MyCity » Ambulanta -> Arhiva Ambulante » Kako da se riješim ibsvc.exe?

Kako da se riješim ibsvc.exe?

Napisano na dan: 24.3.2014

Strana:
1
2

Kako da se riješim ibsvc.exe?

Pagination

Prethodna strana

Odgovori

Strana:
1
2

jollyking991 Poslao: 26 Mar 2014 00:19 Idi na vrh
offline jollyking991 Novi MyCity građanin Pridružio: 24 Mar 2014 Poruke: 29	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Napisano: 26 Mar 2014 0:14 Zoek.exe v5.0.0.0 Updated 07-March-2014 Tool run by Jolly on uto 25.03.2014 at 23:32:04,82. Microsoft Windows XP Professional 5.1.2600 Service Pack 3 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Documents and Settings\Jolly\Desktop\New Folder (2)\zoek.com [Scan all users] [Script inserted] ==== Older Logs ====================== C:\zoek-results2014-03-25-154013.log 449 bytes C:\zoek-results2014-03-25-185342.log 412 bytes ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\update outobox deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Eventlog\Application\update outobox deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\util outobox deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Eventlog\Application\util outobox deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\defaulttabsearch deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\defaulttabsearch deleted successfully ==== FireFox Fix ====================== ProfilePath: C:\Documents and Settings\ADMINI~1\Application Data\Mozilla\Firefox\Profiles\ifv1b0db.default ---- Lines phpnuke removed from prefs.js ---- user_pref("browser.search.selectedEngine", "Search The Web (phpnuke)"); user_pref("extensions.phpnuke.admin", false); user_pref("extensions.phpnuke.aflt", "orgnl"); user_pref("extensions.phpnuke.appId", "{87E4259D-46BF-45EC-A1E5-88D3560EB001}"); user_pref("extensions.phpnuke.autoRvrt", "false"); user_pref("extensions.phpnuke.cid", "457c4dfc"); user_pref("extensions.phpnuke.dfltLng", "en"); user_pref("extensions.phpnuke.dfltSrch", true); user_pref("extensions.phpnuke.dnsErr", true); user_pref("extensions.phpnuke.excTlbr", false); user_pref("extensions.phpnuke.ffxUnstlRst", false); user_pref("extensions.phpnuke.hmpg", true); user_pref("extensions.phpnuke.hmpgUrl", "http://search.phpnuke.org/?lang=en&cid=457c4dfc"); user_pref("extensions.phpnuke.hpOld0", "http://home.mywebsearch.com/index.jhtml?ptb=EE116217-27DC-44C5-9551-53AEC07B6F42&n=77fc20fd&p2=^Y6^xdm007^YY^b user_pref("extensions.phpnuke.id", "2c2b93a50000000000000018f31b525a"); user_pref("extensions.phpnuke.instlDay", "15757"); user_pref("extensions.phpnuke.instlRef", ""); user_pref("extensions.phpnuke.kw_url", "http://search.phpnuke.org/?lang=en&cid=457c4dfc&q="); user_pref("extensions.phpnuke.newTab", true); user_pref("extensions.phpnuke.newTabUrl", "http://search.phpnuke.org/?lang=en&cid=457c4dfc"); user_pref("extensions.phpnuke.prdct", "phpnuke"); user_pref("extensions.phpnuke.prtnrId", "Phpnuke"); user_pref("extensions.phpnuke.rvrt", "true"); user_pref("extensions.phpnuke.smplGrp", "none"); user_pref("extensions.phpnuke.srchPrvdr", "Search The Web (phpnuke)"); user_pref("extensions.phpnuke.tlbrId", "base"); user_pref("extensions.phpnuke.tlbrSrchUrl", "http://search.phpnuke.org/?lang={dfltLng}&cid={cid}&q="); user_pref("extensions.phpnuke.vrsn", "1.8.12.7"); user_pref("extensions.phpnuke.vrsnTs", "1.8.12.717:34:37"); user_pref("extensions.phpnuke.vrsni", "1.8.12.7"); ---- Lines phpnuke removed from user.js ---- user_pref("extensions.phpnuke.hpOld0", "http://home.mywebsearch.com/index.jhtml?ptb=EE116217-27DC-44C5-9551-53AEC07B6F42&n=77fc20fd&p2=^Y6^xdm007^YY^ba"); user_pref("extensions.phpnuke.tlbrSrchUrl", "http://search.phpnuke.org/?lang={dfltLng}&cid={cid}&q="); user_pref("extensions.phpnuke.id", "2c2b93a50000000000000018f31b525a"); user_pref("extensions.phpnuke.appId", "{87E4259D-46BF-45EC-A1E5-88D3560EB001}"); user_pref("extensions.phpnuke.instlDay", "15757"); user_pref("extensions.phpnuke.vrsn", "1.8.12.7"); user_pref("extensions.phpnuke.vrsni", "1.8.12.7"); user_pref("extensions.phpnuke.vrsnTs", "1.8.12.717:34:37"); user_pref("extensions.phpnuke.prtnrId", "Phpnuke"); user_pref("extensions.phpnuke.prdct", "phpnuke"); user_pref("extensions.phpnuke.aflt", "orgnl"); user_pref("extensions.phpnuke.smplGrp", "none"); user_pref("extensions.phpnuke.tlbrId", "base"); user_pref("extensions.phpnuke.instlRef", ""); user_pref("extensions.phpnuke.dfltLng", "en"); user_pref("extensions.phpnuke.excTlbr", false); user_pref("extensions.phpnuke.ffxUnstlRst", false); user_pref("extensions.phpnuke.admin", false); user_pref("extensions.phpnuke.cid", "457c4dfc"); user_pref("extensions.phpnuke.autoRvrt", "false"); user_pref("extensions.phpnuke.rvrt", "true"); user_pref("extensions.phpnuke.hmpg", true); user_pref("extensions.phpnuke.hmpgUrl", "http://search.phpnuke.org/?lang=en&cid=457c4dfc"); user_pref("extensions.phpnuke.dfltSrch", true); user_pref("extensions.phpnuke.srchPrvdr", "Search The Web (phpnuke)"); user_pref("extensions.phpnuke.kw_url", "http://search.phpnuke.org/?lang=en&cid=457c4dfc&q="); user_pref("extensions.phpnuke.dnsErr", true); user_pref("extensions.phpnuke.newTab", true); user_pref("extensions.phpnuke.newTabUrl", "http://search.phpnuke.org/?lang=en&cid=457c4dfc"); ---- Lines WebSearch removed from prefs.js ---- user_pref("browser.startup.homepage", "http://home.mywebsearch.com/index.jhtml?ptb=EE116217-27DC-44C5-9551-53AEC07B6F42&n=77fc20fd&p2=^Y6^xdm007^YY^ba user_pref("extensions.mywebsearch.prevDefaultEngine", ""); user_pref("extensions.mywebsearch.prevSelectedEngine", ""); user_pref("extensions.toolbar.mindspark._65Members_.homepage", "http://home.mywebsearch.com/index.jhtml?ptb=EE116217-27DC-44C5-9551-53AEC07B6F42&n=77f ---- Lines mindspark removed from prefs.js ---- user_pref("extensions.toolbar.mindspark._65Members_.hp.enabled", true); user_pref("extensions.toolbar.mindspark._65Members_.hp.lastGuardTime", -39972668); user_pref("extensions.toolbar.mindspark._65Members_.hp.numGuards", 1); user_pref("extensions.toolbar.mindspark._65Members_.initialized", true); user_pref("extensions.toolbar.mindspark._65Members_.installation.contextKey", ""); user_pref("extensions.toolbar.mindspark._65Members_.installation.installDate", "2013012221"); user_pref("extensions.toolbar.mindspark._65Members_.installation.partnerId", "^Y6^xdm007^YY^ba"); user_pref("extensions.toolbar.mindspark._65Members_.installation.partnerSubId", ""); user_pref("extensions.toolbar.mindspark._65Members_.installation.success", true); user_pref("extensions.toolbar.mindspark._65Members_.installation.toolbarId", "EE116217-27DC-44C5-9551-53AEC07B6F42"); user_pref("extensions.toolbar.mindspark._65Members_.lastActivePing", "1363795397290"); user_pref("extensions.toolbar.mindspark._65Members_.options.defaultSearch", true); user_pref("extensions.toolbar.mindspark._65Members_.options.homePageEnabled", true); user_pref("extensions.toolbar.mindspark._65Members_.options.keywordEnabled", false); user_pref("extensions.toolbar.mindspark._65Members_.options.tabEnabled", false); user_pref("extensions.toolbar.mindspark._65Members_.searchHistory", "yu tube\|\|Jos jedan procice dan, tvoje lice, kosu, oci ne gledam, jos jedna procic user_pref("extensions.toolbar.mindspark._65Members_.weather.location", "10001"); user_pref("extensions.toolbar.mindspark.hp.enabled", true); user_pref("extensions.toolbar.mindspark.hp.enabled.guid", "fromdoctopdf@mindspark.com"); user_pref("extensions.toolbar.mindspark.lastInstalled", "fromdoctopdf@mindspark.com"); ---- Lines ask.com removed from prefs.js ---- user_pref("browser.search.defaultengine", "Ask.com"); user_pref("extensions.toolbar@ask.com.install-event-fired", true); ---- Lines asktb removed from prefs.js ---- user_pref("extensions.asktb.ff-original-keyword-url", ""); ---- Lines Customized removed from prefs.js ---- user_pref("extensions.testpilot.alreadyCustomizedToolbar", true); ---- Lines ffxtbr removed from prefs.js ---- user_pref("extensions.65ffxtbr@FromDocToPDF_65.com.install-event-fired", true); ---- Lines SpeedAnalysis removed from prefs.js ---- user_pref("extensions.speedanalysis@SpeedAnalysis.com.id", "\"2db51585-016f-75c4-c4cc-908944777ec6\""); user_pref("extensions.speedanalysis@SpeedAnalysis.com.install-event-fired", true); user_pref("extensions.speedanalysis@SpeedAnalysis.com.mzID", "67"); user_pref("extensions.speedanalysis@SpeedAnalysis.com.uuid", "\"47153b6b-9149-11e2-9551-0025901ef77c\""); ---- Lines SpeedAnalysis modified from prefs.js ---- user_pref("extensions.enabledAddons", "testpilot%40labs.mozilla.com:1.2.2,speedanalysis%40SpeedAnalysis.com:1.0.0.1,%7B972ce4c6-7e08-4474-a285-3208198 user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"speedanalysis@SpeedAnalysis.com\":{\"descriptor\":\"C:\\\\Documen ---- FireFox user.js and prefs.js backups ---- user_25.03.2014_2344_.backup prefs_25.03.2014_2344_.backup ProfilePath: C:\Documents and Settings\Jolly\Application Data\Mozilla\Firefox\Profiles\dus1jqqw.default user.js not found ---- Lines babylon removed from prefs.js ---- user_pref("extensions.BabylonToolbar.prtkDS", 0); user_pref("extensions.BabylonToolbar.prtkHmpg", 0); ---- Lines Sweet removed from prefs.js ---- user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", ""); user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", ""); user_pref("sweetim.toolbar.previous.browser.startup.homepage", ""); user_pref("sweetim.toolbar.previous.keyword.URL", ""); user_pref("sweetim.toolbar.scripts.1.domain-blacklist", ""); user_pref("sweetim.toolbar.searchguard.enable", ""); user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", ""); user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", ""); ---- Lines extensions.GQyQSsNs removed from prefs.js ---- user_pref("extensions.GQyQSsNs.epoch", "1383436848"); ---- Lines extensions.RZrQzE removed from prefs.js ---- user_pref("extensions.RZrQzE.epoch", "1383436849"); ---- Lines extensions.WCarU removed from prefs.js ---- user_pref("extensions.WCarU.epoch", "1383436848"); ---- Lines extensions.aXE7W6V removed from prefs.js ---- user_pref("extensions.aXE7W6V.epoch", "1383436848"); ---- FireFox user.js and prefs.js backups ---- prefs_25.03.2014_2344_.backup ProfilePath: C:\Documents and Settings\Jolly\Application Data\Mozilla\Firefox\Profiles\u50vzrml.default user.js not found ---- FireFox user.js and prefs.js backups ---- prefs_25.03.2014_2344_.backup ProfilePath: C:\Documents and Settings\Jolly\Application Data\Mozilla\Firefox\Profiles\wzsvn3s6.default-1395336451593 user.js not found ---- FireFox user.js and prefs.js backups ---- prefs_25.03.2014_2344_.backup ProfilePath: C:\Documents and Settings\NETWOR~1\Application Data\Mozilla\Firefox\Profiles\z82ipkkv.default user.js not found ---- Lines SpeedAnalysis modified from prefs.js ---- user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"speedanalysis@SpeedAnalysis.com\":{\"descriptor\":\"C:\\\\Documen ---- FireFox user.js and prefs.js backups ---- prefs_25.03.2014_2344_.backup ProfilePath: C:\Documents and Settings\ADMINI~1\Application Data\Mozilla\Firefox\Profiles\klwf65yh.default prefs.js not found user.js not found ---- FireFox user.js and prefs.js backups ---- ==== Deleting Files \ Folders ====================== C:\Program Files\BS_Player deleted C:\Documents and Settings\Jolly\Local Settings\Application Data\BS_Player deleted C:\Program Files\Mozilla Firefox deleted C:\Program Files\outobox deleted C:\Documents and Settings\Jolly\Local Settings\Application Data\genienext deleted C:\Documents and Settings\Jolly\daemonprocess.txt deleted C:\Documents and Settings\Jolly\.android deleted C:\Program Files\Movies Toolbar deleted C:\Program Files\Conduit deleted C:\Program Files\SkEnhancer deleted C:\Program Files\SsHelper deleted C:\Program Files\DefaultTab deleted C:\Program Files\iLivid deleted C:\Program Files\Windows iLivid Toolbar deleted C:\Program Files\StartSearch plugin deleted C:\Program Files\Optimizer Pro deleted C:\Program Files\MyPC Backup deleted C:\Program Files\GreenTree Applications deleted C:\Program Files\File Scout deleted C:\Program Files\Search Results Toolbar deleted C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\iLivid.lnk deleted C:\Documents and Settings\Administrator\Application Data\speedanalysis.ico deleted C:\Documents and Settings\Administrator\Application Data\SpeedanAlysis deleted C:\Documents and Settings\Administrator\Application Data\BabSolution deleted C:\Documents and Settings\Administrator\Application Data\Babylon deleted C:\Documents and Settings\Administrator\Application Data\File Scout deleted C:\Documents and Settings\Administrator\Application Data\Registry Mechanic deleted C:\Documents and Settings\Administrator\Application Data\searchquband deleted C:\Documents and Settings\Administrator\Application Data\searchqutoolbar deleted C:\Documents and Settings\Administrator\Application Data\searchresultstb deleted C:\Documents and Settings\Administrator\Application Data\PerformerSoft deleted C:\Documents and Settings\Administrator\Application Data\PriceGong deleted C:\Documents and Settings\Jolly\Application Data\ilividmoviestoolbarha deleted C:\Documents and Settings\Jolly\Application Data\speedanalysis.ico deleted C:\Documents and Settings\Jolly\Application Data\newnext.me deleted C:\Documents and Settings\Jolly\Application Data\SkypEmoticons deleted C:\Documents and Settings\Jolly\Application Data\zulagames deleted C:\Documents and Settings\Jolly\Application Data\SpeedAnalysis3 deleted C:\Documents and Settings\Jolly\Application Data\Babylon deleted C:\Documents and Settings\Jolly\Application Data\File Scout deleted C:\Documents and Settings\Jolly\Application Data\defaulttab deleted C:\Documents and Settings\Jolly\Application Data\SeeSimilar02 deleted C:\Documents and Settings\Jolly\Application Data\searchquband deleted C:\Documents and Settings\Jolly\Application Data\searchqutoolbar deleted C:\DOCUME~1\ALLUSE~1\APPLIC~1\Browser Manager deleted C:\DOCUME~1\ALLUSE~1\APPLIC~1\Ask deleted C:\DOCUME~1\ALLUSE~1\APPLIC~1\AskPartnerNetwork deleted C:\DOCUME~1\ALLUSE~1\APPLIC~1\APN deleted C:\DOCUME~1\ALLUSE~1\APPLIC~1\Datamngr deleted C:\DOCUME~1\ALLUSE~1\APPLIC~1\boost_interprocess deleted C:\DOCUME~1\ALLUSE~1\APPLIC~1\Wincert deleted C:\DOCUME~1\ALLUSE~1\APPLIC~1\SearchNewTab deleted C:\DOCUME~1\ALLUSE~1\APPLIC~1\AVG January 2013 Campaign deleted C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallMate deleted C:\DOCUME~1\ALLUSE~1\APPLIC~1\Babylon deleted C:\DOCUME~1\ALLUSE~1\APPLIC~1\YTD Video Downloader deleted C:\DOCUME~1\ALLUSE~1\APPLIC~1\WinterSoft deleted C:\Documents and Settings\Administrator\Local Settings\Application Data\iLivid deleted C:\Documents and Settings\Administrator\Local Settings\Application Data\Ilivid Player deleted C:\Documents and Settings\Administrator\Local Settings\Application Data\CRE deleted C:\Documents and Settings\Administrator\Local Settings\Application Data\BS_Player deleted C:\Documents and Settings\Administrator\Local Settings\Application Data\PackageAware deleted C:\Documents and Settings\Administrator\Local Settings\Application Data\Conduit deleted C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\bProtectorPreferences deleted C:\Documents and Settings\Jolly\Local Settings\Application Data\Mobogenie deleted C:\Documents and Settings\Jolly\Local Settings\Application Data\cache