 1932 HTTP - ok

17:32:32.0667 1932 i2omp (c6b032d69650985468160fc9937cf5b4) C:\Windows\system32\drivers\i2omp.sys

17:32:32.0682 1932 i2omp - ok

17:32:32.0729 1932 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys

17:32:32.0729 1932 i8042prt - ok

17:32:32.0807 1932 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys

17:32:32.0823 1932 iaStorV - ok

17:32:33.0057 1932 IDSVix86 (9bc8840de4140e8e2a6fc3192e054a8c) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\IPSDefs\20111011.030\IDSvix86.sys

17:32:33.0057 1932 IDSVix86 - ok

17:32:33.0150 1932 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys

17:32:33.0166 1932 iirsp - ok

17:32:33.0384 1932 IntcAzAudAddService (5d26ccb06e1f3b5c26e863df3f4f2611) C:\Windows\system32\drivers\RTKVHDA.sys

17:32:33.0431 1932 IntcAzAudAddService - ok

17:32:33.0525 1932 intelide (83aa759f3189e6370c30de5dc5590718) C:\Windows\system32\drivers\intelide.sys

17:32:33.0525 1932 intelide - ok

17:32:33.0556 1932 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys

17:32:33.0571 1932 intelppm - ok

17:32:33.0603 1932 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys

17:32:33.0603 1932 IpFilterDriver - ok

17:32:33.0634 1932 IpInIp - ok

17:32:33.0665 1932 IPMIDRV (b25aaf203552b7b3491139d582b39ad1) C:\Windows\system32\drivers\ipmidrv.sys

17:32:33.0696 1932 IPMIDRV - ok

17:32:33.0774 1932 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys

17:32:33.0774 1932 IPNAT - ok

17:32:33.0805 1932 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys

17:32:33.0821 1932 IRENUM - ok

17:32:33.0852 1932 isapnp (6c70698a3e5c4376c6ab5c7c17fb0614) C:\Windows\system32\drivers\isapnp.sys

17:32:33.0852 1932 isapnp - ok

17:32:33.0899 1932 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys

17:32:33.0899 1932 iScsiPrt - ok

17:32:33.0915 1932 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys

17:32:33.0915 1932 iteatapi - ok

17:32:34.0008 1932 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys

17:32:34.0008 1932 iteraid - ok

17:32:34.0024 1932 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys

17:32:34.0039 1932 kbdclass - ok

17:32:34.0055 1932 kbdhid (18247836959ba67e3511b62846b9c2e0) C:\Windows\system32\drivers\kbdhid.sys

17:32:34.0055 1932 kbdhid - ok

17:32:34.0164 1932 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys

17:32:34.0180 1932 KSecDD - ok

17:32:34.0227 1932 Lavasoft Kernexplorer - ok

17:32:34.0398 1932 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys

17:32:34.0398 1932 lltdio - ok

17:32:34.0445 1932 LSI_FC (c7e15e82879bf3235b559563d4185365) C:\Windows\system32\drivers\lsi_fc.sys

17:32:34.0445 1932 LSI_FC - ok

17:32:34.0461 1932 LSI_SAS (ee01ebae8c9bf0fa072e0ff68718920a) C:\Windows\system32\drivers\lsi_sas.sys

17:32:34.0476 1932 LSI_SAS - ok

17:32:34.0539 1932 LSI_SCSI (912a04696e9ca30146a62afa1463dd5c) C:\Windows\system32\drivers\lsi_scsi.sys

17:32:34.0539 1932 LSI_SCSI - ok

17:32:34.0585 1932 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys

17:32:34.0601 1932 luafv - ok

17:32:34.0663 1932 MBAMProtector (69a6268d7f81e53d568ab4e7e991caf3) C:\Windows\system32\drivers\mbam.sys

17:32:34.0663 1932 MBAMProtector - ok

17:32:34.0695 1932 megasas (0001ce609d66632fa17b84705f658879) C:\Windows\system32\drivers\megasas.sys

17:32:34.0695 1932 megasas - ok

17:32:34.0757 1932 MegaSR (c252f32cd9a49dbfc25ecf26ebd51a99) C:\Windows\system32\drivers\megasr.sys

