virus-dirtydecrypt.exe :: Pc Klinika ~ Doktori za vas kompjuter

Toolbar

Pravilnik foruma

Burek marketing

Najčešća pitanja

Posetite Burek Prodavnicu

Zatvori

BUREK marketing

Burek :: Forumi :: > Tehnicki deo foruma > Pc Klinika ~ Doktori za vas kompjuter

Tema: virus-dirtydecrypt.exe (Moderatori: enaB, chelavi1)

Trenutno vreme je: 23. Jul 2025, 11:13:00

Korisnici koji su trenutno na forumu 0 članova i 0 gostiju pregledaju ovu temu.

Napomena: Za sva pitanja u vezi kupovine novog hardware-a ili procene vrednosti i preporuke koristite - ovu temu!

Spyware,sta je,kako radi,kako se zastititi? :: Kako rade mreze :: Burek Anti-virus software review :: Index tema koje ne treba propustiti

Stranice:

2 Sve

Tema: virus-dirtydecrypt.exe (Pročitano 5001 puta)

ivan-vr

30. Jul 2013, 13:02:42

Pocetnik

Zodijak
Pol
Poruke	15

Chrome 28.0.1500.72

Pozdrav svim clanovima!
Zadesio me je veliki problem,sve slike na kompu su mi blokirane (file is encripted) na svim slikama je ovo ispisano,znam da se radi o virusu i mislim da sam ga obrisao,ali kako sada da vratim slike.
Molim za pomoc ako neko zna!!!

IP sačuvana

Zatvori

chelavi1

Poruka #1

30. Jul 2013, 14:32:08

Moderator

Svedok stvaranja istorije

necu da ti kazem, chelavi...

Zodijak
Pol
Poruke	22020
Zastava

	Windows 7
	Mozilla Firefox 22.0
	Apple iPhone 12, S21

Citat: ivan-vr 30. Jul 2013, 13:02:42

Ko kanda da ga ipak nisi u potpunosti izvadio i ocistio iz sistema.

Kako si ga cistio?
Kojim alatima?
postavi logove istih.

IP sačuvana

- A robot may not injure a human being or, through inaction, allow a human being to come to harm
- A robot must obey the orders given to it by human beings, except where such orders would conflict with the First Law
- A robot must protect its own existence as long as such protection does not conflict with the First or Second Laws

Zatvori

ivan-vr

Poruka #2

30. Jul 2013, 15:48:39

Pocetnik

Zodijak
Pol
Poruke	15

	Windows XP
	Chrome 28.0.1500.72

http://virusremovalstation.blogspot.com/2013/07/infected-with-dirty-decryptexe-virus.html
http://fixvirusfast.blogspot.com/2013/07/cannot-uninstall-dirty-decryptexe-virus.html
To je to ali mene sada interesuje kako da povratim sve slike.

« Poslednja izmena: 30. Jul 2013, 15:51:11 od ivan-vr »

IP sačuvana

Zatvori

ivicaspas

Poruka #3

30. Jul 2013, 15:59:37

Prijatelj foruma

Poznata licnost

MC- argus

Zodijak
Pol
Poruke	4467
Zastava

	Windows 7
	Mozilla Firefox 22.0
	HTC

Ti linkovi su budalastine, uradi ovako:

Preuzmi program DDS na desktop http://download.bleepingcomputer.com/sUBs/dds.scr
Dvoklikom pokreni DDS
Sacekaj malo, izbacice ti dva loga
Kopiraj mi log DDS.txt > koristi dodatne opcije i prilozi fajl.

IP sačuvana

Zatvori

ivan-vr

Poruka #4

30. Jul 2013, 16:09:42

Pocetnik

Zodijak
Pol
Poruke	15

	Windows XP
	Chrome 28.0.1500.72

Nasao sam i nesto o opopavu slika ovde:
http://www.securelist.com/en/descriptions/old313444

Ali ovo je malo komlikovano za mene.

IP sačuvana

Zatvori

ivan-vr

Poruka #5

30. Jul 2013, 16:14:37

Pocetnik

Zodijak
Pol
Poruke	15

	Windows XP
	Chrome 28.0.1500.72

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 7.0.6000.17115
Run by Administrator at 16:11:32 on 2013-07-30
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1023.481 [GMT 2:00]
.
.
============== Running Processes ================
.
C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe
C:\Program Files\AlienGUIse\wbload.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\YourFileDownloader\YourFileUpdater.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Panda USB Vaccine\USBVaccine.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe
C:\Program Files\Search Results Toolbar\Datamngr\DatamngrCoordinator.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\WINDOWS\VMSnap3.EXE
C:\WINDOWS\Domino.EXE
C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\KWorld Multimedia\HyperMediaCenter\DTVR\Scheduled.exe
C:\Program Files\IObit\Advanced SystemCare 6\ASCTray.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\Program Files\Yontoo\Y2Desktop.Updater.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\IObit\Advanced SystemCare 6\Monitor.exe
C:\Program Files\IObit\Advanced SystemCare 6\Asc.exe
C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE
C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\SearchFilterHost.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\system32\svchost.exe -k imgsvc
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com
uWindow Title = IE
mStart Page = hxxp://websearch.lookforithere.info/?pid=700&r=2013/05/11&hid=304593965&lg=EN&cc=RS&unqvl=14
mWinlogon: SFCDisable = dword:-99
BHO: SearchNewTab: {00A08A12-4B9B-05A2-058D-671BA279ECB1} - c:\documents and settings\all users\application data\searchnewtab\518eb318e051d.dll
BHO: hosts2: {11111111-1111-1111-1111-110311691128} - c:\program files\hosts2\hosts2-bho.dll
BHO: Content Blocker Plugin: {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - c:\program files\kaspersky lab\kaspersky anti-virus 2013\ieext\contentblocker\ie_content_blocker_plugin.dll
BHO: MaegnaiPIc: {5C6C17AA-5F35-CBF1-590D-A7129DB1E520} - c:\documents and settings\all users\application data\maegnaipic\51e69d2982bbf.dll
BHO: Search-Results Toolbar: {629441bd-260e-41b6-8ea7-60bbbac86ec0} - c:\program files\search results toolbar\datamngr\srtool~1\searchresultsDx.dll
BHO: Virtual Keyboard Plugin: {73455575-E40C-433C-9784-C78DC7761455} - c:\program files\kaspersky lab\kaspersky anti-virus 2013\ieext\virtualkeyboard\ie_virtual_keyboard_plugin.dll
BHO: SearchNewTab: {8BA5BDAE-4BDA-5A58-79F6-BE43D4DDFB51} - c:\documents and settings\all users\application data\searchnewtab\518eb37f294e3.dll
BHO: cONNtiinuetossavea: {97D61DD0-6A89-3071-0EAA-ED0650DB88DB} - c:\documents and settings\all users\application data\conntiinuetossavea\518eb3766fe4a.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Advanced SystemCare Browser Protection: {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - c:\program files\iobit\advanced systemcare 6\browerprotect\ASCPlugin_Protection.dll
BHO: URL Advisor Plugin: {E33CF602-D945-461A-83F0-819F76A199F8} - c:\program files\kaspersky lab\kaspersky anti-virus 2013\ieext\urladvisor\klwtbbho.dll
BHO: cONNtiinuetossavea: {FF2F7AD6-0F16-F175-FD57-AFE0FEE5168E} - c:\documents and settings\all users\application data\conntiinuetossavea\518eb3056ad24.dll
TB: Search-Results Toolbar: {629441bd-260e-41b6-8ea7-60bbbac86ec0} - c:\program files\search results toolbar\datamngr\srtool~1\searchresultsDx.dll
EB: {32683183-48a0-441b-a342-7c2a440a9478} - <orphaned>
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [Center Agent] c:\program files\kworld multimedia\hypermediacenter\dtvr\Scheduled.exe
uRun: [uTorrent] "c:\documents and settings\administrator\application data\utorrent\uTorrent.exe" /MINIMIZED
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /minimized /regrun
uRun: [Updater36928.exe] c:\documents and settings\administrator\local settings\application data\updater36928\Updater36928.exe /extensionid=36928 /extensionname='hosts2' /chromeid=nijjeomamgmmmefdpnkebbikhfbgagfl /stayidle /delay=300
uRun: [Advanced SystemCare 6] "c:\program files\iobit\advanced systemcare 6\ASCTray.exe" /AutoStart
mRun: [ATIPTA] c:\program files\ati technologies\ati control panel\atiptaxx.exe
mRun: [SystemTray] SysTray.Exe
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [nwiz] nwiz.exe /install
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [Alcmtr] ALCMTR.EXE
mRun: [KernelFaultCheck] c:\windows\system32\dumprep 0 -k
mRun: [VMSnap3] c:\windows\VMSnap3.EXE
mRun: [Domino] c:\windows\Domino.EXE
mRun: [AVP] "c:\program files\kaspersky lab\kaspersky anti-virus 2013\avp.exe"
mRun: [DivXUpdate] "c:\program files\divx\divx update\DivXUpdate.exe" /CHECKNOW
mRun: [DivXMediaServer] c:\program files\divx\divx media server\DivXMediaServer.exe
mRun: [SpyHunter Security Suite] c:\program files\enigma software group\spyhunter\SpyHunter4.exe
dRunOnce: [nltide_2] regsvr32 /s /n /i:U shell32
dRunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
dRunOnce: [NewUser] c:\windows\system32\NewUser.cmd
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\window~1.lnk - c:\program files\windows desktop search\WindowsSearch.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
uPolicies-Explorer: NoSMMyPictures = dword:1
uPolicies-Explorer: NoSMConfigurePrograms = dword:1
uPolicies-Explorer: NoSecurityTab = dword:1
mPolicies-Explorer: NoSMConfigurePrograms = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:60
mPolicies-System: SynchronousMachineGroupPolicy = dword:0
mPolicies-System: SynchronousUserGroupPolicy = dword:0
mPolicies-System: EnableLUA = dword:0
mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoSMMyPictures = dword:1
mPolicies-Explorer: NoSMHelp = dword:1
mPolicies-Explorer: NoSMConfigurePrograms = dword:1
IE: &Download All using 4shared Desktop - c:\program files\4shared desktop\Desktop.32/D_ALL_LINK
IE: &Download using 4shared Desktop - c:\program files\4shared desktop\Desktop.32/D_ONE_LINK
IE: E&xport to Microsoft Excel - c:\progra~1\micros~1\office12\EXCEL.EXE/3000
IE: Iz&vezi u Microsoft Excel - c:\progra~1\micros~1\office11\EXCEL.EXE/3000
IE: {0C4CC089-D306-440D-9772-464E226F6539} - {0BA14598-4178-4CE5-B1F1-B5C6408A3F2E} - c:\program files\kaspersky lab\kaspersky anti-virus 2013\ieext\virtualkeyboard\ie_virtual_keyboard_plugin.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {A7DF592F-6E2A-45C4-9A87-4BD217D714ED} - {A7DF592F-6E2A-45C4-9A87-4BD217D714ED} - <orphaned>
IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - c:\program files\kaspersky lab\kaspersky anti-virus 2013\ieext\urladvisor\klwtbbho.dll
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\program files\yahoo!\common\Yinsthelper.dll
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{FB2134E4-A887-42BC-8ECA-C0399FB202B3} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{FD0CA2C6-BDC7-4992-8FF5-01A29F8ED13E} : DHCPNameServer = 192.168.1.1
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Notify: AtiExtEvent - Ati2evxx.dll
Notify: klogon - c:\windows\system32\klogon.dll
Notify: WB - c:\program files\alienguise\fastload.dll
AppInit_DLLs= c:\docume~1\alluse~1\applic~1\wincert\win32c~1.dll c:\progra~1\magnipic\assist~1.dll, wbsys.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\wpdshserviceobj.dll
SEH: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll
SEH: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - c:\program files\superantispyware\SASSEH.DLL
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\28.0.1500.72\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
============= SERVICES / DRIVERS ===============
.
R0 kl1;kl1;c:\windows\system32\drivers\kl1.sys [2012-6-19 136024]
R1 KLIF;Kaspersky Lab Driver;c:\windows\system32\drivers\klif.sys [2013-7-29 591968]
R1 kltdi;kltdi;c:\windows\system32\drivers\kltdi.sys [2012-6-8 44000]
R1 kneps;kneps;c:\windows\system32\drivers\kneps.sys [2012-8-13 145040]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664]
R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCore.exe [2012-7-11 116608]
R2 AdvancedSystemCareService6;Advanced SystemCare Service 6;c:\program files\iobit\advanced systemcare 6\ASCService.exe [2013-7-18 574272]
R2 AVP;Kaspersky Anti-Virus Service;c:\program files\kaspersky lab\kaspersky anti-virus 2013\avp.exe [2012-8-17 356376]
R2 DatamngrCoordinator;Datamngr Coordinator;c:\program files\search results toolbar\datamngr\DatamngrCoordinator.exe [2013-5-5 3019264]
R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2012-12-9 418376]
R2 Skype C2C Service;Skype C2C Service;c:\documents and settings\all users\application data\skype\toolbars\skype c2c service\c2c_service.exe [2013-7-12 3289472]
R2 SpyHunter 4 Service;SpyHunter 4 Service;c:\progra~1\enigma~1\spyhun~1\SH4SER~1.EXE [2013-6-27 770432]
R2 Yontoo Desktop Updater;Yontoo Desktop Updater;c:\program files\yontoo\Y2Desktop.Updater.exe [2013-3-12 23552]
R3 3xHybrid;3xHybrid service;c:\windows\system32\drivers\3xHybrid.sys [2012-12-26 674048]
R3 esgiguard;esgiguard;c:\program files\enigma software group\spyhunter\esgiguard.sys [2011-5-6 13904]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [2012-6-27 35672]
R3 klkbdflt;Kaspersky Lab KLKBDFLT;c:\windows\system32\drivers\klkbdflt.sys [2012-5-25 24408]
R3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\drivers\klmouflt.sys [2012-7-25 24920]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-12-9 22856]
S0 BtHidBus;Bluetooth HID Bus Service;c:\windows\system32\drivers\BtHidBus.sys [2011-12-21 21512]
S2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2012-12-9 701512]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2013-6-21 162408]
S3 BTCOM;Bluetooth Serial port driver;c:\windows\system32\drivers\btcomport.sys --> c:\windows\system32\drivers\btcomport.sys [?]
S3 BTCOMBUS;Bluetooth Serial Port Bus Service;c:\windows\system32\drivers\btcombus.sys --> c:\windows\system32\drivers\btcombus.sys [?]
S3 btnetBUs;Bluetooth PAN Bus Service;c:\windows\system32\drivers\btnetBus.sys [2011-12-21 27744]
S3 EsgScanner;EsgScanner;c:\windows\system32\drivers\EsgScanner.sys [2012-6-22 19984]
S3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\drivers\IvtBtBus.sys [2010-4-6 26248]
S3 NPF;WinPcap Packet Driver (NPF);c:\windows\system32\drivers\npf.sys [2013-7-29 50704]
S3 NTProcDrv;Process creation detector for NT.;

