Problem sa virusima i chromom

1

Problem sa virusima i chromom

offline
  • boksi  Male
  • Ugledni građanin
  • Pridružio: 11 Jun 2008
  • Poruke: 474

Napisano: 02 Nov 2017 0:28

Koristim 360 total security i mislim da nije uspeo da obrise viruse posle ciscenja zato sto google chrome posle toga ima na stotine prozorcica koji iskacu sami i to izgleda ovako,nekad se i sam pokrene.




https://www.mycity.rs/must-login.png

https://www.mycity.rs/must-login.png

Dopuna: 02 Nov 2017 0:38

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 01-01-2017 (ATTENTION: ====> FRSTversion is 305 days old and could be outdated)
Ran by Boris (administrator) on BORIS-PC (02-11-2017 00:18:27)
Running from C:\Users\Boris\Downloads
Loaded Profiles: Boris (Available Profiles: Boris)
Platform: Microsoft Windows 7 Ultimate (X86) Language: English (United States)
Internet Explorer Version 9 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-t.....scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(QIHU 360 SOFTWARE CO. LIMITED) C:\Program Files\360\Total Security\safemon\QHActiveDefense.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
() C:\ProgramData\MySampleService\sys.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.33.5\GoogleCrashHandler.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(TODO: <Company name>) C:\Applications\Service.exe
() C:\Program Files\360\Total Security\safemon\QHSafeTray.exe
(BitTorrent Inc.) C:\Users\Boris\AppData\Roaming\uTorrent\uTorrent.exe
( ) C:\Users\Boris\AppData\Roaming\m4d25mv4vvp\wiqxwzprkhj.exe
( ) C:\Users\Boris\AppData\Roaming\d1dqdvyj23v\hlw5ph1orcx.exe
() C:\Users\Boris\AppData\Local\temp\is-7D0HC.tmp\wiqxwzprkhj.tmp
(TODO: <Company name>) C:\Applications\Service.exe
( ) C:\Users\Boris\AppData\Roaming\0tj4z43ld43\tsv4hksrbvr.exe
() C:\Users\Boris\AppData\Local\temp\is-J9HSH.tmp\hlw5ph1orcx.tmp
(BitTorrent Inc.) C:\Users\Boris\AppData\Roaming\uTorrent\updates\3.5.0_44090\utorrentie.exe
(Piriform Ltd) D:\Program Files\CCleaner.exe
( ) C:\Users\Boris\AppData\Roaming\a3a2gtjdgpm\mjhqi5glgj4.exe
() C:\Users\Boris\AppData\Local\temp\is-2KD0O.tmp\tsv4hksrbvr.tmp
(BitTorrent Inc.) C:\Users\Boris\AppData\Roaming\uTorrent\updates\3.5.0_44090\utorrentie.exe
() C:\Users\Boris\AppData\Local\temp\is-S57NF.tmp\mjhqi5glgj4.tmp
( ) C:\Users\Boris\AppData\Roaming\wuogc2aygse\xvgkmsgppqs.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
( ) C:\Users\Boris\AppData\Roaming\irn2sctpvok\2jslhnord2j.exe
() C:\Users\Boris\AppData\Local\temp\is-OT1UU.tmp\xvgkmsgppqs.tmp
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
( ) C:\Users\Boris\AppData\Roaming\v2ynclwpsxv\qtticiye3va.exe
() C:\Users\Boris\AppData\Local\temp\is-PUN7B.tmp\2jslhnord2j.tmp
( ) C:\Users\Boris\AppData\Roaming\bqcmqwqj0zx\rhwicammszx.exe
() C:\Users\Boris\AppData\Local\temp\is-M3IMJ.tmp\qtticiye3va.tmp
() C:\Users\Boris\AppData\Local\temp\is-JASU3.tmp\rhwicammszx.tmp
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(QIHU 360 SOFTWARE CO. LIMITED) C:\Program Files\360\Total Security\safemon\QHWatchdog.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Qihu 360 Software Co., Ltd.) C:\Program Files\360\Total Security\safemon\chrome\360webshield.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [6711840 2009-01-13] (Realtek Semiconductor)
HKLM\...\Run: [QHSafeTray] => C:\Program Files\360\Total Security\safemon\QHSafeTray.exe [1153448 2017-06-06] ()
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-2103478201-806380249-2024604306-1000\...\Run: [uTorrent] => C:\Users\Boris\AppData\Roaming\uTorrent\uTorrent.exe [1982144 2017-09-29] (BitTorrent Inc.)
HKU\S-1-5-21-2103478201-806380249-2024604306-1000\...\Run: [CCleaner Monitoring] => D:\Program Files\CCleaner.exe [6868696 2016-08-26] (Piriform Ltd)
HKU\S-1-5-21-2103478201-806380249-2024604306-1000\...\Run: [1923239] => C:\Users\Boris\AppData\Roaming\m4d25mv4vvp\wiqxwzprkhj.exe [669807 2017-11-01] ( )
HKU\S-1-5-21-2103478201-806380249-2024604306-1000\...\Run: [5413420] => C:\Users\Boris\AppData\Roaming\d1dqdvyj23v\hlw5ph1orcx.exe [669807 2017-11-01] ( )
HKU\S-1-5-21-2103478201-806380249-2024604306-1000\...\Run: [5091982] => C:\Users\Boris\AppData\Roaming\0tj4z43ld43\tsv4hksrbvr.exe [669807 2017-11-01] ( )
HKU\S-1-5-21-2103478201-806380249-2024604306-1000\...\Run: [THIS IS WIIIGET!] => C:\Program Files\Miped\QWiget\THIS IS WIIIGET!.exe
HKU\S-1-5-21-2103478201-806380249-2024604306-1000\...\Run: [6214576] => C:\Users\Boris\AppData\Roaming\a3a2gtjdgpm\mjhqi5glgj4.exe [669807 2017-11-01] ( )
HKU\S-1-5-21-2103478201-806380249-2024604306-1000\...\Run: [767321] => C:\Users\Boris\AppData\Roaming\wuogc2aygse\xvgkmsgppqs.exe [669807 2017-11-01] ( )
HKU\S-1-5-21-2103478201-806380249-2024604306-1000\...\Run: [4876523] => C:\Users\Boris\AppData\Roaming\irn2sctpvok\2jslhnord2j.exe [669807 2017-11-01] ( )
HKU\S-1-5-21-2103478201-806380249-2024604306-1000\...\Run: [1949065] => C:\Users\Boris\AppData\Roaming\v2ynclwpsxv\qtticiye3va.exe [669807 2017-11-01] ( )
HKU\S-1-5-21-2103478201-806380249-2024604306-1000\...\Run: [278742] => C:\Users\Boris\AppData\Roaming\bqcmqwqj0zx\rhwicammszx.exe [669807 2017-11-01] ( )
HKU\S-1-5-21-2103478201-806380249-2024604306-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [10240 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [280576 2013-05-27] (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 89.216.1.40 89.216.1.50
Tcpip\..\Interfaces\{79DC8D92-019E-4A94-8F91-3F1CC53E2DFC}: [DhcpNameServer] 89.216.1.40 89.216.1.50

Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRHOjYN9_5EdL7qPpMxlVIEw5_dV9Ifb20fbCyuEWUgPvssKC83AcXnctcQ4aRgScjO82Ed4JDnbQ8IbLfVp5g4sDz0EunsKz9vaGJVdKEmz80r6A7yj7yjY6_9e6pVS7CVWY8U6MHcPOTdoTNASxF_K5-lbx6u18DV_qomJyPrSjBSmLy0g2uD1IcAw,,&q={searchTerms}
HKU\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRHOjYN9_5EdL7qPpMxlVIEw5_dV9Ifb20fbCyuEWUgPvssKC83AcXnctcQ4aRgScjO82Ed4JDnbQ8IbLfVp5g4sDz0EunsKzxaX9w77yY3Hm_jQ4-uZTdFtM_N9xnjn5kw_vc1QOD_NeV9XdSeFCFVy6dQRtPjDUTubafjAtU0EFx4L9VNSkuT-qkCQ,,
SearchScopes: HKLM -> DefaultScope {ielnksrch} URL =
SearchScopes: HKLM -> ielnksrch URL = hxxps://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRHOjYN9_5EdL7qPpMxlVIEw5_dV9Ifb20fbCyuEWUgPvssKC83AcXnctcQ4aRgScjO82Ed4JDnbQ8IbLfVp5g4sDz0EunsKz9vaGJVdKEmz80r6A7yj7yjY6_9e6pVS7CVWY8U6MHcPOTdoTNASxF_K5-lbx6u18DV_qomJyPrSjBSmLy0g2uD1IcAw,,&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> {0BC6E3FA-78EF-4886-842C-5A1258C4455A} URL = hxxp://search.imgag.com/?appid=wsdt&component=&c=GNWDO59900&sbs=2&sc=2&f=web&vernum=3.1.5.7620&uid=0&did=%7be47fbaad-898d-4c4d-9977-7906b3fbabc1%7d&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> {72879807-DFDB-4C44-9CDF-BFDCE635155B} URL = hxxp://search.yahoo.com/search?fr=mcafee&p={SearchTerms}
SearchScopes: HKU\S-1-5-21-2103478201-806380249-2024604306-1000 -> DefaultScope {ielnksrch} URL = hxxps://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRHOjYN9_5EdL7qPpMxlVIEw5_dV9Ifb20fbCyuEWUgPvssKC83AcXnctcQ4aRgScjO82Ed4JDnbQ8IbLfVp5g4sDz0EunsKz9vaGJVdKEmz80r6A7yj7yjY6_9e6pVS7CVWY8U6MHcPOTdoTNASxF_K5-lbx6u18DV_qomJyPrSjBSmLy0g2uD1IcAw,,&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2103478201-806380249-2024604306-1000 -> BE51F622057F4F72A9AB6BDA389EFAFC URL = hxxp://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=198484&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2103478201-806380249-2024604306-1000 -> {0EDE09DD-3809-43F6-B17C-C151EE6770BE} URL = hxxps://search.yahoo.com/search?fr=mcafee&type=C010US739D20151120&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2103478201-806380249-2024604306-1000 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={775C5F0A-FD56-4DDF-A521-6E8C9C8D67E2}&mid=99809890e09347d08918d156c7e4e1c3-9e676b974cdecd5e54574e8b31e8c02d1b6f5dd5&lang=en&ds=AVG&coid=avgtbavg&cmpid=1116av&pr=fr&d=2016-11-17 07:51:14&v=4.3.6.255&pid=wtu&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2103478201-806380249-2024604306-1000 -> {B54A1C9D-1C60-4317-810C-3E5DE740C748} URL = hxxp://www.bing.com/search?FORM=U218DF&PC=U218&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2103478201-806380249-2024604306-1000 -> {C0C3A6C6-03BC-4195-8FCB-AEA091301353} URL = hxxps://search.yahoo.com/search?fr=vmn&type=vmn__webcompa__1_0__ya__ch_WCYID10270__160714__yaie&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2103478201-806380249-2024604306-1000 -> {FB5FBE95-4B09-4176-A307-B5A1446169E1} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-3&o=APN10401&src=kw&q={searchTerms}&locale=&apn_ptnrs=^ABZ&apn_dtid=^YYYYYY^YY^RS&apn_uid=abee1114-4daa-40a1-a7ab-3df9f1f92fdc&apn_sauid=19FAD5DB-BCBC-4D61-A75F-85EEA82743BD
SearchScopes: HKU\S-1-5-21-2103478201-806380249-2024604306-1000 -> {ielnksrch} URL = hxxps://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRHOjYN9_5EdL7qPpMxlVIEw5_dV9Ifb20fbCyuEWUgPvssKC83AcXnctcQ4aRgScjO82Ed4JDnbQ8IbLfVp5g4sDz0EunsKz9vaGJVdKEmz80r6A7yj7yjY6_9e6pVS7CVWY8U6MHcPOTdoTNASxF_K5-lbx6u18DV_qomJyPrSjBSmLy0g2uD1IcAw,,&q={searchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-26] (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
Toolbar: HKU\.DEFAULT -> No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2006-10-26] (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2017-07-18] (Skype Technologies)

FireFox:
========
FF DefaultProfile: mhunkkbi.default
FF ProfilePath: C:\Users\Boris\AppData\Roaming\Mozilla\Firefox\Profiles\mhunkkbi.default [2017-11-01]
FF user.js: detected! => C:\Users\Boris\AppData\Roaming\Mozilla\Firefox\Profiles\mhunkkbi.default\user.js [2017-07-12]
FF NewTab: Mozilla\Firefox\Profiles\mhunkkbi.default -> C:\ProgramData\Voyasollams\ff.NT
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\mhunkkbi.default -> Yahoo®
FF SearchEngineOrder.1: Mozilla\Firefox\Profiles\mhunkkbi.default -> Secure Search
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\mhunkkbi.default -> Yahoo®
FF Homepage: Mozilla\Firefox\Profiles\mhunkkbi.default -> C:\ProgramData\Voyasollams\ff.HP
FF Extension: (Tables) - C:\Users\Boris\AppData\Roaming\Mozilla\Firefox\Profiles\mhunkkbi.default\Extensions\300414@extcorp.com.xpi [2017-10-27]
FF Extension: (Firefox Hotfix) - C:\Users\Boris\AppData\Roaming\Mozilla\Firefox\Profiles\mhunkkbi.default\Extensions\firefox-hotfix@mozilla.org.xpi [2017-03-11]
FF Extension: (Media Stealer) - C:\Users\Boris\AppData\Roaming\Mozilla\Firefox\Profiles\mhunkkbi.default\Extensions\stealer@physacco.com.xpi [2016-05-08]
FF Extension: (Media Converter) - C:\Users\Boris\AppData\Roaming\Mozilla\Firefox\Profiles\mhunkkbi.default\Extensions\{6e764c17-863a-450f-bdd0-6772bd5aaa18}.xpi [2017-05-13]
FF Extension: (Video DownloadHelper) - C:\Users\Boris\AppData\Roaming\Mozilla\Firefox\Profiles\mhunkkbi.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2017-05-13]
FF SearchPlugin: C:\Users\Boris\AppData\Roaming\Mozilla\Firefox\Profiles\mhunkkbi.default\searchplugins\yahoo-lavasoft.xml [2016-07-14]
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_27_0_0_183.dll [2017-10-25] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1204144.dll [2013-09-05] (Adobe Systems, Inc.)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-30] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-30] (Google Inc.)
FF Plugin: @verimatrix.com/ViewRightWeb -> C:\Program Files\Verimatrix\ViewRight Web\\npViewRight.dll [2015-04-06] (Verimatrix, Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-08-10] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2103478201-806380249-2024604306-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Boris\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [No File]
FF Plugin HKU\S-1-5-21-2103478201-806380249-2024604306-1000: @verimatrix.com/ViewRightWeb -> C:\Program Files\Verimatrix\ViewRight Web\\npViewRight.dll [2015-04-06] (Verimatrix, Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Boris\AppData\Local\Google\Chrome\User Data\Default [2017-11-02]
CHR Extension: (Free Download Manager Chrome extension) - C:\Users\Boris\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahmpjcflkgiildlgicmcieglgoilbfdp [2017-05-13]
CHR Extension: (Docs) - C:\Users\Boris\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12]
CHR Extension: (Wicked Big Search) - C:\Users\Boris\AppData\Local\Google\Chrome\User Data\Default\Extensions\apjoojdnehgjibaldogalpcdkmdhlafi [2015-12-04]
CHR Extension: (Adobe Acrobat) - C:\Users\Boris\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-04]
CHR Extension: (Tables) - C:\Users\Boris\AppData\Local\Google\Chrome\User Data\Default\Extensions\fngmhnnpilhplaeedifhccceomclgfbg [2017-11-01]
CHR Extension: (AdBlock) - C:\Users\Boris\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-10-21]
CHR Extension: (360 Internet Protection) - C:\Users\Boris\AppData\Local\Google\Chrome\User Data\Default\Extensions\glcimepnljoholdmjchkloafkggfoijh [2017-08-24]
CHR Extension: (TubeTab) - C:\Users\Boris\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlhpijolpcimadhjingadnbcjncmjdce [2017-11-01]
CHR Extension: (Skype) - C:\Users\Boris\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2017-07-30]
CHR Extension: (Lightshot (screenshot tool)) - C:\Users\Boris\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbniclmhobmnbdlbpiphghaielnnpgdp [2017-08-17]
CHR Extension: (Video Converter) - C:\Users\Boris\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcjjnhgakghmggnimjkldjmmpabhnhne [2016-02-03]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Boris\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-22]
CHR Extension: (ImTranslator: Translator, Dictionary, TTS) - C:\Users\Boris\AppData\Local\Google\Chrome\User Data\Default\Extensions\noaijdpnepcgjemiklgfkcfbkokogabh [2017-11-01]
CHR Extension: (Chrome Media Router) - C:\Users\Boris\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-09-27]
CHR HKLM\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [glcimepnljoholdmjchkloafkggfoijh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [nfengeggddojhakldhlpjdlddgkkjkdd] - C:\Program Files\IObit\Surfing Protection\BrowerProtect\ASC_GhromePluginFor6.crx <not found>
CHR HKU\S-1-5-21-2103478201-806380249-2024604306-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [jlhpijolpcimadhjingadnbcjncmjdce] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [68096 2012-04-21] () [File not signed]
R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 My Sample Service; C:\ProgramData\MySampleService\sys.exe [334336 2017-11-01] () [File not signed]
R2 QHActiveDefense; C:\Program Files\360\Total Security\safemon\QHActiveDefense.exe [928168 2017-06-06] (QIHU 360 SOFTWARE CO. LIMITED)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 360AntiHacker; C:\Windows\System32\Drivers\360AntiHacker.sys [150976 2017-06-06] (360.cn)
R3 360AvFlt; C:\Windows\System32\DRIVERS\360AvFlt.sys [74472 2017-06-06] (360.cn)
R1 360Box; C:\Windows\System32\DRIVERS\360Box.sys [214464 2017-06-06] (360.cn)
R3 360Camera; C:\Windows\System32\Drivers\360Camera.sys [43456 2017-06-06] (360.cn)
R1 360SelfProtection; C:\Windows\System32\drivers\360SelfProtection.sys [192704 2017-06-06] (360安全中心)
S3 ADSPIDEREX; C:\Windows\system32\drivers\adspiderex.sys [56488 2017-11-01] ((주)디지탈온넷)
S3 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [26032 2014-04-09] (Wondershare)
R1 BAPIDRV; C:\Windows\System32\DRIVERS\BAPIDRV.sys [190400 2017-06-06] (360.cn)
S3 BthAvrcp; C:\Windows\System32\DRIVERS\BthAvrcp.sys [22528 2009-08-13] (CSR, plc)
R1 EfiMon; C:\Windows\System32\Drivers\Efimon.sys [40568 2017-06-06] (360.cn)
S3 gdrv; C:\Windows\gdrv.sys [16608 2017-04-27] (Windows (R) 2000 DDK provider)
R0 HookPort; C:\Windows\System32\Drivers\Hookport.sys [73664 2017-06-06] (360安全中心)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
R1 qutmdserv; C:\Windows\System32\DRIVERS\qutmdrv.sys [329152 2017-06-06] (360.cn)
R1 qutmipc; C:\Windows\system32\drivers\qutmipc.sys [70720 2017-06-06] (360.cn)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [320120 2014-01-26] (Duplex Secure Ltd.)
R3 VMUVC; C:\Windows\System32\Drivers\VMUVC.sys [256512 2008-08-29] (Vimicro Corporation)
R3 vvftUVC; C:\Windows\System32\drivers\vvftUVC.sys [398720 2008-07-01] (Vimicro Corporation)
S3 anvsnddrv; system32\drivers\anvsnddrv.sys [X]
S3 mcdbus; system32\DRIVERS\mcdbus.sys [X]
S2 npf; \??\C:\Windows\system32\drivers\npf.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-11-02 00:16 - 2017-11-02 00:16 - 000000360 _____ C:\Users\Boris\Downloads\Addition.txt
2017-11-02 00:14 - 2017-11-02 00:19 - 000022477 _____ C:\Users\Boris\Downloads\FRST.txt
2017-11-02 00:13 - 2017-11-02 00:14 - 000000000 ____D C:\FRST
2017-11-02 00:12 - 2017-11-02 00:13 - 001799680 _____ (Farbar) C:\Users\Boris\Downloads\FRST.exe
2017-11-02 00:07 - 2017-11-02 00:07 - 000221973 _____ C:\Users\Boris\Downloads\natives_blob.bin
2017-11-01 21:55 - 2017-11-01 23:41 - 000000000 ____D C:\Program Files\60NIX7YVPP
2017-11-01 21:55 - 2017-11-01 22:43 - 000000000 ____D C:\Program Files\657J4FL8EJ
2017-11-01 21:55 - 2017-11-01 21:55 - 000000000 ____D C:\Users\Boris\AppData\Roaming\bqcmqwqj0zx
2017-11-01 21:54 - 2017-11-01 23:41 - 000000000 ____D C:\Program Files\GX88XG3MXA
2017-11-01 21:54 - 2017-11-01 21:54 - 000000002 _____ C:\Users\Boris\Documents\notes.json
2017-11-01 21:54 - 2017-11-01 21:54 - 000000000 ____D C:\Users\Boris\AppData\Roaming\wuogc2aygse
2017-11-01 21:54 - 2017-11-01 21:54 - 000000000 ____D C:\Users\Boris\AppData\Roaming\v2ynclwpsxv
2017-11-01 21:54 - 2017-11-01 21:54 - 000000000 ____D C:\Users\Boris\AppData\Roaming\irn2sctpvok
2017-11-01 21:40 - 2017-11-01 21:40 - 000000000 ____D C:\ProgramData\LCFApp
2017-11-01 21:39 - 2017-11-01 21:39 - 000000000 ____D C:\ProgramData\MySampleService
2017-11-01 21:38 - 2017-11-01 23:42 - 000000000 ____D C:\Windat
2017-11-01 21:38 - 2017-11-01 23:41 - 000000000 ____D C:\Disk
2017-11-01 21:38 - 2017-11-01 21:38 - 000334336 _____ C:\ProgramData\sys.exe
2017-11-01 21:35 - 2017-11-01 21:35 - 000015610 _____ C:\Windows\system32\findit.xml
2017-11-01 21:35 - 2017-11-01 21:35 - 000000000 ____D C:\ProgramData\Voyasollams
2017-11-01 21:33 - 2017-11-01 23:41 - 000000000 ____D C:\Program Files\Common Files\Runcore
2017-11-01 21:33 - 2017-11-01 22:01 - 000056488 _____ ((주)디지탈온넷) C:\Windows\system32\Drivers\adspiderex.sys
2017-11-01 21:32 - 2017-11-01 23:41 - 000000000 ____D C:\ProgramData\Logic Cramble
2017-11-01 21:30 - 2017-11-01 23:42 - 000000000 ____D C:\ProgramData\Voyasollam
2017-11-01 21:30 - 2017-11-01 21:30 - 007334400 _____ C:\Users\Boris\AppData\Local\agent.dat
2017-11-01 21:30 - 2017-11-01 21:30 - 001900178 _____ C:\Users\Boris\AppData\Local\Kin-Lam.tst
2017-11-01 21:30 - 2017-11-01 21:30 - 000126464 _____ C:\Users\Boris\AppData\Local\noah.dat
2017-11-01 21:30 - 2017-11-01 21:30 - 000070800 _____ C:\Users\Boris\AppData\Local\Config.xml
2017-11-01 21:30 - 2017-11-01 21:30 - 000005568 _____ C:\Users\Boris\AppData\Local\md.xml
2017-11-01 21:29 - 2017-11-01 23:41 - 000000000 ____D C:\ProgramData\PrefsSecure
2017-11-01 21:27 - 2017-11-01 23:41 - 000000000 ____D C:\Program Files\D1R1FHH25W
2017-11-01 21:26 - 2017-11-01 23:41 - 000000000 ____D C:\Program Files\4G58C0XMMJ
2017-11-01 21:26 - 2017-11-01 21:26 - 000000000 ____D C:\Users\Boris\AppData\Roaming\d1dqdvyj23v
2017-11-01 21:26 - 2017-11-01 21:26 - 000000000 ____D C:\Users\Boris\AppData\Roaming\a3a2gtjdgpm
2017-11-01 21:26 - 2017-11-01 21:26 - 000000000 ____D C:\Users\Boris\AppData\Roaming\0tj4z43ld43
2017-11-01 21:26 - 2017-11-01 21:26 - 000000000 ____D C:\ProgramData\Microleaves
2017-11-01 21:26 - 2017-11-01 21:26 - 000000000 ____D C:\ProgramData\0c35d344-6d33-1
2017-11-01 21:26 - 2017-11-01 21:26 - 000000000 ____D C:\ProgramData\0c35d344-56f7-0
2017-11-01 21:25 - 2017-11-01 23:42 - 000000000 ____D C:\Users\Boris\AppData\Roaming\CRMSvc
2017-11-01 21:25 - 2017-11-01 22:19 - 000930816 _____ C:\Users\Boris\AppData\Local\po.db
2017-11-01 21:25 - 2017-11-01 21:27 - 000016176 _____ C:\Users\Boris\AppData\Local\InstallationConfiguration.xml
2017-11-01 21:25 - 2017-11-01 21:25 - 000140800 _____ C:\Users\Boris\AppData\Local\installer.dat
2017-11-01 21:25 - 2017-11-01 21:25 - 000000000 ____D C:\Users\Boris\AppData\Roaming\m4d25mv4vvp
2017-11-01 21:24 - 2017-11-01 23:41 - 000000000 ____D C:\Program Files\8FHZN6995Y
2017-11-01 21:24 - 2017-11-01 21:25 - 000000000 ____D C:\Users\Boris\AppData\Roaming\1337
2017-11-01 21:24 - 2017-11-01 21:24 - 000000000 ____D C:\Users\Boris\AppData\Roaming\BrowserModule
2017-11-01 21:23 - 2017-11-02 00:15 - 000000330 _____ C:\Windows\Tasks\Online Application V2G3.job
2017-11-01 21:23 - 2017-11-02 00:15 - 000000330 _____ C:\Windows\Tasks\Online Application V2G2.job
2017-11-01 21:23 - 2017-11-02 00:15 - 000000330 _____ C:\Windows\Tasks\Online Application V2G1.job
2017-11-01 21:23 - 2017-11-01 23:41 - 000000000 ____D C:\Program Files\PJD90Q7DBS
2017-11-01 21:23 - 2017-11-01 23:41 - 000000000 ____D C:\Program Files\NoterSave
2017-11-01 21:23 - 2017-11-01 21:26 - 000000362 _____ C:\Windows\Tasks\Updater_Online_Application.job
2017-11-01 21:23 - 2017-11-01 21:23 - 000000000 ____D C:\Program Files\Microleaves
2017-11-01 21:20 - 2017-11-01 23:42 - 000000000 ____D C:\WinSys
2017-11-01 21:20 - 2017-11-01 23:41 - 000000000 ____D C:\Applications
2017-11-01 21:20 - 2017-11-01 21:20 - 000000000 ____D C:\Users\Boris\AppData\Roaming\Microleaves
2017-11-01 21:20 - 2017-11-01 21:20 - 000000000 ____D C:\Users\Boris\AppData\Local\AdvinstAnalytics
2017-11-01 20:44 - 2017-11-01 21:03 - 000000000 ____D C:\Users\Boris\AppData\Roaming\xVideoServiceThief
2017-11-01 10:35 - 2017-11-01 10:35 - 000514560 _____ C:\Windows\7767227e9c8c74ee53b3db2aae68c7ef.exe
2017-11-01 10:35 - 2017-11-01 10:35 - 000035744 _____ C:\Windows\uninstaller.dat
2017-10-31 20:22 - 2017-10-31 20:22 - 000000000 ____D C:\Program Files\Common Files\Skype
2017-10-30 21:50 - 2017-11-01 23:42 - 000000000 ____D C:\Users\Boris\AppData\Local\AdService
2017-10-25 20:19 - 2017-10-25 20:19 - 004233728 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerInstaller.exe
2017-10-24 16:54 - 2017-10-24 16:54 - 000000000 ____D C:\ProgramData\McAfee
2017-10-15 16:51 - 2017-10-15 16:51 - 000000000 ____D C:\Users\Boris\Documents\e-Sword
2017-10-15 16:48 - 2017-10-15 16:48 - 000001701 _____ C:\Users\Public\Desktop\e-Sword.lnk
2017-10-15 16:48 - 2017-10-15 16:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\e-Sword
2017-10-15 16:48 - 2017-10-15 16:48 - 000000000 ____D C:\Program Files\Common Files\EzTools