17:32:34.0773 1932 MegaSR - ok

17:32:34.0835 1932 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys

17:32:34.0835 1932 Modem - ok

17:32:34.0851 1932 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys

17:32:34.0866 1932 monitor - ok

17:32:34.0897 1932 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys

17:32:34.0897 1932 mouclass - ok

17:32:34.0960 1932 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys

17:32:34.0960 1932 mouhid - ok

17:32:34.0975 1932 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys

17:32:34.0991 1932 MountMgr - ok

17:32:35.0038 1932 mpio (511d011289755dd9f9a7579fb0b064e6) C:\Windows\system32\drivers\mpio.sys

17:32:35.0038 1932 mpio - ok

17:32:35.0069 1932 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys

17:32:35.0085 1932 mpsdrv - ok

17:32:35.0147 1932 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys

17:32:35.0163 1932 Mraid35x - ok

17:32:35.0225 1932 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys

17:32:35.0225 1932 MRxDAV - ok

17:32:35.0272 1932 mrxsmb (1e94971c4b446ab2290deb71d01cf0c2) C:\Windows\system32\DRIVERS\mrxsmb.sys

17:32:35.0287 1932 mrxsmb - ok

17:32:35.0443 1932 mrxsmb10 (4fccb34d793b116423209c0f8b7a3b03) C:\Windows\system32\DRIVERS\mrxsmb10.sys

17:32:35.0443 1932 mrxsmb10 - ok

17:32:35.0490 1932 mrxsmb20 (c3cb1b40ad4a0124d617a1199b0b9d7c) C:\Windows\system32\DRIVERS\mrxsmb20.sys

17:32:35.0506 1932 mrxsmb20 - ok

17:32:35.0584 1932 msahci (28023e86f17001f7cd9b15a5bc9ae07d) C:\Windows\system32\drivers\msahci.sys

17:32:35.0584 1932 msahci - ok

17:32:35.0599 1932 msdsm (4468b0f385a86ecddaf8d3ca662ec0e7) C:\Windows\system32\drivers\msdsm.sys

17:32:35.0599 1932 msdsm - ok

17:32:35.0646 1932 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys

17:32:35.0646 1932 Msfs - ok

17:32:35.0709 1932 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys

17:32:35.0709 1932 msisadrv - ok

17:32:35.0755 1932 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys

17:32:35.0755 1932 MSKSSRV - ok

17:32:35.0771 1932 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys

17:32:35.0787 1932 MSPCLOCK - ok

17:32:35.0865 1932 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys

17:32:35.0865 1932 MSPQM - ok

17:32:35.0927 1932 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys

17:32:35.0943 1932 MsRPC - ok

17:32:36.0021 1932 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys

17:32:36.0021 1932 mssmbios - ok

17:32:36.0036 1932 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys

17:32:36.0036 1932 MSTEE - ok

17:32:36.0067 1932 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys

17:32:36.0067 1932 Mup - ok

17:32:36.0130 1932 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys

17:32:36.0130 1932 NativeWifiP - ok

17:32:36.0301 1932 NAVENG (862f55824ac81295837b0ab63f91071f) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\VirusDefs\20111011.024\NAVENG.SYS

17:32:36.0301 1932 NAVENG - ok

17:32:36.0613 1932 NAVEX15 (529d571b551cb9da44237389b936f1ae) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.1.3\Definitions\VirusDefs\20111011.024\NAVEX15.SYS

17:32:36.0645 1932 NAVEX15 - ok

17:32:36.0769 1932 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys

17:32:36.0785 1932 NDIS - ok

17:32:36.0816 1932 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys

17:32:36.0832 1932 NdisTapi - ok

17:32:36.0894 1932 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys

17:32:36.0910 1932 Ndisuio - ok

17:32:36.0957 1932 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys

17:32:36.0957 1932 NdisWan - ok

17:32:37.0003 1932 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys

17:32:37.0003 1932 NDProxy - ok

17:32:37.0081 1932 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys

17:32:37.0081 1932 NetBIOS - ok

17:32:37.0144 1932 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys

17:32:37.0159 1932 netbt - ok

17:32:37.0237 1932 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys

17:32:37.0253 1932 nfrd960 - ok

17:32:37.0456 1932 nmwcd (48fb907b069524f2dc7ba62a0762850c) C:\Windows\system32\drivers\ccdcmb.sys

