UpdateTool.exe

1

UpdateTool.exe

offline
  • Pridružio: 25 Jun 2009
  • Poruke: 533
  • Gde živiš: U kuci!

Od skoro mi se javio problem da prilikom startovanja Windows-a (7-ice) izlazi poruka da sistem ne moze da pronadje fajl 'UpdateTool.exe' sto istovremeno vodi ka tome da ne mogu da odradim apdejt sistema. U pocetku sam mislio da je to neki trenutni problem u sistemu, al' sad vec kapiram da ima veze sa nekim nezeljenim fajlovima koje mi od skoro prijavljuje i NOD32 a koje nisam uspio da uklonim. Cak mi se i na startnom ekranu NOD-a pojavljuje poruka "Analysis of application protocols will not function..." za koju sam na internetu pronasao da obicno proizilazi iz toga sto je apdejt sistema onemogucen. Okacicu sada neophodne fajlove kao i nazive inficiranih fajlova, pa se nadam da cemo uspjeti da rijesimo problem.


DDS (Ver_2012-10-14.05) - NTFS_x86
Internet Explorer: 8.0.7601.17514 BrowserJavaVersion: 1.6.0_29
Run by IVANA at 15:29:08 on 2012-10-15
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.3582.2382 [GMT 2:00]
.
AV: ESET NOD32 Antivirus 4.0 *Enabled/Outdated* {CB0F8167-5331-BA19-698E-64816B6801A5}
SP: ESET NOD32 Antivirus 4.0 *Enabled/Outdated* {706E6083-750B-B597-533E-5FF310EF4B18}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Expat Shield\bin\openvpnas.exe
C:\Program Files\Expat Shield\HssWPR\hsssrv.exe
C:\Program Files\Expat Shield\bin\hsswd.exe
C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
D:\Program Files\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
D:\Program Files\FileServe Manager\FSStarter.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
D:\Program Files\Sony\PlayMemories Home\PMBVolumeWatcher.exe
C:\Program Files\Skype\Phone\Skype.exe
D:\Program Files\firefox.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
D:\Program Files\plugin-container.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe
D:\Program Files\uTorrent\uTorrent.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://search.expatshield.com/g/?c=h
mStart Page = hxxp://startsear.ch/?aff=1&cf=e0b1177e-45f7-11e1-9aa3-001fd05f8d1b
uURLSearchHooks: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - c:\program files\vuze_remote\tbVuze.dll
uURLSearchHooks: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - c:\program files\utorrentbar\tbuTor.dll
mURLSearchHooks: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - c:\program files\vuze_remote\tbVuze.dll
mURLSearchHooks: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - c:\program files\utorrentbar\tbuTor.dll
BHO: FileServeManager: {00000001-AB3B-4334-9DA2-EC6B2A02AFC6} - d:\program files\fileserve manager\FileServeBHO.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: VshareComplete: {222f31fb-a14e-4af2-bb14-997f28294370} - c:\users\ivana\appdata\roaming\vsharecomplete\VshareComplete.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll
BHO: Conduit Engine: {30F9B915-B755-4826-820B-08FBA6BD249D} - c:\program files\conduitengine\ConduitEngine.dll
BHO: Expat Shield Class: {3706EE7C-3CAD-445D-8A43-03EBC3B75908} - c:\program files\expat shield\hssie\ExpatIE.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
BHO: IE5BarLauncherBHO Class: {78F3A323-798E-4AEA-9A57-88F4B05FD5DD} - c:\program files\startsearch plugin\BarLcher.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - c:\program files\google\googletoolbarnotifier\5.7.7529.1424\swg.dll
BHO: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - c:\program files\vuze_remote\tbVuze.dll
BHO: IeMonitorBho Class: {bf00e119-21a3-4fd1-b178-3b8537e75c92} -
BHO: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - c:\program files\utorrentbar\tbuTor.dll
BHO: QUICKfind BHO Object: {C08DF07A-3E49-4E25-9AB0-D3882835F153} - d:\program files\idm\quickfind\plugins\IEHelp.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: Vuze Remote Toolbar: {BA14329E-9550-4989-B3F2-9732E92D17CC} - c:\program files\vuze_remote\tbVuze.dll
TB: uTorrentBar Toolbar: {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - c:\program files\utorrentbar\tbuTor.dll
TB: Conduit Engine: {30F9B915-B755-4826-820B-08FBA6BD249D} - c:\program files\conduitengine\ConduitEngine.dll
TB: VShareToolBar: {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - c:\program files\startsearch plugin\BarLcher.dll
TB: Vuze Remote Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} - c:\program files\vuze_remote\tbVuze.dll
TB: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - c:\program files\utorrentbar\tbuTor.dll
TB: Conduit Engine: {30F9B915-B755-4826-820B-08FBA6BD249D} - c:\program files\conduitengine\ConduitEngine.dll
TB: VShareToolBar: {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - c:\program files\startsearch plugin\BarLcher.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
uRun: [Speech Recognition] "c:\windows\speech\common\sapisvr.exe" -SpeechUX -Startup
uRun: [Facebook Update] "c:\users\ivana\appdata\local\facebook\update\FacebookUpdate.exe" /c /nocrashserver
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /minimized /regrun
uRun: [GameXN GO] "c:\programdata\gamexn\GameXNGO.exe" /startup
uRun: [EADM] "d:\program files\origin\Origin.exe" -AutoStart
mRun: [NeroFilterCheck] c:\windows\system32\NeroCheck.exe
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
mRun: [AdobeCS5ServiceManager] "c:\program files\common files\adobe\cs5servicemanager\CS5ServiceManager.exe" -launchedbylogin
mRun: [iSafeCW] c:\program files\ecodsoft keylogger\winsrv.exe
mRun: [DivX Download Manager] "c:\program files\divx\divx plus web player\DDmService.exe" start
mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
mRun: [QuickTime Task] "d:\program files\quicktime\QTTask.exe" -atboottime
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [PWRISOVM.EXE] d:\program files\poweriso\PWRISOVM.EXE
mRun: [FileServe Manager Task] "d:\program files\fileserve manager\FSStarter.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [PMBVolumeWatcher] d:\program files\sony\playmemories home\PMBVolumeWatcher.exe
mRun: [LogMeIn Hamachi Ui] "c:\program files\logmein hamachi\hamachi-2-ui.exe" --auto-start
StartupFolder: c:\users\ivana\appdata\roaming\micros~1\windows\startm~1\programs\startup\3186910a.lnk - c:\users\ivana\appdata\local\temp\dllhosts.exe
StartupFolder: c:\users\ivana\appdata\roaming\micros~1\windows\startm~1\programs\startup\facebo~1.lnk - c:\users\ivana\appdata\local\facebook\messenger\2.1.4651.0\FacebookMessenger.exe
StartupFolder: c:\users\ivana\appdata\roaming\micros~1\windows\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Download with FileServe Manager - d:\program files\fileserve manager\GetUrl.htm
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
LSP: mswsock.dll
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\program files\yahoo!\common\Yinsthelper.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
TCP: Interfaces\{7A5AA24D-184F-4640-8D45-66ECB03CE4A4} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{D6E5A64D-7A1C-43E0-BC8D-E9DA87EDC5E3} : NameServer = 195.66.189.137 195.66.189.138
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
SSODL: WebCheck - <orphaned>
STS: ObjectDockShlExt Class - {1984D045-52CF-49cd-DB77-08F378FEA4DB} - d:\program files\stardock\objectdockplus2\ODMenu.dll
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\ivana\appdata\roaming\mozilla\firefox\profiles\rl47s1ay.sef\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2786678&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.startup.homepage - google.com
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2786678&SearchSource=2&q=
FF - component: c:\program files\real\realplayer\browserrecord\firefox\ext\components\nprpffbrowserrecordext.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: c:\program files\veetle\player\npvlc.dll
FF - plugin: c:\program files\veetle\plugins\npVeetle.dll
FF - plugin: c:\program files\veetle\vlcbroadcast\npvbp.dll
FF - plugin: c:\users\ivana\appdata\local\facebook\messenger\2.1.4651.0\npFbDesktopPlugin.dll
FF - plugin: c:\users\ivana\appdata\local\facebook\video\skype\npFacebookVideoCalling.dll
FF - plugin: c:\users\ivana\appdata\roaming\mozilla\firefox\profiles\rl47s1ay.sef\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\plugins\np-mswmp.dll
FF - plugin: c:\users\ivana\appdata\roaming\mozilla\plugins\npoctoshape.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_4_402_287.dll
FF - plugin: c:\windows\system32\wat\npWatWeb.dll
FF - plugin: d:\program files\plugins\npdeployJava1.dll
FF - plugin: d:\program files\plugins\npuuseep.dll
FF - plugin: d:\program files\plugins\npvsharetvplg.dll
FF - plugin: d:\program files\quicktime\plugins\npqtplugin.dll
FF - plugin: d:\program files\quicktime\plugins\npqtplugin2.dll
FF - plugin: d:\program files\quicktime\plugins\npqtplugin3.dll
FF - plugin: d:\program files\quicktime\plugins\npqtplugin4.dll
.
============= SERVICES / DRIVERS ===============
.
R2 ExpatShieldService;Expat Shield Service;c:\program files\expat shield\bin\openvpnas.exe [2012-1-6 331608]
R2 ExpatSrv;Expat Shield Routing Service;c:\program files\expat shield\hsswpr\hsssrv.exe [2012-1-5 363336]
R2 ExpatWd;Expat Shield Monitoring Service;c:\program files\expat shield\bin\hsswd.exe -product expat --> c:\program files\expat shield\bin\hsswd.exe -product Expat [?]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files\logmein hamachi\hamachi-2.exe [2012-6-27 1385896]
R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;d:\program files\sony\playmemories home\PMBDeviceInfoProvider.exe [2012-6-2 459832]
R2 TeamViewer7;TeamViewer 7;c:\program files\teamviewer\version7\TeamViewer_Service.exe [2012-7-16 2673064]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2009-6-10 139776]
R3 SCREAMINGBDRIVER;Screaming Bee Audio;c:\windows\system32\drivers\ScreamingBAudio.sys [2009-12-1 34384]
R3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\drivers\seehcri.sys [2010-11-24 27632]
R3 SrvHsfPCI;SrvHsfPCI;c:\windows\system32\drivers\VSTBS23.SYS [2009-7-14 266752]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\drivers\VSTDPV3.SYS [2009-7-14 980992]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\drivers\VSTCNXT3.SYS [2009-7-14 661504]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-4-14 135664]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-6-7 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-7-10 250808]
S3 athur;Wireless Network Adapter Service;c:\windows\system32\drivers\athur.sys [2010-4-14 1334784]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888]
S3 ExpatTrayService;Expat Shield Tray Service;c:\program files\expat shield\bin\ExpatTrayService.exe [2012-1-6 77520]
S3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\drivers\ggflt.sys [2010-11-24 13224]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-4-14 135664]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\mozilla maintenance service\maintenanceservice.exe [2012-4-30 129976]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2011-6-25 15872]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-6-25 52224]
S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2010-7-12 1343400]
.
=============== File Associations ===============
.
FileExt: .txt: VSTA.txt.8.0="c:\program files\microsoft visual studio 8\common7\ide\vsta.exe" /dde "%1" [UserChoice]
FileExt: .js: jsfile="c:\program files\adobe\adobe dreamweaver cs5\Dreamweaver.exe","%1"
ShellExec: dreamweaver.exe: Open="c:\program files\adobe\adobe dreamweaver cs5\dreamweaver.exe", "%1"
.
=============== Created Last 30 ================
.
2012-10-14 13:44:22 -------- d-sh--w- c:\windows\system32\%APPDATA%
2012-10-13 13:12:10 137728 ----a-w- c:\windows\system32\rldea.dll
2012-10-13 00:14:27 6980552 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{fd1cb52e-e2bc-4f11-90c7-d7e7a6ac4d81}\mpengine.dll
2012-10-09 21:13:59 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2012-10-09 21:13:59 3584 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2012-10-09 21:13:59 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2012-10-09 21:13:58 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2012-10-09 21:13:58 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2012-10-09 21:13:58 3072 ---ha-w- c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2012-10-09 21:13:39 1159680 ----a-w- c:\windows\system32\crypt32.dll
2012-10-09 21:13:36 140288 ----a-w- c:\windows\system32\cryptsvc.dll
2012-10-09 21:13:35 103936 ----a-w- c:\windows\system32\cryptnet.dll
2012-10-09 21:13:21 1211760 ----a-w- c:\windows\system32\drivers\ntfs.sys
2012-10-09 21:13:20 542208 ----a-w- c:\windows\system32\kerberos.dll
2012-10-09 21:13:14 3968880 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-10-09 21:13:14 3914096 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-09-26 12:13:04 245760 ----a-w- c:\windows\system32\OxpsConverter.exe
2012-09-24 13:55:17 -------- d-----w- c:\users\ivana\workspace
.
==================== Find3M ====================
.
2012-10-13 14:08:20 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-10-13 14:08:20 696760 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-09-14 18:28:53 2048 ----a-w- c:\windows\system32\tzres.dll
2012-08-27 22:19:11 477240 ----a-w- c:\windows\system32\drivers\sptd.sys
2012-08-24 16:57:48 981504 ----a-w- c:\windows\system32\wininet.dll
2012-08-24 16:57:48 172544 ----a-w- c:\windows\system32\wintrust.dll
2012-08-24 15:20:39 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2012-08-22 17:16:54 1292144 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-08-22 17:16:46 712048 ----a-w- c:\windows\system32\drivers\ndis.sys
2012-08-22 17:16:46 240496 ----a-w- c:\windows\system32\drivers\netio.sys
2012-08-22 17:16:36 187760 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2012-08-20 17:40:31 169984 ----a-w- c:\windows\system32\winsrv.dll
2012-08-20 17:40:01 293376 ----a-w- c:\windows\system32\KernelBase.dll
2012-08-20 17:37:58 271360 ----a-w- c:\windows\system32\conhost.exe
2012-08-02 16:57:20 490496 ----a-w- c:\windows\system32\d3d10level9.dll
2012-07-18 17:47:53 2345984 ----a-w- c:\windows\system32\win32k.sys
.
============= FINISH: 15:29:52.19 ===============