S3 SetupNTGLM7X;SetupNTGLM7X;\??\e:\ntglm7x.sys --> e:\NTGLM7X.sys [?]
S3 vmfilter303;vmfilter303;c:\windows\system32\drivers\vmfilter303.sys [2013-6-8 428160]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [2007-11-7 14336]
.
=============== Created Last 30 ================
.
2013-07-30 13:04:54   --------   d-----w-   c:\documents and settings\administrator\application data\PCFixKit
2013-07-30 13:04:16   --------   d-----w-   c:\program files\PCFixKit
2013-07-30 12:25:53   110080   ----a-r-   c:\documents and settings\administrator\application data\microsoft\installer\{471d8b37-c5b3-4457-9fa1-b3c693334f4f}\IconF7A21AF7.exe
2013-07-30 12:25:53   110080   ----a-r-   c:\documents and settings\administrator\application data\microsoft\installer\{471d8b37-c5b3-4457-9fa1-b3c693334f4f}\IconD7F16134.exe
2013-07-30 12:25:53   110080   ----a-r-   c:\documents and settings\administrator\application data\microsoft\installer\{471d8b37-c5b3-4457-9fa1-b3c693334f4f}\IconCF33A0CE.exe
2013-07-30 12:25:30   --------   d-----w-   C:\sh4ldr
2013-07-30 12:24:27   --------   d-----w-   c:\windows\471D8B37C5B344579FA1B3C693334F4F.TMP
2013-07-29 20:29:10   --------   d-----w-   c:\program files\VQshyekeqvu
2013-07-29 20:29:05   --------   d-----w-   c:\program files\VQshyeke
2013-07-29 20:29:03   --------   d-----w-   c:\program files\VQshyekeqvux
2013-07-29 20:29:02   --------   d-----w-   c:\program files\VQshyekeqv
2013-07-29 20:29:01   --------   d-----w-   c:\program files\VQshyekeqvuxaq
2013-07-29 20:28:57   --------   d-----w-   c:\program files\VQshyekeqvuxaqw
2013-07-29 20:28:56   --------   d-----w-   c:\program files\VQshyekeqvuxaqww
2013-07-29 20:28:54   --------   d-----w-   c:\program files\VQshyekeq
2013-07-29 20:28:53   --------   d-----w-   c:\program files\VQshyekeqvuxa
2013-07-29 20:26:42   --------   d-----w-   c:\documents and settings\administrator\local settings\application data\VQshyeke
2013-07-29 20:26:37   --------   d-----w-   c:\documents and settings\administrator\local settings\application data\VQshyekeqvu
2013-07-29 20:26:34   --------   d-----w-   c:\documents and settings\administrator\local settings\application data\VQshyekeq
2013-07-29 20:26:33   --------   d-----w-   c:\documents and settings\administrator\local settings\application data\VQshyekeqvuxa
2013-07-29 20:26:30   --------   d-----w-   c:\documents and settings\administrator\local settings\application data\VQshyekeqvux
2013-07-29 20:26:29   --------   d-----w-   c:\documents and settings\administrator\local settings\application data\VQshyekeqvuxaqww
2013-07-29 20:26:28   --------   d-----w-   c:\documents and settings\administrator\local settings\application data\VQshyekeqvuxaqw
2013-07-29 20:26:27   --------   d-----w-   c:\documents and settings\administrator\local settings\application data\VQshyekeqv
2013-07-29 20:26:26   --------   d-----w-   c:\documents and settings\administrator\local settings\application data\VQshyekeqvuxaq
2013-07-29 20:26:26   --------   d-----w-   C:\{F42904A8-65C3-D66E-47F8-B893B5A39179}
2013-07-29 19:03:11   --------   d-----w-   c:\program files\Kaspersky Lab
2013-07-29 19:03:10   --------   d-----w-   c:\documents and settings\all users\application data\Kaspersky Lab
2013-07-29 19:01:29   74336   ----a-w-   c:\windows\system32\drivers\klflt.sys
2013-07-29 19:00:05   --------   d-----w-   c:\documents and settings\administrator\application data\Dirty
2013-07-29 17:00:50   --------   d-----w-   c:\windows\pss
2013-07-29 15:42:54   --------   d-----w-   c:\documents and settings\administrator\Doctor Web
2013-07-29 15:39:56   --------   d-----w-   c:\program files\common files\Doctor Web
2013-07-29 15:38:23   --------   d-----w-   c:\program files\DrWeb
2013-07-29 13:50:32   50704   ----a-w-   c:\windows\system32\drivers\npf.sys
2013-07-29 13:50:32   281104   ----a-w-   c:\windows\system32\wpcap.dll
2013-07-29 13:50:32   100880   ----a-w-   c:\windows\system32\Packet.dll
2013-07-29 13:17:43   --------   d-----w-   c:\documents and settings\administrator\application data\Radiocom
2013-07-29 13:17:33   --------   d-----w-   c:\documents and settings\administrator\RichMedia
2013-07-29 13:17:33   --------   d-----w-   c:\documents and settings\administrator\local settings\application data\Radiocom
2013-07-29 13:16:11   93976   ----a-w-   c:\program files\mozilla firefox\plugins\nppluginrichmediaplayer.dll
2013-07-29 13:14:28   --------   d-----w-   c:\documents and settings\administrator\local settings\application data\Rich Media Player
2013-07-29 13:12:44   178688   ----a-w-   c:\windows\system32\unrar.dll
2013-07-29 13:12:27   --------   d-----w-   c:\program files\K-Lite Codec Pack
2013-07-28 21:45:56   --------   d-----w-   c:\documents and settings\administrator\application data\SUPERAntiSpyware.com
2013-07-28 21:45:30   --------   d-----w-   c:\program files\SUPERAntiSpyware
2013-07-28 21:45:30   --------   d-----w-   c:\documents and settings\all users\application data\SUPERAntiSpyware.com
2013-07-28 20:49:30   --------   d-----w-   c:\program files\DivX
2013-07-28 20:48:53   --------   d-----w-   c:\documents and settings\all users\application data\DivX
2013-07-28 20:36:32   --------   d-----w-   c:\program files\VideoLAN
2013-07-28 20:30:12   --------   d-----w-   c:\program files\GRETECH
2013-07-28 18:25:03   --------   d-----w-   c:\documents and settings\administrator\application data\Hoykfu
2013-07-28 18:25:03   --------   d-----w-   c:\documents and settings\administrator\application data\Boat
2013-07-28 17:57:54   --------   d-----w-   c:\documents and settings\administrator\local settings\application data\Ryiehdyq
2013-07-28 17:57:53   --------   d-----w-   c:\documents and settings\administrator\local settings\application data\ZFfkPIWv
2013-07-28 17:57:53   --------   d-----w-   c:\documents and settings\administrator\local settings\application data\Dirty
2013-07-23 21:56:13   --------   d-----w-   c:\program files\CCleaner
2013-07-21 17:06:36   --------   d-----w-   c:\program files\YourFileDownloader
2013-07-21 17:06:36   --------   d-----w-   c:\documents and settings\administrator\application data\YourFileDownloader
2013-07-17 18:45:53   --------   d-----w-   c:\program files\common files\Stardock
2013-07-17 16:20:30   74752   ------w-   c:\windows\system32\dllcache\cryptdlg.dll
2013-07-15 15:40:10   --------   d-----w-   c:\documents and settings\administrator\application data\File Scout
2013-07-04 13:36:59   --------   d-----w-   c:\documents and settings\administrator\local settings\application data\Updater36928
2013-07-04 13:36:42   --------   d-----w-   c:\program files\hosts2
2013-07-04 13:36:20   --------   d-----w-   c:\documents and settings\all users\application data\Premium
2013-07-04 13:36:17   --------   d-----w-   c:\program files\MagniPic
2013-07-04 13:36:11   --------   d-----w-   c:\documents and settings\all users\application data\MaegnaiPIc
2013-07-03 16:07:43   --------   d-----w-   c:\documents and settings\administrator\application data\uTorrent
2013-07-03 14:21:25   562688   ------w-   c:\windows\system32\dllcache\qedit.dll
2013-07-03 12:22:18   --------   d-----w-   c:\windows\system32\LogFiles
.
==================== Find3M ====================
.
2013-07-29 19:42:21   44000   ----a-w-   c:\windows\system32\drivers\kltdi.sys
2013-07-29 19:42:21   24920   ----a-w-   c:\windows\system32\drivers\klmouflt.sys
2013-07-29 19:42:21   145040   ----a-w-   c:\windows\system32\drivers\kneps.sys
2013-07-29 19:42:20   24408   ----a-w-   c:\windows\system32\drivers\klkbdflt.sys
2013-06-11 22:39:31   692104   ----a-w-   c:\windows\system32\FlashPlayerApp.exe
2013-06-11 22:39:30   71048   ----a-w-   c:\windows\system32\FlashPlayerCPLApp.cpl
2013-06-04 07:23:02   562688   ----a-w-   c:\windows\system32\qedit.dll
2013-06-04 01:40:45   1876736   ----a-w-   c:\windows\system32\win32k.sys
2013-05-10 20:22:05   778   ----a-w-   c:\windows\system32\InTLub1.sys
2013-05-08 22:28:02   1543680   ----a-w-   c:\windows\system32\wmvdecod.dll
2013-05-03 01:30:20   2149888   ----a-w-   c:\windows\system32\ntoskrnl.exe
2013-05-03 00:38:17   2028544   ----a-w-   c:\windows\system32\ntkrnlpa.exe
.
=================== ROOTKIT ====================
.
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 5.1.2600
.
CreateFile("\\.\PHYSICALDRIVE0"): The process cannot access the file because it is being used by another process.
device: opened successfully
user: error reading MBR
.
Disk trace:
called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys
1 nt!IofCallDriver[0x804E1311] -> \Device\Harddisk0\DR0[0x86F39AB8]
3 CLASSPNP[0xF74C7FD7] -> nt!IofCallDriver[0x804E1311] -> \Device\00000072[0x86FD5928]
5 ACPI[0xF6F1C620] -> nt!IofCallDriver[0x804E1311] -> \Device\Ide\IdeDeviceP3T0L0-10[0x86FD4D98]
kernel: MBR read successfully
_asm { XOR AX, AX; MOV SS, AX; MOV SP, 0x7c00; STI ; PUSH AX; POP ES; PUSH AX; POP DS; CLD ; MOV SI, 0x7c1b; MOV DI, 0x61b; PUSH AX; PUSH DI; MOV CX, 0x1e5; REP MOVSB ; RETF ; MOV BP, 0x7be; MOV CL, 0x4; CMP [BP+0x0], CH; JL 0x2e; JNZ 0x3a; }
user != kernel MBR !!!
.
============= FINISH: 16:12:44.18 ===============

IP sačuvana

Zatvori

ivicaspas

Poruka #6

30. Jul 2013, 16:33:31

Prijatelj foruma

Poznata licnost

MC- argus

Zodijak
Pol
Poruke	4467
Zastava

	Windows 7
	Mozilla Firefox 22.0
	HTC

Korak 1

Pokreni AdwCleaner
Klikni Delete
Potvrdi sa OK sve do restarta.

Korak 2

Preuzmi ComboFix sa sledece adrese na Desktop:

http://download.bleepingcomputer.com/sUBs/ComboFix.exe

Iskljuci AV

Pokreni Combofix iskljucivo sa desktopa (I Agree)
Na svaki popup prozor klikci Yes \ Ok

Kad zavrsi skeniranje izbacice ti log na desktop

Kopiraj mi log ovde.

Korak 3

Preuzmi TDSSKiller sa sljedeće adrese na Desktop:

TDSSKiller

Pokreni TDSSKiller i klikni na Change parametres.

U dijelu Additional options štrikliraj opcije Verify driver signatures i Detect TDLFS file system, a zatim klikni na OK.

Klikni na Start scan.

Kad završi prikazaće ti rezultate skeniranja.

Za sve ponađene objekte odaberi akciju Skip.

Klikni na Continue.

Prikači uz poruku izvještaj koji se nalazi na sljedećoj lokaciji:
C:\TDSSKiller_verzija programa_DD.MM.GG_HH.MM.SS.txt
(DD-dan, MM-mesec, GG-godina, HH-sat, MM-minut, SS-sekunda; datum i vrijeme kada je log napravljen)

