MBR sektor 0. fyzického disku - Win32/Agent.SDG.Gen trojský

Zpráva

#16 Příspěvek od **vyosek** » 25 bře 2012 12:39

Pokud nemate, tak presunte Combofix na plochu

Spustte poznamkovy blok (Start-spustit-notepad)
Zkopirujte skript nize

KillAll::

File::
c:\program files (x86)\BS_Player\tbBS_1.dll
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

Registry::
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}"=-
[-HKEY_CLASSES_ROOT\clsid\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]
[-HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}"=-
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=-
"uTorrent"=-
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=-
"Steam"=-
"Skype"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"NBKeyScan"=-
"SwitchBoard"=-
"AdobeCS5ServiceManager"=-
"LogMeIn Hamachi Ui"=-

Driver::
gupdate
gupdatem
eamonm

RegLock::
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

ClearJavaCache::

AtJob::

Reboot::

Ulozte vytvoreny TXT jako CFScript.txt
Pretahnete vytvoreny CFScript.txt nad Combofix a pustte (viz obrazek nize)
Po aplikaci skriptu (a pripadnem restartu) na Vas vypadne log, jeho obsah sem vlozte

Muze se stat, ze po aplikaci skriptu nenabehnou windows, v tomto pripade restartuje PC a mackejte F8 a zvolte Posledni znamou konfiguraci