https://www.mycity.rs/must-login.png

Prilikom skeniranja sa drugim programom pojavio se plavi ekran sa ispisanim tekstom i kompjuter se ugasio, tako da bih radije da za pocetak pokusate sa ovim a ako bude neophodno ponovo cu pokusati sa skeniranjem. Sto se tice naziva 'virusa' kacim ih cim ponovo instaliram NOD jer sam ga izbrisao misleci da ce to mozda popraviti problem, a sad imam nekih manjih komplikacija prilikom instaliranja.

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10622
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

U Kako otvoriti temu u AMbulanti imaš uputstvo za drugi program ukoliko GMER neće da radi, a to je RootRepeal.

offline
  • Pridružio: 25 Jun 2009
  • Poruke: 533
  • Gde živiš: U kuci!

Sass Drake ::U Kako otvoriti temu u AMbulanti imaš uputstvo za drugi program ukoliko GMER neće da radi, a to je RootRepeal.

Probao sam, medjutim pojavljuje mi se greska 'Atempt to write adress...'.

Neka druga solucija, ili da ponovo pokusam sa Gmer-om, i da napomenem da je prije gasenja kompjutera skeniranje trajalo sigurno preko 40 minuta.

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10622
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Preuzmi Rootkit Unhooker na Desktop.

Dvoklikom pokreni program;

odaberi Report karticu;

klikni Scan i u prozoru koji se otvori štrikliraj stavke:

SSDT
Shadow SSDT
Processes
Drivers
Stealth Code
Files
Code Hooks

klikni OK i sačekaj završetak skeniranja.


Kada skeniranje bude završeno, klikni File > Save Report i sačuvaj izveštaj.

Izveštaj programa Rootkit Unhooker priloži uz poruku korišćenjem opcije Prikači fajl.

offline
  • Pridružio: 25 Jun 2009
  • Poruke: 533
  • Gde živiš: U kuci!

Sass Drake ::Preuzmi Rootkit Unhooker na Desktop.

Dvoklikom pokreni program;

odaberi Report karticu;

klikni Scan i u prozoru koji se otvori štrikliraj stavke:

SSDT
Shadow SSDT
Processes
Drivers
Stealth Code
Files
Code Hooks

klikni OK i sačekaj završetak skeniranja.


Kada skeniranje bude završeno, klikni File > Save Report i sačuvaj izveštaj.

Izveštaj programa Rootkit Unhooker priloži uz poruku korišćenjem opcije Prikači fajl.


Link nije validan, da probam sa ovim:

http://www.softpedia.com/get/Security/Security-Related/Rootkit-Unhooker.shtml ?

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10622
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Probaj.

offline
  • Pridružio: 25 Jun 2009
  • Poruke: 533
  • Gde živiš: U kuci!

'Failed to enable debug privilege...'

Ovo mi se pojavilo nakon sto sam instalirao a onda pokusao da pokrenem program.

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10622
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Preuzmi TDSSKiller sa sljedeće adrese na Desktop:

TDSSKiller


Kad preuzimanje bude završeno:

Preimenuj TDSSKiller.exe u MyCity.exe

Pokreni MyCity.exe i klikni na Change parametres.

U dijelu Additional options štrikliraj opcije Verify driver signatures i Detect TDLFS file system, a zatim klikni na OK.

Klikni na Start scan.

Kad završi prikazaće ti rezultate skeniranja.

Nemoj kliknuti na Continue već na dugme X i nakon toga još jednom na dugme X.

Prikači uz poruku izvještaj koji se nalazi na sljedećoj lokaciji:
C:\TDSSKiller_verzija programa_DD.MM.GG_HH.MM.SS.txt
(DD-dan, MM-mesec, GG-godina, HH-sat, MM-minut, SS-sekunda; datum i vrijeme kada je log napravljen)

offline
  • Pridružio: 25 Jun 2009
  • Poruke: 533
  • Gde živiš: U kuci!