deleted C:\Documents and Settings\Jolly\Local Settings\Application Data\Babylon deleted C:\Documents and Settings\Jolly\Local Settings\Application Data\Conduit deleted C:\Documents and Settings\All Users\Start Menu\Programs\iLivid deleted C:\Documents and Settings\All Users\Start Menu\Programs\YTD Video Downloader deleted C:\WINDOWS\system32\roboot.exe deleted C:\WINDOWS\System32\searchplugins deleted C:\WINDOWS\System32\Extensions deleted C:\Documents and Settings\ADMINI~1\Application Data\Mozilla\Firefox\Profiles\ifv1b0db.default\searchplugins\askcom.xml deleted C:\Documents and Settings\ADMINI~1\Application Data\Mozilla\Firefox\Profiles\ifv1b0db.default\searchplugins\my-web-search.xml deleted C:\Documents and Settings\ADMINI~1\Application Data\Mozilla\Firefox\Profiles\ifv1b0db.default\bProtector_extensions.sqlite deleted C:\Documents and Settings\ADMINI~1\Application Data\Mozilla\Firefox\Profiles\ifv1b0db.default\ilividmoviestoolbarha deleted C:\Documents and Settings\ADMINI~1\Application Data\Mozilla\Firefox\Profiles\ifv1b0db.default\ilividtoolbarguid deleted C:\Documents and Settings\ADMINI~1\Application Data\Mozilla\Firefox\Profiles\klwf65yh.default\bProtector_extensions.sqlite deleted C:\Documents and Settings\Jolly\My Documents\Downloads\VaudiX(2).exe deleted C:\Documents and Settings\Jolly\My Documents\Downloads\VaudiX(4).exe deleted C:\Documents and Settings\Administrator\Application Data\Mozilla\Extensions\speedanalysis@SpeedAnalysis.com deleted C:\Documents and Settings\Jolly\Application Data\Mozilla\Firefox\Profiles\dus1jqqw.default\extensions\bh2-h@oyoouvtovllu.com deleted C:\Documents and Settings\Jolly\Application Data\Mozilla\Firefox\Profiles\dus1jqqw.default\extensions\goimznlfyy@wyo-yia.com deleted C:\Documents and Settings\Jolly\Application Data\Mozilla\Firefox\Profiles\dus1jqqw.default\extensions\tfgcgd@ms-.co.uk deleted C:\Documents and Settings\Jolly\Application Data\Mozilla\Firefox\Profiles\dus1jqqw.default\extensions\za7yu@scmxeiieu.com deleted C:\Documents and Settings\Jolly\Application Data\Mozilla\Firefox\Profiles\dus1jqqw.default\extensions\zulagames@ZulaGames.com deleted "C:\WINDOWS\Installer\7ab94.msi" deleted "C:\Documents and Settings\ADMINI~1\Application Data\Mozilla\Firefox\Profiles\ifv1b0db.default\searchplugins\phpnuke.xml" deleted "C:\Documents and Settings\Jolly\Application Data\Mozilla\Firefox\Profiles\dus1jqqw.default\extensions\addon@defaulttab.com.xpi" deleted "C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe" deleted "C:\Program Files\AskPartnerNetwork" deleted "C:\Program Files\AskPartnerNetwork\Toolbar" deleted "C:\Program Files\AskPartnerNetwork\Toolbar\Updater" deleted ==== Files Recently Created / Modified ====================== ====== C:\WINDOWS ==== 2014-03-24 18:15:08 F042EE4C8D66248D9B86DCF52ABAE416 256000 ----a-w- C:\WINDOWS\PEV.exe 2014-03-24 18:15:08 9E05A9C264C8A908A8E79450FCBFF047 80412 ----a-w- C:\WINDOWS\grep.exe 2014-03-24 18:15:08 5E832F4FAF5F481F2EAF3B3A48F603B8 68096 ----a-w- C:\WINDOWS\zip.exe 2014-03-24 18:15:08 0297C72529807322B152F517FDB0A9FC 406528 ----a-w- C:\WINDOWS\SWSC.exe 2014-03-24 18:15:08 0277C027A26428DB64EF4F64F52BB4FD 208896 ----a-w- C:\WINDOWS\MBR.exe ====== C:\DOCUME~1\Jolly\LOCALS~1\Temp ==== ====== Java Cache ===== ====== C:\WINDOWS\system32 ===== 2014-03-24 20:45:05 49F9C309D84D059499C690FB43B9F1F6 497048 ----a-w- C:\WINDOWS\System32\FNTCACHE.DAT ====== C:\WINDOWS\system32\drivers ===== 2014-03-25 12:23:00 024ACCA2F972EE094EB0F4289F2FA893 107224 ----a-w- C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys 2014-03-25 12:21:19 6F0D0617310A677360B7EB6D2D59086E 52312 ----a-w- C:\WINDOWS\System32\drivers\mbamchameleon.sys 2014-03-08 16:18:11 687AF6BB383885FF6A64071B189A7F3E 242240 ----a-w- C:\WINDOWS\System32\drivers\dtsoftbus01.sys 2014-02-28 17:34:22 D86B4A68565E444D76457F14172C875A 43528 ------w- C:\WINDOWS\System32\drivers\PxHelp20.sys 2014-02-28 17:34:22 837EEF65AF62D4E8A37C41D3879F7274 9336 ------w- C:\WINDOWS\System32\drivers\cdr4_xp.sys 2014-02-28 17:34:22 579DA2F9F5401F55DAE2CF8779D61DFC 9464 ------w- C:\WINDOWS\System32\drivers\cdralw2k.sys ====== C:\WINDOWS\Tasks ====== ====== C:\WINDOWS\Temp ====== ======= C:\Program Files ===== 2014-02-28 17:34:14 -------- d-----w- C:\Program Files\Winamp 2014-02-28 16:26:17 -------- d-----w- C:\Program Files\CyberLink ======= C: ===== 2014-03-24 18:22:42 FA579938B0733B87066546AFE951082C 211 ----a-w- C:\Boot.bak 2014-03-24 18:22:40 94E5450C43E4CF78E1D3AD4816966909 260272 --sha-r- C:\cmldr ====== C:\Documents and Settings\Jolly\Application Data ====== 2014-03-25 22:29:57 -------- d-----w- C:\Documents and Settings\Jolly\Start Menu\Programs\CyberLink PowerDVD 2014-03-08 16:21:43 -------- d-----w- C:\Documents and Settings\Jolly\Start Menu\Programs\KONAMI\Pro Evolution Soccer 6 2014-03-08 16:21:43 -------- d-----w- C:\Documents and Settings\Jolly\Start Menu\Programs\KONAMI 2014-03-08 16:08:25 -------- d-----w- C:\Documents and Settings\Jolly\Application Data\DAEMON Tools Lite 2014-03-01 15:33:12 -------- d-----w- C:\Documents and Settings\Jolly\Start Menu\Programs\FLV Player 2014-03-01 15:32:49 -------- d-----w- C:\Documents and Settings\Jolly\Application Data\CyberLink 2014-02-28 17:34:14 -------- d-----w- C:\Documents and Settings\Jolly\Application Data\Winamp ====== C:\Documents and Settings\Jolly ====== 2014-03-24 17:24:17 -------- d--h--r- C:\Documents and Settings\Jolly\Recent ====== C: exe-files == 2014-03-25 15:07:49 214B059CA672E5C2876266C4EEBDFE0B 1145856 ----a-w- C:\Documents and Settings\Jolly\Desktop\New Folder\FRST.exe 2014-03-25 13:39:37 214B059CA672E5C2876266C4EEBDFE0B 1145856 ----a-w- C:\Documents and Settings\Jolly\My Documents\Downloads\FRST.exe 2014-03-25 12:21:04 BA63FE28CD27A9B3501883689EBE4D5C 821560 ----a-w- C:\Documents and Settings\Jolly\Desktop\mbar\Plugins\fixdamage.exe 2014-03-25 12:21:04 7C3400A4EAE86C697F74756F783B9DA3 1180472 ----a-w- C:\Documents and Settings\Jolly\Desktop\mbar\mbar.exe 2014-03-25 12:19:40 99D69C3E87FE1556B76886F778480E2D 12589848 ----a-w- C:\Documents and Settings\Jolly\My Documents\Downloads\mbar-1.07.0.1009.exe 2014-03-24 18:22:40 A38C1A7D8D8F4428CD8E96F3F2B6E046 580608 ----a-w- C:\cmdcons\autofmt.exe 2014-03-24 18:22:40 23043C91A0F9DFB4B9E9F87B680863B4 588800 ----a-w- C:\cmdcons\autochk.exe 2014-03-24 18:15:08 F042EE4C8D66248D9B86DCF52ABAE416 256000 ----a-w- C:\WINDOWS\PEV.exe 2014-03-24 18:15:08 9E05A9C264C8A908A8E79450FCBFF047 80412 ----a-w- C:\WINDOWS\grep.exe 2014-03-24 18:15:08 5E832F4FAF5F481F2EAF3B3A48F603B8 68096 ----a-w- C:\WINDOWS\zip.exe 2014-03-24 18:15:08 0297C72529807322B152F517FDB0A9FC 406528 ----a-w- C:\WINDOWS\SWSC.exe 2014-03-24 18:15:08 0277C027A26428DB64EF4F64F52BB4FD 208896 ----a-w- C:\WINDOWS\MBR.exe 2014-03-19 21:20:11 76ABC2E6E523CAA734DA6389D9359E32 139264 ----a-w- C:\Documents and Settings\Jolly\My Documents\Downloads\Photo_17.JPEG-FACEBOOK.COM.exe === C: other files == 2014-03-25 12:23:00 024ACCA2F972EE094EB0F4289F2FA893 107224 ----a-w- C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys 2014-03-25 12:21:19 6F0D0617310A677360B7EB6D2D59086E 52312 ----a-w- C:\WINDOWS\system32\drivers\mbamchameleon.sys 2014-03-24 18:18:31 44A8E619C4A9C390EC722DAC0CE201BD 6925 ----a-w- C:\Qoobox\BackEnv\SetPath.bat 2014-03-20 17:27:43 7E1C072961BE0D108C81AB91BD89D687 957290 ----a-w- C:\Documents and Settings\Jolly\Desktop\Old Firefox Data\u50vzrml(2).default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi 2014-03-20 17:27:39 06D55D82E7DACC8680844BF5917746F6 557420 ----a-w- C:\Documents and Settings\Jolly\Desktop\Old Firefox Data\u50vzrml(2).default\extensions\toolbar_SGT-V7@apn.ask.com.xpi ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-21-329068152-1326574676-1606980848-1003\Software\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" "NextLive"="C:\WINDOWS\system32\rundll32.exe C:\Documents and Settings\Jolly\Application Data\newnext.me\nengine.dll,EntryPoint -m l" [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "nltide_2"="regsvr32 /s /n /i:U shell32" "nltide_3"="rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N" [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce] "nltide_2"="regsvr32 /s /n /i:U shell32" "nltide_3"="rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDCPL"="RTHDCPL.EXE" "Alcmtr"="ALCMTR.EXE" "SkyTel"="SkyTel.EXE" "PAC7302_Monitor"="C:\WINDOWS\PixArt\PAC7302\Monitor.exe" "Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "AVG_TRAY"="C:\Program Files\AVG\AVG2012\avgtray.exe" "ApnTBMon"="C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe" "RemoteControl"="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" "LanguageShortcut"="C:\Program Files\CyberLink\PowerDVD\Language\Language.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" "NextLive"="C:\WINDOWS\system32\rundll32.exe C:\Documents and Settings\Jolly\Application Data\newnext.me\nengine.dll,EntryPoint -m l" ==== Startup Registry Disabled ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AnalogClock] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="AnalogClock" "hkey"="HKCU" "command"="C:\\Program Files\\Windows7\\Analog Clock\\AnalogClock.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\KRun] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="RunMe" "hkey"="HKLM" "command"="C:\\Program Files\\Windows7\\RunMe\\RunMe.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Pie Dock] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Windows 7 Pie Dock" "hkey"="HKLM" "command"="\"C:\\Program Files\\Windows7\\Windows 7 Pie Dock\\Windows 7 Pie Dock.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RocketDock] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="RocketDock" "hkey"="HKCU" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\TransBar] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="TransBar" "hkey"="HKCU" "command"="C:\\Program Files\\Windows7\\TransBar\\TransBar.exe /s" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Viena Explorer] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Vienna Explorer" "hkey"="HKLM" "command"="\"C:\\Program Files\\Windows7\\Vienna Explorer\\Vienna Explorer.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Visual Task Tips] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="VisualTaskTips" "hkey"="HKLM" "command"="\"C:\\Program Files\\Windows7\\VisualTaskTips\\VisualTaskTips.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-] "x.exe"="\"C:\\WINDOWS\\system32\\algv.exe\"" "algv.exe"="C:\\WINDOWS\\system32\\algv.exe" "AtiPTA"="atiptaxx.exe" "SunJavaUpdateSched"="\"C:\\Program Files\\Common Files\\Java\\Java Update\\jusched.exe\"" "GrooveMonitor"="\"C:\\Program Files\\Microsoft Office\\Office12\\GrooveMonitor.exe\"" "PAC7302_Monitor"="C:\\WINDOWS\\PixArt\\PAC7302\\Monitor.exe" "KernelFaultCheck"="%systemroot%\\system32\\dumprep 0 -k" ==== Task Scheduler Jobs ====================== C:\WINDOWS\tasks\Browser Manager.job --a------ C:\WINDOWS\system32\sc.exe [04.08.2004 13:00] C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-329068152-1326574676-1606980848-500Core.job --a------ [Undetermined Task] C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-329068152-1326574676-1606980848-500UA.job --a------ [Undetermined Task] C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [23.11.2012 11:28] C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [23.11.2012 11:28] ==== Firefox Extensions ====================== ProfilePath: C:\Documents and Settings\ADMINI~1\Application Data\Mozilla\Firefox\Profiles\ifv1b0db.default - Undetermined - C:\Documents and Settings\Administrator\Application Data\Mozilla\Extensions\speedanalysis@SpeedAnalysis.com - Instrument Test - %ProfilePath%\extensions\testpilot@labs.mozilla.com.xpi ==== Firefox Plugins ====================== Profilepath: C:\Documents and Settings\Jolly\Application Data\Mozilla\Firefox\Profiles\dus1jqqw.default 04ACC61B47857E779CD92D1D88770BF1 - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll - Adobe Acrobat 77B09C2C6F407531447DA75E3ACD1C5B - C:\Program Files\Adobe\Reader 10.0\Reader\browser\nppdf32.dll - Adobe Acrobat 5B92CB0A3EEE50F6B9AE036B4F9B0F0C - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll - Google Earth Plugin A3E477ACDA2C5A427E56FB075ADEB536 - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_110.dll - Shockwave Flash 6768C724599214E4F9ADD9F8FF5097EB - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll - Java(TM) Platform SE 7 U45 28000D7EEB2FD95A36E1A7539F599C3B - C:\Program Files\Windows Media Player\npdrmv2.dll - Microsoft® DRM 5D41BCD19A3D90E4EBB58A6BFB79E4F7 - C:\Program Files\Windows Media Player\npdsplay.dll - Windows Media Player Plug-in Dynamic Link Library 8B6884E3E1E5F8ABA5FA0C6A2B13181D - C:\Program Files\Windows Media Player\npwmsdrm.dll - Microsoft® DRM F0B8C822A200250EDF60049F07E4CC41 - C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll - RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) 30257426F6DA31808C6698EC01DE2D97 - C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll - RealPlayer Version Plugin 68A131335A20B343923A2957EB1E413D - C:\WINDOWS\system32\npptools.dll - Microsoft® Windows® Operating System Profilepath: C:\Documents and Settings\Jolly\Application Data\Mozilla\Firefox\Profiles\u50vzrml.default F891089A6AB9E12FEDEBCC5EC0F40D66 - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll - Shockwave Flash BE501CBC29B2025A263D80D399F1797A - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll - Silverlight Plug-In A3E477ACDA2C5A427E56FB075ADEB536 - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_110.dll - Shockwave Flash 28000D7EEB2FD95A36E1A7539F599C3B - C:\Program Files\Windows Media Player\npdrmv2.dll - Microsoft® DRM 5D41BCD19A3D90E4EBB58A6BFB79E4F7 - C:\Program Files\Windows Media Player\npdsplay.dll - Windows Media Player Plug-in Dynamic Link Library 8B6884E3E1E5F8ABA5FA0C6A2B13181D - C:\Program Files\Windows Media Player\npwmsdrm.dll - Microsoft® DRM B27CCB1168B1960AEC6E9D3E0E0F0D2A - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrlui.dll - Microsoft® Silverlight Profilepath: C:\Documents and Settings\Jolly\Application Data\Mozilla\Firefox\Profiles\wzsvn3s6.default-1395336451593 F891089A6AB9E12FEDEBCC5EC0F40D66 - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll - Shockwave Flash BE501CBC29B2025A263D80D399F1797A - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll - Silverlight Plug-In A3E477ACDA2C5A427E56FB075ADEB536 - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_110.dll - Shockwave Flash 28000D7EEB2FD95A36E1A7539F599C3B - C:\Program Files\Windows Media Player\npdrmv2.dll - Microsoft® DRM 5D41BCD19A3D90E4EBB58A6BFB79E4F7 - C:\Program Files\Windows Media Player\npdsplay.dll - Windows Media Player Plug-in Dynamic Link Library 8B6884E3E1E5F8ABA5FA0C6A2B13181D - C:\Program Files\Windows Media Player\npwmsdrm.dll - Microsoft® DRM B27CCB1168B1960AEC6E9D3E0E0F0D2A - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrlui.dll - Microsoft® Silverlight ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions kdidombaedgpfiiedeimiebkmbilgmlc - C:\Program Files\DefaultTab\DefaultTab.crx[] MB2 - Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ablnpmdakdiclnimkjfcaibpgjhapkbl SearchNewTab - Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aiandoahncplajbeaafmkhhfjbgbhmbe Google Drive - Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo