MyCity » Ambulanta -> Arhiva Ambulante » Problem sa TR/ATRAPS.Gen i TR/ATRAPS.Gen2

Problem sa TR/ATRAPS.Gen i TR/ATRAPS.Gen2

Napisano na dan: 24.11.2012

Problem sa TR/ATRAPS.Gen i TR/ATRAPS.Gen2
Sledeća strana Pagination

Idi na vrh

Poslao: 24 Nov 2012 13:43
Idi na vrh
offline
  • nesani 
  • Novi MyCity građanin
  • Pridružio: 24 Nov 2012
  • Poruke: 5

Napisano: 24 Nov 2012 13:32

Veliki pozdrav. Koristim Windows 7 32 bit verziju, Avira free mi na nekih 5 minuta pokazuje kako imam ova dva virusa: TR/ATRAPS.Gen i TR/ATRAPS.Gen2 i ne moze da ih obrise. Inace zasad ne pravi neke posebne probleme.

DDS.text:
DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 9.0.8112.16455 BrowserJavaVersion: 10.5.0
Run by Nesha at 12:02:35 on 2012-11-24
Microsoft Windows 7 Starter 6.1.7601.1.1252.1.1033.18.1014.237 [GMT 1:00]
.
AV: Avira Desktop *Enabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Enabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ================
.
C:\windows\system32\wininit.exe
C:\windows\system32\lsm.exe
C:\windows\system32\WLANExt.exe
C:\windows\system32\conhost.exe
C:\windows\System32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\windows\system32\taskhost.exe
C:\windows\system32\Dwm.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Windows\System32\AsusService.exe
C:\Program Files\Microsoft\BingBar\SeaPort.EXE
C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Elantech\ETDCtrl.exe
C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\o2\Mobile Connection Manager\ImpWiFiSvc.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\windows\system32\igfxsrvc.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\windows\system32\conhost.exe
C:\windows\system32\SearchIndexer.exe
C:\Program Files\Elantech\ETDCtrlHelper.exe
C:\windows\explorer.exe
C:\Program Files\o.tel.o\o.tel.o.exe
C:\Program Files\Opera\opera.exe
C:\windows\system32\wuauclt.exe
C:\windows\System32\WUDFHost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\windows\explorer.exe
C:\Program Files\Asus\Eee Docking\Eee Docking.exe
C:\windows\system32\taskhost.exe
C:\windows\system32\SearchProtocolHost.exe
C:\windows\system32\SearchFilterHost.exe
C:\windows\system32\conhost.exe
C:\windows\system32\wbem\wmiprvse.exe
c:\program files\avira\antivir desktop\avscan.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\windows\system32\svchost.exe -k imgsvc
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\System32\svchost.exe -k secsvcs
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
uDefault_Page_URL = hxxp://asus.msn.com
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - c:\program files\windows live\companion\companioncore.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} -
uRun: [Google Update] "c:\users\nesha\appdata\local\google\update\GoogleUpdate.exe" /c
mRun: [IAAnotif] c:\program files\intel\intel matrix storage manager\iaanotif.exe
mRun: [ETDWare] c:\program files\elantech\ETDCtrl.exe
mRun: [EeeSplendidAgent] c:\program files\asus\epc\eeesplendid\AsAgent.exe
mRun: [Eee Docking] c:\program files\asus\eee docking\Eee Docking.exe autorun
mRun: [ASUSWebStorage] c:\program files\asus\asus webstorage\2.2.56.108\ASUSWSDashBoard.exe /S
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [RtHDVCpl] c:\program files\realtek\audio\hda\RtHDVCpl.exe -s
mRun: [ASUSPRP] c:\program files\asus\aprp\APRP.EXE
mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\blueto~1.lnk - c:\program files\widcomm\bluetooth software\BTTray.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Send image to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - c:\program files\windows live\companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
TCP: Interfaces\{26211248-A477-4497-A0D1-DCDE440A4252} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{71700486-E7A5-4C31-B625-D9B7CE28E9E0} : NameServer = 139.7.30.125 139.7.30.126
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
Notify: igfxcui - igfxdev.dll
SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\nesha\appdata\roaming\mozilla\firefox\profiles\uw5xvzp9.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.rs/
FF - component: c:\program files\mozilla firefox\extensions\{82af8dca-6de9-405d-bd5e-43525bdad38a}\components\SkypeFfComponent.dll
FF - plugin: c:\progra~1\mif5ba~1\office14\NPSPWRAP.DLL
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npfoxitpdf.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\users\nesha\appdata\local\google\update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: c:\windows\system32\npDeployJava1.dll
FF - plugin: c:\windows\system32\npmproxy.dll
.
---- FIREFOX POLICIES ----
FF - user.js: general.useragent.extra.brc -
.
============= SERVICES / DRIVERS ===============
.
R1 AsUpIO;AsUpIO;c:\windows\system32\drivers\AsUpIO.sys [2010-11-17 11520]
R1 avkmgr;avkmgr;c:\windows\system32\drivers\avkmgr.sys [2011-11-27 36000]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [2012-2-18 242240]
R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2011-11-27 83392]
R3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\drivers\ETD.sys [2010-7-29 109960]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\drivers\L1C62x86.sys [2010-7-29 68208]
R3 Sftfs;Sftfs;c:\windows\system32\drivers\Sftfslh.sys [2011-10-1 579944]
R3 Sftplay;Sftplay;c:\windows\system32\drivers\Sftplaylh.sys [2011-10-1 194408]
R3 Sftredir;Sftredir;c:\windows\system32\drivers\Sftredirlh.sys [2011-10-1 21864]
R3 Sftvol;Sftvol;c:\windows\system32\drivers\Sftvollh.sys [2011-10-1 19304]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 btwampfl;Bluetooth AMP USB Filter;c:\windows\system32\drivers\btwampfl.sys [2010-11-17 293928]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\drivers\btwl2cap.sys [2010-11-17 33320]
S3 fssfltr;fssfltr;c:\windows\system32\drivers\fssfltr.sys [2010-11-17 39272]
S3 massfilter;Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys [2011-10-30 9728]
S3 massfilter_hs;ZTE HandSet Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter_hs.sys [2011-10-30 9728]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-10-29 52224]
S3 wsvd;wsvd;c:\windows\system32\drivers\wsvd.sys [2009-7-22 81704]
.
=============== Created Last 30 ================
.
2012-11-24 04:48:26 60872 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{18d8405b-deb8-4f9d-a141-ad86768d865e}\offreg.dll
2012-11-23 18:14:10 6812136 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{18d8405b-deb8-4f9d-a141-ad86768d865e}\mpengine.dll
2012-11-18 02:04:44 9728 ----a-w- c:\windows\system32\Wdfres.dll
2012-11-18 02:04:44 526952 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2012-11-18 02:04:44 47720 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2012-11-18 02:03:49 66560 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2012-11-18 02:03:49 155136 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2012-11-18 02:03:48 73216 ----a-w- c:\windows\system32\WUDFSvc.dll
2012-11-18 02:03:48 172032 ----a-w- c:\windows\system32\WUDFPlatform.dll
2012-11-18 02:03:46 613888 ----a-w- c:\windows\system32\WUDFx.dll
2012-11-18 02:03:46 38912 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2012-11-18 02:03:46 196608 ----a-w- c:\windows\system32\WUDFHost.exe
2012-11-16 16:20:08 156672 ----a-w- c:\windows\system32\ncsi.dll
2012-11-16 16:20:08 1293680 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-11-16 16:20:07 499712 ----a-w- c:\windows\system32\iphlpsvc.dll
2012-11-16 16:20:06 52224 ----a-w- c:\windows\system32\nlaapi.dll
2012-11-16 16:20:06 35328 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2012-11-16 16:20:06 242176 ----a-w- c:\windows\system32\nlasvc.dll
2012-11-16 16:20:06 18944 ----a-w- c:\windows\system32\netevent.dll
2012-11-16 16:20:06 175104 ----a-w- c:\windows\system32\netcorehc.dll
2012-11-16 16:19:47 78336 ----a-w- c:\windows\system32\synceng.dll
2012-11-16 16:19:43 2345984 ----a-w- c:\windows\system32\win32k.sys
2012-11-16 16:19:37 44032 ----a-w- c:\windows\system32\dhcpcsvc6.dll
2012-11-16 16:19:37 193536 ----a-w- c:\windows\system32\dhcpcore6.dll
.
==================== Find3M ====================
.
2012-10-08 07:56:24 1800704 ----a-w- c:\windows\system32\jscript9.dll
2012-10-08 07:48:03 1129472 ----a-w- c:\windows\system32\wininet.dll
2012-10-08 07:47:44 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2012-10-08 07:44:05 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2012-10-08 07:43:21 420864 ----a-w- c:\windows\system32\vbscript.dll
2012-10-08 07:40:56 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-09-14 18:28:53 2048 ----a-w- c:\windows\system32\tzres.dll
2012-08-31 17:18:09 1211760 ----a-w- c:\windows\system32\drivers\ntfs.sys
2012-08-30 17:12:02 3968880 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-08-30 17:12:02 3914096 ----a-w- c:\windows\system32\ntoskrnl.exe
.
============= FINISH: 12:06:10.70 ===============

mycity.rs/must-login.png

Problem je sto mi za dalje korake ne rade ova dva programa - GMER i RootRepeal.
Svaka pomoc bi mi puno znacila, hvala unapred.

Dopuna: 24 Nov 2012 13:43

Pokusao sam ovim programom: SysProt AntiRootkit i evo logfajla

mycity.rs/must-login.png

Poslao: 24 Nov 2012 14:02
Idi na vrh
offline
  • Pridružio: 09 Avg 2011
  • Poruke: 15879
  • Gde živiš: Beograd

Pozdrav,

Mozes li postaviti Screen Shot da vidimo tu detekciju od strane Avire? Pozeljno bi bilo i da se vidi lokacija tog detektovanog fajla ili vise njih...

Poslao: 24 Nov 2012 14:38
Idi na vrh
offline
  • nesani 
  • Novi MyCity građanin
  • Pridružio: 24 Nov 2012
  • Poruke: 5



a evo i scan izvestaja ako moze da pomogne
mycity.rs/must-login.png

Poslao: 24 Nov 2012 15:21
Idi na vrh
offline
  • Pridružio: 09 Avg 2011
  • Poruke: 15879
  • Gde živiš: Beograd

U toku rešavanja slučaja, molio bih te da se pridržavas sledećeg:
Detaljno čitati moja uputstva ( ili uputstva kolega koji će me zamenjivati) i raditi isključivo po njima;
Ne tražiti istovremeno pomoć na drugom mestu;
Nemoj koristiti druge programe za uklanjanje malware-a, osim onih za koje budeš dobio uputstvo;
Obavezno prijavi ukoliko neka od predloženih procedura nije protekla kako je navedeno;
U toku intervencije ne koristiti USB memorijske uređaje, dok to ne budem zatražio;
Uvek kopiraj ceo izveštaj u poruku, bez da ga attach-uješ, ukoliko nije tako zatraženo;
Ukoliko ne odgovorim u roku od 24h, osveži temu novim post-om;
Ukoliko se ne javiš u roku od 5 dana, zatvorićemo slučaj.
Za vise informacija o pravilima Ambulante MyCity foruma: LINK



Korak 1.