19:05:40.0869 0424 TDSS rootkit removing tool 2.8.13.0 Oct 12 2012 17:26:47
19:05:41.0279 0424 ============================================================
19:05:41.0279 0424 Current date / time: 2012/10/15 19:05:41.0279
19:05:41.0279 0424 SystemInfo:
19:05:41.0279 0424
19:05:41.0279 0424 OS Version: 6.1.7601 ServicePack: 1.0
19:05:41.0279 0424 Product type: Workstation
19:05:41.0279 0424 ComputerName: CONEIIVANA-PC
19:05:41.0279 0424 UserName: IVANA
19:05:41.0279 0424 Windows directory: C:\Windows
19:05:41.0279 0424 System windows directory: C:\Windows
19:05:41.0279 0424 Processor architecture: Intel x86
19:05:41.0279 0424 Number of processors: 4
19:05:41.0279 0424 Page size: 0x1000
19:05:41.0279 0424 Boot type: Normal boot
19:05:41.0279 0424 ============================================================
19:05:42.0179 0424 Drive \Device\Harddisk0\DR0 - Size: 0x7470AFDE00 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
19:05:42.0181 0424 ============================================================
19:05:42.0181 0424 \Device\Harddisk0\DR0:
19:05:42.0181 0424 MBR partitions:
19:05:42.0181 0424 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xC34F28D
19:05:42.0190 0424 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xC34F30B, BlocksNum 0x2E031A75
19:05:42.0190 0424 ============================================================
19:05:42.0198 0424 C: <-> \Device\Harddisk0\DR0\Partition1
19:05:42.0216 0424 D: <-> \Device\Harddisk0\DR0\Partition2
19:05:42.0216 0424 ============================================================
19:05:42.0216 0424 Initialize success
19:05:42.0216 0424 ============================================================
19:11:11.0771 0584 ============================================================
19:11:11.0771 0584 Scan started
19:11:11.0771 0584 Mode: Manual; SigCheck; TDLFS;
19:11:11.0771 0584 ============================================================
19:11:12.0160 0584 ================ Scan system memory ========================
19:11:12.0160 0584 System memory - ok
19:11:12.0161 0584 ================ Scan services =============================
19:11:12.0316 0584 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
19:11:12.0375 0584 1394ohci - ok
19:11:12.0400 0584 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\Windows\system32\drivers\ACPI.sys
19:11:12.0416 0584 ACPI - ok
19:11:12.0442 0584 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
19:11:12.0472 0584 AcpiPmi - ok
19:11:12.0525 0584 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
19:11:12.0539 0584 AdobeFlashPlayerUpdateSvc - ok
19:11:12.0587 0584 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
19:11:12.0607 0584 adp94xx - ok
19:11:12.0627 0584 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
19:11:12.0645 0584 adpahci - ok
19:11:12.0663 0584 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
19:11:12.0677 0584 adpu320 - ok
19:11:12.0703 0584 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
19:11:12.0734 0584 AeLookupSvc - ok
19:11:12.0787 0584 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\Windows\system32\drivers\afd.sys
19:11:12.0804 0584 AFD - ok
19:11:12.0837 0584 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\drivers\agp440.sys
19:11:12.0850 0584 agp440 - ok
19:11:12.0872 0584 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
19:11:12.0885 0584 aic78xx - ok
19:11:12.0906 0584 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
19:11:12.0939 0584 ALG - ok
19:11:12.0956 0584 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\drivers\aliide.sys
19:11:12.0968 0584 aliide - ok
19:11:12.0995 0584 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\drivers\amdagp.sys
19:11:13.0008 0584 amdagp - ok
19:11:13.0018 0584 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\drivers\amdide.sys
19:11:13.0030 0584 amdide - ok
19:11:13.0042 0584 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
19:11:13.0055 0584 AmdK8 - ok
19:11:13.0068 0584 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
19:11:13.0092 0584 AmdPPM - ok
19:11:13.0123 0584 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\Windows\system32\drivers\amdsata.sys
19:11:13.0136 0584 amdsata - ok
19:11:13.0154 0584 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
19:11:13.0169 0584 amdsbs - ok
19:11:13.0196 0584 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\Windows\system32\drivers\amdxata.sys
19:11:13.0207 0584 amdxata - ok
19:11:13.0237 0584 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\Windows\system32\drivers\appid.sys
19:11:13.0262 0584 AppID - ok
19:11:13.0278 0584 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
19:11:13.0307 0584 AppIDSvc - ok
19:11:13.0334 0584 [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo C:\Windows\System32\appinfo.dll
19:11:13.0362 0584 Appinfo - ok
19:11:13.0449 0584 [ 20F6F19FE9E753F2780DC2FA083AD597 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:11:13.0459 0584 Apple Mobile Device - ok
19:11:13.0495 0584 [ A45D184DF6A8803DA13A0B329517A64A ] AppMgmt C:\Windows\System32\appmgmts.dll
19:11:13.0526 0584 AppMgmt - ok
19:11:13.0550 0584 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\DRIVERS\arc.sys
19:11:13.0563 0584 arc - ok
19:11:13.0572 0584 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
19:11:13.0586 0584 arcsas - ok
19:11:13.0678 0584 [ 39CDCB109BF200CC8A05B9C7E6272D11 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
19:11:13.0689 0584 aspnet_state - ok
19:11:13.0709 0584 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
19:11:13.0746 0584 AsyncMac - ok
19:11:13.0775 0584 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\drivers\atapi.sys
19:11:13.0786 0584 atapi - ok
19:11:13.0836 0584 [ 50EDC3BC29FFE35A3604E0CF041FDF24 ] athur C:\Windows\system32\DRIVERS\athur.sys
19:11:13.0892 0584 athur ( UnsignedFile.Multi.Generic ) - warning
19:11:13.0892 0584 athur - detected UnsignedFile.Multi.Generic (1)
19:11:14.0010 0584 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:11:14.0041 0584 AudioEndpointBuilder - ok
19:11:14.0061 0584 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
19:11:14.0088 0584 Audiosrv - ok
19:11:14.0114 0584 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\Windows\System32\AxInstSV.dll
19:11:14.0154 0584 AxInstSV - ok
19:11:14.0184 0584 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
19:11:14.0215 0584 b06bdrv - ok
19:11:14.0242 0584 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
19:11:14.0258 0584 b57nd60x - ok
19:11:14.0286 0584 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
19:11:14.0312 0584 BDESVC - ok
19:11:14.0327 0584 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
19:11:14.0362 0584 Beep - ok
19:11:14.0371 0584 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
19:11:14.0389 0584 blbdrive - ok
19:11:14.0418 0584 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
19:11:14.0430 0584 bowser - ok
19:11:14.0443 0584 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
19:11:14.0467 0584 BrFiltLo - ok
19:11:14.0479 0584 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
19:11:14.0501 0584 BrFiltUp - ok
19:11:14.0529 0584 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\Windows\System32\browser.dll
19:11:14.0562 0584 Browser - ok
19:11:14.0580 0584 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
19:11:14.0606 0584 Brserid - ok
19:11:14.0618 0584 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
19:11:14.0639 0584 BrSerWdm - ok
19:11:14.0655 0584 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
19:11:14.0678 0584 BrUsbMdm - ok
19:11:14.0697 0584 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
19:11:14.0721 0584 BrUsbSer - ok
19:11:14.0764 0584 [ 2865A5C8E98C70C605F417908CEBB3A4 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
19:11:14.0871 0584 BthEnum - ok
19:11:14.0889 0584 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
19:11:14.0913 0584 BTHMODEM - ok
19:11:14.0956 0584 [ AD1872E5829E8A2C3B5B4B641C3EAB0E ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
19:11:14.0980 0584 BthPan - ok
19:11:15.0004 0584 [ 1153DE2E4F5941E10C399CB5592F78A1 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
19:11:15.0058 0584 BTHPORT - ok
19:11:15.0088 0584 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
19:11:15.0138 0584 bthserv - ok
19:11:15.0144 0584 [ C81E9413A25A439F436B1D4B6A0CF9E9 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
19:11:15.0166 0584 BTHUSB - ok
19:11:15.0201 0584 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
19:11:15.0237 0584 cdfs - ok
19:11:15.0303 0584 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
19:11:15.0318 0584 cdrom - ok
19:11:15.0365 0584 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\Windows\System32\certprop.dll
19:11:15.0396 0584 CertPropSvc - ok
19:11:15.0424 0584 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
19:11:15.0439 0584 circlass - ok
19:11:15.0470 0584 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
19:11:15.0486 0584 CLFS - ok
19:11:15.0510 0584 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:11:15.0521 0584 clr_optimization_v2.0.50727_32 - ok
19:11:15.0591 0584 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:11:15.0603 0584 clr_optimization_v4.0.30319_32 - ok
19:11:15.0613 0584 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
19:11:15.0637 0584 CmBatt - ok
19:11:15.0655 0584 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\drivers\cmdide.sys
19:11:15.0667 0584 cmdide - ok
19:11:15.0723 0584 [ 247B4CE2DAB1160CD422D532D5241E1F ] CNG C:\Windows\system32\Drivers\cng.sys
19:11:15.0747 0584 CNG - ok
19:11:15.0770 0584 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
19:11:15.0782 0584 Compbatt - ok
19:11:15.0809 0584 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
19:11:15.0833 0584 CompositeBus - ok
19:11:15.0839 0584 COMSysApp - ok
19:11:16.0852 0584 cpuz132 - ok
19:11:16.0983 0584 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
19:11:16.0995 0584 crcdisk - ok
19:11:17.0029 0584 [ 96C0E38905CFD788313BE8E11DAE3F2F ] CryptSvc C:\Windows\system32\cryptsvc.dll
19:11:17.0056 0584 CryptSvc - ok
19:11:17.0104 0584 [ 3C2177A897B4CA2788C6FB0C3FD81D4B ] CSC C:\Windows\system32\drivers\csc.sys
19:11:17.0131 0584 CSC - ok
19:11:17.0169 0584 [ 15F93B37F6801943360D9EB42485D5D3 ] CscService C:\Windows\System32\cscsvc.dll
19:11:17.0203 0584 CscService - ok
19:11:17.0225 0584 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\Windows\system32\rpcss.dll
19:11:17.0260 0584 DcomLaunch - ok
19:11:17.0290 0584 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
19:11:17.0322 0584 defragsvc - ok
19:11:17.0347 0584 [ C2B623A20DF02486FBD0471689CDD9B6 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
19:11:17.0348 0584 Suspicious file (Forged): C:\Windows\system32\Drivers\dfsc.sys. Real md5: C2B623A20DF02486FBD0471689CDD9B6, Fake md5: F024449C97EC1E464AAFFDA18593DB88
19:11:17.0349 0584 DfsC ( Virus.Win32.ZAccess.aml ) - infected
19:11:17.0349 0584 DfsC - detected Virus.Win32.ZAccess.aml (0)
19:11:17.0388 0584 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\Windows\system32\dhcpcore.dll
19:11:17.0422 0584 Dhcp - ok
19:11:17.0436 0584 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
19:11:17.0466 0584 discache - ok
19:11:17.0485 0584 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\DRIVERS\disk.sys
19:11:17.0499 0584 Disk - ok
19:11:17.0521 0584 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
19:11:17.0558 0584 Dnscache - ok