SpeedAnalysis.com - Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\cfcbmgbfdbijmjgjihagbomfbjfjmgon Google Search - Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Vauodix - Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\hbmahjecbjegdnbngflmdggiacnpbgna AVG Safe Search - Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla VuaudiX - Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kghmgfajlhdopndimbpajknhniekgcdo Skype for Chromium - Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl SearchNewTab - Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mddjafgnfckmhegibpeohbipclfgelpg AVG Do Not Track - Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof Settings Protector - Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pgafcinpmmpklohkojmllohdhomoefph Gmail - Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia MB2 - Administrator\Local Settings\Application Data\Torch\User Data\Default\Extensions\ablnpmdakdiclnimkjfcaibpgjhapkbl SearchNewTab - Administrator\Local Settings\Application Data\Torch\User Data\Default\Extensions\aiandoahncplajbeaafmkhhfjbgbhmbe Babylon Toolbar - Administrator\Local Settings\Application Data\Torch\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb SiteAdvisor - Administrator\Local Settings\Application Data\Torch\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho DealPly - Administrator\Local Settings\Application Data\Torch\User Data\Default\Extensions\gaiilaahiahdejapggenmdmafpmbipje Vauodix - Administrator\Local Settings\Application Data\Torch\User Data\Default\Extensions\hbmahjecbjegdnbngflmdggiacnpbgna AVG Safe Search - Administrator\Local Settings\Application Data\Torch\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla VuaudiX - Administrator\Local Settings\Application Data\Torch\User Data\Default\Extensions\kghmgfajlhdopndimbpajknhniekgcdo Ask Video Search - Administrator\Local Settings\Application Data\Torch\User Data\Default\Extensions\khfhickdpicdaakidammlhdmhhpgfmkc Torch Helper - Administrator\Local Settings\Application Data\Torch\User Data\Default\Extensions\lecpjhggilhbceadobnggaagnpfpafhg Ask Image Search - Administrator\Local Settings\Application Data\Torch\User Data\Default\Extensions\maenakfpbfmdigldjpegddiphokaodjh SearchNewTab - Administrator\Local Settings\Application Data\Torch\User Data\Default\Extensions\mddjafgnfckmhegibpeohbipclfgelpg AVG Do Not Track - Administrator\Local Settings\Application Data\Torch\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof LiveVDO plugin - Administrator\Local Settings\Application Data\Torch\User Data\Default\Extensions\pbiamblgmkgbcgbcgejjgebalncpmhnp Settings Protector - Administrator\Local Settings\Application Data\Torch\User Data\Default\Extensions\pgafcinpmmpklohkojmllohdhomoefph DefaultTab - Jolly\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc Google Wallet - Jolly\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda DefaultTab - LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc DefaultTab - NetworkService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc ==== Chrome Fix ====================== C:\Documents and Settings\Administrator\Local Settings\Application Data\Torch\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb deleted successfully C:\Documents and Settings\Jolly\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc deleted successfully C:\Documents and Settings\LocalService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc deleted successfully C:\Documents and Settings\NetworkService\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc deleted successfully C:\Documents and Settings\Jolly\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\chrome-extension_kdidombaedgpfiiedeimiebkmbilgmlc_0.localstorage deleted successfully C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aiandoahncplajbeaafmkhhfjbgbhmbe deleted successfully C:\Documents and Settings\Administrator\Local Settings\Application Data\Torch\User Data\Default\Extensions\aiandoahncplajbeaafmkhhfjbgbhmbe deleted successfully C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mddjafgnfckmhegibpeohbipclfgelpg deleted successfully C:\Documents and Settings\Administrator\Local Settings\Application Data\Torch\User Data\Default\Extensions\mddjafgnfckmhegibpeohbipclfgelpg deleted successfully C:\Documents and Settings\Administrator\Local Settings\Application Data\Torch\User Data\Default\Extensions\gaiilaahiahdejapggenmdmafpmbipje deleted successfully C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\hbmahjecbjegdnbngflmdggiacnpbgna deleted successfully C:\Documents and Settings\Administrator\Local Settings\Application Data\Torch\User Data\Default\Extensions\hbmahjecbjegdnbngflmdggiacnpbgna deleted successfully C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kghmgfajlhdopndimbpajknhniekgcdo deleted successfully C:\Documents and Settings\Administrator\Local Settings\Application Data\Torch\User Data\Default\Extensions\kghmgfajlhdopndimbpajknhniekgcdo deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search] "SearchAssistant"="http://search.phpnuke.org/?lang=en&cid=457c4dfc&q={searchTerms}" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] No DefaultScope Set For HKCU New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search] "SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2B1E51D87B2D71A44BB42DDD5E894160 deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{56681F19-5CBC-3A95-E818-9E44D57EE13E} deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{8527CD63-A9D2-913C-8AD4-8089228E3DF3} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{8D15E1B2-D2B7-4A17-B44B-D2DDE5981406} deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\DefaultTab deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\outobox deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\ilividmoviestoolbarhaIE deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Windows Searchqu Toolbar deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\BS_Player Toolbar deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\2B1E51D87B2D71A44BB42DDD5E894160 deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RocketDock deleted successfully ==== Empty IE Cache ====================== C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully C:\Documents and Settings\Jolly\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== C:\Documents and Settings\Administrator\Local Settings\Application Data\Mozilla\Firefox\Profiles\ifv1b0db.default\Cache emptied successfully C:\Documents and Settings\Jolly\Local Settings\Application Data\Mozilla\Firefox\Profiles\u50vzrml.default\Cache emptied successfully ==== Empty Chrome Cache ====================== C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache emptied successfully C:\Documents and Settings\Administrator\Local Settings\Application Data\Torch\User Data\Default\Cache emptied successfully C:\Documents and Settings\Jolly\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=5134 folders=650 395277175 bytes) ==== Empty Temp Folders ====================== C:\Documents and Settings\Administrator\Local Settings\Temp emptied successfully C:\Documents and Settings\Default User\Local Settings\Temp emptied successfully C:\Documents and Settings\Jolly\Local Settings\Temp will be emptied at reboot C:\Documents and Settings\LocalService\Local Settings\Temp emptied successfully C:\Documents and Settings\NetworkService\Local Settings\Temp emptied successfully C:\WINDOWS\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\WINDOWS\Temp successfully emptied C:\DOCUME~1\Jolly\LOCALS~1\Temp successfully emptied ==== Empty Recycle Bin ====================== Ovo je izvještaj zoek-a. Sad ću da uradim i drugi korak koji ste naveli i prikačiti izještaj. C:\RECYCLER successfully emptied ==== Deleting Files / Folders ====================== "C:\Documents and Settings\Jolly\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not found ==== EOF on sre 26.03.2014 at 0:05:38,31 ====================== Dopuna: 26 Mar 2014 0:19 A evo i drugog izještaja. 00:15:33.0531 0x0910 TDSS rootkit removing tool 3.0.0.26 Mar 24 2014 07:28:43 00:15:47.0890 0x0910 ============================================================ 00:15:47.0890 0x0910 Current date / time: 2014/03/26 00:15:47.0890 00:15:47.0890 0x0910 SystemInfo: 00:15:47.0890 0x0910 00:15:47.0890 0x0910 OS Version: 5.1.2600 ServicePack: 3.0 00:15:47.0890 0x0910 Product type: Workstation 00:15:47.0890 0x0910 ComputerName: XPWINDOWS7 00:15:47.0890 0x0910 UserName: Jolly 00:15:47.0890 0x0910 Windows directory: C:\WINDOWS 00:15:47.0890 0x0910 System windows directory: C:\WINDOWS 00:15:47.0890 0x0910 Processor architecture: Intel x86 00:15:47.0890 0x0910 Number of processors: 1 00:15:47.0890 0x0910 Page size: 0x1000 00:15:47.0890 0x0910 Boot type: Normal boot 00:15:47.0890 0x0910 ============================================================ 00:15:52.0734 0x0910 KLMD registered as C:\WINDOWS\system32\drivers\61248995.sys 00:15:52.0828 0x0910 System UUID: {3ABC84C9-8E9A-0520-0938-8B9ED049C28F} 00:15:53.0703 0x0910 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054 00:15:53.0718 0x0910 ============================================================ 00:15:53.0718 0x0910 \Device\Harddisk0\DR0: 00:15:53.0718 0x0910 MBR partitions: 00:15:53.0718 0x0910 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x9C41AD8 00:15:53.0734 0x0910 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x9C41B56, BlocksNum 0x8DD30AA 00:15:53.0734 0x0910 ============================================================ 00:15:53.0781 0x0910 C: <-> \Device\Harddisk0\DR0\Partition1 00:15:53.0796 0x0910 D: <-> \Device\Harddisk0\DR0\Partition2 00:15:53.0859 0x0910 ============================================================ 00:15:53.0859 0x0910 Initialize success 00:15:53.0859 0x0910 ============================================================ 00:16:06.0500 0x0de0 ============================================================ 00:16:06.0500 0x0de0 Scan started 00:16:06.0500 0x0de0 Mode: Manual; 00:16:06.0500 0x0de0 ============================================================ 00:16:06.0500 0x0de0 KSN ping started 00:16:09.0625 0x0de0 KSN ping finished: true 00:16:11.0000 0x0de0 ================ Scan system memory ======================== 00:16:11.0000 0x0de0 System memory - ok 00:16:11.0015 0x0de0 ================ Scan services ============================= 00:16:11.0187 0x0de0 [ 7CD94733F81127159C974F6A963580F2, 9346608B33A23981530012E37453D9FE146DCE4DAB372E9EF2E18E8FA4D23B99 ] A5AGU C:\WINDOWS\system32\DRIVERS\A5AGU.sys 00:16:11.0218 0x0de0 A5AGU - ok 00:16:11.0375 0x0de0 Abiosdsk - ok 00:16:11.0390 0x0de0 abp480n5 - ok 00:16:11.0437 0x0de0 [ 8FD99680A539792A30E97944FDAECF17, 594F8E0C3695400B0C09A797AF6BDFAC6F750ECD67D0EE803914C572B1DCC43C ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys 00:16:11.0453 0x0de0 ACPI - ok 00:16:11.0484 0x0de0 [ 9859C0F6936E723E4892D7141B1327D5, 5E8F6A2FC4DF2E5E92A1D66ECC2810E08B42B64E9CD0DF4AD3F78EA8558B90AF ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys 00:16:11.0484 0x0de0 ACPIEC - ok 00:16:11.0484 0x0de0 adpu160m - ok 00:16:11.0531 0x0de0 [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] aec C:\WINDOWS\system32\drivers\aec.sys 00:16:11.0562 0x0de0 aec - ok 00:16:11.0578 0x0de0 [ 322D0E36693D6E24A2398BEE62A268CD, FB0BFF5846E50DBCC2826639318A6A1DE79EE7DEA2719ED74A5F6F44454E13D0 ] AFD C:\WINDOWS\System32\drivers\afd.sys 00:16:11.0593 0x0de0 AFD - ok 00:16:11.0593 0x0de0 Aha154x - ok 00:16:11.0609 0x0de0 aic78u2 - ok 00:16:11.0625 0x0de0 aic78xx - ok 00:16:11.0671 0x0de0 [ A9A3DAA780CA6C9671A19D52456705B4, 67C959144B57AE0BBF1D82DBED197F32CDB06FECD883A80C441A0202FE83FAB4 ] Alerter C:\WINDOWS\system32\alrsvc.dll 00:16:11.0671 0x0de0 Alerter - ok 00:16:11.0687 0x0de0 [ 8C515081584A38AA007909CD02020B3D, A5E13CA10F702928E0DE84C74D0EA8ACCB117FD76FBABC55220C75C4FFD596DC ] ALG C:\WINDOWS\System32\alg.exe 00:16:11.0687 0x0de0 ALG - ok 00:16:11.0703 0x0de0 AliIde - ok 00:16:11.0718 0x0de0 amsint - ok 00:16:11.0750 0x0de0 [ D8849F77C0B66226335A59D26CB4EDC6, 4990031453204C57E36E850252A39B05D6ECDAB9E71A8136FB4900F17E59C9CA ] AppMgmt C:\WINDOWS\System32\appmgmts.dll 00:16:11.0750 0x0de0 AppMgmt - ok 00:16:11.0765 0x0de0 asc - ok 00:16:11.0781 0x0de0 asc3350p - ok 00:16:11.0796 0x0de0 asc3550 - ok 00:16:11.0875 0x0de0 [ 0E5E4957549056E2BF2C49F4F6B601AD, F7F19FDC906B719A3516D30A9B4A2262C8CC5B36B94E3D4195C345EC4610FF2B ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe 00:16:11.0875 0x0de0 aspnet_state - ok 00:16:11.0890 0x0de0 [ B153AFFAC761E7F5FCFA822B9C4E97BC, 7E60F572A6B3C6219E3C86225AA37243AFFD74337DB7F108B04778042E5CC959 ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys 00:16:11.0906 0x0de0 AsyncMac - ok 00:16:11.0921 0x0de0 [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys 00:16:11.0921 0x0de0 atapi - ok 00:16:11.0968 0x0de0 [ 8048E8D1D56C03C85B72A4E7A3FD4312, 96AA9C36704CBCE03102E7260E717BAD42906221854D65077BE454A656A2BCD8 ] AtcL001 C:\WINDOWS\system32\DRIVERS\atl01_xp.sys 00:16:11.0968 0x0de0 AtcL001 - ok 00:16:11.0968 0x0de0 Atdisk - ok 00:16:12.0031 0x0de0 [ E02ABC15C3428809F7BCB82571633575, F9BC9E21E46D432466709B328CFDE00731D094A942C344E15E80EACB3CB4C0E4 ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe 00:16:12.0093 0x0de0 Ati HotKey Poller - ok 00:16:12.0156 0x0de0 [ 3AE69EA1AF3D65C362869D6DEC0CFA52, FEC58A06ADA4401A0F3F956723B75079F038DF5703064ED0B01BF7D6140BC070 ] ATI Smart C:\WINDOWS\system32\ati2sgag.exe 00:16:12.0203 0x0de0 ATI Smart - ok 00:16:12.0375 0x0de0 [ EC2743BF722D4356375A0A01B69A81E0, 115EB1805D37BC24DB16B184AEC755BCEC88938ED2C1A5165A070529267CFAF8 ] ati2mtag C:\WINDOWS\system32\DRIVERS\ati2mtag.sys 00:16:12.0515 0x0de0 ati2mtag - ok 00:16:12.0578 0x0de0 [ 9916C1225104BA14794209CFA8012159, 5D6F05F715C52A16D05CAE15C3DFE77A139A7F27F7AE710EC9A10F9EE05115A1 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys 00:16:12.0578 0x0de0 Atmarpc - ok 00:16:12.0593 0x0de0 [ DEF7A7882BEC100FE0B2CE2549188F9D, 462C95B63D0A1058291A2DC8CBFCB13D7D74CCD1CA43B613A7EB43D49E3276F8 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll 00:16:12.0593 0x0de0 AudioSrv - ok 00:16:12.0625 0x0de0 [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys 00:16:12.0640 0x0de0 audstub - ok 00:16:12.0687 0x0de0 [ D63D83659EEDF60B3A3E620281A888E5, 25516B505832F8BF3DE5FD7DE8E6C2C1F2C0FBB622501503AF64584AB5ED936E ] AVGIDSHX C:\WINDOWS\system32\DRIVERS\avgidshx.sys 00:16:12.0703 0x0de0 AVGIDSHX - ok 00:16:12.0750 0x0de0 [ 6671345A6E2669AF1966BAF68EC5620F, 30D24160252532E7CBF8030D4A905D0ED7A7CE83DF183287ED53C3476C801D11 ] Avgldx86 C:\WINDOWS\system32\DRIVERS\avgldx86.sys 00:16:12.0765 0x0de0 Avgldx86 - ok 00:16:12.0796 0x0de0 [ CCDD61545AAEA265977E4B1EFDC74E8C, A41CBDADC80DAD0D4F22E04A6F158C35E6C47A5A8B71CAB8B51F6CEF92607722 ] Avgmfx86 C:\WINDOWS\system32\DRIVERS\avgmfx86.sys 00:16:12.0796 0x0de0 Avgmfx86 - ok 00:16:12.0812 0x0de0 [ 1FD90B28D2C3100BF4500199C8AD6358, 514FB89932B1636D2FE893ABABB24FF6D0C4E494AF4DD3810CA09E15D4270538 ] Avgrkx86 C:\WINDOWS\system32\DRIVERS\avgrkx86.sys 00:16:12.0812 0x0de0 Avgrkx86 - ok 00:16:12.0859 0x0de0 [ 1647C720358DCC98ACF51E597C461C4D, 701432883A0652A27587D1DA6A29E1F03778A05F95161F260B9CA90F6453AAB2 ] Avgtdix C:\WINDOWS\system32\DRIVERS\avgtdix.sys 00:16:12.0875 0x0de0 Avgtdix - ok 00:16:12.0984 