Well · #17 Příspěvek od **Well** » 25 bře 2012 13:19

ComboFix 12-03-22.01 - Well 25.03.2012 13:46:59.2.2 - x64
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.420.1029.18.4095.2158 [GMT 2:00]
Spuštěný z: c:\users\Well\Desktop\ComboFix.exe
Použité ovládací přepínače :: c:\users\Well\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\program files (x86)\BS_Player\tbBS_1.dll"
"c:\windows\Tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\Tasks\GoogleUpdateTaskMachineUA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\BS_Player\tbBS_1.dll
c:\users\Well\AppData\Local\Temp\bad4021e-8b96-4726-a482-7caebf5bc001\CliSecureRT.dll
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_EAMONM
-------\Service_eamonm
-------\Service_gupdate
-------\Service_gupdatem
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-02-25 do 2012-03-25 )))))))))))))))))))))))))))))))
.
.
2012-03-25 12:04 . 2012-03-25 12:04 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2012-03-25 12:04 . 2012-03-25 12:04 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-03-25 10:05 . 2012-03-25 10:05 -------- d-----w- C:\TDSSKiller_Quarantine
2012-03-25 08:59 . 2012-03-20 01:51 8669240 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{A3C76EF3-C229-4618-B625-5AEFB6622248}\mpengine.dll
2012-03-25 08:53 . 2012-03-06 23:01 24408 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-03-25 08:53 . 2012-03-06 23:04 337240 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-03-25 08:52 . 2012-03-06 23:02 53080 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2012-03-25 08:52 . 2012-03-06 23:01 59224 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-03-25 08:52 . 2012-03-06 23:15 258520 ----a-w- c:\windows\system32\aswBoot.exe
2012-03-25 08:52 . 2012-03-06 23:04 819032 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-03-25 08:52 . 2012-03-06 23:01 69976 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-03-25 08:52 . 2012-03-06 23:15 41184 ----a-w- c:\windows\avastSS.scr
2012-03-25 08:52 . 2012-03-06 23:15 201352 ----a-w- c:\windows\SysWow64\aswBoot.exe
2012-03-25 08:52 . 2012-03-25 08:52 -------- d-----w- c:\programdata\AVAST Software
2012-03-25 08:52 . 2012-03-25 08:52 -------- d-----w- c:\program files\AVAST Software
2012-03-25 08:44 . 2011-10-26 05:19 43520 ----a-w- c:\windows\system32\csrsrv.dll
2012-03-25 08:43 . 2011-12-16 08:42 634368 ----a-w- c:\windows\system32\msvcrt.dll
2012-03-25 08:43 . 2011-12-16 07:59 690688 ----a-w- c:\windows\SysWow64\msvcrt.dll
2012-03-25 08:43 . 2011-11-05 05:17 2048 ----a-w- c:\windows\system32\tzres.dll
2012-03-25 08:43 . 2011-11-05 04:30 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2012-03-25 08:43 . 2011-05-24 11:21 404992 ----a-w- c:\windows\system32\umpnpmgr.dll
2012-03-25 08:43 . 2011-05-24 10:34 145920 ----a-w- c:\windows\SysWow64\cfgmgr32.dll
2012-03-25 08:43 . 2011-05-24 10:32 252928 ----a-w- c:\windows\SysWow64\drvinst.exe
2012-03-25 08:43 . 2011-05-24 10:34 64512 ----a-w- c:\windows\SysWow64\devobj.dll
2012-03-25 08:43 . 2011-05-24 10:34 44544 ----a-w- c:\windows\SysWow64\devrtl.dll
2012-03-25 08:41 . 2011-06-23 05:29 5507968 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-03-25 08:41 . 2011-06-23 04:38 3957120 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-03-25 08:41 . 2011-06-23 04:38 3902336 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-03-25 08:40 . 2011-11-19 15:07 77312 ----a-w- c:\windows\system32\packager.dll
2012-03-25 08:40 . 2011-11-19 14:06 67072 ----a-w- c:\windows\SysWow64\packager.dll
2012-03-24 23:07 . 2012-03-25 09:14 -------- d-----w- c:\program files\trend micro
2012-03-24 23:07 . 2012-03-25 09:14 -------- d-----w- C:\rsit
2012-03-24 22:11 . 2010-06-25 14:32 202704 ----a-w- c:\windows\system32\drivers\VBoxDrv.sys
2012-03-24 22:10 . 2010-06-25 14:32 53968 ----a-w- c:\windows\system32\drivers\VBoxUSBMon.sys
2012-03-24 21:59 . 2012-03-24 22:37 -------- d-----w- C:\VB
2012-03-24 18:26 . 2012-03-24 22:34 -------- d-----w- c:\users\Well\.VirtualBox
2012-03-24 18:24 . 2012-03-24 22:34 -------- dc----w- c:\windows\system32\DRVSTORE
2012-03-24 11:14 . 2012-03-24 11:14 -------- d-----w- c:\program files (x86)\Common Files\Skype
2012-03-11 13:29 . 2012-03-13 12:49 -------- d-----w- c:\program files\n2n Gui
2012-03-11 13:29 . 2011-04-26 10:21 31232 ----a-w- c:\windows\system32\drivers\tap0901.sys
2012-03-11 13:18 . 2012-03-11 13:18 -------- d-----w- c:\program files (x86)\LogMeIn Hamachi
2012-03-11 13:01 . 2012-03-11 13:01 -------- d-----w- c:\program files (x86)\Mplayer
2012-02-28 23:52 . 2012-02-28 23:52 -------- d-----w- c:\program files (x86)\MSECache
2012-02-28 23:15 . 2012-02-28 23:15 -------- d-----w- C:\Output
2012-02-28 23:13 . 2012-03-11 11:17 -------- d-----w- c:\program files (x86)\Free Power Word to Pdf Converter
2012-02-28 23:03 . 2012-02-28 23:03 -------- d-----w- c:\program files (x86)\WordToPDF
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-02-23 07:18 . 2010-04-17 21:48 279656 ------w- c:\windows\system32\MpSigStub.exe
2012-02-12 19:08 . 2012-02-12 19:59 3567 ----a-w- c:\windows\system32\porttalk.sys
2012-02-12 19:08 . 2012-02-12 19:10 3567 ----a-w- c:\windows\system32\drivers\porttalk.sys
2012-02-12 19:00 . 2012-02-12 19:01 3567 ----a-w- c:\windows\SysWow64\drivers\porttalk.sys
2012-02-12 19:00 . 2012-02-12 19:00 3567 ----a-w- c:\windows\SysWow64\porttalk.sys
.
.
((((((((((((((((((((((((((((( SnapShot@2012-03-25_10.44.36 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-07-14 04:54 . 2012-03-25 12:07 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2012-03-25 10:43 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2009-07-14 04:54 . 2012-03-25 10:43 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2012-03-25 12:07 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2012-03-25 10:43 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2012-03-25 12:07 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:46 . 2012-03-25 10:47 74624 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat
+ 2012-03-25 10:50 . 2012-03-25 10:50 96768 c:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationProvider\013d0a034a80783a1fe0d2bce36320d8\UIAutomationProvider.ni.dll
+ 2012-03-25 11:54 . 2012-03-25 11:54 55808 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Xaml.Hosting\47f6ea69069f7d17084a398d895a9ec4\System.Xaml.Hosting.ni.dll
+ 2012-03-25 11:55 . 2012-03-25 11:55 35328 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Pres#\b86972649b794b01c59d01f9b2ab5787\System.Windows.Presentation.ni.dll
+ 2012-03-25 11:55 . 2012-03-25 11:55 24064 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Routing\0a7f5a77622c0d65261516beb451152c\System.Web.Routing.ni.dll
+ 2012-03-25 11:55 . 2012-03-25 11:55 46592 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.DynamicD#\a10f07555cba1fd2fc6ff55a03864dd4\System.Web.DynamicData.Design.ni.dll
+ 2012-03-25 10:50 . 2012-03-25 10:50 71680 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Applicat#\b59f84e4e68ff03e62609547e1fdbee6\System.Web.ApplicationServices.ni.dll
+ 2012-03-25 11:55 . 2012-03-25 11:55 24576 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Abstract#\4e683304b19ef12d1f773681bc79151a\System.Web.Abstractions.ni.dll
+ 2012-03-25 11:55 . 2012-03-25 11:55 82432 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\9bf340a8e5c89c636e0b0c53e2e73148\System.ServiceModel.Channels.ni.dll
+ 2012-03-25 11:55 . 2012-03-25 11:55 12288 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\483bf5b6924a3e3995dbda1c871bece8\System.ServiceModel.ServiceMoniker40.ni.dll
+ 2012-03-25 10:50 . 2012-03-25 10:50 78848 c:\windows\assembly\NativeImages_v4.0.30319_32\System.AddIn.Contra#\c5cdb3a265f03b81d7136289317c98bb\System.AddIn.Contract.ni.dll
+ 2012-03-25 12:07 . 2012-03-25 12:07 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2012-03-25 10:43 . 2012-03-25 10:43 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2012-03-25 10:43 . 2012-03-25 10:43 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2012-03-25 12:07 . 2012-03-25 12:07 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2009-07-14 02:36 . 2012-03-25 10:48 655054 c:\windows\system32\perfh009.dat
- 2009-07-14 02:36 . 2012-03-25 10:13 655054 c:\windows\system32\perfh009.dat
- 2009-07-14 15:18 . 2012-03-25 10:13 669660 c:\windows\system32\perfh005.dat
+ 2009-07-14 15:18 . 2012-03-25 10:48 669660 c:\windows\system32\perfh005.dat
+ 2009-07-14 02:36 . 2012-03-25 10:48 121926 c:\windows\system32\perfc009.dat
- 2009-07-14 02:36 . 2012-03-25 10:13 121926 c:\windows\system32\perfc009.dat
+ 2009-07-14 15:18 . 2012-03-25 10:48 141292 c:\windows\system32\perfc005.dat
- 2009-07-14 15:18 . 2012-03-25 10:13 141292 c:\windows\system32\perfc005.dat
- 2009-07-14 05:01 . 2012-03-25 10:42 481940 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 05:01 . 2012-03-25 12:06 481940 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2012-03-25 11:55 . 2012-03-25 11:55 404480 c:\windows\assembly\NativeImages_v4.0.30319_32\XamlBuildTask\c196ea488d825259c99ffa29395413cb\XamlBuildTask.ni.dll
+ 2012-03-25 11:55 . 2012-03-25 11:55 252416 c:\windows\assembly\NativeImages_v4.0.30319_32\WindowsFormsIntegra#\bf8117d5681242b905e4867c16dda12f\WindowsFormsIntegration.ni.dll
+ 2012-03-25 10:50 . 2012-03-25 10:50 196096 c:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationTypes\0cf84aa42a233529437103774866bca3\UIAutomationTypes.ni.dll
+ 2012-03-25 11:55 . 2012-03-25 11:55 482816 c:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationClient\714435bc508396d4e6ab54a3fee6a78e\UIAutomationClient.ni.dll
+ 2012-03-25 10:50 . 2012-03-25 10:50 391680 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\fbc9e7f5a62cd063391f559d45a25e77\System.Xml.Linq.ni.dll
+ 2012-03-25 10:50 . 2012-03-25 10:50 188928 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Inpu#\14dc083dfaada456633cd62f4b160d6d\System.Windows.Input.Manipulations.ni.dll
+ 2012-03-25 11:55 . 2012-03-25 11:55 194048 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Form#\0e7088bfe1c9f8a27fc2b80c4492601f\System.Windows.Forms.DataVisualization.Design.ni.dll
+ 2012-03-25 10:50 . 2012-03-25 10:50 224256 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.RegularE#\2dcdefe9b9e5a3b8af5bb2c3c9476439\System.Web.RegularExpressions.ni.dll
+ 2012-03-25 11:55 . 2012-03-25 11:55 864256 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Extensio#\b00d8bc3d166ae91895c78ba76f39836\System.Web.Extensions.Design.ni.dll
+ 2012-03-25 11:55 . 2012-03-25 11:55 334848 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Entity\b0b92034d82eb8cc9adf0f14bf223f47\System.Web.Entity.ni.dll
+ 2012-03-25 11:55 . 2012-03-25 11:55 297984 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Entity.D#\1db4ba9eddee8d6ff0c646f493259d05\System.Web.Entity.Design.ni.dll
+ 2012-03-25 11:55 . 2012-03-25 11:55 708096 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.DynamicD#\32cd49c79f90118dba19ba3dc11642bf\System.Web.DynamicData.ni.dll
+ 2012-03-25 11:55 . 2012-03-25 11:55 260096 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.DataVisu#\d6af6cc945559c37175a8ab90e6bfde6\System.Web.DataVisualization.Design.ni.dll
+ 2012-03-25 10:50 . 2012-03-25 10:50 646656 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Transactions\d5430a5f8465903987644febf578089a\System.Transactions.ni.dll
+ 2012-03-25 10:50 . 2012-03-25 10:50 221696 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\c0d63fa3035a4b6d2a10209e4d6d03f9\System.ServiceProcess.ni.dll
+ 2012-03-25 11:55 . 2012-03-25 11:55 365056 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\58965dfe610f5b5d9a4e5827dc72d855\System.ServiceModel.Routing.ni.dll
+ 2012-03-25 11:54 . 2012-03-25 11:54 425472 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\17cd6edb541b9ca8ede64dc9c601498a\System.ServiceModel.Activation.ni.dll
+ 2012-03-25 10:50 . 2012-03-25 10:50 771584 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\cc0e014ebf9164643ffee39f7b442ef4\System.Runtime.Remoting.ni.dll
+ 2012-03-25 10:50 . 2012-03-25 10:50 241664 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Cach#\635280d11c6327465bade17baa210d17\System.Runtime.Caching.ni.dll
+ 2012-03-25 11:55 . 2012-03-25 11:55 653312 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Net\b8454ac1b9e617697e67f5c310c7de20\System.Net.ni.dll
+ 2012-03-25 11:54 . 2012-03-25 11:54 626176 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Messaging\c48798fe0e59571a2f5564b654c157dd\System.Messaging.ni.dll
+ 2012-03-25 11:55 . 2012-03-25 11:55 395264 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Management.I#\fba8b0d0aa8e619ddfcc256f5ad89a6e\System.Management.Instrumentation.ni.dll
+ 2012-03-25 11:55 . 2012-03-25 11:55 413696 c:\windows\assembly\NativeImages_v4.0.30319_32\System.IO.Log\e19f36950226c7181b8607450dd76a22\System.IO.Log.ni.dll
+ 2012-03-25 11:54 . 2012-03-25 11:54 229376 c:\windows\assembly\NativeImages_v4.0.30319_32\System.IdentityMode#\e81c39a3878aef410a79750a4fa12a26\System.IdentityModel.Selectors.ni.dll
+ 2012-03-25 10:50 . 2012-03-25 10:50 236032 c:\windows\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\488265a4a8a155b664f548a9308fe9fb\System.EnterpriseServices.Wrapper.dll
+ 2012-03-25 10:50 . 2012-03-25 10:50 786944 c:\windows\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\488265a4a8a155b664f548a9308fe9fb\System.EnterpriseServices.ni.dll
+ 2012-03-25 10:50 . 2012-03-25 10:50 468992 c:\windows\assembly\NativeImages_v4.0.30319_32\System.DirectorySer#\e0077e4ac49cb79f1ba5ce49cfd0e711\System.DirectoryServices.Protocols.ni.dll
+ 2012-03-25 11:55 . 2012-03-25 11:55 913920 c:\windows\assembly\NativeImages_v4.0.30319_32\System.DirectorySer#\59ed9913ff6a0e9d20f1e3e2e7a053d6\System.DirectoryServices.AccountManagement.ni.dll
+ 2012-03-25 11:54 . 2012-03-25 11:54 112640 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Device\5f7433ba29c2d111270c504abb5afa89\System.Device.ni.dll
+ 2012-03-25 11:54 . 2012-03-25 11:54 508416 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.Service#\ee8d2351ad9fbdfa414944c142c60647\System.Data.Services.Design.ni.dll
+ 2012-03-25 11:24 . 2012-03-25 11:24 134656 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.DataSet#\da39955566aec1c3e5c8470291f36874\System.Data.DataSetExtensions.ni.dll
+ 2012-03-25 10:50 . 2012-03-25 10:50 148480 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Configuratio#\22596f7cac3f02cbdef83209d7ebbce2\System.Configuration.Install.ni.dll
+ 2012-03-25 11:24 . 2012-03-25 11:24 194048 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ComponentMod#\2f21453f441a44e306c612e62c575132\System.ComponentModel.DataAnnotations.ni.dll
+ 2012-03-25 10:50 . 2012-03-25 10:50 617984 c:\windows\assembly\NativeImages_v4.0.30319_32\System.AddIn\4c5bcc63b60d964c419df68be1ff331a\System.AddIn.ni.dll
+ 2012-03-25 10:50 . 2012-03-25 10:50 404992 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Activities.D#\b83ed592935f5c81fcda48711c2fce16\System.Activities.DurableInstancing.ni.dll
+ 2012-03-25 10:50 . 2012-03-25 10:50 142848 c:\windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\41b6973133c4e0a0b772f85682b02331\SMDiagnostics.ni.dll
- 2011-05-30 14:30 . 2012-03-25 10:42 7764040 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1552637797-538921506-3541309676-1001-8192.dat
+ 2011-05-30 14:30 . 2012-03-25 12:06 7764040 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1552637797-538921506-3541309676-1001-8192.dat
+ 2012-03-25 11:55 . 2012-03-25 11:55 1057792 c:\windows\assembly\NativeImages_v4.0.30319_32\UIAutomationClients#\87d6689ffbc37f34da474de5e5ab1713\UIAutomationClientsideProviders.ni.dll
+ 2012-03-25 11:55 . 2012-03-25 11:55 1208320 c:\windows\assembly\NativeImages_v4.0.30319_32\System.WorkflowServ#\1684bcdf008a4b139a075f7d6212de8f\System.WorkflowServices.ni.dll
+ 2012-03-25 11:55 . 2012-03-25 11:55 1969152 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Workflow.Run#\6b36b5ba79a9ddd99fe79376deaec640\System.Workflow.Runtime.ni.dll
+ 2012-03-25 11:55 . 2012-03-25 11:55 4461568 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Workflow.Com#\00125d5712986f1f5e76e0787d110275\System.Workflow.ComponentModel.ni.dll
+ 2012-03-25 11:55 . 2012-03-25 11:55 2871808 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Workflow.Act#\98a846dd267dee1aa707076ef8202bde\System.Workflow.Activities.ni.dll
+ 2012-03-25 11:55 . 2012-03-25 11:55 4544512 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Form#\23dc5ee1627099a435259184398c8c18\System.Windows.Forms.DataVisualization.ni.dll
+ 2012-03-25 10:50 . 2012-03-25 10:50 1897472 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Services\dd8ab0ee8dc45623e2c28660c966621e\System.Web.Services.ni.dll
+ 2012-03-25 11:55 . 2012-03-25 11:55 2334720 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Mobile\3d894aeb543a7d2a8c6806309aedee66\System.Web.Mobile.ni.dll
+ 2012-03-25 11:54 . 2012-03-25 11:54 3123200 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.Extensio#\b3eb5fb70bb45b50dc769fab47f6654c\System.Web.Extensions.ni.dll
+ 2012-03-25 11:55 . 2012-03-25 11:55 4535808 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web.DataVisu#\c430bee72c919812287e70799a3c7eee\System.Web.DataVisualization.ni.dll
+ 2012-03-25 11:55 . 2012-03-25 11:55 2011136 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Speech\471bd9045043d300c1e9083fe96179d3\System.Speech.ni.dll
+ 2012-03-25 11:55 . 2012-03-25 11:55 1128960 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\ed6033def458156a3739c490dc5ab276\System.ServiceModel.Discovery.ni.dll
+ 2012-03-25 11:54 . 2012-03-25 11:54 1051648 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\2c37d10adeb8eac9e3743739888a851d\System.ServiceModel.Web.ni.dll
+ 2012-03-25 11:54 . 2012-03-25 11:54 1387520 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\1f9eeedcbb9596c36e860bddde96164f\System.ServiceModel.Activities.ni.dll
+ 2012-03-25 10:50 . 2012-03-25 10:50 2637312 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\b9b013711388610ae6d7d3fe33246320\System.Runtime.Serialization.ni.dll
+ 2012-03-25 10:50 . 2012-03-25 10:50 1020928 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Dura#\c961499c3d36ed4c19f78e073900882b\System.Runtime.DurableInstancing.ni.dll
+ 2012-03-25 10:50 . 2012-03-25 10:50 1050112 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Printing\f17ba19cd2d65ec60b80180d47b52649\System.Printing.ni.dll
+ 2012-03-25 11:54 . 2012-03-25 11:54 1218560 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Management\3dda5443c426708b378bed4bccd8a9b8\System.Management.ni.dll
+ 2012-03-25 11:54 . 2012-03-25 11:54 1072128 c:\windows\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\bdc91113911d829da2d8507fe3b9bbca\System.IdentityModel.ni.dll
+ 2012-03-25 10:50 . 2012-03-25 10:50 1172992 c:\windows\assembly\NativeImages_v4.0.30319_32\System.DirectorySer#\9e3834edc4526a6b1049efaa13d86423\System.DirectoryServices.ni.dll
+ 2012-03-25 11:54 . 2012-03-25 11:54 2018304 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.Services\5af9830f053492dc25650c115bc4ae29\System.Data.Services.ni.dll
+ 2012-03-25 11:54 . 2012-03-25 11:54 1338880 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.Service#\f02de5e8c76f7d524c6f5c78ae219170\System.Data.Services.Client.ni.dll
+ 2012-03-25 10:50 . 2012-03-25 10:50 1189376 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.OracleC#\916b266e8861b8fef7e8b416ba25f253\System.Data.OracleClient.ni.dll
+ 2012-03-25 11:54 . 2012-03-25 11:54 1408000 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.Entity.#\b6f2ba02f16f37f07a780e056f8a0335\System.Data.Entity.Design.ni.dll
+ 2012-03-25 10:50 . 2012-03-25 10:50 4120576 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Activities\f30f707a8f4cac9a89d60d0b5eb5adf7\System.Activities.ni.dll
+ 2012-03-25 10:50 . 2012-03-25 10:50 3713024 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Activities.P#\bf7633fd67d33d7eb2eb796837a49dc8\System.Activities.Presentation.ni.dll
+ 2012-03-25 10:50 . 2012-03-25 10:50 1518592 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Activities.C#\66324caa66c3f8df5fe7467a1f17d13d\System.Activities.Core.Presentation.ni.dll
+ 2012-03-25 10:50 . 2012-03-25 10:50 2859008 c:\windows\assembly\NativeImages_v4.0.30319_32\ReachFramework\9f576aefe41556188cbeb99d1d66f232\ReachFramework.ni.dll
+ 2012-03-25 10:50 . 2012-03-25 10:50 1630720 c:\windows\assembly\NativeImages_v4.0.30319_32\PresentationUI\7d070bb3c25bbdc8ba916bbf0ccfa86a\PresentationUI.ni.dll
+ 2012-03-25 11:54 . 2012-03-25 11:54 2452480 c:\windows\assembly\NativeImages_v4.0.30319_32\Microsoft.JScript\975fa714fc2395258d741fa8f27a1774\Microsoft.JScript.ni.dll
+ 2012-03-25 10:50 . 2012-03-25 10:50 12078080 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Web\4aa324a7a2d4f2e6c23a60a36910a808\System.Web.ni.dll
+ 2012-03-25 11:54 . 2012-03-25 11:54 17996800 c:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\38bda63c19aeaf545ae43d4b9654b607\System.ServiceModel.ni.dll
+ 2012-03-25 11:54 . 2012-03-25 11:54 13325312 c:\windows\assembly\NativeImages_v4.0.30319_32\System.Data.Entity\6840d246a019bdc6b0f29eb42f494e9e\System.Data.Entity.ni.dll
.
-- Snímek resetován k současnému datu --
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1475072]
"Seznam Postak"="c:\program files (x86)\Seznam.cz\bin\postak.exe" [2012-01-10 491040]
"KiesHelper"="c:\program files (x86)\Samsung\Kies\KiesHelper.exe" [2011-12-27 937360]
"KiesPDLR"="c:\program files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2011-12-27 21392]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016]
"Print2PDF Print Monitor"="c:\program files (x86)\Software602\Print2PDF\Print2PDF.exe" [2009-02-25 77824]
"KiesTrayAgent"="c:\program files (x86)\Samsung\Kies\KiesTrayAgent.exe" [2011-12-27 3508624]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-03-06 4241512]
.
c:\users\Well\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Samsung Auto Backup Guage.lnk - c:\program files (x86)\Clarus\Samsung Auto Backup\ISFGuage.exe [2010-12-25 823296]
Samsung Auto Backup Real-Time Daemon.lnk - c:\program files (x86)\Clarus\Samsung Auto Backup\ISFRealTimeD.exe [2010-12-25 65536]
Samsung Auto Backup Scheduler.lnk - c:\program files (x86)\Clarus\Samsung Auto Backup\ISFTimerD.exe [2010-12-25 102400]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"ISUSScheduler"="c:\program files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
"SunJavaUpdateSched"="c:\program files (x86)\Java\jre6\bin\jusched.exe"
"TkBellExe"="c:\program files (x86)\real\realplayer\Update\realsched.exe" -osboot
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" -atboottime
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-02-29 158856]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2010-05-02 1030600]
R3 GGSAFERDriver;GGSAFER Driver;c:\program files (x86)\Garena\safedrv.sys [x]
R3 mdf15;mdf15;c:\program files (x86)\Clarus\Samsung SecretZone\mdf15.sys [2010-03-18 12288]
R3 mvd21;mvd21;c:\program files (x86)\Clarus\Samsung SecretZone\mvd21.sys [2010-06-14 64512]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [x]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [x]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [x]
R3 VBoxNetFlt;VBoxNetFlt Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [x]
R4 SZASSIST;SecretZone Assist Service;c:\program files (x86)\Clarus\Samsung SecretZone\SZAssistSVC.exe [2010-07-30 90112]
R4 WPEServ;soft Xpansion Print2Document;c:\program files (x86)\Common Files\WPE\wpeserv.exe [2008-03-17 339968]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S2 aksdf;aksdf;c:\windows\system32\DRIVERS\aksdf.sys [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-02-28 2343816]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-10-15 2253120]
S2 TeamViewer6;TeamViewer 6;c:\program files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-08-30 2358656]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe [2010-10-27 1974080]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys [2010-10-07 11856]
.
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-03-06 23:15 135408 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CanonSolutionMenu"="c:\program files (x86)\Canon\SolutionMenu\CNSLMAIN.exe" [2008-03-10 689488]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2008-03-17 2114376]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
"combofix"="c:\combofix\CF8019.3XE" [2009-07-14 344576]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://fullarticles.net
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportovat do aplikace Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
DPF: {9BD3C5C6-BCBA-47BF-9CC0-0D5D3E117DE1} - hxxp://www.bravearms.com/razor/plugins/WebMediaPlayer.cab
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash11e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
c:\windows\SysWOW64\IoctlSvc.exe
c:\program files (x86)\Google\Update\GoogleUpdate.exe
.
**************************************************************************
.
Celkový čas: 2012-03-25 14:18:42 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-03-25 12:18
ComboFix2.txt 2012-03-25 10:57
.
Před spuštěním: Volných bajtů: 14 949 703 680
Po spuštění: Volných bajtů: 16 345 640 960
.
- - End Of File - - 0391F60534F7EC45E1DDD64234A04F65