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-11-02 00:18 - 2017-07-09 11:34 - 000000000 ____D C:\Users\Boris\AppData\LocalLow\360WD
2017-11-02 00:17 - 2014-10-17 20:43 - 000000000 ____D C:\Users\Boris\AppData\Roaming\uTorrent
2017-11-01 23:56 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\inf
2017-11-01 23:54 - 2009-07-14 05:34 - 000020480 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-11-01 23:54 - 2009-07-14 05:34 - 000020480 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-11-01 23:46 - 2017-09-29 13:54 - 000000000 ____D C:\Users\Boris\AppData\LocalLow\uTorrent
2017-11-01 23:46 - 2009-07-14 05:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2017-11-01 23:43 - 2017-07-09 11:36 - 000000000 ____D C:\ProgramData\360Quarant
2017-11-01 23:43 - 2017-07-09 11:34 - 000000000 ____D C:\ProgramData\360safe
2017-11-01 23:43 - 2014-08-20 21:59 - 000000948 _____ C:\Users\Boris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2017-11-01 23:43 - 2014-06-16 22:06 - 000001090 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-11-01 23:42 - 2017-07-09 12:53 - 000000000 __SHD C:\$360Section
2017-11-01 23:42 - 2017-04-27 16:19 - 000001078 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-11-01 21:39 - 2015-12-08 16:54 - 000001123 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-11-01 21:39 - 2015-12-08 16:54 - 000001117 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2017-10-31 22:11 - 2014-07-19 10:51 - 000000000 ____D C:\Users\Boris\AppData\Roaming\Skype
2017-10-31 20:24 - 2017-04-27 16:17 - 000000000 ____D C:\Program Files\Google
2017-10-31 20:22 - 2012-04-21 21:28 - 000000000 ___RD C:\Program Files\Skype
2017-10-31 20:21 - 2012-04-21 21:28 - 000000000 ____D C:\ProgramData\Skype
2017-10-31 09:00 - 2012-04-22 02:34 - 000778150 _____ C:\Windows\system32\PerfStringBackup.INI
2017-10-30 21:50 - 2017-07-09 11:35 - 000000000 ____D C:\Users\Boris\AppData\Roaming\360safe
2017-10-28 10:36 - 2012-04-21 18:59 - 000000000 ____D C:\Users\Boris\AppData\Roaming\Adobe
2017-10-28 10:36 - 2012-04-21 18:58 - 000000000 ____D C:\ProgramData\Adobe
2017-10-25 20:19 - 2012-04-29 13:17 - 000803328 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2017-10-25 20:19 - 2012-04-21 19:05 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2017-10-25 20:19 - 2012-04-21 19:05 - 000000000 ____D C:\Windows\system32\Macromed
2017-10-24 16:57 - 2014-06-22 16:45 - 000000000 ____D C:\Users\Boris\AppData\Local\Adobe
2017-10-16 07:26 - 2016-08-19 09:27 - 000112888 _____ C:\Users\Boris\AppData\Local\GDIPFONTCACHEV1.DAT
2017-10-16 07:25 - 2016-08-19 09:26 - 000421328 _____ C:\Windows\system32\FNTCACHE.DAT
2017-10-15 16:45 - 2012-04-21 18:56 - 000000000 ____D C:\Users\Boris\AppData\Local\Downloaded Installations

==================== Files in the root of some directories =======

2015-08-09 17:37 - 2017-04-17 16:49 - 000008152 _____ () C:\Users\Boris\AppData\Roaming\.ptbt1
2015-07-17 11:48 - 2015-11-14 14:09 - 000000543 _____ () C:\Users\Boris\AppData\Roaming\burnaware.ini
2014-02-02 12:32 - 2014-02-02 12:32 - 000138904 _____ () C:\Users\Boris\AppData\Roaming\PnkBstrK.sys
2014-10-19 14:58 - 2014-10-19 14:59 - 000000145 _____ () C:\Users\Boris\AppData\Roaming\settings.xml
2017-11-01 21:30 - 2017-11-01 21:30 - 007334400 _____ () C:\Users\Boris\AppData\Local\agent.dat
2017-11-01 21:30 - 2017-11-01 21:30 - 000070800 _____ () C:\Users\Boris\AppData\Local\Config.xml
2012-04-21 19:11 - 2013-04-29 12:17 - 000010752 _____ () C:\Users\Boris\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-11-01 21:25 - 2017-11-01 21:27 - 000016176 _____ () C:\Users\Boris\AppData\Local\InstallationConfiguration.xml
2017-11-01 21:25 - 2017-11-01 21:25 - 000140800 _____ () C:\Users\Boris\AppData\Local\installer.dat
2017-11-01 21:30 - 2017-11-01 21:30 - 001900178 _____ () C:\Users\Boris\AppData\Local\Kin-Lam.tst
2017-11-01 21:30 - 2017-11-01 21:30 - 000005568 _____ () C:\Users\Boris\AppData\Local\md.xml
2017-11-01 21:30 - 2017-11-01 21:30 - 000126464 _____ () C:\Users\Boris\AppData\Local\noah.dat
2017-11-01 21:25 - 2017-11-01 22:19 - 000930816 _____ () C:\Users\Boris\AppData\Local\po.db
2012-12-01 22:49 - 2012-12-01 22:49 - 000000029 _____ () C:\Users\Boris\AppData\Local\raster2vector.ini
2017-11-01 21:33 - 2017-11-01 21:33 - 000032038 _____ () C:\Users\Boris\AppData\Local\uninstall_temp.ico
2017-07-09 11:26 - 2017-07-09 11:26 - 000045752 _____ () C:\ProgramData\agent.1499596003.bdinstall.bin
2017-07-09 11:30 - 2017-07-09 11:30 - 000028977 _____ () C:\ProgramData\agent.1499596210.bdinstall.bin
2015-12-08 17:54 - 2015-12-08 17:54 - 000000016 _____ () C:\ProgramData\mntemp
2016-02-03 17:00 - 2016-02-03 17:00 - 000004104 _____ () C:\ProgramData\ojobkspa.ako
2015-12-08 17:54 - 2015-12-08 17:54 - 000005044 _____ () C:\ProgramData\oqztiqep.adk
2017-11-01 21:38 - 2017-11-01 21:38 - 000334336 _____ () C:\ProgramData\sys.exe

ZeroAccess:
C:\Users\Boris\AppData\Local\{bfb7a531-f259-c0a6-6a4d-11e76b5b2d07}
C:\Users\Boris\AppData\Local\{bfb7a531-f259-c0a6-6a4d-11e76b5b2d07}\@

Files to move or delete:
====================
C:\ProgramData\sys.exe


Some files in TEMP:
====================
2017-10-05 19:55 - 2017-10-05 19:55 - 058881488 _____ (Skype Technologies S.A.) C:\Users\Boris\AppData\Local\temp\SkypeSetup.exe
2017-11-01 21:29 - 2017-11-01 16:50 - 006770176 _____ (Application Frame Host) C:\Users\Boris\AppData\Local\temp\sourse.exe
2017-11-01 23:11 - 2017-11-01 21:25 - 000104123 _____ () C:\Users\Boris\AppData\Local\temp\Uninstall.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-10-30 09:29

==================== End of FRST.txt ============================

offline
  • Pridružio: 14 Jun 2016
  • Poruke: 535

Pozdrav,
zamolio bih te da skineš najnoviju verziju FRST-a, napraviš Scan i okačiš svježe logove s novom verzijom.

offline
  • boksi  Male
  • Ugledni građanin
  • Pridružio: 11 Jun 2008
  • Poruke: 474

Napisano: 02 Nov 2017 12:32

Kad pokrenem Farbar on ne updejtuje no novu verziju vec ova stara stoji od 1.1.2017

Dopuna: 02 Nov 2017 12:37

offline
  • Pridružio: 26 Avg 2010
  • Poruke: 10622
  • Gde živiš: Hypnos Control Room, Tokyo Metropolitan Government Building

Dok kolega ne dođe, skini novu verziju FRST-a (ne da pokreneš staru i sačekaš da se ažurira). Link imaš u uputstvu za otvaranje teme.
https://www.mycity.rs/Ambulanta/Kako-otvoriti-temu-u-Ambulanti.html

offline
  • boksi  Male
  • Ugledni građanin
  • Pridružio: 11 Jun 2008
  • Poruke: 474

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 02-11-2017 02
Ran by Boris (administrator) on BORIS-PC (02-11-2017 20:18:22)
Running from C:\Users\Boris\Downloads
Loaded Profiles: Boris (Available Profiles: Boris)
Platform: Microsoft Windows 7 Ultimate (X86) Language: English (United States)
Internet Explorer Version 9 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-t.....scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(QIHU 360 SOFTWARE CO. LIMITED) C:\Program Files\360\Total Security\safemon\QHActiveDefense.exe
() C:\ProgramData\MySampleService\sys.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.33.5\GoogleCrashHandler.exe
() C:\Program Files\360\Total Security\safemon\QHSafeTray.exe
(BitTorrent Inc.) C:\Users\Boris\AppData\Roaming\uTorrent\uTorrent.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(BitTorrent Inc.) C:\Users\Boris\AppData\Roaming\uTorrent\updates\3.5.0_44090\utorrentie.exe
(Piriform Ltd) D:\Program Files\CCleaner.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(BitTorrent Inc.) C:\Users\Boris\AppData\Roaming\uTorrent\updates\3.5.0_44090\utorrentie.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(QIHU 360 SOFTWARE CO. LIMITED) C:\Program Files\360\Total Security\safemon\QHWatchdog.exe
(Farbar) C:\Users\Boris\Downloads\FRST (1).exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [6711840 2009-01-13] (Realtek Semiconductor)
HKLM\...\Run: [QHSafeTray] => C:\Program Files\360\Total Security\safemon\QHSafeTray.exe [1153448 2017-06-06] ()
HKU\S-1-5-21-2103478201-806380249-2024604306-1000\...\Run: [uTorrent] => C:\Users\Boris\AppData\Roaming\uTorrent\uTorrent.exe [1982144 2017-09-29] (BitTorrent Inc.)
HKU\S-1-5-21-2103478201-806380249-2024604306-1000\...\Run: [CCleaner Monitoring] => D:\Program Files\CCleaner.exe [6868696 2016-08-26] (Piriform Ltd)
HKU\S-1-5-21-2103478201-806380249-2024604306-1000\...\Run: [THIS IS WIIIGET!] => C:\Program Files\Miped\QWiget\THIS IS WIIIGET!.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [280576 2013-05-27] (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 89.216.1.40 89.216.1.50
Tcpip\Parameters: [NameServer] 8.8.8.8,8.8.8.4
Tcpip\..\Interfaces\{79DC8D92-019E-4A94-8F91-3F1CC53E2DFC}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{79DC8D92-019E-4A94-8F91-3F1CC53E2DFC}: [DhcpNameServer] 89.216.1.40 89.216.1.50
ManualProxies:

Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
SearchScopes: HKU\.DEFAULT -> {0BC6E3FA-78EF-4886-842C-5A1258C4455A} URL = hxxp://search.imgag.com/?appid=wsdt&component=&c=GNWDO59900&sbs=2&sc=2&f=web&vernum=3.1.5.7620&uid=0&did=%7be47fbaad-898d-4c4d-9977-7906b3fbabc1%7d&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> {72879807-DFDB-4C44-9CDF-BFDCE635155B} URL = hxxp://search.yahoo.com/search?fr=mcafee&p={SearchTerms}
SearchScopes: HKU\S-1-5-21-2103478201-806380249-2024604306-1000 -> {0EDE09DD-3809-43F6-B17C-C151EE6770BE} URL = hxxps://search.yahoo.com/search?fr=mcafee&type=C010US739D20151120&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2103478201-806380249-2024604306-1000 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={775C5F0A-FD56-4DDF-A521-6E8C9C8D67E2}&mid=99809890e09347d08918d156c7e4e1c3-9e676b974cdecd5e54574e8b31e8c02d1b6f5dd5&lang=en&ds=AVG&coid=avgtbavg&cmpid=1116av&pr=fr&d=2016-11-17 07:51:14&v=4.3.6.255&pid=wtu&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2103478201-806380249-2024604306-1000 -> {B54A1C9D-1C60-4317-810C-3E5DE740C748} URL = hxxp://www.bing.com/search?FORM=U218DF&PC=U218&q={searchTerms}&src=IE-SearchBox
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-26] (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2006-10-26] (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2017-07-18] (Skype Technologies)

FireFox:
========
FF DefaultProfile: mhunkkbi.default
FF ProfilePath: C:\Users\Boris\AppData\Roaming\Mozilla\Firefox\Profiles\mhunkkbi.default [2017-11-02]
FF user.js: detected! => C:\Users\Boris\AppData\Roaming\Mozilla\Firefox\Profiles\mhunkkbi.default\user.js [2017-07-12]
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\mhunkkbi.default -> Yahoo®
FF SearchEngineOrder.1: Mozilla\Firefox\Profiles\mhunkkbi.default -> Secure Search
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\mhunkkbi.default -> Yahoo®
FF Homepage: Mozilla\Firefox\Profiles\mhunkkbi.default -> hxxps://www.malwarebytes.org/restorebrowser/
FF Extension: (Firefox Hotfix) - C:\Users\Boris\AppData\Roaming\Mozilla\Firefox\Profiles\mhunkkbi.default\Extensions\firefox-hotfix@mozilla.org.xpi [2017-03-11]
FF Extension: (Media Stealer) - C:\Users\Boris\AppData\Roaming\Mozilla\Firefox\Profiles\mhunkkbi.default\Extensions\stealer@physacco.com.xpi [2016-05-08]
FF Extension: (Media Converter) - C:\Users\Boris\AppData\Roaming\Mozilla\Firefox\Profiles\mhunkkbi.default\Extensions\{6e764c17-863a-450f-bdd0-6772bd5aaa18}.xpi [2017-05-13]
FF Extension: (Video DownloadHelper) - C:\Users\Boris\AppData\Roaming\Mozilla\Firefox\Profiles\mhunkkbi.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2017-11-02]
FF SearchPlugin: C:\Users\Boris\AppData\Roaming\Mozilla\Firefox\Profiles\mhunkkbi.default\searchplugins\yahoo-lavasoft.xml [2016-07-14]
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_27_0_0_183.dll [2017-10-25] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1204144.dll [2013-09-05] (Adobe Systems, Inc.)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-30] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-30] (Google Inc.)
FF Plugin: @verimatrix.com/ViewRightWeb -> C:\Program Files\Verimatrix\ViewRight Web\\npViewRight.dll [2015-04-06] (Verimatrix, Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-08-10] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2103478201-806380249-2024604306-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Boris\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [No File]
FF Plugin HKU\S-1-5-21-2103478201-806380249-2024604306-1000: @verimatrix.com/ViewRightWeb -> C:\Program Files\Verimatrix\ViewRight Web\\npViewRight.dll [2015-04-06] (Verimatrix, Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Boris\AppData\Local\Google\Chrome\User Data\Default [2017-11-02]
CHR Extension: (Free Download Manager Chrome extension) - C:\Users\Boris\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahmpjcflkgiildlgicmcieglgoilbfdp [2017-05-13]
CHR Extension: (Docs) - C:\Users\Boris\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12]
CHR Extension: (Wicked Big Search) - C:\Users\Boris\AppData\Local\Google\Chrome\User Data\Default\Extensions\apjoojdnehgjibaldogalpcdkmdhlafi [2015-12-04]
CHR Extension: (Adobe Acrobat) - C:\Users\Boris\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-04]
CHR Extension: (AdBlock) - C:\Users\Boris\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-10-21]
CHR Extension: (360 Internet Protection) - C:\Users\Boris\AppData\Local\Google\Chrome\User Data\Default\Extensions\glcimepnljoholdmjchkloafkggfoijh [2017-08-24]
CHR Extension: (TubeTab) - C:\Users\Boris\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlhpijolpcimadhjingadnbcjncmjdce [2017-11-01]
CHR Extension: (Skype) - C:\Users\Boris\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2017-07-30]
CHR Extension: (Lightshot (screenshot tool)) - C:\Users\Boris\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbniclmhobmnbdlbpiphghaielnnpgdp [2017-08-17]
CHR Extension: (Video Converter) - C:\Users\Boris\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcjjnhgakghmggnimjkldjmmpabhnhne [2016-02-03]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Boris\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-22]
CHR Extension: (ImTranslator: Translator, Dictionary, TTS) - C:\Users\Boris\AppData\Local\Google\Chrome\User Data\Default\Extensions\noaijdpnepcgjemiklgfkcfbkokogabh [2017-11-01]
CHR Extension: (Chrome Media Router) - C:\Users\Boris\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-09-27]
CHR HKLM\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [glcimepnljoholdmjchkloafkggfoijh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [nfengeggddojhakldhlpjdlddgkkjkdd] - C:\Program Files\IObit\Surfing Protection\BrowerProtect\ASC_GhromePluginFor6.crx <not found>
CHR HKU\S-1-5-21-2103478201-806380249-2024604306-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [jlhpijolpcimadhjingadnbcjncmjdce] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [68096 2012-04-21] () [File not signed]
R2 My Sample Service; C:\ProgramData\MySampleService\sys.exe [334336 2017-11-01] () [File not signed]
R2 QHActiveDefense; C:\Program Files\360\Total Security\safemon\QHActiveDefense.exe [928168 2017-06-06] (QIHU 360 SOFTWARE CO. LIMITED)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 360AntiHacker; C:\Windows\System32\Drivers\360AntiHacker.sys [150976 2017-06-06] (360.cn)
R3 360AvFlt; C:\Windows\System32\DRIVERS\360AvFlt.sys [74472 2017-06-06] (360.cn)
R1 360Box; C:\Windows\System32\DRIVERS\360Box.sys [214464 2017-06-06] (360.cn)
R1 360Camera; C:\Windows\System32\Drivers\360Camera.sys [43456 2017-06-06] (360.cn)
R1 360SelfProtection; C:\Windows\System32\drivers\360SelfProtection.sys [192704 2017-06-06] (360安全中心)
S3 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [26032 2014-04-09] (Wondershare)
R1 BAPIDRV; C:\Windows\System32\DRIVERS\BAPIDRV.sys [190400 2017-06-06] (360.cn)
S3 BthAvrcp; C:\Windows\System32\DRIVERS\BthAvrcp.sys [22528 2009-08-13] (CSR, plc)
R1 EfiMon; C:\Windows\System32\Drivers\Efimon.sys [40568 2017-06-06] (360.cn)
S3 gdrv; C:\Windows\gdrv.sys [16608 2017-04-27] (Windows (R) 2000 DDK provider)
R0 HookPort; C:\Windows\System32\Drivers\Hookport.sys [73664 2017-06-06] (360安全中心)
R1 qutmdserv; C:\Windows\System32\DRIVERS\qutmdrv.sys [329152 2017-06-06] (360.cn)
R1 qutmipc; C:\Windows\system32\drivers\qutmipc.sys [70720 2017-06-06] (360.cn)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [320120 2014-01-26] (Duplex Secure Ltd.)
R3 VMUVC; C:\Windows\System32\Drivers\VMUVC.sys [256512 2008-08-29] (Vimicro Corporation)
R3 vvftUVC; C:\Windows\System32\drivers\vvftUVC.sys [398720 2008-07-01] (Vimicro Corporation)
S3 anvsnddrv; system32\drivers\anvsnddrv.sys [X]
S3 mcdbus; system32\DRIVERS\mcdbus.sys [X]
S2 npf; \??\C:\Windows\system32\drivers\npf.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-11-02 20:18 - 2017-11-02 20:18 - 000014256 _____ C:\Users\Boris\Downloads\FRST.txt
2017-11-02 20:16 - 2017-11-02 20:16 - 001799680 _____ (Farbar) C:\Users\Boris\Downloads\FRST (1).exe
2017-11-02 00:43 - 2017-11-02 07:57 - 000170200 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-11-02 00:43 - 2017-11-02 00:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2017-11-02 00:43 - 2016-03-10 14:09 - 000053120 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2017-11-02 00:43 - 2016-03-10 14:08 - 000126336 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2017-11-02 00:42 - 2017-11-02 00:43 - 000000000 ____D C:\Users\Boris\AppData\Roaming\Malwarebytes
2017-11-02 00:13 - 2017-11-02 20:17 - 000000000 ____D C:\FRST
2017-11-01 21:55 - 2017-11-02 11:19 - 000000000 ____D C:\Users\Boris\AppData\Roaming\bqcmqwqj0zx
2017-11-01 21:54 - 2017-11-02 11:19 - 000000000 ____D C:\Users\Boris\AppData\Roaming\v2ynclwpsxv
2017-11-01 21:54 - 2017-11-02 11:19 - 000000000 ____D C:\Users\Boris\AppData\Roaming\irn2sctpvok
2017-11-01 21:54 - 2017-11-02 08:22 - 000000000 ____D C:\Users\Boris\AppData\Roaming\wuogc2aygse
2017-11-01 21:54 - 2017-11-01 21:54 - 000000002 _____ C:\Users\Boris\Documents\notes.json
2017-11-01 21:40 - 2017-11-01 21:40 - 000000000 ____D C:\ProgramData\LCFApp
2017-11-01 21:39 - 2017-11-01 21:39 - 000000000 ____D C:\ProgramData\MySampleService
2017-11-01 21:38 - 2017-11-01 23:42 - 000000000 ____D C:\Windat
2017-11-01 21:26 - 2017-11-02 08:22 - 000000000 ____D C:\Users\Boris\AppData\Roaming\d1dqdvyj23v
2017-11-01 21:26 - 2017-11-02 08:22 - 000000000 ____D C:\Users\Boris\AppData\Roaming\a3a2gtjdgpm
2017-11-01 21:25 - 2017-11-02 08:22 - 000000000 ____D C:\Users\Boris\AppData\Roaming\m4d25mv4vvp
2017-11-01 21:25 - 2017-11-01 21:25 - 000140800 _____ C:\Users\Boris\AppData\Local\installer.dat
2017-11-01 21:24 - 2017-11-02 11:25 - 000000000 ____D C:\Users\Boris\AppData\Roaming\1337
2017-11-01 21:20 - 2017-11-02 08:22 - 000000000 ____D C:\Applications
2017-11-01 21:20 - 2017-11-01 23:42 - 000000000 ____D C:\WinSys
2017-11-01 21:20 - 2017-11-01 21:20 - 000000000 ____D C:\Users\Boris\AppData\Local\AdvinstAnalytics
2017-11-01 20:44 - 2017-11-01 21:03 - 000000000 ____D C:\Users\Boris\AppData\Roaming\xVideoServiceThief
2017-11-01 10:35 - 2017-11-01 10:35 - 000514560 _____ C:\Windows\7767227e9c8c74ee53b3db2aae68c7ef.exe
2017-11-01 10:35 - 2017-11-01 10:35 - 000035744 _____ C:\Windows\uninstaller.dat
2017-10-31 20:22 - 2017-10-31 20:22 - 000000000 ____D C:\Program Files\Common Files\Skype
2017-10-30 21:50 - 2017-11-01 23:42 - 000000000 ____D C:\Users\Boris\AppData\Local\AdService
2017-10-25 20:19 - 2017-10-25 20:19 - 004233728 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerInstaller.exe
2017-10-24 16:54 - 2017-10-24 16:54 - 000000000 ____D C:\ProgramData\McAfee
2017-10-15 16:51 - 2017-10-15 16:51 - 000000000 ____D C:\Users\Boris\Documents\e-Sword
2017-10-15 16:48 - 2017-11-02 11:21 - 000001701 _____ C:\Users\Public\Desktop\e-Sword.lnk
2017-10-15 16:48 - 2017-10-15 16:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\e-Sword
2017-10-15 16:48 - 2017-10-15 16:48 - 000000000 ____D C:\Program Files\Common Files\EzTools

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-11-02 20:18 - 2014-10-17 20:43 - 000000000 ____D C:\Users\Boris\AppData\Roaming\uTorrent
2017-11-02 20:16 - 2009-07-14 05:34 - 000020480 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-11-02 20:16 - 2009-07-14 05:34 - 000020480 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-11-02 20:15 - 2017-07-09 11:34 - 000000000 ____D C:\Users\Boris\AppData\LocalLow\360WD
2017-11-02 20:08 - 2017-09-29 13:54 - 000000000 ____D C:\Users\Boris\AppData\LocalLow\uTorrent
2017-11-02 20:07 - 2009-07-14 05:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2017-11-02 11:22 - 2014-08-20 21:59 - 000000924 _____ C:\Users\Boris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2017-11-02 11:21 - 2017-09-26 12:23 - 000000603 _____ C:\Users\Boris\Desktop\DVD X Player 4.0 Professional.lnk
2017-11-02 11:21 - 2017-08-19 11:35 - 000001863 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SumatraPDF.lnk
2017-11-02 11:21 - 2017-07-09 11:34 - 000001101 _____ C:\Users\Public\Desktop\360 Total Security.lnk
2017-11-02 11:21 - 2017-05-14 13:18 - 000000732 _____ C:\Users\Public\Desktop\PhotoStitcher.lnk
2017-11-02 11:21 - 2017-04-27 16:19 - 000001072 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-11-02 11:21 - 2017-04-27 15:46 - 000000501 _____ C:\Users\Boris\Desktop\Nero Express.lnk
2017-11-02 11:21 - 2017-04-13 16:07 - 000002681 _____ C:\Users\Public\Desktop\Skype.lnk
2017-11-02 11:21 - 2017-01-13 11:48 - 000002429 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-11-02 11:21 - 2017-01-13 11:48 - 000002011 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2017-11-02 11:21 - 2016-10-11 17:37 - 000000579 _____ C:\Users\Public\Desktop\CCleaner.lnk
2017-11-02 11:21 - 2015-12-08 16:54 - 000001105 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-11-02 11:21 - 2015-12-08 16:54 - 000001099 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2017-11-02 11:21 - 2015-12-04 22:08 - 000001308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
2017-11-02 11:21 - 2015-12-04 22:08 - 000001239 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2017-11-02 11:21 - 2014-10-17 20:44 - 000000813 _____ C:\Users\Boris\Desktop\µTorrent.lnk
2017-11-02 11:21 - 2014-10-17 20:43 - 000000793 _____ C:\Users\Boris\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2017-11-02 11:21 - 2014-08-19 19:02 - 000002669 _____ C:\Users\Public\Desktop\Microsoft Office Word 2007.lnk
2017-11-02 11:21 - 2014-08-19 19:02 - 000002631 _____ C:\Users\Public\Desktop\Microsoft Office Excel 2007.lnk
2017-11-02 11:21 - 2014-06-30 16:08 - 000000574 _____ C:\Users\Boris\Desktop\KMPlayer.lnk
2017-11-02 11:21 - 2014-06-16 22:06 - 000001078 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-11-02 11:21 - 2013-05-29 21:44 - 000000652 _____ C:\Users\Boris\Desktop\MyHeritage Family Tree Builder.lnk
2017-11-02 11:21 - 2012-06-05 20:58 - 000000623 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2017-11-02 11:21 - 2012-04-22 20:07 - 000001877 _____ C:\Users\Boris\Desktop\Bluetooth File Transfer Wizard.lnk
2017-11-02 11:21 - 2012-04-22 02:28 - 000001333 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2017-11-02 11:21 - 2012-04-22 02:28 - 000001314 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2017-11-02 11:21 - 2012-04-21 23:26 - 000001308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Photo Gallery.lnk
2017-11-02 11:21 - 2012-04-21 21:38 - 000000758 _____ C:\Users\Public\Desktop\GOM Player.lnk
2017-11-02 11:21 - 2012-04-21 21:38 - 000000758 _____ C:\Users\Boris\AppData\Roaming\Microsoft\Windows\Start Menu\GOM Player.lnk
2017-11-02 11:21 - 2012-04-21 21:34 - 000002017 _____ C:\Users\Public\Desktop\amcap.lnk
2017-11-02 11:21 - 2012-04-21 19:53 - 000001992 _____ C:\Users\Boris\Desktop\Adobe Photoshop CS.lnk
2017-11-02 11:21 - 2012-04-21 19:51 - 000001999 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ImageReady CS.lnk
2017-11-02 11:21 - 2012-04-21 19:51 - 000001992 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS.lnk
2017-11-02 11:21 - 2012-04-21 19:13 - 000000931 _____ C:\Users\Public\Desktop\Winamp.lnk
2017-11-02 11:21 - 2012-04-21 19:08 - 000000632 _____ C:\Users\Boris\Desktop\Total Commander.lnk
2017-11-02 11:21 - 2012-04-21 18:59 - 000000967 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat.com.lnk
2017-11-02 11:21 - 2009-07-14 05:46 - 000001503 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2017-11-02 11:21 - 2009-07-14 05:46 - 000001282 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk
2017-11-02 11:21 - 2009-07-14 05:42 - 000001318 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk
2017-11-02 11:21 - 2009-07-14 05:42 - 000001234 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk
2017-11-02 11:21 - 2009-07-14 05:42 - 000001198 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk
2017-11-02 11:21 - 2009-07-14 05:37 - 000001266 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk
2017-11-02 11:19 - 2009-07-14 08:49 - 000000000 ____D C:\Windows\CSC
2017-11-02 08:25 - 2014-01-25 16:37 - 000000000 ____D C:\Users\Boris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2017-11-02 07:57 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\inf
2017-11-02 00:43 - 2012-06-05 20:58 - 000000000 ____D C:\ProgramData\Malwarebytes
2017-11-01 23:43 - 2017-07-09 11:36 - 000000000 ____D C:\ProgramData\360Quarant
2017-11-01 23:43 - 2017-07-09 11:34 - 000000000 ____D C:\ProgramData\360safe
2017-11-01 23:42 - 2017-07-09 12:53 - 000000000 __SHD C:\$360Section
2017-10-31 22:11 - 2014-07-19 10:51 - 000000000 ____D C:\Users\Boris\AppData\Roaming\Skype
2017-10-31 20:24 - 2017-04-27 16:17 - 000000000 ____D C:\Program Files\Google
2017-10-31 20:22 - 2012-04-21 21:28 - 000000000 ___RD C:\Program Files\Skype
2017-10-31 20:21 - 2012-04-21 21:28 - 000000000 ____D C:\ProgramData\Skype
2017-10-31 09:00 - 2012-04-22 02:34 - 000778150 _____ C:\Windows\system32\PerfStringBackup.INI
2017-10-30 21:50 - 2017-07-09 11:35 - 000000000 ____D C:\Users\Boris\AppData\Roaming\360safe
2017-10-28 10:36 - 2012-04-21 18:59 - 000000000 ____D C:\Users\Boris\AppData\Roaming\Adobe
2017-10-28 10:36 - 2012-04-21 18:58 - 000000000 ____D C:\ProgramData\Adobe
2017-10-25 20:19 - 2012-04-29 13:17 - 000803328 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2017-10-25 20:19 - 2012-04-21 19:05 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2017-10-25 20:19 - 2012-04-21 19:05 - 000000000 ____D C:\Windows\system32\Macromed
2017-10-24 16:57 - 2014-06-22 16:45 - 000000000 ____D C:\Users\Boris\AppData\Local\Adobe
2017-10-16 07:26 - 2016-08-19 09:27 - 000112888 _____ C:\Users\Boris\AppData\Local\GDIPFONTCACHEV1.DAT
2017-10-16 07:25 - 2016-08-19 09:26 - 000421328 _____ C:\Windows\system32\FNTCACHE.DAT
2017-10-15 16:45 - 2012-04-21 18:56 - 000000000 ____D C:\Users\Boris\AppData\Local\Downloaded Installations

==================== Files in the root of some directories =======

2015-08-09 17:37 - 2017-04-17 16:49 - 000008152 _____ () C:\Users\Boris\AppData\Roaming\.ptbt1
2015-07-17 11:48 - 2015-11-14 14:09 - 000000543 _____ () C:\Users\Boris\AppData\Roaming\burnaware.ini
2014-02-02 12:32 - 2014-02-02 12:32 - 000138904 _____ () C:\Users\Boris\AppData\Roaming\PnkBstrK.sys
2014-10-19 14:58 - 2014-10-19 14:59 - 000000145 _____ () C:\Users\Boris\AppData\Roaming\settings.xml
2012-04-21 19:11 - 2013-04-29 12:17 - 000010752 _____ () C:\Users\Boris\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-11-01 21:25 - 2017-11-01 21:25 - 000140800 _____ () C:\Users\Boris\AppData\Local\installer.dat
2012-12-01 22:49 - 2012-12-01 22:49 - 000000029 _____ () C:\Users\Boris\AppData\Local\raster2vector.ini
2017-07-09 11:26 - 2017-07-09 11:26 - 000045752 _____ () C:\ProgramData\agent.1499596003.bdinstall.bin
2017-07-09 11:30 - 2017-07-09 11:30 - 000028977 _____ () C:\ProgramData\agent.1499596210.bdinstall.bin
2015-12-08 17:54 - 2015-12-08 17:54 - 000000016 _____ () C:\ProgramData\mntemp
2016-02-03 17:00 - 2016-02-03 17:00 - 000004104 _____ () C:\ProgramData\ojobkspa.ako
2015-12-08 17:54 - 2015-12-08 17:54 - 000005044 _____ () C:\ProgramData\oqztiqep.adk

ZeroAccess:
C:\Users\Boris\AppData\Local\{bfb7a531-f259-c0a6-6a4d-11e76b5b2d07}
C:\Users\Boris\AppData\Local\{bfb7a531-f259-c0a6-6a4d-11e76b5b2d07}\@

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-10-30 09:29

==================== End of FRST.txt ============================
https://www.mycity.rs/must-login.png

offline
  • Pridružio: 14 Jun 2016
  • Poruke: 535

Molim te da ukloniš tu staru verziju CCleanera sa sustava.