19:11:17.0584 0584 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\Windows\System32\dot3svc.dll
19:11:17.0614 0584 dot3svc - ok
19:11:17.0642 0584 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\Windows\system32\dps.dll
19:11:17.0688 0584 DPS - ok
19:11:17.0706 0584 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
19:11:17.0721 0584 drmkaud - ok
19:11:17.0755 0584 [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
19:11:17.0790 0584 DXGKrnl - ok
19:11:17.0831 0584 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
19:11:17.0869 0584 EapHost - ok
19:11:17.0933 0584 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
19:11:18.0040 0584 ebdrv - ok
19:11:18.0071 0584 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\Windows\System32\lsass.exe
19:11:18.0101 0584 EFS - ok
19:11:18.0120 0584 ehdrv - ok
19:11:18.0177 0584 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
19:11:18.0212 0584 ehRecvr - ok
19:11:18.0239 0584 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe
19:11:18.0268 0584 ehSched - ok
19:11:18.0300 0584 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
19:11:18.0320 0584 elxstor - ok
19:11:18.0346 0584 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\drivers\errdev.sys
19:11:18.0363 0584 ErrDev - ok
19:11:18.0392 0584 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
19:11:18.0427 0584 EventSystem - ok
19:11:18.0441 0584 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
19:11:18.0474 0584 exfat - ok
19:11:18.0493 0584 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
19:11:18.0534 0584 fastfat - ok
19:11:18.0568 0584 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\Windows\system32\fxssvc.exe
19:11:18.0622 0584 Fax - ok
19:11:18.0633 0584 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
19:11:18.0654 0584 fdc - ok
19:11:18.0663 0584 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
19:11:18.0699 0584 fdPHost - ok
19:11:18.0710 0584 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
19:11:18.0746 0584 FDResPub - ok
19:11:18.0759 0584 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
19:11:18.0773 0584 FileInfo - ok
19:11:18.0785 0584 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
19:11:18.0825 0584 Filetrace - ok
19:11:18.0916 0584 [ BB0667B0171B632B97EA759515476F07 ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
19:11:18.0947 0584 FLEXnet Licensing Service - ok
19:11:18.0964 0584 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
19:11:18.0984 0584 flpydisk - ok
19:11:19.0002 0584 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
19:11:19.0018 0584 FltMgr - ok
19:11:19.0138 0584 [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] FontCache C:\Windows\system32\FntCache.dll
19:11:19.0213 0584 FontCache - ok
19:11:19.0342 0584 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
19:11:19.0351 0584 FontCache3.0.0.0 - ok
19:11:19.0368 0584 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
19:11:19.0380 0584 FsDepends - ok
19:11:19.0406 0584 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
19:11:19.0418 0584 Fs_Rec - ok
19:11:19.0448 0584 [ 8A73E79089B282100B9393B644CB853B ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
19:11:19.0466 0584 fvevol - ok
19:11:19.0494 0584 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
19:11:19.0506 0584 gagp30kx - ok
19:11:20.0419 0584 GarenaPEngine - ok
19:11:20.0556 0584 [ 007AEA2E06E7CEF7372E40C277163959 ] ggflt C:\Windows\system32\DRIVERS\ggflt.sys
19:11:20.0571 0584 ggflt - ok
19:11:20.0607 0584 GGSAFERDriver - ok
19:11:20.0623 0584 [ C73DE35960CA75C5AB4AE636B127C64E ] ggsemc C:\Windows\system32\DRIVERS\ggsemc.sys
19:11:20.0632 0584 ggsemc - ok
19:11:20.0671 0584 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\Windows\System32\gpsvc.dll
19:11:20.0726 0584 gpsvc - ok
19:11:20.0778 0584 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
19:11:20.0789 0584 gupdate - ok
19:11:20.0811 0584 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
19:11:20.0821 0584 gupdatem - ok
19:11:20.0859 0584 [ 833051C6C6C42117191935F734CFBD97 ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys
19:11:20.0868 0584 hamachi - ok
19:11:20.0943 0584 [ F31D7F8A7699575DBB3B3A3AB4AA6216 ] Hamachi2Svc C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
19:11:20.0986 0584 Hamachi2Svc - ok
19:11:21.0012 0584 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
19:11:21.0045 0584 hcw85cir - ok
19:11:21.0094 0584 [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
19:11:21.0121 0584 HdAudAddService - ok
19:11:21.0137 0584 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
19:11:21.0180 0584 HDAudBus - ok
19:11:21.0210 0584 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
19:11:21.0236 0584 HidBatt - ok
19:11:21.0277 0584 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
19:11:21.0297 0584 HidBth - ok
19:11:21.0311 0584 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
19:11:21.0336 0584 HidIr - ok
19:11:21.0363 0584 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\system32\hidserv.dll
19:11:21.0395 0584 hidserv - ok
19:11:21.0422 0584 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
19:11:21.0440 0584 HidUsb - ok
19:11:21.0466 0584 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\Windows\system32\kmsvc.dll
19:11:21.0492 0584 hkmsvc - ok
19:11:21.0522 0584 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
19:11:21.0555 0584 HomeGroupListener - ok
19:11:21.0585 0584 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
19:11:21.0608 0584 HomeGroupProvider - ok
19:11:21.0625 0584 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
19:11:21.0638 0584 HpSAMD - ok
19:11:21.0672 0584 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\Windows\system32\drivers\HTTP.sys
19:11:21.0713 0584 HTTP - ok
19:11:21.0734 0584 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
19:11:21.0745 0584 hwpolicy - ok
19:11:21.0780 0584 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
19:11:21.0800 0584 i8042prt - ok
19:11:21.0837 0584 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
19:11:21.0854 0584 iaStorV - ok
19:11:21.0925 0584 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
19:11:21.0940 0584 IDriverT ( UnsignedFile.Multi.Generic ) - warning
19:11:21.0940 0584 IDriverT - detected UnsignedFile.Multi.Generic (1)
19:11:22.0036 0584 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
19:11:22.0071 0584 idsvc - ok
19:11:22.0096 0584 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
19:11:22.0108 0584 iirsp - ok
19:11:22.0166 0584 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\Windows\System32\ikeext.dll
19:11:22.0207 0584 IKEEXT - ok
19:11:22.0226 0584 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\drivers\intelide.sys
19:11:22.0237 0584 intelide - ok
19:11:22.0254 0584 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
19:11:22.0270 0584 intelppm - ok
19:11:22.0299 0584 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
19:11:22.0329 0584 IPBusEnum - ok
19:11:22.0344 0584 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:11:22.0383 0584 IpFilterDriver - ok
19:11:22.0413 0584 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
19:11:22.0437 0584 IPMIDRV - ok
19:11:22.0447 0584 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
19:11:22.0482 0584 IPNAT - ok
19:11:22.0503 0584 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
19:11:22.0522 0584 IRENUM - ok
19:11:22.0553 0584 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\drivers\isapnp.sys
19:11:22.0565 0584 isapnp - ok
19:11:22.0596 0584 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
19:11:22.0611 0584 iScsiPrt - ok
19:11:22.0632 0584 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
19:11:22.0644 0584 kbdclass - ok
19:11:22.0672 0584 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
19:11:22.0691 0584 kbdhid - ok
19:11:22.0722 0584 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\Windows\system32\lsass.exe
19:11:22.0736 0584 KeyIso - ok
19:11:22.0765 0584 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
19:11:22.0778 0584 KSecDD - ok
19:11:22.0808 0584 [ D30159AC9237519FBC62C6EC247D2D46 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
19:11:22.0821 0584 KSecPkg - ok
19:11:22.0858 0584 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
19:11:22.0898 0584 KtmRm - ok
19:11:22.0928 0584 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\Windows\system32\srvsvc.dll
19:11:22.0956 0584 LanmanServer - ok
19:11:22.0972 0584 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:11:23.0004 0584 LanmanWorkstation - ok
19:11:23.0022 0584 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
19:11:23.0058 0584 lltdio - ok
19:11:23.0094 0584 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
19:11:23.0128 0584 lltdsvc - ok
19:11:23.0138 0584 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
19:11:23.0162 0584 lmhosts - ok
19:11:23.0181 0584 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
19:11:23.0194 0584 LSI_FC - ok
19:11:23.0205 0584 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
19:11:23.0218 0584 LSI_SAS - ok
19:11:23.0238 0584 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
19:11:23.0251 0584 LSI_SAS2 - ok
19:11:23.0261 0584 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
19:11:23.0274 0584 LSI_SCSI - ok
19:11:23.0290 0584 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
19:11:23.0325 0584 luafv - ok
19:11:23.0360 0584 [ 8FD868E32459ECE2A1BB0169F513D31E ] mcdbus C:\Windows\system32\DRIVERS\mcdbus.sys
19:11:23.0376 0584 mcdbus ( UnsignedFile.Multi.Generic ) - warning
19:11:23.0376 0584 mcdbus - detected UnsignedFile.Multi.Generic (1)
19:11:23.0404 0584 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
19:11:23.0418 0584 Mcx2Svc - ok
19:11:23.0432 0584 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
19:11:23.0445 0584 megasas - ok
19:11:23.0461 0584 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
19:11:23.0477 0584 MegaSR - ok
19:11:23.0532 0584 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
19:11:23.0543 0584 Microsoft Office Groove Audit Service - ok
19:11:23.0555 0584 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
19:11:23.0592 0584 MMCSS - ok
19:11:23.0605 0584 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
19:11:23.0638 0584 Modem - ok
19:11:23.0655 0584 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
19:11:23.0677 0584 monitor - ok
19:11:23.0690 0584 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
19:11:23.0702 0584 mouclass - ok
19:11:23.0716 0584 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
19:11:23.0737 0584 mouhid - ok
19:11:23.0761 0584 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
19:11:23.0774 0584 mountmgr - ok
19:11:23.0817 0584 [ 96AA8BA23142CC8E2B30F3CAE0C80254 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
19:11:23.0832 0584 MozillaMaintenance - ok
19:11:23.0864 0584 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\Windows\system32\drivers\mpio.sys
19:11:23.0880 0584 mpio - ok
19:11:23.0890 0584 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
19:11:23.0922 0584 mpsdrv - ok
19:11:23.0947 0584 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
19:11:23.0965 0584 MRxDAV - ok
19:11:23.0993 0584 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
19:11:24.0014 0584 mrxsmb - ok
19:11:24.0042 0584 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:11:24.0058 0584 mrxsmb10 - ok
19:11:24.0083 0584 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:11:24.0107 0584 mrxsmb20 - ok
