جهازي مخترق , الحقوني يا ناس !!

[ReD_F0X]

السلام عليكم

مثل ماقريتوا بالعنوان , جهازي مخترق وجاتني شاشة فيها علم السعودية وتقول ان عندي مقاطع فيديو عنف للأطفال ومقاطع اباحية ولابد اني ادفع مبلغ قيمة 300 دولار والا سوف تحول هذه الملفات للمحكمة الشرعية , طبعاً هو نصب في نصب لأن ماعندي اي شيء من القبيل بس يحاول يبتزني !

طيب وش الحل الأن , كيف اعرف وين الثغرات واسدها ؟

والأفضل اني احلها الأن ولا اسوي فورمات واريح راسي !!

هذا تقرير الجهاز !

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:52:36 PM, on 08/02/2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\YCIII\YankClip.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Users\Mansour\iy4zowdz16.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Zyzoom_Forum_Tools\zyzoom.exe
C:\Zyzoom_Forum_Tools\zHijak.com

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {08d6b0b4-c132-470d-a8e2-aa2e9c3851c9} - (no file)
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: Babylon IE plugin - {9CFACCB6-2F3F-4177-94EA-0D2B72D384C1} - C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: Hotspot Shield Class - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files\Hotspot Shield\HssIE\HssIE.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [Regedit32] C:\Windows\system32\regedit.exe
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [iy4zowdz16] C:\Users\Mansour\iy4zowdz16.exe
O4 - HKCU\..\Run: [Regedit32] C:\Windows\system32\regedit.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Yankee Clipper III.lnk = C:\Program Files\YCIII\YankClip.exe
O8 - Extra context menu item: Download all links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download FLV video content with IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Translate this web page with Babylon - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm
O8 - Extra context menu item: Translate with Babylon - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll
O9 - Extra 'Tools' menuitem: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{010A6F81-7497-48D2-9DCF-0FACBEC884FA}: NameServer = 10.71.0.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{010A6F81-7497-48D2-9DCF-0FACBEC884FA}: NameServer = 10.71.0.1
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: Avira Mail Protection (AntiVirMailService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Realtime Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Avira Web Protection (AntiVirWebService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Hotspot Shield Service (hshld) - Unknown owner - C:\Program Files\Hotspot Shield\bin\openvpnas.exe
O23 - Service: Hotspot Shield Routing Service (HssSrv) - AnchorFree Inc. - C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
O23 - Service: Hotspot Shield Tray Service (HssTrayService) - Unknown owner - C:\Program Files\Hotspot Shield\bin\HssTrayService.EXE
O23 - Service: Hotspot Shield Monitoring Service (HssWd) - Unknown owner - C:\Program Files\Hotspot Shield\bin\hsswd.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Ashampoo LiveTuner Service (WO_LiveService) - Unknown owner - C:\Program Files\Ashampoo\Ashampoo WinOptimizer 8\LiveTunerService.exe (file missing)

--
End of file - 9495 bytes


وهذا رابط Runscanner

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

QuickScan 32-bit v0.9.9.105
---------------------------
تاريخ المسح: Wed Feb 08 13:48:47 2012
عنوان الحاسب: 569D1C0D



لم يتم العثور على عدوى
----------------------



البرامج
-------
Avira Antivirus Premium 2012 3560 C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
Firefox 13512 C:\Program Files\Mozilla Firefox\firefox.exe
Firefox 8516 C:\Program Files\Mozilla Firefox\plugin-container.exe
Firefox 11692 C:\Program Files\Mozilla Firefox\plugin-container.exe
IEMonitor Application 4000 C:\Program Files\Internet Download Manager\IEMonitor.exe
Internet Download Manager (IDM) 3592 C:\Program Files\Internet Download Manager\IDMan.exe
Microsoft® Windows® Operating System 3100 C:\Windows\explorer.exe
Microsoft® Windows® Operating System 6040 C:\Windows\System32\slui.exe
Microsoft® Windows® Operating System 2920 C:\Windows\System32\taskhost.exe
Synaptics Pointing Device Driver 3536 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
Yankee Clipper III 3744 C:\Program Files\YCIII\YankClip.exe
تم تفقده Microsoft® Windows® Operating System 3004 C:\Windows\System32\dwm.exe


انشطة الشبكة
------------
البرنامج firefox.exe (13512) موصول على معبر 443 (HTTP over SSL) --> 173.194.70.83
البرنامج firefox.exe (13512) موصول على معبر 443 (HTTP over SSL) --> 84.235.77.80



الملفات المفتوحة تلقائياً و الحساسة
-----------------------------------
Adobe Reader and Acrobat Manager C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
Avira Antivirus Premium 2012 C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
Internet Download Manager (IDM) C:\Program Files\Internet Download Manager\IDMan.exe
Microsoft Office 2010 C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
Microsoft® Windows® Operating System c:\windows\system32\userinit.exe
Synaptics Pointing Device Driver C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
Yankee Clipper III C:\Program Files\YCIII\YankClip.exe


وصلات المتصفح
-------------
AcroIEHelperShim Library c:\program files\common files\adobe\acrobat\activex\acroiehelpershim.dll
Adobe Acrobat C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
Adobe Acrobat C:\Program Files\Internet Explorer\plugins\nppdf32.dll
Adobe Acrobat C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll
Avira Antivirus Premium 2012 C:\Program Files\Avira\AntiVir Desktop\avsda.dll
Babylon IE Addin c:\program files\babylon\babylon-pro\utils\babyloniepi.dll
Bonjour C:\Program Files\Bonjour\mdnsNSP.dll
Google Toolbar for Internet Explorer c:\program files\google\google toolbar\googletoolbar_32.dll
Google Update C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll
hssie.dll c:\program files\hotspot shield\hssie\hssie.dll
Internet Download Manager Module c:\program files\internet download manager\idmiecc.dll
Java Deployment Toolkit 7.0.0.147 C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
Java(TM) Platform SE 7 c:\program files\java\jre7\bin\jp2ssv.dll
Java(TM) Platform SE 7 C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll
Microsoft Office 2010 C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
Microsoft Office 2010 C:\Program Files\Microsoft Office\Office14\NPAUTHZ.DLL
Microsoft Office 2010 C:\Program Files\Microsoft Office\Office14\NPSPWRAP.DLL
Microsoft Office 2010 c:\program files\microsoft office\office14\urlredir.dll
Microsoft® Windows Media Player Firefox C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
Microsoft® Windows® Operating System C:\Windows\system32\mswsock.dll
Microsoft® Windows® Operating System C:\Windows\System32\nlaapi.dll
Microsoft® Windows® Operating System C:\Windows\system32\wshbth.dll
npitunes.dll C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
NPSWF32.dll C:\Windows\system32\Macromed\Flash\NPSWF32.dll
QuickTime Plug-in 7.7.1 C:\Program Files\Internet Explorer\plugins\npqtplugin.dll
QuickTime Plug-in 7.7.1 C:\Program Files\Internet Explorer\plugins\npqtplugin2.dll
QuickTime Plug-in 7.7.1 C:\Program Files\Internet Explorer\plugins\npqtplugin3.dll
QuickTime Plug-in 7.7.1 C:\Program Files\Internet Explorer\plugins\npqtplugin4.dll
QuickTime Plug-in 7.7.1 C:\Program Files\Internet Explorer\plugins\npqtplugin5.dll
QuickTime Plug-in 7.7.1 C:\Program Files\Internet Explorer\plugins\npqtplugin6.dll
QuickTime Plug-in 7.7.1 C:\Program Files\Internet Explorer\plugins\npqtplugin7.dll
QuickTime Plug-in 7.7.1 C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
QuickTime Plug-in 7.7.1 C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
QuickTime Plug-in 7.7.1 C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
QuickTime Plug-in 7.7.1 C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
QuickTime Plug-in 7.7.1 C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
QuickTime Plug-in 7.7.1 C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
QuickTime Plug-in 7.7.1 C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
Skype Toolbars c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Windows® Internet Explorer C:\Windows\system32\ieframe.DLL
تم تفقده Microsoft® Windows® Operating System C:\Windows\system32\napinsp.dll
تم تفقده Microsoft® Windows® Operating System C:\Windows\system32\pnrpnsp.dll
تم تفقده Microsoft® Windows® Operating System C:\Windows\System32\winrnr.dll


الملفات الناقصة
---------------
الملف C:\Users\Mansour\iy4zowdz16.exe غيرموجود
--> HKCU\Software\Microsoft\Windows\CurrentVersion\Run\"iy4zowdz16"

الملف C:\Windows\system32\regedit.exe غيرموجود
--> HKLM\Software\Microsoft\Windows\CurrentVersion\Run\"Regedit32"