Preuzmi Kaspersky Lab-ov TDSSKiller sa sledece adrese na Desktop:


TDSSKiller

Klikni desnim tasterom na link i odaberi opciju Save Target As... (Save Link As..., Save Linked Content As... ili slicnu);
Kada se otvori dijalog za izbor lokacije na kojoj treba sacuvati file, odaberi Desktop i klikni Save.


Kada preuzimanje programa bude završeno:
deaktiviraj zaštitni softver (uputstvo);
zatvori pokrenute programe;
preimenuj TDSSKiller.exe u MyCity.exe;
dvoklikom pokreni program MyCity.exe;
klik na dugme Start Scan.

Kad zavrsi prikazace ti rezultate skeniranja i tu nemoj ništa da menjas vec samo klikni na Continue, a zatim klikni Reboot Now.



Okaci mi sadrzaj log-a sa sledece lokacije:
C:\TDSSKiller_verzija programa_DD.MM.GG_HH.MM.SS.txt
(DD-dan, MM-mesec, GG-godina, HH-sat, MM-minut, SS-sekunda; datum i vreme kada je log napravljen)



Korak 2.

Preuzmi sUBs-ov ComboFix sa sljedeće adrese na Desktop:


Bleeping Computer
Klikni desnim tasterom na link i odaberi opciju Save Target As... (Save Link As..., Save Linked Content As... ili sličnu);
Kada se otvori dijalog za izbor lokacije na kojoj treba sačuvati fajl, odaberi Desktop i klikni Save.



Kada preuzimanje programa bude završeno:
deaktiviraj zaštitni softver (uputstvo);
zatvori pokrenute programe;
dvoklikom pokreni program ComboFix;
u prozoru koji se otvori klikni "I Agree".
U toku rada, ComboFix će:provjeriti postoji li novija verzija programa:
klikni Yes ako bude ponuđeno preuzimanje iste.ako Recovery Console nije instalirana, ponuditi instalaciju:
obavezno prihvati klikom na Yes i isprati postupak.postaviti/dati određeni broj upita/obaveštenja:
prihvati klikom na Yes ili OK.po potrebi, restartovati Windows (više puta);
na kraju rada, otvoriti Notepad sa izveštajem o skeniranju.

Iskopiraj izvještaj koji je ComboFix napravio u temu na forumu:
klikni desnim tasterom miša u prozor Notepad-a i izaberi Select All;
klikni desnim tasterom miša na obilježeni tekst i izaberi Copy;
klikni desnim tasterom miša u polje za pisanje poruke i izaberi Paste.

Napomena:Izvještaj će biti sačuvan pod nazivom ComboFix.txt na sistemskoj particiji (tipična lokacija: C:\ComboFix.txt);
Ukoliko nakon slanja poruke primjetiš da izvještaj nije kompletan, iskoristi opciju Prikači fajl za prilaganje fajla C:\ComboFix.txt uz poruku.

Poslao: 24 Nov 2012 16:13
Idi na vrh
offline
  • nesani 
  • Novi MyCity građanin
  • Pridružio: 24 Nov 2012
  • Poruke: 5