0x0de0 [ EA1145DEBCD508FD25BD1E95C4346929, E6D9C84C61DBD69726E4B5BB081B53330E9F7662374D539CF25D8EE3539B9885 ] avgwd C:\Program Files\AVG\AVG2012\avgwdsvc.exe 00:16:13.0000 0x0de0 avgwd - ok 00:16:13.0046 0x0de0 [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep C:\WINDOWS\system32\drivers\Beep.sys 00:16:13.0046 0x0de0 Beep - ok 00:16:13.0109 0x0de0 [ 574738F61FCA2935F5265DC4E5691314, 3C7CCF064397186C3A3863DD2370AB6414A61B330097DCA4F299CA7BBAA3D1B4 ] BITS C:\WINDOWS\system32\qmgr.dll 00:16:13.0171 0x0de0 BITS - ok 00:16:13.0203 0x0de0 [ A06CE3399D16DB864F55FAEB1F1927A9, 3430FA8552D91670D9FB0A921C735ADBE2DA7FF108C199DDEEF2FB2E50713AF3 ] Browser C:\WINDOWS\System32\browser.dll 00:16:13.0218 0x0de0 Browser - ok 00:16:13.0234 0x0de0 [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys 00:16:13.0250 0x0de0 cbidf2k - ok 00:16:13.0296 0x0de0 [ 0BE5AEF125BE881C4F854C554F2B025C, 1770DD70B3F115A0EF460907DEDC1E4B7241C08615A98F194D61A49C3E2BAA54 ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys 00:16:13.0296 0x0de0 CCDECODE - ok 00:16:13.0312 0x0de0 cd20xrnt - ok 00:16:13.0359 0x0de0 [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys 00:16:13.0359 0x0de0 Cdaudio - ok 00:16:13.0390 0x0de0 [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys 00:16:13.0390 0x0de0 Cdfs - ok 00:16:13.0406 0x0de0 [ 1F4260CC5B42272D71F79E570A27A4FE, B51C2A3ED3C309953D0EA45869C8E464C10F2533DADE9E0286AF674979098D1D ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys 00:16:13.0406 0x0de0 Cdrom - ok 00:16:13.0421 0x0de0 Changer - ok 00:16:13.0437 0x0de0 [ 1CFE720EB8D93A7158A4EBC3AB178BDE, 65D2A9D9A88F38D4AF323134C151BA0F4B3CD0F6A134AF86E7AC9D07319F1726 ] CiSvc C:\WINDOWS\system32\cisvc.exe 00:16:13.0437 0x0de0 CiSvc - ok 00:16:13.0468 0x0de0 [ 95312211D0B40B1697B40133700E2324, D4791F03CAE662C0C00EF7DA4963077E07099AE100699DB5C511550A6EE82390 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe 00:16:13.0468 0x0de0 ClipSrv - ok 00:16:13.0515 0x0de0 [ D87ACAED61E417BBA546CED5E7E36D9C, 14AC6034A5BC0FB2A1AFDAD42BEF4DE641556E54AD30D0C46765660A4BE55462 ] clr_optimization_v2.0.50727_32 c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 00:16:13.0546 0x0de0 clr_optimization_v2.0.50727_32 - ok 00:16:13.0593 0x0de0 [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 00:16:13.0609 0x0de0 clr_optimization_v4.0.30319_32 - ok 00:16:13.0609 0x0de0 CmdIde - ok 00:16:13.0625 0x0de0 COMSysApp - ok 00:16:13.0656 0x0de0 Cpqarray - ok 00:16:13.0687 0x0de0 [ 3D4E199942E29207970E04315D02AD3B, 0825960894CF9C86CC8775BDD2A262948A09CA495AA7FE9F210FAF49E7086383 ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll 00:16:13.0703 0x0de0 CryptSvc - ok 00:16:13.0703 0x0de0 dac2w2k - ok 00:16:13.0718 0x0de0 dac960nt - ok 00:16:13.0781 0x0de0 [ 2589FE6015A316C0F5D5112B4DA7B509, 2753785BA07A1A7A25E275332F5F9F403F6E8CBF396FD0905D6BA84B98C403A6 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll 00:16:13.0812 0x0de0 DcomLaunch - ok 00:16:13.0828 0x0de0 [ 5E38D7684A49CACFB752B046357E0589, F192AD4190BCFB6939A5CBC91648FE63168AF79A5E227A111DEAD6A92E42AB8D ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll 00:16:13.0828 0x0de0 Dhcp - ok 00:16:13.0843 0x0de0 [ 044452051F3E02E7963599FC8F4F3E25, 584BDDB074618BE76454CF90E74829CFF588B5B5FAEB793E2F7AAD26352DD689 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys 00:16:13.0859 0x0de0 Disk - ok 00:16:13.0859 0x0de0 dmadmin - ok 00:16:13.0953 0x0de0 [ D992FE1274BDE0F84AD826ACAE022A41, C82BD6561A14F2932A761F5883A787B99031250EE5E9B7B5714AA045545C9B99 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys 00:16:13.0984 0x0de0 dmboot - ok 00:16:14.0000 0x0de0 [ 7C824CF7BBDE77D95C08005717A95F6F, A73CB323B7A6410C3D3F258BF204E716ADF8C84C9E4F6562C57AB73DAED8CCDE ] dmio C:\WINDOWS\system32\drivers\dmio.sys 00:16:14.0015 0x0de0 dmio - ok 00:16:14.0046 0x0de0 [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload C:\WINDOWS\system32\drivers\dmload.sys 00:16:14.0046 0x0de0 dmload - ok 00:16:14.0062 0x0de0 [ 57EDEC2E5F59F0335E92F35184BC8631, 61F6F0DC2D1A6C61D5EF0D5CC4BE0FFC217F1E61FDA3EA9F704709293656600F ] dmserver C:\WINDOWS\System32\dmserver.dll 00:16:14.0062 0x0de0 dmserver - ok 00:16:14.0109 0x0de0 [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84313CC68178D54F ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys 00:16:14.0125 0x0de0 DMusic - ok 00:16:14.0156 0x0de0 [ 474B4DC3983173E4B4C9740B0DAC98A6, C0B1B5B3A87529FFA93BCFCC2BC013A96CAD7F5049ED4D999E8D5D9AC91F95B7 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll 00:16:14.0156 0x0de0 Dnscache - ok 00:16:14.0187 0x0de0 [ 0F0F6E687E5E15579EF4DA8DD6945814, 5C32D88119EB1465B2D719BEE2E05888D1A73454B5E33F2D4928DA710F8BFBA3 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll 00:16:14.0187 0x0de0 Dot3svc - ok 00:16:14.0203 0x0de0 dpti2o - ok 00:16:14.0234 0x0de0 [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692ED7A8F58399AD5 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys 00:16:14.0234 0x0de0 drmkaud - ok 00:16:14.0296 0x0de0 [ 687AF6BB383885FF6A64071B189A7F3E, 1C751B8DD27F63E88D0223A8434CED7589AC00EC6275938C59D1B954F0354F78 ] dtsoftbus01 C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys 00:16:14.0328 0x0de0 dtsoftbus01 - ok 00:16:14.0359 0x0de0 [ 2187855A7703ADEF0CEF9EE4285182CC, 8233CC11F637866C0074043835A785EA2B616739B6B1181B143A253CF2508CFD ] EapHost C:\WINDOWS\System32\eapsvc.dll 00:16:14.0375 0x0de0 EapHost - ok 00:16:14.0406 0x0de0 [ BC93B4A066477954555966D77FEC9ECB, 27F5B780175EF46DA102EE33F7F33559C8B40C077EEA4405D579D9507F4B1C23 ] ERSvc C:\WINDOWS\System32\ersvc.dll 00:16:14.0406 0x0de0 ERSvc - ok 00:16:14.0437 0x0de0 [ 0E776ED5F7CC9F94299E70461B7B8185, 22750B3829133D1D4BB3CE2FA6247BE2373B5D15A6ED1C8A71673AA1CE7D9530 ] Eventlog C:\WINDOWS\system32\services.exe 00:16:14.0453 0x0de0 Eventlog - ok 00:16:14.0546 0x0de0 [ 19A799805B24990867B00C120D300C3A, 3C8CB64BE0508B5136D4F4919DA665AB86366EFFFFDD890A9B27E7CE39DCF098 ] EventSystem C:\WINDOWS\system32\es.dll 00:16:14.0562 0x0de0 EventSystem - ok 00:16:14.0625 0x0de0 [ 38D332A6D56AF32635675F132548343E, E6909DB836AF679B4F4D62C7396D6C82769CC7ABB8C919C2AABFE934FCE268F6 ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys 00:16:14.0625 0x0de0 Fastfat - ok 00:16:14.0656 0x0de0 [ 1926899BF9FFE2602B63074971700412, F5C48EDBE5C6507527630B49C95BAA9F1E47EACC5A910F2B9A4528733E81A966 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll 00:16:14.0671 0x0de0 FastUserSwitchingCompatibility - ok 00:16:14.0703 0x0de0 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys 00:16:14.0703 0x0de0 Fdc - ok 00:16:14.0718 0x0de0 [ D45926117EB9FA946A6AF572FBE1CAA3, 4C94EF009D778BE0BDF8F812F026B96F91F641BE30AA2531427A5E63DBD280DA ] Fips C:\WINDOWS\system32\drivers\Fips.sys 00:16:14.0718 0x0de0 Fips - ok 00:16:14.0750 0x0de0 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys 00:16:14.0750 0x0de0 Flpydisk - ok 00:16:14.0796 0x0de0 [ B2CF4B0786F8212CB92ED2B50C6DB6B0, 280F5CF8A90F7BEDE73ADD0DD0F8952088133A7CA9A3D3B7041957E33B36845D ] FltMgr C:\WINDOWS\system32\DRIVERS\fltMgr.sys 00:16:14.0812 0x0de0 FltMgr - ok 00:16:14.0828 0x0de0 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys 00:16:14.0843 0x0de0 Fs_Rec - ok 00:16:14.0875 0x0de0 [ 6AC26732762483366C3969C9E4D2259D, FF2C9A23CC17F380093F0BEA955B1925794271C2FEA16B9B7639668E6999BAE3 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys 00:16:14.0875 0x0de0 Ftdisk - ok 00:16:14.0921 0x0de0 [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys 00:16:14.0921 0x0de0 Gpc - ok 00:16:15.0000 0x0de0 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe 00:16:15.0000 0x0de0 gupdate - ok 00:16:15.0015 0x0de0 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe 00:16:15.0015 0x0de0 gupdatem - ok 00:16:15.0046 0x0de0 [ 573C7D0A32852B48F3058CFD8026F511, BC384BBA394AFDCDA1A9ABC858C692AA84A1F0A31AF3DDF7F38D120C027927FB ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys 00:16:15.0046 0x0de0 HDAudBus - ok 00:16:15.0093 0x0de0 [ 4FCCA060DFE0C51A09DD5C3843888BCD, D82417706B517F2610DDF7C86BE03A72EFA9A2A389DF5C8F8ADEAB8144E2C80A ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll 00:16:15.0109 0x0de0 helpsvc - ok 00:16:15.0140 0x0de0 [ DEB04DA35CC871B6D309B77E1443C796, F66A15C9528D661940F1F4CA453B3E95036D68C74C3B8AB53644211DBD3D2F32 ] HidServ C:\WINDOWS\System32\hidserv.dll 00:16:15.0140 0x0de0 HidServ - ok 00:16:15.0171 0x0de0 [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EEAA6335D6A126EC ] hidusb C:\WINDOWS\system32\DRIVERS\hidusb.sys 00:16:15.0171 0x0de0 hidusb - ok 00:16:15.0218 0x0de0 [ 8878BD685E490239777BFE51320B88E9, C5C3ECF6B049B6736E35B39518A8F830B45C45A88FFE8E3A6B7922AD946597E2 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll 00:16:15.0218 0x0de0 hkmsvc - ok 00:16:15.0234 0x0de0 hpn - ok 00:16:15.0265 0x0de0 [ F6AACF5BCE2893E0C1754AFEB672E5C9, 62A7A70515B5570A649DC30A3A122B1302F6839A63927C8B29EBE04ABA654892 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys 00:16:15.0296 0x0de0 HTTP - ok 00:16:15.0359 0x0de0 [ 6100A808600F44D999CEBDEF8841C7A3, 61A75118C327812C60622010985A2E80E79B6FD9030A5732390EE5426E4AF6C9 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll 00:16:15.0375 0x0de0 HTTPFilter - ok 00:16:15.0390 0x0de0 i2omgmt - ok 00:16:15.0390 0x0de0 i2omp - ok 00:16:15.0421 0x0de0 [ 4A0B06AA8943C1E332520F7440C0AA30, DB2452390CCFE67E0C5FEB4FD42CA24ABE2DDD40D0B22DD5F5B8F70416863918 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys 00:16:15.0421 0x0de0 i8042prt - ok 00:16:15.0437 0x0de0 [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys 00:16:15.0437 0x0de0 Imapi - ok 00:16:15.0468 0x0de0 [ 30DEAF54A9755BB8546168CFE8A6B5E1, 3936228CD3125C763ABFCB93E86E4B43838202BCC0913A28E84AC0263B43EE0D ] ImapiService C:\WINDOWS\system32\imapi.exe 00:16:15.0484 0x0de0 ImapiService - ok 00:16:15.0484 0x0de0 ini910u - ok 00:16:15.0718 0x0de0 [ 7385944D4F025BD8C498BFD97981E336, 32D7FE8DC5389E9258172C96DB0B924A4A33F9C4B46F3E06F15D7321DFB01DB2 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys 00:16:15.0921 0x0de0 IntcAzAudAddService - ok 00:16:15.0953 0x0de0 IntelIde - ok 00:16:15.0968 0x0de0 [ 3BB22519A194418D5FEC05D800A19AD0, F6662F440950596DC1382DD1DB5D7891CCEA30A6062BEA942C18445B5F0D8B16 ] Ip6Fw C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys 00:16:15.0984 0x0de0 Ip6Fw - ok 00:16:16.0031 0x0de0 [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys 00:16:16.0031 0x0de0 IpFilterDriver - ok 00:16:16.0046 0x0de0 [ B87AB476DCF76E72010632B5550955F5, E6E74D3A86A7917A8BAED44F8E97CCD2EB171E4E4B27E9907F60D1523FAF319A ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys 00:16:16.0046 0x0de0 IpInIp - ok 00:16:16.0078 0x0de0 [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys 00:16:16.0078 0x0de0 IpNat - ok 00:16:16.0109 0x0de0 [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys 00:16:16.0109 0x0de0 IPSec - ok 00:16:16.0140 0x0de0 [ C93C9FF7B04D772627A3646D89F7BF89, 805FA48E7A46D4F10240BF880A2468F53DEA36E83004399228AB70DB7D20544A ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys 00:16:16.0140 0x0de0 IRENUM - ok 00:16:16.0187 0x0de0 [ 05A299EC56E52649B1CF2FC52D20F2D7, 2654619DB3E6D6C385B63AB02F87D4241C4F0250CC31383D1B3586917166C2DC ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys 00:16:16.0203 0x0de0 isapnp - ok 00:16:16.0312 0x0de0 [ 80A79264302910C7C24BA7E44267EFEF, 6080C233478350C8E07515D20D2D60C3758C4A65432B04E8C8B816248621A3EF ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe 00:16:16.0312 0x0de0 JavaQuickStarterService - ok 00:16:16.0390 0x0de0 [ 463C1EC80CD17420A542B7F36A36F128, E3B11BA26AFEAFB50B0FC168EA07F6049DA6B88BCDDEEE20310602D7FC27A3A7 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys 00:16:16.0390 0x0de0 Kbdclass - ok 00:16:16.0421 0x0de0 [ 9EF487A186DEA361AA06913A75B3FA99, B94EBA4EC6D85E11C81AF9927E9EF0AF2E6FE134CFF1FDB0535B7C5A794B4261 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys 00:16:16.0437 0x0de0 kbdhid - ok 00:16:16.0453 0x0de0 [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B38CEFA9E41D67DC ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys 00:16:16.0453 0x0de0 kmixer - ok 00:16:16.0515 0x0de0 [ 1705745D900DABF2D89F90EBADDC7517, FE90589415BDB3BA482D3EBE1A87A7BF1429791E8F18BCB66BF8874631CC8B2C ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys 00:16:16.0515 0x0de0 KSecDD - ok 00:16:16.0562 0x0de0 [ F385F4B02C535BFFE1D70CAB80838123, A1695E161673BCB77CE150C2D98A07FCB454C53F10EEBECD754D2CC40DEAA1E0 ] LanmanServer C:\WINDOWS\System32\srvsvc.dll 00:16:16.0578 0x0de0 LanmanServer - ok 00:16:16.0625 0x0de0 [ 1B67B632786FEF1C1BBAEF46C2F3F2E6, 48A6DB1EC7515F0DDD0639AEE3056F32C273B4D541F3647915A32ABA140DA34A ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll 00:16:16.0625 0x0de0 lanmanworkstation - ok 00:16:16.0640 0x0de0 lbrtfdc - ok 00:16:16.0687 0x0de0 [ A7DB739AE99A796D91580147E919CC59, EDF4E039BA277B0E6D66FEB0B28096E67D682C09DFC18ECECF062D9DCFB75ACF ] LmHosts C:\WINDOWS\System32\lmhsvc.dll 00:16:16.0687 0x0de0 LmHosts - ok 00:16:16.0703 0x0de0 [ 986B1FF5814366D71E0AC5755C88F2D3, E6AF051174531C24B38E73987755D366ABEC595476C6D17793E8DCCC73F55340 ] Messenger C:\WINDOWS\System32\msgsvc.dll 00:16:16.0703 0x0de0 Messenger - ok 00:16:16.0781 0x0de0 [ FAFE367D032ED82E9332B4C741A20216, 7B123766E360570E0FCB211835B7910D6A1806C25A06BCA9227AB9E993376CA8 ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe 00:16:16.0796 0x0de0 Microsoft Office Groove Audit Service - ok 00:16:16.0828 0x0de0 [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys 00:16:16.0828 0x0de0 mnmdd - ok 00:16:16.0859 0x0de0 [ B3532A87B2560E4DC564D120063281E9, 61A85AA95C4B5E3CAC9FF6C32649615FA06BD7F88372EB3597059A4D039246C6 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe 00:16:16.0859 0x0de0 mnmsrvc - ok 00:16:16.0906 0x0de0 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1, B342CC9EC3729AB1AB4B5E2E99F890C1E0CA649162DE91F6768AB857B719E97B ] Modem C:\WINDOWS\system32\drivers\Modem.sys 00:16:16.0921 0x0de0 Modem - ok 00:16:16.0937 0x0de0 [ 35C9E97194C8CFB8430125F8DBC34D04, 0C0FCE6B0A23FB0ECB92E1663E1C72D2DD5B177D82E04782957690B69530DB39 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys 00:16:16.0937 0x0de0 Mouclass - ok 00:16:16.0953 0x0de0 [ B1C303E17FB9D46E87A98E4BA6769685, 161A45488522055D0F0474ABEDA04DDD0B5DAC2411AF9154B15190BBD66E7153 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys 00:16:16.0953 0x0de0 mouhid - ok 00:16:16.0968 0x0de0 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD, 2A5E15ED2C24C6C65EF2F7E1FD93374774076C9D8D451E4422561F4D269C012F ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys 00:16:16.0984 0x0de0 MountMgr - ok 00:16:17.0046 0x0de0 [ 338037EFA0E8E8699B2667D57B751574, 59E0D39806D0C4EB57913AA013242837FD39AD378726AEE42D250CBA87C1C3BF ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe 00:16:17.0046 0x0de0 MozillaMaintenance - ok 00:16:17.0062 0x0de0 mraid35x - ok 00:16:17.0109 0x0de0 [ 11D42BB6206F33FBB3BA0288D3EF81BD, 76ABCFB62C5AC549F58C231F72A99882CDEB74928104B77FE52554765C2B1A22 ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys 00:16:17.0125 0x0de0 MRxDAV - ok 00:16:17.0156 0x0de0 [ 68755F0FF16070178B54674FE5B847B0, 2FFBCE3A67FA7E30E373624521C602E5510C5565F04381C6C9F961253DA928A6 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 00:16:17.0187 0x0de0 MRxSmb - ok 00:16:17.0234 0x0de0 [ D189FDF74F7834E627E6993DB3C2DFFA, 