مسح
---
MD5: 8082f66dc9c8167ff1aa548736f58457 C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
MD5: 25b2e79c22171a84b1a4c339c3da5df7 C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
MD5: dbb40b2415e5422c12c9976a1f50e68b C:\Program Files\Avira\AntiVir Desktop\avguard.exe
MD5: a3ce36db0f4043695d1dfcf05ee58623 C:\Program Files\Avira\AntiVir Desktop\avipc.dll
MD5: b0bca3b6a95d02287bb9a48224e39b5a C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
MD5: 679526eb47e16b592a38c88207b3e024 C:\Program Files\Avira\AntiVir Desktop\avsda.dll
MD5: 834070ebf5d387cf22df76ec2e30e899 C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
MD5: 38bb3a957479be6c30d773b0283b6bc2 c:\program files\avira\antivir desktop\ccgen.dll
MD5: 488f1dc78753e74310728a76881ac649 c:\program files\avira\antivir desktop\ccgenrc.dll
MD5: 7b142a25150c9dcd485a0774af1dfe70 c:\program files\avira\antivir desktop\ccgrdrc.dll
MD5: 1149fd74ca024ffe3875b412e8054e2c c:\program files\avira\antivir desktop\ccgrdw.dll
MD5: 6ecb96e157527c88868302f0968a4431 c:\program files\avira\antivir desktop\ccguard.dll
MD5: 6c8193b775982e72464f62cdd1ea1129 c:\program files\avira\antivir desktop\cclic.dll
MD5: ab025ddbecb0f371cecdfffefd1fe952 c:\program files\avira\antivir desktop\cclicrc.dll
MD5: 112fc772de6cedca5946aa2bc99e79f2 c:\program files\avira\antivir desktop\ccmainrc.dll
MD5: 2dd7a4be600cefe373dd3bc1ed062cb1 c:\program files\avira\antivir desktop\ccmgrdrc.dll
MD5: a49378f454286b6312b18a1a881f3898 c:\program files\avira\antivir desktop\ccmguard.dll
MD5: 839429fc240fe66ae33b29f88c071e13 c:\program files\avira\antivir desktop\ccmsg.dll
MD5: 3733d0055891e27e7a3aa26f6f63b5ca c:\program files\avira\antivir desktop\ccmsgrc.dll
MD5: 320989a731d24c081c9abc46895d3047 c:\program files\avira\antivir desktop\ccupdate.dll
MD5: 9678ae557078136d1894f7472408a7dd c:\program files\avira\antivir desktop\ccupdrc.dll
MD5: 1fb558c3871120be1073dd4b6a169fed c:\program files\avira\antivir desktop\ccwgrd.dll
MD5: b62ee5ab021a9d54cd94d63c236b0cbb c:\program files\avira\antivir desktop\ccwgrdrc.dll
MD5: 136d02d851e35e5baf38ed0d17d963c2 c:\program files\avira\antivir desktop\ccwgrdw.dll
MD5: 5b2fd4a971e132bc8b1a1195505f323d C:\Program Files\Avira\AntiVir Desktop\ccwkrlib.dll
MD5: 15143de858fc6b33bcdd7d9afd7d2541 c:\program files\avira\antivir desktop\cfglib.dll
MD5: c9f14eafc5e20e19acf50928f554889e c:\program files\avira\antivir desktop\gpipc.dll
MD5: 87ee0f0cd8ef04630b7b955a1bed36b6 C:\Program Files\Avira\AntiVir Desktop\grdcore.dll
MD5: d8a28e0fca1d620df4ff581b937adf13 C:\Program Files\Avira\AntiVir Desktop\rcimage.dll
MD5: d2ca88edb24bb59a830eb2d404c1915c C:\Program Files\Avira\AntiVir Desktop\sched.exe
MD5: f476c9fa7ac26ed83a673e797d68f27f C:\Program Files\Avira\AntiVir Desktop\shlext.dll
MD5: d31766c4aa42ae828b3e1d9a382fc413 c:\program files\babylon\babylon-pro\utils\babyloniepi.dll
MD5: 40947436a70e0034e41123df5a0a7702 C:\Program Files\Bonjour\mdnsNSP.dll
MD5: db5bea73edaf19ac68b2c0fad0f92b1a C:\Program Files\Bonjour\mDNSResponder.exe
MD5: 8a3ba48b5be893e1d81bfac17a3c1b1f c:\program files\common files\adobe\acrobat\activex\acroiehelpershim.dll
MD5: b8e421c0890356cd4a793d8a346d9096 C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
MD5: 62b7936f9036dd6ed36e6a7efa805dc0 C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
MD5: 5d60c9fbd6cbd192c91a3a4ed1759af9 C:\Program Files\Common Files\Ahead\DSFilter\NeBDGraphic.ax
MD5: 2e9a323b863aec4e5afbb18ac2979dad C:\Program Files\Common Files\Ahead\DSFilter\NeBDThumbnail.ax
MD5: d409df65b6f791f58f090c73cb21bf5a C:\Program Files\Common Files\Ahead\DSFilter\NeFLVSplitter.ax
MD5: e6da46eb36bc8dd25cd6c84e228dbf2a C:\Program Files\Common Files\Ahead\DSFilter\NeMP4Splitter.ax
MD5: 816afb8a76d1f9e2f7291d95a3a42eac C:\Program Files\Common Files\Ahead\DSFilter\NeOggSplitter.ax
MD5: 66979e2fb8afeef8d590015bebb68c6c C:\Program Files\Common Files\Ahead\DSFilter\NeQTDec.ax
MD5: c1ca3c165e9d831f5363cef417df5d73 C:\Program Files\Common Files\Ahead\DSFilter\NeResize.ax
MD5: 0be0516f15d564afb6a39fbc7695e5e5 C:\Program Files\Common Files\Ahead\DSFilter\NeSplitter.ax
MD5: 45d47bc6dc0dabccc062f78eac0cb39a C:\Program Files\Common Files\Ahead\DSFilter\NeSubpicture.ax
MD5: a328a46d87bb92ce4d8a4528e9d84787 C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
MD5: 37cf2461cb5e40c4cfab82c8fc79a2bc C:\Program Files\Common Files\Apple\Apple Application Support\ASL.dll
MD5: fc33cbbb9cadcec307da010fe763d04c C:\Program Files\Common Files\Apple\Apple Application Support\CFNetwork.DLL
MD5: 054b87c872292a960b9b8a834b34dfa7 C:\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.dll
MD5: 149d74e1128a86dc9cfb2851fbea11eb C:\Program Files\Common Files\Apple\Apple Application Support\icudt46.dll
MD5: 250bf888ddbe88d61eb19a9d4957c794 C:\Program Files\Common Files\Apple\Apple Application Support\libdispatch.dll
MD5: 5a963c340de1a01ba6e24945ce05d16a C:\Program Files\Common Files\Apple\Apple Application Support\libicuin.dll
MD5: f4bc62990e7e5c29799a895b80fc3177 C:\Program Files\Common Files\Apple\Apple Application Support\libicuuc.dll
MD5: 73862ff693168369a90f046e7f227b83 C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MD5: 794950db77aa590c2964eca0a5874a09 C:\Program Files\Common Files\Apple\Apple Application Support\objc.dll
MD5: 152f8772d5a5cd7883305c3b8d28470e C:\Program Files\Common Files\Apple\Apple Application Support\pthreadVC2.dll
MD5: 8ba9851e671e8b5e49e303748ffd530c C:\Program Files\Common Files\Apple\Apple Application Support\SQLite3.dll
MD5: 2e14406e05789f91c9282ae7cfca3a07 C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MD5: 3debbecf665dcdde3a95d9b902010817 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
MD5: e9901a7e569c4156fda69f5c9356b8ed C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MD5: 61980095ae5d02b1e9d2ed604a90c1bf c:\program files\google\google toolbar\googletoolbar_32.dll
MD5: 27626506e07795bb6357f7f2ef78a90b C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll
MD5: 6b1dc08d22231c9e508a715f07fce7fb C:\Program Files\Hotspot Shield\bin\HssTrayService.EXE
MD5: 564bab77cd96ce0e3fd5bbcdded142df C:\Program Files\Hotspot Shield\bin\hsswd.exe
MD5: 44452f7a09d00573dc6e714874257cc9 C:\Program Files\Hotspot Shield\bin\openvpnas.exe
MD5: dd56e3271d8d63d655454b3f5c0f5c01 c:\program files\hotspot shield\hssie\hssie.dll
MD5: 2cfea9c337b699aca38487e8a7438f35 C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
MD5: 61341439b1d325cac99613062892c7d8 C:\Program Files\Internet Download Manager\IDMan.exe
MD5: 5c98d62e888cbcac78ce27a0e855f4fa C:\Program Files\Internet Download Manager\idmcchandler.dll
MD5: 46ec6d0d65fd03d36f9b750d11c22639 c:\program files\internet download manager\idmiecc.dll
MD5: 706dd70fe7ea8b4362e7a4817ff6baf8 C:\Program Files\Internet Download Manager\idmmkb.dll
MD5: 718335f6e466d4f03e9995300d756d42 C:\Program Files\Internet Download Manager\IDMNetMon.DLL
MD5: 7232b8747e3884f8715290187eb6611e C:\Program Files\Internet Download Manager\IDMShellExt.dll
MD5: a1659e4d08fe8d0f0bc61960d8c0369e C:\Program Files\Internet Explorer\ieproxy.dll
MD5: 53fe2d34b143efdb80685281e751b91c C:\Program Files\Internet Explorer\plugins\nppdf32.dll
MD5: 47c3fa43f99202e2f92efa1eb9bdecf7 C:\Program Files\Internet Explorer\plugins\npqtplugin.dll
MD5: 47c3fa43f99202e2f92efa1eb9bdecf7 C:\Program Files\Internet Explorer\plugins\npqtplugin2.dll
MD5: 47c3fa43f99202e2f92efa1eb9bdecf7 C:\Program Files\Internet Explorer\plugins\npqtplugin3.dll
MD5: 47c3fa43f99202e2f92efa1eb9bdecf7 C:\Program Files\Internet Explorer\plugins\npqtplugin4.dll
MD5: 47c3fa43f99202e2f92efa1eb9bdecf7 C:\Program Files\Internet Explorer\plugins\npqtplugin5.dll
MD5: 47c3fa43f99202e2f92efa1eb9bdecf7 C:\Program Files\Internet Explorer\plugins\npqtplugin6.dll
MD5: 47c3fa43f99202e2f92efa1eb9bdecf7 C:\Program Files\Internet Explorer\plugins\npqtplugin7.dll
MD5: ca1972397b845b2f53f5dc63c22fd98a C:\Program Files\iPod\bin\iPodService.exe
MD5: ef900ef15f71bb7ac415bd5cef90b56d C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
MD5: 1dda8c123f1ed811d32aeddbc69bd740 c:\program files\java\jre7\bin\jp2ssv.dll
MD5: c617e32f8ba7eaf1245290ce70fa3568 C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll
MD5: 4326e350beea92c0555ec6318af85a07 C:\Program Files\K-Lite Codec Pack\ffdshow\ffdshow.ax
MD5: dd4401190884dadbd4a5acf4267fba6b C:\Program Files\K-Lite Codec Pack\Filters\Haali\mkunicode.dll
MD5: e8913ec08f74efa6b810f7273888d7d5 C:\Program Files\K-Lite Codec Pack\Filters\Haali\mkx.dll
MD5: 8ef0fec8ea55674dced3a0202fc2b47e C:\Program Files\K-Lite Codec Pack\Filters\Haali\mkzlib.dll
MD5: 80988e29b182d7c0b5d1d941f4ea3928 C:\Program Files\K-Lite Codec Pack\Filters\Haali\splitter.ax
MD5: 04e6c60e6a81e5ab0eba5f5cb89dda7a C:\Program Files\K-Lite Codec Pack\Filters\LAV\avcodec-lav-53.dll
MD5: f608e666ad4156d0f08db6f5298c8b91 C:\Program Files\K-Lite Codec Pack\Filters\LAV\avformat-lav-53.dll
MD5: 5c1731ac593d9e62a501c15615b6f60d C:\Program Files\K-Lite Codec Pack\Filters\LAV\avutil-lav-51.dll
MD5: 8714a0c12077f85cf09c93cd5e56c608 C:\Program Files\K-Lite Codec Pack\Filters\LAV\LAVAudio.ax
MD5: fb54c658a63bc6391b5ff55a481ad015 C:\Program Files\K-Lite Codec Pack\Filters\LAV\LAVSplitter.ax
MD5: 77203bb21ab09b4d3fd73336737ea4ed C:\Program Files\K-Lite Codec Pack\Filters\LAV\LAVVideo.ax
MD5: be5a5db7d36383e09162d09ddd16dd09 C:\Program Files\K-Lite Codec Pack\Filters\LAV\libbluray.dll
MD5: 49d150d307f938e10ce69964560b5cbb C:\Program Files\K-Lite Codec Pack\Filters\LAV\swscale-lav-2.dll
MD5: 5c3739f97d09caf8abcc0a1f14c82a49 C:\Program Files\K-Lite Codec Pack\Filters\libFlac.dll
MD5: a6549e3d8196829311bca50da7c2699b C:\Program Files\K-Lite Codec Pack\Filters\madFlac.ax
MD5: a2680035053554d8a893e806fda79049 C:\Program Files\K-Lite Codec Pack\Filters\mmamr.ax
MD5: c9c0b335d920e6cc4c38f397017c0dc2 C:\Program Files\K-Lite Codec Pack\Filters\mmmpcdec.ax
MD5: c4289b35c71a401567bf5931f5d82cf9 C:\Program Files\K-Lite Codec Pack\Filters\mmmpcdmx.ax
MD5: 085574f70323b1842f076e6de899a78b C:\Program Files\K-Lite Codec Pack\Filters\vp7dec.ax
MD5: b3995d7631a0ad20241a58e84fcaaf9b C:\Program Files\K-Lite Codec Pack\Filters\vsfilter.dll
MD5: 7fba60e461326274ff354f7537481027 C:\Program Files\K-Lite Codec Pack\Filters\WavPackDSDecoder.ax
MD5: 707cb15443f8915701c3b0b747c2b799 C:\Program Files\K-Lite Codec Pack\Filters\WavPackDSSplitter.ax
MD5: 676ccc08d9e9a3f4ca39cb04e97048df C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
MD5: 26fef9aac9f9f265dee995547d84c055 C:\Program Files\Microsoft Office\Office14\GROOVE.EXE
MD5: fb8c6a46eaf7585d2ca8583c4c9a8edf C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
MD5: a5d08b86e8a437aa6deaf7a187bf6ca5 c:\program files\microsoft office\office14\urlredir.dll
MD5: a7057e1fb47203ff55bced30572f2664 C:\Program Files\Mozilla Firefox\components\browsercomps.dll
MD5: 58ef42056bab230268143e15ab4509bf C:\Program Files\Mozilla Firefox\extensions\afurladvisor@anchorfree.com\components\afurladvisor80.dll
MD5: 4cb4054659abeeef925b153e2290e634 C:\Program Files\Mozilla Firefox\firefox.exe
MD5: d08d8b6306638a0ea7d95666165bb7fe C:\Program Files\Mozilla Firefox\freebl3.dll
MD5: 69793b6f19bdc9c5ae671e89adcfa226 C:\Program Files\Mozilla Firefox\mozalloc.dll
MD5: 674ad9717fe2026f484bf232fc47e28f C:\Program Files\Mozilla Firefox\MOZCPP19.dll
MD5: 89d0ef2f8282b36bea6ce3482e8c577f C:\Program Files\Mozilla Firefox\MOZCRT19.dll
MD5: 47a91e11a42f115d094dee60ec144ad7 C:\Program Files\Mozilla Firefox\mozjs.dll
MD5: f56c38796e2d3a82517bd9c55a6107a7 C:\Program Files\Mozilla Firefox\mozsqlite3.dll
MD5: 2016d8e53579693fbcf59718dde836b4 C:\Program Files\Mozilla Firefox\nspr4.dll
MD5: 70307aaa18fcc82c1b73f82107da9d76 C:\Program Files\Mozilla Firefox\nss3.dll
MD5: 1985fe5d5022dec52e030e01e129ffec C:\Program Files\Mozilla Firefox\nssckbi.dll
MD5: 1b732fb5914612e596f0d57ff9c0f5bd C:\Program Files\Mozilla Firefox\nssdbm3.dll
MD5: ffad522e94add9fd60d5fa6d41d237ea C:\Program Files\Mozilla Firefox\nssutil3.dll
MD5: 770f78dbd5c76dcea4968c936e836ad4 C:\Program Files\Mozilla Firefox\plc4.dll
MD5: a374095556e72de21174173e6800b7fc C:\Program Files\Mozilla Firefox\plds4.dll
MD5: fd67e2c52f62995c3cf1d6d720eeb66f C:\Program Files\Mozilla Firefox\plugin-container.exe
MD5: 99f97c9fe748c37528c338a423577fcb C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
MD5: 8830a12fa2b2f7b9b1d7b04b56e7469f C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
MD5: 53fe2d34b143efdb80685281e751b91c C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll
MD5: 47c3fa43f99202e2f92efa1eb9bdecf7 C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
MD5: 47c3fa43f99202e2f92efa1eb9bdecf7 C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
MD5: 47c3fa43f99202e2f92efa1eb9bdecf7 C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
MD5: 47c3fa43f99202e2f92efa1eb9bdecf7 C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
MD5: 47c3fa43f99202e2f92efa1eb9bdecf7 C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
MD5: 47c3fa43f99202e2f92efa1eb9bdecf7 C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
MD5: 47c3fa43f99202e2f92efa1eb9bdecf7 C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
MD5: 35a2c59e2f1963a9afcac9a959f076a6 C:\Program Files\Mozilla Firefox\smime3.dll
MD5: c35b493f498764e43b35b313b51f5f08 C:\Program Files\Mozilla Firefox\softokn3.dll
MD5: d4b4f877ee533e8b766c67ff54e73d5d C:\Program Files\Mozilla Firefox\ssl3.dll
MD5: 79b19878f2240152c0e5ea8202e12003 C:\Program Files\Mozilla Firefox\xpcom.dll
MD5: 848d0c1ac744b36501eede14d0bb72d8 C:\Program Files\Mozilla Firefox\xul.dll
MD5: 5836b9e91863a00ec1b8e785efd86ecb C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
MD5: b2ed04ee6c687d260a2e3e7830330961 C:\Program Files\Nero\Nero 7\Nero BackItUp\NBShell.dll
MD5: cc057f3eb4f9cff12b2e61a48c518d00 C:\Program Files\Nero\Nero 7\Nero CoverDesigner\CoverEdExtension.dll
MD5: f35a584e947a5b401feb0fe01db4a0d7 C:\Program Files\Nero\Nero 7\Nero CoverDesigner\MFC71.DLL
MD5: bad6a333613786540454044d8cd94524 c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
MD5: 6e240d6c2f0db74bed13ad723d3ab0a1 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
MD5: 3b40d3a61aa8c21b88ae57c58ab3122e C:\Program Files\Windows Media Player\wmpnetwk.exe
MD5: f11fe030158f8ef14a56a3ea9e9bd47d C:\Program Files\WinRAR\rarext.dll
MD5: 046bcdf0793e96dc6d7a4c780ee73ce6 C:\Program Files\YCIII\YankClip.exe
MD5: 9ebb2e95501396554e7eb414fff02a90 C:\Users\Mansour\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.aa\extensions\mozilla_cc@internetdownloadmanager.com\components6\idmmzcc.dll
MD5: 6b9ecf45d72b1b47bea6fbfd62925634 C:\Users\Mansour\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.aa\extensions\{08d6b0b4-c132-470d-a8e2-aa2e9c3851c9}\components\RadioWMPCoreGecko8.dll
MD5: 5edc8bd84719baeec3683e35c15ee75e C:\Users\Mansour\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.aa\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}\gecko8\WINNT_x86-msvc\SSSLauncher.dll
MD5: 777d526938bbe233dbd46a10eb934dfa C:\Users\Mansour\AppData\Roaming\Mozilla\Firefox\Profiles\febeprof.aa\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\plugins\npqscan.dll
MD5: a8c362018efc87beb013ee28f29c0863 C:\Windows\ehome\ehRecvr.exe
MD5: 26f2383a97cd632e883f0644f3bff700 C:\Windows\ehome\ehtrace.dll
MD5: 220cb0483df610a1b9be9a38145b1de8 C:\Windows\ehome\MSTVCapn.dll
MD5: 8b88ebbb05a0e56b7dcc708498c02b3e C:\Windows\explorer.exe
MD5: c521d7eb6497bb1af6afa89e322fb43c C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
MD5: f476ec40033cdb91efbe73eb99b8362d C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
MD5: 2c49b175aee1d4364b91b531417fe583 C:\Windows\servicing\TrustedInstaller.exe
MD5: 9a39a2a5f443a756c568c6ed5748afe4 C:\Windows\System32\Actioncenter.dll
MD5: d2958325c1ae1ae37a83334c6229e3bc C:\Windows\system32\actxprxy.dll
MD5: 95e2376b3323f062eb562b8586d0f14a C:\Windows\system32\ADVAPI32.dll
MD5: 37ce7a79d901235504f9add99a7ac177 C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
MD5: 7a044b0746d957bfd7aae18cfd8422c5 C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
MD5: 0a12d948b2cc7fbb01e28daa5e7c01ea C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
MD5: cb4863f2bd46aa02d954b86b56a149da C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
MD5: 2cae4ed96aa903578452b85e5383940c C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
MD5: e96170a923a69711b4d08e885f05d889 C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
MD5: 44ca750001f0db8c308d1ca4abd0f8e5 C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
MD5: 15df9eb8daba744e4d0e9b117f760f49 C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
MD5: a2385b02cb492131af6f79959a42a93f C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
MD5: 3ad0832e8e29fbe9bd722e3354dd4f57 C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
MD5: 88dc1714e38d4eb41a4378aab98e753b C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
MD5: a1d4deb5176c96b1a80715f6a1fdfb4f C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
MD5: b302a1630e5aea2d830b76bbcd761d72 C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
MD5: 22f767bb3b704f79363999bd4a49e68e C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
MD5: 00b83152f99e846fefb139c574cd4a96 C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
MD5: 50035c36acee069d0c209288208626d9 C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
MD5: cdf677ad479fa99f2e4d9766b83ef53c C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
MD5: 12c34c7325b74e8347e8db75279a8f3f C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
MD5: 96324ed3218133a13fff82055afac733 C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
MD5: a7bdf88a46bcc218b73e383e6547ba5f C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
MD5: 573c70d7076f2f101752a727db7c2280 C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
MD5: 29b01d02e9ff3d8a63f8747b50a5a1a3 C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
MD5: 0cc90316b34118e3b8af760d92c262a4 C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