1. Otvori Notepad (Text Document) i iskopiraj sledeći tekst unutar kod polja ispod:

CreateRestorePoint:
HKU\S-1-5-21-2103478201-806380249-2024604306-1000\...\Run: [THIS IS WIIIGET!] => C:\Program Files\Miped\QWiget\THIS IS WIIIGET!.exe
C:\Program Files\Miped\QWiget
SearchScopes: HKU\.DEFAULT -> {0BC6E3FA-78EF-4886-842C-5A1258C4455A} URL = hxxp://search.imgag.com/?appid=wsdt&component=&c=GNWDO59900&sbs=2&sc=2&f=web&vernum=3.1.5.7620&uid=0&did=%7be47fbaad-898d-4c4d-9977-7906b3fbabc1%7d&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> {72879807-DFDB-4C44-9CDF-BFDCE635155B} URL = hxxp://search.yahoo.com/search?fr=mcafee&p={SearchTerms}
SearchScopes: HKU\S-1-5-21-2103478201-806380249-2024604306-1000 -> {0EDE09DD-3809-43F6-B17C-C151EE6770BE} URL = hxxps://search.yahoo.com/search?fr=mcafee&type=C010US739D20151120&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2103478201-806380249-2024604306-1000 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={775C5F0A-FD56-4DDF-A521-6E8C9C8D67E2}&mid=99809890e09347d08918d156c7e4e1c3-9e676b974cdecd5e54574e8b31e8c02d1b6f5dd5&lang=en&ds=AVG&coid=avgtbavg&cmpid=1116av&pr=fr&d=2016-11-17 07:51:14&v=4.3.6.255&pid=wtu&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2103478201-806380249-2024604306-1000 -> {B54A1C9D-1C60-4317-810C-3E5DE740C748} URL = hxxp://www.bing.com/search?FORM=U218DF&PC=U218&q={searchTerms}&src=IE-SearchBox
FF SearchEngineOrder.1: Mozilla\Firefox\Profiles\mhunkkbi.default -> Secure Search
FF Homepage: Mozilla\Firefox\Profiles\mhunkkbi.default -> hxxps://www.malwarebytes.org/restorebrowser/
FF SearchPlugin: C:\Users\Boris\AppData\Roaming\Mozilla\Firefox\Profiles\mhunkkbi.default\searchplugins\yahoo-lavasoft.xml [2016-07-14]
FF Plugin HKU\S-1-5-21-2103478201-806380249-2024604306-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Boris\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [No File]
CHR Extension: (TubeTab) - C:\Users\Boris\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlhpijolpcimadhjingadnbcjncmjdce [2017-11-01]
CHR HKLM\...\Chrome\Extension: [nfengeggddojhakldhlpjdlddgkkjkdd] - C:\Program Files\IObit\Surfing Protection\BrowerProtect\ASC_GhromePluginFor6.crx <not found>
CHR HKU\S-1-5-21-2103478201-806380249-2024604306-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [jlhpijolpcimadhjingadnbcjncmjdce] - hxxps://clients2.google.com/service/update2/crx
ContextMenuHandlers1: [_Movavivc11] -> {1C604495-4D32-476e-8D7E-FBF50F6C80BF} =>  -> No File
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} =>  -> No File
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} =>  -> No File
ContextMenuHandlers6: [_Movavivc11] -> {1C604495-4D32-476e-8D7E-FBF50F6C80BF} =>  -> No File
Task: {D420AAEC-5147-4848-B4C1-AB9125F091AA} - System32\Tasks\CCleanerSkipUAC => D:\Program Files\CCleaner.exe [2016-08-26] (Piriform Ltd) <==== ATTENTION
D:\Program Files\CCleaner.exe
AlternateDataStreams: C:\ProgramData\Temp:ECF54A0E [354]
2017-11-01 21:55 - 2017-11-02 11:19 - 000000000 ____D C:\Users\Boris\AppData\Roaming\bqcmqwqj0zx
2017-11-01 21:54 - 2017-11-02 11:19 - 000000000 ____D C:\Users\Boris\AppData\Roaming\v2ynclwpsxv
2017-11-01 21:54 - 2017-11-02 11:19 - 000000000 ____D C:\Users\Boris\AppData\Roaming\irn2sctpvok
2017-11-01 21:54 - 2017-11-02 08:22 - 000000000 ____D C:\Users\Boris\AppData\Roaming\wuogc2aygse
2017-11-01 21:26 - 2017-11-02 08:22 - 000000000 ____D C:\Users\Boris\AppData\Roaming\d1dqdvyj23v
2017-11-01 21:26 - 2017-11-02 08:22 - 000000000 ____D C:\Users\Boris\AppData\Roaming\a3a2gtjdgpm
2017-11-01 21:25 - 2017-11-02 08:22 - 000000000 ____D C:\Users\Boris\AppData\Roaming\m4d25mv4vvp
2017-11-01 21:24 - 2017-11-02 11:25 - 000000000 ____D C:\Users\Boris\AppData\Roaming\1337
2017-11-01 10:35 - 2017-11-01 10:35 - 000514560 _____ C:\Windows\7767227e9c8c74ee53b3db2aae68c7ef.exe
2017-11-02 20:16 - 2009-07-14 05:34 - 000020480 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-11-02 20:16 - 2009-07-14 05:34 - 000020480 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2012-04-21 19:11 - 2013-04-29 12:17 - 000010752 _____ () C:\Users\Boris\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-02-03 17:00 - 2016-02-03 17:00 - 000004104 _____ () C:\ProgramData\ojobkspa.ako
2015-12-08 17:54 - 2015-12-08 17:54 - 000005044 _____ () C:\ProgramData\oqztiqep.adk
2017-07-09 11:26 - 2017-07-09 11:26 - 000045752 _____ () C:\ProgramData\agent.1499596003.bdinstall.bin
2017-07-09 11:30 - 2017-07-09 11:30 - 000028977 _____ () C:\ProgramData\agent.1499596210.bdinstall.bin
C:\Users\Boris\AppData\Local\{bfb7a531-f259-c0a6-6a4d-11e76b5b2d07}
EmptyTemp:


2. Sačuvaj notepad na Desktop pod nazivom fixlist.txt
To možes uraditi i iz notepad-a => klik na File potom na Save As i u novom prozoru, dole pod File Name: staviš za naziv fixlist.txt
Napomena: Važno je da se oba fajla, FRST i fixlist nalaze na istoj lokaciji jer u suprotnom fix nece raditi.

3. Ponovo pokreni FRST/FRST64, klikni jednom na dugme Fix i sačekaj.
Ukoliko alat zatraži restart sistema, dozvoli mu i postaraj se da alat kompletira fix nakon restarta sistema.


Alat će formirati log (Fixlog.txt) na Desktop-u. Potrebno je sadržaj tog loga iskopirati u poruku.
Napomena: Ukoliko te alat upozori da postoji novija verzija, postaraj se da preuzmes i koristiš ažuriranu kopiju FRST-a.


Zatim:


Preuzmi TDSSKiller, sacuvaj alat na Desktop i dvoklikom pokreni TDSSKiller.exe
U "End user Licence Agreement" dijalogu klikni na Accept.
Takođe, u "KSN Statement" dijalogu klikni na Accept.


klikni na dugme Start Scan

Ukoliko sumnjive stavke Suspicious object budu detektovani, podrazumevana opcija (default action) jeste Skip, klikni na Continue.
Ukoliko maliciozni objekti Malicious objects budu detektovani, izaberi opciju Cure.

Okaci mi sadrzaj log-a sa sledece lokacije:
C:\TDSSKiller_verzija programa_DD.MM.GG_HH.MM.SS.txt
(DD-dan, MM-mesec, GG-godina, HH-sat, MM-minut, SS-sekunda; datum i vreme kada je log napravljen)

offline
  • boksi  Male
  • Ugledni građanin
  • Pridružio: 11 Jun 2008
  • Poruke: 474

Napisano: 03 Nov 2017 9:56

Fix result of Farbar Recovery Scan Tool (x86) Version: 02-11-2017 02
Ran by Boris (03-11-2017 09:45:03) Run:1
Running from C:\Users\Boris\Desktop
Loaded Profiles: Boris (Available Profiles: Boris)
Boot Mode: Normal

==============================================

fixlist content:
*****************
CreateRestorePoint:
HKU\S-1-5-21-2103478201-806380249-2024604306-1000\...\Run: [THIS IS WIIIGET!] => C:\Program Files\Miped\QWiget\THIS IS WIIIGET!.exe
C:\Program Files\Miped\QWiget
SearchScopes: HKU\.DEFAULT -> {0BC6E3FA-78EF-4886-842C-5A1258C4455A} URL = hxxp://search.imgag.com/?appid=wsdt&component=&c=GNWDO59900&sbs=2&sc=2&f=web&vernum=3.1.5.7620&uid=0&did=%7be47fbaad-898d-4c4d-9977-7906b3fbabc1%7d&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> {72879807-DFDB-4C44-9CDF-BFDCE635155B} URL = hxxp://search.yahoo.com/search?fr=mcafee&p={SearchTerms}
SearchScopes: HKU\S-1-5-21-2103478201-806380249-2024604306-1000 -> {0EDE09DD-3809-43F6-B17C-C151EE6770BE} URL = hxxps://search.yahoo.com/search?fr=mcafee&type=C010US739D20151120&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2103478201-806380249-2024604306-1000 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={775C5F0A-FD56-4DDF-A521-6E8C9C8D67E2}&mid=99809890e09347d08918d156c7e4e1c3-9e676b974cdecd5e54574e8b31e8c02d1b6f5dd5&lang=en&ds=AVG&coid=avgtbavg&cmpid=1116av&pr=fr&d=2016-11-17 07:51:14&v=4.3.6.255&pid=wtu&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2103478201-806380249-2024604306-1000 -> {B54A1C9D-1C60-4317-810C-3E5DE740C748} URL = hxxp://www.bing.com/search?FORM=U218DF&PC=U218&q={searchTerms}&src=IE-SearchBox
FF SearchEngineOrder.1: Mozilla\Firefox\Profiles\mhunkkbi.default -> Secure Search
FF Homepage: Mozilla\Firefox\Profiles\mhunkkbi.default -> hxxps://www.malwarebytes.org/restorebrowser/
FF SearchPlugin: C:\Users\Boris\AppData\Roaming\Mozilla\Firefox\Profiles\mhunkkbi.default\searchplugins\yahoo-lavasoft.xml [2016-07-14]
FF Plugin HKU\S-1-5-21-2103478201-806380249-2024604306-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Boris\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [No File]
CHR Extension: (TubeTab) - C:\Users\Boris\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlhpijolpcimadhjingadnbcjncmjdce [2017-11-01]
CHR HKLM\...\Chrome\Extension: [nfengeggddojhakldhlpjdlddgkkjkdd] - C:\Program Files\IObit\Surfing Protection\BrowerProtect\ASC_GhromePluginFor6.crx <not found>
CHR HKU\S-1-5-21-2103478201-806380249-2024604306-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [jlhpijolpcimadhjingadnbcjncmjdce] - hxxps://clients2.google.com/service/update2/crx
ContextMenuHandlers1: [_Movavivc11] -> {1C604495-4D32-476e-8D7E-FBF50F6C80BF} => -> No File
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => -> No File
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => -> No File
ContextMenuHandlers6: [_Movavivc11] -> {1C604495-4D32-476e-8D7E-FBF50F6C80BF} => -> No File
Task: {D420AAEC-5147-4848-B4C1-AB9125F091AA} - System32\Tasks\CCleanerSkipUAC => D:\Program Files\CCleaner.exe [2016-08-26] (Piriform Ltd) <==== ATTENTION
D:\Program Files\CCleaner.exe
AlternateDataStreams: C:\ProgramData\Temp:ECF54A0E [354]
2017-11-01 21:55 - 2017-11-02 11:19 - 000000000 ____D C:\Users\Boris\AppData\Roaming\bqcmqwqj0zx
2017-11-01 21:54 - 2017-11-02 11:19 - 000000000 ____D C:\Users\Boris\AppData\Roaming\v2ynclwpsxv
2017-11-01 21:54 - 2017-11-02 11:19 - 000000000 ____D C:\Users\Boris\AppData\Roaming\irn2sctpvok
2017-11-01 21:54 - 2017-11-02 08:22 - 000000000 ____D C:\Users\Boris\AppData\Roaming\wuogc2aygse
2017-11-01 21:26 - 2017-11-02 08:22 - 000000000 ____D C:\Users\Boris\AppData\Roaming\d1dqdvyj23v
2017-11-01 21:26 - 2017-11-02 08:22 - 000000000 ____D C:\Users\Boris\AppData\Roaming\a3a2gtjdgpm
2017-11-01 21:25 - 2017-11-02 08:22 - 000000000 ____D C:\Users\Boris\AppData\Roaming\m4d25mv4vvp
2017-11-01 21:24 - 2017-11-02 11:25 - 000000000 ____D C:\Users\Boris\AppData\Roaming\1337
2017-11-01 10:35 - 2017-11-01 10:35 - 000514560 _____ C:\Windows\7767227e9c8c74ee53b3db2aae68c7ef.exe
2017-11-02 20:16 - 2009-07-14 05:34 - 000020480 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-11-02 20:16 - 2009-07-14 05:34 - 000020480 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2012-04-21 19:11 - 2013-04-29 12:17 - 000010752 _____ () C:\Users\Boris\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-02-03 17:00 - 2016-02-03 17:00 - 000004104 _____ () C:\ProgramData\ojobkspa.ako
2015-12-08 17:54 - 2015-12-08 17:54 - 000005044 _____ () C:\ProgramData\oqztiqep.adk
2017-07-09 11:26 - 2017-07-09 11:26 - 000045752 _____ () C:\ProgramData\agent.1499596003.bdinstall.bin
2017-07-09 11:30 - 2017-07-09 11:30 - 000028977 _____ () C:\ProgramData\agent.1499596210.bdinstall.bin
C:\Users\Boris\AppData\Local\{bfb7a531-f259-c0a6-6a4d-11e76b5b2d07}
EmptyTemp:
*****************

Restore point was successfully created.
HKU\S-1-5-21-2103478201-806380249-2024604306-1000\Software\Microsoft\Windows\CurrentVersion\Run\\THIS IS WIIIGET! => value removed successfully.
"C:\Program Files\Miped\QWiget" => not found.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0BC6E3FA-78EF-4886-842C-5A1258C4455A} => key removed successfully.
HKLM\Software\Classes\CLSID\{0BC6E3FA-78EF-4886-842C-5A1258C4455A} => key not found.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{72879807-DFDB-4C44-9CDF-BFDCE635155B} => key removed successfully.
HKLM\Software\Classes\CLSID\{72879807-DFDB-4C44-9CDF-BFDCE635155B} => key not found.
HKU\S-1-5-21-2103478201-806380249-2024604306-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0EDE09DD-3809-43F6-B17C-C151EE6770BE} => key removed successfully.
HKLM\Software\Classes\CLSID\{0EDE09DD-3809-43F6-B17C-C151EE6770BE} => key not found.
HKU\S-1-5-21-2103478201-806380249-2024604306-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} => key removed successfully.
HKLM\Software\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} => key not found.
HKU\S-1-5-21-2103478201-806380249-2024604306-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B54A1C9D-1C60-4317-810C-3E5DE740C748} => key removed successfully.
HKLM\Software\Classes\CLSID\{B54A1C9D-1C60-4317-810C-3E5DE740C748} => key not found.
Firefox SearchEngineOrder.1 removed successfully.
Firefox "homepage" removed successfully.
C:\Users\Boris\AppData\Roaming\Mozilla\Firefox\Profiles\mhunkkbi.default\searchplugins\yahoo-lavasoft.xml => moved successfully
HKU\S-1-5-21-2103478201-806380249-2024604306-1000\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0 => key removed successfully.
C:\Users\Boris\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll => not found.
CHR Extension: (TubeTab) - C:\Users\Boris\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlhpijolpcimadhjingadnbcjncmjdce [2017-11-01] => Error: No automatic fix found for this entry.
HKLM\SOFTWARE\Google\Chrome\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd => key removed successfully.
HKU\S-1-5-21-2103478201-806380249-2024604306-1000\SOFTWARE\Google\Chrome\Extensions\jlhpijolpcimadhjingadnbcjncmjdce => key removed successfully.
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\_Movavivc11 => key removed successfully.
HKLM\Software\Classes\CLSID\{1C604495-4D32-476e-8D7E-FBF50F6C80BF} => key not found.
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\PowerISO => key removed successfully.
HKLM\Software\Classes\CLSID\{967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => key not found.
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\PowerISO => key removed successfully.
HKLM\Software\Classes\CLSID\{967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => key not found.
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\_Movavivc11 => key removed successfully.
HKLM\Software\Classes\CLSID\{1C604495-4D32-476e-8D7E-FBF50F6C80BF} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D420AAEC-5147-4848-B4C1-AB9125F091AA} => key not found.
C:\Windows\System32\Tasks\CCleanerSkipUAC => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CCleanerSkipUAC => key not found.
"D:\Program Files\CCleaner.exe" => not found.
C:\ProgramData\Temp => ":ECF54A0E" ADS removed successfully..
C:\Users\Boris\AppData\Roaming\bqcmqwqj0zx => moved successfully
C:\Users\Boris\AppData\Roaming\v2ynclwpsxv => moved successfully
C:\Users\Boris\AppData\Roaming\irn2sctpvok => moved successfully
C:\Users\Boris\AppData\Roaming\wuogc2aygse => moved successfully
C:\Users\Boris\AppData\Roaming\d1dqdvyj23v => moved successfully
C:\Users\Boris\AppData\Roaming\a3a2gtjdgpm => moved successfully
C:\Users\Boris\AppData\Roaming\m4d25mv4vvp => moved successfully
C:\Users\Boris\AppData\Roaming\1337 => moved successfully
C:\Windows\7767227e9c8c74ee53b3db2aae68c7ef.exe => moved successfully
C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 => moved successfully
C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 => moved successfully
C:\Users\Boris\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully
C:\ProgramData\ojobkspa.ako => moved successfully
C:\ProgramData\oqztiqep.adk => moved successfully
C:\ProgramData\agent.1499596003.bdinstall.bin => moved successfully
C:\ProgramData\agent.1499596210.bdinstall.bin => moved successfully
C:\Users\Boris\AppData\Local\{bfb7a531-f259-c0a6-6a4d-11e76b5b2d07} => moved successfully

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 21697410 B
Java, Flash, Steam htmlcache => 564 B
Windows/system/drivers => 5883211 B
Edge => 0 B
Chrome => 142334632 B
Firefox => 15595645 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 6567442 B
LocalService => 66228 B
NetworkService => 10556154 B
Boris => 1493298 B

RecycleBin => 0 B
EmptyTemp: => 202.7 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 09:46:54 ====