TDSSKiller.2.8.15.0_24.11.2012_15.36.20_log:
15:36:20.0739 2044 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
15:36:21.0176 2044 ============================================================
15:36:21.0176 2044 Current date / time: 2012/11/24 15:36:21.0176
15:36:21.0176 2044 SystemInfo:
15:36:21.0176 2044
15:36:21.0176 2044 OS Version: 6.1.7601 ServicePack: 1.0
15:36:21.0176 2044 Product type: Workstation
15:36:21.0176 2044 ComputerName: NESHA-PC
15:36:21.0176 2044 UserName: Nesha
15:36:21.0176 2044 Windows directory: C:\windows
15:36:21.0176 2044 System windows directory: C:\windows
15:36:21.0176 2044 Processor architecture: Intel x86
15:36:21.0176 2044 Number of processors: 4
15:36:21.0176 2044 Page size: 0x1000
15:36:21.0176 2044 Boot type: Normal boot
15:36:21.0176 2044 ============================================================
15:36:28.0212 2044 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
15:36:28.0243 2044 ============================================================
15:36:28.0243 2044 \Device\Harddisk0\DR0:
15:36:28.0243 2044 MBR partitions:
15:36:28.0243 2044 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xC800000
15:36:28.0243 2044 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xE600800, BlocksNum 0xEBBA800
15:36:28.0243 2044 ============================================================
15:36:28.0305 2044 C: <-> \Device\Harddisk0\DR0\Partition1
15:36:28.0836 2044 D: <-> \Device\Harddisk0\DR0\Partition2
15:36:28.0836 2044 ============================================================
15:36:28.0836 2044 Initialize success
15:36:28.0836 2044 ============================================================
15:36:47.0759 3092 ============================================================
15:36:47.0759 3092 Scan started
15:36:47.0759 3092 Mode: Manual;
15:36:47.0759 3092 ============================================================
15:36:55.0294 3092 ================ Scan system memory ========================
15:36:55.0294 3092 System memory - ok
15:36:55.0294 3092 ================ Scan services =============================
15:36:56.0027 3092 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\windows\system32\drivers\1394ohci.sys
15:36:56.0043 3092 1394ohci - ok
15:36:56.0121 3092 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\windows\system32\drivers\ACPI.sys
15:36:56.0152 3092 ACPI - ok
15:36:56.0277 3092 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
15:36:56.0277 3092 AcpiPmi - ok
15:36:56.0448 3092 [ 11A52CF7B265631DEEB24C6149309EFF ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
15:36:56.0464 3092 AdobeARMservice - ok
15:36:56.0604 3092 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\windows\system32\DRIVERS\adp94xx.sys
15:36:56.0636 3092 adp94xx - ok
15:36:56.0729 3092 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\windows\system32\DRIVERS\adpahci.sys
15:36:56.0729 3092 adpahci - ok
15:36:56.0776 3092 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\windows\system32\DRIVERS\adpu320.sys
15:36:56.0776 3092 adpu320 - ok
15:36:56.0807 3092 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
15:36:56.0807 3092 AeLookupSvc - ok
15:36:56.0901 3092 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\windows\system32\drivers\afd.sys
15:36:56.0916 3092 AFD - ok
15:36:56.0948 3092 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\windows\system32\drivers\agp440.sys
15:36:56.0963 3092 agp440 - ok
15:36:57.0010 3092 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\windows\system32\DRIVERS\djsvs.sys
15:36:57.0010 3092 aic78xx - ok
15:36:57.0072 3092 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\windows\System32\alg.exe
15:36:57.0072 3092 ALG - ok
15:36:57.0135 3092 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\windows\system32\drivers\aliide.sys
15:36:57.0135 3092 aliide - ok
15:36:57.0166 3092 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\windows\system32\drivers\amdagp.sys
15:36:57.0182 3092 amdagp - ok
15:36:57.0228 3092 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\windows\system32\drivers\amdide.sys
15:36:57.0228 3092 amdide - ok
15:36:57.0260 3092 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\windows\system32\DRIVERS\amdk8.sys
15:36:57.0275 3092 AmdK8 - ok
15:36:57.0291 3092 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\windows\system32\DRIVERS\amdppm.sys
15:36:57.0291 3092 AmdPPM - ok
15:36:57.0322 3092 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\windows\system32\drivers\amdsata.sys
15:36:57.0338 3092 amdsata - ok
15:36:57.0369 3092 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\windows\system32\DRIVERS\amdsbs.sys
15:36:57.0369 3092 amdsbs - ok
15:36:57.0384 3092 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\windows\system32\drivers\amdxata.sys
15:36:57.0400 3092 amdxata - ok
15:36:57.0556 3092 [ 0A1CC583E8147004E4AD4625D7FBF88C ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe
15:36:57.0556 3092 AntiVirSchedulerService - ok
15:36:57.0634 3092 [ C9A36EF935ACED86AEDF93E97E606911 ] AntiVirService C:\Program Files\Avira\AntiVir Desktop\avguard.exe
15:36:57.0634 3092 AntiVirService - ok
15:36:57.0712 3092 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\windows\system32\drivers\appid.sys
15:36:57.0712 3092 AppID - ok
15:36:57.0759 3092 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\windows\System32\appidsvc.dll
15:36:57.0774 3092 AppIDSvc - ok
15:36:57.0837 3092 [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo C:\windows\System32\appinfo.dll
15:36:57.0837 3092 Appinfo - ok
15:36:57.0868 3092 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\windows\system32\DRIVERS\arc.sys
15:36:57.0884 3092 arc - ok
15:36:57.0899 3092 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\windows\system32\DRIVERS\arcsas.sys
15:36:57.0899 3092 arcsas - ok
15:36:57.0993 3092 [ 561D6B76C045311691B870F6B3F19EAB ] AsUpIO C:\windows\system32\drivers\AsUpIO.sys
15:36:58.0008 3092 AsUpIO - ok
15:36:58.0055 3092 [ C4FB2613D3C75364BB159B9C23A00E7A ] AsusService C:\Windows\System32\AsusService.exe
15:36:58.0055 3092 AsusService - ok
15:36:58.0086 3092 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
15:36:58.0102 3092 AsyncMac - ok
15:36:58.0180 3092 [ 338C86357871C167A96AB976519BF59E ] atapi C:\windows\system32\drivers\atapi.sys
15:36:58.0180 3092 atapi - ok
15:36:58.0352 3092 [ B01751CC563AECAC09BBE36AAA21FBEF ] athr C:\windows\system32\DRIVERS\athr.sys
15:36:58.0398 3092 athr - ok
15:36:58.0476 3092 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
15:36:58.0492 3092 AudioEndpointBuilder - ok
15:36:58.0508 3092 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\windows\System32\Audiosrv.dll
15:36:58.0523 3092 Audiosrv - ok
15:36:58.0617 3092 [ D5541F0AFB767E85FC412FC609D96A74 ] avgntflt C:\windows\system32\DRIVERS\avgntflt.sys
15:36:58.0632 3092 avgntflt - ok
15:36:58.0679 3092 [ 7D967A682D4694DF7FA57D63A2DB01FE ] avipbb C:\windows\system32\DRIVERS\avipbb.sys
15:36:58.0679 3092 avipbb - ok
15:36:58.0710 3092 [ 271CFD1A989209B1964E24D969552BF7 ] avkmgr C:\windows\system32\DRIVERS\avkmgr.sys
15:36:58.0726 3092 avkmgr - ok
15:36:58.0820 3092 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\windows\System32\AxInstSV.dll
15:36:58.0820 3092 AxInstSV - ok
15:36:58.0913 3092 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\windows\system32\DRIVERS\bxvbdx.sys
15:36:58.0929 3092 b06bdrv - ok
15:36:58.0991 3092 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\windows\system32\DRIVERS\b57nd60x.sys
15:36:58.0991 3092 b57nd60x - ok
15:36:59.0069 3092 [ 01A24B415926BB5F772DBE12459D97DE ] BBSvc C:\Program Files\Microsoft\BingBar\BBSvc.EXE
15:36:59.0069 3092 BBSvc - ok
15:36:59.0116 3092 [ 785DE7ABDA13309D6065305542829E76 ] BBUpdate C:\Program Files\Microsoft\BingBar\SeaPort.EXE
15:36:59.0116 3092 BBUpdate - ok
15:36:59.0303 3092 [ 2BE0F23D494C301641C42EAD2FDCD4F2 ] BCM43XX C:\windows\system32\DRIVERS\bcmwl6.sys
15:36:59.0412 3092 BCM43XX - ok
15:36:59.0444 3092 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\windows\System32\bdesvc.dll
15:36:59.0459 3092 BDESVC - ok
15:36:59.0490 3092 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\windows\system32\drivers\Beep.sys
15:36:59.0490 3092 Beep - ok
15:36:59.0553 3092 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\windows\System32\bfe.dll
15:36:59.0553 3092 BFE - ok
15:36:59.0600 3092 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\windows\System32\qmgr.dll
15:36:59.0631 3092 BITS - ok
15:36:59.0646 3092 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys
15:36:59.0662 3092 blbdrive - ok
15:36:59.0693 3092 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\windows\system32\DRIVERS\bowser.sys
15:36:59.0693 3092 bowser - ok
15:36:59.0724 3092 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\windows\system32\DRIVERS\BrFiltLo.sys
15:36:59.0724 3092 BrFiltLo - ok
15:36:59.0740 3092 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\windows\system32\DRIVERS\BrFiltUp.sys
15:36:59.0740 3092 BrFiltUp - ok
15:36:59.0787 3092 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\windows\System32\browser.dll
15:36:59.0787 3092 Browser - ok
15:36:59.0818 3092 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\windows\System32\Drivers\Brserid.sys
15:36:59.0834 3092 Brserid - ok
15:36:59.0865 3092 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
15:36:59.0865 3092 BrSerWdm - ok
15:36:59.0880 3092 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
15:36:59.0880 3092 BrUsbMdm - ok
15:36:59.0896 3092 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
15:36:59.0896 3092 BrUsbSer - ok
15:36:59.0958 3092 [ 2865A5C8E98C70C605F417908CEBB3A4 ] BthEnum C:\windows\system32\drivers\BthEnum.sys
15:36:59.0974 3092 BthEnum - ok
15:37:00.0005 3092 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\windows\system32\DRIVERS\bthmodem.sys
15:37:00.0005 3092 BTHMODEM - ok
15:37:00.0052 3092 [ AD1872E5829E8A2C3B5B4B641C3EAB0E ] BthPan C:\windows\system32\DRIVERS\bthpan.sys
15:37:00.0052 3092 BthPan - ok
15:37:00.0083 3092 [ 1153DE2E4F5941E10C399CB5592F78A1 ] BTHPORT C:\windows\System32\Drivers\BTHport.sys
15:37:00.0099 3092 BTHPORT - ok
15:37:00.0146 3092 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\windows\system32\bthserv.dll
15:37:00.0146 3092 bthserv - ok
15:37:00.0177 3092 [ C81E9413A25A439F436B1D4B6A0CF9E9 ] BTHUSB C:\windows\System32\Drivers\BTHUSB.sys
15:37:00.0177 3092 BTHUSB - ok
15:37:00.0208 3092 [ D57641BF7E6AF5C996EAB931AFADC271 ] btwampfl C:\windows\system32\drivers\btwampfl.sys
15:37:00.0224 3092 btwampfl - ok
15:37:00.0255 3092 [ 81471A7D64D1FC014D47A4CF33CD701E ] btwaudio C:\windows\system32\drivers\btwaudio.sys
15:37:00.0255 3092 btwaudio - ok
15:37:00.0286 3092 [ 098AF3559710FCEC05B7AA5159F435F9 ] btwavdt C:\windows\system32\DRIVERS\btwavdt.sys
15:37:00.0286 3092 btwavdt - ok
15:37:00.0426 3092 [ 8FCF8E276B5755DB87C8B015CAD1BC41 ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
15:37:00.0458 3092 btwdins - ok
15:37:00.0504 3092 [ DE53089F0678CB5F0AFEB867ACB0FB05 ] btwl2cap C:\windows\system32\DRIVERS\btwl2cap.sys
15:37:00.0504 3092 btwl2cap - ok
15:37:00.0536 3092 [ E28EF3C4EF1849B876F850015066380B ] btwrchid C:\windows\system32\DRIVERS\btwrchid.sys
15:37:00.0536 3092 btwrchid - ok
15:37:00.0567 3092 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
15:37:00.0567 3092 cdfs - ok
15:37:00.0614 3092 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\windows\system32\DRIVERS\cdrom.sys
15:37:00.0614 3092 cdrom - ok
15:37:00.0660 3092 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\windows\System32\certprop.dll
15:37:00.0676 3092 CertPropSvc - ok
15:37:00.0707 3092 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\windows\system32\DRIVERS\circlass.sys
15:37:00.0707 3092 circlass - ok
15:37:00.0754 3092 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\windows\system32\CLFS.sys
15:37:00.0754 3092 CLFS - ok