#18 Příspěvek od **vyosek** » 25 bře 2012 13:29

Udelejte novy sken MBRScanem a TDSSKillerem

Well · #19 Příspěvek od **Well** » 25 bře 2012 13:33

14:31:39.0789 8908 TDSS rootkit removing tool 2.7.22.0 Mar 21 2012 17:40:00
14:31:39.0892 8908 ============================================================
14:31:39.0892 8908 Current date / time: 2012/03/25 14:31:39.0892
14:31:39.0892 8908 SystemInfo:
14:31:39.0892 8908
14:31:39.0892 8908 OS Version: 6.1.7600 ServicePack: 0.0
14:31:39.0892 8908 Product type: Workstation
14:31:39.0892 8908 ComputerName: WELL-PC
14:31:39.0892 8908 UserName: Well
14:31:39.0892 8908 Windows directory: C:\Windows
14:31:39.0892 8908 System windows directory: C:\Windows
14:31:39.0892 8908 Running under WOW64
14:31:39.0892 8908 Processor architecture: Intel x64
14:31:39.0892 8908 Number of processors: 2
14:31:39.0892 8908 Page size: 0x1000
14:31:39.0892 8908 Boot type: Normal boot
14:31:39.0892 8908 ============================================================
14:31:40.0612 8908 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:31:40.0642 8908 Drive \Device\Harddisk2\DR2 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
14:31:42.0537 8908 \Device\Harddisk0\DR0:
14:31:42.0537 8908 MBR used
14:31:42.0537 8908 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xC350000
14:31:42.0537 8908 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0xC350800, BlocksNum 0x2E035000
14:31:42.0537 8908 \Device\Harddisk2\DR2:
14:31:42.0537 8908 MBR used
14:31:42.0537 8908 \Device\Harddisk2\DR2\Partition0: MBR, Type 0x7, StartLBA 0x40, BlocksNum 0x2542D681
14:31:42.0597 8908 Initialize success
14:31:42.0597 8908 ============================================================
14:31:47.0762 7260 ============================================================
14:31:47.0762 7260 Scan started
14:31:47.0762 7260 Mode: Manual; SigCheck; TDLFS;
14:31:47.0762 7260 ============================================================
14:31:48.0300 7260 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys
14:31:48.0365 7260 1394ohci - ok
14:31:48.0397 7260 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys
14:31:48.0412 7260 ACPI - ok
14:31:48.0430 7260 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys
14:31:48.0467 7260 AcpiPmi - ok
14:31:48.0502 7260 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
14:31:48.0520 7260 adp94xx - ok
14:31:48.0535 7260 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
14:31:48.0550 7260 adpahci - ok
14:31:48.0567 7260 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
14:31:48.0580 7260 adpu320 - ok
14:31:48.0607 7260 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
14:31:48.0687 7260 AeLookupSvc - ok
14:31:48.0747 7260 AFD (db9d6c6b2cd95a9ca414d045b627422e) C:\Windows\system32\drivers\afd.sys
14:31:48.0785 7260 AFD - ok
14:31:48.0800 7260 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys
14:31:48.0810 7260 agp440 - ok
14:31:48.0847 7260 aksdf (bc569a6c209d94f6643ee35710aec1f6) C:\Windows\system32\DRIVERS\aksdf.sys
14:31:48.0872 7260 aksdf - ok
14:31:48.0885 7260 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
14:31:48.0920 7260 ALG - ok
14:31:48.0930 7260 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys
14:31:48.0940 7260 aliide - ok
14:31:48.0955 7260 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys
14:31:48.0965 7260 amdide - ok
14:31:48.0992 7260 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
14:31:49.0015 7260 AmdK8 - ok
14:31:49.0027 7260 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
14:31:49.0050 7260 AmdPPM - ok
14:31:49.0085 7260 amdsata (7a4b413614c055935567cf88a9734d38) C:\Windows\system32\DRIVERS\amdsata.sys
14:31:49.0097 7260 amdsata - ok
14:31:49.0115 7260 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
14:31:49.0125 7260 amdsbs - ok
14:31:49.0140 7260 amdxata (b4ad0cacbab298671dd6f6ef7e20679d) C:\Windows\system32\DRIVERS\amdxata.sys
14:31:49.0150 7260 amdxata - ok
14:31:49.0170 7260 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
14:31:49.0225 7260 AppID - ok
14:31:49.0232 7260 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
14:31:49.0272 7260 AppIDSvc - ok
14:31:49.0287 7260 Appinfo (d065be66822847b7f127d1f90158376e) C:\Windows\System32\appinfo.dll
14:31:49.0317 7260 Appinfo - ok
14:31:49.0365 7260 AppMgmt (4aba3e75a76195a3e38ed2766c962899) C:\Windows\System32\appmgmts.dll
14:31:49.0390 7260 AppMgmt - ok
14:31:49.0407 7260 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
14:31:49.0417 7260 arc - ok
14:31:49.0430 7260 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
14:31:49.0440 7260 arcsas - ok
14:31:49.0517 7260 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
14:31:49.0527 7260 aspnet_state - ok
14:31:49.0575 7260 aswFsBlk (b9da213b5271db5fce962d827e6d620d) C:\Windows\system32\drivers\aswFsBlk.sys
14:31:49.0592 7260 aswFsBlk - ok
14:31:49.0630 7260 aswMonFlt (21c9835d0e5ad2ff0f16134bcb32cc71) C:\Windows\system32\drivers\aswMonFlt.sys
14:31:49.0637 7260 aswMonFlt - ok
14:31:49.0675 7260 aswRdr (1b96a5867abd4fa6135d8298fcccf9c6) C:\Windows\System32\Drivers\aswrdr2.sys
14:31:49.0682 7260 aswRdr - ok
14:31:49.0732 7260 aswSnx (6e98bb288696777a3a8a07a52b0eaee9) C:\Windows\system32\drivers\aswSnx.sys
14:31:49.0747 7260 aswSnx - ok
14:31:49.0795 7260 aswSP (d9fb49f16e4eb02efecae8cbfe4bcb4c) C:\Windows\system32\drivers\aswSP.sys
14:31:49.0807 7260 aswSP - ok
14:31:49.0822 7260 aswTdi (7352bb9a564b94bbd7c9cbf165f55006) C:\Windows\system32\drivers\aswTdi.sys
14:31:49.0832 7260 aswTdi - ok
14:31:49.0847 7260 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
14:31:49.0880 7260 AsyncMac - ok
14:31:49.0895 7260 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys
14:31:49.0905 7260 atapi - ok
14:31:49.0950 7260 AudioEndpointBuilder (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
14:31:49.0997 7260 AudioEndpointBuilder - ok
14:31:50.0025 7260 AudioSrv (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
14:31:50.0055 7260 AudioSrv - ok
14:31:50.0120 7260 avast! Antivirus (4041d31508a2a084dfb42c595854090f) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
14:31:50.0130 7260 avast! Antivirus - ok
14:31:50.0170 7260 AxInstSV (b20b5fa5ca050e9926e4d1db81501b32) C:\Windows\System32\AxInstSV.dll
14:31:50.0202 7260 AxInstSV - ok
14:31:50.0237 7260 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
14:31:50.0265 7260 b06bdrv - ok
14:31:50.0302 7260 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
14:31:50.0330 7260 b57nd60a - ok
14:31:50.0352 7260 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
14:31:50.0382 7260 BDESVC - ok
14:31:50.0395 7260 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
14:31:50.0420 7260 Beep - ok
14:31:50.0462 7260 BFE (4992c609a6315671463e30f6512bc022) C:\Windows\System32\bfe.dll
14:31:50.0505 7260 BFE - ok
14:31:50.0537 7260 BITS (7f0c323fe3da28aa4aa1bda3f575707f) C:\Windows\system32\qmgr.dll
14:31:50.0580 7260 BITS - ok
14:31:50.0610 7260 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
14:31:50.0630 7260 blbdrive - ok
14:31:50.0657 7260 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys
14:31:50.0690 7260 bowser - ok
14:31:50.0752 7260 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
14:31:50.0825 7260 BrFiltLo - ok
14:31:50.0845 7260 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
14:31:50.0867 7260 BrFiltUp - ok
14:31:50.0910 7260 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
14:31:50.0937 7260 BridgeMP - ok
14:31:50.0957 7260 Browser (94fbc06f294d58d02361918418f996e3) C:\Windows\System32\browser.dll
14:31:50.0992 7260 Browser - ok
14:31:51.0015 7260 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
14:31:51.0035 7260 Brserid - ok
14:31:51.0050 7260 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
14:31:51.0072 7260 BrSerWdm - ok
14:31:51.0085 7260 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
14:31:51.0100 7260 BrUsbMdm - ok
14:31:51.0115 7260 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
14:31:51.0125 7260 BrUsbSer - ok
14:31:51.0152 7260 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
14:31:51.0165 7260 BTHMODEM - ok
14:31:51.0205 7260 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
14:31:51.0242 7260 bthserv - ok
14:31:51.0255 7260 catchme - ok
14:31:51.0272 7260 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
14:31:51.0302 7260 cdfs - ok
14:31:51.0337 7260 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
14:31:51.0357 7260 cdrom - ok
14:31:51.0382 7260 CertPropSvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
14:31:51.0422 7260 CertPropSvc - ok
14:31:51.0450 7260 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
14:31:51.0465 7260 circlass - ok
14:31:51.0480 7260 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
14:31:51.0495 7260 CLFS - ok
14:31:51.0535 7260 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:31:51.0545 7260 clr_optimization_v2.0.50727_32 - ok
14:31:51.0565 7260 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
14:31:51.0575 7260 clr_optimization_v2.0.50727_64 - ok
14:31:51.0630 7260 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:31:51.0640 7260 clr_optimization_v4.0.30319_32 - ok
14:31:51.0680 7260 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
14:31:51.0690 7260 clr_optimization_v4.0.30319_64 - ok
14:31:51.0715 7260 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
14:31:51.0732 7260 CmBatt - ok
14:31:51.0742 7260 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys
14:31:51.0752 7260 cmdide - ok
14:31:51.0782 7260 CNG (937beb186a735aca91d717044a49d17e) C:\Windows\system32\Drivers\cng.sys
14:31:51.0822 7260 CNG - ok
14:31:51.0837 7260 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
14:31:51.0847 7260 Compbatt - ok
14:31:51.0877 7260 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys
14:31:51.0897 7260 CompositeBus - ok
14:31:51.0917 7260 COMSysApp - ok
14:31:51.0935 7260 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
14:31:51.0945 7260 crcdisk - ok
14:31:51.0977 7260 CryptSvc (8c57411b66282c01533cb776f98ad384) C:\Windows\system32\cryptsvc.dll
14:31:52.0017 7260 CryptSvc - ok
14:31:52.0042 7260 CSC (4a6173c2279b498cd8f57cae504564cb) C:\Windows\system32\drivers\csc.sys
14:31:52.0077 7260 CSC - ok
14:31:52.0107 7260 CscService (873fbf927c06e5cee04dec617502f8fd) C:\Windows\System32\cscsvc.dll
14:31:52.0135 7260 CscService - ok
14:31:52.0162 7260 DcomLaunch (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll
14:31:52.0202 7260 DcomLaunch - ok
14:31:52.0220 7260 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
14:31:52.0255 7260 defragsvc - ok
14:31:52.0280 7260 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys
14:31:52.0302 7260 DfsC - ok
14:31:52.0337 7260 Dhcp (ce3b9562d997f69b330d181a8875960f) C:\Windows\system32\dhcpcore.dll
14:31:52.0387 7260 Dhcp - ok
14:31:52.0412 7260 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
14:31:52.0447 7260 discache - ok
14:31:52.0477 7260 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
14:31:52.0487 7260 Disk - ok
14:31:52.0520 7260 Dnscache (85cf424c74a1d5ec33533e1dbff9920a) C:\Windows\System32\dnsrslvr.dll
14:31:52.0550 7260 Dnscache - ok
14:31:52.0567 7260 dot3svc (14452acdb09b70964c8c21bf80a13acb) C:\Windows\System32\dot3svc.dll
14:31:52.0597 7260 dot3svc - ok
14:31:52.0615 7260 DPS (8c2ba6bea949ee6e68385f5692bafb94) C:\Windows\system32\dps.dll
14:31:52.0645 7260 DPS - ok
14:31:52.0675 7260 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
14:31:52.0687 7260 drmkaud - ok
14:31:52.0732 7260 DXGKrnl (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys
14:31:52.0750 7260 DXGKrnl - ok
14:31:52.0770 7260 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
14:31:52.0805 7260 EapHost - ok
14:31:52.0870 7260 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
14:31:52.0945 7260 ebdrv - ok
14:31:52.0972 7260 EFS (156f6159457d0aa7e59b62681b56eb90) C:\Windows\System32\lsass.exe
14:31:53.0005 7260 EFS - ok
14:31:53.0045 7260 ehRecvr (b91d81b3b54a54ccafc03733dbc2e29e) C:\Windows\ehome\ehRecvr.exe
14:31:53.0077 7260 ehRecvr - ok
14:31:53.0087 7260 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
14:31:53.0102 7260 ehSched - ok
14:31:53.0140 7260 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
14:31:53.0157 7260 elxstor - ok
14:31:53.0172 7260 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys
14:31:53.0190 7260 ErrDev - ok
14:31:53.0222 7260 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
14:31:53.0265 7260 EventSystem - ok
14:31:53.0285 7260 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
14:31:53.0312 7260 exfat - ok
14:31:53.0327 7260 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
14:31:53.0367 7260 fastfat - ok
14:31:53.0392 7260 Fax (d607b2f1bee3992aa6c2c92c0a2f0855) C:\Windows\system32\fxssvc.exe
14:31:53.0430 7260 Fax - ok
14:31:53.0445 7260 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
14:31:53.0457 7260 fdc - ok
14:31:53.0477 7260 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
14:31:53.0505 7260 fdPHost - ok
14:31:53.0532 7260 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
14:31:53.0560 7260 FDResPub - ok
14:31:53.0567 7260 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
14:31:53.0577 7260 FileInfo - ok
14:31:53.0592 7260 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
14:31:53.0620 7260 Filetrace - ok
14:31:53.0700 7260 FLEXnet Licensing Service 64 (259dc094e2d3f08654c8fb73d8ecc0f5) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