7E826C1D64946A215C68846C487A6AEAACE47145088A74DC69B7E5B307F343B0 ] MSDTC C:\WINDOWS\system32\msdtc.exe 00:16:17.0234 0x0de0 MSDTC - ok 00:16:17.0265 0x0de0 [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys 00:16:17.0265 0x0de0 Msfs - ok 00:16:17.0281 0x0de0 MSIServer - ok 00:16:17.0343 0x0de0 [ D1575E71568F4D9E14CA56B7B0453BF1, 4ABE0E24786C0D39FA2B885447E56204CA6942FB175E534DCE675D7BCF0B176A ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys 00:16:17.0343 0x0de0 MSKSSRV - ok 00:16:17.0359 0x0de0 [ 325BB26842FC7CCC1FCCE2C457317F3E, C07BE560513B1FB91D756494F0BA4AEEB2E1998DE0E1C21EE83DB1183B0CEE91 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys 00:16:17.0359 0x0de0 MSPCLOCK - ok 00:16:17.0375 0x0de0 [ BAD59648BA099DA4A17680B39730CB3D, 9AD4C7C94C186C8815D0BC75DCAFB962158DA6935A244BA243EDDDEB33F9816C ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys 00:16:17.0375 0x0de0 MSPQM - ok 00:16:17.0421 0x0de0 [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys 00:16:17.0421 0x0de0 mssmbios - ok 00:16:17.0500 0x0de0 [ E53736A9E30C45FA9E7B5EAC55056D1D, 38602F280BF69EBA3706AD175AFC1AEB561A8302B4B61E3FECB3C27D7A9BDB41 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys 00:16:17.0500 0x0de0 MSTEE - ok 00:16:17.0515 0x0de0 [ 2F625D11385B1A94360BFC70AAEFDEE1, 23E4974120233CF1A7BEE48977706A0A55418699379D1450502ABEB24191AC80 ] Mup C:\WINDOWS\system32\drivers\Mup.sys 00:16:17.0515 0x0de0 Mup - ok 00:16:17.0546 0x0de0 [ BFB4FEE6D7976E7DFFB14240F5606BCF, 74196A614B48059621CB2DCF5BB5FFE825C23FC312AA1969F8DCBCCAE1B86E6B ] mv614x C:\WINDOWS\system32\DRIVERS\mv614x.sys 00:16:17.0562 0x0de0 mv614x - ok 00:16:17.0593 0x0de0 [ 5B50F1B2A2ED47D560577B221DA734DB, C16A554B6E1A7F5F98C94DFA88163E0F7426506BF2F51FD351B1A05FC0DB3BC5 ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys 00:16:17.0593 0x0de0 NABTSFEC - ok 00:16:17.0671 0x0de0 [ 0102140028FAD045756796E1C685D695, 5335B8278418CA200E2772124F0602C3E15A5CAF2D5CC59F6785DFAABF339B09 ] napagent C:\WINDOWS\System32\qagentrt.dll 00:16:17.0687 0x0de0 napagent - ok 00:16:17.0843 0x0de0 [ E0E4A1F81A7D69C595A8A9DDAD084C19, 8F55F3637AE8BFFB0ACE37AFC5122026525137E0B2923899B779C1BD08DF0E22 ] NAUpdate C:\Program Files\Nero\Update\NASvc.exe 00:16:17.0921 0x0de0 NAUpdate - ok 00:16:17.0968 0x0de0 [ 1DF7F42665C94B825322FAE71721130D, FE0DCB728471465B39A42A7511F4133021FBA5DF88F88BCB5FE2FF34CFD713F9 ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys 00:16:17.0984 0x0de0 NDIS - ok 00:16:18.0000 0x0de0 [ 7FF1F1FD8609C149AA432F95A8163D97, 18CD1FF5AC1EF8A38D1EC53014F2BADD28D9CDF4ECE2EBC2313D08903776F323 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys 00:16:18.0000 0x0de0 NdisIP - ok 00:16:18.0031 0x0de0 [ 1AB3D00C991AB086E69DB84B6C0ED78F, 1F881FCCF5557C44C078D99CA2DD38D635413D6212DBEDC06A428EDAC7F8B04E ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys 00:16:18.0031 0x0de0 NdisTapi - ok 00:16:18.0062 0x0de0 [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys 00:16:18.0062 0x0de0 Ndisuio - ok 00:16:18.0078 0x0de0 [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys 00:16:18.0093 0x0de0 NdisWan - ok 00:16:18.0109 0x0de0 [ 6215023940CFD3702B46ABC304E1D45A, C767F3A349B365F6E7566C0738E2F62D8FFF8CB4457347E3614BD403BC6CADCB ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys 00:16:18.0125 0x0de0 NDProxy - ok 00:16:18.0125 0x0de0 [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys 00:16:18.0140 0x0de0 NetBIOS - ok 00:16:18.0171 0x0de0 [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys 00:16:18.0187 0x0de0 NetBT - ok 00:16:18.0203 0x0de0 [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDE C:\WINDOWS\system32\netdde.exe 00:16:18.0203 0x0de0 NetDDE - ok 00:16:18.0218 0x0de0 [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe 00:16:18.0218 0x0de0 NetDDEdsdm - ok 00:16:18.0265 0x0de0 [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] Netlogon C:\WINDOWS\system32\lsass.exe 00:16:18.0265 0x0de0 Netlogon - ok 00:16:18.0281 0x0de0 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE, 4E0A67B3CC897E80D4B342FFE8B7B4CC4F6CA2EF2D34C136027A098B2E1C6166 ] Netman C:\WINDOWS\System32\netman.dll 00:16:18.0312 0x0de0 Netman - ok 00:16:18.0390 0x0de0 [ B4138E99236F0F57D4CF49BAE98A0746, DDEAE046C1165C41F06933E808B143118208B02BB83FA80BEF8F550D4DC78149 ] Nla C:\WINDOWS\System32\mswsock.dll 00:16:18.0406 0x0de0 Nla - ok 00:16:18.0421 0x0de0 [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys 00:16:18.0421 0x0de0 Npfs - ok 00:16:18.0468 0x0de0 [ 78A08DD6A8D65E697C18E1DB01C5CDCA, E0E6F3ED05068E32F1D5C2D2B38CDEF4536B8656DB6756C66CF6B40B60C8F3DA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys 00:16:18.0531 0x0de0 Ntfs - ok 00:16:18.0531 0x0de0 [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] NtLmSsp C:\WINDOWS\system32\lsass.exe 00:16:18.0546 0x0de0 NtLmSsp - ok 00:16:18.0625 0x0de0 [ 156F64A3345BD23C600655FB4D10BC08, 9611BE411586E068D9297D77102DB3BE48AA67F1BAD6F61A84F83FC3043FA9CD ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll 00:16:18.0640 0x0de0 NtmsSvc - ok 00:16:18.0687 0x0de0 [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] Null C:\WINDOWS\system32\drivers\Null.sys 00:16:18.0687 0x0de0 Null - ok 00:16:18.0703 0x0de0 [ B305F3FAD35083837EF46A0BBCE2FC57, 9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8ED72A367720464 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys 00:16:18.0703 0x0de0 NwlnkFlt - ok 00:16:18.0718 0x0de0 [ C99B3415198D1AAB7227F2C88FD664B9, DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09A67337A4E73F55 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys 00:16:18.0718 0x0de0 NwlnkFwd - ok 00:16:18.0843 0x0de0 [ 84DE1DD996B48B05ACE31AD015FA108A, 4B9D1E4EF83ECED6C77F23D9879C124534F7053D7423E3A2D0F67A4A720CEA94 ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE 00:16:18.0875 0x0de0 odserv - ok 00:16:18.0937 0x0de0 [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE 00:16:18.0953 0x0de0 ose - ok 00:16:19.0031 0x0de0 [ 14191C739F2AF6F9EFEB58697535498F, 8421395FD0B1BAE0DADDEBBC984977CE2B76B8E8E15A2AC732D3607753E60213 ] PAC7302 C:\WINDOWS\system32\DRIVERS\PAC7302.SYS 00:16:19.0062 0x0de0 PAC7302 - ok 00:16:19.0125 0x0de0 [ 5575FAF8F97CE5E713D108C2A58D7C7C, 96D4595D19A78CCBE8B325A08780AC077AE5CC99642ACD72FB47AEAE8D344D3B ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys 00:16:19.0125 0x0de0 Parport - ok 00:16:19.0140 0x0de0 [ BEB3BA25197665D82EC7065B724171C6, 7E71C13BA30CD95CEE8A9CC85E6F48A01F30EDEAADEE69D80AE828BF97E5A5CA ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys 00:16:19.0140 0x0de0 PartMgr - ok 00:16:19.0156 0x0de0 [ 70E98B3FD8E963A6A46A2E6247E0BEA1, 6771313EC41B3B5BFD398F60706E40BE71617046880CC352DD110B001AFC22A1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys 00:16:19.0156 0x0de0 ParVdm - ok 00:16:19.0187 0x0de0 [ A219903CCF74233761D92BEF471A07B1, D4E6C360A1D2FCA4D17C991B834D68BF20F5111DD06B1FAB8B22984804CEC269 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys 00:16:19.0187 0x0de0 PCI - ok 00:16:19.0203 0x0de0 PCIDump - ok 00:16:19.0203 0x0de0 [ CCF5F451BB1A5A2A522A76E670000FF0, D63F7E5A39653EC9CCE94B7D84B2D3EBD4F54533BD65701020198724042C9257 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys 00:16:19.0218 0x0de0 PCIIde - ok 00:16:19.0234 0x0de0 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1, 0BA3DB21DC7C641C181E2635B5C9B73965FDCDCD3EBBBE48FCFEC1C8C987F617 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys 00:16:19.0250 0x0de0 Pcmcia - ok 00:16:19.0250 0x0de0 PDCOMP - ok 00:16:19.0265 0x0de0 PDFRAME - ok 00:16:19.0281 0x0de0 PDRELI - ok 00:16:19.0281 0x0de0 PDRFRAME - ok 00:16:19.0296 0x0de0 perc2 - ok 00:16:19.0312 0x0de0 perc2hib - ok 00:16:19.0375 0x0de0 [ 0E776ED5F7CC9F94299E70461B7B8185, 22750B3829133D1D4BB3CE2FA6247BE2373B5D15A6ED1C8A71673AA1CE7D9530 ] PlugPlay C:\WINDOWS\system32\services.exe 00:16:19.0375 0x0de0 PlugPlay - ok 00:16:19.0437 0x0de0 [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] PolicyAgent C:\WINDOWS\system32\lsass.exe 00:16:19.0437 0x0de0 PolicyAgent - ok 00:16:19.0468 0x0de0 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys 00:16:19.0484 0x0de0 PptpMiniport - ok 00:16:19.0515 0x0de0 [ A32BEBAF723557681BFC6BD93E98BD26, 35039BA72A29F87B2CA37DCDE4EFDAABBDEAD8CE3EB8652ACC665994118145A6 ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys 00:16:19.0515 0x0de0 Processor - ok 00:16:19.0515 0x0de0 [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe 00:16:19.0515 0x0de0 ProtectedStorage - ok 00:16:19.0546 0x0de0 [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys 00:16:19.0546 0x0de0 PSched - ok 00:16:19.0593 0x0de0 [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys 00:16:19.0593 0x0de0 Ptilink - ok 00:16:19.0625 0x0de0 [ D86B4A68565E444D76457F14172C875A, 06B1CF81A62B3DAA8D0C5A8B88C56A504DE8E9278C520F754AF363A6676C58B0 ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys 00:16:19.0656 0x0de0 PxHelp20 - ok 00:16:19.0671 0x0de0 ql1080 - ok 00:16:19.0687 0x0de0 Ql10wnt - ok 00:16:19.0687 0x0de0 ql12160 - ok 00:16:19.0703 0x0de0 ql1240 - ok 00:16:19.0718 0x0de0 ql1280 - ok 00:16:19.0734 0x0de0 [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys 00:16:19.0734 0x0de0 RasAcd - ok 00:16:19.0765 0x0de0 [ AD188BE7BDF94E8DF4CA0A55C00A5073, C7D76CB579FAEBCCC2873499441BACDD6BD6668ACF5ED7F31862656E96E2B20C ] RasAuto C:\WINDOWS\System32\rasauto.dll 00:16:19.0765 0x0de0 RasAuto - ok 00:16:19.0781 0x0de0 [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys 00:16:19.0781 0x0de0 Rasl2tp - ok 00:16:19.0812 0x0de0 [ 76A9A3CBEADD68CC57CDA5E1D7448235, 4AFD048C5D2306AB8DE46F3AA60AC0213333DDA3B09A9E91F7585DB6EB978EC8 ] RasMan C:\WINDOWS\System32\rasmans.dll 00:16:19.0843 0x0de0 RasMan - ok 00:16:19.0843 0x0de0 [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys 00:16:19.0859 0x0de0 RasPppoe - ok 00:16:19.0859 0x0de0 [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys 00:16:19.0875 0x0de0 Raspti - ok 00:16:19.0906 0x0de0 [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys 00:16:19.0921 0x0de0 Rdbss - ok 00:16:19.0937 0x0de0 [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys 00:16:19.0937 0x0de0 RDPCDD - ok 00:16:19.0968 0x0de0 [ 15CABD0F7C00C47C70124907916AF3F1, 66B5C978B7FB6359AD8BAC9F568FE9D469E358FEAB07B1F129BA9E85F1DF723E ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys 00:16:19.0984 0x0de0 rdpdr - ok 00:16:20.0015 0x0de0 [ 6728E45B66F93C08F11DE2E316FC70DD, EA63ECD4F84CAE08BD2BF843C48AF505B1B9D7B61349A63536C9C6FEBEF23452 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys 00:16:20.0015 0x0de0 RDPWD - ok 00:16:20.0062 0x0de0 [ 3C37BF86641BDA977C3BF8A840F3B7FA, AB9A6E54DBA3F4561CD4837372BECCE0D73943D02E3288F944333039375AC08C ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe 00:16:20.0062 0x0de0 RDSessMgr - ok 00:16:20.0109 0x0de0 [ F828DD7E1419B6653894A8F97A0094C5, E6150E1F598BA4CFEDB8FF075BC0D576518C331B864388F1CAE8812EFF106ECF ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys 00:16:20.0109 0x0de0 redbook - ok 00:16:20.0156 0x0de0 [ 7E699FF5F59B5D9DE5390E3C34C67CF5, 3FCF0442D80AB181FED4303E570378736AA1F8718C0B8B70F689A1E45200FFE4 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll 00:16:20.0156 0x0de0 RemoteAccess - ok 00:16:20.0187 0x0de0 [ 5B19B557B0C188210A56A6B699D90B8F, 0FA880B81AE615206FD1738B83428AAA491D54B24168339DE6E87FDE8C6C14B0 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll 00:16:20.0187 0x0de0 RemoteRegistry - ok 00:16:20.0265 0x0de0 [ 1D4061CC5BC8E823D05E1E6E6C1224E3, 3FE820DB4BC0C7F66F98D74B643C004958F42EDDFF05313E02C56155014D21AB ] RichVideo C:\Program Files\CyberLink\Shared files\RichVideo.exe 00:16:20.0281 0x0de0 RichVideo - ok 00:16:20.0343 0x0de0 [ AAED593F84AFA419BBAE8572AF87CF6A, CC0FFC5A69394C8830DC66320DA01A820BBF41AD7E57D0FC343561DC5EF9A360 ] RpcLocator C:\WINDOWS\system32\locator.exe 00:16:20.0343 0x0de0 RpcLocator - ok 00:16:20.0406 0x0de0 [ 2589FE6015A316C0F5D5112B4DA7B509, 2753785BA07A1A7A25E275332F5F9F403F6E8CBF396FD0905D6BA84B98C403A6 ] RpcSs C:\WINDOWS\system32\rpcss.dll 00:16:20.0421 0x0de0 RpcSs - ok 00:16:20.0468 0x0de0 [ 471B3F9741D762ABE75E9DEEA4787E47, D9ADE42965EC22AEB4B2AD21D429C3C8232A60AA9853DEFDA7AED86A13FE8623 ] RSVP C:\WINDOWS\system32\rsvp.exe 00:16:20.0484 0x0de0 RSVP - ok 00:16:20.0515 0x0de0 [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] SamSs C:\WINDOWS\system32\lsass.exe 00:16:20.0515 0x0de0 SamSs - ok 00:16:20.0578 0x0de0 [ 86D007E7A654B9A71D1D7D856B104353, 7B1DE53D637A5FC9619D5D07C48927AFEC89D959207F6F2E2F45DD054EEA04C7 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe 00:16:20.0578 0x0de0 SCardSvr - ok 00:16:20.0625 0x0de0 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA, 0B582F47BD70732BAC48B8B86E5D06CE7F299A20E8177F3F2E6F28217C3FB605 ] Schedule C:\WINDOWS\system32\schedsvc.dll 00:16:20.0640 0x0de0 Schedule - ok 00:16:20.0656 0x0de0 [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys 00:16:20.0656 0x0de0 Secdrv - ok 00:16:20.0671 0x0de0 [ CBE612E2BB6A10E3563336191EDA1250, C331797DC3569F0E715766561DE2562F60B924378842246C35D2B1CF867E9D96 ] seclogon C:\WINDOWS\System32\seclogon.dll 00:16:20.0687 0x0de0 seclogon - ok 00:16:20.0703 0x0de0 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0, 7105B026F966A992430F86C3698ABE15EC73E4772F1A3E362E29FD5247A5DCA6 ] SENS C:\WINDOWS\system32\sens.dll 00:16:20.0703 0x0de0 SENS - ok 00:16:20.0718 0x0de0 [ 0F29512CCD6BEAD730039FB4BD2C85CE, 4F98AE390D1B14A755700DD6CEFB9CF921F0404AF2145D2D7E5F52394F87C6A5 ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys 00:16:20.0718 0x0de0 serenum - ok 00:16:20.0734 0x0de0 [ CCA207A8896D4C6A0C9CE29A4AE411A7, 5999B39242283CD803319AADCA171CCCC6E2A40FB2FAFA51B1D29F3FF2DD8D6C ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys 00:16:20.0750 0x0de0 Serial - ok 00:16:20.0781 0x0de0 [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys 00:16:20.0796 0x0de0 Sfloppy - ok 00:16:20.0828 0x0de0 [ 83F41D0D89645D7235C051AB1D9523AC, B681F33EEAA511D6A2DCB9FBAA407B739184C9FF6067C6B7E51F1FC37E9D4DD7 ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll 00:16:20.0859 0x0de0 SharedAccess - ok 00:16:20.0875 0x0de0 [ 1926899BF9FFE2602B63074971700412, F5C48EDBE5C6507527630B49C95BAA9F1E47EACC5A910F2B9A4528733E81A966 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll 00:16:20.0890 0x0de0 ShellHWDetection - ok 00:16:20.0890 0x0de0 Simbad - ok 00:16:21.0218 0x0de0 [ 9F712B26EE3B0242DE997A42FD302E2C, 12663EB108F158282A965EE70980627C2F2332BA7944D7DE03B78E18BEB87D26 ] Skype C2C Service C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe 00:16:21.0390 0x0de0 Skype C2C Service - ok 00:16:21.0531 0x0de0 [ 2F5AF9D91D51E832773D4A9EAF65CB33, AE7C75589040F700B5F5E93EACF022057C7D4571B496C86732E629B8AD0BF19D ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe 00:16:21.0562 0x0de0 SkypeUpdate - ok 00:16:21.0609 0x0de0 [ 866D538EBE33709A5C9F5C62B73B7D14, BC94BEB7C17B4FCAC8B5D0D5006A203BC209E0504EECE149651D8691935696CD ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys 00:16:21.0609 0x0de0 SLIP - ok 00:16:21.0625 0x0de0 Sparrow - ok 00:16:21.0640 0x0de0 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C3B1FFDF7481D9E ] splitter C:\WINDOWS\system32\drivers\splitter.sys 00:16:21.0656 0x0de0 splitter - ok 00:16:21.0687 0x0de0 [ D8E14A61ACC1D4A6CD0D38AEBAC7FA3B, 130D686A220AF97EBF33DD481B79990F259B4EE38DD95A35CD3D0F0517790FF0 ] Spooler C:\WINDOWS\system32\spoolsv.exe 