Dopuna: 03 Nov 2017 10:00

09:57:43.0195 0x06d4 TDSS rootkit removing tool 3.1.0.15 Apr 18 2017 11:34:02
09:57:47.0563 0x06d4 ============================================================
09:57:47.0563 0x06d4 Current date / time: 2017/11/03 09:57:47.0563
09:57:47.0563 0x06d4 SystemInfo:
09:57:47.0563 0x06d4
09:57:47.0563 0x06d4 OS Version: 6.1.7600 ServicePack: 0.0
09:57:47.0563 0x06d4 Product type: Workstation
09:57:47.0563 0x06d4 ComputerName: BORIS-PC
09:57:47.0563 0x06d4 UserName: Boris
09:57:47.0563 0x06d4 Windows directory: C:\Windows
09:57:47.0563 0x06d4 System windows directory: C:\Windows
09:57:47.0563 0x06d4 Processor architecture: Intel x86
09:57:47.0563 0x06d4 Number of processors: 2
09:57:47.0563 0x06d4 Page size: 0x1000
09:57:47.0563 0x06d4 Boot type: Normal boot
09:57:47.0563 0x06d4 CodeIntegrityOptions = 0x00000000
09:57:47.0563 0x06d4 ============================================================
09:57:52.0524 0x06d4 KLMD registered as C:\Windows\system32\drivers\22459714.sys
09:57:52.0524 0x06d4 KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 7600.17273, osProperties = 0x0
09:57:53.0086 0x06d4 System UUID: {EFF6B4E1-C934-4865-837A-CB425BBBC473}
09:57:54.0334 0x06d4 Drive \Device\Harddisk0\DR0 - Size: 0x12A1E0DE00 ( 74.53 Gb ), SectorSize: 0x200, Cylinders: 0x2861, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000050
09:57:54.0334 0x06d4 ============================================================
09:57:54.0334 0x06d4 \Device\Harddisk0\DR0:
09:57:54.0334 0x06d4 MBR partitions:
09:57:54.0334 0x06d4 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
09:57:54.0334 0x06d4 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x26DE800
09:57:54.0349 0x06d4 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x27116B5, BlocksNum 0x6DF8F4B
09:57:54.0349 0x06d4 ============================================================
09:57:54.0380 0x06d4 C: <-> \Device\Harddisk0\DR0\Partition2
09:57:54.0661 0x06d4 D: <-> \Device\Harddisk0\DR0\Partition3
09:57:54.0802 0x06d4 F: <-> \Device\Harddisk0\DR0\Partition1
09:57:54.0848 0x06d4 ============================================================
09:57:54.0848 0x06d4 Initialize success
09:57:54.0848 0x06d4 ============================================================
09:57:57.0204 0x07dc ============================================================
09:57:57.0204 0x07dc Scan started
09:57:57.0204 0x07dc Mode: Manual;
09:57:57.0204 0x07dc ============================================================
09:57:57.0204 0x07dc KSN ping started
09:58:11.0107 0x07dc KSN ping finished: true
09:58:12.0327 0x07dc ================ Scan system memory ========================
09:58:12.0327 0x07dc System memory - ok
09:58:12.0328 0x07dc ================ Scan services =============================
09:58:12.0500 0x07dc [ 6D2ACA41739BFE8CB86EE8E85F29697D, 74A4F53C8309A8E5E94CDE4D440DD5308566185E6D8D98FD08E70A25BD728C91 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
09:58:12.0509 0x07dc 1394ohci - ok
09:58:12.0567 0x07dc [ E5492203B4093DCA03DED4F848E6A130, 3DFAFDA36CC6C1B747701067910061DB3E01FC98CFD05486708543DF98D79927 ] 360AntiHacker C:\Windows\system32\Drivers\360AntiHacker.sys
09:58:12.0572 0x07dc 360AntiHacker - ok
09:58:12.0626 0x07dc [ 81166941D40619CF56FBA5C03DF5D335, 59780C60CDCD6FC5C3B8443C8E9330A461ACC778450CCDC5E355FB8025804F01 ] 360AvFlt C:\Windows\system32\DRIVERS\360AvFlt.sys
09:58:12.0629 0x07dc 360AvFlt - ok
09:58:12.0687 0x07dc [ 818F6E50891F0036B729E8F372340FBD, E012D7BC0CA71E715581771BEC0CCB8219CAB7D2B1FD3B85AB7B881749AF126D ] 360Box C:\Windows\system32\DRIVERS\360Box.sys
09:58:12.0704 0x07dc 360Box - ok
09:58:12.0757 0x07dc [ 7EA6C4135DDA8D87730FEBB0EB56C014, CBAF34A9ECD0CF9B80C5BD9143D3AF836832BF419B8982573360D00AEAF7E8E9 ] 360Camera C:\Windows\system32\Drivers\360Camera.sys
09:58:12.0759 0x07dc 360Camera - ok
09:58:12.0825 0x07dc [ 20877F41C1CC1E8527D060336E1F6672, E58C286BC8DC4F8B1AF08510DA84D63E76BA393A78409A798BD5F90AC5AB8FA3 ] 360SelfProtection C:\Windows\system32\drivers\360SelfProtection.sys
09:58:12.0829 0x07dc 360SelfProtection - ok
09:58:12.0870 0x07dc [ F0E07D144C8685B8774BC32FC8DA4DF0, 39816ED2623CA9ABE2B2EDCDB2F8481634742F00FEEF7E324F34D2BAAD668A67 ] ACPI C:\Windows\system32\drivers\ACPI.sys
09:58:12.0880 0x07dc ACPI - ok
09:58:12.0914 0x07dc [ 98D81CA942D19F7D9153B095162AC013, ACE5C073323176621F3312AA9B1EE1A3382F8CDD590D90DC57B34035FD6BC281 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
09:58:12.0916 0x07dc AcpiPmi - ok
09:58:12.0982 0x07dc [ 5DDC0A8D2CD60BDA593DDAF45821CE08, 5A1599702C132C71F043576F50A4115647754FA5F7A01D17B72E147958A06383 ] Adobe LM Service C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
09:58:12.0985 0x07dc Adobe LM Service - ok
09:58:13.0094 0x07dc [ 9B112FDA1D5FB7B75627461001AC692A, 2EDF7C8FD59CD5FCD19FA528F60CBD6DDB9A8076AE0280B11D8EA8EAF7D39958 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
09:58:13.0098 0x07dc AdobeARMservice - ok
09:58:13.0206 0x07dc [ EF3FA1EEC533C8B1B12CB3BAEBD0E84F, 88A53496F4E56A3993C419D71C2AC9A177CE7E92B289A6F736C15691692A4779 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
09:58:13.0229 0x07dc AdobeFlashPlayerUpdateSvc - ok
09:58:13.0338 0x07dc [ 21E785EBD7DC90A06391141AAC7892FB, A2D3D764C5E6DC0AD5AAF48485FFB8B121D2A40DC08ECF2D2CB92278A1002B25 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
09:58:13.0390 0x07dc adp94xx - ok
09:58:13.0446 0x07dc [ 0C676BC278D5B59FF5ABD57BBE9123F2, 339E8A433D186BAAB6FCB44C82CC9FB6FCD63C87981449494CBEB2072CB6B7BB ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
09:58:13.0457 0x07dc adpahci - ok
09:58:13.0530 0x07dc [ 7C7B5EE4B7B822EC85321FE23A27DB33, A934AFB71D439555E6376DA9B34F82E8D39A300A4547BE9AC9311F6A3C36270C ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
09:58:13.0538 0x07dc adpu320 - ok
09:58:13.0568 0x07dc [ 8B5EEFEEC1E6D1A72A06C526628AD161, 026CDF4C96F4D493E7BABF79A14C4B0B5ADCCEF0B081FFFA2E3B243B2414167F ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
09:58:13.0571 0x07dc AeLookupSvc - ok
09:58:13.0630 0x07dc [ 0DB7A48388D54D154EBEC120461A0FCD, 567B65F96ADE0E8252B7D8CE7F254CB8054C3AE4BC3577C394EFDEF8D8A61427 ] AFD C:\Windows\system32\drivers\afd.sys
09:58:13.0647 0x07dc AFD - ok
09:58:13.0679 0x07dc [ 507812C3054C21CEF746B6EE3D04DD6E, D7E59350AC338AD229E3D10C76E32AE16D120311B263714A9CD94AB538633B0E ] agp440 C:\Windows\system32\drivers\agp440.sys
09:58:13.0682 0x07dc agp440 - ok
09:58:13.0709 0x07dc [ 8B30250D573A8F6B4BD23195160D8707, 64EC289AFCD63D84EAFD9D81C50D0A77BCC79A1EFF32C50B2776BB0C0151757D ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
09:58:13.0713 0x07dc aic78xx - ok
09:58:13.0757 0x07dc [ 18A54E132947CD98FEA9ACCC57F98F13, 9D39AF972785E49F0DD12C4BAEF39A79CD69F098886BF152AF1B7CCE2E902115 ] ALG C:\Windows\System32\alg.exe
09:58:13.0760 0x07dc ALG - ok
09:58:13.0797 0x07dc [ 0D40BCF52EA90FC7DF2AEAB6503DEA44, 1D1AA8F50935D976C29DE7A84708CADBBBDD936F0DD2C059E820F0D21367B3B6 ] aliide C:\Windows\system32\drivers\aliide.sys
09:58:13.0799 0x07dc aliide - ok
09:58:13.0817 0x07dc [ 3C6600A0696E90A463771C7422E23AB5, 370B33DC1C25B981628A318BAE434A78A5F0A0DA93C2896DC7A3D7B87AE1A5E7 ] amdagp C:\Windows\system32\drivers\amdagp.sys
09:58:13.0820 0x07dc amdagp - ok
09:58:13.0849 0x07dc [ CD5914170297126B6266860198D1D4F0, 2239FCBD1A7EC27CE4F10DA36AE6BD6CCB87E5128C82CA71B84BFE5AF5602A60 ] amdide C:\Windows\system32\drivers\amdide.sys
09:58:13.0851 0x07dc amdide - ok
09:58:13.0889 0x07dc [ 00DDA200D71BAC534BF56A9DB5DFD666, CA316B1FFD85BA1CF8664B3229DA1F238A5341E016059F7ED89702324CFD124B ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
09:58:13.0893 0x07dc AmdK8 - ok
09:58:13.0908 0x07dc [ 3CBF30F5370FDA40DD3E87DF38EA53B6, 7EACF1743367BE805357B6FD10F8F99E9B1C301FE3782D77719347B13DFA65EC ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
09:58:13.0912 0x07dc AmdPPM - ok
09:58:13.0951 0x07dc [ 19CE906B4CDC11FC4FEF5745F33A63B6, 27BF91DB1FDC81CFCF0E0DCFD3C4AD51FCFB778D36F1E83105C2AFCF6851A4DF ] amdsata C:\Windows\system32\drivers\amdsata.sys
09:58:13.0955 0x07dc amdsata - ok
09:58:13.0995 0x07dc [ EA43AF0C423FF267355F74E7A53BDABA, 3F1335909AB0281A2FBDD7AD90E18309E091656CD32B48894B992789D8C61DB4 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
09:58:14.0001 0x07dc amdsbs - ok
09:58:14.0044 0x07dc [ 869E67D66BE326A5A9159FBA8746FA70, 8F493A340F19FB39B5BD24EF8603812BECE7770544AB91817FF67236448569CB ] amdxata C:\Windows\system32\drivers\amdxata.sys
09:58:14.0046 0x07dc amdxata - ok
09:58:14.0062 0x07dc anvsnddrv - ok
09:58:14.0106 0x07dc [ 291F1EE2DA7955F61C44A16D9356B284, 0BF3F65408D5124E82C55D9A2B7AAE89A3F072106E92826ACA7D6106E8559A43 ] Apowersoft_AudioDevice C:\Windows\system32\drivers\Apowersoft_AudioDevice.sys
09:58:14.0108 0x07dc Apowersoft_AudioDevice - ok
09:58:14.0143 0x07dc [ FEB834C02CE1E84B6A38F953CA067706, E5A7F8B632ABFBD1283C3D44FB02449814EDB653B204E1720DAA780A6D64FD01 ] AppID C:\Windows\system32\drivers\appid.sys
09:58:14.0146 0x07dc AppID - ok
09:58:14.0180 0x07dc [ 62A9C86CB6085E20DB4823E4E97826F5, E0F840B49710022C4FB437002AD06F64B0F6B5D628B32D00F2B66765E6B97E4B ] AppIDSvc C:\Windows\System32\appidsvc.dll
09:58:14.0181 0x07dc AppIDSvc - ok
09:58:14.0217 0x07dc [ 7DEAD9E3F65DCB2794F2711003BBF650, F541C30EEFD1BDB70F361B878B6E51DC728873695DD137148CE531FBACCDA21B ] Appinfo C:\Windows\System32\appinfo.dll
09:58:14.0220 0x07dc Appinfo - ok
09:58:14.0266 0x07dc [ A45D184DF6A8803DA13A0B329517A64A, C1D16B60A6D69689AE951DC3D6884ED2E233D144B3FC0B86BC1C50AAAAA01ED2 ] AppMgmt C:\Windows\System32\appmgmts.dll
09:58:14.0272 0x07dc AppMgmt - ok
09:58:14.0303 0x07dc [ 2932004F49677BD84DBC72EDB754FFB3, 73F84582244AC53994A2F4499A119B4A84A6BF7FD3046C29A8080C763DE540B8 ] arc C:\Windows\system32\DRIVERS\arc.sys
09:58:14.0306 0x07dc arc - ok
09:58:14.0334 0x07dc [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7, F7C9C3B4F2C816F57A43B2921672858C291054220BADE291044343778216F6BA ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
09:58:14.0351 0x07dc arcsas - ok
09:58:14.0443 0x07dc [ 776ACEFA0CA9DF0FAA51A5FB2F435705, 72DF7ED6B085BC468994F5B3189506FD726A9A17A9C42ACA1E420D787691361D ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
09:58:14.0479 0x07dc aspnet_state - ok
09:58:14.0511 0x07dc [ ADD2ADE1C2B285AB8378D2DAAF991481, 7965A705F37924C0EC7A934E64E89C5DF4069816E2EEA3509E0AC90F78910519 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
09:58:14.0512 0x07dc AsyncMac - ok
09:58:14.0537 0x07dc [ 338C86357871C167A96AB976519BF59E, F28CC534523D1701B0552F5D7E18E88369C4218BDB1F69110C3E31D395884AD6 ] atapi C:\Windows\system32\drivers\atapi.sys
09:58:14.0538 0x07dc atapi - ok
09:58:14.0597 0x07dc [ 510C873BFA135AA829F4180352772734, BC528D840EB338B0C5D11801C63D8EADD40AF8043DC77ACB4B42E8D20767538F ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
09:58:14.0615 0x07dc AudioEndpointBuilder - ok
09:58:14.0656 0x07dc [ 510C873BFA135AA829F4180352772734, BC528D840EB338B0C5D11801C63D8EADD40AF8043DC77ACB4B42E8D20767538F ] Audiosrv C:\Windows\System32\Audiosrv.dll
09:58:14.0668 0x07dc Audiosrv - ok
09:58:14.0734 0x07dc [ DD6A431B43E34B91A767D1CE33728175, 8BFF6474C9DFBEC96FA7B2789EF9B17C7910B52DBCF70CDA1F0C698CFA5EFB6E ] AxInstSV C:\Windows\System32\AxInstSV.dll
09:58:14.0738 0x07dc AxInstSV - ok
09:58:14.0794 0x07dc [ 1A231ABEC60FD316EC54C66715543CEC, 09E2897BA80737997A286EA5408C03DD3CC0EBACD24CB391C2455B6D4BE7D67E ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
09:58:14.0837 0x07dc b06bdrv - ok
09:58:14.0888 0x07dc [ BD8869EB9CDE6BBE4508D869929869EE, F4363A12EBFDBB89C69FD59B22F9EE05BADA07D477A1DF2DE01F59D6EE496543 ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
09:58:14.0922 0x07dc b57nd60x - ok
09:58:14.0985 0x07dc [ B0B116ECF0039A23658EA8FA181640FD, B99F215034027708459D08F4D361A435695D61E321D1DA701E27969983B41B67 ] BAPIDRV C:\Windows\system32\DRIVERS\BAPIDRV.sys
09:58:14.0994 0x07dc BAPIDRV - ok
09:58:15.0057 0x07dc [ EE1E9C3BB8228AE423DD38DB69128E71, ED54FD9795F3A4D32F02BED6052AD9404409A05644CDBEBFF19C662D104DA95A ] BDESVC C:\Windows\System32\bdesvc.dll
09:58:15.0061 0x07dc BDESVC - ok
09:58:15.0095 0x07dc [ 505506526A9D467307B3C393DEDAF858, 8AD6F1492E357F57CF42261497BA29122045D4FC0DCC9669AA5AC9B2A4BABFA4 ] Beep C:\Windows\system32\drivers\Beep.sys
09:58:15.0096 0x07dc Beep - ok
09:58:15.0146 0x07dc [ 85AC71C045CEB054ED48A7841AAE0C11, BA0C0CC50E5C49838116AC9A12A7CF1A683601FD08D3CF6EC06620C51C0806FF ] BFE C:\Windows\System32\bfe.dll
09:58:15.0172 0x07dc BFE - ok
09:58:15.0223 0x07dc [ 53F476476F55A27F580661BDE09C4EC4, 90DFBF97F011CFF41D2CFA2E33978BC746A7E693AC75EED1436130C4F10B4E67 ] BITS C:\Windows\system32\qmgr.dll
09:58:15.0247 0x07dc BITS - ok
09:58:15.0272 0x07dc [ 2287078ED48FCFC477B05B20CF38F36F, 55BCA6174E6034A8D61CBE4126B2F1989F6052BFA624BEA9C0A0A664AEC74521 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
09:58:15.0274 0x07dc blbdrive - ok
09:58:15.0316 0x07dc [ 9A5C671B7FBAE4865149BB11F59B91B2, BE1D5901CB8EF20E34F711D6451BDFBCA4BD65AFAD6028964C5CE1673D94FBAD ] bowser C:\Windows\system32\DRIVERS\bowser.sys
09:58:15.0320 0x07dc bowser - ok
09:58:15.0350 0x07dc [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
09:58:15.0352 0x07dc BrFiltLo - ok
09:58:15.0365 0x07dc [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
09:58:15.0366 0x07dc BrFiltUp - ok
09:58:15.0408 0x07dc [ 77361D72A04F18809D0EFB6CCEB74D4B, 55E7DB65BB29FF421F138CDFF05E5ECFFC7C8862FAA68F6179A3BA9D6B69AE64 ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
09:58:15.0412 0x07dc BridgeMP - ok
09:58:15.0444 0x07dc [ A0E691DC6589D4D2CBE373171D1A49E5, 66BAED3EF7AFE0FB4304FC97ABE2BB106ADE1A956F89DCB52E70F30239461D05 ] Browser C:\Windows\System32\browser.dll
09:58:15.0448 0x07dc Browser - ok
09:58:15.0476 0x07dc [ 845B8CE732E67F3B4133164868C666EA, 9309B094CD9B5EBC46295A5EB806BED472C3CEDE3B5F6F497EBDABA496A2A27F ] Brserid C:\Windows\System32\Drivers\Brserid.sys
09:58:15.0493 0x07dc Brserid - ok
09:58:15.0525 0x07dc [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
09:58:15.0528 0x07dc BrSerWdm - ok
09:58:15.0539 0x07dc [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
09:58:15.0541 0x07dc BrUsbMdm - ok
09:58:15.0570 0x07dc [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
09:58:15.0572 0x07dc BrUsbSer - ok
09:58:15.0609 0x07dc [ DB99076533FFB38CBEC8AC88E4535850, 632C21EF7A587A6FA27A3604B1F5D4A01F47B46007F7FD4A2A464534288FBE8A ] BthAvrcp C:\Windows\system32\DRIVERS\BthAvrcp.sys
09:58:15.0611 0x07dc BthAvrcp - ok
09:58:15.0645 0x07dc [ 2865A5C8E98C70C605F417908CEBB3A4, B1C5AC228BD7072AF8668C009C6CDC13EE9FCB9481F57524300F37C40BF1E935 ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys
09:58:15.0647 0x07dc BthEnum - ok
09:58:15.0664 0x07dc [ ED3DF7C56CE0084EB2034432FC56565A, B5B75E002E7BC0209582C635CCCA26DB569BDB23C33A126634E00C6434BF941B ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
09:58:15.0667 0x07dc BTHMODEM - ok
09:58:15.0709 0x07dc [ AD1872E5829E8A2C3B5B4B641C3EAB0E, 8C2DBCAC08DDB41E2B44E257C55FA2D0272959B308EFF9EAF5FF9AE1E4A0AA39 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
09:58:15.0713 0x07dc BthPan - ok
09:58:15.0766 0x07dc [ 04CEDA17A195924070B01174CB1F9AF8, 01095271F02B5C95F32C08812F2557CCFECBBC4EBAB56C91AFC9B367C717DF15 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
09:58:15.0800 0x07dc BTHPORT - ok
09:58:15.0848 0x07dc [ 1DF19C96EEF6C29D1C3E1A8678E07190, 1F4BB161FF3A1C5B1465BB52F3520FEDB7ACB1FAA132466F07D16DB8E394AEA5 ] bthserv C:\Windows\system32\bthserv.dll
09:58:15.0851 0x07dc bthserv - ok
09:58:15.0883 0x07dc [ 80E6384BEEC03B8BD45EDEA29802D657, FBFCC6FE940AFD522D781B054AA24668B2C6DBFAAC0FC754FDBBC8230AAAE682 ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
09:58:15.0886 0x07dc BTHUSB - ok
09:58:15.0915 0x07dc [ 77EA11B065E0A8AB902D78145CA51E10, 160EB3BBE9E5F3CC4A02584E6F2576A812C7565B940D74838B983F1EE51FA73A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
09:58:15.0919 0x07dc cdfs - ok
09:58:15.0964 0x07dc [ BA6E70AA0E6091BC39DE29477D866A77, A17A68BDA46995F75FB1C2C593A81CD3B2BFE290CEAA45FA2380DDF5537A23C9 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
09:58:15.0968 0x07dc cdrom - ok
09:58:16.0012 0x07dc [ 628A9E30EC5E18DD5DE6BE4DBDC12198, DDA43DCCB195440D6BD5752BD00D984F45BD6D23DBE2A656C33E3CD1E5D17AD7 ] CertPropSvc C:\Windows\System32\certprop.dll
09:58:16.0015 0x07dc CertPropSvc - ok
09:58:16.0059 0x07dc [ 3FE3FE94A34DF6FB06E6418D0F6A0060, 6B3A2A26609A75B690D4C0B3059E40822F3B3DB08943F58EC496BABDA7D0A735 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
09:58:16.0061 0x07dc circlass - ok
09:58:16.0100 0x07dc [ 635181E0E9BBF16871BF5380D71DB02D, 58D5150C6F3B9F1730FFDF3A8A2ABF5FF207F9785BD66C0C1E03A0F1C223A26A ] CLFS C:\Windows\system32\CLFS.sys
09:58:16.0125 0x07dc CLFS - ok
09:58:16.0199 0x07dc [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:58:16.0249 0x07dc clr_optimization_v2.0.50727_32 - ok
09:58:16.0324 0x07dc [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:58:16.0433 0x07dc clr_optimization_v4.0.30319_32 - ok
09:58:16.0462 0x07dc [ DEA805815E587DAD1DD2C502220B5616, 2D6A7668C95352B818F5EC59FF462894935833D34190257DA9CAC7E67FD3631C ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
09:58:16.0463 0x07dc CmBatt - ok
09:58:16.0488 0x07dc [ C537B1DB64D495B9B4717B4D6D9EDBF2, 400EEFE662DE117C9CC956E4CBD5E98F28F962E7447CD93E8A78FDD8CA39EB4B ] cmdide C:\Windows\system32\drivers\cmdide.sys
09:58:16.0490 0x07dc cmdide - ok
09:58:16.0535 0x07dc [ DB5E008B3744DD60C8498CBBF2A1CFA6, 1D851BF2433A953B32438A911D194C9DB42A52CD6E8DA296CA3C8DD2CCA83381 ] CNG C:\Windows\system32\Drivers\cng.sys
09:58:16.0553 0x07dc CNG - ok
09:58:16.0586 0x07dc [ A6023D3823C37043986713F118A89BEE, FAC239A7FA6251C7EDFFA34B4BAE3910B8BC0BD4A3574B6DB6931A8D691E207B ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
09:58:16.0588 0x07dc Compbatt - ok
09:58:16.0627 0x07dc [ F1724BA27E97D627F808FB0BA77A28A6, F7D69082EEFEC0FB8B309F6AEE282D4A5DFC1A40851ED65904AA9582C5DEA5AB ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
09:58:16.0629 0x07dc CompositeBus - ok
09:58:16.0647 0x07dc COMSysApp - ok
09:58:16.0679 0x07dc [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1, 6FC323217D82EF661BA0E3F949B61B05BB5235D1A69C81D24876C2153FAECEF6 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
09:58:16.0681 0x07dc crcdisk - ok
09:58:16.0727 0x07dc [ F2FDE6C8DBAAD44CC58D1E07E4AF4EED, 579D206CF49FB78C2D9BA29A9C57489B7875242EB618019CB7B8D336C70A09E6 ] CryptSvc C:\Windows\system32\cryptsvc.dll
09:58:16.0733 0x07dc CryptSvc - ok
09:58:16.0778 0x07dc [ 27C9490BDD0AE48911AB8CF1932591ED, 751F576F797F8A7BA576C32598BD6FD2E60D4FACC7836CC5BA3F68C38D27CCCA ] CSC C:\Windows\system32\drivers\csc.sys
09:58:16.0794 0x07dc CSC - ok
09:58:16.0843 0x07dc [ 56FB5F222EA30D3D3FC459879772CB73, 2C4646774575858E26DBA9C73853E06D0BD18CC8A4C73C633071FF5FE04CA0F4 ] CscService C:\Windows\System32\cscsvc.dll
09:58:16.0862 0x07dc CscService - ok
09:58:16.0915 0x07dc [ B82CD39E336973359D7C9BF911E8E84F, 45DB8F1E88FC25A81D2F3C2F8A8CDB6B34C44950B038E24FB71DCDD9823DB22A ] DcomLaunch C:\Windows\system32\rpcss.dll
09:58:16.0941 0x07dc DcomLaunch - ok
09:58:16.0975 0x07dc [ 8D6E10A2D9A5EED59562D9B82CF804E1, 888F9650F4E872BA8F4E0C27E38A6672A561042B17EBA40E306A22357965B0AD ] defragsvc C:\Windows\System32\defragsvc.dll
09:58:16.0983 0x07dc defragsvc - ok
09:58:17.0016 0x07dc [ 83D1ECEA8FAAE75604C0FA49AC7AD996, 0EB4F374CB91AFF12ABC7EFC7858BDB6E58B50FCE0ADA1711F90FF592059DA40 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
09:58:17.0019 0x07dc DfsC - ok
09:58:17.0067 0x07dc [ C56495FBD770712367CAD35E5DE72DA6, 9D5456A2E208F542F0B6C951EFCABA2A10919777C4287D7298A28F543D5BAC32 ] Dhcp C:\Windows\system32\dhcpcore.dll
09:58:17.0078 0x07dc Dhcp - ok
09:58:17.0101 0x07dc [ 1A050B0274BFB3890703D490F330C0DA, 79D74F4679A2EE040FAAF4D0392A9311239A10A5F8A5CCB48656C6F89B6D62FB ] discache C:\Windows\system32\drivers\discache.sys
09:58:17.0103 0x07dc discache - ok
09:58:17.0137 0x07dc [ 565003F326F99802E68CA78F2A68E9FF, ABC42B24DBA4FFC411120E09278EF26AF56CCAB463B69B4BD6C530B4A07063D2 ] Disk C:\Windows\system32\DRIVERS\disk.sys
09:58:17.0141 0x07dc Disk - ok
09:58:17.0170 0x07dc [ B15BE77A2BACF9C3177D27518AFE26A9, FBF02038C2EC0262B401FCBD348C48DF184AD76E95643E3D6ED32C02E90D8FC9 ] Dnscache C:\Windows\System32\dnsrslvr.dll
09:58:17.0178 0x07dc Dnscache - ok
09:58:17.0217 0x07dc [ 4408C85C21EEA48EB0CE486BAEEF0502, 67EA726F4053665D94D7790EC89616EA0698A7548073A9211E3F75937B4384BE ] dot3svc C:\Windows\System32\dot3svc.dll
09:58:17.0229 0x07dc dot3svc - ok
09:58:17.0251 0x07dc [ 7FA81C6E11CAA594ADB52084DA73A1E5, 9ED1C585D9CA091E75E4A2A1E5B923B104EBDC5FC9D12154DE909C583E4D0CAE ] DPS C:\Windows\system32\dps.dll
09:58:17.0264 0x07dc DPS - ok
09:58:17.0309 0x07dc [ B918E7C5F9BF77202F89E1A9539F2EB4, C589A37DE50BBEF22E2DAA9682EA43147F614AA1AF7DAAA942BA5FC192313A0B ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
09:58:17.0311 0x07dc drmkaud - ok
09:58:17.0373 0x07dc [ 1679A4669326CB1A67CC95658D273234, 57429EC10744956635CAE0742320D7C03B3EEA0CB1F5769AEF21C054C0B5E498 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
09:58:17.0415 0x07dc DXGKrnl - ok
09:58:17.0459 0x07dc [ 8600142FA91C1B96367D3300AD0F3F3A, 5713625E27DF11FAAFDA7AC79899A6AD813166E167088FA990EC5DE87DBE83DF ] EapHost C:\Windows\System32\eapsvc.dll
09:58:17.0464 0x07dc EapHost - ok
09:58:17.0640 0x07dc [ 024E1B5CAC09731E4D868E64DBFB4AB0, AB0826A74BBEE5B7A1B035861B665C79BC98305CFC7D82BEF420558FBD3EE994 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
09:58:17.0790 0x07dc ebdrv - ok
09:58:17.0846 0x07dc [ 8CFF03BD64584C69494FAE5C6EF17C6A, 287A6F6873440FF6BB9AE1A7E45D1A2218A10EF3EE72D10170B7B75EDF0932D0 ] EfiMon C:\Windows\system32\Drivers\Efimon.sys
09:58:17.0848 0x07dc EfiMon - ok
09:58:17.0874 0x07dc [ C2243FF9E9AAD0C30E8B1A0914DA15B6, CD01BD44659FDAA6FE8679D0F76748409680A4F4885905EA56F655C60DDEC01F ] EFS C:\Windows\System32\lsass.exe
09:58:17.0877 0x07dc EFS - ok
09:58:17.0945 0x07dc [ 1697C39978CD69F6FBC15302EDCECE1F, E496FAE102EE33EBD35AC745E8647976DB9F91EF78E54EB962FF2D04D45B561A ] ehRecvr C:\Windows\ehome\ehRecvr.exe
09:58:18.0028 0x07dc ehRecvr - ok
09:58:18.0066 0x07dc [ D389BFF34F80CAEDE417BF9D1507996A, 12859B9925D7A4631DE61A820922F43F56ED23C2AF014CBF36322685E5CF641E ] ehSched C:\Windows\ehome\ehsched.exe
09:58:18.0076 0x07dc ehSched - ok
09:58:18.0202 0x07dc [ 0ED67910C8C326796FAA00B2BF6D9D3C, 97FAA7627A162B0AEC15545E0165D13355D535B4157604BB87F8EEB72ECD24A8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
09:58:18.0237 0x07dc elxstor - ok
09:58:18.0272 0x07dc [ 8FC3208352DD3912C94367A206AB3F11, 69B65C12BDADD4B730508674B1B77C5496612B4ACCC447DB9AFE49ADEA8CBF02 ] ErrDev C:\Windows\system32\drivers\errdev.sys
09:58:18.0277 0x07dc ErrDev - ok
09:58:18.0398 0x07dc [ F6916EFC29D9953D5D0DF06882AE8E16, ED41893960018D5EC2F7829B1DE4B6967D9FD074D60B11B9EB854E3E0948EC24 ] EventSystem C:\Windows\system32\es.dll
09:58:18.0424 0x07dc EventSystem - ok