14:31:53.0720 7260 FLEXnet Licensing Service 64 ( UnsignedFile.Multi.Generic ) - warning
14:31:53.0720 7260 FLEXnet Licensing Service 64 - detected UnsignedFile.Multi.Generic (1)
14:31:53.0732 7260 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
14:31:53.0745 7260 flpydisk - ok
14:31:53.0777 7260 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
14:31:53.0790 7260 FltMgr - ok
14:31:53.0837 7260 FontCache (bc00505cfda789ed3be95d2ff38c4875) C:\Windows\system32\FntCache.dll
14:31:53.0870 7260 FontCache - ok
14:31:53.0920 7260 FontCache3.0.0.0 (8d89e3131c27fdd6932189cb785e1b7a) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:31:53.0927 7260 FontCache3.0.0.0 - ok
14:31:53.0942 7260 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
14:31:53.0952 7260 FsDepends - ok
14:31:53.0967 7260 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
14:31:53.0975 7260 Fs_Rec - ok
14:31:54.0015 7260 fvevol (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys
14:31:54.0030 7260 fvevol - ok
14:31:54.0060 7260 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
14:31:54.0070 7260 gagp30kx - ok
14:31:54.0107 7260 GGSAFERDriver - ok
14:31:54.0137 7260 gpsvc (fe5ab4525bc2ec68b9119a6e5d40128b) C:\Windows\System32\gpsvc.dll
14:31:54.0172 7260 gpsvc - ok
14:31:54.0197 7260 hamachi (1e6438d4ea6e1174a3b3b1edc4de660b) C:\Windows\system32\DRIVERS\hamachi.sys
14:31:54.0207 7260 hamachi - ok
14:31:54.0277 7260 Hamachi2Svc (d483dbaef409e8ab7477c28615fcd853) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
14:31:54.0325 7260 Hamachi2Svc - ok
14:31:54.0380 7260 Hardlock (d8bf3c594bd17a37960362e6c6739b90) C:\Windows\system32\drivers\hardlock.sys
14:31:54.0407 7260 Hardlock - ok
14:31:54.0427 7260 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
14:31:54.0452 7260 hcw85cir - ok
14:31:54.0502 7260 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys
14:31:54.0530 7260 HdAudAddService - ok
14:31:54.0547 7260 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys
14:31:54.0572 7260 HDAudBus - ok
14:31:54.0587 7260 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
14:31:54.0607 7260 HidBatt - ok
14:31:54.0622 7260 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
14:31:54.0640 7260 HidBth - ok
14:31:54.0655 7260 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
14:31:54.0680 7260 HidIr - ok
14:31:54.0707 7260 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll
14:31:54.0742 7260 hidserv - ok
14:31:54.0787 7260 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
14:31:54.0797 7260 HidUsb - ok
14:31:54.0815 7260 hkmsvc (efa58ede58dd74388ffd04cb32681518) C:\Windows\system32\kmsvc.dll
14:31:54.0850 7260 hkmsvc - ok
14:31:54.0867 7260 HomeGroupListener (046b2673767ca626e2cfb7fdf735e9e8) C:\Windows\system32\ListSvc.dll
14:31:54.0887 7260 HomeGroupListener - ok
14:31:54.0912 7260 HomeGroupProvider (06a7422224d9865a5613710a089987df) C:\Windows\system32\provsvc.dll
14:31:54.0927 7260 HomeGroupProvider - ok
14:31:54.0945 7260 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys
14:31:54.0955 7260 HpSAMD - ok
14:31:54.0992 7260 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
14:31:55.0030 7260 HTTP - ok
14:31:55.0045 7260 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
14:31:55.0055 7260 hwpolicy - ok
14:31:55.0085 7260 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
14:31:55.0097 7260 i8042prt - ok
14:31:55.0117 7260 iaStorV (d83efb6fd45df9d55e9a1afc63640d50) C:\Windows\system32\DRIVERS\iaStorV.sys
14:31:55.0132 7260 iaStorV - ok
14:31:55.0192 7260 idsvc (2f2be70d3e02b6fa877921ab9516d43c) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
14:31:55.0215 7260 idsvc - ok
14:31:55.0235 7260 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
14:31:55.0245 7260 iirsp - ok
14:31:55.0275 7260 IKEEXT (c5b4683680df085b57bc53e5ef34861f) C:\Windows\System32\ikeext.dll
14:31:55.0312 7260 IKEEXT - ok
14:31:55.0330 7260 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys
14:31:55.0340 7260 intelide - ok
14:31:55.0365 7260 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
14:31:55.0387 7260 intelppm - ok
14:31:55.0405 7260 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
14:31:55.0445 7260 IPBusEnum - ok
14:31:55.0460 7260 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:31:55.0487 7260 IpFilterDriver - ok
14:31:55.0510 7260 iphlpsvc (f8e058d17363ec580e4b7232778b6cb5) C:\Windows\System32\iphlpsvc.dll
14:31:55.0545 7260 iphlpsvc - ok
14:31:55.0562 7260 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys
14:31:55.0575 7260 IPMIDRV - ok
14:31:55.0592 7260 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
14:31:55.0632 7260 IPNAT - ok
14:31:55.0657 7260 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
14:31:55.0672 7260 IRENUM - ok
14:31:55.0690 7260 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys
14:31:55.0700 7260 isapnp - ok
14:31:55.0715 7260 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys
14:31:55.0727 7260 iScsiPrt - ok
14:31:55.0760 7260 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
14:31:55.0770 7260 kbdclass - ok
14:31:55.0782 7260 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
14:31:55.0795 7260 kbdhid - ok
14:31:55.0822 7260 KeyIso (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
14:31:55.0835 7260 KeyIso - ok
14:31:55.0885 7260 KSecDD (16c1b906fc5ead84769f90b736b6bf0e) C:\Windows\system32\Drivers\ksecdd.sys
14:31:55.0895 7260 KSecDD - ok
14:31:55.0915 7260 KSecPkg (0b711550c56444879d71c7daabda6c83) C:\Windows\system32\Drivers\ksecpkg.sys
14:31:55.0927 7260 KSecPkg - ok
14:31:55.0942 7260 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
14:31:55.0975 7260 ksthunk - ok
14:31:56.0005 7260 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
14:31:56.0042 7260 KtmRm - ok
14:31:56.0077 7260 L1E (b8e670d7ef61615fa03104552854fac9) C:\Windows\system32\DRIVERS\L1E62x64.sys
14:31:56.0100 7260 L1E - ok
14:31:56.0147 7260 LanmanServer (81f1d04d4d0e433099365127375fd501) C:\Windows\System32\srvsvc.dll
14:31:56.0170 7260 LanmanServer - ok
14:31:56.0197 7260 LanmanWorkstation (27026eac8818e8a6c00a1cad2f11d29a) C:\Windows\System32\wkssvc.dll
14:31:56.0232 7260 LanmanWorkstation - ok
14:31:56.0260 7260 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
14:31:56.0287 7260 lltdio - ok
14:31:56.0307 7260 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
14:31:56.0340 7260 lltdsvc - ok
14:31:56.0355 7260 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
14:31:56.0385 7260 lmhosts - ok
14:31:56.0410 7260 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
14:31:56.0422 7260 LSI_FC - ok
14:31:56.0437 7260 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
14:31:56.0447 7260 LSI_SAS - ok
14:31:56.0460 7260 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
14:31:56.0470 7260 LSI_SAS2 - ok
14:31:56.0485 7260 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
14:31:56.0495 7260 LSI_SCSI - ok
14:31:56.0527 7260 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
14:31:56.0560 7260 luafv - ok
14:31:56.0590 7260 Mcx2Svc (f84c8f1000bc11e3b7b23cbd3baff111) C:\Windows\system32\Mcx2Svc.dll
14:31:56.0602 7260 Mcx2Svc - ok
14:31:56.0687 7260 mdf15 (5264306c82ed8b51cc8273f377976e3c) C:\Program Files (x86)\Clarus\Samsung SecretZone\mdf15.sys
14:31:56.0692 7260 mdf15 ( UnsignedFile.Multi.Generic ) - warning
14:31:56.0692 7260 mdf15 - detected UnsignedFile.Multi.Generic (1)
14:31:56.0707 7260 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
14:31:56.0717 7260 megasas - ok
14:31:56.0735 7260 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
14:31:56.0750 7260 MegaSR - ok
14:31:56.0780 7260 Microsoft Office Groove Audit Service (fafe367d032ed82e9332b4c741a20216) C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
14:31:56.0790 7260 Microsoft Office Groove Audit Service - ok
14:31:56.0805 7260 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
14:31:56.0832 7260 MMCSS - ok
14:31:56.0847 7260 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
14:31:56.0875 7260 Modem - ok
14:31:56.0907 7260 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
14:31:56.0927 7260 monitor - ok
14:31:56.0957 7260 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
14:31:56.0967 7260 mouclass - ok
14:31:56.0992 7260 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
14:31:57.0005 7260 mouhid - ok
14:31:57.0020 7260 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
14:31:57.0030 7260 mountmgr - ok
14:31:57.0047 7260 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys
14:31:57.0060 7260 mpio - ok
14:31:57.0072 7260 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
14:31:57.0100 7260 mpsdrv - ok
14:31:57.0125 7260 MpsSvc (aecab449567d1846dad63ece49e893e3) C:\Windows\system32\mpssvc.dll
14:31:57.0162 7260 MpsSvc - ok
14:31:57.0180 7260 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
14:31:57.0207 7260 MRxDAV - ok
14:31:57.0235 7260 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys
14:31:57.0260 7260 mrxsmb - ok
14:31:57.0280 7260 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:31:57.0295 7260 mrxsmb10 - ok
14:31:57.0310 7260 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:31:57.0337 7260 mrxsmb20 - ok
14:31:57.0357 7260 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys
14:31:57.0367 7260 msahci - ok
14:31:57.0382 7260 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys
14:31:57.0395 7260 msdsm - ok
14:31:57.0410 7260 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
14:31:57.0425 7260 MSDTC - ok
14:31:57.0452 7260 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
14:31:57.0480 7260 Msfs - ok
14:31:57.0492 7260 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
14:31:57.0520 7260 mshidkmdf - ok
14:31:57.0540 7260 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys
14:31:57.0550 7260 msisadrv - ok
14:31:57.0585 7260 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
14:31:57.0612 7260 MSiSCSI - ok
14:31:57.0620 7260 msiserver - ok
14:31:57.0647 7260 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
14:31:57.0685 7260 MSKSSRV - ok
14:31:57.0710 7260 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
14:31:57.0747 7260 MSPCLOCK - ok
14:31:57.0760 7260 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
14:31:57.0795 7260 MSPQM - ok
14:31:57.0812 7260 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
14:31:57.0825 7260 MsRPC - ok
14:31:57.0845 7260 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
14:31:57.0855 7260 mssmbios - ok
14:31:57.0865 7260 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
14:31:57.0900 7260 MSTEE - ok
14:31:57.0912 7260 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
14:31:57.0935 7260 MTConfig - ok
14:31:57.0985 7260 MTsensor (03b7145c889603537e9ffeabb1ad1089) C:\Windows\system32\DRIVERS\ASACPI.sys
14:31:57.0997 7260 MTsensor - ok
14:31:58.0027 7260 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
14:31:58.0037 7260 Mup - ok
14:31:58.0097 7260 mvd21 (2ffe3b3bebc8570b111aaaa5befeabcc) C:\Program Files (x86)\Clarus\Samsung SecretZone\mvd21.sys
14:31:58.0110 7260 mvd21 ( UnsignedFile.Multi.Generic ) - warning
14:31:58.0110 7260 mvd21 - detected UnsignedFile.Multi.Generic (1)
14:31:58.0140 7260 napagent (4987e079a4530fa737a128be54b63b12) C:\Windows\system32\qagentRT.dll
14:31:58.0175 7260 napagent - ok
14:31:58.0200 7260 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
14:31:58.0227 7260 NativeWifiP - ok
14:31:58.0265 7260 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
14:31:58.0285 7260 NDIS - ok
14:31:58.0310 7260 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
14:31:58.0337 7260 NdisCap - ok
14:31:58.0370 7260 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
14:31:58.0402 7260 NdisTapi - ok
14:31:58.0417 7260 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
14:31:58.0450 7260 Ndisuio - ok
14:31:58.0462 7260 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
14:31:58.0490 7260 NdisWan - ok
14:31:58.0502 7260 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
14:31:58.0530 7260 NDProxy - ok
14:31:58.0652 7260 Nero BackItUp Scheduler 3 (2aae889742376edc5c3203dfb74f28fd) C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
14:31:58.0670 7260 Nero BackItUp Scheduler 3 - ok
14:31:58.0680 7260 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
14:31:58.0715 7260 NetBIOS - ok
14:31:58.0730 7260 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
14:31:58.0772 7260 NetBT - ok
14:31:58.0797 7260 Netlogon (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
14:31:58.0810 7260 Netlogon - ok
14:31:58.0842 7260 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
14:31:58.0872 7260 Netman - ok
14:31:58.0945 7260 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:31:58.0952 7260 NetMsmqActivator - ok
14:31:58.0965 7260 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:31:58.0975 7260 NetPipeActivator - ok
14:31:59.0002 7260 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
14:31:59.0052 7260 netprofm - ok
14:31:59.0057 7260 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:31:59.0067 7260 NetTcpActivator - ok
14:31:59.0070 7260 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:31:59.0080 7260 NetTcpPortSharing - ok
14:31:59.0105 7260 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
14:31:59.0115 7260 nfrd960 - ok
14:31:59.0142 7260 NlaSvc (d9a0ce66046d6efa0c61baa885cba0a8) C:\Windows\System32\nlasvc.dll