00:16:21.0703 0x0de0 Spooler - ok 00:16:21.0781 0x0de0 [ CD85114F46B145CB5C1F997B3B896A2B, 5D6A6CE273AB0887C0CB49947997A3614033F0F4E2FA9A64098013250F4EA6FE ] sptd C:\WINDOWS\system32\Drivers\sptd.sys 00:16:21.0781 0x0de0 Suspicious file ( NoAccess ): C:\WINDOWS\system32\Drivers\sptd.sys. md5: CD85114F46B145CB5C1F997B3B896A2B, sha256: 5D6A6CE273AB0887C0CB49947997A3614033F0F4E2FA9A64098013250F4EA6FE 00:16:21.0796 0x0de0 sptd - detected LockedFile.Multi.Generic ( 1 ) 00:16:24.0281 0x0de0 sptd ( LockedFile.Multi.Generic ) - warning 00:16:24.0281 0x0de0 Force sending object to P2P due to detect: C:\WINDOWS\system32\Drivers\sptd.sys 00:16:26.0921 0x0de0 Object send P2P result: true 00:16:31.0187 0x0de0 [ 76BB022C2FB6902FD5BDD4F78FC13A5D, 6031CB2344D7277FC703480EB43CF856A0F8F818EA98FF26A2CA532336CD2DFA ] sr C:\WINDOWS\system32\DRIVERS\sr.sys 00:16:31.0203 0x0de0 sr - ok 00:16:31.0218 0x0de0 [ 3805DF0AC4296A34BA4BF93B346CC378, B57A14F1B7B0997E619DDD62B73157AA2399A9852166FB58139CBB358A88F6F3 ] srservice C:\WINDOWS\system32\srsvc.dll 00:16:31.0265 0x0de0 srservice - ok 00:16:31.0281 0x0de0 [ 5252605079810904E31C332E241CD59B, 039DD965DE2137219168F95CA3BF1CA7353957026BDD0481F7964E2578DF2128 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys 00:16:31.0296 0x0de0 Srv - ok 00:16:31.0328 0x0de0 [ 0A5679B3714EDAB99E357057EE88FCA6, 01E1A101FFF48402C77E385A78FEF27876E04533B60EB1C18558A737E57E5FA8 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll 00:16:31.0343 0x0de0 SSDPSRV - ok 00:16:31.0406 0x0de0 [ 54946449A0EB74915A4BB34F7EE51A5A, 4C9EFC564520FD5E082A8066B0FCFDC9FCC5050DC26518810E57ECF3B90EF248 ] ss_bus C:\WINDOWS\system32\DRIVERS\ss_bus.sys 00:16:31.0421 0x0de0 ss_bus - ok 00:16:31.0421 0x0de0 [ 4450BC0B2E9D7D9B90E3C3DE4EA00A78, 4AE89D25F4D3B061D8CBD31329EDD3D5BAD9ED5D24ECC49FBC263B4DFE6760AB ] ss_mdfl C:\WINDOWS\system32\DRIVERS\ss_mdfl.sys 00:16:31.0421 0x0de0 ss_mdfl - ok 00:16:31.0453 0x0de0 [ 30B8D0DD01EAD1243F329CAF7D7D1517, A4BC52064E3C6140175BF403ED396C1718BF5EB996CB050989051532D0D79C71 ] ss_mdm C:\WINDOWS\system32\DRIVERS\ss_mdm.sys 00:16:31.0468 0x0de0 ss_mdm - ok 00:16:31.0500 0x0de0 [ 8BAD69CBAC032D4BBACFCE0306174C30, 2AA0DA710FCBFF38FE8DA91EE02E7A4503269347E61F8D3246FCA3384BBA2305 ] stisvc C:\WINDOWS\system32\wiaservc.dll 00:16:31.0515 0x0de0 stisvc - ok 00:16:31.0531 0x0de0 [ 77813007BA6265C4B6098187E6ED79D2, 93939120E803C46FBFD577C8FC2E6C7E71C0460E01D25CB29579490640AB50C7 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys 00:16:31.0531 0x0de0 streamip - ok 00:16:31.0578 0x0de0 [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys 00:16:31.0578 0x0de0 swenum - ok 00:16:31.0593 0x0de0 [ 8CE882BCC6CF8A62F2B2323D95CB3D01, B408550A581F3DA222355964AFA4E976AD8471F0AA37573C42C4948AE5A23A3B ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys 00:16:31.0593 0x0de0 swmidi - ok 00:16:31.0593 0x0de0 SwPrv - ok 00:16:31.0593 0x0de0 symc810 - ok 00:16:31.0593 0x0de0 symc8xx - ok 00:16:31.0593 0x0de0 sym_hi - ok 00:16:31.0609 0x0de0 sym_u3 - ok 00:16:31.0609 0x0de0 [ 8B83F3ED0F1688B4958F77CD6D2BF290, 546D3602183702B4F53E84413CFA2C933D64C8540378E54A8DCD148F3F36A2DA ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys 00:16:31.0609 0x0de0 sysaudio - ok 00:16:31.0656 0x0de0 [ C7ABBC59B43274B1109DF6B24D617051, 4384CA0AA6CE9B603CF7DB775A3C721E46715D5B120B94FB57DEADAADE18535B ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe 00:16:31.0656 0x0de0 SysmonLog - ok 00:16:31.0687 0x0de0 [ 3CB78C17BB664637787C9A1C98F79C38, F35C31F6B7F366CB949D1044B357C76DEC9170441C5E559802794F62B72FD255 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll 00:16:31.0703 0x0de0 TapiSrv - ok 00:16:31.0750 0x0de0 [ 93EA8D04EC73A85DB02EB8805988F733, 013008E23F5F14E0C836C28524D1181759BAF84530C6331163882A772217F398 ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys 00:16:31.0781 0x0de0 Tcpip - ok 00:16:31.0812 0x0de0 [ 6471A66807F5E104E4885F5B67349397, F35CBFFB8BB235CCE30EF94A5273333900DD49FD506BF9D55D99A320B8A53A5A ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys 00:16:31.0812 0x0de0 TDPIPE - ok 00:16:31.0828 0x0de0 [ C56B6D0402371CF3700EB322EF3AAF61, 7743FA4C734BCE38EFB1CA69BC17364D8421E2CD172F856F7E38E7AE1EE93F2F ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys 00:16:31.0828 0x0de0 TDTCP - ok 00:16:31.0843 0x0de0 [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys 00:16:31.0843 0x0de0 TermDD - ok 00:16:31.0875 0x0de0 [ FF3477C03BE7201C294C35F684B3479F, D6246521539BA4ACD022D26983182F5E323D2EF1EA7C54265A248C43A1CE5202 ] TermService C:\WINDOWS\System32\termsrv.dll 00:16:31.0906 0x0de0 TermService - ok 00:16:31.0921 0x0de0 [ 1926899BF9FFE2602B63074971700412, F5C48EDBE5C6507527630B49C95BAA9F1E47EACC5A910F2B9A4528733E81A966 ] Themes C:\WINDOWS\System32\shsvcs.dll 00:16:31.0921 0x0de0 Themes - ok 00:16:31.0937 0x0de0 [ DB7205804759FF62C34E3EFD8A4CC76A, 13A4248F528CE98ACA66898E56822E4FC49B11F491FF1F61A687BA601BF0A802 ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe 00:16:31.0937 0x0de0 TlntSvr - ok 00:16:31.0953 0x0de0 TosIde - ok 00:16:31.0968 0x0de0 [ 55BCA12F7F523D35CA3CB833C725F54E, 849FB1AE31B143B14B298BBC0D91230693D41DEB95F46516878F53A7F4186C38 ] TrkWks C:\WINDOWS\system32\trkwks.dll 00:16:31.0968 0x0de0 TrkWks - ok 00:16:32.0000 0x0de0 [ 5CC58668CE8F5DBF4408C2B76977818E, BD52D4ABE49C269E52126727B50D7510CD80BA6C7C8DB6C53416E505435C6C6E ] tStLib C:\WINDOWS\system32\drivers\tStLib.sys 00:16:32.0000 0x0de0 tStLib - ok 00:16:32.0015 0x0de0 [ 5787B80C2E3C5E2F56C2A233D91FA2C9, 3774905CF77954DFCECDA5BCC7CDE3D0ED72712BFAAD85ADAE5246306447E46C ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys 00:16:32.0031 0x0de0 Udfs - ok 00:16:32.0031 0x0de0 ultra - ok 00:16:32.0062 0x0de0 [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] Update C:\WINDOWS\system32\DRIVERS\update.sys 00:16:32.0078 0x0de0 Update - ok 00:16:32.0125 0x0de0 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91, 7746916DB48E3F5B243B63C066596AD9037A494BF1AD935946DD04AC85D983DF ] upnphost C:\WINDOWS\System32\upnphost.dll 00:16:32.0140 0x0de0 upnphost - ok 00:16:32.0156 0x0de0 [ 05365FB38FCA1E98F7A566AAAF5D1815, 16843048CEEC3DAA3B953A12FF1EE339E86783A08F2A56DA7F94AD9F9717D77D ] UPS C:\WINDOWS\System32\ups.exe 00:16:32.0171 0x0de0 UPS - ok 00:16:32.0328 0x0de0 [ E919708DB44ED8543A7C017953148330, 226D032912D396117213FC29CD0BB5A8B2F872DD91D92F254F2F1FE392481B61 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys 00:16:32.0328 0x0de0 usbaudio - ok 00:16:32.0453 0x0de0 [ 173F317CE0DB8E21322E71B7E60A27E8, 7042441BA63AE38AE9D7BE0BC5CA7404FC9EE5BB3F084604A68F01E82769652A ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys 00:16:32.0468 0x0de0 usbccgp - ok 00:16:32.0500 0x0de0 [ 65DCF09D0E37D4C6B11B5B0B76D470A7, 90EBA8BAF45932B453D905EDF2BDDDF3A432BFD50B9F7DF58CDEAE98D11C2E2F ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys 00:16:32.0500 0x0de0 usbehci - ok 00:16:32.0515 0x0de0 [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys 00:16:32.0515 0x0de0 usbhub - ok 00:16:32.0546 0x0de0 [ A0B8CF9DEB1184FBDD20784A58FA75D4, D8AFD45BD9CF7B02F2554AA6085194DE82893AF794EDF479BC9B9E9C1758DC75 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys 00:16:32.0546 0x0de0 usbscan - ok 00:16:32.0578 0x0de0 [ A32426D9B14A089EAA1D922E0C5801A9, ED1DC52EE45F8EAD3AEC4B1F817BB25634141CF48295494C5947DCE6CF7A9817 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS 00:16:32.0578 0x0de0 USBSTOR - ok 00:16:32.0609 0x0de0 [ 26496F9DEE2D787FC3E61AD54821FFE6, 8BE7FF647470B9A951CBB478FAF83D657A15CC78037F42348A6B738F21D523DA ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys 00:16:32.0609 0x0de0 usbuhci - ok 00:16:32.0656 0x0de0 [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] VgaSave C:\WINDOWS\System32\drivers\vga.sys 00:16:32.0656 0x0de0 VgaSave - ok 00:16:32.0671 0x0de0 [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E, FC7FFD53FCC0F81587EFF26A43C141D25C43DBC68311520CE2BCDD739CA58CA9 ] ViaIde C:\WINDOWS\system32\DRIVERS\viaide.sys 00:16:32.0671 0x0de0 ViaIde - ok 00:16:32.0687 0x0de0 [ C8EE49FA76EB7C41A9CDDFE58151A74E, 71BAFD268BA79772196D8B76A7383F8C171C639838A245AF6456118278A96929 ] videX32 C:\WINDOWS\system32\DRIVERS\videX32.sys 00:16:32.0703 0x0de0 videX32 - ok 00:16:32.0703 0x0de0 [ 4C8FCB5CC53AAB716D810740FE59D025, 010EAC43DBED700B73E4FC908FAAF9F6A0168EBBD5D86751E49BC33AAA18BFA4 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys 00:16:32.0703 0x0de0 VolSnap - ok 00:16:32.0734 0x0de0 [ 7A9DB3A67C333BF0BD42E42B8596854B, D31A9A3B1AAAB373EDD73B674102395212FCB616F829E938B7B2B7BE7D4752C5 ] VSS C:\WINDOWS\System32\vssvc.exe 00:16:32.0750 0x0de0 VSS - ok 00:16:32.0781 0x0de0 [ 54AF4B1D5459500EF0937F6D33B1914F, FA1876888BCB9C72A92369DBED4FF1A8666784523FB41E618FA0919490FCDDB9 ] W32Time C:\WINDOWS\system32\w32time.dll 00:16:32.0796 0x0de0 W32Time - ok 00:16:32.0812 0x0de0 [ E20B95BAEDB550F32DD489265C1DA1F6, 5589B2067E6C9FBA290D8C5EADDC198EBAF39C50C3CD7D2BC5CDA7CBFBC445E5 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys 00:16:32.0812 0x0de0 Wanarp - ok 00:16:32.0812 0x0de0 WDICA - ok 00:16:32.0828 0x0de0 [ 6768ACF64B18196494413695F0C3A00F, 3A8F8586F1D997D19A8478345338D2AECD785AEABDB61531DD3F92003D3230A5 ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys 00:16:32.0828 0x0de0 wdmaud - ok 00:16:32.0843 0x0de0 [ 77A354E28153AD2D5E120A5A8687BC06, 8B2D37A4443501C0A8E70BC2079BE27F0A36FD07B561E6F68B40A72EABBC2DFE ] WebClient C:\WINDOWS\System32\webclnt.dll 00:16:32.0843 0x0de0 WebClient - ok 00:16:32.0921 0x0de0 [ 2D0E4ED081963804CCC196A0929275B5, E1D75C7D7233D81DFDE13160B0C80138DF8B35230D04FB79B367A52FACF69BF8 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll 00:16:32.0921 0x0de0 winmgmt - ok 00:16:32.0937 0x0de0 [ C51B4A5C05A5475708E3C81C7765B71D, F776D2680BD3407307B7072626F78460361FC5BC38623C9E16F394D300AB25DE ] WmdmPmSN C:\WINDOWS\system32\mspmsnsv.dll 00:16:32.0937 0x0de0 WmdmPmSN - ok 00:16:32.0984 0x0de0 [ 5EFFAC3C259F665B874A5B68AD2EA1DC, 581560B03E40E74E2926F6B9E24BD7AA4A76117A515270B972B7BD063A7EF01E ] Wmi C:\WINDOWS\System32\advapi32.dll 00:16:33.0015 0x0de0 Wmi - ok 00:16:33.0046 0x0de0 [ E0673F1106E62A68D2257E376079F821, 12992F18C9653050B10DC61D12988067933FCFDF02123D3A7EF5DE607A785DDC ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe 00:16:33.0046 0x0de0 WmiApSrv - ok 00:16:33.0187 0x0de0 [ F74E3D9A7FA9556C3BBB14D4E5E63D3B, C71FAAC752F6D58BF8556661252DBF8C5DDD090CAE002A2C7E09C9A014526066 ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe 00:16:33.0234 0x0de0 WMPNetworkSvc - ok 00:16:33.0265 0x0de0 [ CF4DEF1BF66F06964DC0D91844239104, CC1D9CECE2056D29A9651D51BB57C3F4F9BF9E90A4808CF7496C683C874FBD51 ] WpdUsb C:\WINDOWS\system32\DRIVERS\wpdusb.sys 00:16:33.0265 0x0de0 WpdUsb - ok 00:16:33.0375 0x0de0 [ DCF3E3EDF5109EE8BC02FE6E1F045795, 4B8E14B1CFB095982D34DAEC336114F5039D7793080FB787DC95A63B6B945DD0 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe 00:16:33.0453 0x0de0 WPFFontCache_v0400 - ok 00:16:33.0500 0x0de0 [ 6ABE6E225ADB5A751622A9CC3BC19CE8, 4061C5D0F051DFF1730E2A3BFC1CCA97B29602FC50F10F6B44D93B0D28F42024 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys 00:16:33.0500 0x0de0 WS2IFSL - ok 00:16:33.0515 0x0de0 [ 7C278E6408D1DCE642230C0585A854D5, DA46079A04F6E8E3441E4AE454AEAC02B3E935DE29CE7F6D4476F57867FCC12A ] wscsvc C:\WINDOWS\system32\wscsvc.dll 00:16:33.0531 0x0de0 wscsvc - ok 00:16:33.0531 0x0de0 [ C98B39829C2BBD34E454150633C62C78, 71B60EA3AD0E2637917D528C6A9E7ECF2949E3E5E91036AA5BBADA95BD725511 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS 00:16:33.0546 0x0de0 WSTCODEC - ok 00:16:33.0562 0x0de0 [ 35321FB577CDC98CE3EB3A3EB9E4610A, C9A6F5CF282D8FCB3CDFCC4B306013480E78E1B664E1A60A4E27B161F9FFD4CD ] wuauserv C:\WINDOWS\system32\wuauserv.dll 00:16:33.0578 0x0de0 wuauserv - ok 00:16:33.0593 0x0de0 [ F15FEAFFFBB3644CCC80C5DA584E6311, 79B3E9AF35976CE49921E9BEA3BA3B4A8AF762FD3F284B62954038B5FFB32471 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys 00:16:33.0593 0x0de0 WudfPf - ok 00:16:33.0609 0x0de0 [ 28B524262BCE6DE1F7EF9F510BA3985B, AEFF02B899801A63CBB262757C3D4369E38BFF0690BD085DE60E873DFBE3C3F4 ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys 00:16:33.0609 0x0de0 WudfRd - ok 00:16:33.0625 0x0de0 [ 05231C04253C5BC30B26CBAAE680ED89, 5C03C2D7E0B573646D32F4093E2FF2C3BA391C39F5BA37D67F69D38E357FCC3D ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll 00:16:33.0625 0x0de0 WudfSvc - ok 00:16:33.0656 0x0de0 [ 81DC3F549F44B1C1FFF022DEC9ECF30B, 3D14BFEA539F9CEB16555BD56C5E3C7C8F6692FC62C2789F8AAEA1C042E63940 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll 00:16:33.0718 0x0de0 WZCSVC - ok 00:16:33.0750 0x0de0 [ FCBC27869092850CDB75139F3818653A, 0C3DEDE71F7E391FDA7E0687BE5B8A4CFA609BD1C8D8C85A3F32D15B03C3141D ] xfilt C:\WINDOWS\system32\DRIVERS\xfilt.sys 00:16:33.0750 0x0de0 xfilt - ok 00:16:33.0765 0x0de0 [ 295D21F14C335B53CB8154E5B1F892B9, 9418477C2E3EA93E93D931A4EDD4500DA568FAD6040204B5201D1080203B0BBC ] xmlprov C:\WINDOWS\System32\xmlprov.dll 00:16:33.0781 0x0de0 xmlprov - ok 00:16:33.0828 0x0de0 [ 8098180B3F6C430A4E60333BC036F936, 6304EDA656039EE846B31F8DC9466EA55A6435C93CF5D5E2D81284ADF0F292C2 ] {95808DC4-FA4A-4c74-92FE-5B863F82066B} C:\Program Files\CyberLink\PowerDVD\000.fcl 00:16:33.0843 0x0de0 {95808DC4-FA4A-4c74-92FE-5B863F82066B} - ok 00:16:33.0843 0x0de0 ================ Scan global =============================== 00:16:33.0875 0x0de0 [ 42F1F4C0AFB08410E5F02D4B13EBB623, 924C30587C51C0D1E1F47991969AF492A644552E15F2480EA991DCB74A3E68D5 ] C:\WINDOWS\system32\basesrv.dll 00:16:33.0906 0x0de0 [ 13A81FD21171A05FDA7A124AA68290D5, 3009C9CC8FA7697BED2963190EA28C3313684BB6D01E3D331E0681BA0E121808 ] C:\WINDOWS\system32\winsrv.dll 00:16:33.0937 0x0de0 [ 13A81FD21171A05FDA7A124AA68290D5, 3009C9CC8FA7697BED2963190EA28C3313684BB6D01E3D331E0681BA0E121808 ] C:\WINDOWS\system32\winsrv.dll 00:16:33.0953 0x0de0 [ 0E776ED5F7CC9F94299E70461B7B8185, 22750B3829133D1D4BB3CE2FA6247BE2373B5D15A6ED1C8A71673AA1CE7D9530 ] C:\WINDOWS\system32\services.exe 00:16:33.0968 0x0de0 [ Global ] - ok 00:16:33.0968 0x0de0 ================ Scan MBR ================================== 00:16:33.0984 0x0de0 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0 00:16:34.0218 0x0de0 \Device\Harddisk0\DR0 - ok 00:16:34.0218 0x0de0 ================ Scan VBR ================================== 00:16:34.0218 0x0de0 [ 5D7A2994B536B4DD32D1E65821C6715C ] \Device\Harddisk0\DR0\Partition1 00:16:34.0234 0x0de0 \Device\Harddisk0\DR0\Partition1 - ok 00:16:34.0234 0x0de0 [ EB3EA47004389CBDB9D391D10A44E466 ] \Device\Harddisk0\DR0\Partition2 00:16:34.0234 0x0de0 \Device\Harddisk0\DR0\Partition2 - ok 00:16:34.0234 0x0de0 Waiting for KSN requests completion. In queue: 60 00:16:35.0234 0x0de0 Waiting for KSN requests completion. In queue: 60 00:16:36.0234 0x0de0 Waiting for KSN requests completion. In queue: 60 00:16:38.0546 0x0de0 Win FW state via NFM: disabled 00:16:41.0359 0x0de0 ============================================================ 00:16:41.0359 0x0de0 Scan finished 00:16:41.0359 0x0de0 ============================================================ 00:16:41.0375 0x0dac Detected object count: 1 00:16:41.0375 0x0dac Actual detected object count: 1 00:16:56.0328 0x0dac sptd ( LockedFile.Multi.Generic ) - skipped by user 00:16:56.0328 0x0dac sptd ( LockedFile.Multi.Generic ) - User select action: Skip 00:17:11.0687 0x08c4 Deinitialize success