09:58:18.0472 0x07dc [ 2DC9108D74081149CC8B651D3A26207F, 75CB47923A867DDAC512701CE71DFCFC340FC3A2E27F4255D0836A1FBC463176 ] exfat C:\Windows\system32\drivers\exfat.sys
09:58:18.0497 0x07dc exfat - ok
09:58:18.0548 0x07dc [ 7E0AB74553476622FB6AE36F73D97D35, 41463A255FDA1D550B3385EC7C73ABC343B1BBBE9CEE4DF9F2A8B3E7338C4947 ] fastfat C:\Windows\system32\drivers\fastfat.sys
09:58:18.0552 0x07dc fastfat - ok
09:58:18.0674 0x07dc [ F7EA23CC5E6BF2181F3F399D54F6EFC1, 4659A2EDC5D5171668FB20BED7B56466A674876888519D6F524F7456EBD11263 ] Fax C:\Windows\system32\fxssvc.exe
09:58:18.0700 0x07dc Fax - ok
09:58:18.0740 0x07dc [ E817A017F82DF2A1F8CFDBDA29388B29, 4CC9320A21E6FEA2D16C48D6BEA14391B695BD541A3C5FDDAEEE086A414FC837 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
09:58:18.0750 0x07dc fdc - ok
09:58:18.0772 0x07dc [ F3222C893BD2F5821A0179E5C71E88FB, A85B947249DBB986358CCD4B158DD58A9301F074F3C6CCCDEF2D01F432E59D1B ] fdPHost C:\Windows\system32\fdPHost.dll
09:58:18.0782 0x07dc fdPHost - ok
09:58:18.0818 0x07dc [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B, 0E76C29D2A974A3F2FBFCB63D066D4136B78E02F6B1F579B1865CA7A76193987 ] FDResPub C:\Windows\system32\fdrespub.dll
09:58:18.0833 0x07dc FDResPub - ok
09:58:18.0851 0x07dc [ 6CF00369C97F3CF563BE99BE983D13D8, F65F35324A2FB9DFB533B1C4D089D990CC242218FE83414329D07B786D8EFF33 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
09:58:18.0859 0x07dc FileInfo - ok
09:58:18.0893 0x07dc [ 42C51DC94C91DA21CB9196EB64C45DB9, 388C68D12ECC8FFE3116FEAAF4DB7B80CF4A3F97E935788DD21C6ADE2369F635 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
09:58:18.0903 0x07dc Filetrace - ok
09:58:18.0928 0x07dc [ 87907AA70CB3C56600F1C2FB8841579B, CA1CD82A1CD453617CE5EA431A1836997F14E3580554E8A516D9FE1E9926D979 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
09:58:18.0937 0x07dc flpydisk - ok
09:58:19.0009 0x07dc [ 7520EC808E0C35E0EE6F841294316653, 6EC65511B4838A7172A8F89E35C2F9DF4F0BFCE3BE12EDA790F3EB567102FF67 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
09:58:19.0027 0x07dc FltMgr - ok
09:58:19.0193 0x07dc [ 7FE4995528A7529A761875151EE3D512, 63F062A8E6AA9AEF39A46E94ADD548C72B4E21C1090DE9CBDCFB3F4489637BAF ] FontCache C:\Windows\system32\FntCache.dll
09:58:19.0230 0x07dc FontCache - ok
09:58:19.0401 0x07dc [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F, DBED26852B99B362152DA9CD4F31A1883EF6F9B496F3CF3772A197BA72DB61DA ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
09:58:19.0452 0x07dc FontCache3.0.0.0 - ok
09:58:19.0474 0x07dc [ 1A16B57943853E598CFF37FE2B8CBF1D, 87609F46F3B8123552141FD70866E895220B1BBD92BC2B580CAF49201AA0197E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
09:58:19.0491 0x07dc FsDepends - ok
09:58:19.0516 0x07dc [ 500A9814FD9446A8126858A5A7F7D273, FB9607A43B8DDA87A449A3BFEBDC035F00BA7B5D9CC56AD5F310732A38F56A46 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
09:58:19.0517 0x07dc Fs_Rec - ok
09:58:19.0565 0x07dc [ 4732E596BB1C50D9F9188C5074EE7782, 465E47C6AFA53B7CAFED5C61A5D832E7B3A1A33F82E1F11A472B84CD24D2ED55 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
09:58:19.0591 0x07dc fvevol - ok
09:58:19.0641 0x07dc [ 65EE0C7A58B65E74AE05637418153938, 0E1A398ADD8411AF4CCC3344D67BE1B261320C58328BD5C5855A357476FAEBEF ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
09:58:19.0645 0x07dc gagp30kx - ok
09:58:19.0684 0x07dc [ C6E3105B8C68C35CC1EB26A00FD1A8C6, 8C134F55AE94F44E823ECEFAEE624EB305572A0043BBD891C782BB841A40CE8A ] gdrv C:\Windows\gdrv.sys
09:58:19.0686 0x07dc gdrv - ok
09:58:19.0744 0x07dc [ 8BA3C04702BF8F927AB36AE8313CA4EE, 3B6460C8134AA9D6E4FB978201B35FE9B67DD5BBB6C8D9625F3097DDA30C2893 ] gpsvc C:\Windows\System32\gpsvc.dll
09:58:19.0779 0x07dc gpsvc - ok
09:58:19.0878 0x07dc [ 2D8BBF6C7241AAD9EDE7708EBB7B43A4, 51AF8150C6CF738AF14F502E6BDAD1035773DD45980770E06393814B75259EF8 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
09:58:19.0884 0x07dc gupdate - ok
09:58:19.0945 0x07dc [ 2D8BBF6C7241AAD9EDE7708EBB7B43A4, 51AF8150C6CF738AF14F502E6BDAD1035773DD45980770E06393814B75259EF8 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
09:58:19.0950 0x07dc gupdatem - ok
09:58:19.0983 0x07dc [ C44E3C2BAB6837DB337DDEE7544736DB, 88A24FF7D2FECCEAFFD421B2039A0FB623DA47A6B220B80EF1E52DD26D9E222D ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
09:58:20.0005 0x07dc hcw85cir - ok
09:58:20.0111 0x07dc [ 3530CAD25DEBA7DC7DE8BB51632CBC5F, 6706B8AD211A4B89B6571ACD227412026EAD87D71456B3EC6E7DD8FA15B997BE ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
09:58:20.0128 0x07dc HdAudAddService - ok
09:58:20.0158 0x07dc [ 717A2207FD6F13AD3E664C7D5A43C7BF, BF28A6F00B64FA0E801493E3289CFFD5E313E724DF7B5AB521C9E37A20890DCF ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
09:58:20.0162 0x07dc HDAudBus - ok
09:58:20.0186 0x07dc [ 1D58A7F3E11A9731D0EAAAA8405ACC36, 7056FA18B86FBD52C4A6092D80476C02553EA053D6A0BEDB01A2FA5E152D5215 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
09:58:20.0188 0x07dc HidBatt - ok
09:58:20.0212 0x07dc [ 89448F40E6DF260C206A193A4683BA78, 71E0FCC32AE6FF8DFF420DB0383D6A200E1EAE14BD2E32453F92CE18B31C1F3C ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
09:58:20.0216 0x07dc HidBth - ok
09:58:20.0249 0x07dc [ CF50B4CF4A4F229B9F3C08351F99CA5E, B97843620AF80FF0EC8F2C438255C0A42A756C6314FAF3DEF415DE16E14C108F ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
09:58:20.0252 0x07dc HidIr - ok
09:58:20.0275 0x07dc [ 2BC6F6A1992B3A77F5F41432CA6B3B6B, 2AF3312F1C8C8923C0A29AA5DAE57CE269417E53DEA2F0CCCC8DB57029698FE1 ] hidserv C:\Windows\System32\hidserv.dll
09:58:20.0279 0x07dc hidserv - ok
09:58:20.0319 0x07dc [ 25072FB35AC90B25F9E4E3BACF774102, EBCE089947CC5A251A517CB91E81FCB948B18405FBACA04C874D4A48AF88676D ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
09:58:20.0321 0x07dc HidUsb - ok
09:58:20.0350 0x07dc [ 741C2A45CA8407E374AABA3E330B7872, FCF31C46297CFDF8240F0E783A61C8463FEDB1EF7A676AB89DFF0EAE9F3534B4 ] hkmsvc C:\Windows\system32\kmsvc.dll
09:58:20.0355 0x07dc hkmsvc - ok
09:58:20.0381 0x07dc [ A768CA158BB06782A2835B907F4873C3, EFF736C6BA38FB8FC8807286AB273E7274F505E8E59D952E8563DF77C412C5AE ] HomeGroupListener C:\Windows\system32\ListSvc.dll
09:58:20.0390 0x07dc HomeGroupListener - ok
09:58:20.0430 0x07dc [ FB08DEC5EF43D0C66D83B8E9694E7549, 9C9ECE9E90F524791FC5DCE797BAE39605F966592126FF058BA3FA0BEFD07BEB ] HomeGroupProvider C:\Windows\system32\provsvc.dll
09:58:20.0438 0x07dc HomeGroupProvider - ok
09:58:20.0487 0x07dc [ E6BBED7922F7E32E5DB5DC135D7C1381, BAF1E88895068614CCA394F9DB28B01F43D7FFD9B650A2EE1B925039D0C69B9F ] HookPort C:\Windows\system32\Drivers\Hookport.sys
09:58:20.0489 0x07dc HookPort - ok
09:58:20.0536 0x07dc [ 295FDC419039090EB8B49FFDBB374549, 670E8015FD374640C6570F56F7FE8DE4D8F92E7A8072F5D1B2B95D0BD699CEF7 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
09:58:20.0540 0x07dc HpSAMD - ok
09:58:20.0593 0x07dc [ C531C7FD9E8B62021112787C4E2C5A5A, 09205E2A5BFB6C623B312B8AC82F7F7CA8A922B1D9A0E3952BD3BA47BBE1F18C ] HTTP C:\Windows\system32\drivers\HTTP.sys
09:58:20.0619 0x07dc HTTP - ok
09:58:20.0635 0x07dc [ 8305F33CDE89AD6C7A0763ED0B5A8D42, A7CA4978DC1FF6105EA39124DF854F0B1FD478476B871ED0E018AF3AE2165282 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
09:58:20.0636 0x07dc hwpolicy - ok
09:58:20.0691 0x07dc [ F151F0BDC47F4A28B1B20A0818EA36D6, 84B24B5796D9F70A8C37773F5484A4606CC7908370CCD942627ACBEDC4952D79 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
09:58:20.0695 0x07dc i8042prt - ok
09:58:20.0757 0x07dc [ 71F1A494FEDF4B33C02C4A6A28D6D9E9, 3AF6B8220E5081C79951979FE59E980C0309C826E201AE286D3B42CD2BA8145F ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
09:58:20.0775 0x07dc iaStorV - ok
09:58:20.0837 0x07dc [ 5AF815EB5BC9802E5A064E2BA62BFC0C, DC8CED05F623D30C57E8A7A382A219B4266C9C766ABF8A8D71783EACB8607B82 ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
09:58:20.0880 0x07dc idsvc - ok
09:58:21.0092 0x07dc [ 9467514EA189475A6E7FDC5D7BDE9D3F, E6F5B99BF6B614832770F9310B06334A8174C7660DDEC7589433640527A14683 ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys
09:58:21.0280 0x07dc igfx - ok
09:58:21.0349 0x07dc [ 4173FF5708F3236CF25195FECD742915, 0A9C0701DF6EAC6602BE342FC13C7950EF04BB5BDF7D96C2C5DABBD2A29AA55D ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
09:58:21.0352 0x07dc iirsp - ok
09:58:21.0417 0x07dc [ FAC0EE6562B121B1399D6E855583F7A5, 034C9EE9232EB2CE64297EC4BCBEB5DA443ED9176C436CC754EF84FFB4AD4B08 ] IKEEXT C:\Windows\System32\ikeext.dll
09:58:21.0452 0x07dc IKEEXT - ok
09:58:21.0595 0x07dc [ 33A8C13C71698218BE432020CC668D5C, 03879509D12B1BC7E5797D8FA458FA211B5B6DF914D1B77BB092DDB6E5B322AB ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
09:58:21.0681 0x07dc IntcAzAudAddService - ok
09:58:21.0742 0x07dc [ A0F12F2C9BA6C72F3987CE780E77C130, 5F53DF8BE1621AA7DFB655CFD9C95E0AFA1AD3CE2E290E19D7B7FB3C6E380034 ] intelide C:\Windows\system32\drivers\intelide.sys
09:58:21.0744 0x07dc intelide - ok
09:58:21.0774 0x07dc [ 3B514D27BFC4ACCB4037BC6685F766E0, F12D7AC62F8550E6F33B28AD751D8413AB7FFEF963242D99FFA76CE8A48B027A ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
09:58:21.0777 0x07dc intelppm - ok
09:58:21.0807 0x07dc [ ACB364B9075A45C0736E5C47BE5CAE19, 202F77C659103D2D0E787B8CB0A23BE32EA5AA2E6B3B0A0F0A8DFA906AB3C0C0 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
09:58:21.0815 0x07dc IPBusEnum - ok
09:58:21.0840 0x07dc [ 709D1761D3B19A932FF0238EA6D50200, 0A9D2C3A6E91CA45540555B40CB4E2DF3EBE98C1D164C4EECEE20C86782F5823 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
09:58:21.0843 0x07dc IpFilterDriver - ok
09:58:21.0905 0x07dc [ 477397B432A256A50EE7E4339EB9EA14, 3722938E69D16962F773F39669E9B90279DC9527BBC63564B33C89DAFD283497 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
09:58:21.0931 0x07dc iphlpsvc - ok
09:58:21.0966 0x07dc [ E4454B6C37D7FFD5649611F6496308A7, 5B2AA8C06076C9A1FF944E5EA07C29BA7FABEBB38E6BFB388ED46933EAC465FB ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
09:58:21.0970 0x07dc IPMIDRV - ok
09:58:22.0001 0x07dc [ A5FA468D67ABCDAA36264E463A7BB0CD, EDB828D596E43372F97DAE1AADA46428C4C45FB80646DDC64FAD5F25C826CF63 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
09:58:22.0006 0x07dc IPNAT - ok
09:58:22.0034 0x07dc [ 42996CFF20A3084A56017B7902307E9F, 688176DAB91BE569280E4822E4C5BDE755794D293591C53F8047AD59C441751D ] IRENUM C:\Windows\system32\drivers\irenum.sys
09:58:22.0036 0x07dc IRENUM - ok
09:58:22.0070 0x07dc [ 1F32BB6B38F62F7DF1A7AB7292638A35, 86522358680FBB1CEBC56B4D139290689BB0F71A3EC78CE883E4D75D0B37586F ] isapnp C:\Windows\system32\drivers\isapnp.sys
09:58:22.0073 0x07dc isapnp - ok
09:58:22.0108 0x07dc [ ED46C223AE46C6866AB77CDC41C404B7, 1B2A4A3FF0E5F8F02717F20983D57612D62DFF809064A7E524700E7254BB7DB3 ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
09:58:22.0133 0x07dc iScsiPrt - ok
09:58:22.0170 0x07dc [ ADEF52CA1AEAE82B50DF86B56413107E, A3AE1E96B04AC81665ABBD3CB267DFB3F78376DAE18FB0DBD447908DDAAA22D2 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
09:58:22.0172 0x07dc kbdclass - ok
09:58:22.0206 0x07dc [ 3D9F0EBF350EDCFD6498057301455964, B3CB5F0C045B06C86E683F3C67DC0D4E37AF16E20B189B05C926A5A7011438FB ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
09:58:22.0208 0x07dc kbdhid - ok
09:58:22.0219 0x07dc [ C2243FF9E9AAD0C30E8B1A0914DA15B6, CD01BD44659FDAA6FE8679D0F76748409680A4F4885905EA56F655C60DDEC01F ] KeyIso C:\Windows\system32\lsass.exe
09:58:22.0221 0x07dc KeyIso - ok
09:58:22.0253 0x07dc [ 52FC17C8589F11747D01D3CF592673D0, 0D432F14DF6A0964947FADF4AFBCC195946A68230DC17FA610CC000BB0C921A7 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
09:58:22.0256 0x07dc KSecDD - ok
09:58:22.0283 0x07dc [ 3E5474B03568CFAB834DA3C38E8C9EFA, 1223B99AD86905C34BC95C61DA894F36567F4A23EA7E32E955133C5B2FD558DB ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
09:58:22.0288 0x07dc KSecPkg - ok
09:58:22.0326 0x07dc [ 89A7B9CC98D0D80C6F31B91C0A310FCD, 4583CAEEE0D50C0C7CE955E533FDA063CDC37B69033D41EF22EF1BA242E4C747 ] KtmRm C:\Windows\system32\msdtckrm.dll
09:58:22.0368 0x07dc KtmRm - ok
09:58:22.0418 0x07dc [ 8F6BF790D3168224C16F2AF68A84438C, CEEA0E38B746163A4110E157DAB50CC35A689A5BBC9B3691F2B9D3AE49B0D95E ] LanmanServer C:\Windows\System32\srvsvc.dll
09:58:22.0438 0x07dc LanmanServer - ok
09:58:22.0481 0x07dc [ B9891F885DCF1F0513A51CB58493CB1F, C883D243E1E7B7AEA031FB90FE4FCEED631F835DC95F9D9D60BC554E6EC358C2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
09:58:22.0489 0x07dc LanmanWorkstation - ok
09:58:22.0528 0x07dc [ F7611EC07349979DA9B0AE1F18CCC7A6, 879AA7A391966F00761CA039C25EBC62F6712DD5461694911EEC673E12DE103E ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
09:58:22.0530 0x07dc lltdio - ok
09:58:22.0567 0x07dc [ 5700673E13A2117FA3B9020C852C01E2, 6684A2905EE8C438F2A64BE47E51A54D287B08DEFB8E0AE7FC2809D845EE3C5F ] lltdsvc C:\Windows\System32\lltdsvc.dll
09:58:22.0584 0x07dc lltdsvc - ok
09:58:22.0599 0x07dc [ 55CA01BA19D0006C8F2639B6C045E08B, 4DBBDC820C514DB18CC13F8EE178F8C4E39C295C6E3C255416C235553CE7BDC1 ] lmhosts C:\Windows\System32\lmhsvc.dll
09:58:22.0602 0x07dc lmhosts - ok
09:58:22.0644 0x07dc [ EB119A53CCF2ACC000AC71B065B78FEF, 1FD60735C4945AE565C223F0B47EAF9602D8777E3D15600914C1A9D761215AF9 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
09:58:22.0648 0x07dc LSI_FC - ok
09:58:22.0682 0x07dc [ 8ADE1C877256A22E49B75D1CC9161F9C, 3D64F233DC866537E50549A7C1A2B40A954055B22F0BDA39825B04C38C607CB7 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
09:58:22.0686 0x07dc LSI_SAS - ok
09:58:22.0713 0x07dc [ DC9DC3D3DAA0E276FD2EC262E38B11E9, A264990857CBC74036799E17A087130626C0A09BE19879019BAF2D761C62AECC ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
09:58:22.0716 0x07dc LSI_SAS2 - ok
09:58:22.0755 0x07dc [ 0A036C7D7CAB643A7F07135AC47E0524, 2F662D07FCB74B8D493156DB555EAA90A47E93CF14C7B30039D2FE47EB8682B8 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
09:58:22.0764 0x07dc LSI_SCSI - ok
09:58:22.0791 0x07dc [ 6703E366CC18D3B6E534F5CF7DF39CEE, 7396B9AF938284D99EC51206A7B2FA4A0DC10A493DCE6707818B03A7473782C4 ] luafv C:\Windows\system32\drivers\luafv.sys
09:58:22.0794 0x07dc luafv - ok
09:58:22.0813 0x07dc mcdbus - ok
09:58:22.0840 0x07dc [ E2B0887816ED336685954E3D8FDAA51D, 4DCB08ADC6A89DCA68D1285734B283B567888EF72249F6BBA73A63D1BD462466 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
09:58:22.0846 0x07dc Mcx2Svc - ok
09:58:22.0888 0x07dc [ 0FFF5B045293002AB38EB1FD1FC2FB74, 49071B565FD5B2DE43EC00D8518C3BE70843F38919E82F13104B8C1FAFB20374 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
09:58:22.0891 0x07dc megasas - ok
09:58:22.0928 0x07dc [ DCBAB2920C75F390CAF1D29F675D03D6, 85C3A7A010BEA5E3C6179161B295F2CB900A6A214833A5F87A4327392880E2BB ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
09:58:22.0953 0x07dc MegaSR - ok
09:58:23.0343 0x07dc [ FAFE367D032ED82E9332B4C741A20216, 7B123766E360570E0FCB211835B7910D6A1806C25A06BCA9227AB9E993376CA8 ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
09:58:23.0352 0x07dc Microsoft Office Groove Audit Service - ok
09:58:23.0385 0x07dc [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] MMCSS C:\Windows\system32\mmcss.dll
09:58:23.0422 0x07dc MMCSS - ok
09:58:23.0448 0x07dc [ F001861E5700EE84E2D4E52C712F4964, F4DC5AEED6F34D76CCEF360862CC47EF71097BE0813C8CE04EE5F0DB387DFFAE ] Modem C:\Windows\system32\drivers\modem.sys
09:58:23.0452 0x07dc Modem - ok
09:58:23.0534 0x07dc [ 79D10964DE86B292320E9DFE02282A23, 52714827B7EEDACA55326A4E4F6158D4942DFAA3BACDE303A2F569BF3F4FAA72 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
09:58:23.0560 0x07dc monitor - ok
09:58:23.0612 0x07dc [ FB18CC1D4C2E716B6B903B0AC0CC0609, F10CCA63493782B16DE6B96B94A27078DBE68AECEF34FDF840CFF86D2C6E3C5E ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
09:58:23.0614 0x07dc mouclass - ok
09:58:23.0727 0x07dc [ 2C388D2CD01C9042596CF3C8F3C7B24D, B2FB72272BB01AEDA4047B57C943B7E9BD8A6497854F8CC34672AAA592D0A703 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
09:58:23.0729 0x07dc mouhid - ok
09:58:23.0754 0x07dc [ 921C18727C5920D6C0300736646931C2, 19ACE502982E9C5B0134676102EAEE96675C9CA237E410DB36C389D6B4078301 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
09:58:23.0758 0x07dc mountmgr - ok
09:58:23.0846 0x07dc [ 0EACD4459D14FBB121A0F8202F170225, 6C63A3D69D6A44E6E03863D2256A5C6EF2DCA56B18DC90B8F3AE8C8DF5D303EF ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
09:58:23.0854 0x07dc MozillaMaintenance - ok
09:58:23.0887 0x07dc [ 2AF5997438C55FB79D33D015C30E1974, E8F048A02FEB400C133D0BFC1659921E73B59549E3F7D2A13929901B87A1901F ] mpio C:\Windows\system32\drivers\mpio.sys
09:58:23.0892 0x07dc mpio - ok
09:58:23.0920 0x07dc [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0, 1D6DCFA0E56C3E55B6AED819176E751502F863BA0FCF4F0B3253A81D208141A2 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
09:58:23.0944 0x07dc mpsdrv - ok
09:58:24.0037 0x07dc [ 5CD996CECF45CBC3E8D109C86B82D69E, ABE40DA4DA555D3D5054BE28BF82E775D90DCB9E31409DC95FABF2F016B17700 ] MpsSvc C:\Windows\system32\mpssvc.dll
09:58:24.0062 0x07dc MpsSvc - ok
09:58:24.0086 0x07dc [ B1BE47008D20E43DA3ADC37C24CDB89D, 6E8555E84B42E5098227B35EA5ABADF2CD3AC247B37CB9E9304FF67064EBE59B ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
09:58:24.0091 0x07dc MRxDAV - ok
09:58:24.0129 0x07dc [ CA7570E42522E24324A12161DB14EC02, E4DA5EDC7CBCC9E601543071A49347A0AA3EB4EAC205E342A1F2768FD785D08F ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
09:58:24.0134 0x07dc mrxsmb - ok
09:58:24.0204 0x07dc [ F965C3AB2B2AE5C378F4562486E35051, 5FFDD5531B98FF0EA19A901C4EE1CE6043C245A4BE5533A495E331B5834D696B ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
09:58:24.0212 0x07dc mrxsmb10 - ok
09:58:24.0252 0x07dc [ 25C38264A3C72594DD21D355D70D7A5D, DCEF2DEBB1859FED6FC7A19D13A841B6B6CA10577E12F116D0EB2D2B8C72A4A1 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
09:58:24.0256 0x07dc mrxsmb20 - ok
09:58:24.0285 0x07dc [ 4326D168944123F38DD3B2D9C37A0B12, 322AE93418BE3BA6B3E11C86431EC3F4B23CADC3B968B92978A08A7C0D0D8902 ] msahci C:\Windows\system32\drivers\msahci.sys
09:58:24.0287 0x07dc msahci - ok
09:58:24.0317 0x07dc [ 455029C7174A2DBB03DBA8A0D8BDDD9A, 614D71978B024109ADD9A7A74F74ABD5FAA1C36A2E859AF288398EAE7CD76DF2 ] msdsm C:\Windows\system32\drivers\msdsm.sys
09:58:24.0349 0x07dc msdsm - ok
09:58:24.0393 0x07dc [ E1BCE74A3BD9902B72599C0192A07E27, 5162EB623FE64E9DFEAC6CA2410EFA1314E62EC13207FFBFED2D61AA887603C4 ] MSDTC C:\Windows\System32\msdtc.exe
09:58:24.0401 0x07dc MSDTC - ok
09:58:24.0441 0x07dc [ DAEFB28E3AF5A76ABCC2C3078C07327F, 6EB558532400B489763BAE7203538DE5F196282A8CB46A1B31D59120FC5AFCEF ] Msfs C:\Windows\system32\drivers\Msfs.sys
09:58:24.0442 0x07dc Msfs - ok
09:58:24.0465 0x07dc [ 3E1E5767043C5AF9367F0056295E9F84, B2EDFECD3C14E4FE1BA87D9A86334043A9BD696A554EBD186DA7EAEB2EBD4F70 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
09:58:24.0467 0x07dc mshidkmdf - ok
09:58:24.0501 0x07dc [ 0A4E5757AE09FA9622E3158CC1AEF114, ED574E420E57374E328C7C526504ECA569C164287966F06019EC207CB17F2C54 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
09:58:24.0503 0x07dc msisadrv - ok
09:58:24.0542 0x07dc [ 90F7D9E6B6F27E1A707D4A297F077828, BEFC220EAA7307849600748842ACB9254A6A91158812D9B23EFAF912C498BA7F ] MSiSCSI C:\Windows\system32\iscsiexe.dll
09:58:24.0549 0x07dc MSiSCSI - ok
09:58:24.0560 0x07dc msiserver - ok
09:58:24.0596 0x07dc [ 8C0860D6366AAFFB6C5BB9DF9448E631, 949C5A14E57F2D7385543C17C3485E7ADE36EA2016F6E0A1866571D2EDE90A77 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
09:58:24.0598 0x07dc MSKSSRV - ok
09:58:24.0634 0x07dc [ 3EA8B949F963562CEDBB549EAC0C11CE, 1B0B2F16A1790282504F3C548D47C3281EFB440D5D9711A1EF76D6371B768D2D ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
09:58:24.0636 0x07dc MSPCLOCK - ok
09:58:24.0650 0x07dc [ F456E973590D663B1073E9C463B40932, 48BA6D5580EE7B6A4C06E04772FD35B51779553FC0DD6C5C30DD8B5DEEB25B11 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
09:58:24.0653 0x07dc MSPQM - ok
09:58:24.0694 0x07dc [ 0E008FC4819D238C51D7C93E7B41E560, 141FCEBDD05874407EAEC35A9DCD3BB16F2A428F23E55487D6A5DBFCADBF10D2 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
09:58:24.0702 0x07dc MsRPC - ok
09:58:24.0744 0x07dc [ FC6B9FF600CC585EA38B12589BD4E246, F05DB01AE1955D2468CE6B51E51998B111CA3B0BDEED090EE6B99B625CBA564A ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
09:58:24.0746 0x07dc mssmbios - ok
09:58:24.0786 0x07dc [ B42C6B921F61A6E55159B8BE6CD54A36, 6BB0A7BE005B8F281E551D1B8046CE4202372BC7AE0161881C858BFAC675FE1C ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
09:58:24.0788 0x07dc MSTEE - ok
09:58:24.0801 0x07dc [ 33599130F44E1F34631CEA241DE8AC84, E15B31D1AFDC8DC6D2B21D4215796A99ECC69EEDBB06CEED01AECC3C99A44C8B ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
09:58:24.0802 0x07dc MTConfig - ok
09:58:24.0817 0x07dc [ 159FAD02F64E6381758C990F753BCC80, E55AB01DCFA95ECAB24A2A9656E28FF9D064BA08B3D82DC8AA42F5991BA09598 ] Mup C:\Windows\system32\Drivers\mup.sys
09:58:24.0820 0x07dc Mup - ok
09:58:24.0927 0x07dc [ 3DFEAAFF6C2F8F30259B2D17D192BA3E, D5C196F7E14315A18B82D5EBF2288247F5AB6EEA355F1F8C55C15F8AB4C4E388 ] My Sample Service C:\ProgramData\MySampleService\sys.exe
09:58:24.0945 0x07dc My Sample Service - ok
09:58:24.0977 0x07dc [ 80284F1985C70C86F0B5F86DA2DFE1DF, 424A5BBC28C72DA0DBABEB9E423B8C409754CD1BA3DFC9E174BF22D8BCE1BE63 ] napagent C:\Windows\system32\qagentRT.dll
09:58:24.0991 0x07dc napagent - ok
09:58:25.0034 0x07dc [ 26384429FCD85D83746F63E798AB1480, 957C115C263A4B4DC854558B43ECE632D8E2BCCB744E23A01EBA7476BA2E7FFB ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
09:58:25.0052 0x07dc NativeWifiP - ok
09:58:25.0100 0x07dc [ 23759D175A0A9BAAF04D05047BC135A8, 2C8C553B4E1ED3A644F619F16BCEDD5A3C6D74A17E6E75A3E740E06B1D636348 ] NDIS C:\Windows\system32\drivers\ndis.sys
09:58:25.0134 0x07dc NDIS - ok
09:58:25.0166 0x07dc [ 0E1787AA6C9191D3D319E8BAFE86F80C, F535022747355B2C66424BDA892D7DCB820C2EB8EE05BAE5BC6D1B1D65186278 ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
09:58:25.0168 0x07dc NdisCap - ok
09:58:25.0197 0x07dc [ E4A8AEC125A2E43A9E32AFEEA7C9C888, 6EA181117126FC70B3C1DD1AC73CC26D1603A2CF49E47F66623E2C9489C49B55 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
09:58:25.0200 0x07dc NdisTapi - ok
09:58:25.0320 0x07dc [ B30AE7F2B6D7E343B0DF32E6C08FCE75, 39BBBF7AF886732CB9ED3E6C06DA4318554089F3BEA74C74328FE1C6EF68E70B ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
09:58:25.0374 0x07dc Ndisuio - ok
09:58:25.0402 0x07dc [ 267C415EADCBE53C9CA873DEE39CF3A4, BAA8626BDA7B68176B19A99FBBD40FB2A774C8F44B56F9FFB99A1F5C16A1C555 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
09:58:25.0419 0x07dc NdisWan - ok
09:58:25.0463 0x07dc [ AF7E7C63DCEF3F8772726F86039D6EB4, 1CFDED48E8844138864786DBF9D5519162A6DB28F885A781934E8AFBD52EAC50 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