17:32:37.0456 1932 nmwcd - ok

17:32:37.0503 1932 nmwcdc (2914ceb789964141ac6e22c6bc980c42) C:\Windows\system32\drivers\ccdcmbo.sys

17:32:37.0503 1932 nmwcdc - ok

17:32:37.0596 1932 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys

17:32:37.0596 1932 Npfs - ok

17:32:37.0643 1932 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys

17:32:37.0659 1932 nsiproxy - ok

17:32:37.0721 1932 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys

17:32:37.0737 1932 Ntfs - ok

17:32:37.0815 1932 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys

17:32:37.0815 1932 ntrigdigi - ok

17:32:37.0830 1932 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys

17:32:37.0846 1932 Null - ok

17:32:37.0893 1932 NVENETFD (1657f3fbd9061526c14ff37e79306f98) C:\Windows\system32\DRIVERS\nvm60x32.sys

17:32:37.0893 1932 NVENETFD - ok

17:32:38.0251 1932 nvlddmkm (fbba09782f2fac5a57619df378ba9372) C:\Windows\system32\DRIVERS\nvlddmkm.sys

17:32:38.0485 1932 nvlddmkm - ok

17:32:38.0595 1932 NVNET (1efec38a852ab35883bfff3427b92b3f) C:\Windows\system32\DRIVERS\nvmfdx32.sys

17:32:38.0610 1932 NVNET - ok

17:32:38.0657 1932 nvraid (2edf9e7751554b42cbb60116de727101) C:\Windows\system32\drivers\nvraid.sys

17:32:38.0657 1932 nvraid - ok

17:32:38.0735 1932 nvrd32 (6934105ecc6a19570160d794e301e595) C:\Windows\system32\drivers\nvrd32.sys

17:32:38.0766 1932 nvrd32 - ok

17:32:38.0797 1932 nvsmu (62754e376185eacbb73d06fea0ffc54a) C:\Windows\system32\drivers\nvsmu.sys

17:32:38.0813 1932 nvsmu - ok

17:32:38.0891 1932 nvstor (abed0c09758d1d97db0042dbb2688177) C:\Windows\system32\drivers\nvstor.sys

17:32:38.0907 1932 nvstor - ok

17:32:38.0922 1932 nvstor32 (d7b213299852d2026dbc90dab77ef06c) C:\Windows\system32\drivers\nvstor32.sys

17:32:38.0938 1932 nvstor32 - ok

17:32:39.0016 1932 nv_agp (18bbdf913916b71bd54575bdb6eeac0b) C:\Windows\system32\drivers\nv_agp.sys

17:32:39.0031 1932 nv_agp - ok

17:32:39.0031 1932 NwlnkFlt - ok

17:32:39.0063 1932 NwlnkFwd - ok

17:32:39.0125 1932 ohci1394 (6f310e890d46e246e0e261a63d9b36b4) C:\Windows\system32\DRIVERS\ohci1394.sys

17:32:39.0125 1932 ohci1394 - ok

17:32:39.0297 1932 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys

17:32:39.0297 1932 Parport - ok

17:32:39.0343 1932 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys

17:32:39.0343 1932 partmgr - ok

17:32:39.0359 1932 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys

17:32:39.0375 1932 Parvdm - ok

17:32:39.0499 1932 pavboot (3adb8bd6154a3ef87496e8fce9c22493) C:\Windows\system32\drivers\pavboot.sys

17:32:39.0515 1932 pavboot - ok

17:32:39.0562 1932 pccsmcfd (fd2041e9ba03db7764b2248f02475079) C:\Windows\system32\DRIVERS\pccsmcfd.sys

17:32:39.0577 1932 pccsmcfd - ok

17:32:39.0671 1932 PCD5SRVC{BD6912E3-AC9D80E8-05040000} (ba3ec919dd303ca6700348cca1d8f317) C:\PROGRA~1\PC-DOC~1\PCD5SRVC.pkms

17:32:39.0733 1932 PCD5SRVC{BD6912E3-AC9D80E8-05040000} - ok

17:32:39.0780 1932 PcdrNdisuio - ok

17:32:39.0827 1932 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys

17:32:39.0827 1932 pci - ok

17:32:39.0858 1932 pciide (1636d43f10416aeb483bc6001097b26c) C:\Windows\system32\drivers\pciide.sys