IP sačuvana

Zatvori

ivan-vr

Poruka #7

30. Jul 2013, 17:55:04

Pocetnik

Zodijak
Pol
Poruke	15

	Windows XP
	Chrome 28.0.1500.72

ComboFix 13-07-30.02 - Administrator 07/30/2013 17:34:43.2.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1023.445 [GMT 2:00]
Running from: c:\documents and settings\Administrator\Desktop\ComboFix.exe
AV: Kaspersky Anti-Virus *Disabled/Updated* {2C4D4BC6-0793-4956-A9F9-E252435469C0}
FW: Kaspersky Anti-Virus *Disabled* {2C4D4BC6-0793-4956-A9F9-E252435469C0}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Administrator\Local Settings\Application Data\Updater36928\Updater36928.exe
.
---- Previous Run -------
.
C:\desktop.ini
c:\documents and settings\Administrator\Application Data\Dirty\alertwall.jpg
c:\documents and settings\Administrator\Local Settings\Application Data\Updater36928\Updater36928.exe
c:\documents and settings\All Users\Application Data\Wincert\WIN32C~1.DLL
c:\program files\Internet Explorer\SET131D.tmp
c:\program files\Internet Explorer\SET1322.tmp
c:\windows\system32\_000005_.tmp.dll
c:\windows\system32\_000006_.tmp.dll
c:\windows\system32\_000007_.tmp.dll
c:\windows\system32\_000008_.tmp.dll
c:\windows\system32\_000009_.tmp.dll
c:\windows\system32\_000010_.tmp.dll
c:\windows\system32\_000011_.tmp.dll
c:\windows\system32\_000012_.tmp.dll
c:\windows\system32\_000013_.tmp.dll
c:\windows\system32\_000015_.tmp.dll
c:\windows\system32\_000019_.tmp.dll
c:\windows\system32\_000020_.tmp.dll
c:\windows\system32\_000021_.tmp.dll
c:\windows\system32\_000022_.tmp.dll
c:\windows\system32\AutoRun.inf
c:\windows\system32\drivers\npf.sys
c:\windows\system32\Packet.dll
c:\windows\system32\SET10B8.tmp
c:\windows\system32\SET10F6.tmp
c:\windows\system32\SET1101.tmp
c:\windows\system32\SET1186.tmp
c:\windows\system32\SET11AC.tmp
c:\windows\system32\SET1256.tmp
c:\windows\system32\SET125D.tmp
c:\windows\system32\SET1264.tmp
c:\windows\system32\SET126D.tmp
c:\windows\system32\SET1282.tmp
c:\windows\system32\SET1286.tmp
c:\windows\system32\SET1287.tmp
c:\windows\system32\SET1288.tmp
c:\windows\system32\SET12DC.tmp
c:\windows\system32\SET1338.tmp
c:\windows\system32\SET1339.tmp
c:\windows\system32\SET133A.tmp
c:\windows\system32\SET133B.tmp
c:\windows\system32\SET133C.tmp
c:\windows\system32\SET133D.tmp
c:\windows\system32\SET133F.tmp
c:\windows\system32\SET1343.tmp
c:\windows\system32\SET1344.tmp
c:\windows\system32\SET1345.tmp
c:\windows\system32\SET1346.tmp
c:\windows\system32\SET1347.tmp
c:\windows\system32\SET134D.tmp
c:\windows\system32\SET134F.tmp
c:\windows\system32\SET1350.tmp
c:\windows\system32\SET1352.tmp
c:\windows\system32\SET1354.tmp
c:\windows\system32\SET1355.tmp
c:\windows\system32\SET135A.tmp
c:\windows\system32\SET135B.tmp
c:\windows\system32\SET135E.tmp
c:\windows\system32\SET1360.tmp
c:\windows\system32\SET1361.tmp
c:\windows\system32\SET1362.tmp
c:\windows\system32\SET1366.tmp
c:\windows\system32\SET1367.tmp
c:\windows\system32\SET136A.tmp
c:\windows\system32\SET136B.tmp
c:\windows\system32\SET136C.tmp
c:\windows\system32\SET1452.tmp
c:\windows\system32\SET1453.tmp
c:\windows\system32\SET1454.tmp
c:\windows\system32\SET1459.tmp
c:\windows\system32\SET145A.tmp
c:\windows\system32\SET145E.tmp
c:\windows\system32\SET1460.tmp
c:\windows\system32\SET1496.tmp
c:\windows\system32\SET197.tmp
c:\windows\system32\SET19C.tmp
c:\windows\system32\SET1A5.tmp
c:\windows\system32\SET1BD.tmp
c:\windows\system32\SET1BE.tmp
c:\windows\system32\SET1E5.tmp
c:\windows\system32\SET20F.tmp
c:\windows\system32\SET22D.tmp
c:\windows\system32\SET23B.tmp
c:\windows\system32\SET23C.tmp
c:\windows\system32\SET23E.tmp
c:\windows\system32\SET33D.tmp
c:\windows\system32\SET33E.tmp
c:\windows\system32\SET346.tmp
c:\windows\system32\SET378.tmp
c:\windows\system32\SET75F.tmp
c:\windows\system32\SET778.tmp
c:\windows\system32\SETB73.tmp
c:\windows\system32\SETC26.tmp
c:\windows\system32\SETC27.tmp
c:\windows\system32\SETC28.tmp
c:\windows\system32\SETCF7.tmp
c:\windows\system32\SETD3D.tmp
c:\windows\system32\SETD3E.tmp
c:\windows\system32\SETD58.tmp
c:\windows\system32\SETD8F.tmp
c:\windows\system32\SETD96.tmp
c:\windows\system32\SETE02.tmp
c:\windows\system32\SETE08.tmp
c:\windows\system32\wpcap.dll
.
-- Previous Run --
.
Infected copy of c:\windows\system32\ntdll.dll was found and disinfected
Restored copy from - c:\windows\$hf_mig$\KB2393802\SP3QFE\ntdll.dll
.
--------
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_NPF
-------\Service_NPF
.
.
((((((((((((((((((((((((( Files Created from 2013-06-28 to 2013-07-30 )))))))))))))))))))))))))))))))
.
.
2013-07-30 14:27 . 2013-07-30 14:25   276760   ----a-w-   C:\te94decrypt.exe
2013-07-30 13:04 . 2013-07-30 13:04   --------   d-----w-   c:\documents and settings\Administrator\Application Data\PCFixKit
2013-07-30 13:04 . 2013-07-30 13:06   --------   d-----w-   c:\program files\PCFixKit
2013-07-30 12:25 . 2013-07-30 12:26   --------   d-----w-   C:\sh4ldr
2013-07-30 12:24 . 2013-07-30 12:26   --------   d-----w-   c:\windows\471D8B37C5B344579FA1B3C693334F4F.TMP
2013-07-29 20:29 . 2013-07-29 20:29   --------   d-----w-   c:\program files\VQshyeke
2013-07-29 20:26 . 2013-07-29 20:26   --------   d-----w-   c:\documents and settings\Administrator\Local Settings\Application Data\VQshyeke
2013-07-29 20:26 . 2013-07-29 20:26   --------   d-----w-   C:\{F42904A8-65C3-D66E-47F8-B893B5A39179}
2013-07-29 19:03 . 2013-07-29 19:03   --------   d-----w-   c:\program files\Kaspersky Lab
2013-07-29 19:03 . 2013-07-30 15:46   --------   d-----w-   c:\documents and settings\All Users\Application Data\Kaspersky Lab
2013-07-29 19:01 . 2013-07-29 19:42   74336   ----a-w-   c:\windows\system32\drivers\klflt.sys
2013-07-29 15:42 . 2013-07-29 15:42   --------   d-----w-   c:\documents and settings\Administrator\Doctor Web
2013-07-29 15:39 . 2013-07-29 15:39   --------   d-----w-   c:\program files\Common Files\Doctor Web
2013-07-29 15:38 . 2013-07-29 16:33   --------   d-----w-   c:\program files\DrWeb
2013-07-29 13:17 . 2013-07-29 13:17   --------   d-----w-   c:\documents and settings\Administrator\Application Data\Radiocom
2013-07-29 13:17 . 2013-07-29 13:17   --------   d-----w-   c:\documents and settings\Administrator\RichMedia
2013-07-29 13:17 . 2013-07-29 13:17   --------   d-----w-   c:\documents and settings\Administrator\Local Settings\Application Data\Radiocom
2013-07-29 13:14 . 2013-07-29 19:27   --------   d-----w-   c:\documents and settings\Administrator\Local Settings\Application Data\Rich Media Player
2013-07-29 13:13 . 2013-07-29 13:13   --------   d-----w-   c:\documents and settings\Administrator\Application Data\Media Player Classic
2013-07-29 13:12 . 2012-06-09 17:21   178688   ----a-w-   c:\windows\system32\unrar.dll
2013-07-29 13:12 . 2013-07-29 13:12   --------   d-----w-   c:\program files\K-Lite Codec Pack
2013-07-28 23:16 . 2013-07-28 23:16   --------   d-----w-   c:\documents and settings\Administrator\Application Data\DivX
2013-07-28 21:45 . 2013-07-28 21:45   --------   d-----w-   c:\documents and settings\Administrator\Application Data\SUPERAntiSpyware.com
2013-07-28 21:45 . 2013-07-28 21:45   --------   d-----w-   c:\program files\SUPERAntiSpyware
2013-07-28 21:45 . 2013-07-28 21:45   --------   d-----w-   c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
2013-07-28 20:49 . 2013-07-29 13:02   --------   d-----w-   c:\program files\DivX
2013-07-28 20:48 . 2013-07-29 13:04   --------   d-----w-   c:\documents and settings\All Users\Application Data\DivX
2013-07-28 20:38 . 2013-07-28 20:41   --------   d-----w-   c:\documents and settings\Administrator\Application Data\vlc
2013-07-28 20:36 . 2013-07-28 20:45   --------   d-----w-   c:\program files\VideoLAN
2013-07-28 20:30 . 2013-07-28 20:33   --------   d-----w-   c:\program files\GRETECH
2013-07-28 18:25 . 2013-07-29 00:52   --------   d-----w-   c:\documents and settings\Administrator\Application Data\Boat
2013-07-28 18:25 . 2013-07-28 21:53   --------   d-----w-   c:\documents and settings\Administrator\Application Data\Hoykfu
2013-07-28 17:57 . 2013-07-28 17:57   --------   d-----w-   c:\documents and settings\Administrator\Local Settings\Application Data\Ryiehdyq
2013-07-28 17:57 . 2013-07-30 05:38   --------   d-----w-   c:\documents and settings\Administrator\Local Settings\Application Data\Dirty
2013-07-28 17:57 . 2013-07-28 17:57   --------   d-----w-   c:\documents and settings\Administrator\Local Settings\Application Data\ZFfkPIWv
2013-07-23 21:56 . 2013-07-23 21:56   --------   d-----w-   c:\program files\CCleaner
2013-07-22 23:29 . 2013-07-24 08:53   --------   d-----w-   c:\program files\Recuva
2013-07-22 18:33 . 2013-07-29 19:24   --------   d-----w-   c:\program files\Google
2013-07-17 18:45 . 2013-07-17 18:45   --------   d-----w-   c:\program files\Common Files\Stardock
2013-07-17 16:20 . 2013-03-26 22:53   74752   ------w-   c:\windows\system32\dllcache\cryptdlg.dll
2013-07-04 13:36 . 2013-07-30 15:19   --------   d-----w-   c:\documents and settings\Administrator\Local Settings\Application Data\Updater36928
2013-07-04 13:36 . 2013-07-04 13:37   --------   d-----w-   c:\program files\hosts2
2013-07-03 20:05 . 2013-07-03 20:05   --------   d-----w-   c:\program files\Common Files\Skype
2013-07-03 16:07 . 2013-07-30 15:45   --------   d-----w-   c:\documents and settings\Administrator\Application Data\uTorrent
2013-07-03 14:21 . 2013-06-04 07:23   562688   ------w-   c:\windows\system32\dllcache\qedit.dll
2013-07-03 12:22 . 2013-07-03 12:22   --------   d-----w-   c:\windows\system32\LogFiles
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-07-30 12:25 . 2013-07-30 12:25   110080   ----a-r-   c:\documents and settings\Administrator\Application Data\Microsoft\Installer\{471D8B37-C5B3-4457-9FA1-B3C693334F4F}\IconF7A21AF7.exe
2013-07-30 12:25 . 2013-07-30 12:25   110080   ----a-r-   c:\documents and settings\Administrator\Application Data\Microsoft\Installer\{471D8B37-C5B3-4457-9FA1-B3C693334F4F}\IconD7F16134.exe
2013-07-30 12:25 . 2013-07-30 12:25   110080   ----a-r-   c:\documents and settings\Administrator\Application Data\Microsoft\Installer\{471D8B37-C5B3-4457-9FA1-B3C693334F4F}\IconCF33A0CE.exe
2013-07-29 19:42 . 2012-08-13 14:49   145040   ----a-w-   c:\windows\system32\drivers\kneps.sys
2013-07-29 19:42 . 2012-07-25 12:53   24920   ----a-w-   c:\windows\system32\drivers\klmouflt.sys
2013-07-29 19:42 . 2012-06-08 09:38   44000   ----a-w-   c:\windows\system32\drivers\kltdi.sys
2013-07-29 19:42 . 2012-05-25 17:38   24408   ----a-w-   c:\windows\system32\drivers\klkbdflt.sys
2013-06-11 22:39 . 2012-12-26 08:29   692104   ----a-w-   c:\windows\system32\FlashPlayerApp.exe
2013-06-11 22:39 . 2012-12-26 08:29   71048   ----a-w-   c:\windows\system32\FlashPlayerCPLApp.cpl
2013-06-04 07:23 . 2007-11-07 09:00   562688   ----a-w-   c:\windows\system32\qedit.dll
2013-06-04 01:40 . 2007-11-07 09:00   1876736   ----a-w-   c:\windows\system32\win32k.sys
2013-05-08 22:28 . 2007-11-07 09:00   1543680   ----a-w-   c:\windows\system32\wmvdecod.dll
2013-05-03 01:30 . 2007-11-07 09:00   2149888   ----a-w-   c:\windows\system32\ntoskrnl.exe
2013-05-03 00:38 . 2007-07-19 05:40   2028544   ----a-w-   c:\windows\system32\ntkrnlpa.exe
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[7] 2013-01-11 . 830BB7F63412366F3AAD7BB723C29DE4 . 3619328 . . [7.00.6000.17117] . . c:\windows\ie8\mshtml.dll
[7] 2013-01-11 . 728F5E630CDF204DF0707BEA5E0F3D28 . 3621376 . . [7.00.6000.21319] . . c:\windows\$hf_mig$\KB2799329-IE7\SP3QFE\mshtml.dll
[7] 2013-01-06 . BDF6CC938C0644FE3643BC0D6A678E26 . 6009856 . . [8.00.6001.19394] . . c:\windows\SoftwareDistribution\Download\ba76551526d6c0dc13a37b3c3ba56dc3\SP3GDR\mshtml.dll
[7] 2013-01-06 . BDF6CC938C0644FE3643BC0D6A678E26 . 6009856 . . [8.00.6001.19394] . . c:\windows\system32\dllcache\mshtml.dll
[7] 2013-01-06 . 14FD1CAEFB6D2749019AC2F54859568C . 6011392 . . [8.00.6001.23462] . . c:\windows\$hf_mig$\KB2799329-IE8\SP3QFE\mshtml.dll
[7] 2013-01-06 . 14FD1CAEFB6D2749019AC2F54859568C . 6011392 . . [8.00.6001.23462] . . c:\windows\SoftwareDistribution\Download\ba76551526d6c0dc13a37b3c3ba56dc3\SP3QFE\mshtml.dll
[7] 2012-11-14 . 9E3B9AFB15D210893E5F10899A127FFC . 3620864 . . [7.00.6000.21318] . . c:\windows\$hf_mig$\KB2761465-IE7\SP3QFE\mshtml.dll
[7] 2012-11-14 . 75450799DB55482CBDC7A54C51A0F238 . 3618816 . . [7.00.6000.17116] . . c:\windows\ie7updates\KB2799329-IE7\mshtml.dll
[7] 2012-11-13 . 02D8509E2362D777DEBFFC05C022CBF2 . 6010880 . . [8.00.6001.23461] . . c:\windows\$hf_mig$\KB2761465-IE8\SP3QFE\mshtml.dll
[7] 2012-11-13 . 02D8509E2362D777DEBFFC05C022CBF2 . 6010880 . . [8.00.6001.23461] . . c:\windows\SoftwareDistribution\Download\cc96b93914846861794489046c97de97\SP3QFE\mshtml.dll
[7] 2012-11-12 . 9C46E5C82F94D9AEDD2CE798F0DF1158 . 6008832 . . [8.00.6001.19393] . . c:\windows\ie8updates\KB2799329-IE8\mshtml.dll
[7] 2012-11-12 . 9C46E5C82F94D9AEDD2CE798F0DF1158 . 6008832 . . [8.00.6001.19393] . . c:\windows\SoftwareDistribution\Download\cc96b93914846861794489046c97de97\SP3GDR\mshtml.dll
[7] 2012-08-28 . DF3C3CA94CBC9DE07AC3EB49440A8D45 . 6008832 . . [8.00.6001.19328] . . c:\windows\ie8updates\KB2761465-IE8\mshtml.dll
[7] 2012-08-28 . DF3C3CA94CBC9DE07AC3EB49440A8D45 . 6008832 . . [8.00.6001.19328] . . c:\windows\SoftwareDistribution\Download\982ca70dcc7d7c5793e4584ca12bd6a6\SP3GDR\mshtml.dll
[7] 2012-08-28 . CF6B381C3518AB328382429CAE206D64 . 6010368 . . [8.00.6001.23415] . . c:\windows\$hf_mig$\KB2744842-IE8\SP3QFE\mshtml.dll
[7] 2012-08-28 . CF6B381C3518AB328382429CAE206D64 . 6010368 . . [8.00.6001.23415] . . c:\windows\SoftwareDistribution\Download\982ca70dcc7d7c5793e4584ca12bd6a6\SP3QFE\mshtml.dll
[7] 2011-11-04 . DD8D655E1881B70A5259A23A6018A6C2 . 5978112 . . [8.00.6001.19170] . . c:\windows\ie8updates\KB2744842-IE8\mshtml.dll
[7] 2011-11-04 . DD8D655E1881B70A5259A23A6018A6C2 . 5978112 . . [8.00.6001.19170] . . c:\windows\SoftwareDistribution\Download\a6632ea9734d3683d8cc4b4a30215873\SP3GDR\mshtml.dll
[7] 2011-11-04 . 699421E2E1313C18671A703953CAE14B . 5978624 . . [8.00.6001.23266] . . c:\windows\$hf_mig$\KB2618444-IE8\SP3QFE\mshtml.dll
[7] 2011-11-04 . 699421E2E1313C18671A703953CAE14B . 5978624 . . [8.00.6001.23266] . . c:\windows\SoftwareDistribution\Download\a6632ea9734d3683d8cc4b4a30215873\SP3QFE\mshtml.dll
[7] 2010-05-06 . C7B7A88CC7D7ABA5C395145BF92F46F7 . 5950976 . . [8.00.6001.18928] . . c:\windows\ie8updates\KB2618444-IE8\mshtml.dll
[7] 2010-05-06 . C7B7A88CC7D7ABA5C395145BF92F46F7 . 5950976 . . [8.00.6001.18928] . . c:\windows\SoftwareDistribution\Download\e9e3bc7b49018c1f53cc0d1bd73cad37\SP3GDR\mshtml.dll
[7] 2010-05-06 . 9BE28F749A7FE7F8F177C6AA2E9DA609 . 5953024 . . [8.00.6001.23019] . . c:\windows\$hf_mig$\KB982381-IE8\SP3QFE\mshtml.dll
[7] 2010-05-06 . 9BE28F749A7FE7F8F177C6AA2E9DA609 . 5953024 . . [8.00.6001.23019] . . c:\windows\SoftwareDistribution\Download\e9e3bc7b49018c1f53cc0d1bd73cad37\SP3QFE\mshtml.dll
[7] 2009-03-08 . D469A0EBA2EF5C6BEE8065B7E3196E5E . 5937152 . . [8.00.6001.18702] . . c:\windows\ie8updates\KB982381-IE8\mshtml.dll
[7] 2008-04-14 . A706E122B398FE1AB85CB9B75D044223 . 3066880 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\mshtml.dll
[-] 2007-11-07 . 4785DE39046921260C57C771C5D17B29 . 4081664 . . [7.00.5730.13] . . c:\windows\ie7updates\KB2761465-IE7\mshtml.dll
[-] 2007-11-07 . 4785DE39046921260C57C771C5D17B29 . 4081664 . . [7.00.5730.13] . . c:\windows\system32\mshtml.dll
.
[7] 2012-11-01 . 9AD88EA663124336E88EB031F917CE20 . 916992 . . [8.00.6001.19389] . . c:\windows\SoftwareDistribution\Download\cc96b93914846861794489046c97de97\SP3GDR\wininet.dll
[7] 2012-11-01 . 9AD88EA663124336E88EB031F917CE20 . 916992 . . [8.00.6001.19389] . . c:\windows\system32\dllcache\wininet.dll
[7] 2012-11-01 . ACC92628CFFF9BB6F8886329888014A8 . 920064 . . [8.00.6001.23458] . . c:\windows\$hf_mig$\KB2761465-IE8\SP3QFE\wininet.dll
[7] 2012-11-01 . ACC92628CFFF9BB6F8886329888014A8 . 920064 . . [8.00.6001.23458] . . c:\windows\SoftwareDistribution\Download\cc96b93914846861794489046c97de97\SP3QFE\wininet.dll
[7] 2012-11-01 . 8381B36D077D043D0D4FE6AC94C44A1F . 832512 . . [7.00.6000.17115] . . c:\windows\ie8\wininet.dll
[7] 2012-11-01 . EA3D664709A7B217AAE73F943E5C9004 . 841216 . . [7.00.6000.21317] . . c:\windows\$hf_mig$\KB2761465-IE7\SP3QFE\wininet.dll
[7] 2012-08-28 . FF1C14BCA1A797CE45DD359FA2C9EDA8 . 916992 . . [8.00.6001.19328] . . c:\windows\ie8updates\KB2761465-IE8\wininet.dll
[7] 2012-08-28 . FF1C14BCA1A797CE45DD359FA2C9EDA8 . 916992 . . [8.00.6001.19328] . . c:\windows\SoftwareDistribution\Download\982ca70dcc7d7c5793e4584ca12bd6a6\SP3GDR\wininet.dll
[7] 2012-08-28 . DCEA3B3193B7181CF818ECC4EAB30A66 . 920064 . . [8.00.6001.23415] . . c:\windows\$hf_mig$\KB2744842-IE8\SP3QFE\wininet.dll
[7] 2012-08-28 . DCEA3B3193B7181CF818ECC4EAB30A66 . 920064 . . [8.00.6001.23415] . . c:\windows\SoftwareDistribution\Download\982ca70dcc7d7c5793e4584ca12bd6a6\SP3QFE\wininet.dll
[7] 2011-11-04 . 552263502EA8C24D301A0C43FF90B3ED . 916992 . . [8.00.6001.19165] . . c:\windows\ie8updates\KB2744842-IE8\wininet.dll
[7] 2011-11-04 . 552263502EA8C24D301A0C43FF90B3ED . 916992 . . [8.00.6001.19165] . . c:\windows\SoftwareDistribution\Download\a6632ea9734d3683d8cc4b4a30215873\SP3GDR\wininet.dll
[7] 2011-11-04 . 4E4716CAF514717814D07113AD0425B6 . 919552 . . [8.00.6001.23261] . . c:\windows\$hf_mig$\KB2618444-IE8\SP3QFE\wininet.dll
[7] 2011-11-04 . 4E4716CAF514717814D07113AD0425B6 . 919552 . . [8.00.6001.23261] . . c:\windows\SoftwareDistribution\Download\a6632ea9734d3683d8cc4b4a30215873\SP3QFE\wininet.dll
[7] 2010-05-06 . 2D9C7B010409372C34F725DA5CCED083 . 916480 . . [8.00.6001.18923] . . c:\windows\ie8updates\KB2618444-IE8\wininet.dll
[7] 2010-05-06 . 2D9C7B010409372C34F725DA5CCED083 . 916480 . . [8.00.6001.18923] . . c:\windows\SoftwareDistribution\Download\e9e3bc7b49018c1f53cc0d1bd73cad37\SP3GDR\wininet.dll
[7] 2010-05-06 . C1490F68B44AF8B781F52F12F564625D . 919040 . . [8.00.6001.23014] . . c:\windows\$hf_mig$\KB982381-IE8\SP3QFE\wininet.dll
[7] 2010-05-06 . C1490F68B44AF8B781F52F12F564625D . 919040 . . [8.00.6001.23014] . . c:\windows\SoftwareDistribution\Download\e9e3bc7b49018c1f53cc0d1bd73cad37\SP3QFE\wininet.dll
[7] 2009-03-08 . 6CE32F7778061CCC5814D5E0F282D369 . 914944 . . [8.00.6001.18702] . . c:\windows\ie8updates\KB982381-IE8\wininet.dll
[7] 2008-04-14 . 7A4F775ABB2F1C97DEF3E73AFA2FAEDD . 666112 . . [6.00.2900.5512] . . c:\windows\ServicePackFiles\i386\wininet.dll
[-] 2007-11-07 . 82697376AB9B952FC86134EBD9CC1F07 . 885248 . . [7.00.5730.13] . . c:\windows\ie7updates\KB2761465-IE7\wininet.dll
[-] 2007-11-07 . 82697376AB9B952FC86134EBD9CC1F07 . 885248 . . [7.00.5730.13] . . c:\windows\system32\wininet.dll
.
[7] 2008-04-14 . 7D7D8501F3CB45D0408CDEFA08CDAEFF . 406016 . . [1.0420.2600.5512] . . c:\windows\ServicePackFiles\i386\usp10.dll
[-] 2007-11-07 . A2F03ADFB6C17E732FC42D51352EDCC3 . 502784 . . [1.0626.6000.20581] . . c:\windows\system32\usp10.dll
.
[7] 2008-04-14 . 5B19B557B0C188210A56A6B699D90B8F . 59904 . . [5.1.2600.5512] . . c:\windows\ServicePackFiles\i386\regsvc.dll
.
c:\windows\System32\regsvc.dll ... is missing !!
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Center Agent"="c:\program files\KWorld Multimedia\HyperMediaCenter\DTVR\Scheduled.exe" [2007-07-13 1435648]
"uTorrent"="c:\documents and settings\Administrator\Application Data\uTorrent\uTorrent.exe" [2013-07-03 1221200]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2013-06-21 19875432]
"Advanced SystemCare 6"="c:\program files\IObit\Advanced SystemCare 6\ASCTray.exe" [2013-04-18 491840]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2006-11-16 344064]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-05-16 13529088]
"nwiz"="nwiz.exe" [2008-05-16 1630208]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-05-16 86016]
"RTHDCPL"="RTHDCPL.EXE" [2008-04-10 16861184]
"VMSnap3"="c:\windows\VMSnap3.EXE" [2007-01-09 49152]
"Domino"="c:\windows\Domino.EXE" [2007-01-09 49152]
"AVP"="c:\program files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe" [2013-07-29 356376]
"SpyHunter Security Suite"="c:\program files\Enigma Software Group\SpyHunter\SpyHunter4.exe" [2013-06-27 6427008]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"nltide_2"="shell32" [X]
"nltide_3"="advpack.dll" [2007-11-07 123904]
"NewUser"="c:\windows\System32\NewUser.cmd" [2007-11-07 2475]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe /startup [2008-5-26 123904]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"SynchronousMachineGroupPolicy"= 0 (0x0)
"SynchronousUserGroupPolicy"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoSMConfigurePrograms"= 1 (0x1)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoSMConfigurePrograms"= 1 (0x1)
"NoSecurityTab"= 1 (0x1)
.
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoSMMyPictures"= 1 (0x1)
"NoSMHelp"= 1 (0x1)
"NoSMConfigurePrograms"= 1 (0x1)
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-24 304128]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-07-19 113024]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WB]
2001-12-20 21:34   24576   ----a-w-   c:\program files\AlienGUIse\fastload.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\system32\wbsys.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
2012-11-01 19:45   4763008   ----a-w-   c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
"DisableNotifications"= 1 (0x1)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\TeamViewer\\Version7\\TeamViewer.exe"=
"c:\\Program Files\\TeamViewer\\Version7\\TeamViewer_Service.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Opera\\opera.exe"=
"c:\\Documents and Settings\\Administrator\\Application Data\\uTorrent\\uTorrent.exe"=
"c:\\WINDOWS\\system32\\msiexec.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5985:TCP"= 5985:TCP:*:Disabled:Windows Remote Management
.
R0 BtHidBus;Bluetooth HID Bus Service;c:\windows\system32\drivers\BtHidBus.sys [12/21/2011 2:47 PM 21512]
R1 kltdi;kltdi;c:\windows\system32\drivers\kltdi.sys [6/8/2012 11:38 AM 44000]
R1 kneps;kneps;c:\windows\system32\drivers\kneps.sys [8/13/2012 4:49 PM 145040]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [7/22/2011 6:27 PM 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [7/12/2011 11:55 PM 67664]
R2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCore.exe [7/11/2012 8:54 PM 116608]
R2 AdvancedSystemCareService6;Advanced SystemCare Service 6;c:\program files\IObit\Advanced SystemCare 6\ASCService.exe [7/18/2013 10:51 PM 574272]
R2 MBAMScheduler;MBAMScheduler;c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe [12/9/2012 12:47 AM 418376]
R2 Skype C2C Service;Skype C2C Service;c:\documents and settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe [7/12/2013 2:37 PM 3289472]
R2 SpyHunter 4 Service;SpyHunter 4 Service;c:\progra~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE [6/27/2013 11:48 PM 770432]
R3 3xHybrid;3xHybrid service;c:\windows\system32\drivers\3xHybrid.sys [12/26/2012 12:32 AM 674048]
R3 esgiguard;esgiguard;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [5/6/2011 4:57 PM 13904]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;c:\windows\system32\drivers\klim5.sys [6/27/2012 2:09 PM 35672]
R3 klkbdflt;Kaspersky Lab KLKBDFLT;c:\windows\system32\drivers\klkbdflt.sys [5/25/2012 7:38 PM 24408]
R3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\drivers\klmouflt.sys [7/25/2012 2:53 PM 24920]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [12/9/2012 12:45 AM 22856]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [12/9/2012 12:45 AM 701512]
S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [6/21/2013 9:53 AM 162408]
S3 BTCOM;Bluetooth Serial port driver;c:\windows\system32\DRIVERS\btcomport.sys --> c:\windows\system32\DRIVERS\btcomport.sys [?]
S3 BTCOMBUS;Bluetooth Serial Port Bus Service;c:\windows\system32\Drivers\btcombus.sys --> c:\windows\system32\Drivers\btcombus.sys [?]
S3 btnetBUs;Bluetooth PAN Bus Service;c:\windows\system32\drivers\btnetBus.sys [12/21/2011 2:47 PM 27744]
S3 EsgScanner;EsgScanner;c:\windows\system32\drivers\EsgScanner.sys [6/22/2012 12:01 PM 19984]
S3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\drivers\IvtBtBus.sys [4/6/2010 6:32 PM 26248]
S3 NTProcDrv;Process creation detector for NT.;