14:31:59.0185 7260 NlaSvc - ok
14:31:59.0282 7260 NMIndexingService (cb992ae1506985d9167e85883b4c3240) C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe
14:31:59.0295 7260 NMIndexingService - ok
14:31:59.0310 7260 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
14:31:59.0337 7260 Npfs - ok
14:31:59.0350 7260 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
14:31:59.0377 7260 nsi - ok
14:31:59.0385 7260 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
14:31:59.0422 7260 nsiproxy - ok
14:31:59.0465 7260 Ntfs (356698a13c4630d5b31c37378d469196) C:\Windows\system32\drivers\Ntfs.sys
14:31:59.0492 7260 Ntfs - ok
14:31:59.0510 7260 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
14:31:59.0542 7260 Null - ok
14:31:59.0755 7260 nvlddmkm (b15258b1f45f9571758ac6bb2f043b01) C:\Windows\system32\DRIVERS\nvlddmkm.sys
14:31:59.0895 7260 nvlddmkm - ok
14:31:59.0917 7260 nvraid (3e38712941e9bb4ddbee00affe3fed3d) C:\Windows\system32\DRIVERS\nvraid.sys
14:31:59.0930 7260 nvraid - ok
14:31:59.0947 7260 nvstor (477dc4d6deb99be37084c9ac6d013da1) C:\Windows\system32\DRIVERS\nvstor.sys
14:31:59.0960 7260 nvstor - ok
14:32:00.0030 7260 nvsvc (2d7092fec9bd2aca199673bba2ba9277) C:\Windows\system32\nvvsvc.exe
14:32:00.0062 7260 nvsvc - ok
14:32:00.0142 7260 nvUpdatusService (7e22de30e222bfdfcec7e77032baf3cd) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
14:32:00.0172 7260 nvUpdatusService - ok
14:32:00.0202 7260 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys
14:32:00.0215 7260 nv_agp - ok
14:32:00.0290 7260 odserv (84de1dd996b48b05ace31ad015fa108a) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
14:32:00.0305 7260 odserv - ok
14:32:00.0320 7260 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys
14:32:00.0335 7260 ohci1394 - ok
14:32:00.0377 7260 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:32:00.0387 7260 ose - ok
14:32:00.0415 7260 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
14:32:00.0447 7260 p2pimsvc - ok
14:32:00.0477 7260 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
14:32:00.0495 7260 p2psvc - ok
14:32:00.0510 7260 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
14:32:00.0525 7260 Parport - ok
14:32:00.0537 7260 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys
14:32:00.0547 7260 partmgr - ok
14:32:00.0560 7260 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
14:32:00.0580 7260 PcaSvc - ok
14:32:00.0590 7260 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys
14:32:00.0602 7260 pci - ok
14:32:00.0622 7260 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys
14:32:00.0632 7260 pciide - ok
14:32:00.0655 7260 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
14:32:00.0667 7260 pcmcia - ok
14:32:00.0680 7260 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
14:32:00.0690 7260 pcw - ok
14:32:00.0712 7260 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
14:32:00.0757 7260 PEAUTH - ok
14:32:00.0797 7260 PeerDistSvc (b9b0a4299dd2d76a4243f75fd54dc680) C:\Windows\system32\peerdistsvc.dll
14:32:00.0845 7260 PeerDistSvc - ok
14:32:00.0880 7260 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
14:32:00.0902 7260 PerfHost - ok
14:32:00.0947 7260 pla (557e9a86f65f0de18c9b6751dfe9d3f1) C:\Windows\system32\pla.dll
14:32:00.0992 7260 pla - ok
14:32:01.0032 7260 PLFlash DeviceIoControl Service (875e4e0661f3a5994df9e5e3a0a4f96b) C:\Windows\SysWOW64\IoctlSvc.exe
14:32:01.0037 7260 PLFlash DeviceIoControl Service ( UnsignedFile.Multi.Generic ) - warning
14:32:01.0037 7260 PLFlash DeviceIoControl Service - detected UnsignedFile.Multi.Generic (1)
14:32:01.0065 7260 PlugPlay (98b1721b8718164293b9701b98c52d77) C:\Windows\system32\umpnpmgr.dll
14:32:01.0092 7260 PlugPlay - ok
14:32:01.0105 7260 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
14:32:01.0127 7260 PNRPAutoReg - ok
14:32:01.0147 7260 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
14:32:01.0162 7260 PNRPsvc - ok
14:32:01.0190 7260 PolicyAgent (166eb40d1f5b47e615de3d0fffe5f243) C:\Windows\System32\ipsecsvc.dll
14:32:01.0225 7260 PolicyAgent - ok
14:32:01.0247 7260 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
14:32:01.0277 7260 Power - ok
14:32:01.0322 7260 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
14:32:01.0360 7260 PptpMiniport - ok
14:32:01.0380 7260 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
14:32:01.0400 7260 Processor - ok
14:32:01.0417 7260 ProfSvc (f381975e1f4346de875cb07339ce8d3a) C:\Windows\system32\profsvc.dll
14:32:01.0447 7260 ProfSvc - ok
14:32:01.0480 7260 ProtectedStorage (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
14:32:01.0492 7260 ProtectedStorage - ok
14:32:01.0522 7260 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
14:32:01.0550 7260 Psched - ok
14:32:01.0590 7260 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
14:32:01.0622 7260 ql2300 - ok
14:32:01.0652 7260 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
14:32:01.0665 7260 ql40xx - ok
14:32:01.0687 7260 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
14:32:01.0707 7260 QWAVE - ok
14:32:01.0722 7260 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
14:32:01.0745 7260 QWAVEdrv - ok
14:32:01.0760 7260 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
14:32:01.0787 7260 RasAcd - ok
14:32:01.0837 7260 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
14:32:01.0872 7260 RasAgileVpn - ok
14:32:01.0892 7260 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
14:32:01.0922 7260 RasAuto - ok
14:32:01.0942 7260 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
14:32:01.0985 7260 Rasl2tp - ok
14:32:02.0005 7260 RasMan (47394ed3d16d053f5906efe5ab51cc83) C:\Windows\System32\rasmans.dll
14:32:02.0050 7260 RasMan - ok
14:32:02.0065 7260 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
14:32:02.0092 7260 RasPppoe - ok
14:32:02.0120 7260 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
14:32:02.0150 7260 RasSstp - ok
14:32:02.0165 7260 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
14:32:02.0202 7260 rdbss - ok
14:32:02.0220 7260 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
14:32:02.0232 7260 rdpbus - ok
14:32:02.0245 7260 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
14:32:02.0272 7260 RDPCDD - ok
14:32:02.0300 7260 RDPDR (9706b84dbabfc4b4ca46c5a82b14dfa3) C:\Windows\system32\drivers\rdpdr.sys
14:32:02.0322 7260 RDPDR - ok
14:32:02.0352 7260 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
14:32:02.0380 7260 RDPENCDD - ok
14:32:02.0395 7260 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
14:32:02.0422 7260 RDPREFMP - ok
14:32:02.0450 7260 RDPWD (074ac702d8b8b660b0e1371555995386) C:\Windows\system32\drivers\RDPWD.sys
14:32:02.0475 7260 RDPWD - ok
14:32:02.0492 7260 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys
14:32:02.0505 7260 rdyboost - ok
14:32:02.0530 7260 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
14:32:02.0572 7260 RemoteAccess - ok
14:32:02.0590 7260 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
14:32:02.0632 7260 RemoteRegistry - ok
14:32:02.0650 7260 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
14:32:02.0682 7260 RpcEptMapper - ok
14:32:02.0707 7260 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
14:32:02.0720 7260 RpcLocator - ok
14:32:02.0745 7260 RpcSs (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll
14:32:02.0777 7260 RpcSs - ok
14:32:02.0795 7260 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
14:32:02.0827 7260 rspndr - ok
14:32:02.0845 7260 s3cap (88af6e02ab19df7fd07ecdf9c91e9af6) C:\Windows\system32\DRIVERS\vms3cap.sys
14:32:02.0870 7260 s3cap - ok
14:32:02.0897 7260 SamSs (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
14:32:02.0910 7260 SamSs - ok
14:32:02.0927 7260 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys
14:32:02.0937 7260 sbp2port - ok
14:32:02.0945 7260 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
14:32:02.0977 7260 SCardSvr - ok
14:32:02.0987 7260 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
14:32:03.0025 7260 scfilter - ok
14:32:03.0065 7260 Schedule (624d0f5ff99428bb90a5b8a4123e918e) C:\Windows\system32\schedsvc.dll
14:32:03.0092 7260 Schedule - ok
14:32:03.0115 7260 SCPolicySvc (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
14:32:03.0142 7260 SCPolicySvc - ok
14:32:03.0165 7260 SDRSVC (765a27c3279ce11d14cb9e4f5869fca5) C:\Windows\System32\SDRSVC.dll
14:32:03.0197 7260 SDRSVC - ok
14:32:03.0225 7260 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
14:32:03.0255 7260 secdrv - ok
14:32:03.0267 7260 seclogon (463b386ebc70f98da5dff85f7e654346) C:\Windows\system32\seclogon.dll
14:32:03.0297 7260 seclogon - ok
14:32:03.0310 7260 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\system32\sens.dll
14:32:03.0345 7260 SENS - ok
14:32:03.0362 7260 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
14:32:03.0392 7260 SensrSvc - ok
14:32:03.0420 7260 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
14:32:03.0440 7260 Serenum - ok
14:32:03.0457 7260 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
14:32:03.0470 7260 Serial - ok
14:32:03.0490 7260 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
14:32:03.0512 7260 sermouse - ok
14:32:03.0532 7260 SessionEnv (c3bc61ce47ff6f4e88ab8a3b429a36af) C:\Windows\system32\sessenv.dll
14:32:03.0562 7260 SessionEnv - ok
14:32:03.0582 7260 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\DRIVERS\sffdisk.sys
14:32:03.0605 7260 sffdisk - ok
14:32:03.0615 7260 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\DRIVERS\sffp_mmc.sys
14:32:03.0630 7260 sffp_mmc - ok
14:32:03.0647 7260 sffp_sd (5588b8c6193eb1522490c122eb94dffa) C:\Windows\system32\DRIVERS\sffp_sd.sys
14:32:03.0660 7260 sffp_sd - ok
14:32:03.0672 7260 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
14:32:03.0685 7260 sfloppy - ok
14:32:03.0715 7260 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
14:32:03.0792 7260 SharedAccess - ok
14:32:03.0847 7260 ShellHWDetection (0298ac45d0efffb2db4baa7dd186e7bf) C:\Windows\System32\shsvcs.dll
14:32:03.0875 7260 ShellHWDetection - ok
14:32:03.0905 7260 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
14:32:03.0915 7260 SiSRaid2 - ok
14:32:03.0935 7260 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
14:32:03.0945 7260 SiSRaid4 - ok
14:32:03.0990 7260 SkypeUpdate (6128e98eaaed364ed1a32708d2fd22cb) C:\Program Files (x86)\Skype\Updater\Updater.exe
14:32:04.0000 7260 SkypeUpdate - ok
14:32:04.0032 7260 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
14:32:04.0067 7260 Smb - ok
14:32:04.0097 7260 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
14:32:04.0112 7260 SNMPTRAP - ok
14:32:04.0122 7260 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
14:32:04.0132 7260 spldr - ok
14:32:04.0175 7260 Spooler (f8e1fa03cb70d54a9892ac88b91d1e7b) C:\Windows\System32\spoolsv.exe
14:32:04.0205 7260 Spooler - ok
14:32:04.0270 7260 sppsvc (913d843498553a1bc8f8dbad6358e49f) C:\Windows\system32\sppsvc.exe
14:32:04.0350 7260 sppsvc - ok
14:32:04.0370 7260 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
14:32:04.0400 7260 sppuinotify - ok
14:32:04.0445 7260 sptd (88e5162e58c8919cc873f5d8946197cf) C:\Windows\system32\Drivers\sptd.sys
14:32:04.0445 7260 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 88e5162e58c8919cc873f5d8946197cf
14:32:04.0455 7260 sptd ( LockedFile.Multi.Generic ) - warning
14:32:04.0455 7260 sptd - detected LockedFile.Multi.Generic (1)
14:32:04.0485 7260 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys
14:32:04.0507 7260 srv - ok
14:32:04.0530 7260 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys
14:32:04.0557 7260 srv2 - ok
14:32:04.0580 7260 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys
14:32:04.0597 7260 srvnet - ok
14:32:04.0647 7260 ssadbus (8f8324ed1de63ffc7b1a02cd2d963c72) C:\Windows\system32\DRIVERS\ssadbus.sys
14:32:04.0657 7260 ssadbus - ok
14:32:04.0687 7260 ssadmdfl (58221efcb74167b73667f0024c661ce0) C:\Windows\system32\DRIVERS\ssadmdfl.sys
14:32:04.0695 7260 ssadmdfl - ok
14:32:04.0715 7260 ssadmdm (4da7c71bfac5ad71255b7e4cab980163) C:\Windows\system32\DRIVERS\ssadmdm.sys
14:32:04.0725 7260 ssadmdm - ok
14:32:04.0762 7260 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
14:32:04.0800 7260 SSDPSRV - ok
14:32:04.0815 7260 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
14:32:04.0845 7260 SstpSvc - ok
14:32:04.0880 7260 StarOpen - ok
14:32:04.0930 7260 Steam Client Service - ok
14:32:04.0955 7260 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
14:32:04.0965 7260 stexstor - ok
14:32:05.0000 7260 stisvc (52d0e33b681bd0f33fdc08812fee4f7d) C:\Windows\System32\wiaservc.dll
14:32:05.0022 7260 stisvc - ok
14:32:05.0045 7260 storflt (ffd7a6f15b14234b5b0e5d49e7961895) C:\Windows\system32\DRIVERS\vmstorfl.sys
14:32:05.0055 7260 storflt - ok
14:32:05.0072 7260 storvsc (8fccbefc5c440b3c23454656e551b09a) C:\Windows\system32\DRIVERS\storvsc.sys
14:32:05.0085 7260 storvsc - ok
14:32:05.0097 7260 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
14:32:05.0107 7260 swenum - ok
14:32:05.0177 7260 SwitchBoard (f577910a133a592234ebaad3f3afa258) C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
14:32:05.0195 7260 SwitchBoard ( UnsignedFile.Multi.Generic ) - warning
14:32:05.0195 7260 SwitchBoard - detected UnsignedFile.Multi.Generic (1)
14:32:05.0217 7260 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
14:32:05.0260 7260 swprv - ok
14:32:05.0302 7260 SysMain (3c1284516a62078fb68f768de4f1a7be) C:\Windows\system32\sysmain.dll