15:37:00.0957 3092 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:37:00.0957 3092 clr_optimization_v2.0.50727_32 - ok
15:37:01.0050 3092 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:37:01.0128 3092 clr_optimization_v4.0.30319_32 - ok
15:37:01.0160 3092 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys
15:37:01.0160 3092 CmBatt - ok
15:37:01.0191 3092 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\windows\system32\drivers\cmdide.sys
15:37:01.0191 3092 cmdide - ok
15:37:01.0238 3092 [ 247B4CE2DAB1160CD422D532D5241E1F ] CNG C:\windows\system32\Drivers\cng.sys
15:37:01.0253 3092 CNG - ok
15:37:01.0284 3092 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\windows\system32\DRIVERS\compbatt.sys
15:37:01.0284 3092 Compbatt - ok
15:37:01.0331 3092 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\windows\system32\drivers\CompositeBus.sys
15:37:01.0331 3092 CompositeBus - ok
15:37:01.0362 3092 COMSysApp - ok
15:37:01.0394 3092 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\windows\system32\DRIVERS\crcdisk.sys
15:37:01.0394 3092 crcdisk - ok
15:37:01.0456 3092 [ 96C0E38905CFD788313BE8E11DAE3F2F ] CryptSvc C:\windows\system32\cryptsvc.dll
15:37:01.0472 3092 CryptSvc - ok
15:37:01.0628 3092 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
15:37:01.0659 3092 cvhsvc - ok
15:37:01.0737 3092 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\windows\system32\rpcss.dll
15:37:01.0752 3092 DcomLaunch - ok
15:37:01.0784 3092 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\windows\System32\defragsvc.dll
15:37:01.0799 3092 defragsvc - ok
15:37:01.0862 3092 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\windows\system32\Drivers\dfsc.sys
15:37:01.0862 3092 DfsC - ok
15:37:01.0924 3092 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\windows\system32\dhcpcore.dll
15:37:01.0924 3092 Dhcp - ok
15:37:01.0971 3092 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\windows\system32\drivers\discache.sys
15:37:01.0971 3092 discache - ok
15:37:02.0018 3092 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\windows\system32\DRIVERS\disk.sys
15:37:02.0018 3092 Disk - ok
15:37:02.0064 3092 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\windows\System32\dnsrslvr.dll
15:37:02.0064 3092 Dnscache - ok
15:37:02.0127 3092 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\windows\System32\dot3svc.dll
15:37:02.0127 3092 dot3svc - ok
15:37:02.0174 3092 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\windows\system32\dps.dll
15:37:02.0174 3092 DPS - ok
15:37:02.0236 3092 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
15:37:02.0236 3092 drmkaud - ok
15:37:02.0267 3092 [ 687AF6BB383885FF6A64071B189A7F3E ] dtsoftbus01 C:\windows\system32\DRIVERS\dtsoftbus01.sys
15:37:02.0267 3092 dtsoftbus01 - ok
15:37:02.0330 3092 [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
15:37:02.0361 3092 DXGKrnl - ok
15:37:02.0408 3092 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\windows\System32\eapsvc.dll
15:37:02.0408 3092 EapHost - ok
15:37:02.0532 3092 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\windows\system32\DRIVERS\evbdx.sys
15:37:02.0626 3092 ebdrv - ok
15:37:02.0673 3092 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\windows\System32\lsass.exe
15:37:02.0673 3092 EFS - ok
15:37:02.0766 3092 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\windows\system32\DRIVERS\elxstor.sys
15:37:02.0782 3092 elxstor - ok
15:37:02.0798 3092 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\windows\system32\drivers\errdev.sys
15:37:02.0798 3092 ErrDev - ok
15:37:02.0844 3092 [ 7C87DF14552A5E0270DBD906BAFF85FB ] ETD C:\windows\system32\DRIVERS\ETD.sys
15:37:02.0844 3092 ETD - ok
15:37:02.0907 3092 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\windows\system32\es.dll
15:37:02.0907 3092 EventSystem - ok
15:37:02.0954 3092 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\windows\system32\drivers\exfat.sys
15:37:02.0954 3092 exfat - ok
15:37:02.0985 3092 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\windows\system32\drivers\fastfat.sys
15:37:02.0985 3092 fastfat - ok
15:37:03.0032 3092 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\windows\system32\fxssvc.exe
15:37:03.0063 3092 Fax - ok
15:37:03.0094 3092 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\windows\system32\DRIVERS\fdc.sys
15:37:03.0094 3092 fdc - ok
15:37:03.0125 3092 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\windows\system32\fdPHost.dll
15:37:03.0125 3092 fdPHost - ok
15:37:03.0141 3092 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\windows\system32\fdrespub.dll
15:37:03.0188 3092 FDResPub - ok
15:37:03.0219 3092 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
15:37:03.0219 3092 FileInfo - ok
15:37:03.0234 3092 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\windows\system32\drivers\filetrace.sys
15:37:03.0234 3092 Filetrace - ok
15:37:03.0266 3092 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\windows\system32\DRIVERS\flpydisk.sys
15:37:03.0266 3092 flpydisk - ok
15:37:03.0312 3092 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
15:37:03.0312 3092 FltMgr - ok
15:37:03.0437 3092 [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] FontCache C:\windows\system32\FntCache.dll
15:37:03.0500 3092 FontCache - ok
15:37:03.0546 3092 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
15:37:03.0546 3092 FontCache3.0.0.0 - ok
15:37:03.0593 3092 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\windows\system32\drivers\FsDepends.sys
15:37:03.0593 3092 FsDepends - ok
15:37:03.0624 3092 [ D909075FA72C090F27AA926C32CB4612 ] fssfltr C:\windows\system32\DRIVERS\fssfltr.sys
15:37:03.0640 3092 fssfltr - ok
15:37:03.0858 3092 [ 4CE9DAC1518FF7E77BD213E6394B9D77 ] fsssvc C:\Program Files\Windows Live\Family Safety\fsssvc.exe
15:37:03.0936 3092 fsssvc - ok
15:37:03.0983 3092 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
15:37:03.0983 3092 Fs_Rec - ok
15:37:04.0077 3092 [ 8A73E79089B282100B9393B644CB853B ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
15:37:04.0092 3092 fvevol - ok
15:37:04.0124 3092 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\windows\system32\DRIVERS\gagp30kx.sys
15:37:04.0124 3092 gagp30kx - ok
15:37:04.0170 3092 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\windows\System32\gpsvc.dll
15:37:04.0186 3092 gpsvc - ok
15:37:04.0202 3092 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
15:37:04.0202 3092 hcw85cir - ok
15:37:04.0295 3092 [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
15:37:04.0311 3092 HdAudAddService - ok
15:37:04.0358 3092 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\windows\system32\drivers\HDAudBus.sys
15:37:04.0358 3092 HDAudBus - ok
15:37:04.0389 3092 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\windows\system32\DRIVERS\HidBatt.sys
15:37:04.0389 3092 HidBatt - ok
15:37:04.0404 3092 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\windows\system32\DRIVERS\hidbth.sys
15:37:04.0404 3092 HidBth - ok
15:37:04.0420 3092 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\windows\system32\DRIVERS\hidir.sys
15:37:04.0420 3092 HidIr - ok
15:37:04.0467 3092 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\windows\system32\hidserv.dll
15:37:04.0467 3092 hidserv - ok
15:37:04.0498 3092 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\windows\system32\DRIVERS\hidusb.sys
15:37:04.0498 3092 HidUsb - ok
15:37:04.0545 3092 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\windows\system32\kmsvc.dll
15:37:04.0560 3092 hkmsvc - ok
15:37:04.0576 3092 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\windows\system32\ListSvc.dll
15:37:04.0592 3092 HomeGroupListener - ok
15:37:04.0638 3092 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\windows\system32\provsvc.dll
15:37:04.0638 3092 HomeGroupProvider - ok
15:37:04.0701 3092 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
15:37:04.0701 3092 HpSAMD - ok
15:37:04.0841 3092 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\windows\system32\drivers\HTTP.sys
15:37:04.0872 3092 HTTP - ok
15:37:04.0966 3092 [ 1FC7A63148E4F2BD831DAB0DC732026D ] hwdatacard C:\windows\system32\DRIVERS\ewusbmdm.sys
15:37:04.0982 3092 hwdatacard - ok
15:37:05.0060 3092 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
15:37:05.0060 3092 hwpolicy - ok
15:37:05.0138 3092 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\windows\system32\drivers\i8042prt.sys
15:37:05.0138 3092 i8042prt - ok
15:37:05.0231 3092 [ 7548066DF68A8A1A56B043359F915F37 ] IAANTMON C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
15:37:05.0262 3092 IAANTMON - ok
15:37:05.0294 3092 [ D483687EACE0C065EE772481A96E05F5 ] iaStor C:\windows\system32\DRIVERS\iaStor.sys
15:37:05.0294 3092 iaStor - ok
15:37:05.0387 3092 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\windows\system32\drivers\iaStorV.sys
15:37:05.0418 3092 iaStorV - ok
15:37:05.0512 3092 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
15:37:05.0559 3092 idsvc - ok
15:37:05.0902 3092 [ D0074897C6BC132F3980EA4654BF7FB9 ] igfx C:\windows\system32\DRIVERS\igdkmd32.sys
15:37:06.0074 3092 igfx - ok
15:37:06.0120 3092 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\windows\system32\DRIVERS\iirsp.sys
15:37:06.0120 3092 iirsp - ok
15:37:06.0183 3092 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\windows\System32\ikeext.dll
15:37:06.0214 3092 IKEEXT - ok
15:37:06.0354 3092 [ 947318C01C648A054A05DBD1C7F73E3B ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHDA.sys
15:37:06.0464 3092 IntcAzAudAddService - ok
15:37:06.0479 3092 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\windows\system32\drivers\intelide.sys
15:37:06.0479 3092 intelide - ok
15:37:06.0510 3092 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys
15:37:06.0510 3092 intelppm - ok
15:37:06.0557 3092 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\windows\system32\ipbusenum.dll
15:37:06.0557 3092 IPBusEnum - ok
15:37:06.0588 3092 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
15:37:06.0588 3092 IpFilterDriver - ok
15:37:06.0651 3092 [ 58F67245D041FBE7AF88F4EAF79DF0FA ] iphlpsvc C:\windows\System32\iphlpsvc.dll
15:37:06.0666 3092 iphlpsvc - ok
15:37:06.0713 3092 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys
15:37:06.0713 3092 IPMIDRV - ok
15:37:06.0729 3092 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\windows\system32\drivers\ipnat.sys
15:37:06.0744 3092 IPNAT - ok
15:37:06.0791 3092 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\windows\system32\drivers\irenum.sys
15:37:06.0791 3092 IRENUM - ok
15:37:06.0807 3092 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\windows\system32\drivers\isapnp.sys
15:37:06.0807 3092 isapnp - ok
15:37:06.0854 3092 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys
15:37:06.0854 3092 iScsiPrt - ok
15:37:06.0885 3092 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\windows\system32\drivers\kbdclass.sys
15:37:06.0885 3092 kbdclass - ok
15:37:06.0900 3092 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\windows\system32\drivers\kbdhid.sys
15:37:06.0916 3092 kbdhid - ok
15:37:06.0947 3092 [ 3EB803312987FF44265C87CB960DF6AB ] kbfiltr C:\windows\system32\DRIVERS\kbfiltr.sys
15:37:06.0947 3092 kbfiltr - ok
15:37:06.0963 3092 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\windows\system32\lsass.exe
15:37:06.0978 3092 KeyIso - ok
15:37:07.0010 3092 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
15:37:07.0010 3092 KSecDD - ok
15:37:07.0056 3092 [ D30159AC9237519FBC62C6EC247D2D46 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
15:37:07.0056 3092 KSecPkg - ok
15:37:07.0103 3092 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\windows\system32\msdtckrm.dll
15:37:07.0119 3092 KtmRm - ok
15:37:07.0150 3092 [ D1F734D9A7AAF078D88CEB51900699A7 ] L1C C:\windows\system32\DRIVERS\L1C62x86.sys
15:37:07.0150 3092 L1C - ok