19:11:24.0131 0584 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\Windows\system32\drivers\msahci.sys
19:11:24.0143 0584 msahci - ok
19:11:24.0171 0584 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\Windows\system32\drivers\msdsm.sys
19:11:24.0184 0584 msdsm - ok
19:11:24.0216 0584 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
19:11:24.0239 0584 MSDTC - ok
19:11:24.0260 0584 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
19:11:24.0288 0584 Msfs - ok
19:11:24.0294 0584 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
19:11:24.0337 0584 mshidkmdf - ok
19:11:24.0415 0584 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
19:11:24.0428 0584 msisadrv - ok
19:11:24.0457 0584 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
19:11:24.0495 0584 MSiSCSI - ok
19:11:24.0501 0584 msiserver - ok
19:11:24.0532 0584 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
19:11:24.0571 0584 MSKSSRV - ok
19:11:24.0580 0584 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
19:11:24.0616 0584 MSPCLOCK - ok
19:11:24.0624 0584 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
19:11:24.0653 0584 MSPQM - ok
19:11:24.0668 0584 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
19:11:24.0683 0584 MsRPC - ok
19:11:24.0695 0584 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
19:11:24.0711 0584 mssmbios - ok
19:11:24.0733 0584 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
19:11:24.0761 0584 MSTEE - ok
19:11:24.0788 0584 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
19:11:24.0812 0584 MTConfig - ok
19:11:24.0851 0584 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
19:11:24.0864 0584 Mup - ok
19:11:24.0894 0584 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\Windows\system32\qagentRT.dll
19:11:24.0934 0584 napagent - ok
19:11:24.0960 0584 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
19:11:24.0983 0584 NativeWifiP - ok
19:11:25.0021 0584 [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS C:\Windows\system32\drivers\ndis.sys
19:11:25.0057 0584 NDIS - ok
19:11:25.0065 0584 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
19:11:25.0102 0584 NdisCap - ok
19:11:25.0115 0584 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
19:11:25.0150 0584 NdisTapi - ok
19:11:25.0180 0584 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
19:11:25.0217 0584 Ndisuio - ok
19:11:25.0237 0584 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
19:11:25.0270 0584 NdisWan - ok
19:11:25.0296 0584 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
19:11:25.0328 0584 NDProxy - ok
19:11:25.0341 0584 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
19:11:25.0377 0584 NetBIOS - ok
19:11:25.0409 0584 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
19:11:25.0447 0584 NetBT - ok
19:11:25.0455 0584 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\Windows\system32\lsass.exe
19:11:25.0468 0584 Netlogon - ok
19:11:25.0504 0584 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
19:11:25.0544 0584 Netman - ok
19:11:25.0562 0584 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
19:11:25.0599 0584 netprofm - ok
19:11:25.0628 0584 [ F476EC40033CDB91EFBE73EB99B8362D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:11:25.0641 0584 NetTcpPortSharing - ok
19:11:25.0663 0584 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
19:11:25.0675 0584 nfrd960 - ok
19:11:25.0702 0584 [ 912084381D30D8B89EC4E293053F4710 ] NlaSvc C:\Windows\System32\nlasvc.dll
19:11:25.0734 0584 NlaSvc - ok
19:11:25.0746 0584 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
19:11:25.0775 0584 Npfs - ok
19:11:25.0795 0584 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
19:11:25.0824 0584 nsi - ok
19:11:25.0834 0584 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
19:11:25.0859 0584 nsiproxy - ok
19:11:25.0910 0584 [ 0D87503986BB3DFED58E343FE39DDE13 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
19:11:25.0958 0584 Ntfs - ok
19:11:25.0973 0584 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
19:11:25.0998 0584 Null - ok
19:11:26.0235 0584 [ F452E6AD3EDA2852F44BE492E283C40F ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
19:11:26.0546 0584 nvlddmkm - ok
19:11:26.0590 0584 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\Windows\system32\drivers\nvraid.sys
19:11:26.0603 0584 nvraid - ok
19:11:26.0614 0584 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\Windows\system32\drivers\nvstor.sys
19:11:26.0629 0584 nvstor - ok
19:11:26.0665 0584 [ C1303870D5F9EAD4BEB68559AAB7A87B ] nvsvc C:\Windows\system32\nvvsvc.exe
19:11:26.0677 0584 nvsvc - ok
19:11:26.0696 0584 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
19:11:26.0710 0584 nv_agp - ok
19:11:26.0785 0584 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
19:11:26.0814 0584 odserv - ok
19:11:26.0850 0584 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
19:11:26.0871 0584 ohci1394 - ok
19:11:26.0908 0584 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:11:26.0920 0584 ose - ok
19:11:26.0952 0584 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
19:11:26.0984 0584 p2pimsvc - ok
19:11:27.0016 0584 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
19:11:27.0039 0584 p2psvc - ok
19:11:27.0049 0584 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\DRIVERS\parport.sys
19:11:27.0063 0584 Parport - ok
19:11:27.0088 0584 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\Windows\system32\drivers\partmgr.sys
19:11:27.0102 0584 partmgr - ok
19:11:27.0125 0584 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
19:11:27.0138 0584 Parvdm - ok
19:11:27.0153 0584 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll
19:11:27.0171 0584 PcaSvc - ok
19:11:27.0183 0584 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\Windows\system32\drivers\pci.sys
19:11:27.0198 0584 pci - ok
19:11:27.0203 0584 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\drivers\pciide.sys
19:11:27.0215 0584 pciide - ok
19:11:27.0236 0584 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
19:11:27.0253 0584 pcmcia - ok
19:11:27.0272 0584 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
19:11:27.0285 0584 pcw - ok
19:11:27.0312 0584 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
19:11:27.0365 0584 PEAUTH - ok
19:11:27.0404 0584 [ AF4D64D2A57B9772CF3801950B8058A6 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
19:11:27.0459 0584 PeerDistSvc - ok
19:11:27.0522 0584 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\Windows\system32\pla.dll
19:11:27.0595 0584 pla - ok
19:11:27.0638 0584 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\Windows\system32\umpnpmgr.dll
19:11:27.0674 0584 PlugPlay - ok
19:11:27.0756 0584 [ 0315201A8638FE1EE427BF35795C39D0 ] PMBDeviceInfoProvider D:\Program Files\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
19:11:27.0774 0584 PMBDeviceInfoProvider - ok
19:11:27.0801 0584 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
19:11:27.0814 0584 PNRPAutoReg - ok
19:11:27.0835 0584 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
19:11:27.0851 0584 PNRPsvc - ok
19:11:27.0869 0584 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
19:11:27.0909 0584 PolicyAgent - ok
19:11:27.0936 0584 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\Windows\system32\umpo.dll
19:11:27.0963 0584 Power - ok
19:11:27.0998 0584 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
19:11:28.0030 0584 PptpMiniport - ok
19:11:28.0046 0584 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\DRIVERS\processr.sys
19:11:28.0059 0584 Processor - ok
19:11:28.0085 0584 [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:\Windows\system32\profsvc.dll
19:11:28.0118 0584 ProfSvc - ok
19:11:28.0130 0584 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
19:11:28.0142 0584 ProtectedStorage - ok
19:11:28.0169 0584 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
19:11:28.0196 0584 Psched - ok
19:11:28.0226 0584 [ E42E3433DBB4CFFE8FDD91EAB29AEA8E ] PxHelp20 C:\Windows\system32\DRIVERS\PxHelp20.sys
19:11:28.0235 0584 PxHelp20 - ok
19:11:28.0279 0584 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
19:11:28.0327 0584 ql2300 - ok
19:11:28.0339 0584 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
19:11:28.0352 0584 ql40xx - ok
19:11:28.0376 0584 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
19:11:28.0396 0584 QWAVE - ok
19:11:28.0407 0584 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
19:11:28.0423 0584 QWAVEdrv - ok
19:11:28.0442 0584 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
19:11:28.0479 0584 RasAcd - ok
19:11:28.0510 0584 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
19:11:28.0545 0584 RasAgileVpn - ok
19:11:28.0560 0584 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
19:11:28.0587 0584 RasAuto - ok
19:11:28.0601 0584 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
19:11:28.0628 0584 Rasl2tp - ok
19:11:28.0669 0584 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\Windows\System32\rasmans.dll
19:11:28.0704 0584 RasMan - ok
19:11:28.0715 0584 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
19:11:28.0742 0584 RasPppoe - ok
19:11:28.0768 0584 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
19:11:28.0804 0584 RasSstp - ok
19:11:28.0834 0584 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
19:11:28.0861 0584 rdbss - ok
19:11:28.0875 0584 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
19:11:28.0890 0584 rdpbus - ok
19:11:28.0920 0584 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
19:11:28.0953 0584 RDPCDD - ok
19:11:28.0967 0584 [ B973FCFC50DC1434E1970A146F7E3885 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
19:11:29.0001 0584 RDPDR - ok
19:11:29.0018 0584 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
19:11:29.0054 0584 RDPENCDD - ok
19:11:29.0069 0584 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
19:11:29.0094 0584 RDPREFMP - ok
19:11:29.0130 0584 [ 68A0387F58E226DEEE23D9715955572A ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
19:11:29.0160 0584 RdpVideoMiniport - ok
19:11:29.0198 0584 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
19:11:29.0226 0584 RDPWD - ok
19:11:29.0256 0584 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
19:11:29.0271 0584 rdyboost - ok
19:11:29.0292 0584 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll
19:11:29.0322 0584 RemoteAccess - ok
19:11:29.0341 0584 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
19:11:29.0379 0584 RemoteRegistry - ok
19:11:29.0410 0584 [ CB928D9E6DAF51879DD6BA8D02F01321 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
19:11:29.0453 0584 RFCOMM - ok
19:11:29.0499 0584 rootrepeal - ok
19:11:29.0549 0584 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
19:11:29.0588 0584 RpcEptMapper - ok
19:11:29.0620 0584 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
19:11:29.0646 0584 RpcLocator - ok
19:11:29.0767 0584 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\Windows\system32\rpcss.dll
19:11:29.0797 0584 RpcSs - ok
19:11:29.0824 0584 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
19:11:29.0858 0584 rspndr - ok
19:11:29.0901 0584 [ 7DFD48E24479B68B258D8770121155A0 ] RTL8167 C:\Windows\system32\DRIVERS\Rt86win7.sys
19:11:29.0922 0584 RTL8167 - ok
19:11:29.0951 0584 [ 815445F4676CC96BC9AEEC303C727E19 ] s116bus C:\Windows\system32\DRIVERS\s116bus.sys
19:11:29.0962 0584 s116bus - ok
19:11:29.0998 0584 [ 333D1E0743E6DE1779C3C418AC601C3A ] s116mdfl C:\Windows\system32\DRIVERS\s116mdfl.sys