14:32:05.0350 7260 SysMain - ok
14:32:05.0412 7260 SZASSIST (be4ee0c8be3fc077cc0536702517e140) C:\Program Files (x86)\Clarus\Samsung SecretZone\SZAssistSVC.exe
14:32:05.0417 7260 SZASSIST ( UnsignedFile.Multi.Generic ) - warning
14:32:05.0417 7260 SZASSIST - detected UnsignedFile.Multi.Generic (1)
14:32:05.0430 7260 TabletInputService (238935c3cf2854886dc7cbb2a0e2cc66) C:\Windows\System32\TabSvc.dll
14:32:05.0447 7260 TabletInputService - ok
14:32:05.0487 7260 tap0901 (f0b9d3ed88e56d3cd713dff21e42aaf0) C:\Windows\system32\DRIVERS\tap0901.sys
14:32:05.0515 7260 tap0901 - ok
14:32:05.0540 7260 TapiSrv (884264ac597b690c5707c89723bb8e7b) C:\Windows\System32\tapisrv.dll
14:32:05.0580 7260 TapiSrv - ok
14:32:05.0595 7260 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
14:32:05.0630 7260 TBS - ok
14:32:05.0682 7260 Tcpip (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\drivers\tcpip.sys
14:32:05.0710 7260 Tcpip - ok
14:32:05.0767 7260 TCPIP6 (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\DRIVERS\tcpip.sys
14:32:05.0795 7260 TCPIP6 - ok
14:32:05.0817 7260 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
14:32:05.0845 7260 tcpipreg - ok
14:32:05.0857 7260 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
14:32:05.0887 7260 TDPIPE - ok
14:32:05.0907 7260 TDTCP (7518f7bcfd4b308abc9192bacaf6c970) C:\Windows\system32\drivers\tdtcp.sys
14:32:05.0927 7260 TDTCP - ok
14:32:05.0947 7260 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
14:32:05.0977 7260 tdx - ok
14:32:06.0085 7260 TeamViewer6 (1c46c27e9f1938b9589859c70450d275) C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
14:32:06.0115 7260 TeamViewer6 - ok
14:32:06.0130 7260 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys
14:32:06.0140 7260 TermDD - ok
14:32:06.0162 7260 TermService (0f05ec2887bfe197ad82a13287d2f404) C:\Windows\System32\termsrv.dll
14:32:06.0200 7260 TermService - ok
14:32:06.0207 7260 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
14:32:06.0230 7260 Themes - ok
14:32:06.0245 7260 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
14:32:06.0275 7260 THREADORDER - ok
14:32:06.0292 7260 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
14:32:06.0325 7260 TrkWks - ok
14:32:06.0360 7260 TrustedInstaller (840f7fb849f5887a49ba18c13b2da920) C:\Windows\servicing\TrustedInstaller.exe
14:32:06.0375 7260 TrustedInstaller - ok
14:32:06.0392 7260 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
14:32:06.0427 7260 tssecsrv - ok
14:32:06.0515 7260 TuneUp.UtilitiesSvc (967e6bb91c215f621bc6d83589929f9e) C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe
14:32:06.0560 7260 TuneUp.UtilitiesSvc - ok
14:32:06.0590 7260 TuneUpUtilitiesDrv (dcc94c51d27c7ec0dadeca8f64c94fcf) C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys
14:32:06.0597 7260 TuneUpUtilitiesDrv - ok
14:32:06.0635 7260 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
14:32:06.0677 7260 tunnel - ok
14:32:06.0692 7260 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
14:32:06.0702 7260 uagp35 - ok
14:32:06.0720 7260 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys
14:32:06.0762 7260 udfs - ok
14:32:06.0777 7260 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
14:32:06.0792 7260 UI0Detect - ok
14:32:06.0827 7260 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys
14:32:06.0840 7260 uliagpkx - ok
14:32:06.0862 7260 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
14:32:06.0875 7260 umbus - ok
14:32:06.0892 7260 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
14:32:06.0905 7260 UmPass - ok
14:32:06.0930 7260 UmRdpService (af0ac98ee5077eb844413eb54287fde3) C:\Windows\System32\umrdp.dll
14:32:06.0947 7260 UmRdpService - ok
14:32:06.0965 7260 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
14:32:06.0997 7260 upnphost - ok
14:32:07.0017 7260 usbccgp (b26afb54a534d634523c4fb66765b026) C:\Windows\system32\DRIVERS\usbccgp.sys
14:32:07.0040 7260 usbccgp - ok
14:32:07.0070 7260 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys
14:32:07.0085 7260 usbcir - ok
14:32:07.0105 7260 usbehci (2ea4aff7be7eb4632e3aa8595b0803b5) C:\Windows\system32\DRIVERS\usbehci.sys
14:32:07.0127 7260 usbehci - ok
14:32:07.0157 7260 usbhub (4c9042b8df86c1e8e6240c218b99b39b) C:\Windows\system32\DRIVERS\usbhub.sys
14:32:07.0180 7260 usbhub - ok
14:32:07.0197 7260 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\DRIVERS\usbohci.sys
14:32:07.0210 7260 usbohci - ok
14:32:07.0237 7260 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
14:32:07.0260 7260 usbprint - ok
14:32:07.0287 7260 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
14:32:07.0300 7260 usbscan - ok
14:32:07.0317 7260 USBSTOR (080d3820da6c046be82fc8b45a893e83) C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:32:07.0332 7260 USBSTOR - ok
14:32:07.0342 7260 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\DRIVERS\usbuhci.sys
14:32:07.0355 7260 usbuhci - ok
14:32:07.0377 7260 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
14:32:07.0410 7260 UxSms - ok
14:32:07.0470 7260 UxTuneUp (f94738e8b16588081e3c3d10a62b25d3) C:\Windows\System32\uxtuneup.dll
14:32:07.0477 7260 UxTuneUp - ok
14:32:07.0505 7260 VaultSvc (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
14:32:07.0517 7260 VaultSvc - ok
14:32:07.0557 7260 VBoxNetAdp (82a6cb9c68e42c1088318eb8824d6f89) C:\Windows\system32\DRIVERS\VBoxNetAdp.sys
14:32:07.0567 7260 VBoxNetAdp - ok
14:32:07.0580 7260 VBoxNetFlt - ok
14:32:07.0597 7260 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys
14:32:07.0607 7260 vdrvroot - ok
14:32:07.0632 7260 vds (44d73e0bbc1d3c8981304ba15135c2f2) C:\Windows\System32\vds.exe
14:32:07.0652 7260 vds - ok
14:32:07.0675 7260 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
14:32:07.0690 7260 vga - ok
14:32:07.0702 7260 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
14:32:07.0735 7260 VgaSave - ok
14:32:07.0750 7260 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys
14:32:07.0762 7260 vhdmp - ok
14:32:07.0777 7260 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys
14:32:07.0787 7260 viaide - ok
14:32:07.0807 7260 vmbus (1501699d7eda984abc4155a7da5738d1) C:\Windows\system32\DRIVERS\vmbus.sys
14:32:07.0820 7260 vmbus - ok
14:32:07.0837 7260 VMBusHID (ae10c35761889e65a6f7176937c5592c) C:\Windows\system32\DRIVERS\VMBusHID.sys
14:32:07.0860 7260 VMBusHID - ok
14:32:07.0877 7260 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys
14:32:07.0887 7260 volmgr - ok
14:32:07.0900 7260 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
14:32:07.0912 7260 volmgrx - ok
14:32:07.0925 7260 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys
14:32:07.0937 7260 volsnap - ok
14:32:07.0962 7260 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
14:32:07.0975 7260 vsmraid - ok
14:32:08.0012 7260 VSS (787898bf9fb6d7bd87a36e2d95c899ba) C:\Windows\system32\vssvc.exe
14:32:08.0055 7260 VSS - ok
14:32:08.0067 7260 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
14:32:08.0082 7260 vwifibus - ok
14:32:08.0100 7260 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
14:32:08.0135 7260 W32Time - ok
14:32:08.0150 7260 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
14:32:08.0172 7260 WacomPen - ok
14:32:08.0207 7260 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
14:32:08.0245 7260 WANARP - ok
14:32:08.0260 7260 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
14:32:08.0287 7260 Wanarpv6 - ok
14:32:08.0325 7260 wbengine (5ab1bb85bd8b5089cc5d64200dedae68) C:\Windows\system32\wbengine.exe
14:32:08.0370 7260 wbengine - ok
14:32:08.0387 7260 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
14:32:08.0405 7260 WbioSrvc - ok
14:32:08.0427 7260 wcncsvc (8321c2ca3b62b61b293cda3451984468) C:\Windows\System32\wcncsvc.dll
14:32:08.0447 7260 wcncsvc - ok
14:32:08.0467 7260 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
14:32:08.0502 7260 WcsPlugInService - ok
14:32:08.0515 7260 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
14:32:08.0525 7260 Wd - ok
14:32:08.0552 7260 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
14:32:08.0570 7260 Wdf01000 - ok
14:32:08.0580 7260 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
14:32:08.0605 7260 WdiServiceHost - ok
14:32:08.0607 7260 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
14:32:08.0627 7260 WdiSystemHost - ok
14:32:08.0645 7260 WebClient (8a438cbb8c032a0c798b0c642ffbe572) C:\Windows\System32\webclnt.dll
14:32:08.0675 7260 WebClient - ok
14:32:08.0682 7260 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
14:32:08.0717 7260 Wecsvc - ok
14:32:08.0727 7260 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
14:32:08.0762 7260 wercplsupport - ok
14:32:08.0795 7260 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
14:32:08.0825 7260 WerSvc - ok
14:32:08.0895 7260 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
14:32:08.0925 7260 WfpLwf - ok
14:32:08.0935 7260 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
14:32:08.0945 7260 WIMMount - ok
14:32:08.0965 7260 WinDefend - ok
14:32:08.0972 7260 WinHttpAutoProxySvc - ok
14:32:09.0017 7260 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
14:32:09.0047 7260 Winmgmt - ok
14:32:09.0102 7260 WinRM (41fbb751936b387f9179e7f03a74fe29) C:\Windows\system32\WsmSvc.dll
14:32:09.0175 7260 WinRM - ok
14:32:09.0210 7260 WinUsb (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUsb.sys
14:32:09.0225 7260 WinUsb - ok
14:32:09.0262 7260 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
14:32:09.0287 7260 Wlansvc - ok
14:32:09.0302 7260 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
14:32:09.0317 7260 WmiAcpi - ok
14:32:09.0337 7260 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
14:32:09.0360 7260 wmiApSrv - ok
14:32:09.0375 7260 WMPNetworkSvc - ok
14:32:09.0387 7260 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
14:32:09.0407 7260 WPCSvc - ok
14:32:09.0430 7260 WPDBusEnum (2e57ddf2880a7e52e76f41c7e96d327b) C:\Windows\system32\wpdbusenum.dll
14:32:09.0450 7260 WPDBusEnum - ok
14:32:09.0502 7260 WPEServ (6fa1afa74c65f18c61d37aebb52ce486) C:\Program Files (x86)\Common Files\WPE\wpeserv.exe
14:32:09.0510 7260 WPEServ ( UnsignedFile.Multi.Generic ) - warning
14:32:09.0512 7260 WPEServ - detected UnsignedFile.Multi.Generic (1)
14:32:09.0527 7260 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
14:32:09.0562 7260 ws2ifsl - ok
14:32:09.0577 7260 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\system32\wscsvc.dll
14:32:09.0600 7260 wscsvc - ok
14:32:09.0607 7260 WSearch - ok
14:32:09.0655 7260 wuauserv (38340204a2d0228f1e87740fc5e554a7) C:\Windows\system32\wuaueng.dll
14:32:09.0727 7260 wuauserv - ok
14:32:09.0742 7260 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
14:32:09.0772 7260 WudfPf - ok
14:32:09.0810 7260 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys
14:32:09.0837 7260 WUDFRd - ok
14:32:09.0850 7260 wudfsvc (b551d6637aa0e132c18ac6e504f7b79b) C:\Windows\System32\WUDFSvc.dll
14:32:09.0882 7260 wudfsvc - ok
14:32:09.0902 7260 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
14:32:09.0922 7260 WwanSvc - ok
14:32:09.0945 7260 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
14:32:10.0050 7260 \Device\Harddisk0\DR0 - ok
14:32:10.0055 7260 MBR (0x1B8) (180dbde3af7ea48b3db3ac27b1ddf401) \Device\Harddisk2\DR2
14:32:10.0560 7260 \Device\Harddisk2\DR2 - ok
14:32:10.0562 7260 Boot (0x1200) (9dca5fac5998323ab0200698a0a24d0c) \Device\Harddisk0\DR0\Partition0
14:32:10.0562 7260 \Device\Harddisk0\DR0\Partition0 - ok
14:32:10.0595 7260 Boot (0x1200) (ccb9779837e922b4141dc32b318fc410) \Device\Harddisk0\DR0\Partition1
14:32:10.0597 7260 \Device\Harddisk0\DR0\Partition1 - ok
14:32:10.0600 7260 Boot (0x1200) (8a2a0ca178bd6faffae19b9719ec6d6a) \Device\Harddisk2\DR2\Partition0
14:32:10.0600 7260 \Device\Harddisk2\DR2\Partition0 - ok
14:32:10.0602 7260 ============================================================
14:32:10.0602 7260 Scan finished
14:32:10.0602 7260 ============================================================
14:32:10.0610 8536 Detected object count: 8
14:32:10.0610 8536 Actual detected object count: 8
14:32:24.0857 8536 FLEXnet Licensing Service 64 ( UnsignedFile.Multi.Generic ) - skipped by user
14:32:24.0857 8536 FLEXnet Licensing Service 64 ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:32:24.0860 8536 mdf15 ( UnsignedFile.Multi.Generic ) - skipped by user
14:32:24.0860 8536 mdf15 ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:32:24.0860 8536 mvd21 ( UnsignedFile.Multi.Generic ) - skipped by user
14:32:24.0860 8536 mvd21 ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:32:24.0862 8536 PLFlash DeviceIoControl Service ( UnsignedFile.Multi.Generic ) - skipped by user
14:32:24.0862 8536 PLFlash DeviceIoControl Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:32:24.0862 8536 sptd ( LockedFile.Multi.Generic ) - skipped by user
14:32:24.0865 8536 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
14:32:24.0865 8536 SwitchBoard ( UnsignedFile.Multi.Generic ) - skipped by user
14:32:24.0865 8536 SwitchBoard ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:32:24.0867 8536 SZASSIST ( UnsignedFile.Multi.Generic ) - skipped by user
14:32:24.0867 8536 SZASSIST ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:32:24.0867 8536 WPEServ ( UnsignedFile.Multi.Generic ) - skipped by user
14:32:24.0867 8536 WPEServ ( UnsignedFile.Multi.Generic ) - User select action: Skip