S3 SetupNTGLM7X;SetupNTGLM7X;\??\e:\ntglm7x.sys --> e:\NTGLM7X.sys [?]
S3 vmfilter303;vmfilter303;c:\windows\system32\drivers\vmfilter303.sys [6/8/2013 11:10 PM 428160]
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - ASPI32
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12   REG_MULTI_SZ     Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt   REG_MULTI_SZ     hpqcxs08
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-07-22 20:50   1173456   ----a-w-   c:\program files\Google\Chrome\Application\28.0.1500.72\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-07-30 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-07-22 20:48]
.
2013-07-30 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2013-07-22 20:48]
.
2013-07-30 c:\windows\Tasks\PandaUSBVaccine.job
- c:\program files\Panda USB Vaccine\RunInteractiveWin.exe [2012-12-08 16:45]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com
mStart Page = hxxp://www.google.com
IE: &Download All using 4shared Desktop - c:\program files\4shared Desktop\Desktop.32/D_ALL_LINK
IE: &Download using 4shared Desktop - c:\program files\4shared Desktop\Desktop.32/D_ONE_LINK
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
IE: Iz&vezi u Microsoft Excel - c:\progra~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
.
- - - - ORPHANS REMOVED - - - -
.
BHO-{00A08A12-4B9B-05A2-058D-671BA279ECB1} - c:\documents and settings\All Users\Application Data\SearchNewTab\518eb318e051d.dll
BHO-{629441bd-260e-41b6-8ea7-60bbbac86ec0} - c:\progra~1\SEARCH~1\Datamngr\SRTOOL~1\searchresultsDx.dll
BHO-{FF2F7AD6-0F16-F175-FD57-AFE0FEE5168E} - c:\documents and settings\All Users\Application Data\cONNtiinuetossavea\518eb3056ad24.dll
Toolbar-{629441bd-260e-41b6-8ea7-60bbbac86ec0} - c:\progra~1\SEARCH~1\Datamngr\SRTOOL~1\searchresultsDx.dll
HKCU-Run-Updater36928.exe - c:\documents and settings\Administrator\Local Settings\Application Data\Updater36928\Updater36928.exe
HKLM-Run-DivXUpdate - c:\program files\DivX\DivX Update\DivXUpdate.exe
HKLM-Run-DivXMediaServer - c:\program files\DivX\DivX Media Server\DivXMediaServer.exe
AddRemove-kingtranslatetoolbar - c:\progra~1\SEARCH~1\Datamngr\SRTOOL~1\uninstall.exe
AddRemove-SP_09b71135 - c:\program files\ContinueToSave\uninstall.exe
AddRemove-SP_b0285714 - c:\program files\WebSearch\uninstall.exe
AddRemove-SP_d8283021 - c:\program files\MagniPic\uninstall.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-07-30 17:45
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-484763869-562591055-1417001333-500\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (Administrator)
"{9D717F81-9148-4F12-8568-69135F087DB0}"=hex:51,66,7a,6c,4c,1d,3b,1b,91,65,6b,
80,78,c4,7e,0a,9f,6a,36,4b,59,49,3d,a5
"{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}"=hex:51,66,7a,6c,4c,1d,3b,1b,d5,dc,17,
b9,e0,2c,c4,09,bb,87,d0,a1,8f,ee,51,00
"{4D2D3B0F-69BE-477A-90F5-FDDB05357975}"=hex:51,66,7a,6c,4c,1d,3b,1b,1f,21,37,
50,8e,3c,16,02,8a,f7,a2,83,03,74,39,60
"{98889811-442D-49DD-99D7-DC866BE87DBC}"=hex:51,66,7a,6c,4c,1d,3b,1b,01,82,92,
85,1d,11,b1,0c,83,d5,83,de,6d,a9,3d,a9
"{FF2F7AD6-0F16-F175-FD57-AFE0FEE5168E}"=hex:51,66,7a,6c,4c,1d,3b,1b,c6,60,35,
e2,26,5a,19,b4,e7,55,f0,b8,f8,a4,56,9b
"{00A08A12-4B9B-05A2-058D-671BA279ECB1}"=hex:51,66,7a,6c,4c,1d,3b,1b,02,90,ba,
1d,ab,1e,ce,40,1f,8f,38,43,a4,38,ac,a4
"{97D61DD0-6A89-3071-0EAA-ED0650DB88DB}"=hex:51,66,7a,6c,4c,1d,3b,1b,c0,07,cc,
8a,b9,3f,1d,75,14,a8,b2,5e,56,9a,c8,ce
"{8BA5BDAE-4BDA-5A58-79F6-BE43D4DDFB51}"=hex:51,66,7a,6c,4c,1d,3b,1b,be,a7,bf,
96,ea,1e,34,1f,63,f4,e1,1b,d2,9c,bb,44
"{5C6C17AA-5F35-CBF1-590D-A7129DB1E520}"=hex:51,66,7a,6c,4c,1d,3b,1b,ba,0d,76,
41,05,0a,9d,8e,43,0f,f8,4a,9b,f0,a5,35
"{11111111-1111-1111-1111-110311691128}"=hex:51,66,7a,6c,4c,1d,3b,1b,01,0b,0b,
0c,21,44,7d,54,0b,13,4e,5b,17,28,51,3d
"{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}"=hex:51,66,7a,6c,4c,1d,3b,1b,9d,8d,16,
a7,39,8c,da,0c,b5,e0,d4,86,22,1c,87,f3
"{326E768D-4182-46FD-9C16-1449A49795F4}"=hex:51,66,7a,6c,4c,1d,3b,1b,9d,6c,74,
2f,b2,14,91,03,86,14,4b,11,a2,d6,d5,e1
.
[HKEY_USERS\S-1-5-21-484763869-562591055-1417001333-500\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID]
@Denied: (Full) (LocalSystem)
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(1152)
c:\windows\system32\Ati2evxx.dll
c:\program files\AlienGUIse\fastload.dll
.
- - - - - - - > 'explorer.exe'(3704)
c:\windows\system32\ieframe.dll
c:\windows\system32\wpdshserviceobj.dll
c:\windows\system32\portabledevicetypes.dll
c:\windows\system32\portabledeviceapi.dll
c:\windows\system32\OneX.DLL
c:\windows\system32\eappprxy.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Panda USB Vaccine\USBVaccine.exe
c:\program files\Java\jre7\bin\jqs.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\windows\system32\nvsvc32.exe
c:\windows\system32\SearchIndexer.exe
c:\windows\system32\RUNDLL32.EXE
c:\windows\RTHDCPL.EXE
.
**************************************************************************
.
Completion time: 2013-07-30 17:53:16 - machine was rebooted
ComboFix-quarantined-files.txt 2013-07-30 15:53
.
Pre-Run: 53,176,119,296 bytes free
Post-Run: 53,138,173,952 bytes free
.
- - End Of File - - F3B4F0D2D11B2A0538A8CEA955DC4455
8F558EB6672622401DA993E1E865C861