Profil

jollyking991 Poslao: 26 Mar 2014 00:20 Idi na vrh
offline jollyking991 Novi MyCity građanin Pridružio: 24 Mar 2014 Poruke: 29	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Moram da Vam se zahvalim i da Vam ujedno i zahvalim, kompjuter mi je dosta ubrzao.. Imam još par pitanja, ali po redu, hvala Vam i na dosadašnjoj pomoći..

Profil

argus Poslao: 26 Mar 2014 11:20 Idi na vrh
rip argus Anti Malware Fighter Rank 2 Pridružio: 27 Apr 2008 Poruke: 9160 Gde živiš: Prokuplje	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Ponovo pokreni zoek ; zatvori browser i ostale pokrenute programe; deaktiviraj zaštitni softver ( po potrebi ) Uputstvo ; U beli okvir prozora iskopiraj sledeći tekst: autoclean; C:\Documents and Settings\Jolly\Application Data\newnext.me;fs [HKEY_USERS\S-1-5-21-329068152-1326574676-1606980848-1003\Software\Microsoft\Windows\CurrentVersion\Run];r "NextLive"=-;r C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-329068152-1326574676-1606980848-500Core.job;f C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-329068152-1326574676-1606980848-500UA.job;f C:\Documents and Settings\Administrator\Application Data\Mozilla\Extensions\speedanalysis@SpeedAnalysis.com;f SearchNewTab;chr kdidombaedgpfiiedeimiebkmbilgmlc;chr C:\Program Files\DefaultTab;fs firefoxlook; chromelook; filesrcm; startupall; emptyalltemp; Klikni na dugme i pričekaj da se skeniranje završi. zoek ce po potrebi, restartovati Windows a na kraju rada, otvoriti Notepad sa izveštajem o skeniranju. Napomena:Izveštaj će biti sačuvan pod nazivom zoek-results.log na sistemskoj particiji (tipična lokacija: C:\zoek-results.log) Kopiraj sadrzaj tog loga u poruku.