09:58:25.0477 0x07dc NDProxy - ok
09:58:25.0525 0x07dc [ 80B275B1CE3B0E79909DB7B39AF74D51, 75B406B0D9D28239D4EB2A298419A5F78A58237D88C5FD688EF1DFFAFACCF796 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
09:58:25.0536 0x07dc NetBIOS - ok
09:58:25.0564 0x07dc [ DD52A733BF4CA5AF84562A5E2F963B91, 5CEB9664CED3D120F5408A12035748728710D41090A289CF66023CED4C838A1F ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
09:58:25.0595 0x07dc NetBT - ok
09:58:25.0617 0x07dc [ C2243FF9E9AAD0C30E8B1A0914DA15B6, CD01BD44659FDAA6FE8679D0F76748409680A4F4885905EA56F655C60DDEC01F ] Netlogon C:\Windows\system32\lsass.exe
09:58:25.0620 0x07dc Netlogon - ok
09:58:25.0671 0x07dc [ 7CCCFCA7510684768DA22092D1FA4DB2, BB9E4F8FABBF596D888E6D303CB54A336D9DFF95B36AEA9369D2ED787DDC4B5D ] Netman C:\Windows\System32\netman.dll
09:58:25.0684 0x07dc Netman - ok
09:58:25.0730 0x07dc [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
09:58:25.0784 0x07dc NetMsmqActivator - ok
09:58:25.0809 0x07dc [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
09:58:25.0815 0x07dc NetPipeActivator - ok
09:58:25.0857 0x07dc [ 8C338238C16777A802D6A9211EB2BA50, 0D08A47CD403EDA5E8CAD7409BBBBCDC29A9861D2DC41D42B68B22B1AA1EBDD6 ] netprofm C:\Windows\System32\netprofm.dll
09:58:25.0871 0x07dc netprofm - ok
09:58:25.0899 0x07dc [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
09:58:25.0902 0x07dc NetTcpActivator - ok
09:58:25.0914 0x07dc [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
09:58:25.0917 0x07dc NetTcpPortSharing - ok
09:58:25.0955 0x07dc [ 1D85C4B390B0EE09C7A46B91EFB2C097, 6A8850B151E88EE371F3CC543A946302DDF9494908D684B8B0C706A42CC54348 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
09:58:25.0958 0x07dc nfrd960 - ok
09:58:25.0993 0x07dc [ 2226496E34BD40734946A054B1CD657F, 98392D98C9213822268971432BB55047ABD8B4EBD42483FA69BF50FB8FAD64A2 ] NlaSvc C:\Windows\System32\nlasvc.dll
09:58:26.0004 0x07dc NlaSvc - ok
09:58:26.0042 0x07dc npf - ok
09:58:26.0061 0x07dc [ 1DB262A9F8C087E8153D89BEF3D2235F, A51EE5D5AD3CD76B74BEA9C66C462608BF3B50C53DAA4110A75DB10495A8C101 ] Npfs C:\Windows\system32\drivers\Npfs.sys
09:58:26.0063 0x07dc Npfs - ok
09:58:26.0098 0x07dc [ BA387E955E890C8A88306D9B8D06BF17, 3477BD9686C5777A93251C154512671AAA7533B18C536DF51F7B1D6D28E7F8A5 ] nsi C:\Windows\system32\nsisvc.dll
09:58:26.0101 0x07dc nsi - ok
09:58:26.0128 0x07dc [ E9A0A4D07E53D8FEA2BB8387A3293C58, 690CAD6C4E35ECC1172A2E1FD3933DF73158B3BF42CB21244269612A53DE4D7A ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
09:58:26.0130 0x07dc nsiproxy - ok
09:58:26.0204 0x07dc [ A8F59428E9F361C7AC42A94AC1560BC9, 5B056375C8D21E7AE9E2EAC2EF62F5A2D6D0DBB52DD2FC34F9CC35F55C6766A6 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
09:58:26.0230 0x07dc Ntfs - ok
09:58:26.0286 0x07dc [ F9756A98D69098DCA8945D62858A812C, 572ADBFCFDE2030B34A013AADC14DBC144EB3F34D06991E2464A3EA9605BC045 ] Null C:\Windows\system32\drivers\Null.sys
09:58:26.0287 0x07dc Null - ok
09:58:26.0343 0x07dc [ F1B0BED906F97E16F6D0C3629D2F21C6, 563DE1AF0BE884264FD0D17AAA92EA32A2EACDF1E6C56D038773919D731E110C ] nvraid C:\Windows\system32\drivers\nvraid.sys
09:58:26.0348 0x07dc nvraid - ok
09:58:26.0373 0x07dc [ 4520B63899E867F354EE012D34E11536, BDFF1033609834F44B0EDBE8B360FD7977D027034C469862385736AEFE8832B7 ] nvstor C:\Windows\system32\drivers\nvstor.sys
09:58:26.0379 0x07dc nvstor - ok
09:58:26.0406 0x07dc [ 5A0983915F02BAE73267CC2A041F717D, D83461D74597BF2BE042FEFCC27FCD18BF63CB8135B0666D731D50951C3468A8 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
09:58:26.0410 0x07dc nv_agp - ok
09:58:26.0478 0x07dc [ 84DE1DD996B48B05ACE31AD015FA108A, 4B9D1E4EF83ECED6C77F23D9879C124534F7053D7423E3A2D0F67A4A720CEA94 ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
09:58:26.0503 0x07dc odserv - ok
09:58:26.0532 0x07dc [ 08A70A1F2CDDE9BB49B885CB817A66EB, 0BB98123B544124B144F3E95D77E01E973D060B8B2302503FF24ABBBE803EB63 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
09:58:26.0536 0x07dc ohci1394 - ok
09:58:26.0574 0x07dc [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
09:58:26.0583 0x07dc ose - ok
09:58:26.0702 0x07dc [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
09:58:26.0726 0x07dc p2pimsvc - ok
09:58:26.0770 0x07dc [ 59C3DDD501E39E006DAC31BF55150D91, E02B63AB7F34CF6FF3F644AF354D10004E6F50014E03172D80BD78934EF71EF1 ] p2psvc C:\Windows\system32\p2psvc.dll
09:58:26.0784 0x07dc p2psvc - ok
09:58:26.0832 0x07dc [ 2EA877ED5DD9713C5AC74E8EA7348D14, 14BA3722CE5F8FF07F2D97DCDD6558EB49C9B02E5E6FAD6D9F18D354733EFECE ] Parport C:\Windows\system32\DRIVERS\parport.sys
09:58:26.0835 0x07dc Parport - ok
09:58:26.0863 0x07dc [ 66D3415C159741ADE7038A277EFFF99F, D9853845FE495A546328986718074373EAB0F59538CFE7E604B1A94C8CBE7140 ] partmgr C:\Windows\system32\drivers\partmgr.sys
09:58:26.0866 0x07dc partmgr - ok
09:58:26.0895 0x07dc [ EB0A59F29C19B86479D36B35983DAADC, AC09AFE7F13BE4079D01383BAC44091997E1AAF6512C9673A42B9E3780EB08A8 ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
09:58:26.0896 0x07dc Parvdm - ok
09:58:26.0929 0x07dc [ 358AB7956D3160000726574083DFC8A6, 6CAFD4D1B8AB8C1D167ADC018985DDAB5AC2CBFFB3434FE6390F14AF50C19025 ] PcaSvc C:\Windows\System32\pcasvc.dll
09:58:26.0946 0x07dc PcaSvc - ok
09:58:26.0980 0x07dc [ C858CB77C577780ECC456A892E7E7D0F, 21AE545B736739DE5A7B02CF227516BA6D02B1AAAECD8CC516CCF9F1FD710BCF ] pci C:\Windows\system32\drivers\pci.sys
09:58:26.0986 0x07dc pci - ok
09:58:27.0015 0x07dc [ AFE86F419014DB4E5593F69FFE26CE0A, CAF36E61BE7B511D3A03A65FF5A3017CEE4D2F53005B410F2D4A2AAE9FED4C00 ] pciide C:\Windows\system32\drivers\pciide.sys
09:58:27.0018 0x07dc pciide - ok
09:58:27.0046 0x07dc [ F396431B31693E71E8A80687EF523506, BC614FC21E029E2497F1CCE3131BBD295B827F2310762B47D5BBC7703D80554B ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
09:58:27.0053 0x07dc pcmcia - ok
09:58:27.0072 0x07dc [ 250F6B43D2B613172035C6747AEEB19F, A91F15B133F2619912CF750E6F3662E011CD0FA4B9477CE532CE3196D23307D9 ] pcw C:\Windows\system32\drivers\pcw.sys
09:58:27.0075 0x07dc pcw - ok
09:58:27.0127 0x07dc [ 9E0104BA49F4E6973749A02BF41344ED, B32F39F38DB48D77FBA884DEE34112BAB81CCEF5DD2EAAA12D9589D73D2BB116 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
09:58:27.0153 0x07dc PEAUTH - ok
09:58:27.0230 0x07dc [ AF4D64D2A57B9772CF3801950B8058A6, C9C493A3775E6E1660CE5DF75DA574D0C04245FB88CF41B96217A725359C350D ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
09:58:27.0285 0x07dc PeerDistSvc - ok
09:58:27.0396 0x07dc [ 9C1BFF7910C89A1D12E57343475840CB, 62E00E1278BD263B2AC8CB803C31F2818C54DB143C49470FAD07731E04BD2DE3 ] pla C:\Windows\system32\pla.dll
09:58:27.0465 0x07dc pla - ok
09:58:27.0547 0x07dc [ 71DEF5EC79774C798342D0EA16E41780, 5B5A365E57A7ACE3C4EDA1D891BD613879B284831E8253FDE498E40B2091E3B6 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
09:58:27.0659 0x07dc PlugPlay - ok
09:58:27.0702 0x07dc [ 63FF8572611249931EB16BB8EED6AFC8, 9732CCBCB93A7A4BEC88812B952C20244479E9BD781240C195E57F09E619EA33 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
09:58:27.0728 0x07dc PNRPAutoReg - ok
09:58:27.0840 0x07dc [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
09:58:27.0862 0x07dc PNRPsvc - ok
09:58:27.0887 0x07dc [ 48E1B75C6DC0232FD92BAAE4BD344721, 5BA4EB5A60725836D8085EABF87F51160BA57E318A0C4378410217911A393CE7 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
09:58:27.0934 0x07dc PolicyAgent - ok
09:58:28.0012 0x07dc [ DBFF83F709A91049621C1D35DD45C92C, 0A722A44F431CAB5EA77FF5F25EB6975C2111B605564FF9FB59751067E7CD3A7 ] Power C:\Windows\system32\umpo.dll
09:58:28.0035 0x07dc Power - ok
09:58:28.0089 0x07dc [ 631E3E205AD6D86F2AED6A4A8E69F2DB, 1D3BF0CFC37D91A3A56246920B9CF1084E78A055D56E85A773417809C58C8065 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
09:58:28.0092 0x07dc PptpMiniport - ok
09:58:28.0127 0x07dc [ 85B1E3A0C7585BC4AAE6899EC6FCF011, 1E067113C146D6842D7FB04007F363D6FB7783C6BC7C9AB6614E44075C4F86C3 ] Processor C:\Windows\system32\DRIVERS\processr.sys
09:58:28.0130 0x07dc Processor - ok
09:58:28.0177 0x07dc [ AEA3BDBDBA667AA6F678CB38907E4F5E, AB698DCA117F8D5F22F9CD8D7884147BAB4E0C055B8A487BC035C18ED1634752 ] ProfSvc C:\Windows\system32\profsvc.dll
09:58:28.0223 0x07dc ProfSvc - ok
09:58:28.0241 0x07dc [ C2243FF9E9AAD0C30E8B1A0914DA15B6, CD01BD44659FDAA6FE8679D0F76748409680A4F4885905EA56F655C60DDEC01F ] ProtectedStorage C:\Windows\system32\lsass.exe
09:58:28.0245 0x07dc ProtectedStorage - ok
09:58:28.0281 0x07dc [ 6270CCAE2A86DE6D146529FE55B3246A, 463209CBAF1B0E269DC8FC6FBDEE5BB7E5ADB5D3F024930BFD0B97E0A9678883 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
09:58:28.0286 0x07dc Psched - ok
09:58:28.0944 0x07dc [ EEBDDBB9ADC46BE1BFE295EB0A501FC6, DD18AB24B90964A11882C30D0670CC2A30BBD0AF0A052134E71978EFF6CDF3B4 ] QHActiveDefense C:\Program Files\360\Total Security\safemon\QHActiveDefense.exe
09:58:28.0995 0x07dc QHActiveDefense - ok
09:58:29.0081 0x07dc [ AB95ECF1F6659A60DDC166D8315B0751, 0ED6D3460D28978BADF31B930DBB3298A6A10EFF8883763EABA0E36A21A0E83D ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
09:58:29.0134 0x07dc ql2300 - ok
09:58:29.0159 0x07dc [ B4DD51DD25182244B86737DC51AF2270, 7E62B04F054A6330B7F9968222523BDE8F3EE47A11D17E6C0E2D5ACDC07B9E6B ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
09:58:29.0182 0x07dc ql40xx - ok
09:58:29.0290 0x07dc [ 718D9C5FAAB4CE0E24C09D901220CB41, D3668CA13386F6F49F320843449FDD23FFCC057975158F4F89A77C23A1FE002B ] qutmdserv C:\Windows\system32\DRIVERS\qutmdrv.sys
09:58:29.0297 0x07dc qutmdserv - ok
09:58:29.0354 0x07dc [ 0187934673B41FA8AC7B0DAFC0C5831B, 92ADE97D69A045FA338013F13A1A8241A169E9DC2C878546DDF13C2E844FA4DF ] qutmipc C:\Windows\system32\drivers\qutmipc.sys
09:58:29.0357 0x07dc qutmipc - ok
09:58:29.0389 0x07dc [ 31AC809E7707EB580B2BDB760390765A, A8481FD19A0F778F5591B7676F591F664ADC68B6867E663C0F9564173F4AC909 ] QWAVE C:\Windows\system32\qwave.dll
09:58:29.0402 0x07dc QWAVE - ok
09:58:29.0421 0x07dc [ 584078CA1B95CA72DF2A27C336F9719D, 836F115C92D343463C14A9DE39648C1EFA7C7EE4720F5C692EE0F68B84830121 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
09:58:29.0424 0x07dc QWAVEdrv - ok
09:58:29.0451 0x07dc [ 30A81B53C766D0133BB86D234E5556AB, 726C6B83B5ACAA84CAB1689B6DD6DDAE3199D61A57B5D7B5B5A0F62FCF838090 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
09:58:29.0454 0x07dc RasAcd - ok
09:58:29.0499 0x07dc [ 57EC4AEF73660166074D8F7F31C0D4FD, C66B425EC4DB5E7FD289AE631C9B019EB16717C55E80FAE964BB22203E4AACEF ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
09:58:29.0501 0x07dc RasAgileVpn - ok
09:58:29.0528 0x07dc [ A60F1839849C0C00739787FD5EC03F13, B210DFA5A843CF1DA73635F168E2EA5052CBED15C664F8523CDFB34CA165D0E0 ] RasAuto C:\Windows\System32\rasauto.dll
09:58:29.0562 0x07dc RasAuto - ok
09:58:29.0611 0x07dc [ D9F91EAFEC2815365CBE6D167E4E332A, 8350457A39D141C13807E7DB5A8D4113197C4016F7744B9993391F4AEA0C4A5C ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
09:58:29.0614 0x07dc Rasl2tp - ok
09:58:29.0664 0x07dc [ 0CE66EC736B7FC526D78F7624C7D2A94, D70B45AA413691CF84B24E966EBA1689955E54BDDA206380CAB7CD50F56D5CEB ] RasMan C:\Windows\System32\rasmans.dll
09:58:29.0689 0x07dc RasMan - ok
09:58:29.0745 0x07dc [ 0FE8B15916307A6AC12BFB6A63E45507, 64119474DE7499E6E8B82E78BBD50074B3AA70B3E8329089FAE9B7F29919004E ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
09:58:29.0749 0x07dc RasPppoe - ok
09:58:29.0779 0x07dc [ 44101F495A83EA6401D886E7FD70096B, 56A0CE5C89870752B9B2AB795C1A248CA28209E049B2F20CCA0308CBE2488A0A ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
09:58:29.0810 0x07dc RasSstp - ok
09:58:29.0851 0x07dc [ 835D7E81BF517A3B72384BDCC85E1CE6, DC855AF17150C1B27926293115C01B5E1FD00FABCE18AFAEAB3DC68BDE4C908B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
09:58:29.0877 0x07dc rdbss - ok
09:58:29.0903 0x07dc [ 0D8F05481CB76E70E1DA06EE9F0DA9DF, 2AFCBE3237D27AFBF095F91F1FCCA63E6890F34A9E4F00E5C34C92394CDA89FB ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
09:58:29.0905 0x07dc rdpbus - ok
09:58:29.0934 0x07dc [ 1E016846895B15A99F9A176A05029075, 78AE674B6E7D3A69099B24AC07E06563A4C867F9DCD8548E4DAAE6FC5ACA4E29 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
09:58:29.0957 0x07dc RDPCDD - ok
09:58:30.0039 0x07dc [ C5FF95883FFEF704D50C40D21CFB3AB5, 26CC53DDE126A6BD99F606695F063BB7FDC4BBABB9F75F7AD7A84B58C837EEAA ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
09:58:30.0069 0x07dc RDPDR - ok
09:58:30.0098 0x07dc [ 5A53CA1598DD4156D44196D200C94B8A, 8112FE14FEC94C67B1C5BDE4171E37584F1D0098D2C557C9E4BDD3E0291E25E4 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
09:58:30.0100 0x07dc RDPENCDD - ok
09:58:30.0124 0x07dc [ 44B0A53CD4F27D50ED461DAE0C0B4E1F, CDA80B08E67AD034081C0C920CD66147689F1844403CBC552F65005E7C011A91 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
09:58:30.0125 0x07dc RDPREFMP - ok
09:58:30.0161 0x07dc [ C5B8D47A4688DE9D335204EA757C2240, 2F646466120911B0CA0E331B4959A470E18DFD51C8FAAB69BE0461C31D52DBBE ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
09:58:30.0169 0x07dc RDPWD - ok
09:58:30.0212 0x07dc [ 4EA225BF1CF05E158853F30A99CA29A7, F211480F13E2FE36C31110AE67ABE74E9D572D3A36BEEDE29E14ECBD8C246878 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
09:58:30.0229 0x07dc rdyboost - ok
09:58:30.0264 0x07dc [ 7B5E1419717FAC363A31CC302895217A, 048B96B127CC20833948DAE53C59886D5C725ECA7A744424A01339447D2DDC32 ] RemoteAccess C:\Windows\System32\mprdim.dll
09:58:30.0296 0x07dc RemoteAccess - ok
09:58:30.0345 0x07dc [ CB9A8683F4EF2BF99E123D79950D7935, B9FA3E7E91E76D975CF40BFA37909E50F29CC13AB1399007884710651827E9AA ] RemoteRegistry C:\Windows\system32\regsvc.dll
09:58:30.0375 0x07dc RemoteRegistry - ok
09:58:30.0462 0x07dc [ CB928D9E6DAF51879DD6BA8D02F01321, DFD263B67DDF98AE09AF6D6986CBC7BE3206BCE8403AAC51BCF9459E78233D12 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
09:58:30.0491 0x07dc RFCOMM - ok
09:58:30.0538 0x07dc [ 78D072F35BC45D9E4E1B61895C152234, 80C924EE1156B4E3172E83DCB9C60817E87885FB9377647E0BF90153E415B1CA ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
09:58:30.0547 0x07dc RpcEptMapper - ok
09:58:30.0574 0x07dc [ 94D36C0E44677DD26981D2BFEEF2A29D, D77A93AC60536F3706E8A0154C0C2199E888B7748C84DB7437254FF175F4DF55 ] RpcLocator C:\Windows\system32\locator.exe
09:58:30.0577 0x07dc RpcLocator - ok
09:58:30.0605 0x07dc [ B82CD39E336973359D7C9BF911E8E84F, 45DB8F1E88FC25A81D2F3C2F8A8CDB6B34C44950B038E24FB71DCDD9823DB22A ] RpcSs C:\Windows\System32\rpcss.dll
09:58:30.0616 0x07dc RpcSs - ok
09:58:30.0692 0x07dc [ 032B0D36AD92B582D869879F5AF5B928, 0F8F18A6A0A689957B886D9368015889091094EDA18BE532093F06A70A7CE184 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
09:58:30.0695 0x07dc rspndr - ok
09:58:30.0778 0x07dc [ 7DFD48E24479B68B258D8770121155A0, 3B5F7309403C46855DB888CF2058B07C9029690DBC7FB3224BAC7BE5547D2D57 ] RTL8167 C:\Windows\system32\DRIVERS\Rt86win7.sys
09:58:30.0803 0x07dc RTL8167 - ok
09:58:30.0859 0x07dc [ 5423D8437051E89DD34749F242C98648, 28FD190E13676B0FD452A73C3069B72206E2938DB2240BAA9BDB56687C748A2B ] s3cap C:\Windows\system32\drivers\vms3cap.sys
09:58:30.0861 0x07dc s3cap - ok
09:58:30.0874 0x07dc [ C2243FF9E9AAD0C30E8B1A0914DA15B6, CD01BD44659FDAA6FE8679D0F76748409680A4F4885905EA56F655C60DDEC01F ] SamSs C:\Windows\system32\lsass.exe
09:58:30.0878 0x07dc SamSs - ok
09:58:30.0911 0x07dc [ 34EE0C44B724E3E4CE2EFF29126DE5B5, D27AAF77CB8830893558A600E19CDBF9A6AA7D69DE4B34F317ED4AFD38E8CAFB ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
09:58:30.0915 0x07dc sbp2port - ok
09:58:30.0948 0x07dc [ 8FC518FFE9519C2631D37515A68009C4, 21E10585470CF9FC3BD1977F8A426686CD2FA6BD2094B9E3594B21C7C4541D25 ] SCardSvr C:\Windows\System32\SCardSvr.dll
09:58:30.0979 0x07dc SCardSvr - ok
09:58:31.0020 0x07dc [ A95C54B2AC3CC9C73FCDF9E51A1D6B51, 8C0189A6AF9AEC46CBA4DA422C52B2D3E4858B2F2658DB6CA7996B5F368D2503 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
09:58:31.0022 0x07dc scfilter - ok
09:58:31.0245 0x07dc [ DF1E5C82E4D09CF8105CC644980C4803, 36BB8402B29466CF1AE5BD56ED6CF6FE47DE162ADF04D44E2BCEA168CB0BD4D4 ] Schedule C:\Windows\system32\schedsvc.dll
09:58:31.0287 0x07dc Schedule - ok
09:58:31.0310 0x07dc [ 628A9E30EC5E18DD5DE6BE4DBDC12198, DDA43DCCB195440D6BD5752BD00D984F45BD6D23DBE2A656C33E3CD1E5D17AD7 ] SCPolicySvc C:\Windows\System32\certprop.dll
09:58:31.0313 0x07dc SCPolicySvc - ok
09:58:31.0345 0x07dc [ 5FD90ABDBFAEE85986802622CBB03446, 0A8D9DC09C2ACA9EAABED04737E9EBF6EFB92BB2B9E5F37F10BFDF47CBF7DEDB ] SDRSVC C:\Windows\System32\SDRSVC.dll
09:58:31.0375 0x07dc SDRSVC - ok
09:58:31.0437 0x07dc [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv C:\Windows\system32\drivers\secdrv.sys
09:58:31.0439 0x07dc secdrv - ok
09:58:31.0460 0x07dc [ A59B3A4442C52060CC7A85293AA3546F, 1776D6DEE51991149265AAF39E17065E301C5FA1FF4068653DC0010B9B27185D ] seclogon C:\Windows\system32\seclogon.dll
09:58:31.0464 0x07dc seclogon - ok
09:58:31.0498 0x07dc [ DCB7FCDCC97F87360F75D77425B81737, F8289AF2C458C167038EEFE613EE5E3D6D5B3308B8784168374BC81C47891CE5 ] SENS C:\Windows\system32\sens.dll
09:58:31.0504 0x07dc SENS - ok
09:58:31.0538 0x07dc [ 50087FE1EE447009C9CC2997B90DE53F, B5E6CF1D991F87C29C5E28198E0962E31FFB499A46C3BD43FC20391693389959 ] SensrSvc C:\Windows\system32\sensrsvc.dll
09:58:31.0543 0x07dc SensrSvc - ok
09:58:31.0587 0x07dc [ 9AD8B8B515E3DF6ACD4212EF465DE2D1, E2F019BCD1446236D078D46065DD151DD068778F33BE2F1E8A0CC1EA2F954E86 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
09:58:31.0588 0x07dc Serenum - ok
09:58:31.0620 0x07dc [ 5FB7FCEA0490D821F26F39CC5EA3D1E2, A26DB2EB9F3E2509B4EBA949DB97595CC32332D9321DF68283BFC102E66D766F ] Serial C:\Windows\system32\DRIVERS\serial.sys
09:58:31.0624 0x07dc Serial - ok
09:58:31.0651 0x07dc [ 79BFFB520327FF916A582DFEA17AA813, 7A2A9D69BE02228591186A9F4453D4B5FD98837CA422C873C48040170E8BD18C ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
09:58:31.0654 0x07dc sermouse - ok
09:58:31.0692 0x07dc [ 8F55CE568C543D5ADF45C409D16718FC, 64D45854A91B656C1AF36EB272FDC54E9B5FB0200CB93E20F7D997DDA109EF7F ] SessionEnv C:\Windows\system32\sessenv.dll
09:58:31.0699 0x07dc SessionEnv - ok
09:58:31.0729 0x07dc [ 9F976E1EB233DF46FCE808D9DEA3EB9C, 6A5C53F27F8BCA85CE206EE7D196176F67EC6FFA5D4830373A20792C149B5E75 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
09:58:31.0731 0x07dc sffdisk - ok
09:58:31.0761 0x07dc [ 932A68EE27833CFD57C1639D375F2731, 11D6B98FBEEE2B9C7B06EF7091857BBD3B349077997D6261D66280668FD1B5C3 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
09:58:31.0763 0x07dc sffp_mmc - ok
09:58:31.0794 0x07dc [ 4F1E5B0FE7C8050668DBFADE8999AEFB, E36DAACC3D11F004808A3F44C471BBFDC2F33411D9F5C18B55B0DB2A6DA6E74C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
09:58:31.0795 0x07dc sffp_sd - ok
09:58:31.0825 0x07dc [ DB96666CC8312EBC45032F30B007A547, C3AE60FC65A36E96E0D2CC6E184481D70F91A19DC3E2E17E2873DD670A592DD7 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
09:58:31.0850 0x07dc sfloppy - ok
09:58:31.0925 0x07dc [ D1A079A0DE2EA524513B6930C24527A2, E2BC16DBCF38841EECD49C6FA1A9AC89C17F332F12606CA826F058E995E1B83D ] SharedAccess C:\Windows\System32\ipnathlp.dll
09:58:31.0937 0x07dc SharedAccess - ok
09:58:31.0978 0x07dc [ CD2E48FA5B29EE2B3B5858056D246EF2, B743F92D0121CF3D827753C85F1F5A14C2DAA1CAFD42C7810C3BECB853DB6175 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
09:58:32.0034 0x07dc ShellHWDetection - ok
09:58:32.0087 0x07dc [ 2565CAC0DC9FE0371BDCE60832582B2E, 1A775214E86B83C2F1799F12D71077D81C89AD32734A248BA88787B7F104B79D ] sisagp C:\Windows\system32\drivers\sisagp.sys
09:58:32.0100 0x07dc sisagp - ok
09:58:32.0142 0x07dc [ A9F0486851BECB6DDA1D89D381E71055, 7E909538AB758C18AC2CCBFFEE17BA36FA6ED2E674AA70924AA87AC61375FF35 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
09:58:32.0145 0x07dc SiSRaid2 - ok
09:58:32.0161 0x07dc [ 3727097B55738E2F554972C3BE5BC1AA, 75D52A596A298C33EC79A3B0B80F25492C08A182ABC679401502DA9597687566 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
09:58:32.0164 0x07dc SiSRaid4 - ok
09:58:32.0302 0x07dc [ 22CC2A61BC77C5972B58756049AA254E, 4DF554A1C2FF8C2D9AD8633231961DE95171A17295DAA7779E607AFD7BD8FE03 ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
09:58:32.0361 0x07dc SkypeUpdate - ok
09:58:32.0395 0x07dc [ 3E21C083B8A01CB70BA1F09303010FCE, 803F8F91299C387110F34A49340E7136AAE91B418E2977A36285EA8F432FF197 ] Smb C:\Windows\system32\DRIVERS\smb.sys
09:58:32.0399 0x07dc Smb - ok
09:58:32.0542 0x07dc [ 6A984831644ECA1A33FFEAE4126F4F37, 753E23D2B33D47C52C05D892B052CFD96D93B97FB6E9FCB58EF1E4C4A125BF78 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
09:58:32.0572 0x07dc SNMPTRAP - ok
09:58:32.0730 0x07dc [ 95CF1AE7527FB70F7816563CBC09D942, CE8BACB91A5A86CBCE82619C6C1873B4D7593B00CED3B522E41B8F7F6258CC65 ] spldr C:\Windows\system32\drivers\spldr.sys
09:58:32.0732 0x07dc spldr - ok
09:58:32.0816 0x07dc [ E17323B0AA9FB3FF9945731D736EDA2F, 65837FC6329A4B2B042B0CDB04F139CA14C2BD1EE0CDB2C7705431E9D97D0597 ] Spooler C:\Windows\System32\spoolsv.exe
09:58:32.0830 0x07dc Spooler - ok
09:58:33.0194 0x07dc [ 4C287F9069FEDBD791178876EE9DE536, 6099E76FF6FBA002EBA2BA7BE4E3238D91332E077524D1DD402E0C9ADA22E852 ] sppsvc C:\Windows\system32\sppsvc.exe
09:58:33.0347 0x07dc sppsvc - ok
09:58:33.0401 0x07dc [ D8E3E19EEBDAB49DD4A8D3062EAD4EC7, E7A8A5774C62DC12B56DC3E0A385ACA9069F3A5E6AC664AD0C383EF44DCF81B3 ] sppuinotify C:\Windows\system32\sppuinotify.dll
09:58:33.0424 0x07dc sppuinotify - ok
09:58:33.0514 0x07dc [ CBEAEA2729985BFB260641AB424E0166, 2FCED2951D5A1ACF93150BB0CA2293CCBE4227EBAAEA8438A78B5AFC6591F375 ] sptd C:\Windows\System32\Drivers\sptd.sys
09:58:33.0537 0x07dc sptd - ok
09:58:33.0684 0x07dc [ C4A027B8C0BD3FC0699F41FA5E9E0C87, A709BD7DDF0ACA5CF65B5A541FC6013FF86181138B86D1BF631E4BF5F4F2E266 ] srv C:\Windows\system32\DRIVERS\srv.sys
09:58:33.0743 0x07dc srv - ok
09:58:33.0779 0x07dc [ 414BB592CAD8A79649D01F9D94318FB3, 093F52568B48E94B6C53F2E7F229416B8643DD9CEBB3E41601C64E932E3098F3 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
09:58:33.0790 0x07dc srv2 - ok
09:58:33.0818 0x07dc [ FF207D67700AA18242AAF985D3E7D8F4, CFB36B6AA3D6915D23654FB11E848EC47DA8346F47151BE66967E51101FD4222 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
09:58:33.0841 0x07dc srvnet - ok
09:58:33.0924 0x07dc [ D887C9FD02AC9FA880F6E5027A43E118, F38BAD90EC791368C37C21090302708D2DFB83ECE9096609AD9AA667B2E5592E ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
09:58:33.0935 0x07dc SSDPSRV - ok
09:58:33.0968 0x07dc [ D318F23BE45D5E3A107469EB64815B50, D74355E6FF215AA8CE53BC9DF16AF2740F2FC2FD754939478A3608BDA8C6DDA0 ] SstpSvc C:\Windows\system32\sstpsvc.dll
09:58:33.0974 0x07dc SstpSvc - ok
09:58:34.0011 0x07dc [ DB32D325C192B801DF274BFD12A7E72B, F089DBA719E22BC269720A6B840B873A4AF5639745DB0C3DBC8BD2F2839A1ABA ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
09:58:34.0034 0x07dc stexstor - ok