IP sačuvana

Zatvori

ivan-vr

Poruka #8

30. Jul 2013, 18:00:10

Pocetnik

Zodijak
Pol
Poruke	15

	Windows XP
	Chrome 28.0.1500.72

TDSSKiller.2.8.18.0_30.07.2013_17.55.57_log.txt

17:55:57.0468 3868 TDSS rootkit removing tool 2.8.18.0 Jun 10 2013 21:44:19
17:55:57.0718 3868 ============================================================
17:55:57.0718 3868 Current date / time: 2013/07/30 17:55:57.0718
17:55:57.0718 3868 SystemInfo:
17:55:57.0718 3868
17:55:57.0718 3868 OS Version: 5.1.2600 ServicePack: 3.0
17:55:57.0718 3868 Product type: Workstation
17:55:57.0718 3868 ComputerName: cps
17:55:57.0718 3868 UserName: Administrator
17:55:57.0718 3868 Windows directory: C:\WINDOWS
17:55:57.0718 3868 System windows directory: C:\WINDOWS
17:55:57.0718 3868 Processor architecture: Intel x86
17:55:57.0718 3868 Number of processors: 2
17:55:57.0718 3868 Page size: 0x1000
17:55:57.0718 3868 Boot type: Normal boot
17:55:57.0718 3868 ============================================================
17:55:59.0765 3868 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
17:55:59.0765 3868 Drive \Device\Harddisk1\DR3 - Size: 0x78600000 (1.88 Gb), SectorSize: 0x200, Cylinders: 0xF5, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
17:55:59.0765 3868 ============================================================
17:55:59.0765 3868 \Device\Harddisk0\DR0:
17:55:59.0765 3868 MBR partitions:
17:55:59.0765 3868 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x88B8F9D
17:55:59.0781 3868 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x88B901B, BlocksNum 0x149076A5
17:55:59.0781 3868 \Device\Harddisk1\DR3:
17:55:59.0781 3868 MBR partitions:
17:55:59.0781 3868 \Device\Harddisk1\DR3\Partition1: MBR, Type 0xB, StartLBA 0x2000, BlocksNum 0x3C1000
17:55:59.0796 3868 ============================================================
17:55:59.0812 3868 C: <-> \Device\Harddisk0\DR0\Partition1
17:55:59.0843 3868 D: <-> \Device\Harddisk0\DR0\Partition2
17:55:59.0843 3868 ============================================================
17:55:59.0843 3868 Initialize success
17:55:59.0843 3868 ============================================================
17:56:36.0031 2196 ============================================================
17:56:36.0031 2196 Scan started
17:56:36.0031 2196 Mode: Manual; SigCheck; TDLFS;
17:56:36.0031 2196 ============================================================
17:56:36.0890 2196 ================ Scan system memory ========================
17:56:36.0890 2196 System memory - ok
17:56:36.0890 2196 ================ Scan services =============================
17:56:36.0984 2196 [ 01E81C84AD1D0ACC61CF3CFD066322 10 ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
17:56:37.0281 2196 !SASCORE ( UnsignedFile.Multi.Generic ) - warning
17:56:37.0281 2196 !SASCORE - detected UnsignedFile.Multi.Generic (1)
17:56:37.0421 2196 [ D9AF0082D3F09F5007E5727798786C D8 ] 3xHybrid C:\WINDOWS\system32\DRIVERS\3xHybrid.sys
17:56:37.0531 2196 3xHybrid ( UnsignedFile.Multi.Generic ) - warning
17:56:37.0531 2196 3xHybrid - detected UnsignedFile.Multi.Generic (1)
17:56:37.0546 2196 Abiosdsk - ok
17:56:37.0546 2196 abp480n5 - ok
17:56:37.0578 2196 [ 8FD99680A539792A30E97944FDAECF 17 ] ACPI C:\WINDOWS\system32\drivers\ACPI.sys
17:56:37.0703 2196 ACPI - ok
17:56:37.0734 2196 [ 9859C0F6936E723E4892D7141B1327 D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
17:56:37.0859 2196 ACPIEC - ok
17:56:37.0859 2196 adpu160m - ok
17:56:37.0937 2196 [ 9243229DFCCC99B5441750EBA49F1B 14 ] AdvancedSystemCareService6 C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe
17:56:38.0031 2196 AdvancedSystemCareService6 - ok
17:56:38.0062 2196 [ E696E749BEDCDA8B23757B8B5EA937 80 ] aeaudio C:\WINDOWS\system32\drivers\aeaudio.sys
17:56:38.0078 2196 aeaudio - ok
17:56:38.0109 2196 [ 8BED39E3C35D6A489438B8141717A5 57 ] aec C:\WINDOWS\system32\drivers\aec.sys
17:56:38.0250 2196 aec - ok
17:56:38.0281 2196 [ 1E44BC1E83D8FD2305F8D452DB109C F9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
17:56:38.0328 2196 AFD - ok
17:56:38.0359 2196 [ 08FD04AA961BDC77FB983F328334E3 D7 ] agp440 C:\WINDOWS\system32\DRIVERS\agp440.sys
17:56:38.0484 2196 agp440 - ok
17:56:38.0484 2196 Aha154x - ok
17:56:38.0500 2196 aic78u2 - ok
17:56:38.0500 2196 aic78xx - ok
17:56:38.0546 2196 [ 8C515081584A38AA007909CD02020B 3D ] ALG C:\WINDOWS\System32\alg.exe
17:56:38.0609 2196 ALG - ok
17:56:38.0609 2196 AliIde - ok
17:56:38.0640 2196 [ 0A4D13B388C814560BD69C3A496ECF A8 ] AmdK8 C:\WINDOWS\system32\DRIVERS\AmdK8.sys
17:56:38.0656 2196 AmdK8 ( UnsignedFile.Multi.Generic ) - warning
17:56:38.0656 2196 AmdK8 - detected UnsignedFile.Multi.Generic (1)
17:56:38.0671 2196 amsint - ok
17:56:38.0687 2196 [ D8849F77C0B66226335A59D26CB4ED C6 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
17:56:38.0750 2196 AppMgmt - ok
17:56:38.0765 2196 asc - ok
17:56:38.0765 2196 asc3350p - ok
17:56:38.0781 2196 asc3550 - ok
17:56:38.0812 2196 [ 5B01AF89D16D562825C4DB4530F20C BB ] Aspi32 C:\WINDOWS\system32\drivers\Aspi32.sys
17:56:38.0828 2196 Aspi32 ( UnsignedFile.Multi.Generic ) - warning
17:56:38.0828 2196 Aspi32 - detected UnsignedFile.Multi.Generic (1)
17:56:38.0875 2196 [ 4EABF511B1AF176A971C3271E48FA3 A8 ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
17:56:38.0890 2196 aspnet_state - ok
17:56:38.0921 2196 [ B153AFFAC761E7F5FCFA822B9C4E97 BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
17:56:39.0062 2196 AsyncMac - ok
17:56:39.0093 2196 [ 9F3A2F5AA6875C72BF062C712CFA26 74 ] atapi C:\WINDOWS\system32\drivers\atapi.sys
17:56:39.0234 2196 atapi - ok
17:56:39.0250 2196 Atdisk - ok
17:56:39.0281 2196 [ 925E735E8B54D808547CAEBA759C80 95 ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe
17:56:39.0375 2196 Ati HotKey Poller - ok
17:56:39.0437 2196 [ B032C154F012D902C2FCDC51717AC0 30 ] ati2mtag C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
17:56:39.0828 2196 ati2mtag - ok
17:56:39.0843 2196 [ 9916C1225104BA14794209CFA80121 59 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
17:56:40.0031 2196 Atmarpc - ok
17:56:40.0062 2196 [ DEF7A7882BEC100FE0B2CE2549188F 9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
17:56:40.0203 2196 AudioSrv - ok
17:56:40.0218 2196 [ D9F724AA26C010A217C97606B160ED 68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
17:56:40.0375 2196 audstub - ok
17:56:40.0609 2196 [ 587EFD6A3A30A35A27904D21AE1FB8 82 ] AVP C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe
17:56:40.0734 2196 AVP - ok
17:56:40.0781 2196 [ DA1F27D85E0D1525F6621372E7B685 E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
17:56:40.0937 2196 Beep - ok
17:56:40.0968 2196 [ 574738F61FCA2935F5265DC4E56913 14 ] BITS C:\WINDOWS\system32\qmgr.dll
17:56:41.0203 2196 BITS - ok
17:56:41.0250 2196 [ CFD4E51402DA9838B5A04AE680AF54 A0 ] Browser C:\WINDOWS\System32\browser.dll
17:56:41.0281 2196 Browser - ok
17:56:41.0281 2196 BT - ok
17:56:41.0296 2196 BTCOM - ok
17:56:41.0296 2196 BTCOMBUS - ok
17:56:41.0312 2196 Btcsrusb - ok
17:56:41.0343 2196 [ FCF500C9E89E193E038DCFCDBA6AA0 32 ] BtHidBus C:\WINDOWS\system32\Drivers\BtHidBus.sys
17:56:41.0343 2196 BtHidBus - ok
17:56:41.0359 2196 BTHidMgr - ok
17:56:41.0390 2196 [ 15E581ABCF37F07F1ABE3FC2645F33 C0 ] btnetBUs C:\WINDOWS\system32\Drivers\btnetBus.sys
17:56:41.0421 2196 btnetBUs - ok
17:56:41.0421 2196 catchme - ok
17:56:41.0468 2196 [ 90A673FC8E12A79AFBED2576F6A7AA F9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
17:56:41.0625 2196 cbidf2k - ok
17:56:41.0656 2196 [ 0BE5AEF125BE881C4F854C554F2B02 5C ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
17:56:41.0828 2196 CCDECODE - ok
17:56:41.0843 2196 cd20xrnt - ok
17:56:41.0859 2196 [ C1B486A7658353D33A10CC15211A87 3B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
17:56:42.0031 2196 Cdaudio - ok
17:56:42.0031 2196 [ C885B02847F5D2FD45A24E219ED93B 32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
17:56:42.0187 2196 Cdfs - ok
17:56:42.0203 2196 [ 1F4260CC5B42272D71F79E570A27A4 FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
17:56:42.0359 2196 Cdrom - ok
17:56:42.0359 2196 Changer - ok
17:56:42.0375 2196 [ 1CFE720EB8D93A7158A4EBC3AB178B DE ] CiSvc C:\WINDOWS\system32\cisvc.exe
17:56:42.0531 2196 CiSvc - ok
17:56:42.0562 2196 [ 34CBE729F38138217F9C80212A2A0C 82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
17:56:42.0703 2196 ClipSrv - ok
17:56:42.0734 2196 [ 234B1BC2796483E1F5C3F26649FB33 88 ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:56:42.0750 2196 clr_optimization_v2.0.50727_32 - ok
17:56:42.0750 2196 CmdIde - ok
17:56:42.0765 2196 COMSysApp - ok
17:56:42.0765 2196 Cpqarray - ok
17:56:42.0796 2196 [ 3D4E199942E29207970E04315D02AD 3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
17:56:42.0953 2196 CryptSvc - ok
17:56:42.0968 2196 dac2w2k - ok
17:56:42.0968 2196 dac960nt - ok
17:56:43.0046 2196 [ 6B27A5C03DFB94B424573906543132 2C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
17:56:43.0109 2196 DcomLaunch - ok
17:56:43.0140 2196 [ 5E38D7684A49CACFB752B046357E05 89 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
17:56:43.0281 2196 Dhcp - ok
17:56:43.0328 2196 [ 044452051F3E02E7963599FC8F4F3E 25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
17:56:43.0468 2196 Disk - ok
17:56:43.0468 2196 dmadmin - ok
17:56:43.0515 2196 [ D992FE1274BDE0F84AD826ACAE022A 41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
17:56:43.0750 2196 dmboot - ok
17:56:43.0750 2196 [ 7C824CF7BBDE77D95C08005717A95F 6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys
17:56:43.0906 2196 dmio - ok
17:56:43.0921 2196 [ E9317282A63CA4D188C0DF5E09C6AC 5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
17:56:44.0062 2196 dmload - ok
17:56:44.0093 2196 [ 57EDEC2E5F59F0335E92F35184BC86 31 ] dmserver C:\WINDOWS\System32\dmserver.dll
17:56:44.0234 2196 dmserver - ok
17:56:44.0250 2196 [ 8A208DFCF89792A484E76C40E5F50B 45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
17:56:44.0406 2196 DMusic - ok
17:56:44.0437 2196 [ 5F7E24FA9EAB896051FFB87F840730 D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
17:56:44.0453 2196 Dnscache - ok
17:56:44.0484 2196 [ 0F0F6E687E5E15579EF4DA8DD69458 14 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
17:56:44.0656 2196 Dot3svc - ok
17:56:44.0656 2196 dpti2o - ok
17:56:44.0671 2196 [ 8F5FCFF8E8848AFAC920905FBD9D33 C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
17:56:44.0796 2196 drmkaud - ok
17:56:44.0828 2196 [ 5E72C8FBBA5E949995CEB4D25656F9 04 ] E100B C:\WINDOWS\system32\DRIVERS\e100b325.sys
17:56:44.0843 2196 E100B - ok
17:56:44.0875 2196 [ 2187855A7703ADEF0CEF9EE4285182 CC ] EapHost C:\WINDOWS\System32\eapsvc.dll
17:56:45.0031 2196 EapHost - ok
17:56:45.0062 2196 [ 01F83E1B5DCE05F5CB7D99113CA9E8 90 ] emu10k C:\WINDOWS\system32\drivers\emu10k1m.sys
17:56:45.0187 2196 emu10k - ok
17:56:45.0203 2196 [ 7FFA171CCE6A8BFC774862A578BA39 A2 ] emu10k1 C:\WINDOWS\system32\drivers\ctlfacem.sys
17:56:45.0343 2196 emu10k1 - ok
17:56:45.0375 2196 [ BC93B4A066477954555966D77FEC9E CB ] ERSvc C:\WINDOWS\System32\ersvc.dll
17:56:45.0515 2196 ERSvc - ok
17:56:45.0562 2196 [ 2407B8164E966755BC6A4242FC9DE3 1E ] esgiguard C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys
17:56:45.0578 2196 esgiguard - ok
17:56:45.0593 2196 [ 01CE484FF6D70A39479BC6D619DE7E D6 ] EsgScanner C:\WINDOWS\system32\DRIVERS\EsgScanner.sys
17:56:45.0609 2196 EsgScanner - ok
17:56:45.0640 2196 [ 65DF52F5B8B6E9BBD183505225C373 15 ] Eventlog C:\WINDOWS\system32\services.exe
17:56:45.0671 2196 Eventlog - ok
17:56:45.0718 2196 [ D4991D98F2DB73C60D042F1AEF79EF AE ] EventSystem C:\WINDOWS\system32\es.dll
17:56:45.0750 2196 EventSystem - ok
17:56:45.0765 2196 [ 38D332A6D56AF32635675F13254834 3E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
17:56:45.0906 2196 Fastfat - ok
17:56:45.0953 2196 [ 99BC0B50F511924348BE19C7C7313B BF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
17:56:46.0031 2196 FastUserSwitchingCompatibility - ok
17:56:46.0046 2196 [ 92CDD60B6730B9F50F6A1A0C1F8CDC 81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
17:56:46.0234 2196 Fdc - ok
17:56:46.0250 2196 [ D45926117EB9FA946A6AF572FBE1CA A3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
17:56:46.0421 2196 Fips - ok
17:56:46.0437 2196 [ 9D27E7B80BFCDF1CDD9B555862D5E7 F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
17:56:46.0562 2196 Flpydisk - ok
17:56:46.0593 2196 [ B2CF4B0786F8212CB92ED2B50C6DB6 B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
17:56:46.0718 2196 FltMgr - ok
17:56:46.0734 2196 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC277 9A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
17:56:46.0875 2196 Fs_Rec - ok
17:56:46.0890 2196 [ 6AC26732762483366C3969C9E4D225 9D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
17:56:47.0031 2196 Ftdisk - ok
17:56:47.0046 2196 [ 065639773D8B03F33577F6CDAEA210 63 ] gameenum C:\WINDOWS\system32\DRIVERS\gameenum.sys
17:56:47.0187 2196 gameenum - ok
17:56:47.0187 2196 GMSIPCI - ok
17:56:47.0234 2196 [ 0A02C63C8B144BD8C86B103DEE7C86 A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
17:56:47.0375 2196 Gpc - ok
17:56:47.0437 2196 [ 506708142BC63DABA64F2D3AD1DCD5 BF ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
17:56:47.0453 2196 gupdate - ok
17:56:47.0468 2196 [ 506708142BC63DABA64F2D3AD1DCD5 BF ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
17:56:47.0468 2196 gupdatem - ok
17:56:47.0500 2196 [ 573C7D0A32852B48F3058CFD8026F5 11 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
17:56:47.0640 2196 HDAudBus - ok
17:56:47.0703 2196 [ 4FCCA060DFE0C51A09DD5C3843888B CD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
17:56:47.0859 2196 helpsvc - ok
17:56:47.0875 2196 HidServ - ok
17:56:47.0890 2196 [ CCF82C5EC8A7326C3066DE870C06DA F1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
17:56:48.0031 2196 HidUsb - ok
17:56:48.0078 2196 [ 8878BD685E490239777BFE51320B88 E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
17:56:48.0218 2196 hkmsvc - ok
17:56:48.0218 2196 hpn - ok
17:56:48.0250 2196 hpqcxs08 - ok
17:56:48.0281 2196 [ D03D10F7DED688FECF50F8FBF1EA9B 8A ] HPZid412 C:\WINDOWS\system32\DRIVERS\HPZid412.sys
17:56:48.0375 2196 HPZid412 - ok
17:56:48.0390 2196 [ 89F41658929393487B6B7D13C8528C E3 ] HPZipr12 C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
17:56:48.0421 2196 HPZipr12 - ok
17:56:48.0453 2196 [ ABCB05CCDBF03000354B9553820E39 F8 ] HPZius12 C:\WINDOWS\system32\DRIVERS\HPZius12.sys
17:56:48.0484 2196 HPZius12 - ok
17:56:48.0515 2196 [ 970178E8E003EB1481293830069624 B9 ] HSFHWBS2 C:\WINDOWS\system32\DRIVERS\HSFBS2S2.sys
17:56:48.0640 2196 HSFHWBS2 - ok
17:56:48.0687 2196 [ EBB354438A4C5A3327FB9730626071 4A ] HSF_DP C:\WINDOWS\system32\DRIVERS\HSFDPSP2.sys
17:56:48.0968 2196 HSF_DP - ok
17:56:49.0015 2196 [ F80A415EF82CD06FFAF0D971528EAD 38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
17:56:49.0062 2196 HTTP - ok
17:56:49.0078 2196 [ 6100A808600F44D999CEBDEF8841C7 A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
17:56:49.0218 2196 HTTPFilter - ok
17:56:49.0234 2196 i2omgmt - ok
17:56:49.0234 2196 i2omp - ok
17:56:49.0250 2196 [ 4A0B06AA8943C1E332520F7440C0AA 30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
17:56:49.0390 2196 i8042prt - ok