15:37:07.0197 3092 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\windows\system32\srvsvc.dll
15:37:07.0212 3092 LanmanServer - ok
15:37:07.0244 3092 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\windows\System32\wkssvc.dll
15:37:07.0259 3092 LanmanWorkstation - ok
15:37:07.0306 3092 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
15:37:07.0306 3092 lltdio - ok
15:37:07.0337 3092 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\windows\System32\lltdsvc.dll
15:37:07.0353 3092 lltdsvc - ok
15:37:07.0368 3092 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\windows\System32\lmhsvc.dll
15:37:07.0384 3092 lmhosts - ok
15:37:07.0431 3092 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\windows\system32\DRIVERS\lsi_fc.sys
15:37:07.0431 3092 LSI_FC - ok
15:37:07.0446 3092 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\windows\system32\DRIVERS\lsi_sas.sys
15:37:07.0462 3092 LSI_SAS - ok
15:37:07.0478 3092 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\windows\system32\DRIVERS\lsi_sas2.sys
15:37:07.0493 3092 LSI_SAS2 - ok
15:37:07.0509 3092 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\windows\system32\DRIVERS\lsi_scsi.sys
15:37:07.0509 3092 LSI_SCSI - ok
15:37:07.0540 3092 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\windows\system32\drivers\luafv.sys
15:37:07.0540 3092 luafv - ok
15:37:07.0571 3092 [ 54ECB6A7354C3009BF64D08B8FC21307 ] massfilter C:\windows\system32\drivers\massfilter.sys
15:37:07.0571 3092 massfilter - ok
15:37:07.0602 3092 [ 38BFA8FA6D838CBAB58A1C2B49EBF96B ] massfilter_hs C:\windows\system32\drivers\massfilter_hs.sys
15:37:07.0602 3092 massfilter_hs - ok
15:37:07.0649 3092 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\windows\system32\DRIVERS\megasas.sys
15:37:07.0649 3092 megasas - ok
15:37:07.0680 3092 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\windows\system32\DRIVERS\MegaSR.sys
15:37:07.0680 3092 MegaSR - ok
15:37:07.0712 3092 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\windows\system32\mmcss.dll
15:37:07.0712 3092 MMCSS - ok
15:37:07.0743 3092 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\windows\system32\drivers\modem.sys
15:37:07.0743 3092 Modem - ok
15:37:07.0758 3092 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\windows\system32\DRIVERS\monitor.sys
15:37:07.0774 3092 monitor - ok
15:37:07.0805 3092 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\windows\system32\DRIVERS\mouclass.sys
15:37:07.0805 3092 mouclass - ok
15:37:07.0836 3092 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
15:37:07.0836 3092 mouhid - ok
15:37:07.0883 3092 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\windows\system32\drivers\mountmgr.sys
15:37:07.0883 3092 mountmgr - ok
15:37:07.0946 3092 [ 8BE15F71DE6FF33FC56DCDE7B2B9EFE8 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
15:37:07.0961 3092 MozillaMaintenance - ok
15:37:07.0992 3092 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\windows\system32\drivers\mpio.sys
15:37:07.0992 3092 mpio - ok
15:37:08.0039 3092 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
15:37:08.0039 3092 mpsdrv - ok
15:37:08.0086 3092 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\windows\system32\mpssvc.dll
15:37:08.0117 3092 MpsSvc - ok
15:37:08.0148 3092 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
15:37:08.0148 3092 MRxDAV - ok
15:37:08.0195 3092 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
15:37:08.0211 3092 mrxsmb - ok
15:37:08.0242 3092 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
15:37:08.0242 3092 mrxsmb10 - ok
15:37:08.0273 3092 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
15:37:08.0273 3092 mrxsmb20 - ok
15:37:08.0304 3092 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\windows\system32\drivers\msahci.sys
15:37:08.0304 3092 msahci - ok
15:37:08.0336 3092 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\windows\system32\drivers\msdsm.sys
15:37:08.0336 3092 msdsm - ok
15:37:08.0382 3092 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\windows\System32\msdtc.exe
15:37:08.0398 3092 MSDTC - ok
15:37:08.0445 3092 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\windows\system32\drivers\Msfs.sys
15:37:08.0445 3092 Msfs - ok
15:37:08.0460 3092 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
15:37:08.0460 3092 mshidkmdf - ok
15:37:08.0507 3092 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\windows\system32\drivers\msisadrv.sys
15:37:08.0507 3092 msisadrv - ok
15:37:08.0554 3092 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\windows\system32\iscsiexe.dll
15:37:08.0554 3092 MSiSCSI - ok
15:37:08.0570 3092 msiserver - ok
15:37:08.0585 3092 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
15:37:08.0601 3092 MSKSSRV - ok
15:37:08.0616 3092 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
15:37:08.0632 3092 MSPCLOCK - ok
15:37:08.0648 3092 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
15:37:08.0648 3092 MSPQM - ok
15:37:08.0679 3092 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\windows\system32\drivers\MsRPC.sys
15:37:08.0694 3092 MsRPC - ok
15:37:08.0757 3092 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\windows\system32\drivers\mssmbios.sys
15:37:08.0772 3092 mssmbios - ok
15:37:08.0788 3092 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\windows\system32\drivers\MSTEE.sys
15:37:08.0788 3092 MSTEE - ok
15:37:08.0819 3092 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\windows\system32\DRIVERS\MTConfig.sys
15:37:08.0819 3092 MTConfig - ok
15:37:08.0835 3092 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\windows\system32\Drivers\mup.sys
15:37:08.0835 3092 Mup - ok
15:37:08.0882 3092 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\windows\system32\qagentRT.dll
15:37:08.0913 3092 napagent - ok
15:37:08.0944 3092 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
15:37:08.0944 3092 NativeWifiP - ok
15:37:09.0006 3092 [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS C:\windows\system32\drivers\ndis.sys
15:37:09.0022 3092 NDIS - ok
15:37:09.0053 3092 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
15:37:09.0069 3092 NdisCap - ok
15:37:09.0084 3092 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
15:37:09.0084 3092 NdisTapi - ok
15:37:09.0147 3092 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
15:37:09.0147 3092 Ndisuio - ok
15:37:09.0194 3092 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
15:37:09.0194 3092 NdisWan - ok
15:37:09.0209 3092 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\windows\system32\drivers\NDProxy.sys
15:37:09.0225 3092 NDProxy - ok
15:37:09.0272 3092 [ 69C503C004F49AEE8B8E3067CC047BA7 ] Net Driver HPZ12 C:\windows\system32\HPZinw12.dll
15:37:09.0272 3092 Net Driver HPZ12 - ok
15:37:09.0303 3092 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
15:37:09.0303 3092 NetBIOS - ok
15:37:09.0350 3092 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
15:37:09.0365 3092 NetBT - ok
15:37:09.0381 3092 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\windows\system32\lsass.exe
15:37:09.0381 3092 Netlogon - ok
15:37:09.0428 3092 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\windows\System32\netman.dll
15:37:09.0443 3092 Netman - ok
15:37:09.0459 3092 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\windows\System32\netprofm.dll
15:37:09.0474 3092 netprofm - ok
15:37:09.0521 3092 [ F476EC40033CDB91EFBE73EB99B8362D ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:37:09.0521 3092 NetTcpPortSharing - ok
15:37:09.0552 3092 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\windows\system32\DRIVERS\nfrd960.sys
15:37:09.0552 3092 nfrd960 - ok
15:37:09.0599 3092 [ 374071043F9E4231EE43BE2BB48DD36D ] NlaSvc C:\windows\System32\nlasvc.dll
15:37:09.0599 3092 NlaSvc - ok
15:37:09.0646 3092 [ B0A67DE1A128389AEA4D42C5A56215FD ] nmwcd C:\windows\system32\drivers\ccdcmb.sys
15:37:09.0646 3092 nmwcd - ok
15:37:09.0677 3092 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\windows\system32\drivers\Npfs.sys
15:37:09.0677 3092 Npfs - ok
15:37:09.0708 3092 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\windows\system32\nsisvc.dll
15:37:09.0724 3092 nsi - ok
15:37:09.0740 3092 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
15:37:09.0740 3092 nsiproxy - ok
15:37:09.0818 3092 [ 0D87503986BB3DFED58E343FE39DDE13 ] Ntfs C:\windows\system32\drivers\Ntfs.sys
15:37:09.0864 3092 Ntfs - ok
15:37:09.0911 3092 [ F9756A98D69098DCA8945D62858A812C ] Null C:\windows\system32\drivers\Null.sys
15:37:09.0911 3092 Null - ok
15:37:09.0942 3092 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\windows\system32\drivers\nvraid.sys
15:37:09.0942 3092 nvraid - ok
15:37:09.0974 3092 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\windows\system32\drivers\nvstor.sys
15:37:09.0974 3092 nvstor - ok
15:37:10.0020 3092 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\windows\system32\drivers\nv_agp.sys
15:37:10.0020 3092 nv_agp - ok
15:37:10.0052 3092 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\windows\system32\drivers\ohci1394.sys
15:37:10.0052 3092 ohci1394 - ok
15:37:10.0083 3092 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:37:10.0098 3092 ose - ok
15:37:10.0254 3092 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
15:37:10.0395 3092 osppsvc - ok
15:37:10.0457 3092 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\windows\system32\pnrpsvc.dll
15:37:10.0457 3092 p2pimsvc - ok
15:37:10.0504 3092 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\windows\system32\p2psvc.dll
15:37:10.0520 3092 p2psvc - ok
15:37:10.0551 3092 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\windows\system32\DRIVERS\parport.sys
15:37:10.0566 3092 Parport - ok
15:37:10.0598 3092 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\windows\system32\drivers\partmgr.sys
15:37:10.0613 3092 partmgr - ok
15:37:10.0629 3092 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\windows\system32\DRIVERS\parvdm.sys
15:37:10.0644 3092 Parvdm - ok
15:37:10.0660 3092 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\windows\System32\pcasvc.dll
15:37:10.0676 3092 PcaSvc - ok
15:37:10.0707 3092 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\windows\system32\drivers\pci.sys
15:37:10.0722 3092 pci - ok
15:37:10.0738 3092 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\windows\system32\drivers\pciide.sys
15:37:10.0738 3092 pciide - ok
15:37:10.0769 3092 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\windows\system32\DRIVERS\pcmcia.sys
15:37:10.0769 3092 pcmcia - ok
15:37:10.0800 3092 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\windows\system32\drivers\pcw.sys
15:37:10.0800 3092 pcw - ok
15:37:10.0847 3092 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\windows\system32\drivers\peauth.sys
15:37:10.0878 3092 PEAUTH - ok
15:37:11.0003 3092 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\windows\system32\pla.dll
15:37:11.0081 3092 pla - ok
15:37:11.0112 3092 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\windows\system32\umpnpmgr.dll
15:37:11.0144 3092 PlugPlay - ok
15:37:11.0175 3092 [ 12B4549D515CB26BB8D375038017CA65 ] Pml Driver HPZ12 C:\windows\system32\HPZipm12.dll
15:37:11.0190 3092 Pml Driver HPZ12 - ok
15:37:11.0222 3092 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
15:37:11.0222 3092 PNRPAutoReg - ok
15:37:11.0253 3092 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\windows\system32\pnrpsvc.dll
15:37:11.0268 3092 PNRPsvc - ok
15:37:11.0315 3092 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\windows\System32\ipsecsvc.dll
15:37:11.0331 3092 PolicyAgent - ok
15:37:11.0346 3092 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\windows\system32\umpo.dll
15:37:11.0362 3092 Power - ok
15:37:11.0409 3092 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
15:37:11.0409 3092 PptpMiniport - ok