Profil

jollyking991 Poslao: 26 Mar 2014 15:36 Idi na vrh
offline jollyking991 Novi MyCity građanin Pridružio: 24 Mar 2014 Poruke: 29	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Zoek.exe v5.0.0.0 Updated 07-March-2014 Tool run by Jolly on sre 26.03.2014 at 14:37:06,89. Microsoft Windows XP Professional 5.1.2600 Service Pack 3 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Documents and Settings\Jolly\Desktop\New Folder (2)\zoek.com [Scan all users] [Script inserted] ==== Older Logs ====================== C:\zoek-results2014-03-25-154013.log 449 bytes C:\zoek-results2014-03-25-185342.log 412 bytes C:\zoek-results2014-03-25-230538.log 44620 bytes C:\zoek-results2014-03-26-110058.log 514 bytes ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [HKEY_USERS\S-1-5-21-329068152-1326574676-1606980848-1003\Software\Microsoft\Windows\CurrentVersion\Run] "NextLive"=- ==== Deleting Files \ Folders ====================== C:\Documents and Settings\Jolly\Application Data\newnext.me not found C:\Program Files\DefaultTab not found "C:\Documents and Settings\Administrator\Application Data\Mozilla\Extensions\speedanalysis@SpeedAnalysis.com" not found "C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-329068152-1326574676-1606980848-500Core.job" deleted "C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-329068152-1326574676-1606980848-500UA.job" deleted ==== Files Recently Created / Modified ====================== ====== C:\WINDOWS ==== 2014-03-24 18:15:08 F042EE4C8D66248D9B86DCF52ABAE416 256000 ----a-w- C:\WINDOWS\PEV.exe 2014-03-24 18:15:08 9E05A9C264C8A908A8E79450FCBFF047 80412 ----a-w- C:\WINDOWS\grep.exe 2014-03-24 18:15:08 5E832F4FAF5F481F2EAF3B3A48F603B8 68096 ----a-w- C:\WINDOWS\zip.exe 2014-03-24 18:15:08 0297C72529807322B152F517FDB0A9FC 406528 ----a-w- C:\WINDOWS\SWSC.exe 2014-03-24 18:15:08 0277C027A26428DB64EF4F64F52BB4FD 208896 ----a-w- C:\WINDOWS\MBR.exe ====== C:\DOCUME~1\Jolly\LOCALS~1\Temp ==== ====== Java Cache ===== ====== C:\WINDOWS\system32 ===== 2014-03-24 20:45:05 49F9C309D84D059499C690FB43B9F1F6 497048 ----a-w- C:\WINDOWS\System32\FNTCACHE.DAT ====== C:\WINDOWS\system32\drivers ===== 2014-03-25 12:23:00 024ACCA2F972EE094EB0F4289F2FA893 107224 ----a-w- C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys 2014-03-25 12:21:19 6F0D0617310A677360B7EB6D2D59086E 52312 ----a-w- C:\WINDOWS\System32\drivers\mbamchameleon.sys 2014-03-08 16:18:11 687AF6BB383885FF6A64071B189A7F3E 242240 ----a-w- C:\WINDOWS\System32\drivers\dtsoftbus01.sys 2014-02-28 17:34:22 D86B4A68565E444D76457F14172C875A 43528 ------w- C:\WINDOWS\System32\drivers\PxHelp20.sys 2014-02-28 17:34:22 837EEF65AF62D4E8A37C41D3879F7274 9336 ------w- C:\WINDOWS\System32\drivers\cdr4_xp.sys 2014-02-28 17:34:22 579DA2F9F5401F55DAE2CF8779D61DFC 9464 ------w- C:\WINDOWS\System32\drivers\cdralw2k.sys ====== C:\WINDOWS\Tasks ====== ====== C:\WINDOWS\Temp ====== ======= C:\Program Files ===== 2014-02-28 17:34:14 -------- d-----w- C:\Program Files\Winamp 2014-02-28 16:26:17 -------- d-----w- C:\Program Files\CyberLink ======= C: ===== 2014-03-24 18:22:42 FA579938B0733B87066546AFE951082C 211 ----a-w- C:\Boot.bak 2014-03-24 18:22:40 94E5450C43E4CF78E1D3AD4816966909 260272 --sha-r- C:\cmldr ====== C:\Documents and Settings\Jolly\Application Data ====== 2014-03-26 12:26:33 -------- d-----w- C:\Documents and Settings\Jolly\Start Menu\Programs\CyberLink PowerDVD 2014-03-08 16:21:43 -------- d-----w- C:\Documents and Settings\Jolly\Start Menu\Programs\KONAMI\Pro Evolution Soccer 6 2014-03-08 16:21:43 -------- d-----w- C:\Documents and Settings\Jolly\Start Menu\Programs\KONAMI 2014-03-08 16:08:25 -------- d-----w- C:\Documents and Settings\Jolly\Application Data\DAEMON Tools Lite 2014-03-01 15:33:12 -------- d-----w- C:\Documents and Settings\Jolly\Start Menu\Programs\FLV Player 2014-03-01 15:32:49 -------- d-----w- C:\Documents and Settings\Jolly\Application Data\CyberLink 2014-02-28 17:34:14 -------- d-----w- C:\Documents and Settings\Jolly\Application Data\Winamp ====== C:\Documents and Settings\Jolly ====== 2014-03-26 02:15:54 -------- d--h--r- C:\Documents and Settings\Jolly\Recent ====== C: exe-files == 2014-03-25 23:14:28 B55D431B5EEC32FF6E7B7111DABD5711 4134240 ----a-w- C:\Documents and Settings\Jolly\My Documents\Downloads\tdsskiller.exe 2014-03-25 15:07:49 214B059CA672E5C2876266C4EEBDFE0B 1145856 ----a-w- C:\Documents and Settings\Jolly\Desktop\New Folder\FRST.exe 2014-03-25 13:39:37 214B059CA672E5C2876266C4EEBDFE0B 1145856 ----a-w- C:\Documents and Settings\Jolly\My Documents\Downloads\FRST.exe 2014-03-25 12:21:04 BA63FE28CD27A9B3501883689EBE4D5C 821560 ----a-w- C:\Documents and Settings\Jolly\Desktop\mbar\Plugins\fixdamage.exe 2014-03-25 12:21:04 7C3400A4EAE86C697F74756F783B9DA3 1180472 ----a-w- C:\Documents and Settings\Jolly\Desktop\mbar\mbar.exe 2014-03-25 12:19:40 99D69C3E87FE1556B76886F778480E2D 12589848 ----a-w- C:\Documents and Settings\Jolly\My Documents\Downloads\mbar-1.07.0.1009.exe 2014-03-24 18:22:40 A38C1A7D8D8F4428CD8E96F3F2B6E046 580608 ----a-w- C:\cmdcons\autofmt.exe 2014-03-24 18:22:40 23043C91A0F9DFB4B9E9F87B680863B4 588800 ----a-w- C:\cmdcons\autochk.exe 2014-03-24 18:15:08 F042EE4C8D66248D9B86DCF52ABAE416 256000 ----a-w- C:\WINDOWS\PEV.exe 2014-03-24 18:15:08 9E05A9C264C8A908A8E79450FCBFF047 80412 ----a-w- C:\WINDOWS\grep.exe 2014-03-24 18:15:08 5E832F4FAF5F481F2EAF3B3A48F603B8 68096 ----a-w- C:\WINDOWS\zip.exe 2014-03-24 18:15:08 0297C72529807322B152F517FDB0A9FC 406528 ----a-w- C:\WINDOWS\SWSC.exe 2014-03-24 18:15:08 0277C027A26428DB64EF4F64F52BB4FD 208896 ----a-w- C:\WINDOWS\MBR.exe 2014-03-19 21:20:11 76ABC2E6E523CAA734DA6389D9359E32 139264 ----a-w- C:\Documents and Settings\Jolly\My Documents\Downloads\Photo_17.JPEG-FACEBOOK.COM.exe === C: other files == 2014-03-25 12:23:00 024ACCA2F972EE094EB0F4289F2FA893 107224 ----a-w- C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys 2014-03-25 12:21:19 6F0D0617310A677360B7EB6D2D59086E 52312 ----a-w- C:\WINDOWS\system32\drivers\mbamchameleon.sys 2014-03-24 18:18:31 44A8E619C4A9C390EC722DAC0CE201BD 6925 ----a-w- C:\Qoobox\BackEnv\SetPath.bat 2014-03-20 17:27:43 7E1C072961BE0D108C81AB91BD89D687 957290 ----a-w- C:\Documents and Settings\Jolly\Desktop\Old Firefox Data\u50vzrml(2).default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi 2014-03-20 17:27:39 06D55D82E7DACC8680844BF5917746F6 557420 ----a-w- C:\Documents and Settings\Jolly\Desktop\Old Firefox Data\u50vzrml(2).default\extensions\toolbar_SGT-V7@apn.ask.com.xpi ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-21-329068152-1326574676-1606980848-1003\Software\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "nltide_2"="regsvr32 /s /n /i:U shell32" "nltide_3"="rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N" [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce] "nltide_2"="regsvr32 /s /n /i:U shell32" "nltide_3"="rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDCPL"="RTHDCPL.EXE" "Alcmtr"="ALCMTR.EXE" "SkyTel"="SkyTel.EXE" "PAC7302_Monitor"="C:\WINDOWS\PixArt\PAC7302\Monitor.exe" "Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "AVG_TRAY"="C:\Program Files\AVG\AVG2012\avgtray.exe" "ApnTBMon"="C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe" "RemoteControl"="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" "LanguageShortcut"="C:\Program Files\CyberLink\PowerDVD\Language\Language.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" ==== Startup Registry Disabled ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AnalogClock] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="AnalogClock" "hkey"="HKCU" "command"="C:\\Program Files\\Windows7\\Analog Clock\\AnalogClock.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\KRun] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="RunMe" "hkey"="HKLM" "command"="C:\\Program Files\\Windows7\\RunMe\\RunMe.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Pie Dock] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Windows 7 Pie Dock" "hkey"="HKLM" "command"="\"C:\\Program Files\\Windows7\\Windows 7 Pie Dock\\Windows 7 Pie Dock.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\TransBar] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="TransBar" "hkey"="HKCU" "command"="C:\\Program Files\\Windows7\\TransBar\\TransBar.exe /s" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Viena Explorer] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Vienna Explorer" "hkey"="HKLM" "command"="\"C:\\Program Files\\Windows7\\Vienna Explorer\\Vienna Explorer.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Visual Task Tips] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="VisualTaskTips" "hkey"="HKLM" "command"="\"C:\\Program Files\\Windows7\\VisualTaskTips\\VisualTaskTips.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-] "x.exe"="\"C:\\WINDOWS\\system32\\algv.exe\"" "algv.exe"="C:\\WINDOWS\\system32\\algv.exe" "AtiPTA"="atiptaxx.exe" "SunJavaUpdateSched"="\"C:\\Program Files\\Common Files\\Java\\Java Update\\jusched.exe\"" "GrooveMonitor"="\"C:\\Program Files\\Microsoft Office\\Office12\\GrooveMonitor.exe\"" "PAC7302_Monitor"="C:\\WINDOWS\\PixArt\\PAC7302\\Monitor.exe" "KernelFaultCheck"="%systemroot%\\system32\\dumprep 0 -k" ==== Task Scheduler Jobs ====================== C:\WINDOWS\tasks\Browser Manager.job --a------ [Undetermined Task] C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a------ [Undetermined Task] C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a------ [Undetermined Task] ==== Firefox Extensions ====================== ProfilePath: C:\Documents and Settings\ADMINI~1\Application Data\Mozilla\Firefox\Profiles\ifv1b0db.default - Undetermined - C:\Documents and Settings\Administrator\Application Data\Mozilla\Extensions\speedanalysis@SpeedAnalysis.com - Instrument Test - %ProfilePath%\extensions\testpilot@labs.mozilla.com.xpi ==== Firefox Plugins ====================== Profilepath: C:\Documents and Settings\Jolly\Application Data\Mozilla\Firefox\Profiles\dus1jqqw.default 04ACC61B47857E779CD92D1D88770BF1 - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll - Adobe Acrobat 77B09C2C6F407531447DA75E3ACD1C5B - C:\Program Files\Adobe\Reader 10.0\Reader\browser\nppdf32.dll - Adobe Acrobat 5B92CB0A3EEE50F6B9AE036B4F9B0F0C - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll - Google Earth Plugin A3E477ACDA2C5A427E56FB075ADEB536 - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_110.dll - Shockwave Flash 6768C724599214E4F9ADD9F8FF5097EB - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll - Java(TM) Platform SE 7 U45 28000D7EEB2FD95A36E1A7539F599C3B - C:\Program Files\Windows Media Player\npdrmv2.dll - Microsoft® DRM 5D41BCD19A3D90E4EBB58A6BFB79E4F7 - C:\Program Files\Windows Media Player\npdsplay.dll - Windows Media Player Plug-in Dynamic Link Library 8B6884E3E1E5F8ABA5FA0C6A2B13181D - C:\Program Files\Windows Media Player\npwmsdrm.dll - Microsoft® DRM F0B8C822A200250EDF60049F07E4CC41 - C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll - RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) 30257426F6DA31808C6698EC01DE2D97 - C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll - RealPlayer Version Plugin 68A131335A20B343923A2957EB1E413D - C:\WINDOWS\system32\npptools.dll - Microsoft® Windows® Operating System Profilepath: C:\Documents and Settings\Jolly\Application Data\Mozilla\Firefox\Profiles\u50vzrml.default F891089A6AB9E12FEDEBCC5EC0F40D66 - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll - Shockwave Flash BE501CBC29B2025A263D80D399F1797A - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll - Silverlight Plug-In A3E477ACDA2C5A427E56FB075ADEB536 - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_110.dll - Shockwave Flash 28000D7EEB2FD95A36E1A7539F599C3B - C:\Program Files\Windows Media Player\npdrmv2.dll - Microsoft® DRM 5D41BCD19A3D90E4EBB58A6BFB79E4F7 - C:\Program Files\Windows Media Player\npdsplay.dll - Windows Media Player Plug-in Dynamic Link Library 8B6884E3E1E5F8ABA5FA0C6A2B13181D - C:\Program Files\Windows Media Player\npwmsdrm.dll - Microsoft® DRM B27CCB1168B1960AEC6E9D3E0E0F0D2A - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrlui.dll - Microsoft® Silverlight Profilepath: C:\Documents and Settings\Jolly\Application Data\Mozilla\Firefox\Profiles\wzsvn3s6.default-1395336451593 F891089A6AB9E12FEDEBCC5EC0F40D66 - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll - Shockwave Flash BE501CBC29B2025A263D80D399F1797A - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll - Silverlight Plug-In A3E477ACDA2C5A427E56FB075ADEB536 - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_110.dll - Shockwave Flash 28000D7EEB2FD95A36E1A7539F599C3B - C:\Program Files\Windows Media Player\npdrmv2.dll - Microsoft® DRM 5D41BCD19A3D90E4EBB58A6BFB79E4F7 - C:\Program Files\Windows Media Player\npdsplay.dll - Windows Media Player Plug-in Dynamic Link Library 8B6884E3E1E5F8ABA5FA0C6A2B13181D - C:\Program Files\Windows Media Player\npwmsdrm.dll - Microsoft® DRM B27CCB1168B1960AEC6E9D3E0E0F0D2A - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrlui.dll - Microsoft® Silverlight ==== Chrome Look ====================== MB2 - Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ablnpmdakdiclnimkjfcaibpgjhapkbl Google Drive - Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo SpeedAnalysis.com - Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\cfcbmgbfdbijmjgjihagbomfbjfjmgon Google Search - Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf AVG Safe Search - Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla Skype for Chromium - Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl AVG Do Not Track - Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof Settings Protector - Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pgafcinpmmpklohkojmllohdhomoefph Gmail - Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia MB2 - Administrator\Local Settings\Application Data\Torch\User Data\Default\Extensions\ablnpmdakdiclnimkjfcaibpgjhapkbl SiteAdvisor - Administrator\Local Settings\Application Data\Torch\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho AVG Safe Search - Administrator\Local Settings\Application Data\Torch\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla Ask Video Search - Administrator\Local Settings\Application Data\Torch\User Data\Default\Extensions\khfhickdpicdaakidammlhdmhhpgfmkc Torch Helper - Administrator\Local Settings\Application Data\Torch\User Data\Default\Extensions\lecpjhggilhbceadobnggaagnpfpafhg Ask Image Search - Administrator\Local Settings\Application Data\Torch\User Data\Default\Extensions\maenakfpbfmdigldjpegddiphokaodjh AVG Do Not Track - Administrator\Local Settings\Application Data\Torch\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof LiveVDO plugin - Administrator\Local Settings\Application Data\Torch\User Data\Default\Extensions\pbiamblgmkgbcgbcgejjgebalncpmhnp Settings Protector - Administrator\Local Settings\Application Data\Torch\User Data\Default\Extensions\pgafcinpmmpklohkojmllohdhomoefph Google Wallet - Jolly\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" ==== Empty IE Cache ====================== C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully C:\Documents and Settings\Jolly\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== C:\Documents and Settings\Administrator\Local Settings\Application Data\Mozilla\Firefox\Profiles\ifv1b0db.default\Cache emptied successfully C:\Documents and Settings\Jolly\Local Settings\Application Data\Mozilla\Firefox\Profiles\u50vzrml.default\Cache emptied successfully ==== Empty Chrome Cache ====================== C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache emptied successfully C:\Documents and Settings\Administrator\Local Settings\Application Data\Torch\User Data\Default\Cache emptied successfully C:\Documents and Settings\Jolly\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=5136 folders=650 395279603 bytes) ==== Empty Temp Folders ====================== C:\Documents and Settings\Administrator\Local Settings\Temp emptied successfully C:\Documents and Settings\Default User\Local Settings\Temp emptied successfully C:\Documents and Settings\Jolly\Local Settings\Temp will be emptied at reboot C:\Documents and Settings\LocalService\Local Settings\Temp emptied successfully C:\Documents and Settings\NetworkService\Local Settings\Temp emptied successfully C:\WINDOWS\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\WINDOWS\Temp successfully emptied C:\DOCUME~1\Jolly\LOCALS~1\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\RECYCLER successfully emptied ==== Deleting Files / Folders ====================== "C:\Documents and Settings\Jolly\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not found ==== EOF on sre 26.03.2014 at 15:32:37,62 ======================

Profil

argus Poslao: 26 Mar 2014 16:07 Idi na vrh
rip argus Anti Malware Fighter Rank 2 Pridružio: 27 Apr 2008 Poruke: 9160 Gde živiš: Prokuplje	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Preuzmi MCShield sa sljedeće adrese: http://www.mcshield.net/download/MCShield-Setup.exe Instaliraj MCShield i sačekaj da se završi uvodno skeniranje. Kad se završi uvodno skeniranje, ubacuj sve USB memorijske uređaje redom u USB port i svaki zadrži u portu dok MCShield ne izbaci poruku da je skeniranje završeno. Ukoliko imaš više USB uređaja, zabilježi negdje kojim su redom ubacivani. Objašnjenje: U USB memorijske uređaje spadaju svi oni uređaji koji po priključivanju na kompjuter dobijaju svoju oznaku particije. Tu spadaju USB flash drajvovi, eksterni hard-diskovi, memorijske kartice, MP3 i MP4 plejeri, neki mobilni telefoni, neki GPS (navigacioni) uređaji itd. Idi na Start -> All Programs -> MCShield -> Logs -> AllScans Otvoriće ti se izvještaj u Notepad-u čiji sadržaj treba da postaviš u poruku

Profil

jollyking991 Poslao: 26 Mar 2014 16:34 Idi na vrh
offline jollyking991 Novi MyCity građanin Pridružio: 24 Mar 2014 Poruke: 29	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! >>> MCShield AllScans.txt <<< ----------------------------- MCShield ::Anti-Malware Tool:: mcshield.net/ >>> v 3.0.4.27 / DB: 2014.3.23.1 / Windows XP <<< 26.3.2014 16:26:28 > Disk C: - skeniranje započeto (bez oznake ~78 GB, NTFS HDD )... => Disk je čist. 26.3.2014 16:26:28 > Disk D: - skeniranje započeto (Data ~71 GB, NTFS HDD )... => Disk je čist. Evo izvještaja, da dodam još da nemam nikakvih eksternih uredjaja prikopcanih na komp, jedino sto je povezano preko usb-a su tastatura, mis, kamera..

Profil

argus Poslao: 26 Mar 2014 16:37 Idi na vrh
rip argus Anti Malware Fighter Rank 2 Pridružio: 27 Apr 2008 Poruke: 9160 Gde živiš: Prokuplje	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Dobro, neka ga taj program za ne daj boze. Kakvo je sada generalno stanje sa sistemom?

Profil

jollyking991 Poslao: 26 Mar 2014 16:56 Idi na vrh
offline jollyking991 Novi MyCity građanin Pridružio: 24 Mar 2014 Poruke: 29	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Stanje je mnogo bolje, nema vise ibsvc.exe sto je najvaznije..! pri paljenju je prikazivalo neku gresku, i to je nestalo.. najveci mi je sad problem gasenje kompjutera zbog slabog napajanja, npr. kad udjem u fejsbuk i skrolujem, zakuca ga u 100%, jesam li prestao skrolovati smiri se situacija i svako malo moram da ga refresujem da se ne ugasi. Na net ulazim preko Mozille, isao sam i preko Chrome-a, ali se na njemu brze gasi.. imate li nekakvih preporuka, koji pretrazivac da koristim (koji je najlaksi za komp) ? Drugo sto me interesuje jeste veliki broj procesa na WTM koje stoje npr. svchost.exe, u ovom trenutku mi ima 8 njih poredanih u WTM-u. A System Idle Process SYSTEM mjeri na CPU od 90 do 99 gotovo non-stop (Mem Usage 28 K)

Profil

argus Poslao: 26 Mar 2014 17:10 Idi na vrh
rip argus Anti Malware Fighter Rank 2 Pridružio: 27 Apr 2008 Poruke: 9160 Gde živiš: Prokuplje	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Citat: Drugo sto me interesuje jeste veliki broj procesa na WTM koje stoje npr. svchost.exe, u ovom trenutku mi ima 8 njih poredanih u WTM-u. A System Idle Process SYSTEM mjeri na CPU od 90 do 99 gotovo non-stop I prvo i drugo je normalno, tako i treba da bude. Kad nista ne radi na kompu Idle Process mora da bude 99, ako je manji znaci da nesto vuce memoriju. Primer, kad pokrenes FF, Idle se smanjuje od zavisnosti koliko vuce FF. Sto se gasenja racunara tice to da pitas u Windows forumu, ovde radimo iskljucivo malware probleme. Da ne zaboravim da ti kazem da je taj tvoj Windows preradjivan (budzen) i to je najveci problem jer niko ne zna sta je na njemu brisano i doradjivano. Prvom prilikom da se oslobodis tog Windowsa i instaliras normalan XP sa sp3. Potrebno je deinstalirati ComboFix: klikni start (ili ), a zatim RUN. Na Visti koristiti Start Search polje ukoliko Run nije dostupan. U liniju za unos teksta ukucaj (iskopiraj) sledeće: ComboFix /Uninstall Primeti da postoji razmak između "ComboFix" i "/Uninstall". a zatim klikni OK (ili pritisni Enter). Sačekaj da se proces deinstalacije završi. ************* • Sledeća procedura će implementirati završno čišćenje. Preuzmi "Xplode"-ov DelFix alat i snimi ga na Desktop. Dvoklikom pokreni alat i štikliraj kućice ispred sledećih opcija; Remove disinfection tools Create registry backup Purge System Restore Klikni na dugme Run i pričekaj trenutak dok alat ne završi svoj rad. Od ovog trenutka, svi korišćeni alati u ovoj temi bi trebali biti obrisani. Alat će takođe formirati izveštaj za tebe. (C:\DelFix.txt) Alat će snimiti i zdravo stanje registy-ja i napraviti backup koristeci integrisan program "ERUNT" u %windir%\ERUNT\DelFix Alat briše stare system restore tačke i pravi novu, svežu tačku nakon čišćenja.

Profil

jollyking991 Poslao: 26 Mar 2014 19:04 Idi na vrh
offline jollyking991 Novi MyCity građanin Pridružio: 24 Mar 2014 Poruke: 29	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Hvala Vam puno na pomoći.. Sjajni ste, veliki pozdrav iz vjetrovite Omarske..

Profil

MyCity » Ambulanta -> Arhiva Ambulante » Kako da se riješim ibsvc.exe?

Ko je trenutno na forumu

Ukupno su 736 korisnika na forumu :: 8 registrovanih, 1 sakriven i 727 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: cikadeda, Koridor, Marko Marković, marsovac 2, milenko crazy north, Milos82, Mixelotti, slonic_tonic

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by