17:32:39.0858 1932 pciide - ok

17:32:39.0905 1932 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys

17:32:39.0905 1932 pcmcia - ok

17:32:40.0014 1932 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys

17:32:40.0030 1932 PEAUTH - ok

17:32:40.0155 1932 Ph3xIB32 (9f2f541c52cd7a452e235e885f7d95de) C:\Windows\system32\DRIVERS\Ph3xIB32.sys

17:32:40.0170 1932 Ph3xIB32 - ok

17:32:40.0279 1932 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys

17:32:40.0279 1932 PptpMiniport - ok

17:32:40.0326 1932 Processor (2027293619dd0f047c584cf2e7df4ffd) C:\Windows\system32\drivers\processr.sys

17:32:40.0326 1932 Processor - ok

17:32:40.0389 1932 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys

17:32:40.0389 1932 PSched - ok

17:32:40.0529 1932 PSI (d24dfd16a1e2a76034df5aa18125c35d) C:\Windows\system32\DRIVERS\psi_mf.sys

17:32:40.0529 1932 PSI - ok

17:32:40.0591 1932 ql2300 (0a6db55afb7820c99aa1f3a1d270f4f6) C:\Windows\system32\drivers\ql2300.sys

17:32:40.0623 1932 ql2300 - ok

17:32:40.0701 1932 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys

17:32:40.0716 1932 ql40xx - ok

17:32:40.0732 1932 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys

17:32:40.0732 1932 QWAVEdrv - ok

17:32:40.0763 1932 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys

17:32:40.0763 1932 RasAcd - ok

17:32:40.0872 1932 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys

17:32:40.0872 1932 Rasl2tp - ok

17:32:40.0935 1932 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys

17:32:40.0935 1932 RasPppoe - ok

17:32:41.0013 1932 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys

17:32:41.0028 1932 RasSstp - ok

17:32:41.0075 1932 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys

17:32:41.0075 1932 rdbss - ok

17:32:41.0106 1932 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys

17:32:41.0106 1932 RDPCDD - ok

17:32:41.0184 1932 rdpdr (fbc0bacd9c3d7f6956853f64a66e252d) C:\Windows\system32\drivers\rdpdr.sys

17:32:41.0200 1932 rdpdr - ok

17:32:41.0215 1932 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys

17:32:41.0215 1932 RDPENCDD - ok

17:32:41.0262 1932 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys

17:32:41.0278 1932 RDPWD - ok

17:32:41.0387 1932 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys

17:32:41.0403 1932 rspndr - ok

17:32:41.0496 1932 SASDIFSV (a3281aec37e0720a2bc28034c2df2a56) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS

17:32:41.0496 1932 SASDIFSV - ok

17:32:41.0527 1932 SASKUTIL (61db0d0756a99506207fd724e3692b25) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS

17:32:41.0559 1932 SASKUTIL - ok

17:32:41.0637 1932 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys

17:32:41.0652 1932 sbp2port - ok

17:32:41.0699 1932 SCDEmu (ee7a1b6e155258288d99be61190e1112) C:\Windows\system32\drivers\SCDEmu.sys

17:32:41.0761 1932 SCDEmu - ok

17:32:41.0902 1932 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys

17:32:41.0933 1932 secdrv - ok

17:32:42.0011 1932 seehcri (e5b56569a9f79b70314fede6c953641e) C:\Windows\system32\DRIVERS\seehcri.sys

17:32:42.0042 1932 seehcri - ok

17:32:42.0136 1932 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys

17:32:42.0136 1932 Serenum - ok

17:32:42.0167 1932 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys

17:32:42.0183 1932 Serial - ok

17:32:42.0214 1932 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys

17:32:42.0214 1932 sermouse - ok

17:32:42.0354 1932 sffdisk (3efa810bdca87f6ecc24f9832243fe86) C:\Windows\system32\drivers\sffdisk.sys

17:32:42.0354 1932 sffdisk - ok

17:32:42.0401 1932 sffp_mmc (e95d451f7ea3e583aec75f3b3ee42dc5) C:\Windows\system32\drivers\sffp_mmc.sys