15:37:11.0424 3092 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\windows\system32\DRIVERS\processr.sys
15:37:11.0424 3092 Processor - ok
15:37:11.0471 3092 [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:\windows\system32\profsvc.dll
15:37:11.0471 3092 ProfSvc - ok
15:37:11.0502 3092 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\windows\system32\lsass.exe
15:37:11.0502 3092 ProtectedStorage - ok
15:37:11.0534 3092 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\windows\system32\DRIVERS\pacer.sys
15:37:11.0534 3092 Psched - ok
15:37:11.0580 3092 [ 0C8DA0A8B0D227319C285E0EAE65DEFD ] PxHelp20 C:\windows\system32\Drivers\PxHelp20.sys
15:37:11.0580 3092 PxHelp20 - ok
15:37:11.0643 3092 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\windows\system32\DRIVERS\ql2300.sys
15:37:11.0690 3092 ql2300 - ok
15:37:11.0736 3092 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\windows\system32\DRIVERS\ql40xx.sys
15:37:11.0736 3092 ql40xx - ok
15:37:11.0783 3092 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\windows\system32\qwave.dll
15:37:11.0783 3092 QWAVE - ok
15:37:11.0814 3092 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
15:37:11.0814 3092 QWAVEdrv - ok
15:37:11.0830 3092 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
15:37:11.0846 3092 RasAcd - ok
15:37:11.0861 3092 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
15:37:11.0861 3092 RasAgileVpn - ok
15:37:11.0877 3092 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\windows\System32\rasauto.dll
15:37:11.0892 3092 RasAuto - ok
15:37:11.0908 3092 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
15:37:11.0908 3092 Rasl2tp - ok
15:37:11.0970 3092 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\windows\System32\rasmans.dll
15:37:11.0986 3092 RasMan - ok
15:37:12.0017 3092 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
15:37:12.0017 3092 RasPppoe - ok
15:37:12.0048 3092 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
15:37:12.0048 3092 RasSstp - ok
15:37:12.0080 3092 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
15:37:12.0080 3092 rdbss - ok
15:37:12.0111 3092 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\windows\system32\DRIVERS\rdpbus.sys
15:37:12.0111 3092 rdpbus - ok
15:37:12.0158 3092 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
15:37:12.0158 3092 RDPCDD - ok
15:37:12.0189 3092 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
15:37:12.0204 3092 RDPENCDD - ok
15:37:12.0236 3092 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
15:37:12.0236 3092 RDPREFMP - ok
15:37:12.0267 3092 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\windows\system32\drivers\RDPWD.sys
15:37:12.0267 3092 RDPWD - ok
15:37:12.0329 3092 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\windows\system32\drivers\rdyboost.sys
15:37:12.0345 3092 rdyboost - ok
15:37:12.0376 3092 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\windows\System32\mprdim.dll
15:37:12.0376 3092 RemoteAccess - ok
15:37:12.0423 3092 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\windows\system32\regsvc.dll
15:37:12.0423 3092 RemoteRegistry - ok
15:37:12.0454 3092 [ CB928D9E6DAF51879DD6BA8D02F01321 ] RFCOMM C:\windows\system32\DRIVERS\rfcomm.sys
15:37:12.0454 3092 RFCOMM - ok
15:37:12.0470 3092 rootrepeal - ok
15:37:12.0501 3092 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
15:37:12.0516 3092 RpcEptMapper - ok
15:37:12.0548 3092 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\windows\system32\locator.exe
15:37:12.0548 3092 RpcLocator - ok
15:37:12.0594 3092 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\windows\system32\rpcss.dll
15:37:12.0610 3092 RpcSs - ok
15:37:12.0657 3092 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
15:37:12.0657 3092 rspndr - ok
15:37:12.0688 3092 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\windows\system32\lsass.exe
15:37:12.0688 3092 SamSs - ok
15:37:12.0719 3092 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\windows\system32\drivers\sbp2port.sys
15:37:12.0719 3092 sbp2port - ok
15:37:12.0766 3092 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\windows\System32\SCardSvr.dll
15:37:12.0782 3092 SCardSvr - ok
15:37:12.0828 3092 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
15:37:12.0828 3092 scfilter - ok
15:37:12.0891 3092 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\windows\system32\schedsvc.dll
15:37:12.0922 3092 Schedule - ok
15:37:12.0953 3092 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\windows\System32\certprop.dll
15:37:12.0953 3092 SCPolicySvc - ok
15:37:12.0984 3092 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\windows\System32\SDRSVC.dll
15:37:13.0000 3092 SDRSVC - ok
15:37:13.0031 3092 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\windows\system32\drivers\secdrv.sys
15:37:13.0031 3092 secdrv - ok
15:37:13.0062 3092 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\windows\system32\seclogon.dll
15:37:13.0062 3092 seclogon - ok
15:37:13.0094 3092 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\windows\System32\sens.dll
15:37:13.0109 3092 SENS - ok
15:37:13.0125 3092 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\windows\system32\DRIVERS\serenum.sys
15:37:13.0125 3092 Serenum - ok
15:37:13.0156 3092 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\windows\system32\DRIVERS\serial.sys
15:37:13.0172 3092 Serial - ok
15:37:13.0203 3092 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\windows\system32\DRIVERS\sermouse.sys
15:37:13.0203 3092 sermouse - ok
15:37:13.0281 3092 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\windows\system32\sessenv.dll
15:37:13.0281 3092 SessionEnv - ok
15:37:13.0312 3092 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\windows\system32\drivers\sffdisk.sys
15:37:13.0328 3092 sffdisk - ok
15:37:13.0343 3092 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys
15:37:13.0343 3092 sffp_mmc - ok
15:37:13.0359 3092 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys
15:37:13.0374 3092 sffp_sd - ok
15:37:13.0390 3092 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\windows\system32\DRIVERS\sfloppy.sys
15:37:13.0390 3092 sfloppy - ok
15:37:13.0452 3092 [ D9B734638DD8DBA9D59AAD3189CD0FAD ] Sftfs C:\windows\system32\DRIVERS\Sftfslh.sys
15:37:13.0484 3092 Sftfs - ok
15:37:13.0546 3092 [ CB73BC422C07FB611F194DA18D1E7F36 ] sftlist C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
15:37:13.0577 3092 sftlist - ok
15:37:13.0608 3092 [ 2F61BD46C0BFF4EB36E1E359CA17BFC5 ] Sftplay C:\windows\system32\DRIVERS\Sftplaylh.sys
15:37:13.0608 3092 Sftplay - ok
15:37:13.0640 3092 [ 518BAC0179F94304F422696B47C0EC12 ] Sftredir C:\windows\system32\DRIVERS\Sftredirlh.sys
15:37:13.0640 3092 Sftredir - ok
15:37:13.0671 3092 [ 747325236D88B3F05FFD27FF9EC711C5 ] Sftvol C:\windows\system32\DRIVERS\Sftvollh.sys
15:37:13.0671 3092 Sftvol - ok
15:37:13.0702 3092 [ A5812F0281CA5081BF696626F9BF324D ] sftvsa C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
15:37:13.0718 3092 sftvsa - ok
15:37:13.0764 3092 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\windows\System32\ipnathlp.dll
15:37:13.0764 3092 SharedAccess - ok
15:37:13.0796 3092 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\windows\System32\shsvcs.dll
15:37:13.0827 3092 ShellHWDetection - ok
15:37:13.0842 3092 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\windows\system32\drivers\sisagp.sys
15:37:13.0858 3092 sisagp - ok
15:37:13.0889 3092 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\windows\system32\DRIVERS\SiSRaid2.sys
15:37:13.0889 3092 SiSRaid2 - ok
15:37:13.0920 3092 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\windows\system32\DRIVERS\sisraid4.sys
15:37:13.0920 3092 SiSRaid4 - ok
15:37:13.0998 3092 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
15:37:14.0014 3092 SkypeUpdate - ok
15:37:14.0045 3092 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\windows\system32\DRIVERS\smb.sys
15:37:14.0045 3092 Smb - ok
15:37:14.0092 3092 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\windows\System32\snmptrap.exe
15:37:14.0108 3092 SNMPTRAP - ok
15:37:14.0139 3092 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\windows\system32\drivers\spldr.sys
15:37:14.0154 3092 spldr - ok
15:37:14.0201 3092 [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler C:\windows\System32\spoolsv.exe
15:37:14.0232 3092 Spooler - ok
15:37:14.0326 3092 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\windows\system32\sppsvc.exe
15:37:14.0435 3092 sppsvc - ok
15:37:14.0466 3092 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\windows\system32\sppuinotify.dll
15:37:14.0482 3092 sppuinotify - ok
15:37:14.0513 3092 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\windows\system32\DRIVERS\srv.sys
15:37:14.0529 3092 srv - ok
15:37:14.0560 3092 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\windows\system32\DRIVERS\srv2.sys
15:37:14.0560 3092 srv2 - ok
15:37:14.0591 3092 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
15:37:14.0591 3092 srvnet - ok
15:37:14.0622 3092 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
15:37:14.0654 3092 SSDPSRV - ok
15:37:14.0700 3092 [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv C:\windows\system32\DRIVERS\ssmdrv.sys
15:37:14.0716 3092 ssmdrv - ok
15:37:14.0732 3092 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\windows\system32\sstpsvc.dll
15:37:14.0747 3092 SstpSvc - ok
15:37:14.0810 3092 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\windows\system32\DRIVERS\stexstor.sys
15:37:14.0810 3092 stexstor - ok
15:37:14.0856 3092 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\windows\System32\wiaservc.dll
15:37:14.0888 3092 StiSvc - ok
15:37:14.0919 3092 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\windows\system32\drivers\swenum.sys
15:37:14.0919 3092 swenum - ok
15:37:14.0966 3092 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\windows\System32\swprv.dll
15:37:14.0981 3092 swprv - ok
15:37:15.0044 3092 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\windows\system32\sysmain.dll
15:37:15.0090 3092 SysMain - ok
15:37:15.0122 3092 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\windows\System32\TabSvc.dll
15:37:15.0137 3092 TabletInputService - ok
15:37:15.0168 3092 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\windows\System32\tapisrv.dll
15:37:15.0184 3092 TapiSrv - ok
15:37:15.0215 3092 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\windows\System32\tbssvc.dll
15:37:15.0231 3092 TBS - ok
15:37:15.0293 3092 [ E23A56F843E2AEBBB209D0ACCA73C640 ] Tcpip C:\windows\system32\drivers\tcpip.sys
15:37:15.0340 3092 Tcpip - ok
15:37:15.0402 3092 [ E23A56F843E2AEBBB209D0ACCA73C640 ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
15:37:15.0418 3092 TCPIP6 - ok
15:37:15.0480 3092 [ 3EEBD3BD93DA46A26E89893C7AB2FF3B ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
15:37:15.0480 3092 tcpipreg - ok
15:37:15.0527 3092 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
15:37:15.0527 3092 TDPIPE - ok
15:37:15.0558 3092 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
15:37:15.0574 3092 TDTCP - ok
15:37:15.0605 3092 [ B459575348C20E8121D6039DA063C704 ] tdx C:\windows\system32\DRIVERS\tdx.sys
15:37:15.0605 3092 tdx - ok
15:37:15.0636 3092 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\windows\system32\drivers\termdd.sys
15:37:15.0636 3092 TermDD - ok
15:37:15.0683 3092 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\windows\System32\termsrv.dll
15:37:15.0714 3092 TermService - ok
15:37:15.0792 3092 [ 46B389E1A1C8E66D877402FC0821A371 ] TGCM_ImportWiFiSvc C:\Program Files\o2\Mobile Connection Manager\ImpWiFiSvc.exe
15:37:15.0792 3092 TGCM_ImportWiFiSvc - ok
15:37:15.0824 3092 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\windows\system32\themeservice.dll
15:37:15.0824 3092 Themes - ok
15:37:15.0839 3092 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\windows\system32\mmcss.dll