Well · #20 Příspěvek od **Well** » 25 bře 2012 13:33

Kód: Vybrat vše

MBRScan v1.1.1

OS             : Windows 7  (64 bit)
PROCESSOR      : Intel64 Family 6 Model 23 Stepping 6, GenuineIntel
BOOT           : Normal Boot
DATE           : 2012/03/25 (ISO 8601) at 14:33:47
________________________________________________________________________________

DISK           : Device\Harddisk0\DR0 __WDC WD5001AALS-00L3B2 (01.03B01)
BUS_TYPE       : (0x03)  P-ATA
USE_PIO        : NO
MAX_TRANSFER   : 128 Kb
ALIGNMENT_MASK : word aligned
________________________________________________________________________________

DISK           : Device\Harddisk2\DR2 __Samsung S2 Portable
BUS_TYPE       : (0x07)  USB
USE_PIO        : NO
MAX_TRANSFER   : 64 Kb
ALIGNMENT_MASK : byte aligned
________________________________________________________________________________

Device\Harddisk0\DR0	465.8 Go  [Fixed] ==> 7 MBR Code

MBR_MD5   : CFA67FC1D9677151A9D9DF010A6D0EDD
MBR_SHA1  : 272CDDB42F303189D5F557FAF02836892D364EF5

Device\Harddisk0\Partition1	97.66 Go  	0x07 NTFS / HPFS __ BOOTABLE __
Device\Harddisk0\Partition2	368.1 Go  	0x07 NTFS / HPFS
________________________________________________________________________________

Device\Harddisk2\DR2	298.1 Go  [Fixed] ==> Unknown MBR Code ....

MBR_MD5   : 1C6CE0BB6C1B966EFB9C7DCD995AF503
MBR_SHA1  : 888BA717150BCA0D53101CBC19CDE1B9DE8612B3

Device\Harddisk2\Partition1	298.1 Go  	0x07 NTFS / HPFS __ BOOTABLE __
________________________________________________________________________________

############################### Additional scan ################################

DRIVER  : C:\Windows\system32\hal.dll => Invisible on the disk
ADDRESS : 0x031E7000
SIZE    : 292.0 Ko

DRIVER  : C:\Windows\system32\kdcom.dll => Invisible on the disk
ADDRESS : 0x00BB7000
SIZE    : 40.0 Ko

DRIVER  : C:\Windows\system32\mcupdate_GenuineIntel.dll => Invisible on the disk
ADDRESS : 0x00C16000
SIZE    : 272.0 Ko

DRIVER  : C:\Windows\system32\CLFS.SYS => Invisible on the disk
ADDRESS : 0x00C6E000
SIZE    : 376.0 Ko

DRIVER  : C:\Windows\system32\CI.dll => Invisible on the disk
ADDRESS : 0x00CCC000
SIZE    : 768.0 Ko

DRIVER  : C:\Windows\system32\drivers\Wdf01000.sys => Invisible on the disk
ADDRESS : 0x00E00000
SIZE    : 656.0 Ko

DRIVER  : C:\Windows\system32\drivers\WDFLDR.SYS => Invisible on the disk
ADDRESS : 0x00EA4000
SIZE    : 60.0 Ko

DRIVER  : C:\Windows\System32\Drivers\spal.sys => Invisible on the disk
ADDRESS : 0x00EB3000
SIZE    : 1.20 Mo

DRIVER  : C:\Windows\System32\Drivers\WMILIB.SYS => Invisible on the disk
ADDRESS : 0x00FE7000
SIZE    : 36.0 Ko

DRIVER  : C:\Windows\System32\Drivers\SCSIPORT.SYS => Invisible on the disk
ADDRESS : 0x00D8C000
SIZE    : 188.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\ACPI.sys => Invisible on the disk
ADDRESS : 0x01038000
SIZE    : 348.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\msisadrv.sys => Invisible on the disk
ADDRESS : 0x0108F000
SIZE    : 40.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\vdrvroot.sys => Invisible on the disk
ADDRESS : 0x01099000
SIZE    : 52.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\pci.sys => Invisible on the disk
ADDRESS : 0x010A6000
SIZE    : 204.0 Ko

DRIVER  : C:\Windows\System32\drivers\partmgr.sys => Invisible on the disk
ADDRESS : 0x010D9000
SIZE    : 84.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\volmgr.sys => Invisible on the disk
ADDRESS : 0x010EE000
SIZE    : 84.0 Ko

DRIVER  : C:\Windows\System32\drivers\volmgrx.sys => Invisible on the disk
ADDRESS : 0x01103000
SIZE    : 368.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\pciide.sys => Invisible on the disk
ADDRESS : 0x0115F000
SIZE    : 28.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\PCIIDEX.SYS => Invisible on the disk
ADDRESS : 0x01166000
SIZE    : 64.0 Ko

DRIVER  : C:\Windows\System32\drivers\mountmgr.sys => Invisible on the disk
ADDRESS : 0x01176000
SIZE    : 104.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\atapi.sys => Invisible on the disk
ADDRESS : 0x01190000
SIZE    : 36.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\ataport.SYS => Invisible on the disk
ADDRESS : 0x01199000
SIZE    : 168.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\amdxata.sys => Invisible on the disk
ADDRESS : 0x011C3000
SIZE    : 44.0 Ko

DRIVER  : C:\Windows\system32\drivers\fltmgr.sys => Invisible on the disk
ADDRESS : 0x0127C000
SIZE    : 304.0 Ko

DRIVER  : C:\Windows\system32\drivers\fileinfo.sys => Invisible on the disk
ADDRESS : 0x012C8000
SIZE    : 80.0 Ko

DRIVER  : C:\Windows\System32\Drivers\Ntfs.sys => Invisible on the disk
ADDRESS : 0x01457000
SIZE    : 1.64 Mo

DRIVER  : C:\Windows\System32\Drivers\msrpc.sys => Invisible on the disk
ADDRESS : 0x012DC000
SIZE    : 376.0 Ko

DRIVER  : C:\Windows\System32\Drivers\ksecdd.sys => Invisible on the disk
ADDRESS : 0x01400000
SIZE    : 104.0 Ko

DRIVER  : C:\Windows\System32\Drivers\cng.sys => Invisible on the disk
ADDRESS : 0x0133A000
SIZE    : 460.0 Ko

DRIVER  : C:\Windows\System32\drivers\pcw.sys => Invisible on the disk
ADDRESS : 0x0141A000
SIZE    : 68.0 Ko

DRIVER  : C:\Windows\System32\Drivers\Fs_Rec.sys => Invisible on the disk
ADDRESS : 0x0142B000
SIZE    : 40.0 Ko

DRIVER  : C:\Windows\system32\drivers\ndis.sys => Invisible on the disk
ADDRESS : 0x016ED000
SIZE    : 968.0 Ko

DRIVER  : C:\Windows\system32\drivers\NETIO.SYS => Invisible on the disk
ADDRESS : 0x01600000
SIZE    : 384.0 Ko

DRIVER  : C:\Windows\System32\Drivers\ksecpkg.sys => Invisible on the disk
ADDRESS : 0x01660000
SIZE    : 172.0 Ko

DRIVER  : C:\Windows\System32\drivers\tcpip.sys => Invisible on the disk
ADDRESS : 0x01802000
SIZE    : 1.99 Mo

DRIVER  : C:\Windows\System32\drivers\fwpkclnt.sys => Invisible on the disk
ADDRESS : 0x0168B000
SIZE    : 296.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\vmstorfl.sys => Invisible on the disk
ADDRESS : 0x016D5000
SIZE    : 64.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\volsnap.sys => Invisible on the disk
ADDRESS : 0x013AD000
SIZE    : 304.0 Ko

DRIVER  : C:\Windows\System32\Drivers\spldr.sys => Invisible on the disk
ADDRESS : 0x016E5000
SIZE    : 32.0 Ko

DRIVER  : C:\Windows\System32\drivers\rdyboost.sys => Invisible on the disk
ADDRESS : 0x01200000
SIZE    : 232.0 Ko

DRIVER  : C:\Windows\System32\Drivers\mup.sys => Invisible on the disk
ADDRESS : 0x017DF000
SIZE    : 72.0 Ko

DRIVER  : C:\Windows\System32\drivers\hwpolicy.sys => Invisible on the disk
ADDRESS : 0x017F1000
SIZE    : 36.0 Ko