17:56:49.0421 2196 [ 083A052659F5310DD8B6A6CB05EDCF 8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
17:56:49.0531 2196 Imapi - ok
17:56:49.0562 2196 [ 30DEAF54A9755BB8546168CFE8A6B5 E1 ] ImapiService C:\WINDOWS\system32\imapi.exe
17:56:49.0703 2196 ImapiService - ok
17:56:49.0718 2196 ini910u - ok
17:56:49.0843 2196 [ B2957D6C1226F029230DAC2C46D342 86 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
17:56:50.0796 2196 IntcAzAudAddService - ok
17:56:50.0828 2196 [ B5466A9250342A7AA0CD1FBA134206 78 ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys
17:56:50.0937 2196 IntelIde - ok
17:56:50.0968 2196 [ 3BB22519A194418D5FEC05D800A19A D0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
17:56:51.0140 2196 Ip6Fw - ok
17:56:51.0156 2196 [ 731F22BA402EE4B62748ADAF6363C1 82 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
17:56:51.0281 2196 IpFilterDriver - ok
17:56:51.0296 2196 [ B87AB476DCF76E72010632B5550955 F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
17:56:51.0453 2196 IpInIp - ok
17:56:51.0468 2196 [ CC748EA12C6EFFDE940EE98098BF96 BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
17:56:51.0578 2196 IpNat - ok
17:56:51.0593 2196 [ 23C74D75E36E7158768DD63D92789A 91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
17:56:51.0750 2196 IPSec - ok
17:56:51.0765 2196 [ C93C9FF7B04D772627A3646D89F7BF 89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
17:56:51.0812 2196 IRENUM - ok
17:56:51.0828 2196 [ 05A299EC56E52649B1CF2FC52D20F2 D7 ] isapnp C:\WINDOWS\system32\drivers\isapnp.sys
17:56:51.0968 2196 isapnp - ok
17:56:52.0031 2196 [ D53D7ED7D85A18B0CD4626B88B6DA5 2A ] IvtBtBUs C:\WINDOWS\system32\Drivers\IvtBtBus.sys
17:56:52.0046 2196 IvtBtBUs - ok
17:56:52.0140 2196 [ 1758AF653723679E3746FC7DDD93C6 9B ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
17:56:52.0156 2196 JavaQuickStarterService - ok
17:56:52.0171 2196 [ 463C1EC80CD17420A542B7F36A36F1 28 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
17:56:52.0312 2196 Kbdclass - ok
17:56:52.0343 2196 [ EA26CB00F83686856F2C79673C00C6 86 ] kl1 C:\WINDOWS\system32\DRIVERS\kl1.sys
17:56:52.0359 2196 kl1 - ok
17:56:52.0390 2196 [ 84D0781E4FEA7D801744C82AA64BBF 99 ] KLIF C:\WINDOWS\system32\DRIVERS\klif.sys
17:56:52.0500 2196 KLIF - ok
17:56:52.0531 2196 [ 05E5504E5E06F75F18BBEA7291601F E2 ] klim5 C:\WINDOWS\system32\DRIVERS\klim5.sys
17:56:52.0546 2196 klim5 - ok
17:56:52.0562 2196 [ 7BE035A9C20F357DC765D6C7FDCDC9 64 ] klkbdflt C:\WINDOWS\system32\DRIVERS\klkbdflt.sys
17:56:52.0578 2196 klkbdflt - ok
17:56:52.0578 2196 [ A8234A8F67B0565F74753FE88A7BF0 3D ] klmouflt C:\WINDOWS\system32\DRIVERS\klmouflt.sys
17:56:52.0593 2196 klmouflt - ok
17:56:52.0625 2196 [ 8FD802F86D4AB3FB329B8E51517BFF 2A ] kltdi C:\WINDOWS\system32\DRIVERS\kltdi.sys
17:56:52.0640 2196 kltdi - ok
17:56:52.0656 2196 [ 692BCF44383D056AED41B045A323D3 78 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
17:56:52.0812 2196 kmixer - ok
17:56:52.0828 2196 [ 8F932DF10408BCABA2FCF6163C843F 8E ] kneps C:\WINDOWS\system32\DRIVERS\kneps.sys
17:56:52.0843 2196 kneps - ok
17:56:52.0875 2196 [ B467646C54CC746128904E1654C750 C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
17:56:52.0937 2196 KSecDD - ok
17:56:52.0968 2196 [ 3A7C3CBE5D96B8AE96CE81F0B22FB5 27 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
17:56:53.0078 2196 lanmanserver - ok
17:56:53.0140 2196 [ A8888A5327621856C0CEC4E385F693 09 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
17:56:53.0187 2196 lanmanworkstation - ok
17:56:53.0187 2196 lbrtfdc - ok
17:56:53.0234 2196 [ A7DB739AE99A796D91580147E919CC 59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
17:56:53.0375 2196 LmHosts - ok
17:56:53.0390 2196 [ 4470E3C1E0C3378E4CAB137893C12C 3A ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys
17:56:53.0406 2196 MBAMProtector - ok
17:56:53.0468 2196 [ 65085456FD9A74D7F1A999520C299E CB ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
17:56:53.0531 2196 MBAMScheduler - ok
17:56:53.0562 2196 [ E0D7732F2D2E24B2DB3F67B6750295 B8 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
17:56:53.0687 2196 MBAMService - ok
17:56:53.0734 2196 [ 11F714F85530A2BD134074DC30E99F CA ] MDM C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
17:56:53.0750 2196 MDM - ok
17:56:53.0796 2196 [ 195741AEE20369980796B557358CD7 74 ] mdmxsdk C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
17:56:53.0953 2196 mdmxsdk - ok
17:56:53.0984 2196 [ 4AE068242760A1FB6E1A44BF4E16AF A6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
17:56:54.0140 2196 mnmdd - ok
17:56:54.0171 2196 [ D18F1F0C101D06A1C1ADF26EED16FC DD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
17:56:54.0312 2196 mnmsrvc - ok
17:56:54.0343 2196 [ DFCBAD3CEC1C5F964962AE10E0BCC8 E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
17:56:54.0484 2196 Modem - ok
17:56:54.0515 2196 [ 1992E0D143B09653AB0F9C5E04B0FD 65 ] MODEMCSA C:\WINDOWS\system32\drivers\MODEMCSA.sys
17:56:54.0625 2196 MODEMCSA - ok
17:56:54.0671 2196 [ 35C9E97194C8CFB8430125F8DBC34D 04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
17:56:54.0812 2196 Mouclass - ok
17:56:54.0843 2196 [ B1C303E17FB9D46E87A98E4BA67696 85 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
17:56:54.0968 2196 mouhid - ok
17:56:54.0984 2196 [ A80B9A0BAD1B73637DBCBBA7DF72D3 FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
17:56:55.0140 2196 MountMgr - ok
17:56:55.0156 2196 [ C0F8E0C2C3C0437CF37C6781896DC3 EC ] MPE C:\WINDOWS\system32\DRIVERS\MPE.sys
17:56:55.0265 2196 MPE - ok
17:56:55.0281 2196 mraid35x - ok
17:56:55.0296 2196 [ 11D42BB6206F33FBB3BA0288D3EF81 BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
17:56:55.0406 2196 MRxDAV - ok
17:56:55.0453 2196 [ 7D304A5EB4344EBEEAB53A2FE3FFB9 F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
17:56:55.0531 2196 MRxSmb - ok
17:56:55.0562 2196 [ A137F1470499A205ABBB9AAFB3B6F2 B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe
17:56:55.0671 2196 MSDTC - ok
17:56:55.0671 2196 [ C941EA2454BA8350021D774DAF0F10 27 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
17:56:55.0765 2196 Msfs - ok
17:56:55.0765 2196 MSICPL - ok
17:56:55.0781 2196 MSIServer - ok
17:56:55.0796 2196 [ D1575E71568F4D9E14CA56B7B0453B F1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
17:56:55.0906 2196 MSKSSRV - ok
17:56:55.0937 2196 [ 325BB26842FC7CCC1FCCE2C457317F 3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
17:56:56.0078 2196 MSPCLOCK - ok
17:56:56.0093 2196 [ BAD59648BA099DA4A17680B39730CB 3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
17:56:56.0250 2196 MSPQM - ok
17:56:56.0265 2196 [ AF5F4F3F14A8EA2C26DE30F7A1E171 36 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
17:56:56.0375 2196 mssmbios - ok
17:56:56.0390 2196 [ E53736A9E30C45FA9E7B5EAC55056D 1D ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
17:56:56.0500 2196 MSTEE - ok
17:56:56.0515 2196 [ DE6A75F5C270E756C5508D94B6CF68 F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
17:56:56.0546 2196 Mup - ok
17:56:56.0578 2196 [ 5B50F1B2A2ED47D560577B221DA734 DB ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
17:56:56.0687 2196 NABTSFEC - ok
17:56:56.0718 2196 [ 0102140028FAD045756796E1C685D6 95 ] napagent C:\WINDOWS\System32\qagentrt.dll
17:56:56.0843 2196 napagent - ok
17:56:56.0843 2196 [ 1DF7F42665C94B825322FAE7172113 0D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
17:56:56.0953 2196 NDIS - ok
17:56:56.0968 2196 [ 7FF1F1FD8609C149AA432F95A8163D 97 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
17:56:57.0078 2196 NdisIP - ok
17:56:57.0140 2196 [ 0109C4F3850DFBAB279542515386AE 22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
17:56:57.0187 2196 NdisTapi - ok
17:56:57.0234 2196 [ F927A4434C5028758A842943EF1A38 49 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
17:56:57.0359 2196 Ndisuio - ok
17:56:57.0421 2196 [ EDC1531A49C80614B2CFDA43CA8659 AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
17:56:57.0562 2196 NdisWan - ok
17:56:57.0609 2196 [ 9282BD12DFB069D3889EB3FCC1000A 9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
17:56:57.0656 2196 NDProxy - ok
17:56:57.0687 2196 [ 51C6D8BFBD4EA5B62A1BA7F4469250 D3 ] Net Driver HPZ12 C:\WINDOWS\system32\HPZinw12.dll
17:56:57.0703 2196 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
17:56:57.0703 2196 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
17:56:57.0718 2196 [ 5D81CF9A2F1A3A756B66CF684911CD F0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
17:56:57.0828 2196 NetBIOS - ok
17:56:57.0859 2196 [ 74B2B2F5BEA5E9A3DC021D685551BD 3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
17:56:57.0968 2196 NetBT - ok
17:56:58.0015 2196 [ B857BA82860D7FF85AE29B09564556 3B ] NetDDE C:\WINDOWS\system32\netdde.exe
17:56:58.0125 2196 NetDDE - ok
17:56:58.0125 2196 [ B857BA82860D7FF85AE29B09564556 3B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
17:56:58.0234 2196 NetDDEdsdm - ok
17:56:58.0265 2196 [ BF2466B3E18E970D8A976FB95FC1CA 85 ] Netlogon C:\WINDOWS\system32\lsass.exe
17:56:58.0359 2196 Netlogon - ok
17:56:58.0406 2196 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9 DE ] Netman C:\WINDOWS\System32\netman.dll
17:56:58.0500 2196 Netman - ok
17:56:58.0531 2196 [ 943337D786A56729263071623BBB9D E5 ] Nla C:\WINDOWS\System32\mswsock.dll
17:56:58.0546 2196 Nla - ok
17:56:58.0546 2196 [ 3182D64AE053D6FB034F44B6DEF803 4A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
17:56:58.0687 2196 Npfs - ok
17:56:58.0687 2196 NTACCESS - ok
17:56:58.0718 2196 [ 78A08DD6A8D65E697C18E1DB01C5CD CA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
17:56:58.0859 2196 Ntfs - ok
17:56:58.0875 2196 [ BF2466B3E18E970D8A976FB95FC1CA 85 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
17:56:58.0968 2196 NtLmSsp - ok
17:56:59.0093 2196 [ 156F64A3345BD23C600655FB4D10BC 08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
17:56:59.0265 2196 NtmsSvc - ok
17:56:59.0265 2196 NTProcDrv - ok
17:56:59.0296 2196 [ 73C1E1F395918BC2C6DD67AF7591A3 AD ] Null C:\WINDOWS\system32\drivers\Null.sys
17:56:59.0406 2196 Null - ok
17:56:59.0546 2196 [ 9F4384AA43548DDD438F7B7825D116 99 ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
17:57:01.0062 2196 nv - ok
17:57:01.0093 2196 [ 0C41C4ACFE00D826DB479C40C1D9ED C8 ] NVSvc C:\WINDOWS\system32\nvsvc32.exe
17:57:01.0109 2196 NVSvc - ok
17:57:01.0140 2196 [ B305F3FAD35083837EF46A0BBCE2FC 57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
17:57:01.0250 2196 NwlnkFlt - ok
17:57:01.0265 2196 [ C99B3415198D1AAB7227F2C88FD664 B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
17:57:01.0375 2196 NwlnkFwd - ok
17:57:01.0531 2196 [ 785F487A64950F3CB8E9F16253BA3B 7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
17:57:01.0593 2196 odserv - ok
17:57:01.0625 2196 [ 5A432A042DAE460ABE7199B758E860 6C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:57:01.0640 2196 ose - ok
17:57:01.0656 2196 [ 5575FAF8F97CE5E713D108C2A58D7C 7C ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
17:57:01.0781 2196 Parport - ok
17:57:01.0796 2196 [ BEB3BA25197665D82EC7065B724171 C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
17:57:01.0921 2196 PartMgr - ok
17:57:01.0953 2196 [ 70E98B3FD8E963A6A46A2E6247E0BE A1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
17:57:02.0078 2196 ParVdm - ok
17:57:02.0140 2196 [ FD2041E9BA03DB7764B2248F024750 79 ] pccsmcfd C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
17:57:02.0187 2196 pccsmcfd - ok
17:57:02.0203 2196 [ A219903CCF74233761D92BEF471A07 B1 ] PCI C:\WINDOWS\system32\drivers\pci.sys
17:57:02.0312 2196 PCI - ok
17:57:02.0312 2196 PCIDump - ok
17:57:02.0328 2196 [ CCF5F451BB1A5A2A522A76E670000F F0 ] PCIIde C:\WINDOWS\system32\drivers\pciide.sys
17:57:02.0421 2196 PCIIde - ok
17:57:02.0437 2196 [ 9E89EF60E9EE05E3F2EEF2DA7397F1 C1 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
17:57:02.0546 2196 Pcmcia - ok
17:57:02.0546 2196 PDCOMP - ok
17:57:02.0562 2196 PDFRAME - ok
17:57:02.0562 2196 PDRELI - ok
17:57:02.0562 2196 PDRFRAME - ok
17:57:02.0578 2196 perc2 - ok
17:57:02.0578 2196 perc2hib - ok
17:57:02.0625 2196 [ 65DF52F5B8B6E9BBD183505225C373 15 ] PlugPlay C:\WINDOWS\system32\services.exe
17:57:02.0640 2196 PlugPlay - ok
17:57:02.0656 2196 [ 79834AA2FBF9FE81EEBB229024F6F7 FC ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.dll
17:57:02.0671 2196 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
17:57:02.0671 2196 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
17:57:02.0687 2196 [ BF2466B3E18E970D8A976FB95FC1CA 85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
17:57:02.0781 2196 PolicyAgent - ok
17:57:02.0812 2196 [ EFEEC01B1D3CF84F16DDD24D9D9D8F 99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
17:57:02.0937 2196 PptpMiniport - ok
17:57:02.0953 2196 [ A32BEBAF723557681BFC6BD93E98BD 26 ] Processor C:\WINDOWS\system32\drivers\processr.sys
17:57:03.0078 2196 Processor - ok
17:57:03.0078 2196 [ BF2466B3E18E970D8A976FB95FC1CA 85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
17:57:03.0171 2196 ProtectedStorage - ok
17:57:03.0171 2196 [ 09298EC810B07E5D582CB3A3F92554 24 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
17:57:03.0281 2196 PSched - ok
17:57:03.0296 2196 [ 80D317BD1C3DBC5D4FE7B1678C60CA DD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
17:57:03.0406 2196 Ptilink - ok
17:57:03.0453 2196 [ D86B4A68565E444D76457F14172C87 5A ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
17:57:03.0468 2196 PxHelp20 - ok
17:57:03.0484 2196 ql1080 - ok
17:57:03.0484 2196 Ql10wnt - ok
17:57:03.0484 2196 ql12160 - ok
17:57:03.0500 2196 ql1240 - ok
17:57:03.0500 2196 ql1280 - ok
17:57:03.0515 2196 [ FE0D99D6F31E4FAD8159F690D68DED 9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
17:57:03.0609 2196 RasAcd - ok
17:57:03.0640 2196 [ AD188BE7BDF94E8DF4CA0A55C00A50 73 ] RasAuto C:\WINDOWS\System32\rasauto.dll
17:57:03.0750 2196 RasAuto - ok
17:57:03.0781 2196 [ 11B4A627BC9614B885C4969BFA5FF8 A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
17:57:03.0890 2196 Rasl2tp - ok
17:57:03.0906 2196 [ 76A9A3CBEADD68CC57CDA5E1D74482 35 ] RasMan C:\WINDOWS\System32\rasmans.dll
17:57:04.0046 2196 RasMan - ok
17:57:04.0062 2196 [ 5BC962F2654137C9909C3D4603587D EE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
17:57:04.0171 2196 RasPppoe - ok
17:57:04.0187 2196 [ FDBB1D60066FCFBB7452FD8F9829B2 42 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
17:57:04.0281 2196 Raspti - ok
17:57:04.0312 2196 [ 7AD224AD1A1437FE28D89CF22B1778 0A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
17:57:04.0406 2196 Rdbss - ok
17:57:04.0421 2196 [ 4912D5B403614CE99C28420F753533 32 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
17:57:04.0531 2196 RDPCDD - ok
17:57:04.0531 2196 [ 15CABD0F7C00C47C70124907916AF3 F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
17:57:04.0640 2196 rdpdr - ok
17:57:04.0671 2196 [ 43AF5212BD8FB5BA6EED9754358BD8 F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
17:57:04.0703 2196 RDPWD - ok
17:57:04.0734 2196 [ 3C37BF86641BDA977C3BF8A840F3B7 FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
17:57:04.0843 2196 RDSessMgr - ok
17:57:04.0875 2196 [ F828DD7E1419B6653894A8F97A0094 C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
17:57:05.0031 2196 redbook - ok