17:32:42.0401 1932 sffp_mmc - ok

17:32:42.0417 1932 sffp_sd (3d0ea348784b7ac9ea9bd9f317980979) C:\Windows\system32\drivers\sffp_sd.sys

17:32:42.0417 1932 sffp_sd - ok

17:32:42.0541 1932 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys

17:32:42.0541 1932 sfloppy - ok

17:32:42.0588 1932 sisagp (1d76624a09a054f682d746b924e2dbc3) C:\Windows\system32\drivers\sisagp.sys

17:32:42.0588 1932 sisagp - ok

17:32:42.0619 1932 SiSRaid2 (43cb7aa756c7db280d01da9b676cfde2) C:\Windows\system32\drivers\sisraid2.sys

17:32:42.0619 1932 SiSRaid2 - ok

17:32:42.0697 1932 SiSRaid4 (a99c6c8b0baa970d8aa59ddc50b57f94) C:\Windows\system32\drivers\sisraid4.sys

17:32:42.0697 1932 SiSRaid4 - ok

17:32:42.0744 1932 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys

17:32:42.0744 1932 Smb - ok

17:32:42.0838 1932 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys

17:32:42.0838 1932 spldr - ok

17:32:42.0900 1932 sptd (4f576e516cc76ec50a244586bcfa1c78) C:\Windows\system32\Drivers\sptd.sys

17:32:43.0009 1932 sptd - ok

17:32:43.0197 1932 SRTSP (2c5fbf6a00a4a3dcf643e46e8acb20c2) C:\Windows\System32\Drivers\NIS\1301010.003\SRTSP.SYS

17:32:43.0197 1932 SRTSP - ok

17:32:43.0337 1932 SRTSPX (9034ea58552b55f370e5293a7175c5ac) C:\Windows\system32\drivers\NIS\1301010.003\SRTSPX.SYS

17:32:43.0337 1932 SRTSPX - ok

17:32:43.0399 1932 srv (41987f9fc0e61adf54f581e15029ad91) C:\Windows\system32\DRIVERS\srv.sys

17:32:43.0399 1932 srv - ok

17:32:43.0571 1932 srv2 (ff33aff99564b1aa534f58868cbe41ef) C:\Windows\system32\DRIVERS\srv2.sys

17:32:43.0571 1932 srv2 - ok

17:32:43.0587 1932 srvnet (7605c0e1d01a08f3ecd743f38b834a44) C:\Windows\system32\DRIVERS\srvnet.sys

17:32:43.0602 1932 srvnet - ok

17:32:43.0649 1932 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys

17:32:43.0649 1932 swenum - ok

17:32:43.0727 1932 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys

17:32:43.0743 1932 Symc8xx - ok

17:32:43.0852 1932 SymDS (690fa0e61b90084c4d9a721bd4f3d779) C:\Windows\system32\drivers\NIS\1301010.003\SYMDS.SYS

17:32:43.0852 1932 SymDS - ok

17:32:44.0632 1932 SymEFA (a0c7005387bb6f055bb50bd8e779368b) C:\Windows\system32\drivers\NIS\1301010.003\SYMEFA.SYS

17:32:44.0663 1932 SymEFA - ok

17:32:44.0772 1932 SymEvent (98d28d08e68145fb550ee7670b43baf2) C:\Windows\system32\Drivers\SYMEVENT.SYS

17:32:44.0788 1932 SymEvent - ok

17:32:44.0913 1932 SymIRON (39c35ddbb570e9f334f239248e4de34d) C:\Windows\system32\drivers\NIS\1301010.003\Ironx86.SYS

17:32:44.0928 1932 SymIRON - ok

17:32:45.0100 1932 SYMTDIv (671753e39b8f12cf9b6bcefcb19f89b0) C:\Windows\system32\drivers\NIS\1301010.003\SYMTDIV.SYS

17:32:45.0115 1932 SYMTDIv - ok

17:32:45.0162 1932 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys

17:32:45.0162 1932 Sym_hi - ok

17:32:45.0240 1932 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys

17:32:45.0240 1932 Sym_u3 - ok

17:32:45.0349 1932 Tcpip (2756186e287139310997090797e0182b) C:\Windows\system32\drivers\tcpip.sys