MD5: 6f399c3e562c4e69df96039743a7aa26 C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
MD5: f3b94e04053c2483a6fecf953d6661d6 C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
MD5: c6942a18444bfffc3cceca69a7e1879c C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
MD5: f47e08b025ae376ef1342fc9ecfecdf1 C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
MD5: 8a13e14b68e00ac2cb67420396d8a1c5 C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
MD5: 863f793d15b4026b1a5fdeca873d4d84 C:\Windows\system32\apphelp.dll
MD5: fb1959012294d6ad43e5304df65e3c26 C:\Windows\System32\appinfo.dll
MD5: b19505648f033393e907e2e419fde8b3 C:\Windows\system32\atiesrxx.exe
MD5: c940f2f5c60b3727c5f18840735b229c C:\Windows\system32\AUDIOSES.DLL
MD5: ce3b4e731638d2ef62fcb419be0d39f0 C:\Windows\System32\Audiosrv.dll
MD5: cdd35c1ce1ebfe80c055691cdc8df443 C:\Windows\system32\authui.dll
MD5: 6e30d02aac9cac84f421622e3a2f6178 C:\Windows\System32\AxInstSV.dll
MD5: 67c1b58706b47eeba4e117ac197289e6 C:\Windows\system32\BatMeter.dll
MD5: 1e2bac209d184bb851e1a187d8a29136 C:\Windows\System32\bfe.dll
MD5: 45760eecc8b74b251171be4f247f17cb C:\Windows\system32\browcli.dll
MD5: 6e11f33d14d020f58d5e02e4d67dfa19 C:\Windows\System32\browser.dll
MD5: e3d5e244807ad655787fcd25477cc1bc C:\Windows\System32\bthprops.cpl
MD5: 7a6986dd659b96398a11af5173892715 C:\Windows\system32\Cabinet.dll
MD5: 319c6b309773d063541d01df8ac6f55f C:\Windows\System32\certprop.dll
MD5: 3ffaea12666e565ff51bf2fca674f543 C:\Windows\system32\CFGMGR32.dll
MD5: ad7b9c14083b52bc532fba5948342b98 C:\Windows\system32\cmd.exe
MD5: d1de1eafde97be41cf6585027ff3e732 C:\Windows\system32\comdlg32.dll
MD5: 92fb57d9d865019d26346eb13e15cd75 C:\Windows\System32\CPFilters.dll
MD5: 4e5fe39c1076d115ec8bfcfe14d75b80 C:\Windows\system32\credssp.dll
MD5: 454e292861a4ef1d72f43f42bbaf6917 C:\Windows\system32\CRYPT32.dll
MD5: a585bebf7d054bd9618eda0922d5484a C:\Windows\system32\cryptsvc.dll
MD5: 28ca821606669bb9215ce010767720fa C:\Windows\system32\CRYPTUI.dll
MD5: 465bea35f7ed4a4a57686dea7ea10f47 C:\Windows\system32\CSCAPI.dll
MD5: 57a51217581614de07f30e34d6bb4993 C:\Windows\System32\CSCDLL.dll
MD5: cf4274ceea9f7791fb7fc40a066bc2c7 C:\Windows\System32\cscobj.dll
MD5: 15f93b37f6801943360d9eb42485d5d3 C:\Windows\System32\cscsvc.dll
MD5: 3ec541c196de18ed9a0d0ac82a694d4c C:\Windows\System32\cscui.dll
MD5: 2de90400a63818fa38c4c5c9adb166bf C:\Windows\system32\d3d10_1.dll
MD5: 9c36a3ca80f9b204c670336d344f5df8 C:\Windows\system32\d3d10_1core.dll
MD5: 6ef5f3f18413c367195f06e503ab86a6 C:\Windows\system32\d3d9.dll
MD5: 284b59d7b56fc76c80e622ab856b1fab C:\Windows\System32\davclnt.dll
MD5: 53223b673a3fa2f9a4d1c31c8d3f6cd8 C:\Windows\system32\dbghelp.dll
MD5: e9e01eb683c132f7fa27cd607b8a2b63 C:\Windows\system32\dhcpcore.dll
MD5: b40420876b9288e0a1c8cca8a84e5dc9 C:\Windows\system32\DNSAPI.dll
MD5: 33ef4861f19a0736b11314aad9ae28d0 C:\Windows\System32\dnsrslvr.dll
MD5: 366ba8fb4b7bb7435e3b9eacb3843f67 C:\Windows\System32\dot3svc.dll
MD5: 8ec04ca86f1d68da9e11952eb85973d6 C:\Windows\system32\dps.dll
MD5: 7713e4eb0276702faa08e52a6e23f2a6 C:\Windows\system32\DRIVERS\avgntflt.sys
MD5: c9fb8c3d650ef8bd76865ec20a19a5bc C:\Windows\system32\DShowRdpFilter.dll
MD5: 497e59d9f01c6f247e72222a61835119 C:\Windows\system32\dwmcore.dll
MD5: 754afc50022c95da7c86b7020db78136 C:\Windows\system32\dwmredir.dll
MD5: 0a5c7253183a6f956d10a3a4bbc96288 C:\Windows\system32\dwrite.dll
MD5: 0411b7958c524bb2e91ee1b3035fe321 C:\Windows\system32\dxgi.dll
MD5: addb05c93272a62606599b24730bd645 C:\Windows\system32\dxp.dll
MD5: 1060d60cca69a8136a87dbe3c8f4a467 C:\Windows\system32\EhStorAPI.dll
MD5: 813845d5c5d8325ca5e8b1f547016378 C:\Windows\System32\EncDec.dll
MD5: 53af1750fd45ddd705c9b68c7dc58827 C:\Windows\System32\EVR.dll
MD5: e2a17bcc08d92f42e08af6ba2f93aba7 C:\Windows\system32\EXPLORERFRAME.dll
MD5: 1e8d06aae74fed674c1156b3fea911c2 C:\Windows\system32\Faultrep.dll
MD5: b3a5ec6b6b6673db7e87c2bcdbddc074 C:\Windows\system32\FntCache.dll
MD5: d0481fb85beedd30a0884be327880f80 C:\Windows\System32\framedynos.dll
MD5: 03a03a453f1aaae0c73aaaf895321c7a C:\Windows\System32\fwpuclnt.dll
MD5: 967ea5b213e9984cbe270205df37755b C:\Windows\system32\fxssvc.exe
MD5: 19bc13711ac403feb830522e4831701b C:\Windows\System32\gameux.dll
MD5: e87f5393f7d8ce2facc4dff703531392 C:\Windows\system32\GDI32.dll
MD5: e897eaf5ed6ba41e081060c9b447a673 C:\Windows\System32\gpsvc.dll
MD5: c7952d0a4c43a965a1741916bb134751 C:\Windows\System32\hgcpl.dll
MD5: 7319102526bd11b45fd66335cf90ca12 C:\Windows\System32\HotStartUserAgent.dll
MD5: 691e93028b8723e05b4a637be77380dd C:\Windows\system32\ieframe.DLL
MD5: 1416ab557be700fa117323b6b8f32882 C:\Windows\system32\iertutil.dll
MD5: f95622f161474511b8d80d6b093aa610 C:\Windows\System32\ikeext.dll
MD5: b2fd31e20b423335fe3273b4bf95813c C:\Windows\system32\imagehlp.dll
MD5: 2d11bc8b460957e62e4420373a0d8bda C:\Windows\system32\imapi2.dll
MD5: 4a8e2f20809cc161107faa94f6cf2685 C:\Windows\system32\IMM32.DLL
MD5: a90dc9abd65db1a8902f361103029952 C:\Windows\System32\IPHLPAPI.DLL
MD5: 4d65a07b795d6674312f879d09aa7663 C:\Windows\System32\iphlpsvc.dll
MD5: 53946b69ba0836bd95b03759530c81ec C:\Windows\System32\ipsecsvc.dll
MD5: 00f48a9d03f672f7ebe601ffa9bb6f28 C:\Windows\System32\itvdata.dll
MD5: e570cbd732848438eac574eb3442a2a8 C:\Windows\system32\kernel32.dll
MD5: a9f8e23c1fc00190376b11ffad9de6c6 C:\Windows\system32\KERNELBASE.dll
MD5: 196b4e3f4cccc24af836ce58facbb699 C:\Windows\system32\kmsvc.dll
MD5: 6658f4404de03d75fe3ba09f7aba6a30 C:\Windows\system32\ListSvc.dll
MD5: 81951f51e318aecc2d68559e47485cc4 C:\Windows\System32\lsass.exe
MD5: de3745a51b7ac7fedc356a83f76c8023 C:\Windows\system32\Macromed\Flash\NPSWF32.dll
MD5: 477b711ebf491226fa40301290f66bac C:\Windows\System32\MCEWMDRMNDBootstrap.DLL
MD5: bfb9ee8ee977efe85d1a3105abef6dd1 C:\Windows\system32\Mcx2Svc.dll
MD5: 3206adc4d06bb764c9a4936c8e22708c C:\Windows\System32\mediametadatahandler.dll
MD5: 2a2c442f00b45e01d4c882eea69a01bc C:\Windows\system32\MFC100ENU.DLL
MD5: f3de10aabd5c7a1a186c9966f037d0c0 C:\Windows\system32\mfc100u.dll
MD5: 243974ec02f7ae49e4179c54624143ab C:\Windows\system32\MMDevAPI.DLL
MD5: bc10595fb4ca9d9c07a08ef1a736f301 C:\Windows\System32\mp43decd.dll
MD5: 44e27c2346456b3618600bdd05207031 C:\Windows\System32\mp4sdecd.dll
MD5: e9aef26aeebfaab901fab3d93677df98 C:\Windows\System32\Mpeg2Data.ax
MD5: 246560c5b7995489f25bf9175f2b6380 C:\Windows\System32\mpg2splt.ax
MD5: 5c84a43fefe565bbba574c552e3a56c8 C:\Windows\System32\mpg4decd.dll
MD5: 9835584e999d25004e1ee8e5f3e3b881 C:\Windows\system32\mpssvc.dll
MD5: 938f39b50bafe13d6f58c7790682c010 C:\Windows\system32\MSASN1.dll
MD5: 7f8678c59f188528d60104e697c2361e C:\Windows\system32\mscms.dll
MD5: 7069aab8536f29ed7323140973a2894b C:\Windows\system32\msdmo.dll
MD5: 3a16ea01fcfaab40882db5bfee632322 C:\Windows\system32\MsftEdit.dll
MD5: 0ce4d3bd306da6d1f6f233c403f5b667 C:\Windows\system32\msi.dll
MD5: eee470f2a771fc0b543bdeef74fceca0 C:\Windows\system32\msiexec.exe
MD5: 35aae2e841aa1a949775168e119482c9 C:\Windows\system32\msls31.dll
MD5: 3de43bfdaf3f8979699650202aa18b12 C:\Windows\System32\msmpeg2vdec.dll
MD5: 56ceed370508f69a1ba04939bd1badda C:\Windows\system32\MSUTB.dll
MD5: bc83108b18756547013ed443b8cdb31b C:\Windows\system32\MSVCP100.dll
MD5: 0e37fbfa79d349d672456923ec5fbbe3 C:\Windows\system32\MSVCR100.dll
MD5: c335ec1182ac10b188705554e0bc1186 C:\Windows\system32\MSVFW32.dll
MD5: 59d16c3d5cc0d573256a01783ed5ccb4 C:\Windows\System32\msvidctl.dll
MD5: 8999b8631c7fd9f7f9ec3cafd953ba24 C:\Windows\system32\mswsock.dll
MD5: 4205ca4cd43e725db9ff02b0a588a8c6 C:\Windows\System32\msxml3.dll
MD5: 269d867585cda04d3972a39f3694e7df C:\Windows\System32\msxml6.dll
MD5: 8b57a1ad493653bb57f281fe75dd175b C:\Windows\System32\NaturalLanguage6.dll
MD5: 8ce1a6d16b9077e91e192499eb611c5f C:\Windows\system32\NETAPI32.dll
MD5: eab975db4c2805927fe5bd047d05c9aa C:\Windows\System32\netshell.dll
MD5: 20b3934db73eaba2b49b7177873cb81f C:\Windows\system32\netutils.dll
MD5: 3d57ffbad3ed16b63de3879bab0fb56f C:\Windows\system32\NetworkExplorer.dll
MD5: 104a1070e90f1c530328e69b49718841 C:\Windows\System32\nlaapi.dll
MD5: c30a91ade8c9cb91e4281ec83c4500c6 C:\Windows\SYSTEM32\ntdll.dll
MD5: d7b7159bc8374e87d8c45a30377a3440 C:\Windows\System32\ntlanman.dll
MD5: eb77db354791a5932ca559b6f6374e95 C:\Windows\system32\ntshrui.dll
MD5: 928cf7268086631f54c3d8e17238c6dd C:\Windows\system32\ole32.dll
MD5: 8e01332cc4b68bc6b5b7effe374442aa C:\Windows\system32\OLEACC.dll
MD5: 6c765e82b57f2e66ce9c54ac238471d9 C:\Windows\system32\OLEAUT32.dll
MD5: 703ffd301ab900b047337c5d40fd6f96 C:\Windows\system32\OLEPRO32.DLL
MD5: f748f53fe09d21d8ecbb6421e6792024 C:\Windows\system32\OneX.DLL
MD5: 414bba67a3ded1d28437eb66aeb8a720 C:\Windows\system32\pla.dll
MD5: 3d6f22551d422f97aacb0bb927e4c846 C:\Windows\System32\pnidui.dll
MD5: e98278865e8daba21cfe5fe4be34210a C:\Windows\system32\PortableDeviceApi.dll
MD5: c8333f1f77a1b2e25f2202e892caf634 C:\Windows\system32\prnfldr.dll
MD5: 43ca4ccc22d52fb58e8988f0198851d0 C:\Windows\system32\profsvc.dll
MD5: 12c45e3cb6d65f73209549e2d02eca7a C:\Windows\system32\PROPSYS.dll
MD5: dbc02d918fff1cad628acbe0c0eaa8e8 C:\Windows\System32\provsvc.dll
MD5: 68dca1777d7224a79a9dc3d47bed6d32 C:\Windows\System32\psisrndr.ax
MD5: 02530b0b7e048dd5ac8d52daeacaeb2b C:\Windows\System32\QAgent.dll
MD5: 61d57a5d7c6d9afe10e77dae6e1b445e C:\Windows\system32\qagentRT.dll
MD5: a54e92ae753d4bc63fe71f010f76ef04 C:\Windows\system32\qasf.dll
MD5: 92df43a9cdd39c67f2b2d2f98799e086 C:\Windows\system32\qdv.dll
MD5: 68783e77d401e6392ea6579ebcef16c8 C:\Windows\system32\qdvd.dll
MD5: 44b13b356c737b628e73833b07cbbf72 C:\Windows\System32\qedit.dll
MD5: e585445d5021971fae10393f0f1c3961 C:\Windows\System32\qmgr.dll
MD5: 0ae0c4955e1de29ccdc9da1b816fe5ee C:\Windows\system32\quartz.dll
MD5: bd626ef05967d14c772b8096292731a3 C:\Windows\System32\QUtil.dll
MD5: cb9e04dc05eacf5b9a36ca276d475006 C:\Windows\System32\rasmans.dll
MD5: 102cf6879887bbe846a00c459e6d4abc C:\Windows\system32\RICHED20.dll
MD5: b5506b451bfe7148eca7056bda2970bd C:\Windows\system32\RICHED32.DLL
MD5: 6400774e903729add0a62a24a334ee56 C:\Windows\system32\RPCRT4.dll
MD5: 5997d769cdb108390dcfaebf442bf816 C:\Windows\system32\RpcRtRemote.dll
MD5: 7660f01d3b38aca1747e397d21d790af C:\Windows\system32\rpcss.dll
MD5: 0915c4db6dbc3bb9e11b7ecbbe4b7159 C:\Windows\system32\rtutils.dll
MD5: 68ecca523ed760aafc03c5d587569859 C:\Windows\system32\samcli.dll
MD5: 1affb765af1fdcc0c185c38e9ddddaee C:\Windows\system32\schannel.DLL
MD5: a04bb13f8a72f8b6e8b4071723e4e336 C:\Windows\system32\schedsvc.dll
MD5: 08236c4bce5edd0a0318a438af28e0f7 C:\Windows\System32\SDRSVC.dll
MD5: 236f286e103fd44bd85fdd93097fd5dd C:\Windows\system32\SearchIndexer.exe
MD5: 69678722290c78d5d7198c60b5a4e3e8 C:\Windows\system32\Secur32.dll
MD5: 4ae380f39a0032eab7dd953030b26d28 C:\Windows\system32\sessenv.dll
MD5: 10fb16b50affda6d44588f3c445dc273 C:\Windows\system32\SETUPAPI.dll
MD5: f14a9b1778376d0b1788e402ac1f831a C:\Windows\System32\shacct.dll
MD5: be247ae996a9fde007a27b51413a6c79 C:\Windows\System32\shdocvw.dll
MD5: 699b9dda17581b8e7f50a0ff05c7e102 C:\Windows\system32\SHELL32.dll
MD5: 8cc3c111d653e96f3ea1590891491d71 C:\Windows\system32\SHLWAPI.dll
MD5: 414da952a35bf5d50192e28263b40577 C:\Windows\System32\shsvcs.dll
MD5: 8d556c98576bf35c7a0c81429e0f7530 C:\Windows\System32\slui.exe
MD5: 788a402d0fcc43662ba8b73c85c63c7f C:\Windows\system32\slwga.dll
MD5: 2cfa4569350b7f84f815e9ec34e85766 C:\Windows\system32\SndVolSSO.DLL
MD5: 866a43013535dc8587c258e43579c764 C:\Windows\System32\spoolsv.exe
MD5: 8e4b58e12b3fa65ed1462846906e0b59 C:\Windows\System32\SPPC.DLL
MD5: 7a3afe50417b94910a6dae1d07df6e3a C:\Windows\system32\sppcext.dll
MD5: e3ae23569749de12d45ba3b489a036ae C:\Windows\system32\sppcomapi.dll
MD5: 00ffc4b151593d4f188ae12c5ee7014a C:\Windows\System32\sppcommdlg.dll
MD5: cf87a1de791347e75b98885214ced2b8 C:\Windows\system32\sppsvc.exe
MD5: 7773ad40221ecbbd18053ec75aff229b C:\Windows\system32\sppuinotify.dll
MD5: ce292c4c10b8db6070f262ea2733f0dc C:\Windows\System32\sqmapi.dll
MD5: 674b0c0f6a448eb185caab9c51d44032 C:\Windows\System32\srchadmin.dll
MD5: 5ccdcd40e732d54e0f7451ac66ac1c87 C:\Windows\system32\srvcli.dll
MD5: d64af876d53eca3668bb97b51b4e70ab C:\Windows\system32\srvsvc.dll
MD5: 4a054c853031616d161a84becf281f47 C:\Windows\system32\SspiCli.dll
MD5: 912649a1b3f9e6acb3899fbdaba2ed5f C:\Windows\system32\stobject.dll
MD5: 6a1e8deb746912df47cf651e138401d7 C:\Windows\System32\StructuredQuery.dll
MD5: 919001d2bb17df06ca3f8ac16ad039f6 C:\Windows\system32\SXS.DLL
MD5: 2ddea2c345da5bc589efd398f220db0e C:\Windows\System32\SyncCenter.dll
MD5: 390951d528c971215ac220ba12f60dec C:\Windows\system32\SynCOM.dll
MD5: 20a20a911cd79a6f6839167149a05668 C:\Windows\system32\syncui.dll
MD5: a7fa423e62ca375d0b12b752c446568f C:\Windows\system32\SynTPAPI.dll
MD5: 36650d618ca34c9d357dfd3d89b2c56f C:\Windows\system32\sysmain.dll
MD5: 6b140b1382f1fe04ba57b196aeb19725 C:\Windows\system32\t2embed.dll
MD5: 763fecdc3d30c815fe72dd57936c6cd1 C:\Windows\System32\TabSvc.dll
MD5: 613bf4820361543956909043a265c6ac C:\Windows\System32\tapisrv.dll
MD5: 7fa8ba5a780e4757964ac9d4238302b9 C:\Windows\System32\taskhost.exe
MD5: 544eff88ac6c85df5a4d6f18dfe08cfc C:\Windows\system32\taskschd.dll
MD5: 382c804c92811be57829d8e550a900e2 C:\Windows\System32\termsrv.dll
MD5: 672d7c5080acb003343006405da2e621 C:\Windows\system32\thumbcache.dll
MD5: 83c9840cf87a0ca55526327801716d27 C:\Windows\system32\timedate.cpl
MD5: b4cddaff4d69b0e9edbf5751db5a5193 C:\Windows\System32\tvratings.dll
MD5: c9708c9f3dba3dbfb1d2fee1e9dabad0 C:\Windows\system32\twext.dll
MD5: ec7bc28d207da09e79b3e9faf8b232ca C:\Windows\system32\umpnpmgr.dll
MD5: f87d30e72e03d579a5199ccb3831d6ea C:\Windows\system32\umpo.dll
MD5: 409994a8eaceee4e328749c0353527a0 C:\Windows\System32\umrdp.dll
MD5: 814638f572f497d96b17bf254113d9a4 C:\Windows\system32\urlmon.dll
MD5: be8c64439f1e2af088063218c16eb9fe C:\Windows\system32\USER32.dll
MD5: d15618a0ff8dbc2c5bf3726bacc75a0b C:\Windows\system32\USERENV.dll
MD5: 61ac3efdfacfdd3f0f11dd4fd4044223 c:\windows\system32\userinit.exe
MD5: 804aaafebb3ad5f49334dd906bcb1de5 C:\Windows\system32\USP10.dll
MD5: 370349f79315d4db86cd992cacefee61 C:\Windows\system32\van.dll
MD5: 4d6262d5cffa7d932126d2b85c373f87 C:\Windows\System32\VBICodec.ax
MD5: 373a87dbfd387ddc54375f547834fbbd C:\Windows\System32\vbisurf.ax
MD5: c3cd30495687c2a2f66a65ca6fd89be9 C:\Windows\System32\vds.exe
MD5: 209a3b1901b83aeb8527ed211cce9e4c C:\Windows\system32\vssvc.exe
MD5: cfc7d8289d2b5f3cf8d16e2db7f93d4a C:\Windows\system32\wbem\fastprox.dll
MD5: 704314fd398c81d5f342caa5df7b7f21 C:\Windows\system32\wbemcomn.dll
MD5: 691e3285e53dca558e1a84667f13e15a C:\Windows\system32\wbengine.exe
MD5: 34eee0dfaadb4f691d6d5308a51315dc C:\Windows\System32\wcncsvc.dll
MD5: d205c24a9d069049fe2df2a1b38726a7 C:\Windows\system32\wdmaud.drv
MD5: a9d880f97530d5b8fee278923349929d C:\Windows\System32\webclnt.dll
MD5: fb19fc5951a88f3c523e35c2c98d23c0 C:\Windows\System32\webio.dll
MD5: 590d5c506044fe02ff7643e32ff9bdac C:\Windows\System32\wer.dll
MD5: 1869bd251211fb6275067372a45682d6 C:\Windows\System32\werconcpl.dll
MD5: e1fb3706030fb4578a0d72c2fc3689e4 C:\Windows\System32\wiaservc.dll
MD5: 1db71a41daee6b3f8cd0dda8209fa2d5 C:\Windows\system32\WindowsCodecs.dll
MD5: ca9f7888b524d8100b977c81f44c3234 C:\Windows\System32\WINHTTP.dll
MD5: 02f98b5c0e397ad06124d84428cf8f1a C:\Windows\system32\WININET.dll
MD5: d5aefad57c08349a4393d987df7c715d C:\Windows\system32\WINMM.dll
MD5: 9419abf3163b6f0e3ad3dd2b381c879f C:\Windows\system32\WinSCard.dll
MD5: 9e4b0e7472b4ceba9e17f440b8cb0ab8 C:\Windows\system32\WINSPOOL.DRV
MD5: 418e881201583a3039d81f43e39e6c78 C:\Windows\system32\WINSTA.dll
MD5: 2d0d2da87bea7144f2a17f19d0d17e4c C:\Windows\system32\WINTRUST.dll
MD5: e5a4a1326a02f8e7b59e6c3270ce7202 C:\Windows\system32\wkscli.dll
MD5: 58405e4f68ba8e4057c6e914f326aba2 C:\Windows\System32\wkssvc.dll
MD5: a8bb45f9ecad993461e0fef8e2a99152 C:\Windows\system32\WLDAP32.dll
MD5: ff3c5379de4fd18498c255d096fed3f5 C:\Windows\System32\WMADMOD.DLL
MD5: 394117608eb031e622d4812e67746f09 C:\Windows\System32\WMDRMSDK.DLL
MD5: 65b76f79ba94cf8837d556d4c9067773 C:\Windows\system32\WMSPDMOD.DLL
MD5: 402d0425a26a0660bc1299a5854a4785 C:\Windows\System32\wmvdecod.dll
MD5: 9e44d3d2d1d2da5ed565d471e350f1cd C:\Windows\System32\wmvsdecd.dll
MD5: aa53356d60af47eacc85bc617a4f3f66 C:\Windows\system32\wpdbusenum.dll
MD5: 735263da17bf5baf9ccd483843bf9d5a C:\Windows\system32\wpdshserviceobj.dll
MD5: 7ff15a4f092cd4a96055ba69f903e3e9 C:\Windows\system32\WS2_32.dll
MD5: a8cdf3768604ff95b54669e20053d569 C:\Windows\System32\WSCAPI.dll
MD5: 7fd5532c142db6c9cc47aa4dcf71fdec C:\Windows\System32\wscui.cpl
MD5: ac122407b29378ff9646f03404ac7c54 C:\Windows\system32\wshbth.dll
MD5: 1b91cd34ea3a90ab6a4ef0550174f4cc C:\Windows\system32\WsmSvc.dll
MD5: 6a6b2ee4565a178035be2a4ff6f2c968 C:\Windows\system32\WTSAPI32.dll
MD5: 3026418a50c5b4761befa632cedb7406 C:\Windows\system32\wuaueng.dll
MD5: 8d1e1e529a2c9e9b6a85b55a345f7629 C:\Windows\System32\WUDFSvc.dll
MD5: edf2a5e96bec469da3f64e9bdd386111 C:\Windows\system32\xmllite.dll
MD5: 0b3595a4ff0b36d68e5fc67fd7d70fdc C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\MSVCP80.dll
MD5: c9564cf4976e7e96b4052737aa2492b4 C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\MSVCR80.dll
MD5: 58a14c45a5cd2528f10a889e7b0c3fc2 C:\Windows\WinSxS\x86_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.6161_none_51cd0a7abbe4e19b\ATL90.DLL
MD5: 4c39358ebdd2ffcd9132a30e1ec31e16 C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\MSVCP90.dll
MD5: cdbe9690cf2b8409facad94fac9479c9 C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\MSVCR90.dll
MD5: bdac1aa64495d0f7e1ff810ebbf1f018 C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\COMCTL32.dll
MD5: 352b3dc62a0d259a82a052238425c872 C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
MD5: 0029eba325f2fc9b6ba46bee33f32a09 C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17514_none_72d18a4386696c80\gdiplus.dll