17:57:05.0062 2196 [ 7E699FF5F59B5D9DE5390E3C34C67C F5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
17:57:05.0171 2196 RemoteAccess - ok
17:57:05.0203 2196 [ D8B0B4ADE32574B2D9C5CC34DC0DBB E7 ] ROOTMODEM C:\WINDOWS\system32\Drivers\RootMdm.sys
17:57:05.0312 2196 ROOTMODEM - ok
17:57:05.0328 2196 [ AAED593F84AFA419BBAE8572AF87CF 6A ] RpcLocator C:\WINDOWS\system32\locator.exe
17:57:05.0437 2196 RpcLocator - ok
17:57:05.0500 2196 [ 6B27A5C03DFB94B424573906543132 2C ] RpcSs C:\WINDOWS\System32\rpcss.dll
17:57:05.0578 2196 RpcSs - ok
17:57:05.0593 2196 [ 0E11B35E972796042044BC27CE13B0 65 ] rspndr C:\WINDOWS\system32\DRIVERS\rspndr.sys
17:57:05.0609 2196 rspndr ( UnsignedFile.Multi.Generic ) - warning
17:57:05.0609 2196 rspndr - detected UnsignedFile.Multi.Generic (1)
17:57:05.0640 2196 [ 471B3F9741D762ABE75E9DEEA4787E 47 ] RSVP C:\WINDOWS\system32\rsvp.exe
17:57:05.0734 2196 RSVP - ok
17:57:05.0765 2196 [ 89619EF503F949FAE09252A8B883EE 11 ] RTLE8023xp C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
17:57:05.0812 2196 RTLE8023xp - ok
17:57:05.0828 2196 [ BF2466B3E18E970D8A976FB95FC1CA 85 ] SamSs C:\WINDOWS\system32\lsass.exe
17:57:05.0953 2196 SamSs - ok
17:57:05.0968 2196 [ 39763504067962108505BFF25F0243 45 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
17:57:05.0984 2196 SASDIFSV - ok
17:57:06.0031 2196 [ 77B9FC20084B48408AD3E87570EB4A 85 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
17:57:06.0046 2196 SASKUTIL - ok
17:57:06.0078 2196 [ 86D007E7A654B9A71D1D7D856B1043 53 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
17:57:06.0171 2196 SCardSvr - ok
17:57:06.0218 2196 [ 0A9A7365A1CA4319AA7C1D6CD8E4EA FA ] Schedule C:\WINDOWS\system32\schedsvc.dll
17:57:06.0328 2196 Schedule - ok
17:57:06.0375 2196 [ 90A3935D05B494A5A39D37E71F09A6 77 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
17:57:06.0437 2196 Secdrv - ok
17:57:06.0468 2196 [ CBE612E2BB6A10E3563336191EDA12 50 ] seclogon C:\WINDOWS\System32\seclogon.dll
17:57:06.0578 2196 seclogon - ok
17:57:06.0609 2196 [ 7FDD5D0684ECA8C1F68B4D99D124DC D0 ] SENS C:\WINDOWS\system32\sens.dll
17:57:06.0781 2196 SENS - ok
17:57:06.0796 2196 [ 0F29512CCD6BEAD730039FB4BD2C85 CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
17:57:06.0906 2196 serenum - ok
17:57:06.0937 2196 [ CCA207A8896D4C6A0C9CE29A4AE411 A7 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
17:57:07.0046 2196 Serial - ok
17:57:07.0109 2196 [ 3334DE016FDCDE5C98E30A405A72DD 8D ] ServiceLayer C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
17:57:07.0171 2196 ServiceLayer ( UnsignedFile.Multi.Generic ) - warning
17:57:07.0171 2196 ServiceLayer - detected UnsignedFile.Multi.Generic (1)
17:57:07.0171 2196 SetupNTGLM7X - ok
17:57:07.0187 2196 [ 8E6B8C671615D126FDC553D1E2DE55 62 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
17:57:07.0328 2196 Sfloppy - ok
17:57:07.0359 2196 [ 0B1A5E9CACB5CDD54A2815107BD7C7 72 ] sfman C:\WINDOWS\system32\drivers\sfmanm.sys
17:57:07.0468 2196 sfman - ok
17:57:07.0531 2196 [ 83F41D0D89645D7235C051AB1D9523 AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
17:57:07.0671 2196 SharedAccess - ok
17:57:07.0703 2196 [ 99BC0B50F511924348BE19C7C7313B BF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
17:57:07.0734 2196 ShellHWDetection - ok
17:57:07.0750 2196 Simbad - ok
17:57:07.0921 2196 [ AE40D1BC6FB02A5625516AD74CA9A3 09 ] Skype C2C Service C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
17:57:08.0484 2196 Skype C2C Service - ok
17:57:08.0546 2196 [ 3E587DBBDFF938DDE5D4CE4047BE90 41 ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
17:57:08.0562 2196 SkypeUpdate - ok
17:57:08.0593 2196 [ 866D538EBE33709A5C9F5C62B73B7D 14 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
17:57:08.0687 2196 SLIP - ok
17:57:08.0718 2196 [ FA3368A7039F5ABAA4B933703AC347 63 ] smwdm C:\WINDOWS\system32\drivers\smwdm.sys
17:57:08.0796 2196 smwdm - ok
17:57:08.0796 2196 Sparrow - ok
17:57:08.0812 2196 [ AB8B92451ECB048A4D1DE7C3FFCB4A 9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
17:57:08.0937 2196 splitter - ok
17:57:08.0968 2196 [ 60784F891563FB1B767F70117FC242 8F ] Spooler C:\WINDOWS\system32\spoolsv.exe
17:57:09.0046 2196 Spooler - ok
17:57:09.0125 2196 [ 8494B173DD812F7F6A87F2385E444B 18 ] SpyHunter 4 Service C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE
17:57:09.0234 2196 SpyHunter 4 Service - ok
17:57:09.0250 2196 [ 76BB022C2FB6902FD5BDD4F78FC13A 5D ] Sr C:\WINDOWS\system32\DRIVERS\sr.sys
17:57:09.0312 2196 Sr - ok
17:57:09.0359 2196 [ 3805DF0AC4296A34BA4BF93B346CC3 78 ] srservice C:\WINDOWS\system32\srsvc.dll
17:57:09.0421 2196 srservice - ok
17:57:09.0437 2196 [ 47DDFC2F003F7F9F0592C6874962A2 E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
17:57:09.0531 2196 Srv - ok
17:57:09.0562 2196 [ 0A5679B3714EDAB99E357057EE88FC A6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
17:57:09.0609 2196 SSDPSRV - ok
17:57:09.0640 2196 [ 8BAD69CBAC032D4BBACFCE0306174C 30 ] stisvc C:\WINDOWS\system32\wiaservc.dll
17:57:09.0796 2196 stisvc - ok
17:57:09.0828 2196 [ 77813007BA6265C4B6098187E6ED79 D2 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
17:57:09.0968 2196 streamip - ok
17:57:09.0984 2196 [ 3941D127AEF12E93ADDF6FE6EE027E 0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
17:57:10.0125 2196 swenum - ok
17:57:10.0156 2196 [ 8CE882BCC6CF8A62F2B2323D95CB3D 01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
17:57:10.0281 2196 swmidi - ok
17:57:10.0281 2196 SwPrv - ok
17:57:10.0296 2196 symc810 - ok
17:57:10.0296 2196 symc8xx - ok
17:57:10.0296 2196 sym_hi - ok
17:57:10.0312 2196 sym_u3 - ok
17:57:10.0328 2196 [ 8B83F3ED0F1688B4958F77CD6D2BF2 90 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
17:57:10.0453 2196 sysaudio - ok
17:57:10.0484 2196 [ C7ABBC59B43274B1109DF6B24D6170 51 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
17:57:10.0593 2196 SysmonLog - ok
17:57:10.0609 2196 [ 3CB78C17BB664637787C9A1C98F79C 38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
17:57:10.0703 2196 TapiSrv - ok
17:57:10.0750 2196 [ 9AEFA14BD6B182D61E3119FA5F436D 3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
17:57:10.0796 2196 Tcpip - ok
17:57:10.0812 2196 [ 6471A66807F5E104E4885F5B673493 97 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
17:57:10.0921 2196 TDPIPE - ok
17:57:10.0937 2196 [ C56B6D0402371CF3700EB322EF3AAF 61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
17:57:11.0093 2196 TDTCP - ok
17:57:11.0109 2196 [ 88155247177638048422893737429D 9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
17:57:11.0250 2196 TermDD - ok
17:57:11.0281 2196 [ FF3477C03BE7201C294C35F684B347 9F ] TermService C:\WINDOWS\System32\termsrv.dll
17:57:11.0390 2196 TermService - ok
17:57:11.0406 2196 [ 99BC0B50F511924348BE19C7C7313B BF ] Themes C:\WINDOWS\System32\shsvcs.dll
17:57:11.0421 2196 Themes - ok
17:57:11.0468 2196 [ DB7205804759FF62C34E3EFD8A4CC7 6A ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
17:57:11.0531 2196 TlntSvr - ok
17:57:11.0531 2196 TosIde - ok
17:57:11.0578 2196 [ 55BCA12F7F523D35CA3CB833C725F5 4E ] TrkWks C:\WINDOWS\system32\trkwks.dll
17:57:11.0687 2196 TrkWks - ok
17:57:11.0703 2196 [ 5787B80C2E3C5E2F56C2A233D91FA2 C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
17:57:11.0796 2196 Udfs - ok
17:57:11.0812 2196 ultra - ok
17:57:11.0843 2196 [ 402DDC88356B1BAC0EE3DD1580C76A 31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
17:57:12.0078 2196 Update - ok
17:57:12.0093 2196 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD 91 ] upnphost C:\WINDOWS\System32\upnphost.dll
17:57:12.0156 2196 upnphost - ok
17:57:12.0171 2196 [ 05365FB38FCA1E98F7A566AAAF5D18 15 ] UPS C:\WINDOWS\System32\ups.exe
17:57:12.0296 2196 UPS - ok
17:57:12.0328 2196 [ 173F317CE0DB8E21322E71B7E60A27 E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
17:57:12.0437 2196 usbccgp - ok
17:57:12.0468 2196 [ 65DCF09D0E37D4C6B11B5B0B76D470 A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
17:57:12.0578 2196 usbehci - ok
17:57:12.0578 2196 [ 1AB3CDDE553B6E064D2E754EFE2028 5C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
17:57:12.0687 2196 usbhub - ok
17:57:12.0703 2196 [ 0DAECCE65366EA32B162F85F07C675 3B ] usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys
17:57:12.0828 2196 usbohci - ok
17:57:12.0828 2196 [ A717C8721046828520C9EDF31288FC 00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
17:57:12.0937 2196 usbprint - ok
17:57:12.0953 2196 [ A0B8CF9DEB1184FBDD20784A58FA75 D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
17:57:13.0062 2196 usbscan - ok
17:57:13.0093 2196 [ A32426D9B14A089EAA1D922E0C5801 A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
17:57:13.0218 2196 USBSTOR - ok
17:57:13.0234 2196 [ 26496F9DEE2D787FC3E61AD54821FF E6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
17:57:13.0328 2196 usbuhci - ok
17:57:13.0328 2196 VComm - ok
17:57:13.0343 2196 VcommMgr - ok
17:57:13.0359 2196 [ 0D3A8FAFCEACD8B7625CD549757A7D F1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
17:57:13.0468 2196 VgaSave - ok
17:57:13.0484 2196 ViaIde - ok
17:57:13.0515 2196 [ 233509E1AD024A3E451D8DF6795EEE D5 ] vmfilter303 C:\WINDOWS\system32\drivers\vmfilter303.sys
17:57:13.0609 2196 vmfilter303 - ok
17:57:13.0640 2196 [ 4C8FCB5CC53AAB716D810740FE59D0 25 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
17:57:13.0750 2196 VolSnap - ok
17:57:13.0781 2196 [ 7A9DB3A67C333BF0BD42E42B859685 4B ] VSS C:\WINDOWS\System32\vssvc.exe
17:57:13.0828 2196 VSS - ok
17:57:13.0875 2196 [ 54AF4B1D5459500EF0937F6D33B191 4F ] W32Time C:\WINDOWS\system32\w32time.dll
17:57:13.0968 2196 W32Time - ok
17:57:14.0046 2196 [ E20B95BAEDB550F32DD489265C1DA1 F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
17:57:14.0171 2196 Wanarp - ok
17:57:14.0187 2196 WDICA - ok
17:57:14.0203 2196 [ 6768ACF64B18196494413695F0C3A0 0F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
17:57:14.0328 2196 wdmaud - ok
17:57:14.0359 2196 [ 77A354E28153AD2D5E120A5A8687BC 06 ] WebClient C:\WINDOWS\System32\webclnt.dll
17:57:14.0468 2196 WebClient - ok
17:57:14.0500 2196 [ 1225EBEA76AAC3C84DF6C54FE5E5D8 BE ] winachsf C:\WINDOWS\system32\DRIVERS\HSFCXTS2.sys
17:57:14.0718 2196 winachsf - ok
17:57:14.0781 2196 [ 2D0E4ED081963804CCC196A0929275 B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
17:57:14.0921 2196 winmgmt - ok
17:57:14.0984 2196 [ 18F347402DA544A780949B8FDF8335 1B ] WinRM C:\WINDOWS\system32\WsmSvc.dll
17:57:15.0375 2196 WinRM - ok
17:57:15.0421 2196 [ C51B4A5C05A5475708E3C81C7765B7 1D ] WmdmPmSN C:\WINDOWS\system32\mspmsnsv.dll
17:57:15.0468 2196 WmdmPmSN - ok
17:57:15.0500 2196 [ E76F8807070ED04E7408A86D6D3A61 37 ] Wmi C:\WINDOWS\System32\advapi32.dll
17:57:15.0640 2196 Wmi - ok
17:57:15.0671 2196 [ E0673F1106E62A68D2257E376079F8 21 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
17:57:15.0781 2196 WmiApSrv - ok
17:57:15.0828 2196 [ F74E3D9A7FA9556C3BBB14D4E5E63D 3B ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
17:57:16.0062 2196 WMPNetworkSvc - ok
17:57:16.0078 2196 [ 6ABE6E225ADB5A751622A9CC3BC19C E8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
17:57:16.0203 2196 WS2IFSL - ok
17:57:16.0234 2196 [ 7C278E6408D1DCE642230C0585A854 D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
17:57:16.0343 2196 wscsvc - ok
17:57:16.0343 2196 WSearch - ok
17:57:16.0375 2196 [ C98B39829C2BBD34E454150633C62C 78 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
17:57:16.0484 2196 WSTCODEC - ok
17:57:16.0500 2196 [ D29AD7484B98279ED21877DE051A18 0F ] wuauserv C:\WINDOWS\system32\wuauserv.dll
17:57:16.0515 2196 wuauserv - ok
17:57:16.0546 2196 [ F15FEAFFFBB3644CCC80C5DA584E63 11 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
17:57:16.0593 2196 WudfPf - ok
17:57:16.0609 2196 [ 28B524262BCE6DE1F7EF9F510BA398 5B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
17:57:16.0640 2196 WudfRd - ok
17:57:16.0640 2196 [ 05231C04253C5BC30B26CBAAE680ED 89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
17:57:16.0656 2196 WudfSvc - ok
17:57:16.0703 2196 [ 81DC3F549F44B1C1FFF022DEC9ECF3 0B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
17:57:16.0937 2196 WZCSVC - ok
17:57:16.0968 2196 [ 295D21F14C335B53CB8154E5B1F892 B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
17:57:17.0078 2196 xmlprov - ok
17:57:17.0109 2196 [ 3DE80BAA4AF21883CF938197D508B8 48 ] ZSMC303 C:\WINDOWS\system32\Drivers\usbVM303.sys
17:57:17.0171 2196 ZSMC303 - ok
17:57:17.0187 2196 ================ Scan global ===============================
17:57:17.0203 2196 [ 42F1F4C0AFB08410E5F02D4B13EBB6 23 ] C:\WINDOWS\system32\basesrv.dll
17:57:17.0234 2196 [ 69AE2B2E6968C316536E5B10B9702E 63 ] C:\WINDOWS\system32\winsrv.dll
17:57:17.0234 2196 [ 69AE2B2E6968C316536E5B10B9702E 63 ] C:\WINDOWS\system32\winsrv.dll
17:57:17.0265 2196 [ 65DF52F5B8B6E9BBD183505225C373 15 ] C:\WINDOWS\system32\services.exe
17:57:17.0265 2196 [Global] - ok
17:57:17.0265 2196 ================ Scan MBR ==================================
17:57:17.0281 2196 [ 8F558EB6672622401DA993E1E865C8 61 ] \Device\Harddisk0\DR0
17:57:17.0578 2196 \Device\Harddisk0\DR0 - ok
17:57:17.0578 2196 [ DDAE9D649DB12F6AFF24483F2C2989 89 ] \Device\Harddisk1\DR3
17:57:17.0796 2196 \Device\Harddisk1\DR3 - ok
17:57:17.0796 2196 ================ Scan VBR ==================================
17:57:17.0796 2196 [ 5ADF013E45721A53E4BD9F06CC6B2E B7 ] \Device\Harddisk0\DR0\Partition1
17:57:17.0796 2196 \Device\Harddisk0\DR0\Partition1 - ok
17:57:17.0812 2196 [ CE24DBB5911BA8BC026CC3E3527C1B 11 ] \Device\Harddisk0\DR0\Partition2
17:57:17.0812 2196 \Device\Harddisk0\DR0\Partition2 - ok
17:57:17.0812 2196 [ 23A16F422C3BC1251555A4AFA6278E 88 ] \Device\Harddisk1\DR3\Partition1
17:57:17.0812 2196 \Device\Harddisk1\DR3\Partition1 - ok
17:57:17.0812 2196 ============================================================
17:57:17.0812 2196 Scan finished
17:57:17.0812 2196 ============================================================
17:57:17.0937 2156 Detected object count: 8
17:57:17.0937 2156 Actual detected object count: 8
17:57:59.0015 2156 !SASCORE ( UnsignedFile.Multi.Generic ) - skipped by user
17:57:59.0015 2156 !SASCORE ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:57:59.0015 2156 3xHybrid ( UnsignedFile.Multi.Generic ) - skipped by user
17:57:59.0015 2156 3xHybrid ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:57:59.0015 2156 AmdK8 ( UnsignedFile.Multi.Generic ) - skipped by user
17:57:59.0015 2156 AmdK8 ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:57:59.0031 2156 Aspi32 ( UnsignedFile.Multi.Generic ) - skipped by user
17:57:59.0031 2156 Aspi32 ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:57:59.0031 2156 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
17:57:59.0031 2156 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:57:59.0031 2156 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
17:57:59.0031 2156 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:57:59.0031 2156 rspndr ( UnsignedFile.Multi.Generic ) - skipped by user
17:57:59.0031 2156 rspndr ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:57:59.0031 2156 ServiceLayer ( UnsignedFile.Multi.Generic ) - skipped by user
17:57:59.0031 2156 ServiceLayer ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:58:10.0468 3184 Deinitialize success