19:11:30.0007 0584 s116mdfl - ok
19:11:30.0034 0584 [ 50D6E5B021E9EC7553AB8A3553CC1B6B ] s116mdm C:\Windows\system32\DRIVERS\s116mdm.sys
19:11:30.0045 0584 s116mdm - ok
19:11:30.0077 0584 [ 1589AA53E43F8D193A7D4D580D3FFA95 ] s116mgmt C:\Windows\system32\DRIVERS\s116mgmt.sys
19:11:30.0088 0584 s116mgmt - ok
19:11:30.0132 0584 [ 306F85733671FE507470F0273025E768 ] s116nd5 C:\Windows\system32\DRIVERS\s116nd5.sys
19:11:30.0140 0584 s116nd5 - ok
19:11:30.0146 0584 [ EC32601F04A5A5DE89315D0F55E73D66 ] s116obex C:\Windows\system32\DRIVERS\s116obex.sys
19:11:30.0156 0584 s116obex - ok
19:11:30.0168 0584 [ 32E3ECB4B2B5887426EAF241A8149CDE ] s116unic C:\Windows\system32\DRIVERS\s116unic.sys
19:11:30.0178 0584 s116unic - ok
19:11:30.0204 0584 [ 7FA7F2E249A5DCBB7970630E15E1F482 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
19:11:30.0233 0584 s3cap - ok
19:11:30.0284 0584 [ D7A84EF8F953A2D704580E4E73E00011 ] s716bus C:\Windows\system32\DRIVERS\s716bus.sys
19:11:30.0295 0584 s716bus - ok
19:11:30.0307 0584 [ C5B509CDEEB733EFAFADC2D93BC77712 ] s716mdfl C:\Windows\system32\DRIVERS\s716mdfl.sys
19:11:30.0316 0584 s716mdfl - ok
19:11:30.0334 0584 [ DC3DEC64860878540B374DC7D15D921F ] s716mdm C:\Windows\system32\DRIVERS\s716mdm.sys
19:11:30.0345 0584 s716mdm - ok
19:11:30.0362 0584 [ 047FD555D897333AD9F61B1D4CC7C114 ] s716mgmt C:\Windows\system32\DRIVERS\s716mgmt.sys
19:11:30.0373 0584 s716mgmt - ok
19:11:30.0400 0584 [ 2858193E91EEF964E41B6A032E1E4418 ] s716nd5 C:\Windows\system32\DRIVERS\s716nd5.sys
19:11:30.0409 0584 s716nd5 - ok
19:11:30.0432 0584 [ CC6C212585891614CC2059BA48D27A86 ] s716obex C:\Windows\system32\DRIVERS\s716obex.sys
19:11:30.0442 0584 s716obex - ok
19:11:30.0467 0584 [ AAAEEBA9FA0ECB0DE6BBA59F955CDEFB ] s716unic C:\Windows\system32\DRIVERS\s716unic.sys
19:11:30.0478 0584 s716unic - ok
19:11:30.0488 0584 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\Windows\system32\lsass.exe
19:11:30.0501 0584 SamSs - ok
19:11:30.0535 0584 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
19:11:30.0548 0584 sbp2port - ok
19:11:30.0582 0584 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
19:11:30.0629 0584 SCardSvr - ok
19:11:30.0659 0584 [ 20B2751CD4C8F3FD989739CA661B9F30 ] SCDEmu C:\Windows\system32\drivers\SCDEmu.sys
19:11:30.0674 0584 SCDEmu ( UnsignedFile.Multi.Generic ) - warning
19:11:30.0674 0584 SCDEmu - detected UnsignedFile.Multi.Generic (1)
19:11:30.0689 0584 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
19:11:30.0720 0584 scfilter - ok
19:11:30.0755 0584 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\Windows\system32\schedsvc.dll
19:11:30.0809 0584 Schedule - ok
19:11:30.0840 0584 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\Windows\System32\certprop.dll
19:11:30.0865 0584 SCPolicySvc - ok
19:11:30.0891 0584 [ A643D6DF1B7546256B11FB5D6B5D1375 ] SCREAMINGBDRIVER C:\Windows\system32\drivers\ScreamingBAudio.sys
19:11:30.0901 0584 SCREAMINGBDRIVER - ok
19:11:30.0919 0584 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\Windows\System32\SDRSVC.dll
19:11:30.0949 0584 SDRSVC - ok
19:11:30.0983 0584 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
19:11:31.0009 0584 secdrv - ok
19:11:31.0021 0584 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
19:11:31.0058 0584 seclogon - ok
19:11:31.0088 0584 [ E5B56569A9F79B70314FEDE6C953641E ] seehcri C:\Windows\system32\DRIVERS\seehcri.sys
19:11:31.0105 0584 seehcri - ok
19:11:31.0131 0584 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\System32\sens.dll
19:11:31.0166 0584 SENS - ok
19:11:31.0192 0584 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll
19:11:31.0226 0584 SensrSvc - ok
19:11:31.0237 0584 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
19:11:31.0260 0584 Serenum - ok
19:11:31.0277 0584 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\DRIVERS\serial.sys
19:11:31.0295 0584 Serial - ok
19:11:31.0321 0584 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
19:11:31.0334 0584 sermouse - ok
19:11:31.0370 0584 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\Windows\system32\sessenv.dll
19:11:31.0403 0584 SessionEnv - ok
19:11:31.0425 0584 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
19:11:31.0445 0584 sffdisk - ok
19:11:31.0462 0584 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
19:11:31.0484 0584 sffp_mmc - ok
19:11:31.0494 0584 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
19:11:31.0517 0584 sffp_sd - ok
19:11:31.0526 0584 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
19:11:31.0556 0584 sfloppy - ok
19:11:31.0586 0584 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:11:31.0617 0584 ShellHWDetection - ok
19:11:31.0646 0584 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\drivers\sisagp.sys
19:11:31.0659 0584 sisagp - ok
19:11:31.0678 0584 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
19:11:31.0691 0584 SiSRaid2 - ok
19:11:31.0706 0584 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
19:11:31.0720 0584 SiSRaid4 - ok
19:11:31.0784 0584 [ DDAA5F4A6B958FC313EBD02DD925752F ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
19:11:31.0795 0584 SkypeUpdate - ok
19:11:31.0821 0584 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
19:11:31.0848 0584 Smb - ok
19:11:31.0895 0584 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
19:11:31.0910 0584 SNMPTRAP - ok
19:11:31.0920 0584 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
19:11:31.0933 0584 spldr - ok
19:11:31.0949 0584 [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler C:\Windows\System32\spoolsv.exe
19:11:31.0975 0584 Spooler - ok
19:11:32.0052 0584 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\Windows\system32\sppsvc.exe
19:11:32.0165 0584 sppsvc - ok
19:11:32.0195 0584 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\Windows\system32\sppuinotify.dll
19:11:32.0229 0584 sppuinotify - ok
19:11:32.0277 0584 [ 0022CFFF1A41E5CE3A764050A7DDF22A ] sptd C:\Windows\System32\Drivers\sptd.sys
19:11:32.0304 0584 sptd - ok
19:11:32.0331 0584 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\Windows\system32\DRIVERS\srv.sys
19:11:32.0353 0584 srv - ok
19:11:32.0369 0584 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
19:11:32.0391 0584 srv2 - ok
19:11:32.0425 0584 [ 682FCF7D2EB5158CD30408E976562408 ] SrvHsfPCI C:\Windows\system32\DRIVERS\VSTBS23.SYS
19:11:32.0452 0584 SrvHsfPCI - ok
19:11:32.0479 0584 [ CEB4E3B6890E1E42DCA6694D9E59E1A0 ] SrvHsfV92 C:\Windows\system32\DRIVERS\VSTDPV3.SYS
19:11:32.0521 0584 SrvHsfV92 - ok
19:11:32.0542 0584 [ BC0C7EA89194C299F051C24119000E17 ] SrvHsfWinac C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
19:11:32.0575 0584 SrvHsfWinac - ok
19:11:32.0591 0584 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
19:11:32.0605 0584 srvnet - ok
19:11:32.0638 0584 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
19:11:32.0667 0584 SSDPSRV - ok
19:11:32.0678 0584 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
19:11:32.0712 0584 SstpSvc - ok
19:11:32.0740 0584 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
19:11:32.0752 0584 stexstor - ok
19:11:32.0784 0584 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\Windows\System32\wiaservc.dll
19:11:32.0826 0584 StiSvc - ok
19:11:32.0854 0584 [ 472AF0311073DCECEAA8FA18BA2BDF89 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
19:11:32.0866 0584 storflt - ok
19:11:32.0884 0584 [ DCAFFD62259E0BDB433DD67B5BB37619 ] storvsc C:\Windows\system32\drivers\storvsc.sys
19:11:32.0897 0584 storvsc - ok
19:11:32.0924 0584 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\drivers\swenum.sys
19:11:32.0936 0584 swenum - ok
19:11:32.0955 0584 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
19:11:32.0987 0584 swprv - ok
19:11:32.0997 0584 Synth3dVsc - ok
19:11:33.0038 0584 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\Windows\system32\sysmain.dll
19:11:33.0101 0584 SysMain - ok
19:11:33.0155 0584 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:11:33.0174 0584 TabletInputService - ok
19:11:33.0214 0584 [ 0C3B2A9C4BD2DD9A6C2E4084314DD719 ] taphss C:\Windows\system32\DRIVERS\taphss.sys
19:11:33.0223 0584 taphss - ok
19:11:33.0253 0584 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\Windows\System32\tapisrv.dll
19:11:33.0293 0584 TapiSrv - ok
19:11:33.0324 0584 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
19:11:33.0352 0584 TBS - ok
19:11:33.0398 0584 [ A5EBB8F648000E88B7D9390B514976BF ] Tcpip C:\Windows\system32\drivers\tcpip.sys
19:11:33.0446 0584 Tcpip - ok
19:11:33.0477 0584 [ A5EBB8F648000E88B7D9390B514976BF ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
19:11:33.0508 0584 TCPIP6 - ok
19:11:33.0544 0584 [ CCA24162E055C3714CE5A88B100C64ED ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
19:11:33.0578 0584 tcpipreg - ok
19:11:33.0602 0584 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
19:11:33.0623 0584 TDPIPE - ok
19:11:33.0649 0584 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
19:11:33.0661 0584 TDTCP - ok
19:11:33.0700 0584 [ B459575348C20E8121D6039DA063C704 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
19:11:33.0729 0584 tdx - ok
19:11:33.0835 0584 [ 2BBB318EA9F34FDC508CEA4AAB98D770 ] TeamViewer7 C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
19:11:33.0894 0584 TeamViewer7 - ok
19:11:33.0927 0584 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\Windows\system32\drivers\termdd.sys
19:11:33.0940 0584 TermDD - ok
19:11:33.0973 0584 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\Windows\System32\termsrv.dll
19:11:34.0016 0584 TermService - ok
19:11:34.0048 0584 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
19:11:34.0075 0584 Themes - ok
19:11:34.0087 0584 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
19:11:34.0113 0584 THREADORDER - ok
19:11:34.0123 0584 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
19:11:34.0159 0584 TrkWks - ok
19:11:34.0219 0584 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:11:34.0246 0584 TrustedInstaller - ok
19:11:34.0275 0584 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
19:11:34.0313 0584 tssecsrv - ok
19:11:34.0338 0584 [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
19:11:34.0371 0584 TsUsbFlt - ok
19:11:34.0378 0584 tsusbhub - ok
19:11:34.0413 0584 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
19:11:34.0450 0584 tunnel - ok
19:11:34.0473 0584 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
19:11:34.0487 0584 uagp35 - ok
19:11:34.0502 0584 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\Windows\system32\DRIVERS\udfs.sys
19:11:34.0539 0584 udfs - ok
19:11:34.0559 0584 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
19:11:34.0582 0584 UI0Detect - ok
19:11:34.0596 0584 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
19:11:34.0608 0584 uliagpkx - ok
19:11:34.0627 0584 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\Windows\system32\drivers\umbus.sys
19:11:34.0641 0584 umbus - ok
19:11:34.0666 0584 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
19:11:34.0685 0584 UmPass - ok
19:11:34.0717 0584 [ 409994A8EACEEE4E328749C0353527A0 ] UmRdpService C:\Windows\System32\umrdp.dll
19:11:34.0738 0584 UmRdpService - ok
19:11:34.0779 0584 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
19:11:34.0912 0584 upnphost - ok
19:11:34.0945 0584 [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
19:11:34.0972 0584 usbccgp - ok
19:11:34.0992 0584 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\drivers\usbcir.sys
19:11:35.0007 0584 usbcir - ok