17:32:45.0365 1932 Tcpip - ok

17:32:45.0459 1932 Tcpip6 (2756186e287139310997090797e0182b) C:\Windows\system32\DRIVERS\tcpip.sys

17:32:45.0459 1932 Tcpip6 - ok

17:32:45.0537 1932 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys

17:32:45.0537 1932 tcpipreg - ok

17:32:45.0552 1932 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys

17:32:45.0568 1932 TDPIPE - ok

17:32:45.0583 1932 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys

17:32:45.0583 1932 TDTCP - ok

17:32:45.0677 1932 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys

17:32:45.0708 1932 tdx - ok

17:32:45.0739 1932 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys

17:32:45.0739 1932 TermDD - ok

17:32:45.0864 1932 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys

17:32:45.0864 1932 tssecsrv - ok

17:32:45.0895 1932 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys

17:32:45.0927 1932 tunnel - ok

17:32:46.0005 1932 uagp35 (7d33c4db2ce363c8518d2dfcf533941f) C:\Windows\system32\drivers\uagp35.sys

17:32:46.0005 1932 uagp35 - ok

17:32:46.0051 1932 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys

17:32:46.0083 1932 udfs - ok

17:32:46.0176 1932 uliagpkx (b0acfdc9e4af279e9116c03e014b2b27) C:\Windows\system32\drivers\uliagpkx.sys

17:32:46.0207 1932 uliagpkx - ok

17:32:46.0223 1932 uliahci (9224bb254f591de4ca8d572a5f0d635c) C:\Windows\system32\drivers\uliahci.sys

17:32:46.0223 1932 uliahci - ok

17:32:46.0317 1932 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys

17:32:46.0332 1932 UlSata - ok

17:32:46.0348 1932 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys

17:32:46.0363 1932 ulsata2 - ok

17:32:46.0395 1932 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys

17:32:46.0410 1932 umbus - ok

17:32:46.0519 1932 upperdev (e526a166e6acafd0a9b3841d3941669e) C:\Windows\system32\DRIVERS\usbser_lowerflt.sys

17:32:46.0519 1932 upperdev - ok

17:32:46.0582 1932 USBAAPL (5c2bdc152bbab34f36473deaf7713f22) C:\Windows\system32\Drivers\usbaapl.sys

17:32:46.0597 1932 USBAAPL - ok

17:32:46.0691 1932 usbaudio (32db9517628ff0d070682aab61e688f0) C:\Windows\system32\drivers\usbaudio.sys

17:32:46.0691 1932 usbaudio - ok

17:32:46.0738 1932 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys

17:32:46.0753 1932 usbccgp - ok

17:32:46.0800 1932 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys

17:32:46.0816 1932 usbcir - ok

17:32:46.0909 1932 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys

17:32:46.0909 1932 usbehci - ok

17:32:46.0956 1932 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys

17:32:46.0972 1932 usbhub - ok

17:32:47.0050 1932 usbohci (ce697fee0d479290d89bec80dfe793b7) C:\Windows\system32\DRIVERS\usbohci.sys

17:32:47.0081 1932 usbohci - ok

17:32:47.0112 1932 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys

17:32:47.0128 1932 usbprint - ok

17:32:47.0190 1932 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys

17:32:47.0190 1932 usbscan - ok

17:32:47.0237 1932 usbser (d575246188f63de0accf6eac5fb59e6a) C:\Windows\system32\DRIVERS\usbser.sys

17:32:47.0237 1932 usbser - ok

17:32:47.0299 1932 UsbserFilt (6f3e3c6811b930d2414552a2e4a40f36) C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys

17:32:47.0299 1932 UsbserFilt - ok

17:32:47.0362 1932 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS

17:32:47.0362 1932 USBSTOR - ok

17:32:47.0424 1932 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys

17:32:47.0440 1932 usbuhci - ok

17:32:47.0549 1932 V0220Dev (d26829d436f592f6d80d71b9c02c690f) C:\Windows\system32\DRIVERS\V0220Dev.sys

17:32:47.0580 1932 V0220Dev - ok

17:32:47.0596 1932 V0220Vfx (eb4e73963bc2eda84b93b29174e15b02) C:\Windows\system32\DRIVERS\V0220Vfx.sys