IP sačuvana

Zatvori

ivan-vr

Poruka #9

30. Jul 2013, 18:04:33

Pocetnik

Zodijak
Pol
Poruke	15

	Windows XP
	Chrome 28.0.1500.72

Probao sam i sa programom: te94decrypt.exe ali mi on pretrazuje samo c a moje slike su na d particiju.
Sa ovim programom sam najblize.

« Poslednja izmena: 30. Jul 2013, 18:05:10 od ivan-vr »

IP sačuvana

Zatvori

Stranice:

2 Sve

Burek :: Forumi :: > Tehnicki deo foruma > Pc Klinika ~ Doktori za vas kompjuter

Tema: virus-dirtydecrypt.exe (Moderatori: enaB, chelavi1)

Trenutno vreme je: 23. Jul 2025, 11:13:00

Prebaci se na:

Oznake: microsoft office spyhunter virus exe

Poslednji odgovor u temi napisan je pre više od 6 meseci.

Temu ne bi trebalo "iskopavati" osim u slučaju da imate nešto važno da dodate. Ako ipak želite napisati komentar, kliknite na dugme "Odgovori" u meniju iznad ove poruke. Postoje teme kod kojih su odgovori dobrodošli bez obzira na to koliko je vremena od prošlog prošlo. Npr. teme o određenom piscu, knjizi, muzičaru, glumcu i sl. Nemojte da vas ovaj spisak ograničava, ali nemojte ni pisati na teme koje su završena priča.

Forum Info: Banneri Foruma :: Burek Toolbar :: Burek Prodavnica :: Burek Quiz :: Najcesca pitanja :: Tim Foruma :: Prijava zloupotrebe

Izvori vesti: Blic :: Wikipedia :: Mondo :: Press :: Naša mreža :: Sportska Centrala :: Glas Javnosti :: Kurir :: Mikro :: B92 Sport :: RTS :: Danas

Prijatelji foruma: Triviador :: Nova godina Beograd :: nova godina restorani :: FTW.rs :: MojaPijaca :: Pojacalo :: 011info :: Burgos :: Sudski tumač Novi Beograd

Pravne Informacije: Pravilnik Foruma :: Politika privatnosti :: Uslovi koriscenja :: O nama :: Marketing :: Kontakt :: Sitemap

All content on this website is property of "Burek.com" and, as such, they may not be used on other websites without written permission.