19:11:35.0018 0584 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
19:11:35.0046 0584 usbehci - ok
19:11:35.0076 0584 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\Windows\system32\drivers\usbhub.sys
19:11:35.0093 0584 usbhub - ok
19:11:35.0109 0584 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci C:\Windows\system32\drivers\usbohci.sys
19:11:35.0128 0584 usbohci - ok
19:11:35.0140 0584 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
19:11:35.0154 0584 usbprint - ok
19:11:35.0169 0584 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:11:35.0197 0584 USBSTOR - ok
19:11:35.0210 0584 [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
19:11:35.0222 0584 usbuhci - ok
19:11:35.0237 0584 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
19:11:35.0269 0584 UxSms - ok
19:11:35.0280 0584 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\Windows\system32\lsass.exe
19:11:35.0292 0584 VaultSvc - ok
19:11:35.0324 0584 [ 2CC2660B3EC3434C88D2C808DD7937D4 ] VClone C:\Windows\system32\DRIVERS\VClone.sys
19:11:35.0352 0584 VClone - ok
19:11:35.0368 0584 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
19:11:35.0384 0584 vdrvroot - ok
19:11:35.0418 0584 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\Windows\System32\vds.exe
19:11:35.0460 0584 vds - ok
19:11:35.0472 0584 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
19:11:35.0487 0584 vga - ok
19:11:35.0502 0584 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
19:11:35.0526 0584 VgaSave - ok
19:11:35.0534 0584 VGPU - ok
19:11:35.0563 0584 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
19:11:35.0577 0584 vhdmp - ok
19:11:35.0596 0584 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\drivers\viaagp.sys
19:11:35.0609 0584 viaagp - ok
19:11:35.0624 0584 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
19:11:35.0649 0584 ViaC7 - ok
19:11:35.0664 0584 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\drivers\viaide.sys
19:11:35.0675 0584 viaide - ok
19:11:35.0694 0584 [ C2F2911156FDC7817C52829C86DA494E ] vmbus C:\Windows\system32\drivers\vmbus.sys
19:11:35.0709 0584 vmbus - ok
19:11:35.0725 0584 [ D4D77455211E204F370D08F4963063CE ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
19:11:35.0737 0584 VMBusHID - ok
19:11:35.0747 0584 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\Windows\system32\drivers\volmgr.sys
19:11:35.0760 0584 volmgr - ok
19:11:35.0775 0584 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
19:11:35.0793 0584 volmgrx - ok
19:11:35.0805 0584 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
19:11:35.0821 0584 volsnap - ok
19:11:35.0843 0584 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
19:11:35.0858 0584 vsmraid - ok
19:11:35.0899 0584 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\Windows\system32\vssvc.exe
19:11:35.0961 0584 VSS - ok
19:11:35.0971 0584 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
19:11:35.0989 0584 vwifibus - ok
19:11:36.0029 0584 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
19:11:36.0069 0584 W32Time - ok
19:11:36.0076 0584 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
19:11:36.0092 0584 WacomPen - ok
19:11:36.0171 0584 [ 5D81DFEDC21830764B02F12415AFAE2B ] wampapache c:\wamp\bin\apache\apache2.2.22\bin\httpd.exe
19:11:36.0175 0584 wampapache ( UnsignedFile.Multi.Generic ) - warning
19:11:36.0176 0584 wampapache - detected UnsignedFile.Multi.Generic (1)
19:11:36.0211 0584 wampmysqld - ok
19:11:36.0249 0584 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
19:11:36.0280 0584 WANARP - ok
19:11:36.0284 0584 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
19:11:36.0310 0584 Wanarpv6 - ok
19:11:36.0369 0584 [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
19:11:36.0420 0584 WatAdminSvc - ok
19:11:36.0462 0584 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\Windows\system32\wbengine.exe
19:11:36.0517 0584 wbengine - ok
19:11:36.0539 0584 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
19:11:36.0568 0584 WbioSrvc - ok
19:11:36.0601 0584 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\Windows\System32\wcncsvc.dll
19:11:36.0621 0584 wcncsvc - ok
19:11:36.0630 0584 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:11:36.0661 0584 WcsPlugInService - ok
19:11:36.0686 0584 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\DRIVERS\wd.sys
19:11:36.0699 0584 Wd - ok
19:11:36.0732 0584 [ 9950E3D0F08141C7E89E64456AE7DC73 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
19:11:36.0762 0584 Wdf01000 - ok
19:11:36.0781 0584 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
19:11:36.0836 0584 WdiServiceHost - ok
19:11:36.0840 0584 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
19:11:36.0856 0584 WdiSystemHost - ok
19:11:36.0890 0584 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\Windows\System32\webclnt.dll
19:11:36.0914 0584 WebClient - ok
19:11:36.0927 0584 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
19:11:36.0956 0584 Wecsvc - ok
19:11:36.0964 0584 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
19:11:36.0997 0584 wercplsupport - ok
19:11:37.0017 0584 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
19:11:37.0051 0584 WerSvc - ok
19:11:37.0069 0584 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
19:11:37.0104 0584 WfpLwf - ok
19:11:37.0119 0584 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
19:11:37.0132 0584 WIMMount - ok
19:11:37.0139 0584 WinHttpAutoProxySvc - ok
19:11:37.0187 0584 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
19:11:37.0217 0584 Winmgmt - ok
19:11:37.0248 0584 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\Windows\system32\WsmSvc.dll
19:11:37.0304 0584 WinRM - ok
19:11:37.0359 0584 [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
19:11:37.0378 0584 WinUsb - ok
19:11:37.0417 0584 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
19:11:37.0467 0584 Wlansvc - ok
19:11:37.0548 0584 [ 5144AE67D60EC653F97DDF3FEED29E77 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
19:11:37.0597 0584 wlidsvc - ok
19:11:37.0622 0584 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
19:11:37.0645 0584 WmiAcpi - ok
19:11:37.0680 0584 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
19:11:37.0696 0584 wmiApSrv - ok
19:11:37.0762 0584 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
19:11:37.0816 0584 WMPNetworkSvc - ok
19:11:37.0831 0584 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
19:11:37.0864 0584 WPCSvc - ok
19:11:37.0897 0584 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
19:11:37.0919 0584 WPDBusEnum - ok
19:11:37.0947 0584 WPRO_40_1340 - ok
19:11:37.0980 0584 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
19:11:38.0013 0584 ws2ifsl - ok
19:11:38.0019 0584 WSearch - ok
19:11:38.0056 0584 [ E714A1C0354636837E20CCBF00888EE7 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
19:11:38.0090 0584 WudfPf - ok
19:11:38.0127 0584 [ 1023EE888C9B47178C5293ED5336AB69 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
19:11:38.0159 0584 WUDFRd - ok
19:11:38.0188 0584 [ 8D1E1E529A2C9E9B6A85B55A345F7629 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
19:11:38.0224 0584 wudfsvc - ok
19:11:38.0239 0584 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\Windows\System32\wwansvc.dll
19:11:38.0268 0584 WwanSvc - ok
19:11:38.0296 0584 ================ Scan global ===============================
19:11:38.0318 0584 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
19:11:38.0345 0584 [ 48CB4FDBCAAEAC7BCE2F5941545FF071 ] C:\Windows\system32\winsrv.dll
19:11:38.0362 0584 [ 48CB4FDBCAAEAC7BCE2F5941545FF071 ] C:\Windows\system32\winsrv.dll
19:11:38.0387 0584 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
19:11:38.0418 0584 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
19:11:38.0423 0584 [Global] - ok
19:11:38.0424 0584 ================ Scan MBR ==================================
19:11:38.0436 0584 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
19:11:38.0643 0584 \Device\Harddisk0\DR0 - ok
19:11:38.0644 0584 ================ Scan VBR ==================================
19:11:38.0647 0584 [ 03A2A39115E35DC92455B6E64164BADF ] \Device\Harddisk0\DR0\Partition1
19:11:38.0649 0584 \Device\Harddisk0\DR0\Partition1 - ok
19:11:38.0672 0584 [ 60A46182CCF605AE64A458B9F71E70AF ] \Device\Harddisk0\DR0\Partition2
19:11:38.0673 0584 \Device\Harddisk0\DR0\Partition2 - ok
19:11:38.0673 0584 ============================================================
19:11:38.0674 0584 Scan finished
19:11:38.0674 0584 ============================================================
19:11:38.0684 0968 Detected object count: 6
19:11:38.0684 0968 Actual detected object count: 6
19:11:59.0225 0968 athur ( UnsignedFile.Multi.Generic ) - skipped by user
19:11:59.0225 0968 athur ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:11:59.0258 0968 C:\Windows\system32\Drivers\dfsc.sys - copied to quarantine
19:12:00.0222 0968 C:\Windows\$NtUninstallKB60411$\1143123929\@ - copied to quarantine
19:12:00.0223 0968 C:\Windows\$NtUninstallKB60411$\1143123929\Desktop.ini - copied to quarantine
19:12:00.0233 0968 C:\Windows\$NtUninstallKB60411$\1143123929\L\00000004.@ - copied to quarantine
19:12:00.0235 0968 C:\Windows\$NtUninstallKB60411$\1143123929\L\201d3dde - copied to quarantine
19:12:00.0244 0968 C:\Windows\$NtUninstallKB60411$\1143123929\L\xadqgnnk - copied to quarantine
19:12:00.0268 0968 C:\Windows\$NtUninstallKB60411$\1143123929\U\00000004.@ - copied to quarantine
19:12:00.0283 0968 C:\Windows\$NtUninstallKB60411$\1143123929\U\00000008.@ - copied to quarantine
19:12:00.0290 0968 C:\Windows\$NtUninstallKB60411$\1143123929\U\000000cb.@ - copied to quarantine
19:12:00.0291 0968 C:\Windows\$NtUninstallKB60411$\1143123929\U\80000000.@ - copied to quarantine
19:12:00.0299 0968 C:\Windows\$NtUninstallKB60411$\1143123929\U\80000032.@ - copied to quarantine
19:12:00.0466 0968 Backup copy found, using it..
19:12:00.0491 0968 C:\Windows\system32\Drivers\dfsc.sys - will be cured on reboot
19:12:00.0571 0968 C:\Windows\$NtUninstallKB60411$\1143123929\@ - will be deleted on reboot
19:12:00.0572 0968 C:\Windows\$NtUninstallKB60411$\1143123929\Desktop.ini - will be deleted on reboot
19:12:00.0573 0968 C:\Windows\$NtUninstallKB60411$\1143123929\U\00000004.@ - will be deleted on reboot
19:12:00.0573 0968 C:\Windows\$NtUninstallKB60411$\1143123929\U\00000008.@ - will be deleted on reboot
19:12:00.0573 0968 C:\Windows\$NtUninstallKB60411$\1143123929\U\000000cb.@ - will be deleted on reboot
19:12:00.0574 0968 C:\Windows\$NtUninstallKB60411$\1143123929\U\80000000.@ - will be deleted on reboot
19:12:00.0574 0968 C:\Windows\$NtUninstallKB60411$\1143123929\U\80000032.@ - will be deleted on reboot
19:12:00.0574 0968 C:\Windows\$NtUninstallKB60411$\1250444959 - will be deleted on reboot
19:12:00.0583 0968 DfsC ( Virus.Win32.ZAccess.aml ) - User select action: Cure
19:12:00.0583 0968 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
19:12:00.0583 0968 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:12:00.0586 0968 mcdbus ( UnsignedFile.Multi.Generic ) - skipped by user
19:12:00.0586 0968 mcdbus ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:12:00.0588 0968 SCDEmu ( UnsignedFile.Multi.Generic ) - skipped by user
19:12:00.0589 0968 SCDEmu ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:12:00.0590 0968 wampapache ( UnsignedFile.Multi.Generic ) - skipped by user
19:12:00.0591 0968 wampapache ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:12:14.0635 1928 Deinitialize success