15:37:15.0855 3092 THREADORDER - ok
15:37:15.0886 3092 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\windows\System32\trkwks.dll
15:37:15.0902 3092 TrkWks - ok
15:37:15.0964 3092 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
15:37:15.0980 3092 TrustedInstaller - ok
15:37:16.0011 3092 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
15:37:16.0011 3092 tssecsrv - ok
15:37:16.0058 3092 [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
15:37:16.0058 3092 TsUsbFlt - ok
15:37:16.0104 3092 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
15:37:16.0104 3092 tunnel - ok
15:37:16.0151 3092 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\windows\system32\DRIVERS\uagp35.sys
15:37:16.0151 3092 uagp35 - ok
15:37:16.0182 3092 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\windows\system32\DRIVERS\udfs.sys
15:37:16.0182 3092 udfs - ok
15:37:16.0229 3092 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\windows\system32\UI0Detect.exe
15:37:16.0245 3092 UI0Detect - ok
15:37:16.0292 3092 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
15:37:16.0292 3092 uliagpkx - ok
15:37:16.0338 3092 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\windows\system32\drivers\umbus.sys
15:37:16.0338 3092 umbus - ok
15:37:16.0354 3092 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\windows\system32\DRIVERS\umpass.sys
15:37:16.0370 3092 UmPass - ok
15:37:16.0401 3092 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\windows\System32\upnphost.dll
15:37:16.0416 3092 upnphost - ok
15:37:16.0463 3092 [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
15:37:16.0463 3092 usbccgp - ok
15:37:16.0494 3092 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\windows\system32\drivers\usbcir.sys
15:37:16.0494 3092 usbcir - ok
15:37:16.0526 3092 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\windows\system32\drivers\usbehci.sys
15:37:16.0526 3092 usbehci - ok
15:37:16.0557 3092 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
15:37:16.0572 3092 usbhub - ok
15:37:16.0588 3092 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci C:\windows\system32\drivers\usbohci.sys
15:37:16.0588 3092 usbohci - ok
15:37:16.0619 3092 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\windows\system32\DRIVERS\usbprint.sys
15:37:16.0635 3092 usbprint - ok
15:37:16.0666 3092 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
15:37:16.0666 3092 USBSTOR - ok
15:37:16.0697 3092 [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci C:\windows\system32\drivers\usbuhci.sys
15:37:16.0697 3092 usbuhci - ok
15:37:16.0728 3092 [ 45F4E7BF43DB40A6C6B4D92C76CBC3F2 ] usbvideo C:\windows\System32\Drivers\usbvideo.sys
15:37:16.0744 3092 usbvideo - ok
15:37:16.0775 3092 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\windows\System32\uxsms.dll
15:37:16.0775 3092 UxSms - ok
15:37:16.0791 3092 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\windows\system32\lsass.exe
15:37:16.0806 3092 VaultSvc - ok
15:37:16.0822 3092 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
15:37:16.0838 3092 vdrvroot - ok
15:37:16.0869 3092 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\windows\System32\vds.exe
15:37:16.0900 3092 vds - ok
15:37:16.0931 3092 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\windows\system32\DRIVERS\vgapnp.sys
15:37:16.0931 3092 vga - ok
15:37:16.0962 3092 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\windows\System32\drivers\vga.sys
15:37:16.0962 3092 VgaSave - ok
15:37:16.0994 3092 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\windows\system32\drivers\vhdmp.sys
15:37:16.0994 3092 vhdmp - ok
15:37:17.0040 3092 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\windows\system32\drivers\viaagp.sys
15:37:17.0040 3092 viaagp - ok
15:37:17.0072 3092 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\windows\system32\DRIVERS\viac7.sys
15:37:17.0072 3092 ViaC7 - ok
15:37:17.0103 3092 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\windows\system32\drivers\viaide.sys
15:37:17.0103 3092 viaide - ok
15:37:17.0134 3092 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\windows\system32\drivers\volmgr.sys
15:37:17.0134 3092 volmgr - ok
15:37:17.0181 3092 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\windows\system32\drivers\volmgrx.sys
15:37:17.0181 3092 volmgrx - ok
15:37:17.0212 3092 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\windows\system32\drivers\volsnap.sys
15:37:17.0228 3092 volsnap - ok
15:37:17.0259 3092 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\windows\system32\DRIVERS\vsmraid.sys
15:37:17.0259 3092 vsmraid - ok
15:37:17.0337 3092 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\windows\system32\vssvc.exe
15:37:17.0399 3092 VSS - ok
15:37:17.0415 3092 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
15:37:17.0415 3092 vwifibus - ok
15:37:17.0446 3092 [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
15:37:17.0446 3092 vwififlt - ok
15:37:17.0493 3092 [ A3F04CBEA6C2A10E6CB01F8B47611882 ] vwifimp C:\windows\system32\DRIVERS\vwifimp.sys
15:37:17.0508 3092 vwifimp - ok
15:37:17.0555 3092 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\windows\system32\w32time.dll
15:37:17.0571 3092 W32Time - ok
15:37:17.0602 3092 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\windows\system32\DRIVERS\wacompen.sys
15:37:17.0602 3092 WacomPen - ok
15:37:17.0633 3092 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
15:37:17.0633 3092 WANARP - ok
15:37:17.0649 3092 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
15:37:17.0649 3092 Wanarpv6 - ok
15:37:17.0711 3092 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\windows\system32\wbengine.exe
15:37:17.0758 3092 wbengine - ok
15:37:17.0789 3092 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\windows\System32\wbiosrvc.dll
15:37:17.0805 3092 WbioSrvc - ok
15:37:17.0852 3092 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\windows\System32\wcncsvc.dll
15:37:17.0867 3092 wcncsvc - ok
15:37:17.0898 3092 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
15:37:17.0914 3092 WcsPlugInService - ok
15:37:17.0945 3092 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\windows\system32\DRIVERS\wd.sys
15:37:17.0945 3092 Wd - ok
15:37:17.0992 3092 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
15:37:18.0008 3092 Wdf01000 - ok
15:37:18.0039 3092 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\windows\system32\wdi.dll
15:37:18.0054 3092 WdiServiceHost - ok
15:37:18.0070 3092 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\windows\system32\wdi.dll
15:37:18.0086 3092 WdiSystemHost - ok
15:37:18.0132 3092 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\windows\System32\webclnt.dll
15:37:18.0148 3092 WebClient - ok
15:37:18.0195 3092 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\windows\system32\wecsvc.dll
15:37:18.0195 3092 Wecsvc - ok
15:37:18.0226 3092 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\windows\System32\wercplsupport.dll
15:37:18.0226 3092 wercplsupport - ok
15:37:18.0257 3092 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\windows\System32\WerSvc.dll
15:37:18.0273 3092 WerSvc - ok
15:37:18.0304 3092 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
15:37:18.0320 3092 WfpLwf - ok
15:37:18.0335 3092 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\windows\system32\drivers\wimmount.sys
15:37:18.0351 3092 WIMMount - ok
15:37:18.0413 3092 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
15:37:18.0460 3092 WinDefend - ok
15:37:18.0476 3092 WinHttpAutoProxySvc - ok
15:37:18.0554 3092 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
15:37:18.0569 3092 Winmgmt - ok
15:37:18.0616 3092 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\windows\system32\WsmSvc.dll
15:37:18.0663 3092 WinRM - ok
15:37:18.0741 3092 [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb C:\windows\system32\DRIVERS\WinUsb.sys
15:37:18.0756 3092 WinUsb - ok
15:37:18.0803 3092 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\windows\System32\wlansvc.dll
15:37:18.0834 3092 Wlansvc - ok
15:37:18.0897 3092 [ 6067ACEF367E79914AF628FA1E9B5330 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
15:37:18.0897 3092 wlcrasvc - ok
15:37:19.0006 3092 [ 0A70F4022EC2E14C159EFC4F69AA2477 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
15:37:19.0084 3092 wlidsvc - ok
15:37:19.0178 3092 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\windows\system32\drivers\wmiacpi.sys
15:37:19.0178 3092 WmiAcpi - ok
15:37:19.0224 3092 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
15:37:19.0224 3092 wmiApSrv - ok
15:37:19.0427 3092 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
15:37:19.0458 3092 WMPNetworkSvc - ok
15:37:19.0505 3092 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\windows\System32\wpcsvc.dll
15:37:19.0521 3092 WPCSvc - ok
15:37:19.0568 3092 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
15:37:19.0568 3092 WPDBusEnum - ok
15:37:19.0646 3092 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
15:37:19.0646 3092 ws2ifsl - ok
15:37:19.0692 3092 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\windows\System32\wscsvc.dll
15:37:19.0708 3092 wscsvc - ok
15:37:19.0708 3092 WSearch - ok
15:37:19.0786 3092 [ BAEDC491374DEFD5E76336901D6D397D ] wsvd C:\windows\system32\DRIVERS\wsvd.sys
15:37:19.0786 3092 wsvd - ok
15:37:19.0942 3092 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\windows\system32\wuaueng.dll
15:37:20.0020 3092 wuauserv - ok
15:37:20.0067 3092 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\windows\system32\drivers\WudfPf.sys
15:37:20.0067 3092 WudfPf - ok
15:37:20.0114 3092 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
15:37:20.0114 3092 WUDFRd - ok
15:37:20.0160 3092 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\windows\System32\WUDFSvc.dll
15:37:20.0176 3092 wudfsvc - ok
15:37:20.0223 3092 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\windows\System32\wwansvc.dll
15:37:20.0254 3092 WwanSvc - ok
15:37:20.0332 3092 [ 19F17ECC68439C51497F1156C7F90B24 ] ZTEusbmdm6k C:\windows\system32\DRIVERS\ZTEusbmdm6k.sys
15:37:20.0348 3092 ZTEusbmdm6k - ok
15:37:20.0363 3092 [ 19F17ECC68439C51497F1156C7F90B24 ] ZTEusbnmea C:\windows\system32\DRIVERS\ZTEusbnmea.sys
15:37:20.0379 3092 ZTEusbnmea - ok
15:37:20.0394 3092 [ 19F17ECC68439C51497F1156C7F90B24 ] ZTEusbser6k C:\windows\system32\DRIVERS\ZTEusbser6k.sys
15:37:20.0410 3092 ZTEusbser6k - ok
15:37:20.0457 3092 ================ Scan global ===============================
15:37:20.0504 3092 [ DAB748AE0439955ED2FA22357533DDDB ] C:\windows\system32\basesrv.dll
15:37:20.0550 3092 [ 48CB4FDBCAAEAC7BCE2F5941545FF071 ] C:\windows\system32\winsrv.dll
15:37:20.0566 3092 [ 48CB4FDBCAAEAC7BCE2F5941545FF071 ] C:\windows\system32\winsrv.dll
15:37:20.0628 3092 [ 364455805E64882844EE9ACB72522830 ] C:\windows\system32\sxssrv.dll
15:37:20.0675 3092 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\windows\system32\services.exe
15:37:20.0691 3092 [Global] - ok
15:37:20.0691 3092 ================ Scan MBR ==================================
15:37:20.0706 3092 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
15:37:20.0987 3092 \Device\Harddisk0\DR0 - ok
15:37:21.0003 3092 ================ Scan VBR ==================================
15:37:21.0003 3092 [ DCCC49FFEB794B65ADC663447AE89929 ] \Device\Harddisk0\DR0\Partition1
15:37:21.0003 3092 \Device\Harddisk0\DR0\Partition1 - ok
15:37:21.0034 3092 [ C0CB741593A9ADF1AFE3B1244B8EFD3B ] \Device\Harddisk0\DR0\Partition2
15:37:21.0050 3092 \Device\Harddisk0\DR0\Partition2 - ok
15:37:21.0050 3092 ============================================================
15:37:21.0050 3092 Scan finished
15:37:21.0050 3092 ============================================================
15:37:21.0081 3256 Detected object count: 0
15:37:21.0081 3256 Actual detected object count: 0
15:37:48.0771 2544 Deinitialize success