لم يتم تحميل اي ملف

انتهاء المسح - تم الاتصال خلال 2 ثواني
الحجم الاجمالي - تم ارسال 0.02 ميجابايت و تم استقبال 1.49
تم مسح 647 ملف و برنامج - 38 ثواني

==============================================================================






====== معلومات نظام التشغيل ======

X86 WIN_7 7601 Service Pack 1


====== قائمة البرامج المثبتة ======

µTorrent
1Click DVD Converter 2.2.0.5
Adobe Flash Player 10 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader X (10.1.2)
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Avira Antivirus Premium 2012
Babylon
Bonjour
CCleaner
Definition update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Folder Marker Pro v 3.2
Google Toolbar for Internet Explorer
Google Toolbar for Internet Explorer
Google Update Helper
Hotspot Shield 2.24
Infix 5.07
Internet Download Manager
iTunes
Java Auto Updater
Java(TM) 7
JDownloader 0.9
K-Lite Mega Codec Pack 7.7.0
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Client Profile
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Groove MUI (English) 2010
Microsoft Office InfoPath MUI (English) 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Professional Plus 2010
Microsoft Office Professional Plus 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Word MUI (English) 2010
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Mozilla Firefox 8.0 (x86 en-US)
Nero 7 Ultra Edition
QuickTime
Recover My Files
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft Office 2010 (KB2553091)
Security Update for Microsoft Office 2010 (KB2553096)
Security Update for Microsoft Office 2010 (KB2553353) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition
Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition
Security Update for Microsoft SharePoint Workspace 2010 (KB2566445)
Skype Click to Call
Skype™ 5.5
Synaptics Pointing Device Driver
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft Excel 2010 (KB2553439) 32-Bit Edition
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553385) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553455) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2553323) 32-Bit Edition
Update for Microsoft Outlook Social Connector (KB2583935)
Update for Microsoft Outlook Social Connector (KB2583935)
VLC media player 1.1.11
Web2Pic Pro
Windows Media Player Firefox Plugin
WinRAR archiver
Yankee Clipper III
Your Uninstaller! 7

 

[البارون]

وحاول تطبق هالطريقة اظنها تمشي مع هالاصابات

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

​

 

[ReD_F0X]

تفضل هذا ملف ورد فيه التقرير , ما قدرت اضيفه في رد لأنه كثير جداً

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

 

[البارون]

اخوي التقرير زي هذا اللي في الصورة محدد

 

[الخفـوق]

من بعد اذن الغالي / البارون

ربي يحفظك ويخليك

..

اخوي red Fox

الاصابه / تجي من رابط معين ،،، اللي يدخله يُصاب جهازه به
وتزرع ملف بمسار بالجهاز


المالوير بايت / فحص بالوضع الامن
يزيله من جذوره ان شاء الله



​

 

[ReD_F0X]

الأن استخدمت الماليوير بايت , وحذفت كل شي ماعدا ملف التفعيل حق الونيدوز واشتغل معاي الجهاز وانا الان اكلمكم منه

بس ابي اتأكد ان الأن وضعي في السليم !

الأن حاولت اسوي ابديت بخصوصاً اني حذفت ملفات من النظام فـ رحت وحاولت اسوي ابديت ويقولي : ان خدمت الأبديت نفسها الأن موقفه واحتاج اسوي ريستارات "

الأن لا بحثت عن طريق برنامج TDSS KILLER وحطيت كل الخيارات الأربع في الأعدادات , جاني تقريباً 280 حاجه مسويه خطر على جهازي , حاولت احفظ التقرير مو عارف صراحة لأن مافي خيار حفظ بس في خيار عرض وحاولت ان احطها في ملف txt وحاولت ارفع مو راضي على موقع up-master

طيب , وش اسوي الحين بالضبط علموني الله يخليك ؟

 

[البارون]

اخوي من قالك حدد الخيارات الاربع في البرنامج اللي انت سويته غلط ومن امس اقولك افحص بالاداة بالوضع الافتراضي

افحص بالاداة بشكل عادي شيل الخيارين اللي تحت

واعمل تقارير هايجاك+ البرامج المثبته​

 

[ReD_F0X]

طيب الفحص لما اسويه طلع لي ملفات خطره , احذفها ولا وش اسوي ؟

 

[ReD_F0X]

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 2:06:45 PM, on 10/02/2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Users\Mansour\iy4zowdz16.exe
C:\Program Files\YCIII\YankClip.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Users\Mansour\Desktop\TDSSKiller.exe
C:\Zyzoom_Forum_Tools\zyzoom.exe
C:\Zyzoom_Forum_Tools\zHijak.com

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {08d6b0b4-c132-470d-a8e2-aa2e9c3851c9} - (no file)
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: Babylon IE plugin - {9CFACCB6-2F3F-4177-94EA-0D2B72D384C1} - C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: Hotspot Shield Class - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files\Hotspot Shield\HssIE\HssIE.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware (reboot)] "C:\Users\Mansour\AppData\Local\Temp\zxq2\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [iy4zowdz16] C:\Users\Mansour\iy4zowdz16.exe
O4 - HKCU\..\Run: [Regedit32] C:\Windows\system32\regedit.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Yankee Clipper III.lnk = C:\Program Files\YCIII\YankClip.exe
O8 - Extra context menu item: Download all links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download FLV video content with IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Translate this web page with Babylon - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm
O8 - Extra context menu item: Translate with Babylon - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll
O9 - Extra 'Tools' menuitem: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{010A6F81-7497-48D2-9DCF-0FACBEC884FA}: NameServer = 10.71.0.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{010A6F81-7497-48D2-9DCF-0FACBEC884FA}: NameServer = 10.71.0.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{010A6F81-7497-48D2-9DCF-0FACBEC884FA}: NameServer = 10.71.0.1
O17 - HKLM\System\CS3\Services\Tcpip\..\{010A6F81-7497-48D2-9DCF-0FACBEC884FA}: NameServer = 10.71.0.1
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Hotspot Shield Service (hshld) - Unknown owner - C:\Program Files\Hotspot Shield\bin\openvpnas.exe
O23 - Service: Hotspot Shield Routing Service (HssSrv) - AnchorFree Inc. - C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
O23 - Service: Hotspot Shield Tray Service (HssTrayService) - Unknown owner - C:\Program Files\Hotspot Shield\bin\HssTrayService.EXE
O23 - Service: Hotspot Shield Monitoring Service (HssWd) - Unknown owner - C:\Program Files\Hotspot Shield\bin\hsswd.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Ashampoo LiveTuner Service (WO_LiveService) - Unknown owner - C:\Program Files\Ashampoo\Ashampoo WinOptimizer 8\LiveTunerService.exe (file missing)

--
End of file - 9098 bytes


--------------------------------------------

 

[ReD_F0X]