09:58:34.0272 0x07dc [ A22825E7BB7018E8AF3E229A5AF17221, 5C97557F8BC6ABBB5BE624AE41AAC22C3D845F76C3E930337A4C07B2381086D7 ] StiSvc C:\Windows\System32\wiaservc.dll
09:58:34.0331 0x07dc StiSvc - ok
09:58:34.0359 0x07dc [ 957E346CA948668F2496A6CCF6FF82CC, 5C0E0F0E0F2D36E3213885C60BC3B075AFD2257FEB4B8186FC1FE253E0C218AF ] storflt C:\Windows\system32\drivers\vmstorfl.sys
09:58:34.0389 0x07dc storflt - ok
09:58:34.0522 0x07dc [ D5751969DC3E4B88BF482AC8EC9FE019, DAEB50C0045364C75965B0E94744C6E2E1E85C8D00F1E8A5593F3EC780BDD7D9 ] storvsc C:\Windows\system32\drivers\storvsc.sys
09:58:34.0546 0x07dc storvsc - ok
09:58:34.0593 0x07dc [ E58C78A848ADD9610A4DB6D214AF5224, 1575A90EB22A4FB066459BDA00C6CAC10198C3C8C74493721EC6D34B51F50426 ] swenum C:\Windows\system32\drivers\swenum.sys
09:58:34.0615 0x07dc swenum - ok
09:58:34.0667 0x07dc [ A28BD92DF340E57B024BA433165D34D7, 889CC7FF143C3549982128473FF927CD80CF36485A347EF399C1271C8CE12CE4 ] swprv C:\Windows\System32\swprv.dll
09:58:34.0726 0x07dc swprv - ok
09:58:35.0091 0x07dc [ 04105C8DA62353589C29BDAEB8D88BD8, CC7A3A779A143E09FE5C0AA6795A7B13496C4E121347949CB23F7946EE5E2DED ] SysMain C:\Windows\system32\sysmain.dll
09:58:35.0176 0x07dc SysMain - ok
09:58:35.0248 0x07dc [ FCFB6C552FBC0DA299799CBD50AD9FD4, A2A90829087B1A7F9B57D6F184EB4AE38D10B2986B0DC8D2ACA5EE9412CA3976 ] TabletInputService C:\Windows\System32\TabSvc.dll
09:58:35.0262 0x07dc TabletInputService - ok
09:58:35.0297 0x07dc [ 2F46B0C70A4ADC8C90CF825DA3B4FEAF, FF66CBA014F3F8B721088F5AB3D004C1711E7F587CC8D4AC3DCFB45CDB746800 ] TapiSrv C:\Windows\System32\tapisrv.dll
09:58:35.0316 0x07dc TapiSrv - ok
09:58:35.0346 0x07dc [ B799D9FDB26111737F58288D8DC172D9, 409A60819A4305699E2E492A6190637FAAEBD19E745A5DB2A5D6977106C86591 ] TBS C:\Windows\System32\tbssvc.dll
09:58:35.0356 0x07dc TBS - ok
09:58:35.0496 0x07dc [ BBCEAEFF1FD72A026F827CBB2F4AA8AD, D06B2B340BFF9AB71E2EC1B808079A43A09358495CB583840D79454D4BB1654E ] Tcpip C:\Windows\system32\drivers\tcpip.sys
09:58:35.0570 0x07dc Tcpip - ok
09:58:35.0681 0x07dc [ BBCEAEFF1FD72A026F827CBB2F4AA8AD, D06B2B340BFF9AB71E2EC1B808079A43A09358495CB583840D79454D4BB1654E ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
09:58:35.0737 0x07dc TCPIP6 - ok
09:58:35.0840 0x07dc [ E64444523ADD154F86567C469BC0B17F, FBE8A1DC28C102068183754F6BF0D03F5D18FD24BEB7E4B57D1CFCEBB13B381F ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
09:58:35.0864 0x07dc tcpipreg - ok
09:58:35.0906 0x07dc [ 1875C1490D99E70E449E3AFAE9FCBADF, FFDF03826DAB748D51B53B648B632E79B3CD6238F684FDEA749B4D0F93BE5A77 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
09:58:35.0908 0x07dc TDPIPE - ok
09:58:35.0942 0x07dc [ 7156308896D34EA75A582F9A09E50C17, B5663B4035EE4D7957D2EDB4F9D3342806CB0E094D9661C6BD6AFC031160F176 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
09:58:35.0973 0x07dc TDTCP - ok
09:58:36.0030 0x07dc [ CB39E896A2A83702D1737BFD402B3542, FA77D98EA3606CA2FCEF0E0949FDE2C32A080B47CAFDE46CE903CA3CBFC5DF35 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
09:58:36.0038 0x07dc tdx - ok
09:58:36.0067 0x07dc [ C36F41EE20E6999DBF4B0425963268A5, 9DB789A17DF2C283D6E803EEA15F2BDFC56EE3BE342A5606DD5C179C3550ECA6 ] TermDD C:\Windows\system32\drivers\termdd.sys
09:58:36.0069 0x07dc TermDD - ok
09:58:36.0241 0x07dc [ A01E50A04D7B1960B33E92B9080E6A94, 0512BF11F2FD62BDBD2B1AA34D509BE82AC374C37B925C8C0ED119C6331930FD ] TermService C:\Windows\System32\termsrv.dll
09:58:36.0293 0x07dc TermService - ok
09:58:36.0311 0x07dc [ 42FB6AFD6B79D9FE07381609172E7CA4, B57C85091209A2FAD19ED490B8FA7FC98F12911F9C9CACE9AF1E540780CE6700 ] Themes C:\Windows\system32\themeservice.dll
09:58:36.0323 0x07dc Themes - ok
09:58:36.0358 0x07dc [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] THREADORDER C:\Windows\system32\mmcss.dll
09:58:36.0388 0x07dc THREADORDER - ok
09:58:36.0462 0x07dc [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A, 532A3A812578B2DFD83001DE66FC73689D79EC729409EB572E07E6D65B281712 ] TrkWks C:\Windows\System32\trkwks.dll
09:58:36.0486 0x07dc TrkWks - ok
09:58:36.0673 0x07dc [ 41A4C781D2286208D397D72099304133, 447CAAD5589AA499EEE49FBA2CB53210359DB76AFF1DF2F0BD4D92A397037C1D ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
09:58:36.0723 0x07dc TrustedInstaller - ok
09:58:36.0796 0x07dc [ 98AE6FA07D12CB4EC5CF4A9BFA5F4242, 9606DACB8CBDAF520282BE8C8F064535767405F138D9E9A215D2C59183E93CC1 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
09:58:36.0820 0x07dc tssecsrv - ok
09:58:36.0864 0x07dc [ 3E461D890A97F9D4C168F5FDA36E1D00, 82A8778F404F7AC5102802CF46F279F1E58AC74244665D06FD0C68A8BD887536 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
09:58:36.0868 0x07dc tunnel - ok
09:58:36.0900 0x07dc [ 750FBCB269F4D7DD2E420C56B795DB6D, E1A95C59148FE463539C34336FD0E74B31A33B8AB2B8E34AA10349C3347471D7 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
09:58:36.0931 0x07dc uagp35 - ok
09:58:36.0963 0x07dc [ 09CC3E16F8E5EE7168E01CF8FCBE061A, 81EEAC72A7C4D72666C743DEFF8096FDB465AA1FA8076C60D19CC192846F01CA ] udfs C:\Windows\system32\DRIVERS\udfs.sys
09:58:37.0016 0x07dc udfs - ok
09:58:37.0101 0x07dc [ 8344FD4FCE927880AA1AA7681D4927E5, 1B54EFA60A221E2B9FFE59BB41C7E7D8B5AC6826F1C5577456D81371D464255A ] UI0Detect C:\Windows\system32\UI0Detect.exe
09:58:37.0125 0x07dc UI0Detect - ok
09:58:37.0179 0x07dc [ 44E8048ACE47BEFBFDC2E9BE4CBC8880, 5D96D90FDF68AE470CC92CA9DF9DA2C05A53EF455A5A109DBBF7C96F3238257C ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
09:58:37.0207 0x07dc uliagpkx - ok
09:58:37.0277 0x07dc [ 049B3A50B3D646BAEEEE9EEC9B0668DC, 5774438BBD0976424C20559E14BA2AC158D9FF5D4E1FDC1C9C9F4D7A5CE8C377 ] umbus C:\Windows\system32\drivers\umbus.sys
09:58:37.0280 0x07dc umbus - ok
09:58:37.0312 0x07dc [ 7550AD0C6998BA1CB4843E920EE0FEAC, 24C001E422C3B3B920CDCF6003A3179CE464DE4284775403DD5122EF9780460D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
09:58:37.0313 0x07dc UmPass - ok
09:58:37.0399 0x07dc [ 8ECACA5454844F66386F7BE4AE0D7CD1, F3B02A9F598C6A9EFA019F5833959DD1A86FDFDB9FDDF99A8687BBB6211AAD00 ] UmRdpService C:\Windows\System32\umrdp.dll
09:58:37.0427 0x07dc UmRdpService - ok
09:58:37.0475 0x07dc [ 833FBB672460EFCE8011D262175FAD33, C0C3067A305993CBF056C229771CB0593DD60C9C7AC5130FF1CA610BCA812AB5 ] upnphost C:\Windows\System32\upnphost.dll
09:58:37.0526 0x07dc upnphost - ok
09:58:37.0551 0x07dc [ C31AE588E403042632DC796CF09E30B0, 3EA64F9637D6F0AFC9DA70775AC6598828CB289BC1F7B028B3CC22878A443F30 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
09:58:37.0555 0x07dc usbccgp - ok
09:58:37.0597 0x07dc [ 04EC7CEC62EC3B6D9354EEE93327FC82, 6CB41D8644618A5F701F6CA91FB65BB94AA83EA48992133B5262DC539B334B2E ] usbcir C:\Windows\system32\drivers\usbcir.sys
09:58:37.0602 0x07dc usbcir - ok
09:58:37.0622 0x07dc [ E4C436D914768CE965D5E659BA7EEBD8, 4FE0B360D2FE4C8B1D3FA5BD9A0E24CA6C186CD99B72EA58F6B669FABB0B1269 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
09:58:37.0624 0x07dc usbehci - ok
09:58:37.0692 0x07dc [ BDCD7156EC37448F08633FD899823620, 557A6E8B1CD43213FCCB247DEC9EEBC12F263DA13CFF72DEE724E830F7F22C33 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
09:58:37.0726 0x07dc usbhub - ok
09:58:37.0753 0x07dc [ EB2D819A639015253C871CDA09D91D58, E65757F3D162F26012BF9E16ECA0688BBCAE633AFFD1CE07083A3306376A4E82 ] usbohci C:\Windows\system32\drivers\usbohci.sys
09:58:37.0755 0x07dc usbohci - ok
09:58:37.0793 0x07dc [ 797D862FE0875E75C7CC4C1AD7B30252, 1BBE745E4C85F8911076F6032ACD7A35FAC048D3CB1500C64E08D8B2C70A1069 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
09:58:37.0795 0x07dc usbprint - ok
09:58:37.0820 0x07dc [ 1C4287739A93594E57E2A9E6A3ED7353, FCA7D01D7A699B2C3514FD30D534C9ABA975D4AC2543546D94BEB224834BCA54 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
09:58:37.0824 0x07dc USBSTOR - ok
09:58:37.0851 0x07dc [ 22480BF4E5A09192E5E30BA4DDE79FA4, E5CB29CD419009AC0F641E50E8B0E0B7FF6AD68ADB48A959FFD07A37FCF7B9BE ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
09:58:37.0853 0x07dc usbuhci - ok
09:58:37.0953 0x07dc [ B5F6A992D996282B7FAE7048E50AF83A, CE8A3096DB78BD7E660A7B544AD3EE25AE747B3A63359D55B480B7FF1B6BEE8B ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
09:58:38.0004 0x07dc usbvideo - ok
09:58:38.0034 0x07dc [ 081E6E1C91AEC36758902A9F727CD23C, 9FDAA17A3B99067E035E5D76305427F15FFDBC5D304B2BB78AFC6463EDDE1A75 ] UxSms C:\Windows\System32\uxsms.dll
09:58:38.0039 0x07dc UxSms - ok
09:58:38.0049 0x07dc [ C2243FF9E9AAD0C30E8B1A0914DA15B6, CD01BD44659FDAA6FE8679D0F76748409680A4F4885905EA56F655C60DDEC01F ] VaultSvc C:\Windows\system32\lsass.exe
09:58:38.0052 0x07dc VaultSvc - ok
09:58:38.0080 0x07dc [ A059C4C3EDB09E07D21A8E5C0AABD3CB, BDD3729B49DF2E2FC72FFEF9D10235B481A671DE5A721B6B9A80873B7A343F07 ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
09:58:38.0082 0x07dc vdrvroot - ok
09:58:38.0133 0x07dc [ 8C4E7C49D3641BC9E299E466A7F8867D, 4F2E742EFE2DE47EE187B3BCDFDCB525FE484B74700A226D7894F9633F957AFA ] vds C:\Windows\System32\vds.exe
09:58:38.0176 0x07dc vds - ok
09:58:38.0214 0x07dc [ 17C408214EA61696CEC9C66E388B14F3, 829C0416672E2B2DFABCFE641E7F281F41E8DBB3C0EF11C7784CB9BB94F87E97 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
09:58:38.0243 0x07dc vga - ok
09:58:38.0271 0x07dc [ 8E38096AD5C8570A6F1570A61E251561, 4DBA3C1397A2203548F45F006E66D99F837903F601ABBCE2304754F783CA8A39 ] VgaSave C:\Windows\System32\drivers\vga.sys
09:58:38.0278 0x07dc VgaSave - ok
09:58:38.0304 0x07dc [ 3BE6E1F3A4F1AFEC8CEE0D7883F93583, 33DF8F7C9A3176175113CA10D69FAF17A5412C055943F14DDC9923531FADB82D ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
09:58:38.0310 0x07dc vhdmp - ok
09:58:38.0346 0x07dc [ C829317A37B4BEA8F39735D4B076E923, 55D1796AE750071E1E05BD7702B6C355CCFFE27B4C00E93E7044C3184732B497 ] viaagp C:\Windows\system32\drivers\viaagp.sys
09:58:38.0349 0x07dc viaagp - ok
09:58:38.0383 0x07dc [ E02F079A6AA107F06B16549C6E5C7B74, B530DCE3EE4F285B3D5F69F7148D17E016D54F04E6F93706B829A34567748788 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
09:58:38.0386 0x07dc ViaC7 - ok
09:58:38.0413 0x07dc [ E43574F6A56A0EE11809B48C09E4FD3C, 3687BF638E21C00E62ABFED70D728B91ADA08F7164CA898E654F31DA196589E9 ] viaide C:\Windows\system32\drivers\viaide.sys
09:58:38.0415 0x07dc viaide - ok
09:58:38.0488 0x07dc [ 379B349F65F453D2A6E75EA6B7448E49, F52B1B3AE9F5D38B45C889A7B1EBE59533C17E73678D355D1466B5EF3338BF16 ] vmbus C:\Windows\system32\drivers\vmbus.sys
09:58:38.0506 0x07dc vmbus - ok
09:58:38.0518 0x07dc [ EC2BBAB4B84D0738C6C83D2234DC36FE, 8BA2FA187DAC6994D5A29897AE5F46E6424FB53C827553E0BB148E31825D6676 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
09:58:38.0522 0x07dc VMBusHID - ok
09:58:38.0563 0x07dc [ 9B4C3481CD420BB22EC0EDE7D96226C1, 7E5A5939C39D8D0006A78FA6A4D411E02573A98320DCA973109710CC6A2BDF96 ] VMUVC C:\Windows\system32\Drivers\VMUVC.sys
09:58:38.0613 0x07dc VMUVC - ok
09:58:38.0637 0x07dc [ 384E5A2AA49934295171E499F86BA6F3, C79271F98506392422325C075144F45436F9979FE1E002B57F9426F3DA96CEF0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
09:58:38.0640 0x07dc volmgr - ok
09:58:38.0679 0x07dc [ B5BB72067DDDDBBFB04B2F89FF8C3C87, 65B9AD55F43940A5FDD88B6EC5034A7E375DF8E6F5F1AE6519A4BD6B7E992EBC ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
09:58:38.0697 0x07dc volmgrx - ok
09:58:38.0761 0x07dc [ 59F06B4968E58BC83DFC56CA4517960E, F0ACE8D5F30B8C81E4FDE0CEBDBA71A212A3198ED09D92B2B40C48FBB243D3F5 ] volsnap C:\Windows\system32\drivers\volsnap.sys
09:58:38.0823 0x07dc volsnap - ok
09:58:38.0868 0x07dc [ 9DFA0CC2F8855A04816729651175B631, 37FD9E43A2A3F125E94A315FB4CD8A1B5499A5FD74806EB2D1E5DA88C070D3A3 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
09:58:38.0874 0x07dc vsmraid - ok
09:58:38.0932 0x07dc [ 7EA2BCD94D9CFAF4C556F5CC94532A6C, 7CD6637BE0A08E3B0F9991D79751DCA8AEC9224B83301821DAA29C9F42B7A9E3 ] VSS C:\Windows\system32\vssvc.exe
09:58:39.0011 0x07dc VSS - ok
09:58:39.0210 0x07dc [ D3EE7CC6B0C29083A874DB9D890BCEB5, 6F75CFCD91F45C6559D65315EC4B9D73F7AD278C632B733B47382F23F6DDD9B1 ] vvftUVC C:\Windows\system32\drivers\vvftUVC.sys
09:58:39.0286 0x07dc vvftUVC - ok
09:58:39.0308 0x07dc [ 90567B1E658001E79D7C8BBD3DDE5AA6, EFC23BEEA7F54A2DC56CB523DAD1AF0358D904C5278BF08873910E2DB3F13557 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
09:58:39.0311 0x07dc vwifibus - ok
09:58:39.0336 0x07dc [ 55187FD710E27D5095D10A472C8BAF1C, AE298E2D3BA366BCBDC092C717214C181E8843FA564A6DFB07FC3238A5A68DC3 ] W32Time C:\Windows\system32\w32time.dll
09:58:39.0361 0x07dc W32Time - ok
09:58:39.0395 0x07dc [ DE3721E89C653AA281428C8A69745D90, 501C78056ED4295625D8A5412025FD2F0CA24077044D3A5800BA79DF3D946516 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
09:58:39.0409 0x07dc WacomPen - ok
09:58:39.0447 0x07dc [ 692A712062146E96D28BA0B7D75DE31B, B6D260272330E0C8EBFAD8F09212F48F1EFED42E6BD3F29A5780D0B691D55B34 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
09:58:39.0450 0x07dc WANARP - ok
09:58:39.0456 0x07dc [ 692A712062146E96D28BA0B7D75DE31B, B6D260272330E0C8EBFAD8F09212F48F1EFED42E6BD3F29A5780D0B691D55B34 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
09:58:39.0461 0x07dc Wanarpv6 - ok
09:58:40.0076 0x07dc [ 7790B77FE1E5EE47DCC66247095BB4C9, FFB541F83CDE32E65007D41217C2F46CDDF68121E2846B638EAB620ACA940B05 ] wbengine C:\Windows\system32\wbengine.exe
09:58:40.0152 0x07dc wbengine - ok
09:58:40.0288 0x07dc [ 9614B5D29DC76AC3C29F6D2D3AA70E67, A2FFB92F0030B4CD771E862DA575ECCF2F3A5B4B85858C1241A0C59262C0EC88 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
09:58:40.0334 0x07dc WbioSrvc - ok
09:58:40.0442 0x07dc [ 6D9B75275C3E3A5F51AEF81AFFADB2B6, 0805471A57DDF1974F3F7B36B0DD843731C608D10A1C00B01E6E9D0460098E1A ] wcncsvc C:\Windows\System32\wcncsvc.dll
09:58:40.0464 0x07dc wcncsvc - ok
09:58:40.0500 0x07dc [ 5D930B6357A6D2AF4D7653BDABBF352F, 677FF2ED14EE0B0CAA710DA81556CC16D5971DAB10E7C7432D167A87CA6F0EAA ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
09:58:40.0529 0x07dc WcsPlugInService - ok
09:58:40.0577 0x07dc [ 1112A9BADACB47B7C0BB0392E3158DFF, 1AE2AFA125973571F91E6945FE8A735F63D76EBB250A0075D98C580167FD9ED4 ] Wd C:\Windows\system32\DRIVERS\wd.sys
09:58:40.0606 0x07dc Wd - ok
09:58:40.0774 0x07dc [ 9950E3D0F08141C7E89E64456AE7DC73, DE4B96812B305A63F5874BBF2DC40354FB45B3D96C1D33436E677099760BA448 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
09:58:40.0852 0x07dc Wdf01000 - ok
09:58:40.0873 0x07dc [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] WdiServiceHost C:\Windows\system32\wdi.dll
09:58:40.0886 0x07dc WdiServiceHost - ok
09:58:40.0931 0x07dc [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] WdiSystemHost C:\Windows\system32\wdi.dll
09:58:40.0937 0x07dc WdiSystemHost - ok
09:58:41.0007 0x07dc [ BB5EC38F8D4600119B4720BC5D4211F1, F04F823A9FE77704F38D773C7350C71727C5E3309CD1EC754519C826A4599476 ] WebClient C:\Windows\System32\webclnt.dll
09:58:41.0041 0x07dc WebClient - ok
09:58:41.0114 0x07dc [ 760F0AFE937A77CFF27153206534F275, A53940BA28854486FF18F16B98A3314B36322B0B6EFB54D08B921315BEB0ADD5 ] Wecsvc C:\Windows\system32\wecsvc.dll
09:58:41.0135 0x07dc Wecsvc - ok
09:58:41.0162 0x07dc [ AC804569BB2364FB6017370258A4091B, 1856F354146A5946F3E7D0DD09726FC8A3502B0F0776FEADDF10669C81CC28E2 ] wercplsupport C:\Windows\System32\wercplsupport.dll
09:58:41.0191 0x07dc wercplsupport - ok
09:58:41.0241 0x07dc [ 08E420D873E4FD85241EE2421B02C4A4, E1E9436EB096FF7DE9A76DA6217035257EF9FC7565DDB9016DCA3859E7F1EF0F ] WerSvc C:\Windows\System32\WerSvc.dll
09:58:41.0308 0x07dc WerSvc - ok
09:58:41.0360 0x07dc [ 8B9A943F3B53861F2BFAF6C186168F79, 88E2F79F32AFBA17CB8377A508B83A1EC2315E9F3A365F591C87FE4525AA6713 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
09:58:41.0362 0x07dc WfpLwf - ok
09:58:41.0403 0x07dc [ 5CF95B35E59E2A38023836FFF31BE64C, CEA21302B3E855EE592810D4E0DE10E47A47A393064C435463CD54598735CD8D ] WIMMount C:\Windows\system32\drivers\wimmount.sys
09:58:41.0416 0x07dc WIMMount - ok
09:58:41.0639 0x07dc [ 7F7161507C1FDBDAB71941D3BA9636B6, 2C7ACE165B378381FD06BC6D17899809D73FAA6DF18495C70356395564E8E9CC ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
09:58:41.0731 0x07dc WinDefend - ok
09:58:41.0802 0x07dc WinHttpAutoProxySvc - ok
09:58:41.0910 0x07dc [ F62E510B6AD4C21EB9FE8668ED251826, FA3E5CAC3E67E49377320CFBE4646585E6B62168292768FEA81E4623F9166890 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
09:58:41.0919 0x07dc Winmgmt - ok
09:58:42.0110 0x07dc [ C4F5D3901D1B41D602DDC196E0B95B51, 20FF2A9DEE3ECBFB163DFA62A407E30ED49F609EF46936F286C2A08A24EA3E7C ] WinRM C:\Windows\system32\WsmSvc.dll
09:58:42.0179 0x07dc WinRM - ok
09:58:42.0235 0x07dc [ 30FC6E5448D0CBAAA95280EEEF7FEDAE, 04374450882504D9031951F4E9317E5A128EBA5A22A3555ACD28BC742861AF9C ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
09:58:42.0243 0x07dc WinUsb - ok
09:58:42.0460 0x07dc [ 16935C98FF639D185086A3529B1F2067, E9C6B73A572A04FCE9B1B0E6815F941B10332D9A6D55B92927C2B1275F119091 ] Wlansvc C:\Windows\System32\wlansvc.dll
09:58:42.0510 0x07dc Wlansvc - ok
09:58:42.0750 0x07dc [ 5E7C103F8475C4289847D15E129C20F7, C6325D3557545FA1DA26B0B1EA9A1C95AED1FA84A93BE29A771DAD9ECB00768B ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
09:58:42.0818 0x07dc wlidsvc - ok
09:58:42.0875 0x07dc [ 0217679B8FCA58714C3BF2726D2CA84E, 4494984B922DCF24D37BCD0E6831CEBD07D1CA49235D04E821D17ED3DF84ED2A ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
09:58:42.0878 0x07dc WmiAcpi - ok
09:58:42.0930 0x07dc [ 6EB6B66517B048D87DC1856DDF1F4C3F, EBB534C4829477C70062ADBB5626236B02FE563A544C53FA255E79F3CA170FE8 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
09:58:42.0936 0x07dc wmiApSrv - ok
09:58:43.0064 0x07dc [ 77FBD400984CF72BA0FC4B3489D65F74, 9AA404F17177FEB43A9EA1A86061B452E7C4A93C873E61B68269047519CD433E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
09:58:43.0123 0x07dc WMPNetworkSvc - ok
09:58:43.0163 0x07dc [ A2F0EC770A92F2B3F9DE6D518E11409C, 6838F2148B11285E00DC449D51F8AD85AAE57694E89BA2C607B87AC1C650D845 ] WPCSvc C:\Windows\System32\wpcsvc.dll
09:58:43.0175 0x07dc WPCSvc - ok
09:58:43.0224 0x07dc [ B7F658A2EBC07129538AD9AB35212637, 86774A760189E4B126C972A778F890C00C1C30EDD28044DD43B40644A8778B4D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
09:58:43.0245 0x07dc WPDBusEnum - ok
09:58:43.0285 0x07dc [ 6DB3276587B853BF886B69528FDB048C, 9972FF6DF0DF6F86D1E9BCEF4C29064748B217DA196B0633C30D3D580144951C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
09:58:43.0294 0x07dc ws2ifsl - ok
09:58:43.0618 0x07dc [ A661A76333057B383A06E65F0073222F, B25AEC2B668C61F2E1C6F7AD27706EE10F8B04F09B5D069784131A6B8B5DF570 ] wscsvc C:\Windows\system32\wscsvc.dll
09:58:43.0640 0x07dc wscsvc - ok
09:58:43.0646 0x07dc WSearch - ok
09:58:44.0457 0x07dc [ D9B0134913E5EF007AF82A418C503322, 7418DD28C8E968674382F8352AAFFC4DE77887E2B71B8844D615F19432B4C55A ] wuauserv C:\Windows\system32\wuaueng.dll
09:58:44.0592 0x07dc wuauserv - ok
09:58:44.0659 0x07dc [ 6F9B6C0C93232CFF47D0F72D6DB1D21E, C685A458951820ED0F09E6197251CE6FC55AAB75D4FBEFF2992805309239A47A ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
09:58:44.0677 0x07dc WudfPf - ok
09:58:44.0755 0x07dc [ F91FF1E51FCA30B3C3981DB7D5924252, D7052B58F22638CA8B59C6FD7408D6D6DD1C33910912CACC05C133472CE0DDCE ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
09:58:44.0761 0x07dc WUDFRd - ok
09:58:44.0793 0x07dc [ DDEE3682FE97037C45F4D7AB467CB8B6, D5A8F07AF4EDD9D7E17FEC6222D187E2981C177A479511E407756E0E5CB8D387 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
09:58:44.0815 0x07dc wudfsvc - ok
09:58:44.0867 0x07dc [ FF2D745B560F7C71B31F30F4D49F73D2, B2FBF7E5F58E34AC64FE6CF65800F1F07939279203BDE89375FAC92B884A4F37 ] WwanSvc C:\Windows\System32\wwansvc.dll
09:58:44.0887 0x07dc WwanSvc - ok
09:58:44.0936 0x07dc ================ Scan global ===============================
09:58:45.0062 0x07dc [ 9A595DF601070DA78C40481120DD2C06, 4C2D6216F212DE9346339ED29152962A39E4435E70F18DD655156727E70818F6 ] C:\Windows\system32\basesrv.dll
09:58:45.0137 0x07dc [ 8531AAF69394EFB93BC653916C46D245, 0DD9319AB0E4A714EB51989B2458E46D77F4776DBAD9F65CFA55662BAFB82CD9 ] C:\Windows\system32\winsrv.dll
09:58:45.0187 0x07dc [ 8531AAF69394EFB93BC653916C46D245, 0DD9319AB0E4A714EB51989B2458E46D77F4776DBAD9F65CFA55662BAFB82CD9 ] C:\Windows\system32\winsrv.dll
09:58:45.0245 0x07dc [ 364455805E64882844EE9ACB72522830, 906561DBBB33F744844CF27E456226044C85DF0FCFD26DE1FD11E09E2CFA6F8F ] C:\Windows\system32\sxssrv.dll
09:58:45.0378 0x07dc [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6, D7BC4ED605B32274B45328FD9914FB0E7B90D869A38F0E6F94FB1BF4E9E2B407 ] C:\Windows\system32\services.exe
09:58:45.0411 0x07dc [ Global ] - ok
09:58:45.0414 0x07dc ================ Scan MBR ==================================
09:58:45.0432 0x07dc [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
09:58:46.0263 0x07dc \Device\Harddisk0\DR0 - ok
09:58:46.0264 0x07dc ================ Scan VBR ==================================
09:58:46.0276 0x07dc [ 6E2CE195E33DB293580A5104167D23BB ] \Device\Harddisk0\DR0\Partition1
09:58:46.0278 0x07dc \Device\Harddisk0\DR0\Partition1 - ok
09:58:46.0303 0x07dc [ E491907AD52CC8B9C993F8E2716AC41A ] \Device\Harddisk0\DR0\Partition2
09:58:46.0321 0x07dc \Device\Harddisk0\DR0\Partition2 - ok
09:58:46.0349 0x07dc [ C3D5DEE6F0FD3F6277DEFA4238427BDA ] \Device\Harddisk0\DR0\Partition3
09:58:46.0368 0x07dc \Device\Harddisk0\DR0\Partition3 - ok
09:58:46.0369 0x07dc ================ Scan generic autorun ======================
09:58:46.0992 0x07dc [ 7355E57B18A66C76FAD46895D86613EE, C807AF80AAE84268A1ECE52528F0FF2C73BAC6D7D170BEA07E6E0F3DBFDFA68D ] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
09:58:47.0233 0x07dc RtHDVCpl - ok
09:58:47.0460 0x07dc [ A7639314CA87DB6FDDD1C407590411ED, 86DB9918453495D7B5A31DBCA3EE99E8875E0F6490744683BE0795F6F1962C4D ] C:\Program Files\360\Total Security\safemon\QHSafeTray.exe
09:58:47.0509 0x07dc QHSafeTray - ok
09:58:47.0989 0x07dc [ A4CF2FE79118576603A012BB14D76452, 10481222E1E789A3BA85B817315639094B4E7CC388EE48818D5D7741186CD0CF ] C:\Users\Boris\AppData\Roaming\uTorrent\uTorrent.exe
09:58:48.0186 0x07dc uTorrent - ok
09:58:48.0192 0x07dc Waiting for KSN requests completion. In queue: 56
09:58:49.0193 0x07dc Waiting for KSN requests completion. In queue: 56
09:58:50.0193 0x07dc Waiting for KSN requests completion. In queue: 56
09:58:51.0308 0x07dc AV detected via SS2: 360 Total Security, C:\Program Files\360\Total Security\safemon\QHSafeTray.exe ( 8.8.0.1001 ), 0x51000 ( enabled : updated )
09:58:51.0379 0x07dc Win FW state via NFP2: enabled ( trusted )
09:58:54.0264 0x07dc ============================================================
09:58:54.0264 0x07dc Scan finished
09:58:54.0264 0x07dc ============================================================
09:58:54.0287 0x0370 Detected object count: 0
09:58:54.0287 0x0370 Actual detected object count: 0
09:59:38.0191 0x0a44 Deinitialize success