17:32:47.0611 1932 V0220Vfx - ok

17:32:47.0674 1932 vga (87b06e1f30b749a114f74622d013f8d4) C:\Windows\system32\DRIVERS\vgapnp.sys

17:32:47.0689 1932 vga - ok

17:32:47.0783 1932 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys

17:32:47.0783 1932 VgaSave - ok

17:32:47.0799 1932 viaagp (5d7159def58a800d5781ba3a879627bc) C:\Windows\system32\drivers\viaagp.sys

17:32:47.0814 1932 viaagp - ok

17:32:47.0845 1932 ViaC7 (c4f3a691b5bad343e6249bd8c2d45dee) C:\Windows\system32\drivers\viac7.sys

17:32:47.0845 1932 ViaC7 - ok

17:32:47.0861 1932 viaide (aadf5587a4063f52c2c3fed7887426fc) C:\Windows\system32\drivers\viaide.sys

17:32:47.0892 1932 viaide - ok

17:32:47.0970 1932 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys

17:32:47.0986 1932 volmgr - ok

17:32:48.0048 1932 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys

17:32:48.0064 1932 volmgrx - ok

17:32:48.0111 1932 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys

17:32:48.0126 1932 volsnap - ok

17:32:48.0204 1932 vsmraid (587253e09325e6bf226b299774b728a9) C:\Windows\system32\drivers\vsmraid.sys

17:32:48.0220 1932 vsmraid - ok

17:32:48.0251 1932 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys

17:32:48.0251 1932 WacomPen - ok

17:32:48.0282 1932 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys

17:32:48.0282 1932 Wanarp - ok

17:32:48.0298 1932 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys

17:32:48.0298 1932 Wanarpv6 - ok

17:32:48.0376 1932 Wd (78fe9542363f297b18c027b2d7e7c07f) C:\Windows\system32\drivers\wd.sys

17:32:48.0376 1932 Wd - ok

17:32:48.0423 1932 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys

17:32:48.0423 1932 Wdf01000 - ok

17:32:48.0563 1932 WmiAcpi (2e7255d172df0b8283cdfb7b433b864e) C:\Windows\system32\drivers\wmiacpi.sys

17:32:48.0579 1932 WmiAcpi - ok

17:32:48.0672 1932 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys

17:32:48.0703 1932 WpdUsb - ok

17:32:48.0735 1932 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys

17:32:48.0735 1932 ws2ifsl - ok

17:32:48.0844 1932 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys

17:32:48.0844 1932 WUDFRd - ok

17:32:48.0875 1932 MBR (0x1B8) (81cd5ec01db0ce57edd853f82462ef27) \Device\Harddisk0\DR0

17:32:49.0031 1932 \Device\Harddisk0\DR0 - ok

17:32:49.0031 1932 MBR (0x1B8) (988d3c46cbd13ec7f482b833c55264c8) \Device\Harddisk1\DR1

17:32:49.0031 1932 \Device\Harddisk1\DR1 - ok

17:32:49.0047 1932 Boot (0x1200) (b6b711ee755044b0934e4b9182ab1fa9) \Device\Harddisk0\DR0\Partition0

17:32:49.0047 1932 \Device\Harddisk0\DR0\Partition0 - ok

17:32:49.0047 1932 Boot (0x1200) (413e57f2fb0d76a9f878b6982ef10cca) \Device\Harddisk0\DR0\Partition1

17:32:49.0062 1932 \Device\Harddisk0\DR0\Partition1 - ok

17:32:49.0062 1932 Boot (0x1200) (63f8959d4de11e081554723bacb81b7f) \Device\Harddisk1\DR1\Partition0

17:32:49.0062 1932 \Device\Harddisk1\DR1\Partition0 - ok

17:32:49.0062 1932 ============================================================

17:32:49.0062 1932 Scan finished

17:32:49.0062 1932 ============================================================

17:32:49.0093 6576 Detected object count: 0

17:32:49.0093 6576 Actual detected object count: 0

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

Skapa ett konto eller logga in för att kommentera

Du måste vara medlem för att kunna kommentera

Skapa ett konto

Skapa ett nytt konto på vårt forum. Det är lätt!

Registrera ett nytt konto

Logga in

Redan medlem? Logga in här.

Logga in nu



×
×
  • Skapa nytt...