14:04:18.0627 1356 TDSS rootkit removing tool 2.7.11.0 Feb 9 2012 10:12:57
14:04:19.0252 1356 ============================================================
14:04:19.0252 1356 Current date / time: 2012/02/10 14:04:19.0252
14:04:19.0252 1356 SystemInfo:
14:04:19.0252 1356
14:04:19.0252 1356 OS Version: 6.1.7601 ServicePack: 1.0
14:04:19.0252 1356 Product type: Workstation
14:04:19.0252 1356 ComputerName: MANSOUR-PC
14:04:19.0252 1356 UserName: Mansour
14:04:19.0252 1356 Windows directory: C:\Windows
14:04:19.0252 1356 System windows directory: C:\Windows
14:04:19.0252 1356 Processor architecture: Intel x86
14:04:19.0252 1356 Number of processors: 2
14:04:19.0252 1356 Page size: 0x1000
14:04:19.0252 1356 Boot type: Normal boot
14:04:19.0252 1356 ============================================================
14:04:21.0869 1356 !crdlk
14:04:21.0921 1356 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'A'
14:04:21.0946 1356 \Device\Harddisk0\DR0:
14:04:21.0978 1356 MBR used
14:04:21.0978 1356 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x2EE000
14:04:21.0978 1356 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x2513F800
14:04:22.0048 1356 Initialize success
14:04:22.0048 1356 ============================================================
14:04:25.0000 2288 ============================================================
14:04:25.0000 2288 Scan started
14:04:25.0000 2288 Mode: Manual;
14:04:25.0000 2288 ============================================================
14:04:25.0720 2288 1394ohci (1b133875b8aa8ac48969bd3458afe9f5) C:\Windows\system32\drivers\1394ohci.sys
14:04:25.0724 2288 1394ohci - ok
14:04:25.0745 2288 Suspicious service (NoAccess): 6b898942c5ea5f93
14:04:26.0127 2288 6b898942c5ea5f93 (699637166cc5aab52577472e4b58c6c9) C:\Windows\System32\Drivers\6b898942c5ea5f93.sys
14:04:26.0127 2288 Suspicious file (NoAccess): C:\Windows\System32\Drivers\6b898942c5ea5f93.sys. md5: 699637166cc5aab52577472e4b58c6c9
14:04:26.0166 2288 6b898942c5ea5f93 ( LockedService.Multi.Generic ) - warning
14:04:26.0167 2288 6b898942c5ea5f93 - detected LockedService.Multi.Generic (1)
14:04:26.0302 2288 ACPI (cea80c80bed809aa0da6febc04733349) C:\Windows\system32\drivers\ACPI.sys
14:04:26.0306 2288 ACPI - ok
14:04:26.0462 2288 AcpiPmi (1efbc664abff416d1d07db115dcb264f) C:\Windows\system32\drivers\acpipmi.sys
14:04:26.0464 2288 AcpiPmi - ok
14:04:26.0627 2288 adp94xx (21e785ebd7dc90a06391141aac7892fb) C:\Windows\system32\DRIVERS\adp94xx.sys
14:04:26.0638 2288 adp94xx - ok
14:04:26.0758 2288 adpahci (0c676bc278d5b59ff5abd57bbe9123f2) C:\Windows\system32\DRIVERS\adpahci.sys
14:04:26.0766 2288 adpahci - ok
14:04:26.0882 2288 adpu320 (7c7b5ee4b7b822ec85321fe23a27db33) C:\Windows\system32\DRIVERS\adpu320.sys
14:04:26.0886 2288 adpu320 - ok
14:04:27.0004 2288 AFD (9ebbba55060f786f0fcaa3893bfa2806) C:\Windows\system32\drivers\afd.sys
14:04:27.0013 2288 AFD - ok
14:04:27.0184 2288 AgereSoftModem (7e10e3bb9b258ad8a9300f91214d67b9) C:\Windows\system32\DRIVERS\AGRSM.sys
14:04:27.0208 2288 AgereSoftModem - ok
14:04:27.0348 2288 agp440 (507812c3054c21cef746b6ee3d04dd6e) C:\Windows\system32\drivers\agp440.sys
14:04:27.0351 2288 agp440 - ok
14:04:27.0470 2288 aic78xx (8b30250d573a8f6b4bd23195160d8707) C:\Windows\system32\DRIVERS\djsvs.sys
14:04:27.0473 2288 aic78xx - ok
14:04:27.0611 2288 aliide (0d40bcf52ea90fc7df2aeab6503dea44) C:\Windows\system32\drivers\aliide.sys
14:04:27.0613 2288 aliide - ok
14:04:27.0688 2288 amdagp (3c6600a0696e90a463771c7422e23ab5) C:\Windows\system32\drivers\amdagp.sys
14:04:27.0691 2288 amdagp - ok
14:04:27.0802 2288 amdide (cd5914170297126b6266860198d1d4f0) C:\Windows\system32\drivers\amdide.sys
14:04:27.0803 2288 amdide - ok
14:04:27.0857 2288 AmdK8 (00dda200d71bac534bf56a9db5dfd666) C:\Windows\system32\DRIVERS\amdk8.sys
14:04:27.0860 2288 AmdK8 - ok
14:04:27.0989 2288 AmdPPM (3cbf30f5370fda40dd3e87df38ea53b6) C:\Windows\system32\DRIVERS\amdppm.sys
14:04:27.0991 2288 AmdPPM - ok
14:04:28.0122 2288 amdsata (d320bf87125326f996d4904fe24300fc) C:\Windows\system32\drivers\amdsata.sys
14:04:28.0125 2288 amdsata - ok
14:04:28.0256 2288 amdsbs (ea43af0c423ff267355f74e7a53bdaba) C:\Windows\system32\DRIVERS\amdsbs.sys
14:04:28.0261 2288 amdsbs - ok
14:04:28.0388 2288 amdxata (46387fb17b086d16dea267d5be23a2f2) C:\Windows\system32\drivers\amdxata.sys
14:04:28.0390 2288 amdxata - ok
14:04:28.0534 2288 AppID (aea177f783e20150ace5383ee368da19) C:\Windows\system32\drivers\appid.sys
14:04:28.0537 2288 AppID - ok
14:04:28.0692 2288 arc (2932004f49677bd84dbc72edb754ffb3) C:\Windows\system32\DRIVERS\arc.sys
14:04:28.0695 2288 arc - ok
14:04:28.0816 2288 arcsas (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\Windows\system32\DRIVERS\arcsas.sys
14:04:28.0819 2288 arcsas - ok
14:04:28.0961 2288 AsyncMac (add2ade1c2b285ab8378d2daaf991481) C:\Windows\system32\DRIVERS\asyncmac.sys
14:04:28.0962 2288 AsyncMac - ok
14:04:29.0092 2288 atapi (338c86357871c167a96ab976519bf59e) C:\Windows\system32\drivers\atapi.sys
14:04:29.0094 2288 atapi - ok
14:04:29.0398 2288 atikmdag (04f09923a393e4e0e8453a8f78361e73) C:\Windows\system32\DRIVERS\atikmdag.sys
14:04:29.0552 2288 atikmdag - ok
14:04:29.0760 2288 b06bdrv (1a231abec60fd316ec54c66715543cec) C:\Windows\system32\DRIVERS\bxvbdx.sys
14:04:29.0771 2288 b06bdrv - ok
14:04:29.0905 2288 b57nd60x (bd8869eb9cde6bbe4508d869929869ee) C:\Windows\system32\DRIVERS\b57nd60x.sys
14:04:29.0912 2288 b57nd60x - ok
14:04:30.0074 2288 Beep (505506526a9d467307b3c393dedaf858) C:\Windows\system32\drivers\Beep.sys
14:04:30.0076 2288 Beep - ok
14:04:30.0263 2288 blbdrive (2287078ed48fcfc477b05b20cf38f36f) C:\Windows\system32\DRIVERS\blbdrive.sys
14:04:30.0264 2288 blbdrive - ok
14:04:30.0454 2288 bowser (8f2da3028d5fcbd1a060a3de64cd6506) C:\Windows\system32\DRIVERS\bowser.sys
14:04:30.0457 2288 bowser - ok
14:04:30.0590 2288 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\DRIVERS\BrFiltLo.sys
14:04:30.0592 2288 BrFiltLo - ok
14:04:30.0714 2288 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\DRIVERS\BrFiltUp.sys
14:04:30.0716 2288 BrFiltUp - ok
14:04:30.0879 2288 Brserid (845b8ce732e67f3b4133164868c666ea) C:\Windows\System32\Drivers\Brserid.sys
14:04:30.0886 2288 Brserid - ok
14:04:31.0056 2288 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\System32\Drivers\BrSerWdm.sys
14:04:31.0059 2288 BrSerWdm - ok
14:04:31.0203 2288 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\System32\Drivers\BrUsbMdm.sys
14:04:31.0205 2288 BrUsbMdm - ok
14:04:31.0348 2288 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\System32\Drivers\BrUsbSer.sys
14:04:31.0349 2288 BrUsbSer - ok
14:04:31.0448 2288 BthEnum (2865a5c8e98c70c605f417908cebb3a4) C:\Windows\system32\drivers\BthEnum.sys
14:04:31.0451 2288 BthEnum - ok
14:04:31.0517 2288 BTHMODEM (ed3df7c56ce0084eb2034432fc56565a) C:\Windows\system32\DRIVERS\bthmodem.sys
14:04:31.0520 2288 BTHMODEM - ok
14:04:31.0684 2288 BthPan (ad1872e5829e8a2c3b5b4b641c3eab0e) C:\Windows\system32\DRIVERS\bthpan.sys
14:04:31.0686 2288 BthPan - ok
14:04:31.0850 2288 BTHPORT (c2fbf6d271d9a94d839c416bf186ead9) C:\Windows\System32\Drivers\BTHport.sys
14:04:31.0856 2288 BTHPORT - ok
14:04:32.0031 2288 BTHUSB (c81e9413a25a439f436b1d4b6a0cf9e9) C:\Windows\System32\Drivers\BTHUSB.sys
14:04:32.0034 2288 BTHUSB - ok
14:04:32.0205 2288 cdfs (77ea11b065e0a8ab902d78145ca51e10) C:\Windows\system32\DRIVERS\cdfs.sys
14:04:32.0208 2288 cdfs - ok
14:04:32.0357 2288 cdrom (be167ed0fdb9c1fa1133953c18d5a6c9) C:\Windows\system32\drivers\cdrom.sys
14:04:32.0361 2288 cdrom - ok
14:04:32.0527 2288 circlass (3fe3fe94a34df6fb06e6418d0f6a0060) C:\Windows\system32\DRIVERS\circlass.sys
14:04:32.0530 2288 circlass - ok
14:04:32.0700 2288 CLFS (635181e0e9bbf16871bf5380d71db02d) C:\Windows\system32\CLFS.sys
14:04:32.0707 2288 CLFS - ok
14:04:32.0887 2288 CmBatt (dea805815e587dad1dd2c502220b5616) C:\Windows\system32\DRIVERS\CmBatt.sys
14:04:32.0889 2288 CmBatt - ok
14:04:33.0025 2288 cmdide (c537b1db64d495b9b4717b4d6d9edbf2) C:\Windows\system32\drivers\cmdide.sys
14:04:33.0028 2288 cmdide - ok
14:04:33.0205 2288 CNG (6427525d76f61d0c519b008d3680e8e7) C:\Windows\system32\Drivers\cng.sys
14:04:33.0215 2288 CNG - ok
14:04:33.0363 2288 Compbatt (a6023d3823c37043986713f118a89bee) C:\Windows\system32\DRIVERS\compbatt.sys
14:04:33.0365 2288 Compbatt - ok
14:04:33.0518 2288 CompositeBus (cbe8c58a8579cfe5fccf809e6f114e89) C:\Windows\system32\drivers\CompositeBus.sys
14:04:33.0520 2288 CompositeBus - ok
14:04:33.0668 2288 crcdisk (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\Windows\system32\DRIVERS\crcdisk.sys
14:04:33.0670 2288 crcdisk - ok
14:04:33.0807 2288 CSC (3c2177a897b4ca2788c6fb0c3fd81d4b) C:\Windows\system32\drivers\csc.sys
14:04:33.0817 2288 CSC - ok
14:04:34.0072 2288 DfsC (f024449c97ec1e464aaffda18593db88) C:\Windows\system32\Drivers\dfsc.sys
14:04:34.0075 2288 DfsC - ok
14:04:34.0242 2288 discache (1a050b0274bfb3890703d490f330c0da) C:\Windows\system32\drivers\discache.sys
14:04:34.0244 2288 discache - ok
14:04:34.0411 2288 Disk (565003f326f99802e68ca78f2a68e9ff) C:\Windows\system32\DRIVERS\disk.sys
14:04:34.0414 2288 Disk - ok
14:04:34.0540 2288 drmkaud (b918e7c5f9bf77202f89e1a9539f2eb4) C:\Windows\system32\drivers\drmkaud.sys
14:04:34.0541 2288 drmkaud - ok
14:04:34.0713 2288 DXGKrnl (23f5d28378a160352ba8f817bd8c71cb) C:\Windows\System32\drivers\dxgkrnl.sys
14:04:34.0731 2288 DXGKrnl - ok
14:04:35.0000 2288 ebdrv (024e1b5cac09731e4d868e64dbfb4ab0) C:\Windows\system32\DRIVERS\evbdx.sys
14:04:35.0047 2288 ebdrv - ok
14:04:35.0182 2288 eeCtrl (579a6b6135d32b857faf0e3a974535d8) C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
14:04:35.0192 2288 eeCtrl - ok
14:04:35.0409 2288 elxstor (0ed67910c8c326796faa00b2bf6d9d3c) C:\Windows\system32\DRIVERS\elxstor.sys
14:04:35.0420 2288 elxstor - ok
14:04:35.0550 2288 EraserUtilDrv11122 (028d50f059bd0d2ccb209e9011b9a9a4) C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11122.sys
14:04:35.0553 2288 EraserUtilDrv11122 - ok
14:04:35.0705 2288 ErrDev (8fc3208352dd3912c94367a206ab3f11) C:\Windows\system32\drivers\errdev.sys
14:04:35.0706 2288 ErrDev - ok
14:04:35.0917 2288 exfat (2dc9108d74081149cc8b651d3a26207f) C:\Windows\system32\drivers\exfat.sys
14:04:35.0922 2288 exfat - ok
14:04:36.0080 2288 fastfat (7e0ab74553476622fb6ae36f73d97d35) C:\Windows\system32\drivers\fastfat.sys
14:04:36.0085 2288 fastfat - ok
14:04:36.0244 2288 fdc (e817a017f82df2a1f8cfdbda29388b29) C:\Windows\system32\DRIVERS\fdc.sys
14:04:36.0246 2288 fdc - ok
14:04:36.0498 2288 FileInfo (6cf00369c97f3cf563be99be983d13d8) C:\Windows\system32\drivers\fileinfo.sys
14:04:36.0501 2288 FileInfo - ok
14:04:36.0658 2288 Filetrace (42c51dc94c91da21cb9196eb64c45db9) C:\Windows\system32\drivers\filetrace.sys
14:04:36.0660 2288 Filetrace - ok
14:04:36.0809 2288 flpydisk (87907aa70cb3c56600f1c2fb8841579b) C:\Windows\system32\DRIVERS\flpydisk.sys
14:04:36.0811 2288 flpydisk - ok
14:04:36.0973 2288 FltMgr (7520ec808e0c35e0ee6f841294316653) C:\Windows\system32\drivers\fltmgr.sys
14:04:36.0979 2288 FltMgr - ok
14:04:37.0137 2288 FsDepends (1a16b57943853e598cff37fe2b8cbf1d) C:\Windows\system32\drivers\FsDepends.sys
14:04:37.0139 2288 FsDepends - ok
14:04:37.0180 2288 Fs_Rec (a574b4360e438977038aae4bf60d79a2) C:\Windows\system32\drivers\Fs_Rec.sys
14:04:37.0182 2288 Fs_Rec - ok
14:04:37.0368 2288 fvevol (8a73e79089b282100b9393b644cb853b) C:\Windows\system32\DRIVERS\fvevol.sys
14:04:37.0374 2288 fvevol - ok
14:04:37.0519 2288 gagp30kx (65ee0c7a58b65e74ae05637418153938) C:\Windows\system32\DRIVERS\gagp30kx.sys
14:04:37.0521 2288 gagp30kx - ok
14:04:37.0683 2288 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
14:04:37.0685 2288 GEARAspiWDM - ok
14:04:37.0906 2288 hcw85cir (c44e3c2bab6837db337ddee7544736db) C:\Windows\system32\drivers\hcw85cir.sys
14:04:37.0908 2288 hcw85cir - ok
14:04:37.0982 2288 HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\Windows\system32\drivers\HdAudio.sys
14:04:37.0990 2288 HdAudAddService - ok
14:04:38.0128 2288 HDAudBus (9036377b8a6c15dc2eec53e489d159b5) C:\Windows\system32\drivers\HDAudBus.sys
14:04:38.0131 2288 HDAudBus - ok
14:04:38.0273 2288 HidBatt (1d58a7f3e11a9731d0eaaaa8405acc36) C:\Windows\system32\DRIVERS\HidBatt.sys
14:04:38.0275 2288 HidBatt - ok
14:04:38.0437 2288 HidBth (89448f40e6df260c206a193a4683ba78) C:\Windows\system32\DRIVERS\hidbth.sys
14:04:38.0440 2288 HidBth - ok
14:04:38.0576 2288 HidIr (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\Windows\system32\DRIVERS\hidir.sys
14:04:38.0578 2288 HidIr - ok
14:04:38.0748 2288 HidUsb (10c19f8290891af023eaec0832e1eb4d) C:\Windows\system32\DRIVERS\hidusb.sys
14:04:38.0750 2288 HidUsb - ok
14:04:38.0964 2288 HpSAMD (295fdc419039090eb8b49ffdbb374549) C:\Windows\system32\drivers\HpSAMD.sys
14:04:38.0967 2288 HpSAMD - ok
14:04:39.0152 2288 HssDrv (4f28652ec514fa1ba473bc1a695a5c98) C:\Windows\system32\DRIVERS\HssDrv.sys
14:04:39.0154 2288 HssDrv - ok
14:04:39.0403 2288 HTTP (871917b07a141bff43d76d8844d48106) C:\Windows\system32\drivers\HTTP.sys
14:04:39.0415 2288 HTTP - ok
14:04:39.0605 2288 hwpolicy (0c4e035c7f105f1299258c90886c64c5) C:\Windows\system32\drivers\hwpolicy.sys
14:04:39.0606 2288 hwpolicy - ok
14:04:39.0778 2288 i8042prt (f151f0bdc47f4a28b1b20a0818ea36d6) C:\Windows\system32\drivers\i8042prt.sys
14:04:39.0781 2288 i8042prt - ok
14:04:39.0952 2288 iaStorV (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\Windows\system32\drivers\iaStorV.sys
14:04:39.0961 2288 iaStorV - ok
14:04:40.0137 2288 IDMWFP (499fc110088cc0baf13f57cfa001f49c) C:\Windows\system32\DRIVERS\idmwfp.sys
14:04:40.0139 2288 IDMWFP - ok
14:04:40.0331 2288 iirsp (4173ff5708f3236cf25195fecd742915) C:\Windows\system32\DRIVERS\iirsp.sys
14:04:40.0333 2288 iirsp - ok
14:04:40.0515 2288 intelide (a0f12f2c9ba6c72f3987ce780e77c130) C:\Windows\system32\drivers\intelide.sys
14:04:40.0517 2288 intelide - ok
14:04:40.0681 2288 intelppm (3b514d27bfc4accb4037bc6685f766e0) C:\Windows\system32\DRIVERS\intelppm.sys
14:04:40.0682 2288 intelppm - ok
14:04:40.0830 2288 IpFilterDriver (709d1761d3b19a932ff0238ea6d50200) C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:04:40.0833 2288 IpFilterDriver - ok
14:04:40.0975 2288 IPMIDRV (4bd7134618c1d2a27466a099062547bf) C:\Windows\system32\drivers\IPMIDrv.sys
14:04:40.0978 2288 IPMIDRV - ok
14:04:41.0032 2288 IPNAT (a5fa468d67abcdaa36264e463a7bb0cd) C:\Windows\system32\drivers\ipnat.sys
14:04:41.0036 2288 IPNAT - ok
14:04:41.0196 2288 IRENUM (42996cff20a3084a56017b7902307e9f) C:\Windows\system32\drivers\irenum.sys
14:04:41.0198 2288 IRENUM - ok
14:04:41.0326 2288 isapnp (1f32bb6b38f62f7df1a7ab7292638a35) C:\Windows\system32\drivers\isapnp.sys
14:04:41.0329 2288 isapnp - ok
14:04:41.0480 2288 iScsiPrt (cb7a9abb12b8415bce5d74994c7ba3ae) C:\Windows\system32\drivers\msiscsi.sys
14:04:41.0487 2288 iScsiPrt - ok
14:04:41.0655 2288 kbdclass (adef52ca1aeae82b50df86b56413107e) C:\Windows\system32\drivers\kbdclass.sys
14:04:41.0657 2288 kbdclass - ok
14:04:41.0792 2288 kbdhid (9e3ced91863e6ee98c24794d05e27a71) C:\Windows\system32\drivers\kbdhid.sys
14:04:41.0794 2288 kbdhid - ok
14:04:41.0985 2288 KSecDD (f4647bb23db9038a7536cf6b68f4207f) C:\Windows\system32\Drivers\ksecdd.sys
14:04:41.0989 2288 KSecDD - ok
14:04:42.0177 2288 KSecPkg (e73cae53bbb72ba26918492c6b4c229d) C:\Windows\system32\Drivers\ksecpkg.sys
14:04:42.0182 2288 KSecPkg - ok
14:04:42.0411 2288 lltdio (f7611ec07349979da9b0ae1f18ccc7a6) C:\Windows\system32\DRIVERS\lltdio.sys
14:04:42.0413 2288 lltdio - ok
14:04:42.0710 2288 LSI_FC (eb119a53ccf2acc000ac71b065b78fef) C:\Windows\system32\DRIVERS\lsi_fc.sys
14:04:42.0712 2288 LSI_FC - ok
14:04:42.0863 2288 LSI_SAS (8ade1c877256a22e49b75d1cc9161f9c) C:\Windows\system32\DRIVERS\lsi_sas.sys
14:04:42.0866 2288 LSI_SAS - ok
14:04:43.0052 2288 LSI_SAS2 (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\Windows\system32\DRIVERS\lsi_sas2.sys
14:04:43.0054 2288 LSI_SAS2 - ok
14:04:43.0143 2288 LSI_SCSI (0a036c7d7cab643a7f07135ac47e0524) C:\Windows\system32\DRIVERS\lsi_scsi.sys
14:04:43.0145 2288 LSI_SCSI - ok
14:04:43.0232 2288 luafv (6703e366cc18d3b6e534f5cf7df39cee) C:\Windows\system32\drivers\luafv.sys
14:04:43.0233 2288 luafv - ok
14:04:43.0371 2288 MBAMSwissArmy - ok
14:04:43.0434 2288 megasas (0fff5b045293002ab38eb1fd1fc2fb74) C:\Windows\system32\DRIVERS\megasas.sys
14:04:43.0435 2288 megasas - ok
14:04:43.0552 2288 MegaSR (dcbab2920c75f390caf1d29f675d03d6) C:\Windows\system32\DRIVERS\MegaSR.sys
14:04:43.0558 2288 MegaSR - ok
14:04:43.0758 2288 Modem (f001861e5700ee84e2d4e52c712f4964) C:\Windows\system32\drivers\modem.sys
14:04:43.0759 2288 Modem - ok
14:04:43.0913 2288 monitor (79d10964de86b292320e9dfe02282a23) C:\Windows\system32\DRIVERS\monitor.sys
14:04:43.0914 2288 monitor - ok
14:04:44.0072 2288 mouclass (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\Windows\system32\drivers\mouclass.sys
14:04:44.0075 2288 mouclass - ok
14:04:44.0185 2288 mouhid (2c388d2cd01c9042596cf3c8f3c7b24d) C:\Windows\system32\DRIVERS\mouhid.sys
14:04:44.0188 2288 mouhid - ok
14:04:44.0375 2288 mountmgr (fc8771f45ecccfd89684e38842539b9b) C:\Windows\system32\drivers\mountmgr.sys
14:04:44.0379 2288 mountmgr - ok