https://www.mycity.rs/must-login.png

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10622
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Exclamation

Zašto nisi ispoštovao uputstvo koje sam ti dao?

Fino sam naglasio:

"Nemoj kliknuti na Continue već na dugme X i nakon toga još jednom na dugme X."

Sada uradi sljedeće:

Arrow

Preuzmi sUBs-ov ComboFix sa sljedeće adrese na Desktop:


Bleeping Computer
Klikni desnim tasterom na link i odaberi opciju Save Target As... (Save Link As..., Save Linked Content As... ili sličnu);
Kada se otvori dijalog za izbor lokacije na kojoj treba sačuvati fajl, odaberi Desktop i klikni Save.




Kada preuzimanje programa bude završeno:
deaktiviraj zaštitni softver (uputstvo);
zatvori pokrenute programe;
dvoklikom pokreni program ComboFix;
u prozoru koji se otvori klikni "I Agree".

U toku rada, ComboFix će:provjeriti postoji li novija verzija programa:
klikni Yes ako bude ponuđeno preuzimanje iste.
ako Recovery Console nije instalirana, ponuditi instalaciju:
obavezno prihvati klikom na Yes i isprati postupak.
postaviti/dati određeni broj upita/obaveštenja:
prihvati klikom na Yes ili OK.
po potrebi, restartovati Windows (više puta);
na kraju rada, otvoriti Notepad sa izveštajem o skeniranju.


Iskopiraj izvještaj koji je ComboFix napravio u temu na forumu:
klikni desnim tasterom miša u prozor Notepad-a i izaberi Select All;
klikni desnim tasterom miša na obilježeni tekst i izaberi Copy;
klikni desnim tasterom miša u polje za pisanje poruke i izaberi Paste.


Napomena:Izvještaj će biti sačuvan pod nazivom ComboFix.txt na sistemskoj particiji (tipična lokacija: C:\ComboFix.txt);
Ukoliko nakon slanja poruke primjetiš da izvještaj nije kompletan, iskoristi opciju Prikači fajl za prilaganje fajla C:\ComboFix.txt uz poruku.
Nemoj kliktati u okviru ComboFix prozora dok radi jer to može usporiti rad alata.
Nemoj ponovo pokretati ComboFix na svoju ruku - javi se u temi bilo kakav problem da imaš tokom prvog pokretanja alata.
Ako nakon restarta dobijaš gresku prilikom startovanja nekih programa da su označeni za brisanje (Illegal operation attempted on a registry key that has been marked for deletion), onda ponovo restartuj sistem i to ce riješiti problem.

Ko je trenutno na forumu
 

Ukupno su 1043 korisnika na forumu :: 47 registrovanih, 4 sakrivenih i 992 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: 357magnum, 9k38, A.R.Chafee.Jr., Apok, Asparagus, BORUTUS, Brana01, ccoogg123, cvrle312, darkangel, deimos25, dijica, dushan, Faki-Valjevo, FileFinder, havoc995, ikan, ILGromovnik, ivica976, jaeger, Karla, Koridor, Krvava Devetka, Kubovac, kybonacci, laurusri, Leonov, Lieutenant, ljuba, Luka Blažević, mercedesamg, milenko crazy north, milimoj, milos.cbr, milutin134, Mlav, opt1, sap, Sir Budimir, suton, Toper, Trpe Grozni, vathra, vukovi, W123, zixmix, zxstole