Dopuna: 03 Nov 2017 10:02

https://www.mycity.rs/must-login.png

offline
  • Pridružio: 14 Jun 2016
  • Poruke: 535

Molim te obavi novi Scan FRST-om i pazi da Addition.txt bude označen. Kakvo je stanje trenutačno?

offline
  • boksi  Male
  • Ugledni građanin
  • Pridružio: 11 Jun 2008
  • Poruke: 474

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 02-11-2017 02
Ran by Boris (administrator) on BORIS-PC (03-11-2017 13:15:15)
Running from C:\Users\Boris\Desktop
Loaded Profiles: Boris (Available Profiles: Boris)
Platform: Microsoft Windows 7 Ultimate (X86) Language: English (United States)
Internet Explorer Version 9 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-t.....scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(QIHU 360 SOFTWARE CO. LIMITED) C:\Program Files\360\Total Security\safemon\QHActiveDefense.exe
() C:\ProgramData\MySampleService\sys.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.33.5\GoogleCrashHandler.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
() C:\Program Files\360\Total Security\safemon\QHSafeTray.exe
(BitTorrent Inc.) C:\Users\Boris\AppData\Roaming\uTorrent\uTorrent.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(BitTorrent Inc.) C:\Users\Boris\AppData\Roaming\uTorrent\updates\3.5.0_44090\utorrentie.exe
(BitTorrent Inc.) C:\Users\Boris\AppData\Roaming\uTorrent\updates\3.5.0_44090\utorrentie.exe
(QIHU 360 SOFTWARE CO. LIMITED) C:\Program Files\360\Total Security\safemon\QHWatchdog.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Qihu 360 Software Co., Ltd.) C:\Program Files\360\Total Security\safemon\chrome\360webshield.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [6711840 2009-01-13] (Realtek Semiconductor)
HKLM\...\Run: [QHSafeTray] => C:\Program Files\360\Total Security\safemon\QHSafeTray.exe [1153448 2017-06-06] ()
HKU\S-1-5-21-2103478201-806380249-2024604306-1000\...\Run: [uTorrent] => C:\Users\Boris\AppData\Roaming\uTorrent\uTorrent.exe [1982144 2017-09-29] (BitTorrent Inc.)
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [280576 2013-05-27] (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 89.216.1.40 89.216.1.50
Tcpip\Parameters: [NameServer] 8.8.8.8,8.8.8.4
Tcpip\..\Interfaces\{79DC8D92-019E-4A94-8F91-3F1CC53E2DFC}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{79DC8D92-019E-4A94-8F91-3F1CC53E2DFC}: [DhcpNameServer] 89.216.1.40 89.216.1.50
ManualProxies:

Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-26] (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2006-10-26] (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2017-07-18] (Skype Technologies)

FireFox:
========
FF DefaultProfile: mhunkkbi.default
FF ProfilePath: C:\Users\Boris\AppData\Roaming\Mozilla\Firefox\Profiles\mhunkkbi.default [2017-11-03]
FF user.js: detected! => C:\Users\Boris\AppData\Roaming\Mozilla\Firefox\Profiles\mhunkkbi.default\user.js [2017-07-12]
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\mhunkkbi.default -> Yahoo®
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\mhunkkbi.default -> Yahoo®
FF Extension: (Firefox Hotfix) - C:\Users\Boris\AppData\Roaming\Mozilla\Firefox\Profiles\mhunkkbi.default\Extensions\firefox-hotfix@mozilla.org.xpi [2017-03-11]
FF Extension: (Media Stealer) - C:\Users\Boris\AppData\Roaming\Mozilla\Firefox\Profiles\mhunkkbi.default\Extensions\stealer@physacco.com.xpi [2016-05-08]
FF Extension: (Media Converter) - C:\Users\Boris\AppData\Roaming\Mozilla\Firefox\Profiles\mhunkkbi.default\Extensions\{6e764c17-863a-450f-bdd0-6772bd5aaa18}.xpi [2017-05-13]
FF Extension: (Video DownloadHelper) - C:\Users\Boris\AppData\Roaming\Mozilla\Firefox\Profiles\mhunkkbi.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2017-11-02]
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_27_0_0_183.dll [2017-10-25] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1204144.dll [2013-09-05] (Adobe Systems, Inc.)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-30] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-30] (Google Inc.)
FF Plugin: @verimatrix.com/ViewRightWeb -> C:\Program Files\Verimatrix\ViewRight Web\\npViewRight.dll [2015-04-06] (Verimatrix, Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-08-10] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2103478201-806380249-2024604306-1000: @verimatrix.com/ViewRightWeb -> C:\Program Files\Verimatrix\ViewRight Web\\npViewRight.dll [2015-04-06] (Verimatrix, Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Boris\AppData\Local\Google\Chrome\User Data\Default [2017-11-03]
CHR Extension: (Free Download Manager Chrome extension) - C:\Users\Boris\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahmpjcflkgiildlgicmcieglgoilbfdp [2017-05-13]
CHR Extension: (Docs) - C:\Users\Boris\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12]
CHR Extension: (Wicked Big Search) - C:\Users\Boris\AppData\Local\Google\Chrome\User Data\Default\Extensions\apjoojdnehgjibaldogalpcdkmdhlafi [2015-12-04]
CHR Extension: (Adobe Acrobat) - C:\Users\Boris\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-04]
CHR Extension: (AdBlock) - C:\Users\Boris\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-10-21]
CHR Extension: (360 Internet Protection) - C:\Users\Boris\AppData\Local\Google\Chrome\User Data\Default\Extensions\glcimepnljoholdmjchkloafkggfoijh [2017-08-24]
CHR Extension: (Skype) - C:\Users\Boris\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2017-07-30]
CHR Extension: (Lightshot (screenshot tool)) - C:\Users\Boris\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbniclmhobmnbdlbpiphghaielnnpgdp [2017-08-17]
CHR Extension: (Video Converter) - C:\Users\Boris\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcjjnhgakghmggnimjkldjmmpabhnhne [2016-02-03]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Boris\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-22]
CHR Extension: (ImTranslator: Translator, Dictionary, TTS) - C:\Users\Boris\AppData\Local\Google\Chrome\User Data\Default\Extensions\noaijdpnepcgjemiklgfkcfbkokogabh [2017-11-01]
CHR Extension: (Chrome Media Router) - C:\Users\Boris\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-09-27]
CHR HKLM\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [glcimepnljoholdmjchkloafkggfoijh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [68096 2012-04-21] () [File not signed]
R2 My Sample Service; C:\ProgramData\MySampleService\sys.exe [334336 2017-11-01] () [File not signed]
R2 QHActiveDefense; C:\Program Files\360\Total Security\safemon\QHActiveDefense.exe [928168 2017-06-06] (QIHU 360 SOFTWARE CO. LIMITED)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 360AntiHacker; C:\Windows\System32\Drivers\360AntiHacker.sys [150976 2017-06-06] (360.cn)
R3 360AvFlt; C:\Windows\System32\DRIVERS\360AvFlt.sys [74472 2017-06-06] (360.cn)
R1 360Box; C:\Windows\System32\DRIVERS\360Box.sys [214464 2017-06-06] (360.cn)
R1 360Camera; C:\Windows\System32\Drivers\360Camera.sys [43456 2017-06-06] (360.cn)
R1 360SelfProtection; C:\Windows\System32\drivers\360SelfProtection.sys [192704 2017-06-06] (360安全中心)
S3 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [26032 2014-04-09] (Wondershare)
R1 BAPIDRV; C:\Windows\System32\DRIVERS\BAPIDRV.sys [190400 2017-06-06] (360.cn)
S3 BthAvrcp; C:\Windows\System32\DRIVERS\BthAvrcp.sys [22528 2009-08-13] (CSR, plc)
R1 EfiMon; C:\Windows\System32\Drivers\Efimon.sys [40568 2017-06-06] (360.cn)
S3 gdrv; C:\Windows\gdrv.sys [16608 2017-04-27] (Windows (R) 2000 DDK provider)
R0 HookPort; C:\Windows\System32\Drivers\Hookport.sys [73664 2017-06-06] (360安全中心)
R1 qutmdserv; C:\Windows\System32\DRIVERS\qutmdrv.sys [329152 2017-06-06] (360.cn)
R1 qutmipc; C:\Windows\system32\drivers\qutmipc.sys [70720 2017-06-06] (360.cn)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [320120 2014-01-26] (Duplex Secure Ltd.)
R3 VMUVC; C:\Windows\System32\Drivers\VMUVC.sys [256512 2008-08-29] (Vimicro Corporation)
R3 vvftUVC; C:\Windows\System32\drivers\vvftUVC.sys [398720 2008-07-01] (Vimicro Corporation)
S3 anvsnddrv; system32\drivers\anvsnddrv.sys [X]
S3 mcdbus; system32\DRIVERS\mcdbus.sys [X]
S2 npf; \??\C:\Windows\system32\drivers\npf.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-11-03 13:15 - 2017-11-03 13:16 - 000012690 _____ C:\Users\Boris\Desktop\FRST.txt
2017-11-03 09:57 - 2017-11-03 09:59 - 000195162 _____ C:\TDSSKiller.3.1.0.15_03.11.2017_09.57.43_log.txt
2017-11-03 09:57 - 2017-11-03 09:56 - 004922400 _____ (AO Kaspersky Lab) C:\Users\Boris\Desktop\tdsskiller.exe
2017-11-03 09:50 - 2017-11-03 12:50 - 000001184 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-11-03 09:50 - 2017-11-03 12:50 - 000001184 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-11-03 09:44 - 2017-11-02 20:16 - 001799680 _____ (Farbar) C:\Users\Boris\Desktop\FRST.exe
2017-11-02 00:43 - 2017-11-02 07:57 - 000170200 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-11-02 00:43 - 2017-11-02 00:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2017-11-02 00:43 - 2016-03-10 14:09 - 000053120 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2017-11-02 00:43 - 2016-03-10 14:08 - 000126336 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2017-11-02 00:42 - 2017-11-02 00:43 - 000000000 ____D C:\Users\Boris\AppData\Roaming\Malwarebytes
2017-11-02 00:13 - 2017-11-03 13:15 - 000000000 ____D C:\FRST
2017-11-01 21:54 - 2017-11-01 21:54 - 000000002 _____ C:\Users\Boris\Documents\notes.json
2017-11-01 21:40 - 2017-11-01 21:40 - 000000000 ____D C:\ProgramData\LCFApp
2017-11-01 21:39 - 2017-11-01 21:39 - 000000000 ____D C:\ProgramData\MySampleService
2017-11-01 21:38 - 2017-11-01 23:42 - 000000000 ____D C:\Windat
2017-11-01 21:25 - 2017-11-01 21:25 - 000140800 _____ C:\Users\Boris\AppData\Local\installer.dat
2017-11-01 21:20 - 2017-11-02 08:22 - 000000000 ____D C:\Applications
2017-11-01 21:20 - 2017-11-01 23:42 - 000000000 ____D C:\WinSys
2017-11-01 21:20 - 2017-11-01 21:20 - 000000000 ____D C:\Users\Boris\AppData\Local\AdvinstAnalytics
2017-11-01 20:44 - 2017-11-01 21:03 - 000000000 ____D C:\Users\Boris\AppData\Roaming\xVideoServiceThief
2017-11-01 10:35 - 2017-11-01 10:35 - 000035744 _____ C:\Windows\uninstaller.dat
2017-10-31 20:22 - 2017-10-31 20:22 - 000000000 ____D C:\Program Files\Common Files\Skype
2017-10-30 21:50 - 2017-11-01 23:42 - 000000000 ____D C:\Users\Boris\AppData\Local\AdService
2017-10-25 20:19 - 2017-10-25 20:19 - 004233728 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerInstaller.exe
2017-10-24 16:54 - 2017-10-24 16:54 - 000000000 ____D C:\ProgramData\McAfee
2017-10-15 16:51 - 2017-10-15 16:51 - 000000000 ____D C:\Users\Boris\Documents\e-Sword
2017-10-15 16:48 - 2017-11-02 11:21 - 000001701 _____ C:\Users\Public\Desktop\e-Sword.lnk
2017-10-15 16:48 - 2017-10-15 16:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\e-Sword
2017-10-15 16:48 - 2017-10-15 16:48 - 000000000 ____D C:\Program Files\Common Files\EzTools

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-11-03 13:13 - 2017-07-09 11:34 - 000000000 ____D C:\Users\Boris\AppData\LocalLow\360WD
2017-11-03 13:12 - 2014-10-17 20:43 - 000000000 ____D C:\Users\Boris\AppData\Roaming\uTorrent
2017-11-03 09:48 - 2017-09-29 13:54 - 000000000 ____D C:\Users\Boris\AppData\LocalLow\uTorrent
2017-11-03 09:48 - 2009-07-14 05:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2017-11-02 11:22 - 2014-08-20 21:59 - 000000924 _____ C:\Users\Boris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2017-11-02 11:21 - 2017-09-26 12:23 - 000000603 _____ C:\Users\Boris\Desktop\DVD X Player 4.0 Professional.lnk
2017-11-02 11:21 - 2017-08-19 11:35 - 000001863 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SumatraPDF.lnk
2017-11-02 11:21 - 2017-07-09 11:34 - 000001101 _____ C:\Users\Public\Desktop\360 Total Security.lnk
2017-11-02 11:21 - 2017-05-14 13:18 - 000000732 _____ C:\Users\Public\Desktop\PhotoStitcher.lnk
2017-11-02 11:21 - 2017-04-27 16:19 - 000001072 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-11-02 11:21 - 2017-04-27 15:46 - 000000501 _____ C:\Users\Boris\Desktop\Nero Express.lnk
2017-11-02 11:21 - 2017-04-13 16:07 - 000002681 _____ C:\Users\Public\Desktop\Skype.lnk
2017-11-02 11:21 - 2017-01-13 11:48 - 000002429 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-11-02 11:21 - 2017-01-13 11:48 - 000002011 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2017-11-02 11:21 - 2015-12-08 16:54 - 000001105 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-11-02 11:21 - 2015-12-08 16:54 - 000001099 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2017-11-02 11:21 - 2015-12-04 22:08 - 000001308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
2017-11-02 11:21 - 2015-12-04 22:08 - 000001239 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2017-11-02 11:21 - 2014-10-17 20:44 - 000000813 _____ C:\Users\Boris\Desktop\µTorrent.lnk
2017-11-02 11:21 - 2014-10-17 20:43 - 000000793 _____ C:\Users\Boris\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2017-11-02 11:21 - 2014-08-19 19:02 - 000002669 _____ C:\Users\Public\Desktop\Microsoft Office Word 2007.lnk
2017-11-02 11:21 - 2014-08-19 19:02 - 000002631 _____ C:\Users\Public\Desktop\Microsoft Office Excel 2007.lnk
2017-11-02 11:21 - 2014-06-30 16:08 - 000000574 _____ C:\Users\Boris\Desktop\KMPlayer.lnk
2017-11-02 11:21 - 2014-06-16 22:06 - 000001078 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-11-02 11:21 - 2013-05-29 21:44 - 000000652 _____ C:\Users\Boris\Desktop\MyHeritage Family Tree Builder.lnk
2017-11-02 11:21 - 2012-06-05 20:58 - 000000623 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2017-11-02 11:21 - 2012-04-22 20:07 - 000001877 _____ C:\Users\Boris\Desktop\Bluetooth File Transfer Wizard.lnk
2017-11-02 11:21 - 2012-04-22 02:28 - 000001333 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2017-11-02 11:21 - 2012-04-22 02:28 - 000001314 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2017-11-02 11:21 - 2012-04-21 23:26 - 000001308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Photo Gallery.lnk
2017-11-02 11:21 - 2012-04-21 21:38 - 000000758 _____ C:\Users\Public\Desktop\GOM Player.lnk
2017-11-02 11:21 - 2012-04-21 21:38 - 000000758 _____ C:\Users\Boris\AppData\Roaming\Microsoft\Windows\Start Menu\GOM Player.lnk
2017-11-02 11:21 - 2012-04-21 21:34 - 000002017 _____ C:\Users\Public\Desktop\amcap.lnk
2017-11-02 11:21 - 2012-04-21 19:53 - 000001992 _____ C:\Users\Boris\Desktop\Adobe Photoshop CS.lnk
2017-11-02 11:21 - 2012-04-21 19:51 - 000001999 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ImageReady CS.lnk
2017-11-02 11:21 - 2012-04-21 19:51 - 000001992 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS.lnk
2017-11-02 11:21 - 2012-04-21 19:13 - 000000931 _____ C:\Users\Public\Desktop\Winamp.lnk
2017-11-02 11:21 - 2012-04-21 19:08 - 000000632 _____ C:\Users\Boris\Desktop\Total Commander.lnk
2017-11-02 11:21 - 2012-04-21 18:59 - 000000967 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat.com.lnk
2017-11-02 11:21 - 2009-07-14 05:46 - 000001503 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2017-11-02 11:21 - 2009-07-14 05:46 - 000001282 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk
2017-11-02 11:21 - 2009-07-14 05:42 - 000001318 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk
2017-11-02 11:21 - 2009-07-14 05:42 - 000001234 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk
2017-11-02 11:21 - 2009-07-14 05:42 - 000001198 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk
2017-11-02 11:21 - 2009-07-14 05:37 - 000001266 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk
2017-11-02 11:19 - 2009-07-14 08:49 - 000000000 ____D C:\Windows\CSC
2017-11-02 08:25 - 2014-01-25 16:37 - 000000000 ____D C:\Users\Boris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2017-11-02 07:57 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\inf
2017-11-02 00:43 - 2012-06-05 20:58 - 000000000 ____D C:\ProgramData\Malwarebytes
2017-11-01 23:43 - 2017-07-09 11:36 - 000000000 ____D C:\ProgramData\360Quarant
2017-11-01 23:43 - 2017-07-09 11:34 - 000000000 ____D C:\ProgramData\360safe
2017-11-01 23:42 - 2017-07-09 12:53 - 000000000 __SHD C:\$360Section
2017-10-31 22:11 - 2014-07-19 10:51 - 000000000 ____D C:\Users\Boris\AppData\Roaming\Skype
2017-10-31 20:24 - 2017-04-27 16:17 - 000000000 ____D C:\Program Files\Google
2017-10-31 20:22 - 2012-04-21 21:28 - 000000000 ___RD C:\Program Files\Skype
2017-10-31 20:21 - 2012-04-21 21:28 - 000000000 ____D C:\ProgramData\Skype
2017-10-31 09:00 - 2012-04-22 02:34 - 000778150 _____ C:\Windows\system32\PerfStringBackup.INI
2017-10-30 21:50 - 2017-07-09 11:35 - 000000000 ____D C:\Users\Boris\AppData\Roaming\360safe
2017-10-28 10:36 - 2012-04-21 18:59 - 000000000 ____D C:\Users\Boris\AppData\Roaming\Adobe
2017-10-28 10:36 - 2012-04-21 18:58 - 000000000 ____D C:\ProgramData\Adobe
2017-10-25 20:19 - 2012-04-29 13:17 - 000803328 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2017-10-25 20:19 - 2012-04-21 19:05 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2017-10-25 20:19 - 2012-04-21 19:05 - 000000000 ____D C:\Windows\system32\Macromed
2017-10-24 16:57 - 2014-06-22 16:45 - 000000000 ____D C:\Users\Boris\AppData\Local\Adobe
2017-10-16 07:26 - 2016-08-19 09:27 - 000112888 _____ C:\Users\Boris\AppData\Local\GDIPFONTCACHEV1.DAT
2017-10-16 07:25 - 2016-08-19 09:26 - 000421328 _____ C:\Windows\system32\FNTCACHE.DAT
2017-10-15 16:45 - 2012-04-21 18:56 - 000000000 ____D C:\Users\Boris\AppData\Local\Downloaded Installations

==================== Files in the root of some directories =======

2015-08-09 17:37 - 2017-04-17 16:49 - 000008152 _____ () C:\Users\Boris\AppData\Roaming\.ptbt1
2015-07-17 11:48 - 2015-11-14 14:09 - 000000543 _____ () C:\Users\Boris\AppData\Roaming\burnaware.ini
2014-02-02 12:32 - 2014-02-02 12:32 - 000138904 _____ () C:\Users\Boris\AppData\Roaming\PnkBstrK.sys
2014-10-19 14:58 - 2014-10-19 14:59 - 000000145 _____ () C:\Users\Boris\AppData\Roaming\settings.xml
2017-11-01 21:25 - 2017-11-01 21:25 - 000140800 _____ () C:\Users\Boris\AppData\Local\installer.dat
2012-12-01 22:49 - 2012-12-01 22:49 - 000000029 _____ () C:\Users\Boris\AppData\Local\raster2vector.ini
2015-12-08 17:54 - 2015-12-08 17:54 - 000000016 _____ () C:\ProgramData\mntemp

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-10-30 09:29

==================== End of FRST.txt ============================


https://www.mycity.rs/must-login.png



Sad je ok

offline
  • Pridružio: 14 Jun 2016
  • Poruke: 535

1. Otvori Notepad (Text Document) i iskopiraj sledeći tekst unutar kod polja ispod:

FF user.js: detected! => C:\Users\Boris\AppData\Roaming\Mozilla\Firefox\Profiles\mhunkkbi.default\user.js [2017-07-12]
R2 My Sample Service; C:\ProgramData\MySampleService\sys.exe [334336 2017-11-01] () [File not signed]
C:\ProgramData\MySampleService


2. Sačuvaj notepad na Desktop pod nazivom fixlist.txt
To možes uraditi i iz notepad-a => klik na File potom na Save As i u novom prozoru, dole pod File Name: staviš za naziv fixlist.txt
Napomena: Važno je da se oba fajla, FRST i fixlist nalaze na istoj lokaciji jer u suprotnom fix nece raditi.

3. Ponovo pokreni FRST/FRST64, klikni jednom na dugme Fix i sačekaj.
Ukoliko alat zatraži restart sistema, dozvoli mu i postaraj se da alat kompletira fix nakon restarta sistema.



Alat će formirati log (Fixlog.txt) na Desktop-u. Potrebno je sadržaj tog loga iskopirati u poruku.
Napomena: Ukoliko te alat upozori da postoji novija verzija, postaraj se da preuzmes i koristiš ažuriranu kopiju FRST-a.

Ko je trenutno na forumu
 

Ukupno su 1389 korisnika na forumu :: 36 registrovanih, 4 sakrivenih i 1349 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: A.R.Chafee.Jr., Ageofloneliness, Aleksandar Tomić, Arahne, bladesu, celik, cifra, CikaKURE, d bos, Dannyboy, debeli, Dvojac005, Fabius, GandorCC, Georgius, hatman, ILGromovnik, kinez88, loon123, Luka Blažević, Lutvo_Redzepagic, Magistar78, mkukoleca, nenaddz, RiV, royst33, Skywhaler, SlaKoj, StefanopuloZ, stegonosa, Trpe Grozni, vathra, Vlada78, vladulns, zixmix, zziko