14:04:44.0505 2288 mpio (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\Windows\system32\drivers\mpio.sys
14:04:44.0510 2288 mpio - ok
14:04:44.0651 2288 mpsdrv (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\Windows\system32\drivers\mpsdrv.sys
14:04:44.0654 2288 mpsdrv - ok
14:04:44.0859 2288 MRxDAV (ceb46ab7c01c9f825f8cc6babc18166a) C:\Windows\system32\drivers\mrxdav.sys
14:04:44.0863 2288 MRxDAV - ok
14:04:45.0010 2288 mrxsmb (5d16c921e3671636c0eba3bbaac5fd25) C:\Windows\system32\DRIVERS\mrxsmb.sys
14:04:45.0015 2288 mrxsmb - ok
14:04:45.0169 2288 mrxsmb10 (6d17a4791aca19328c685d256349fefc) C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:04:45.0176 2288 mrxsmb10 - ok
14:04:45.0324 2288 mrxsmb20 (b81f204d146000be76651a50670a5e9e) C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:04:45.0328 2288 mrxsmb20 - ok
14:04:45.0450 2288 msahci (012c5f4e9349e711e11e0f19a8589f0a) C:\Windows\system32\drivers\msahci.sys
14:04:45.0451 2288 msahci - ok
14:04:45.0578 2288 msdsm (55055f8ad8be27a64c831322a780a228) C:\Windows\system32\drivers\msdsm.sys
14:04:45.0582 2288 msdsm - ok
14:04:45.0768 2288 Msfs (daefb28e3af5a76abcc2c3078c07327f) C:\Windows\system32\drivers\Msfs.sys
14:04:45.0770 2288 Msfs - ok
14:04:45.0930 2288 mshidkmdf (3e1e5767043c5af9367f0056295e9f84) C:\Windows\System32\drivers\mshidkmdf.sys
14:04:45.0932 2288 mshidkmdf - ok
14:04:46.0061 2288 msisadrv (0a4e5757ae09fa9622e3158cc1aef114) C:\Windows\system32\drivers\msisadrv.sys
14:04:46.0063 2288 msisadrv - ok
14:04:46.0250 2288 MSKSSRV (8c0860d6366aaffb6c5bb9df9448e631) C:\Windows\system32\drivers\MSKSSRV.sys
14:04:46.0252 2288 MSKSSRV - ok
14:04:46.0382 2288 MSPCLOCK (3ea8b949f963562cedbb549eac0c11ce) C:\Windows\system32\drivers\MSPCLOCK.sys
14:04:46.0384 2288 MSPCLOCK - ok
14:04:46.0519 2288 MSPQM (f456e973590d663b1073e9c463b40932) C:\Windows\system32\drivers\MSPQM.sys
14:04:46.0521 2288 MSPQM - ok
14:04:46.0662 2288 MsRPC (0e008fc4819d238c51d7c93e7b41e560) C:\Windows\system32\drivers\MsRPC.sys
14:04:46.0668 2288 MsRPC - ok
14:04:46.0829 2288 mssmbios (fc6b9ff600cc585ea38b12589bd4e246) C:\Windows\system32\drivers\mssmbios.sys
14:04:46.0831 2288 mssmbios - ok
14:04:46.0980 2288 MSTEE (b42c6b921f61a6e55159b8be6cd54a36) C:\Windows\system32\drivers\MSTEE.sys
14:04:46.0982 2288 MSTEE - ok
14:04:47.0122 2288 MTConfig (33599130f44e1f34631cea241de8ac84) C:\Windows\system32\DRIVERS\MTConfig.sys
14:04:47.0124 2288 MTConfig - ok
14:04:47.0264 2288 Mup (159fad02f64e6381758c990f753bcc80) C:\Windows\system32\Drivers\mup.sys
14:04:47.0266 2288 Mup - ok
14:04:47.0458 2288 NativeWifiP (26384429fcd85d83746f63e798ab1480) C:\Windows\system32\DRIVERS\nwifi.sys
14:04:47.0465 2288 NativeWifiP - ok
14:04:47.0656 2288 NDIS (e7c54812a2aaf43316eb6930c1ffa108) C:\Windows\system32\drivers\ndis.sys
14:04:47.0672 2288 NDIS - ok
14:04:48.0037 2288 NdisCap (0e1787aa6c9191d3d319e8bafe86f80c) C:\Windows\system32\DRIVERS\ndiscap.sys
14:04:48.0039 2288 NdisCap - ok
14:04:48.0191 2288 NdisTapi (e4a8aec125a2e43a9e32afeea7c9c888) C:\Windows\system32\DRIVERS\ndistapi.sys
14:04:48.0194 2288 NdisTapi - ok
14:04:48.0383 2288 Ndisuio (d8a65dafb3eb41cbb622745676fcd072) C:\Windows\system32\DRIVERS\ndisuio.sys
14:04:48.0386 2288 Ndisuio - ok
14:04:48.0535 2288 NdisWan (38fbe267e7e6983311179230facb1017) C:\Windows\system32\DRIVERS\ndiswan.sys
14:04:48.0538 2288 NdisWan - ok
14:04:48.0707 2288 NDProxy (a4bdc541e69674fbff1a8ff00be913f2) C:\Windows\system32\drivers\NDProxy.sys
14:04:48.0710 2288 NDProxy - ok
14:04:48.0860 2288 NetBIOS (80b275b1ce3b0e79909db7b39af74d51) C:\Windows\system32\DRIVERS\netbios.sys
14:04:48.0863 2288 NetBIOS - ok
14:04:49.0031 2288 NetBT (280122ddcf04b378edd1ad54d71c1e54) C:\Windows\system32\DRIVERS\netbt.sys
14:04:49.0036 2288 NetBT - ok
14:04:49.0474 2288 NETw5s32 (5b2dfa9c5c02ddf2a113cc0f551b59df) C:\Windows\system32\DRIVERS\NETw5s32.sys
14:04:49.0659 2288 NETw5s32 - ok
14:04:49.0924 2288 netw5v32 (58218ec6b61b1169cf54aab0d00f5fe2) C:\Windows\system32\DRIVERS\netw5v32.sys
14:04:50.0062 2288 netw5v32 - ok
14:04:50.0198 2288 nfrd960 (1d85c4b390b0ee09c7a46b91efb2c097) C:\Windows\system32\DRIVERS\nfrd960.sys
14:04:50.0201 2288 nfrd960 - ok
14:04:50.0387 2288 Npfs (1db262a9f8c087e8153d89bef3d2235f) C:\Windows\system32\drivers\Npfs.sys
14:04:50.0389 2288 Npfs - ok
14:04:50.0582 2288 nsiproxy (e9a0a4d07e53d8fea2bb8387a3293c58) C:\Windows\system32\drivers\nsiproxy.sys
14:04:50.0584 2288 nsiproxy - ok
14:04:50.0764 2288 Ntfs (81189c3d7763838e55c397759d49007a) C:\Windows\system32\drivers\Ntfs.sys
14:04:50.0793 2288 Ntfs - ok
14:04:50.0940 2288 Null (f9756a98d69098dca8945d62858a812c) C:\Windows\system32\drivers\Null.sys
14:04:50.0942 2288 Null - ok
14:04:51.0093 2288 nvraid (b3e25ee28883877076e0e1ff877d02e0) C:\Windows\system32\drivers\nvraid.sys
14:04:51.0098 2288 nvraid - ok
14:04:51.0252 2288 nvstor (4380e59a170d88c4f1022eff6719a8a4) C:\Windows\system32\drivers\nvstor.sys
14:04:51.0257 2288 nvstor - ok
14:04:51.0408 2288 nv_agp (5a0983915f02bae73267cc2a041f717d) C:\Windows\system32\drivers\nv_agp.sys
14:04:51.0413 2288 nv_agp - ok
14:04:51.0638 2288 ohci1394 (08a70a1f2cdde9bb49b885cb817a66eb) C:\Windows\system32\drivers\ohci1394.sys
14:04:51.0641 2288 ohci1394 - ok
14:04:51.0865 2288 Parport (2ea877ed5dd9713c5ac74e8ea7348d14) C:\Windows\system32\DRIVERS\parport.sys
14:04:51.0867 2288 Parport - ok
14:04:52.0028 2288 partmgr (bf8f6af06da75b336f07e23aef97d93b) C:\Windows\system32\drivers\partmgr.sys
14:04:52.0031 2288 partmgr - ok
14:04:52.0092 2288 Parvdm (eb0a59f29c19b86479d36b35983daadc) C:\Windows\system32\DRIVERS\parvdm.sys
14:04:52.0094 2288 Parvdm - ok
14:04:52.0254 2288 pci (673e55c3498eb970088e812ea820aa8f) C:\Windows\system32\drivers\pci.sys
14:04:52.0259 2288 pci - ok
14:04:52.0408 2288 pciide (afe86f419014db4e5593f69ffe26ce0a) C:\Windows\system32\drivers\pciide.sys
14:04:52.0410 2288 pciide - ok
14:04:52.0542 2288 pcmcia (f396431b31693e71e8a80687ef523506) C:\Windows\system32\DRIVERS\pcmcia.sys
14:04:52.0548 2288 pcmcia - ok
14:04:52.0747 2288 pcw (250f6b43d2b613172035c6747aeeb19f) C:\Windows\system32\drivers\pcw.sys
14:04:52.0749 2288 pcw - ok
14:04:52.0936 2288 PEAUTH (9e0104ba49f4e6973749a02bf41344ed) C:\Windows\system32\drivers\peauth.sys
14:04:52.0951 2288 PEAUTH - ok
14:04:53.0386 2288 PptpMiniport (631e3e205ad6d86f2aed6a4a8e69f2db) C:\Windows\system32\DRIVERS\raspptp.sys
14:04:53.0389 2288 PptpMiniport - ok
14:04:53.0543 2288 Processor (85b1e3a0c7585bc4aae6899ec6fcf011) C:\Windows\system32\DRIVERS\processr.sys
14:04:53.0546 2288 Processor - ok
14:04:53.0748 2288 Psched (6270ccae2a86de6d146529fe55b3246a) C:\Windows\system32\DRIVERS\pacer.sys
14:04:53.0752 2288 Psched - ok
14:04:53.0947 2288 ql2300 (ab95ecf1f6659a60ddc166d8315b0751) C:\Windows\system32\DRIVERS\ql2300.sys
14:04:53.0979 2288 ql2300 - ok
14:04:54.0134 2288 ql40xx (b4dd51dd25182244b86737dc51af2270) C:\Windows\system32\DRIVERS\ql40xx.sys
14:04:54.0138 2288 ql40xx - ok
14:04:54.0309 2288 QWAVEdrv (584078ca1b95ca72df2a27c336f9719d) C:\Windows\system32\drivers\qwavedrv.sys
14:04:54.0312 2288 QWAVEdrv - ok
14:04:54.0437 2288 RasAcd (30a81b53c766d0133bb86d234e5556ab) C:\Windows\system32\DRIVERS\rasacd.sys
14:04:54.0438 2288 RasAcd - ok
14:04:54.0582 2288 RasAgileVpn (57ec4aef73660166074d8f7f31c0d4fd) C:\Windows\system32\DRIVERS\AgileVpn.sys
14:04:54.0585 2288 RasAgileVpn - ok
14:04:54.0754 2288 Rasl2tp (d9f91eafec2815365cbe6d167e4e332a) C:\Windows\system32\DRIVERS\rasl2tp.sys
14:04:54.0757 2288 Rasl2tp - ok
14:04:54.0940 2288 RasPppoe (0fe8b15916307a6ac12bfb6a63e45507) C:\Windows\system32\DRIVERS\raspppoe.sys
14:04:54.0943 2288 RasPppoe - ok
14:04:55.0121 2288 RasSstp (44101f495a83ea6401d886e7fd70096b) C:\Windows\system32\DRIVERS\rassstp.sys
14:04:55.0125 2288 RasSstp - ok
14:04:55.0317 2288 rdbss (d528bc58a489409ba40334ebf96a311b) C:\Windows\system32\DRIVERS\rdbss.sys
14:04:55.0325 2288 rdbss - ok
14:04:55.0482 2288 rdpbus (0d8f05481cb76e70e1da06ee9f0da9df) C:\Windows\system32\DRIVERS\rdpbus.sys
14:04:55.0484 2288 rdpbus - ok
14:04:55.0663 2288 RDPCDD (23dae03f29d253ae74c44f99e515f9a1) C:\Windows\system32\DRIVERS\RDPCDD.sys
14:04:55.0665 2288 RDPCDD - ok
14:04:55.0845 2288 RDPDR (b973fcfc50dc1434e1970a146f7e3885) C:\Windows\system32\drivers\rdpdr.sys
14:04:55.0850 2288 RDPDR - ok
14:04:56.0009 2288 RDPENCDD (5a53ca1598dd4156d44196d200c94b8a) C:\Windows\system32\drivers\rdpencdd.sys
14:04:56.0011 2288 RDPENCDD - ok
14:04:56.0185 2288 RDPREFMP (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\Windows\system32\drivers\rdprefmp.sys
14:04:56.0187 2288 RDPREFMP - ok
14:04:56.0362 2288 RdpVideoMiniport (68a0387f58e226deee23d9715955572a) C:\Windows\system32\drivers\rdpvideominiport.sys
14:04:56.0364 2288 RdpVideoMiniport - ok
14:04:56.0533 2288 RDPWD (288b06960d78428ff89e811632684e20) C:\Windows\system32\drivers\RDPWD.sys
14:04:56.0539 2288 RDPWD - ok
14:04:56.0738 2288 rdyboost (518395321dc96fe2c9f0e96ac743b656) C:\Windows\system32\drivers\rdyboost.sys
14:04:56.0743 2288 rdyboost - ok
14:04:56.0933 2288 RFCOMM (cb928d9e6daf51879dd6ba8d02f01321) C:\Windows\system32\DRIVERS\rfcomm.sys
14:04:56.0937 2288 RFCOMM - ok
14:04:57.0089 2288 rimmptsk (d65ac8797f0286ed269500747d6290a4) C:\Windows\system32\DRIVERS\rimmptsk.sys
14:04:57.0091 2288 rimmptsk - ok
14:04:57.0245 2288 rimsptsk (49ec82b44eb93374ed9988da7e0e0151) C:\Windows\system32\DRIVERS\rimsptsk.sys
14:04:57.0247 2288 rimsptsk - ok
14:04:57.0393 2288 RimUsb (0f6756ef8bda6dfa7be50465c83132bb) C:\Windows\system32\Drivers\RimUsb.sys
14:04:57.0395 2288 RimUsb - ok
14:04:57.0541 2288 rismxdp (3f400c3ccd0818858602ddb37b5de719) C:\Windows\system32\DRIVERS\rixdptsk.sys
14:04:57.0542 2288 rismxdp - ok
14:04:57.0752 2288 rspndr (032b0d36ad92b582d869879f5af5b928) C:\Windows\system32\DRIVERS\rspndr.sys
14:04:57.0755 2288 rspndr - ok
14:04:57.0939 2288 RTL8167 (5283b9a27ff230f2ff70d92451ff409a) C:\Windows\system32\DRIVERS\Rt86win7.sys
14:04:57.0949 2288 RTL8167 - ok
14:04:58.0300 2288 s3cap (7fa7f2e249a5dcbb7970630e15e1f482) C:\Windows\system32\drivers\vms3cap.sys
14:04:58.0468 2288 s3cap - ok
14:04:58.0646 2288 SASDIFSV - ok
14:04:58.0802 2288 SASKUTIL - ok
14:04:58.0934 2288 sbp2port (05d860da1040f111503ac416ccef2bca) C:\Windows\system32\drivers\sbp2port.sys
14:04:58.0937 2288 sbp2port - ok
14:04:59.0046 2288 scfilter (0693b5ec673e34dc147e195779a4dcf6) C:\Windows\system32\DRIVERS\scfilter.sys
14:04:59.0048 2288 scfilter - ok
14:04:59.0247 2288 sdbus (0328be1c7f1cba23848179f8762e391c) C:\Windows\system32\drivers\sdbus.sys
14:04:59.0250 2288 sdbus - ok
14:04:59.0429 2288 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
14:04:59.0431 2288 secdrv - ok
14:04:59.0654 2288 Serenum (9ad8b8b515e3df6acd4212ef465de2d1) C:\Windows\system32\DRIVERS\serenum.sys
14:04:59.0657 2288 Serenum - ok
14:04:59.0803 2288 Serial (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\Windows\system32\DRIVERS\serial.sys
14:04:59.0807 2288 Serial - ok
14:04:59.0931 2288 sermouse (79bffb520327ff916a582dfea17aa813) C:\Windows\system32\DRIVERS\sermouse.sys
14:04:59.0933 2288 sermouse - ok
14:05:00.0088 2288 sffdisk (9f976e1eb233df46fce808d9dea3eb9c) C:\Windows\system32\drivers\sffdisk.sys
14:05:00.0089 2288 sffdisk - ok
14:05:00.0116 2288 sffp_mmc (932a68ee27833cfd57c1639d375f2731) C:\Windows\system32\drivers\sffp_mmc.sys
14:05:00.0117 2288 sffp_mmc - ok
14:05:00.0256 2288 sffp_sd (6d4ccaedc018f1cf52866bbbaa235982) C:\Windows\system32\drivers\sffp_sd.sys
14:05:00.0258 2288 sffp_sd - ok
14:05:00.0414 2288 sfloppy (db96666cc8312ebc45032f30b007a547) C:\Windows\system32\DRIVERS\sfloppy.sys
14:05:00.0416 2288 sfloppy - ok
14:05:00.0624 2288 sisagp (2565cac0dc9fe0371bdce60832582b2e) C:\Windows\system32\drivers\sisagp.sys
14:05:00.0627 2288 sisagp - ok
14:05:00.0784 2288 SiSRaid2 (a9f0486851becb6dda1d89d381e71055) C:\Windows\system32\DRIVERS\SiSRaid2.sys
14:05:00.0787 2288 SiSRaid2 - ok
14:05:00.0927 2288 SiSRaid4 (3727097b55738e2f554972c3be5bc1aa) C:\Windows\system32\DRIVERS\sisraid4.sys
14:05:00.0930 2288 SiSRaid4 - ok
14:05:01.0073 2288 Smb (3e21c083b8a01cb70ba1f09303010fce) C:\Windows\system32\DRIVERS\smb.sys
14:05:01.0076 2288 Smb - ok
14:05:01.0285 2288 spldr (95cf1ae7527fb70f7816563cbc09d942) C:\Windows\system32\drivers\spldr.sys
14:05:01.0287 2288 spldr - ok
14:05:01.0533 2288 srv (e4c2764065d66ea1d2d3ebc28fe99c46) C:\Windows\system32\DRIVERS\srv.sys
14:05:01.0541 2288 srv - ok
14:05:01.0712 2288 srv2 (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\Windows\system32\DRIVERS\srv2.sys
14:05:01.0720 2288 srv2 - ok
14:05:01.0879 2288 srvnet (be6bd660caa6f291ae06a718a4fa8abc) C:\Windows\system32\DRIVERS\srvnet.sys
14:05:01.0884 2288 srvnet - ok
14:05:02.0076 2288 stexstor (db32d325c192b801df274bfd12a7e72b) C:\Windows\system32\DRIVERS\stexstor.sys
14:05:02.0078 2288 stexstor - ok
14:05:02.0256 2288 storflt (472af0311073dceceaa8fa18ba2bdf89) C:\Windows\system32\drivers\vmstorfl.sys
14:05:02.0258 2288 storflt - ok
14:05:02.0416 2288 storvsc (dcaffd62259e0bdb433dd67b5bb37619) C:\Windows\system32\drivers\storvsc.sys
14:05:02.0419 2288 storvsc - ok
14:05:02.0574 2288 swenum (e58c78a848add9610a4db6d214af5224) C:\Windows\system32\drivers\swenum.sys
14:05:02.0576 2288 swenum - ok
14:05:02.0730 2288 Synth3dVsc - ok
14:05:02.0878 2288 SynTP (70534d1e4f9ac990536d5fb5b550b3de) C:\Windows\system32\DRIVERS\SynTP.sys
14:05:02.0883 2288 SynTP - ok
14:05:03.0079 2288 taphss (0c3b2a9c4bd2dd9a6c2e4084314dd719) C:\Windows\system32\DRIVERS\taphss.sys
14:05:03.0080 2288 taphss - ok
14:05:03.0334 2288 Tcpip (65d10b191c59c5501a1263fc33f6894b) C:\Windows\system32\drivers\tcpip.sys
14:05:03.0365 2288 Tcpip - ok
14:05:03.0611 2288 TCPIP6 (65d10b191c59c5501a1263fc33f6894b) C:\Windows\system32\DRIVERS\tcpip.sys
14:05:03.0629 2288 TCPIP6 - ok
14:05:03.0844 2288 tcpipreg (cca24162e055c3714ce5a88b100c64ed) C:\Windows\system32\drivers\tcpipreg.sys
14:05:03.0847 2288 tcpipreg - ok
14:05:04.0043 2288 TDPIPE (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\Windows\system32\drivers\tdpipe.sys
14:05:04.0046 2288 TDPIPE - ok
14:05:04.0204 2288 TDTCP (2c10395baa4847f83042813c515cc289) C:\Windows\system32\drivers\tdtcp.sys
14:05:04.0207 2288 TDTCP - ok
14:05:04.0372 2288 tdx (b459575348c20e8121d6039da063c704) C:\Windows\system32\DRIVERS\tdx.sys
14:05:04.0375 2288 tdx - ok
14:05:04.0598 2288 TermDD (04dbf4b01ea4bf25a9a3e84affac9b20) C:\Windows\system32\drivers\termdd.sys
14:05:04.0601 2288 TermDD - ok
14:05:04.0924 2288 tssecsrv (254bb140eee3c59d6114c1a86b636877) C:\Windows\system32\DRIVERS\tssecsrv.sys
14:05:04.0927 2288 tssecsrv - ok
14:05:05.0105 2288 TsUsbFlt (fd1d6c73e6333be727cbcc6054247654) C:\Windows\system32\drivers\tsusbflt.sys
14:05:05.0108 2288 TsUsbFlt - ok
14:05:05.0231 2288 tsusbhub - ok
14:05:05.0435 2288 tunnel (b2fa25d9b17a68bb93d58b0556e8c90d) C:\Windows\system32\DRIVERS\tunnel.sys
14:05:05.0437 2288 tunnel - ok
14:05:05.0628 2288 TVALZ (792a8b80f8188aba4b2be271583f3e46) C:\Windows\system32\DRIVERS\TVALZ_O.SYS
14:05:05.0631 2288 TVALZ - ok
14:05:05.0761 2288 uagp35 (750fbcb269f4d7dd2e420c56b795db6d) C:\Windows\system32\DRIVERS\uagp35.sys
14:05:05.0764 2288 uagp35 - ok
14:05:05.0862 2288 udfs (ee43346c7e4b5e63e54f927babbb32ff) C:\Windows\system32\DRIVERS\udfs.sys
14:05:05.0869 2288 udfs - ok
14:05:06.0039 2288 uliagpkx (44e8048ace47befbfdc2e9be4cbc8880) C:\Windows\system32\drivers\uliagpkx.sys
14:05:06.0040 2288 uliagpkx - ok
14:05:06.0185 2288 umbus (d295bed4b898f0fd999fcfa9b32b071b) C:\Windows\system32\DRIVERS\umbus.sys
14:05:06.0187 2288 umbus - ok
14:05:06.0333 2288 UmPass (7550ad0c6998ba1cb4843e920ee0feac) C:\Windows\system32\DRIVERS\umpass.sys
14:05:06.0336 2288 UmPass - ok
14:05:06.0553 2288 USBAAPL (83cafcb53201bbac04d822f32438e244) C:\Windows\system32\Drivers\usbaapl.sys
14:05:06.0555 2288 USBAAPL - ok
14:05:06.0718 2288 usbaudio (1d9f2bd026e8e2d45033a4df3f16b78c) C:\Windows\system32\drivers\usbaudio.sys
14:05:06.0721 2288 usbaudio - ok
14:05:06.0868 2288 usbccgp (bd9c55d7023c5de374507acc7a14e2ac) C:\Windows\system32\DRIVERS\usbccgp.sys
14:05:06.0871 2288 usbccgp - ok
14:05:07.0026 2288 usbcir (04ec7cec62ec3b6d9354eee93327fc82) C:\Windows\system32\drivers\usbcir.sys
14:05:07.0029 2288 usbcir - ok
14:05:07.0178 2288 usbehci (f92de757e4b7ce9c07c5e65423f3ae3b) C:\Windows\system32\DRIVERS\usbehci.sys
14:05:07.0180 2288 usbehci - ok
14:05:07.0337 2288 usbhub (8dc94aec6a7e644a06135ae7506dc2e9) C:\Windows\system32\DRIVERS\usbhub.sys
14:05:07.0345 2288 usbhub - ok
14:05:07.0489 2288 usbohci (e185d44fac515a18d9deddc23c2cdf44) C:\Windows\system32\drivers\usbohci.sys
14:05:07.0491 2288 usbohci - ok
14:05:07.0621 2288 usbprint (797d862fe0875e75c7cc4c1ad7b30252) C:\Windows\system32\DRIVERS\usbprint.sys
14:05:07.0621 2288 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\usbprint.sys. md5: 797d862fe0875e75c7cc4c1ad7b30252
14:05:07.0666 2288 usbprint ( LockedFile.Multi.Generic ) - warning
14:05:07.0666 2288 usbprint - detected LockedFile.Multi.Generic (1)
14:05:07.0785 2288 USBSTOR (f991ab9cc6b908db552166768176896a) C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:05:07.0785 2288 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\USBSTOR.SYS. md5: f991ab9cc6b908db552166768176896a
14:05:07.0832 2288 USBSTOR ( LockedFile.Multi.Generic ) - warning