---------------------------------





ComboFix izvestaj:
ComboFix 12-11-23.02 - Nesha 11/24/2012 15:46:30.1.4 - x86
Microsoft Windows 7 Starter 6.1.7601.1.1252.1.1033.18.1014.347 [GMT 1:00]
Running from: c:\users\Nesha\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\$recycle.bin\S-1-5-21-2529278628-111823672-645106489-1000\$f98399a27a84c1de3389a3c85eb5a762\@
c:\$recycle.bin\S-1-5-21-2529278628-111823672-645106489-1000\$f98399a27a84c1de3389a3c85eb5a762\n
c:\$recycle.bin\S-1-5-21-2529278628-111823672-645106489-1000\$f98399a27a84c1de3389a3c85eb5a762\U\00000001.@
c:\$recycle.bin\S-1-5-21-2529278628-111823672-645106489-1000\$f98399a27a84c1de3389a3c85eb5a762\U\80000000.@
c:\$recycle.bin\S-1-5-21-2529278628-111823672-645106489-1000\$f98399a27a84c1de3389a3c85eb5a762\U\800000cb.@
c:\programdata\FullRemove.exe
.
.
((((((((((((((((((((((((( Files Created from 2012-10-24 to 2012-11-24 )))))))))))))))))))))))))))))))
.
.
2012-11-24 15:00 . 2012-11-24 15:01 -------- d-----w- c:\users\Nesha\AppData\Local\temp
2012-11-24 15:00 . 2012-11-24 15:00 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-11-24 12:46 . 2012-11-24 14:35 -------- d-----w- c:\programdata\MCShield
2012-11-24 12:46 . 2012-11-24 12:47 -------- d-----w- c:\program files\MCShield
2012-11-24 04:48 . 2012-11-24 12:30 60872 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{18D8405B-DEB8-4F9D-A141-AD86768D865E}\offreg.dll
2012-11-23 18:14 . 2012-11-08 18:00 6812136 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{18D8405B-DEB8-4F9D-A141-AD86768D865E}\mpengine.dll
2012-11-18 02:04 . 2012-07-26 03:39 526952 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2012-11-18 02:04 . 2012-07-26 03:39 47720 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2012-11-18 02:04 . 2012-07-26 02:46 9728 ----a-w- c:\windows\system32\Wdfres.dll
2012-11-18 02:03 . 2012-07-26 02:33 66560 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2012-11-18 02:03 . 2012-07-26 02:32 155136 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2012-11-18 02:03 . 2012-07-26 03:20 73216 ----a-w- c:\windows\system32\WUDFSvc.dll
2012-11-18 02:03 . 2012-07-26 03:20 172032 ----a-w- c:\windows\system32\WUDFPlatform.dll
2012-11-18 02:03 . 2012-07-26 03:21 196608 ----a-w- c:\windows\system32\WUDFHost.exe
2012-11-18 02:03 . 2012-07-26 03:20 613888 ----a-w- c:\windows\system32\WUDFx.dll
2012-11-18 02:03 . 2012-07-26 03:20 38912 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2012-11-16 16:20 . 2012-10-03 16:58 1293680 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-11-16 16:20 . 2012-10-03 16:42 156672 ----a-w- c:\windows\system32\ncsi.dll
2012-11-16 16:20 . 2012-10-03 16:40 499712 ----a-w- c:\windows\system32\iphlpsvc.dll
2012-11-16 16:20 . 2012-10-03 16:42 52224 ----a-w- c:\windows\system32\nlaapi.dll
2012-11-16 16:20 . 2012-10-03 16:42 242176 ----a-w- c:\windows\system32\nlasvc.dll
2012-11-16 16:20 . 2012-10-03 16:42 18944 ----a-w- c:\windows\system32\netevent.dll
2012-11-16 16:20 . 2012-10-03 16:42 175104 ----a-w- c:\windows\system32\netcorehc.dll
2012-11-16 16:20 . 2012-10-03 15:21 35328 ----a-w- c:\windows\system32\drivers\tcpipreg.sys
2012-11-16 16:19 . 2012-09-25 22:47 78336 ----a-w- c:\windows\system32\synceng.dll
2012-11-16 16:19 . 2012-10-18 17:59 2345984 ----a-w- c:\windows\system32\win32k.sys
2012-11-16 16:19 . 2012-10-09 17:40 44032 ----a-w- c:\windows\system32\dhcpcsvc6.dll
2012-11-16 16:19 . 2012-10-09 17:40 193536 ----a-w- c:\windows\system32\dhcpcore6.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-09-14 18:28 . 2012-10-19 10:20 2048 ----a-w- c:\windows\system32\tzres.dll
2012-08-31 17:18 . 2012-10-19 10:15 1211760 ----a-w- c:\windows\system32\drivers\ntfs.sys
2012-08-30 17:12 . 2012-10-19 10:13 3968880 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-08-30 17:12 . 2012-10-19 10:13 3914096 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-10-27 08:20 . 2012-10-27 08:19 261600 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{CC5FC992-B0AA-47CD-9DC2-83445083CBB8}"
[HKEY_CLASSES_ROOT\CLSID\{CC5FC992-B0AA-47CD-9DC2-83445083CBB8}]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{618A47A2-528B-4D9A-AFC8-97D3233511E2}"
[HKEY_CLASSES_ROOT\CLSID\{618A47A2-528B-4D9A-AFC8-97D3233511E2}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MCShield Monitor"="c:\program files\MCShield\mcshieldrtm.exe" [2012-10-23 605184]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-05 186904]
"ETDWare"="c:\program files\Elantech\ETDCtrl.exe" [2010-04-13 548744]
"Eee Docking"="c:\program files\ASUS\Eee Docking\Eee Docking.exe" [2010-06-10 414384]
"ASUSWebStorage"="c:\program files\ASUS\ASUS WebStorage\2.2.56.108\ASUSWSDashBoard.exe" [2010-09-01 5096784]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-05-10 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-05-10 173592]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-05-10 150552]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2010-03-12 8546848]
"ASUSPRP"="c:\program files\ASUS\APRP\APRP.EXE" [2010-11-17 2018032]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2012-08-08 348664]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2010-5-21 828704]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKLM\~\startupfolder\C:^Users^Nesha^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 2.0.lnk]
path=c:\users\Nesha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 2.0.lnk
backup=c:\windows\pss\OpenOffice.org 2.0.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Device Detector]
DevDetect.exe -autorun [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2011-06-06 11:55 937920 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CapsHook]
2010-09-08 02:45 34728 ----a-w- c:\windows\System32\AsusSender.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2012-02-13 08:06 3481408 ----a-w- c:\program files\DAEMON Tools Lite\DTLite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2011-11-18 17:49 136176 ----atw- c:\users\Nesha\AppData\Local\Google\Update\GoogleUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotkeyMon]
2010-09-08 02:45 34728 ----a-w- c:\windows\System32\AsusSender.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotkeyService]
2010-09-08 02:45 34728 ----a-w- c:\windows\System32\AsusSender.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LiveUpdate]
2010-09-08 02:45 34728 ----a-w- c:\windows\System32\AsusSender.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SuperHybridEngine]
2010-09-08 02:45 34728 ----a-w- c:\windows\System32\AsusSender.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UCam_Menu]
2009-05-20 05:16 222504 ------w- c:\program files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe
.
R2 AsusService;Asus Launcher Service;c:\windows\System32\AsusService.exe [x]
R2 BBSvc;Bing Bar Update Service;c:\program files\Microsoft\BingBar\BBSvc.EXE [x]
R3 btwampfl;Bluetooth AMP USB Filter;c:\windows\system32\drivers\btwampfl.sys [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
R3 massfilter;Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys [x]
R3 massfilter_hs;ZTE HandSet Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter_hs.sys [x]
S1 AsUpIO;AsUpIO;c:\windows\system32\drivers\AsUpIO.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S2 AntiVirSchedulerService;Avira Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [x]
S2 BBUpdate;BBUpdate;c:\program files\Microsoft\BingBar\SeaPort.EXE [x]
S2 cvhsvc;Client Virtualization Handler;c:\program files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x86.sys [x]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - 04982020
*Deregistered* - 04982020
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS FontCache fdrespub AppIDSvc QWAVE wcncsvc
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
.
Contents of the 'Scheduled Tasks' folder
.
2012-11-23 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2529278628-111823672-645106489-1000Core.job
- c:\users\Nesha\AppData\Local\Google\Update\GoogleUpdate.exe [2011-11-18 17:49]
.
2012-11-24 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2529278628-111823672-645106489-1000UA.job
- c:\users\Nesha\AppData\Local\Google\Update\GoogleUpdate.exe [2011-11-18 17:49]
.
.
------- Supplementary Scan -------
.
uStart Page = about:blank
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: Interfaces\{71700486-E7A5-4C31-B625-D9B7CE28E9E0}: NameServer = 139.7.30.125 139.7.30.126
FF - ProfilePath - c:\users\Nesha\AppData\Roaming\Mozilla\Firefox\Profiles\uw5xvzp9.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.rs/
FF - user.js: general.useragent.extra.brc -
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
HKLM-Run-EeeSplendidAgent - c:\program files\ASUS\EPC\EeeSplendid\AsAgent.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2012-11-24 16:06:16
ComboFix-quarantined-files.txt 2012-11-24 15:06
.
Pre-Run: 18,155,962,368 bytes free
Post-Run: 18,767,405,056 bytes free
.
- - End Of File - - 2474B3EA9539AA9E3EDBF64E9B17B4B5

Poslao: 24 Nov 2012 17:54
Idi na vrh
offline
  • Pridružio: 09 Avg 2011
  • Poruke: 15879
  • Gde živiš: Beograd

Kakvo je sada stanje? Prijavljuje li Avira sta?

Poslao: 24 Nov 2012 18:33
Idi na vrh
offline
  • nesani 
  • Novi MyCity građanin
  • Pridružio: 24 Nov 2012
  • Poruke: 5

Ne prijavljuje nista. Sad sam cak i skenirao sistem i nista nije nasla Smile
Jel to to?

Poslao: 24 Nov 2012 21:13
Idi na vrh
offline
  • Pridružio: 09 Avg 2011
  • Poruke: 15879
  • Gde živiš: Beograd

Arrow To je to, racunar je sada cist sto se malware-a tice Smile



Arrow Preuzmi i pokreni OTC. Klikni na CleanUp. Ovim ce biti obrisani korisceni alati. Ukoliko neki preostane, mozes ga rucno obrisati...



Arrow Obavezno poseti temu "Testirajte da li vam je pretraživač ranjiv", pročitaj i isprati link koji stoji u njoj.
Link do teme je: http://www.mycity.rs/Web-browseri/Testirajte-da-li.....anjiv.html




TwinHeadedEagle (AMF Tim)

Poslao: 24 Nov 2012 21:51
Idi na vrh
offline
  • nesani 
  • Novi MyCity građanin
  • Pridružio: 24 Nov 2012
  • Poruke: 5

Stvarno ne znam kako da se adekvatno zahvalim na ovako brzoj i efikasnoj pomoci.

Beskrajno zahvalan
Nesa

MyCity » Ambulanta -> Arhiva Ambulante » Problem sa TR/ATRAPS.Gen i TR/ATRAPS.Gen2

Ko je trenutno na forumu
 

Ukupno su 704 korisnika na forumu :: 2 registrovanih, 1 sakriven i 701 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: Milos82, panzerwaffe