14:05:07.0832 2288 USBSTOR - detected LockedFile.Multi.Generic (1)
14:05:07.0970 2288 usbuhci (68df884cf41cdada664beb01daf67e3d) C:\Windows\system32\DRIVERS\usbuhci.sys
14:05:07.0970 2288 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\usbuhci.sys. md5: 68df884cf41cdada664beb01daf67e3d
14:05:08.0010 2288 usbuhci ( LockedFile.Multi.Generic ) - warning
14:05:08.0011 2288 usbuhci - detected LockedFile.Multi.Generic (1)
14:05:08.0138 2288 usbvideo (45f4e7bf43db40a6c6b4d92c76cbc3f2) C:\Windows\System32\Drivers\usbvideo.sys
14:05:08.0138 2288 Suspicious file (NoAccess): C:\Windows\System32\Drivers\usbvideo.sys. md5: 45f4e7bf43db40a6c6b4d92c76cbc3f2
14:05:08.0177 2288 usbvideo ( LockedFile.Multi.Generic ) - warning
14:05:08.0177 2288 usbvideo - detected LockedFile.Multi.Generic (1)
14:05:08.0356 2288 vdrvroot (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\Windows\system32\drivers\vdrvroot.sys
14:05:08.0356 2288 Suspicious file (NoAccess): C:\Windows\system32\drivers\vdrvroot.sys. md5: a059c4c3edb09e07d21a8e5c0aabd3cb
14:05:08.0400 2288 vdrvroot ( LockedFile.Multi.Generic ) - warning
14:05:08.0400 2288 vdrvroot - detected LockedFile.Multi.Generic (1)
14:05:08.0571 2288 vga (17c408214ea61696cec9c66e388b14f3) C:\Windows\system32\DRIVERS\vgapnp.sys
14:05:08.0571 2288 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\vgapnp.sys. md5: 17c408214ea61696cec9c66e388b14f3
14:05:08.0627 2288 vga ( LockedFile.Multi.Generic ) - warning
14:05:08.0629 2288 vga - detected LockedFile.Multi.Generic (1)
14:05:08.0754 2288 VgaSave (8e38096ad5c8570a6f1570a61e251561) C:\Windows\System32\drivers\vga.sys
14:05:08.0754 2288 Suspicious file (NoAccess): C:\Windows\System32\drivers\vga.sys. md5: 8e38096ad5c8570a6f1570a61e251561
14:05:08.0816 2288 VgaSave ( LockedFile.Multi.Generic ) - warning
14:05:08.0816 2288 VgaSave - detected LockedFile.Multi.Generic (1)
14:05:08.0921 2288 VGPU - ok
14:05:09.0056 2288 vhdmp (5461686cca2fda57b024547733ab42e3) C:\Windows\system32\drivers\vhdmp.sys
14:05:09.0057 2288 Suspicious file (NoAccess): C:\Windows\system32\drivers\vhdmp.sys. md5: 5461686cca2fda57b024547733ab42e3
14:05:09.0102 2288 vhdmp ( LockedFile.Multi.Generic ) - warning
14:05:09.0102 2288 vhdmp - detected LockedFile.Multi.Generic (1)
14:05:09.0237 2288 viaagp (c829317a37b4bea8f39735d4b076e923) C:\Windows\system32\drivers\viaagp.sys
14:05:09.0237 2288 Suspicious file (NoAccess): C:\Windows\system32\drivers\viaagp.sys. md5: c829317a37b4bea8f39735d4b076e923
14:05:09.0288 2288 viaagp ( LockedFile.Multi.Generic ) - warning
14:05:09.0289 2288 viaagp - detected LockedFile.Multi.Generic (1)
14:05:09.0413 2288 ViaC7 (e02f079a6aa107f06b16549c6e5c7b74) C:\Windows\system32\DRIVERS\viac7.sys
14:05:09.0413 2288 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\viac7.sys. md5: e02f079a6aa107f06b16549c6e5c7b74
14:05:09.0454 2288 ViaC7 ( LockedFile.Multi.Generic ) - warning
14:05:09.0455 2288 ViaC7 - detected LockedFile.Multi.Generic (1)
14:05:09.0549 2288 viaide (e43574f6a56a0ee11809b48c09e4fd3c) C:\Windows\system32\drivers\viaide.sys
14:05:09.0549 2288 Suspicious file (NoAccess): C:\Windows\system32\drivers\viaide.sys. md5: e43574f6a56a0ee11809b48c09e4fd3c
14:05:09.0588 2288 viaide ( LockedFile.Multi.Generic ) - warning
14:05:09.0588 2288 viaide - detected LockedFile.Multi.Generic (1)
14:05:09.0690 2288 vmbus (c2f2911156fdc7817c52829c86da494e) C:\Windows\system32\drivers\vmbus.sys
14:05:09.0690 2288 Suspicious file (NoAccess): C:\Windows\system32\drivers\vmbus.sys. md5: c2f2911156fdc7817c52829c86da494e
14:05:09.0732 2288 vmbus ( LockedFile.Multi.Generic ) - warning
14:05:09.0732 2288 vmbus - detected LockedFile.Multi.Generic (1)
14:05:09.0829 2288 VMBusHID (d4d77455211e204f370d08f4963063ce) C:\Windows\system32\drivers\VMBusHID.sys
14:05:09.0829 2288 Suspicious file (NoAccess): C:\Windows\system32\drivers\VMBusHID.sys. md5: d4d77455211e204f370d08f4963063ce
14:05:09.0877 2288 VMBusHID ( LockedFile.Multi.Generic ) - warning
14:05:09.0877 2288 VMBusHID - detected LockedFile.Multi.Generic (1)
14:05:09.0976 2288 volmgr (4c63e00f2f4b5f86ab48a58cd990f212) C:\Windows\system32\drivers\volmgr.sys
14:05:09.0976 2288 Suspicious file (NoAccess): C:\Windows\system32\drivers\volmgr.sys. md5: 4c63e00f2f4b5f86ab48a58cd990f212
14:05:10.0021 2288 volmgr ( LockedFile.Multi.Generic ) - warning
14:05:10.0022 2288 volmgr - detected LockedFile.Multi.Generic (1)
14:05:10.0179 2288 volmgrx (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\Windows\system32\drivers\volmgrx.sys
14:05:10.0179 2288 Suspicious file (NoAccess): C:\Windows\system32\drivers\volmgrx.sys. md5: b5bb72067ddddbbfb04b2f89ff8c3c87
14:05:10.0223 2288 volmgrx ( LockedFile.Multi.Generic ) - warning
14:05:10.0223 2288 volmgrx - detected LockedFile.Multi.Generic (1)
14:05:10.0371 2288 volsnap (f497f67932c6fa693d7de2780631cfe7) C:\Windows\system32\drivers\volsnap.sys
14:05:10.0371 2288 Suspicious file (NoAccess): C:\Windows\system32\drivers\volsnap.sys. md5: f497f67932c6fa693d7de2780631cfe7
14:05:10.0444 2288 volsnap ( LockedFile.Multi.Generic ) - warning
14:05:10.0444 2288 volsnap - detected LockedFile.Multi.Generic (1)
14:05:10.0567 2288 vsmraid (9dfa0cc2f8855a04816729651175b631) C:\Windows\system32\DRIVERS\vsmraid.sys
14:05:10.0567 2288 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\vsmraid.sys. md5: 9dfa0cc2f8855a04816729651175b631
14:05:10.0613 2288 vsmraid ( LockedFile.Multi.Generic ) - warning
14:05:10.0613 2288 vsmraid - detected LockedFile.Multi.Generic (1)
14:05:10.0781 2288 vwifibus (90567b1e658001e79d7c8bbd3dde5aa6) C:\Windows\system32\DRIVERS\vwifibus.sys
14:05:10.0781 2288 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\vwifibus.sys. md5: 90567b1e658001e79d7c8bbd3dde5aa6
14:05:10.0822 2288 vwifibus ( LockedFile.Multi.Generic ) - warning
14:05:10.0822 2288 vwifibus - detected LockedFile.Multi.Generic (1)
14:05:10.0953 2288 vwififlt (7090d3436eeb4e7da3373090a23448f7) C:\Windows\system32\DRIVERS\vwififlt.sys
14:05:10.0953 2288 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\vwififlt.sys. md5: 7090d3436eeb4e7da3373090a23448f7
14:05:11.0002 2288 vwififlt ( LockedFile.Multi.Generic ) - warning
14:05:11.0002 2288 vwififlt - detected LockedFile.Multi.Generic (1)
14:05:11.0164 2288 WacomPen (de3721e89c653aa281428c8a69745d90) C:\Windows\system32\DRIVERS\wacompen.sys
14:05:11.0165 2288 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\wacompen.sys. md5: de3721e89c653aa281428c8a69745d90
14:05:11.0211 2288 WacomPen ( LockedFile.Multi.Generic ) - warning
14:05:11.0211 2288 WacomPen - detected LockedFile.Multi.Generic (1)
14:05:11.0366 2288 WANARP (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
14:05:11.0366 2288 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\wanarp.sys. md5: 3c3c78515f5ab448b022bdf5b8ffdd2e
14:05:11.0413 2288 WANARP ( LockedFile.Multi.Generic ) - warning
14:05:11.0413 2288 WANARP - detected LockedFile.Multi.Generic (1)
14:05:11.0442 2288 Wanarpv6 (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\Windows\system32\DRIVERS\wanarp.sys
14:05:11.0442 2288 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\wanarp.sys. md5: 3c3c78515f5ab448b022bdf5b8ffdd2e
14:05:11.0450 2288 Wanarpv6 ( LockedFile.Multi.Generic ) - warning
14:05:11.0451 2288 Wanarpv6 - detected LockedFile.Multi.Generic (1)
14:05:11.0712 2288 Wd (1112a9badacb47b7c0bb0392e3158dff) C:\Windows\system32\DRIVERS\wd.sys
14:05:11.0712 2288 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\wd.sys. md5: 1112a9badacb47b7c0bb0392e3158dff
14:05:11.0755 2288 Wd ( LockedFile.Multi.Generic ) - warning
14:05:11.0755 2288 Wd - detected LockedFile.Multi.Generic (1)
14:05:11.0878 2288 WDC_SAM (d6efaf429fd30c5df613d220e344cce7) C:\Windows\system32\DRIVERS\wdcsam.sys
14:05:11.0878 2288 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\wdcsam.sys. md5: d6efaf429fd30c5df613d220e344cce7
14:05:11.0922 2288 WDC_SAM ( LockedFile.Multi.Generic ) - warning
14:05:11.0922 2288 WDC_SAM - detected LockedFile.Multi.Generic (1)
14:05:12.0048 2288 Wdf01000 (9950e3d0f08141c7e89e64456ae7dc73) C:\Windows\system32\drivers\Wdf01000.sys
14:05:12.0048 2288 Suspicious file (NoAccess): C:\Windows\system32\drivers\Wdf01000.sys. md5: 9950e3d0f08141c7e89e64456ae7dc73
14:05:12.0090 2288 Wdf01000 ( LockedFile.Multi.Generic ) - warning
14:05:12.0090 2288 Wdf01000 - detected LockedFile.Multi.Generic (1)
14:05:12.0354 2288 WfpLwf (8b9a943f3b53861f2bfaf6c186168f79) C:\Windows\system32\DRIVERS\wfplwf.sys
14:05:12.0354 2288 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\wfplwf.sys. md5: 8b9a943f3b53861f2bfaf6c186168f79
14:05:12.0402 2288 WfpLwf ( LockedFile.Multi.Generic ) - warning
14:05:12.0402 2288 WfpLwf - detected LockedFile.Multi.Generic (1)
14:05:12.0543 2288 WIMMount (5cf95b35e59e2a38023836fff31be64c) C:\Windows\system32\drivers\wimmount.sys
14:05:12.0543 2288 Suspicious file (NoAccess): C:\Windows\system32\drivers\wimmount.sys. md5: 5cf95b35e59e2a38023836fff31be64c
14:05:12.0591 2288 WIMMount ( LockedFile.Multi.Generic ) - warning
14:05:12.0591 2288 WIMMount - detected LockedFile.Multi.Generic (1)
14:05:12.0841 2288 WinUsb (a67e5f9a400f3bd1be3d80613b45f708) C:\Windows\system32\DRIVERS\WinUsb.sys
14:05:12.0842 2288 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\WinUsb.sys. md5: a67e5f9a400f3bd1be3d80613b45f708
14:05:12.0890 2288 WinUsb ( LockedFile.Multi.Generic ) - warning
14:05:12.0890 2288 WinUsb - detected LockedFile.Multi.Generic (1)
14:05:13.0038 2288 WmiAcpi (0217679b8fca58714c3bf2726d2ca84e) C:\Windows\system32\drivers\wmiacpi.sys
14:05:13.0038 2288 Suspicious file (NoAccess): C:\Windows\system32\drivers\wmiacpi.sys. md5: 0217679b8fca58714c3bf2726d2ca84e
14:05:13.0078 2288 WmiAcpi ( LockedFile.Multi.Generic ) - warning
14:05:13.0078 2288 WmiAcpi - detected LockedFile.Multi.Generic (1)
14:05:13.0345 2288 ws2ifsl (6db3276587b853bf886b69528fdb048c) C:\Windows\system32\drivers\ws2ifsl.sys
14:05:13.0346 2288 Suspicious file (NoAccess): C:\Windows\system32\drivers\ws2ifsl.sys. md5: 6db3276587b853bf886b69528fdb048c
14:05:13.0392 2288 ws2ifsl ( LockedFile.Multi.Generic ) - warning
14:05:13.0392 2288 ws2ifsl - detected LockedFile.Multi.Generic (1)
14:05:13.0647 2288 WudfPf (e714a1c0354636837e20ccbf00888ee7) C:\Windows\system32\drivers\WudfPf.sys
14:05:13.0647 2288 Suspicious file (NoAccess): C:\Windows\system32\drivers\WudfPf.sys. md5: e714a1c0354636837e20ccbf00888ee7
14:05:13.0699 2288 WudfPf ( LockedFile.Multi.Generic ) - warning
14:05:13.0699 2288 WudfPf - detected LockedFile.Multi.Generic (1)
14:05:13.0843 2288 WUDFRd (1023ee888c9b47178c5293ed5336ab69) C:\Windows\system32\DRIVERS\WUDFRd.sys
14:05:13.0843 2288 Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\WUDFRd.sys. md5: 1023ee888c9b47178c5293ed5336ab69
14:05:13.0888 2288 WUDFRd ( LockedFile.Multi.Generic ) - warning
14:05:13.0888 2288 WUDFRd - detected LockedFile.Multi.Generic (1)
14:05:14.0017 2288 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
14:05:14.0116 2288 \Device\Harddisk0\DR0 - ok
14:05:14.0132 2288 Boot (0x1200) (83594d3db54de01c6ed00be1a59d3e05) \Device\Harddisk0\DR0\Partition0
14:05:14.0134 2288 \Device\Harddisk0\DR0\Partition0 - ok
14:05:14.0140 2288 Boot (0x1200) (8aec46ae2f75bcfce8c8775898e8c45b) \Device\Harddisk0\DR0\Partition1
14:05:14.0143 2288 \Device\Harddisk0\DR0\Partition1 - ok
14:05:14.0145 2288 ============================================================
14:05:14.0146 2288 Scan finished
14:05:14.0146 2288 ============================================================
14:05:14.0168 2268 Detected object count: 33
14:05:14.0168 2268 Actual detected object count: 33
14:07:45.0486 2268 C:\Windows\System32\Drivers\6b898942c5ea5f93.sys - copied to quarantine
14:07:45.0486 2268 6b898942c5ea5f93 ( LockedService.Multi.Generic ) - User select action: Quarantine
14:07:45.0531 2268 C:\Windows\system32\DRIVERS\usbprint.sys - copied to quarantine
14:07:45.0531 2268 usbprint ( LockedFile.Multi.Generic ) - User select action: Quarantine
14:07:45.0574 2268 C:\Windows\system32\DRIVERS\USBSTOR.SYS - copied to quarantine
14:07:45.0575 2268 USBSTOR ( LockedFile.Multi.Generic ) - User select action: Quarantine
14:07:45.0680 2268 C:\Windows\system32\DRIVERS\usbuhci.sys - copied to quarantine
14:07:45.0680 2268 usbuhci ( LockedFile.Multi.Generic ) - User select action: Quarantine
14:07:45.0726 2268 C:\Windows\System32\Drivers\usbvideo.sys - copied to quarantine
14:07:45.0727 2268 usbvideo ( LockedFile.Multi.Generic ) - User select action: Quarantine
14:07:45.0777 2268 C:\Windows\system32\drivers\vdrvroot.sys - copied to quarantine
14:07:45.0778 2268 vdrvroot ( LockedFile.Multi.Generic ) - User select action: Quarantine
14:07:45.0859 2268 C:\Windows\system32\DRIVERS\vgapnp.sys - copied to quarantine
14:07:45.0859 2268 vga ( LockedFile.Multi.Generic ) - User select action: Quarantine
14:07:45.0887 2268 C:\Windows\System32\drivers\vga.sys - copied to quarantine
14:07:45.0887 2268 VgaSave ( LockedFile.Multi.Generic ) - User select action: Quarantine
14:07:45.0944 2268 C:\Windows\system32\drivers\vhdmp.sys - copied to quarantine
14:07:45.0945 2268 vhdmp ( LockedFile.Multi.Generic ) - User select action: Quarantine
14:07:46.0047 2268 C:\Windows\system32\drivers\viaagp.sys - copied to quarantine
14:07:46.0048 2268 viaagp ( LockedFile.Multi.Generic ) - User select action: Quarantine
14:07:46.0102 2268 C:\Windows\system32\DRIVERS\viac7.sys - copied to quarantine
14:07:46.0102 2268 ViaC7 ( LockedFile.Multi.Generic ) - User select action: Quarantine
14:07:46.0194 2268 C:\Windows\system32\drivers\viaide.sys - copied to quarantine
14:07:46.0194 2268 viaide ( LockedFile.Multi.Generic ) - User select action: Quarantine
14:07:46.0246 2268 C:\Windows\system32\drivers\vmbus.sys - copied to quarantine
14:07:46.0247 2268 vmbus ( LockedFile.Multi.Generic ) - User select action: Quarantine
14:07:46.0328 2268 C:\Windows\system32\drivers\VMBusHID.sys - copied to quarantine
14:07:46.0329 2268 VMBusHID ( LockedFile.Multi.Generic ) - User select action: Quarantine
14:07:46.0375 2268 C:\Windows\system32\drivers\volmgr.sys - copied to quarantine
14:07:46.0376 2268 volmgr ( LockedFile.Multi.Generic ) - User select action: Quarantine
14:07:46.0433 2268 C:\Windows\system32\drivers\volmgrx.sys - copied to quarantine
14:07:46.0434 2268 volmgrx ( LockedFile.Multi.Generic ) - User select action: Quarantine
14:07:46.0537 2268 C:\Windows\system32\drivers\volsnap.sys - copied to quarantine
14:07:46.0538 2268 volsnap ( LockedFile.Multi.Generic ) - User select action: Quarantine
14:07:46.0855 2268 C:\Windows\system32\DRIVERS\vsmraid.sys - copied to quarantine
14:07:46.0856 2268 vsmraid ( LockedFile.Multi.Generic ) - User select action: Quarantine
14:07:46.0958 2268 C:\Windows\system32\DRIVERS\vwifibus.sys - copied to quarantine
14:07:46.0958 2268 vwifibus ( LockedFile.Multi.Generic ) - User select action: Quarantine
14:07:47.0005 2268 C:\Windows\system32\DRIVERS\vwififlt.sys - copied to quarantine
14:07:47.0005 2268 vwififlt ( LockedFile.Multi.Generic ) - User select action: Quarantine
14:07:47.0093 2268 C:\Windows\system32\DRIVERS\wacompen.sys - copied to quarantine
14:07:47.0093 2268 WacomPen ( LockedFile.Multi.Generic ) - User select action: Quarantine
14:07:47.0188 2268 C:\Windows\system32\DRIVERS\wanarp.sys - copied to quarantine
14:07:47.0189 2268 WANARP ( LockedFile.Multi.Generic ) - User select action: Quarantine
14:07:47.0201 2268 C:\Windows\system32\DRIVERS\wanarp.sys - copied to quarantine
14:07:47.0202 2268 Wanarpv6 ( LockedFile.Multi.Generic ) - User select action: Quarantine
14:07:47.0309 2268 C:\Windows\system32\DRIVERS\wd.sys - copied to quarantine
14:07:47.0309 2268 Wd ( LockedFile.Multi.Generic ) - User select action: Quarantine
14:07:47.0377 2268 C:\Windows\system32\DRIVERS\wdcsam.sys - copied to quarantine
14:07:47.0377 2268 WDC_SAM ( LockedFile.Multi.Generic ) - User select action: Quarantine
14:07:47.0485 2268 C:\Windows\system32\drivers\Wdf01000.sys - copied to quarantine
14:07:47.0486 2268 Wdf01000 ( LockedFile.Multi.Generic ) - User select action: Quarantine
14:07:47.0531 2268 C:\Windows\system32\DRIVERS\wfplwf.sys - copied to quarantine
14:07:47.0531 2268 WfpLwf ( LockedFile.Multi.Generic ) - User select action: Quarantine
14:07:47.0620 2268 C:\Windows\system32\drivers\wimmount.sys - copied to quarantine
14:07:47.0621 2268 WIMMount ( LockedFile.Multi.Generic ) - User select action: Quarantine
14:07:47.0686 2268 C:\Windows\system32\DRIVERS\WinUsb.sys - copied to quarantine
14:07:47.0686 2268 WinUsb ( LockedFile.Multi.Generic ) - User select action: Quarantine
14:07:47.0771 2268 C:\Windows\system32\drivers\wmiacpi.sys - copied to quarantine
14:07:47.0771 2268 WmiAcpi ( LockedFile.Multi.Generic ) - User select action: Quarantine
14:07:47.0856 2268 C:\Windows\system32\drivers\ws2ifsl.sys - copied to quarantine
14:07:47.0856 2268 ws2ifsl ( LockedFile.Multi.Generic ) - User select action: Quarantine
14:07:47.0958 2268 C:\Windows\system32\drivers\WudfPf.sys - copied to quarantine
14:07:47.0958 2268 WudfPf ( LockedFile.Multi.Generic ) - User select action: Quarantine
14:07:48.0030 2268 C:\Windows\system32\DRIVERS\WUDFRd.sys - copied to quarantine
14:07:48.0031 2268 WUDFRd ( LockedFile.Multi.Generic ) - User select action: Quarantine

 

[البارون]

الاداة حاذفه بلاوي من جهازك



ارجع افحص واذا طلع لك اصابات اختر Cure


واذا ماقدر ينظف الملف اختر delete​

 

[ReD_F0X]

مافي كيور , الي فيه بس delete or move to quaranten او skip بس !!

 

[ReD_F0X]

مو عارف اثبت برنامج حماية , من اثبته يطلع لي غلط !!

ومن استخدمة tdsskiller ما يطلع لي الا ثلاث خيارات لما اخترت الحذف صار جهازي مو راضي يشتغل لأني حذفت ملفات نظام اتوقع !!

واذا سويت اني انسخ الحاجات الخطرة لـ السجن الأمني حق البرنامج ما يصير شي لما ابحث مرة ثانيه يرجعون نفس الأشياء الخطرة حقتي !!

ماني عارف والله وش اسوي تلخبطت اموري والله ! , ما ادري اسوي فورمات والله ما ودي بس ماني عارف وش اسوي !

 

[البارون]

طيب بس لا تخبص في الحلول

راجع تقييمك :u:​

 

[ReD_F0X]

من الي يخبص في الحلول , واي تقييم تقصد ؟

 

[البارون]

اخوي انا متعامل مع المشكلة للمرة الثالثه وكلها الحمد والفضل لله تم حلها

روح للرسائل الخاصه -- تعديل الوقيع ثم موافق

سيظهر لك التقييمات ارسلت لك حل طبقته اول

طبق الحل اللي ارسلته لك ويصير خير ان شاء الله​

 

[ReD_F0X]

اخوي , لقيت اخر تقييم استلمته , لكن لم اضغط عليه يوديني نفس الموضوع حقي !!

والخطوات الي قلتها ماهي موجودة , ماعندي خيار رسائل خاصه فـ دخلت على لوحة التحكم وشفت اخر تقييم , ماني شايف الحل !

 

[البارون]

طيب اعمل

التالي

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

 

[ReD_F0X]

طبقت الطريقة الي قلتلي ياها , وطلعلي في البداية 6 اشياء فيها ثريت وحذفتها بس ما خزنت التقرير , بعدين سويت ريستارات وسويت تعديل

بعد كذا بعد ما سويت ريستارات حق التعديل , سويت بحث من جديد تفاجأت ان فيه برضوا في حاجات خطرة ! , وسويت بحث كامل وحذفتهم وسويت تعديل برضوا وسويت ريستارات , وبرضوا ما زال نفس الأشياء الي حذفتهم كأنهم يرجعون وهذا اخر تقرير سويته

SUPERAntiSpyware Scan Log

يجب عليك تسجيل الدخول او تسجيل لمشاهدة الرابط المخفي

Generated 02/11/2012 at 02:20 AM

Application Version : 5.0.1144

Core Rules Database Version : 8228
Trace Rules Database Version: 6040

Scan type : Complete Scan
Total Scan Time : 00:42:23

Operating System Information
Windows 7 Ultimate 32-bit, Service Pack 1 (Build 6.01.7601)
UAC On - Administrator

Memory items scanned : 575
Memory threats detected : 0
Registry items scanned : 36604
Registry threats detected : 3
File items scanned : 36871
File threats detected : 2

Rootkit.Cloaked/Service-GEN
HKLM\system\controlset001\services\6b898942c5ea5f93
C:\WINDOWS\SYSTEM32\DRIVERS\6B898942C5EA5F93.SYS
HKLM\system\controlset002\services\6b898942c5ea5f93
HKLM\system\controlset003\services\6b898942c5ea5f93

Adware.Tracking Cookie
.statcounter.com [ C:\USERS\MANSOUR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FEBEPROF.AA\COOKIES.SQLITE ]

 

[ReD_F0X]

up

 

[ReD_F0X]

يا جماعه , طبقت مثل قلتولي بالضبط , صحيح انه حذف الي فيهم خطر على جهازي لكن المشكلة ان لما اسوي ريستارات يرجعون نفس الاخطاء من جديد , واحذفهم ولا يزالون موجودين !!

غير كذا برامج الحماية مو راضيه تشتغل لما اثبتها !! , يعني الطريقة مانفعت بتاتاً !