DRIVER  : C:\Windows\System32\DRIVERS\fvevol.sys => Invisible on the disk
ADDRESS : 0x0123A000
SIZE    : 232.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\disk.sys => Invisible on the disk
ADDRESS : 0x01435000
SIZE    : 88.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\CLASSPNP.SYS => Invisible on the disk
ADDRESS : 0x011CE000
SIZE    : 192.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\cdrom.sys => Invisible on the disk
ADDRESS : 0x00DBB000
SIZE    : 168.0 Ko

DRIVER  : C:\Windows\System32\Drivers\aswSnx.SYS => Invisible on the disk
ADDRESS : 0x02C74000
SIZE    : 820.0 Ko

DRIVER  : C:\Windows\System32\Drivers\Null.SYS => Invisible on the disk
ADDRESS : 0x02D41000
SIZE    : 36.0 Ko

DRIVER  : C:\Windows\System32\Drivers\Beep.SYS => Invisible on the disk
ADDRESS : 0x02D4A000
SIZE    : 28.0 Ko

DRIVER  : C:\Windows\System32\drivers\vga.sys => Invisible on the disk
ADDRESS : 0x02D51000
SIZE    : 56.0 Ko

DRIVER  : C:\Windows\System32\drivers\VIDEOPRT.SYS => Invisible on the disk
ADDRESS : 0x02D5F000
SIZE    : 148.0 Ko

DRIVER  : C:\Windows\System32\drivers\watchdog.sys => Invisible on the disk
ADDRESS : 0x02D84000
SIZE    : 64.0 Ko

DRIVER  : C:\Windows\System32\DRIVERS\RDPCDD.sys => Invisible on the disk
ADDRESS : 0x02D94000
SIZE    : 36.0 Ko

DRIVER  : C:\Windows\system32\drivers\rdpencdd.sys => Invisible on the disk
ADDRESS : 0x02D9D000
SIZE    : 36.0 Ko

DRIVER  : C:\Windows\system32\drivers\rdprefmp.sys => Invisible on the disk
ADDRESS : 0x02DA6000
SIZE    : 36.0 Ko

DRIVER  : C:\Windows\System32\Drivers\Msfs.SYS => Invisible on the disk
ADDRESS : 0x02DAF000
SIZE    : 44.0 Ko

DRIVER  : C:\Windows\System32\Drivers\Npfs.SYS => Invisible on the disk
ADDRESS : 0x02DBA000
SIZE    : 68.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\tdx.sys => Invisible on the disk
ADDRESS : 0x02DCB000
SIZE    : 120.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\TDI.SYS => Invisible on the disk
ADDRESS : 0x02DE9000
SIZE    : 52.0 Ko

DRIVER  : C:\Windows\System32\Drivers\aswTdi.SYS => Invisible on the disk
ADDRESS : 0x02C00000
SIZE    : 72.0 Ko

DRIVER  : C:\Windows\system32\drivers\afd.sys => Invisible on the disk
ADDRESS : 0x03A0C000
SIZE    : 548.0 Ko

DRIVER  : C:\Windows\System32\Drivers\aswrdr2.sys => Invisible on the disk
ADDRESS : 0x03A95000
SIZE    : 64.0 Ko

DRIVER  : C:\Windows\System32\DRIVERS\netbt.sys => Invisible on the disk
ADDRESS : 0x03AA5000
SIZE    : 276.0 Ko

DRIVER  : C:\Windows\system32\drivers\ws2ifsl.sys => Invisible on the disk
ADDRESS : 0x03AEA000
SIZE    : 44.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\wfplwf.sys => Invisible on the disk
ADDRESS : 0x03AF5000
SIZE    : 36.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\pacer.sys => Invisible on the disk
ADDRESS : 0x03AFE000
SIZE    : 152.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\netbios.sys => Invisible on the disk
ADDRESS : 0x03B24000
SIZE    : 60.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\serial.sys => Invisible on the disk
ADDRESS : 0x03B33000
SIZE    : 116.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\wanarp.sys => Invisible on the disk
ADDRESS : 0x03B50000
SIZE    : 108.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\termdd.sys => Invisible on the disk
ADDRESS : 0x03B6B000
SIZE    : 80.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\rdbss.sys => Invisible on the disk
ADDRESS : 0x03B7F000
SIZE    : 324.0 Ko

DRIVER  : C:\Windows\system32\drivers\nsiproxy.sys => Invisible on the disk
ADDRESS : 0x03BD0000
SIZE    : 48.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\mssmbios.sys => Invisible on the disk
ADDRESS : 0x03BDC000
SIZE    : 44.0 Ko

DRIVER  : C:\Windows\System32\drivers\discache.sys => Invisible on the disk
ADDRESS : 0x03BE7000
SIZE    : 60.0 Ko

DRIVER  : C:\Windows\system32\drivers\csc.sys => Invisible on the disk
ADDRESS : 0x03C60000
SIZE    : 524.0 Ko

DRIVER  : C:\Windows\System32\Drivers\dfsc.sys => Invisible on the disk
ADDRESS : 0x03CE3000
SIZE    : 120.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\blbdrive.sys => Invisible on the disk
ADDRESS : 0x03D01000
SIZE    : 68.0 Ko

DRIVER  : C:\Windows\System32\Drivers\aswSP.SYS => Invisible on the disk
ADDRESS : 0x03D12000
SIZE    : 352.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\tunnel.sys => Invisible on the disk
ADDRESS : 0x03D6A000
SIZE    : 152.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\intelppm.sys => Invisible on the disk
ADDRESS : 0x03D90000
SIZE    : 88.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\nvlddmkm.sys => Invisible on the disk
ADDRESS : 0x0FEED000
SIZE    : 12.46 Mo

DRIVER  : C:\Windows\System32\Drivers\nvBridge.kmd => Invisible on the disk
ADDRESS : 0x10B64000
SIZE    : 8.0 Ko

DRIVER  : C:\Windows\System32\drivers\dxgkrnl.sys => Invisible on the disk
ADDRESS : 0x03EFC000
SIZE    : 976.0 Ko

DRIVER  : C:\Windows\System32\drivers\dxgmms1.sys => Invisible on the disk
ADDRESS : 0x03E00000
SIZE    : 280.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\usbuhci.sys => Invisible on the disk
ADDRESS : 0x03E46000
SIZE    : 52.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\USBPORT.SYS => Invisible on the disk
ADDRESS : 0x03E53000
SIZE    : 344.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\usbehci.sys => Invisible on the disk
ADDRESS : 0x03EA9000
SIZE    : 68.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\HDAudBus.sys => Invisible on the disk
ADDRESS : 0x03EBA000
SIZE    : 144.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\L1E62x64.sys => Invisible on the disk
ADDRESS : 0x03EDE000
SIZE    : 72.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\1394ohci.sys => Invisible on the disk
ADDRESS : 0x10B66000
SIZE    : 248.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\fdc.sys => Invisible on the disk
ADDRESS : 0x03FF0000
SIZE    : 52.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\ASACPI.sys => Invisible on the disk
ADDRESS : 0x03EF0000
SIZE    : 32.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\serenum.sys => Invisible on the disk
ADDRESS : 0x10BA4000
SIZE    : 48.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\i8042prt.sys => Invisible on the disk
ADDRESS : 0x10BB0000
SIZE    : 120.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\kbdclass.sys => Invisible on the disk
ADDRESS : 0x10BCE000
SIZE    : 60.0 Ko

DRIVER  : C:\Windows\System32\Drivers\a6s82aov.SYS => Invisible on the disk
ADDRESS : 0x0FE00000
SIZE    : 272.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\CompositeBus.sys => Invisible on the disk
ADDRESS : 0x0FE44000
SIZE    : 64.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\AgileVpn.sys => Invisible on the disk
ADDRESS : 0x0FE54000
SIZE    : 88.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\rasl2tp.sys => Invisible on the disk
ADDRESS : 0x0FE6A000
SIZE    : 144.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\ndistapi.sys => Invisible on the disk
ADDRESS : 0x0FE8E000
SIZE    : 48.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\ndiswan.sys => Invisible on the disk
ADDRESS : 0x0FE9A000
SIZE    : 188.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\raspppoe.sys => Invisible on the disk
ADDRESS : 0x0FEC9000
SIZE    : 108.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\raspptp.sys => Invisible on the disk
ADDRESS : 0x10BDD000
SIZE    : 132.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\rassstp.sys => Invisible on the disk
ADDRESS : 0x03DA6000
SIZE    : 104.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\tap0901.sys => Invisible on the disk
ADDRESS : 0x03DC0000
SIZE    : 52.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\hamachi.sys => Invisible on the disk
ADDRESS : 0x03DCD000
SIZE    : 44.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\rdpbus.sys => Invisible on the disk
ADDRESS : 0x03DD8000
SIZE    : 44.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\mouclass.sys => Invisible on the disk
ADDRESS : 0x03DE3000
SIZE    : 60.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\swenum.sys => Invisible on the disk
ADDRESS : 0x03EF8000
SIZE    : 8.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\ks.sys => Invisible on the disk
ADDRESS : 0x03C00000
SIZE    : 268.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\umbus.sys => Invisible on the disk
ADDRESS : 0x03C43000
SIZE    : 72.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\usbhub.sys => Invisible on the disk
ADDRESS : 0x02C12000
SIZE    : 360.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\flpydisk.sys => Invisible on the disk
ADDRESS : 0x03C55000
SIZE    : 44.0 Ko

DRIVER  : C:\Windows\System32\Drivers\NDProxy.SYS => Invisible on the disk
ADDRESS : 0x00DE5000
SIZE    : 84.0 Ko

DRIVER  : C:\Windows\system32\drivers\HdAudio.sys => Invisible on the disk
ADDRESS : 0x0527C000
SIZE    : 368.0 Ko

DRIVER  : C:\Windows\system32\drivers\portcls.sys => Invisible on the disk
ADDRESS : 0x052D8000
SIZE    : 244.0 Ko

DRIVER  : C:\Windows\system32\drivers\drmk.sys => Invisible on the disk
ADDRESS : 0x05315000
SIZE    : 136.0 Ko

DRIVER  : C:\Windows\system32\drivers\ksthunk.sys => Invisible on the disk
ADDRESS : 0x05337000
SIZE    : 24.0 Ko

DRIVER  : C:\Windows\System32\Drivers\crashdmp.sys => Invisible on the disk
ADDRESS : 0x0533D000
SIZE    : 56.0 Ko

DRIVER  : C:\Windows\System32\Drivers\dump_dumpata.sys => Invisible on the disk
ADDRESS : 0x0534B000
SIZE    : 48.0 Ko

DRIVER  : C:\Windows\System32\Drivers\dump_atapi.sys => Invisible on the disk
ADDRESS : 0x05357000
SIZE    : 36.0 Ko

DRIVER  : C:\Windows\System32\Drivers\dump_dumpfve.sys => Invisible on the disk
ADDRESS : 0x05360000
SIZE    : 76.0 Ko

DRIVER  : C:\Windows\System32\win32k.sys => Invisible on the disk
ADDRESS : 0x000B0000
SIZE    : 3.08 Mo

DRIVER  : C:\Windows\System32\drivers\Dxapi.sys => Invisible on the disk
ADDRESS : 0x05373000
SIZE    : 48.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\usbccgp.sys => Invisible on the disk
ADDRESS : 0x0537F000
SIZE    : 116.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\USBD.SYS => Invisible on the disk
ADDRESS : 0x0539C000
SIZE    : 8.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\usbscan.sys => Invisible on the disk
ADDRESS : 0x0539E000
SIZE    : 68.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\usbprint.sys => Invisible on the disk
ADDRESS : 0x053AF000
SIZE    : 48.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\USBSTOR.SYS => Invisible on the disk
ADDRESS : 0x053BB000
SIZE    : 108.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\monitor.sys => Invisible on the disk
ADDRESS : 0x053D6000
SIZE    : 56.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\hidusb.sys => Invisible on the disk
ADDRESS : 0x053E4000
SIZE    : 56.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\HIDCLASS.SYS => Invisible on the disk
ADDRESS : 0x05200000
SIZE    : 100.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\HIDPARSE.SYS => Invisible on the disk
ADDRESS : 0x05219000
SIZE    : 36.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\mouhid.sys => Invisible on the disk
ADDRESS : 0x05222000
SIZE    : 52.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\kbdhid.sys => Invisible on the disk
ADDRESS : 0x0522F000
SIZE    : 56.0 Ko

DRIVER  : C:\Windows\System32\TSDDD.dll => Invisible on the disk
ADDRESS : 0x00450000
SIZE    : 40.0 Ko

DRIVER  : C:\Windows\System32\cdd.dll => Invisible on the disk
ADDRESS : 0x00720000
SIZE    : 156.0 Ko

DRIVER  : C:\Windows\system32\drivers\luafv.sys => Invisible on the disk
ADDRESS : 0x0523D000
SIZE    : 140.0 Ko

DRIVER  : C:\Windows\system32\drivers\aswMonFlt.sys => Invisible on the disk
ADDRESS : 0x01000000
SIZE    : 220.0 Ko

DRIVER  : C:\Windows\System32\Drivers\aswFsBlk.SYS => Invisible on the disk
ADDRESS : 0x05260000
SIZE    : 36.0 Ko

DRIVER  : C:\Windows\system32\drivers\WudfPf.sys => Invisible on the disk
ADDRESS : 0x05651000
SIZE    : 132.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\lltdio.sys => Invisible on the disk
ADDRESS : 0x05672000
SIZE    : 84.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\rspndr.sys => Invisible on the disk
ADDRESS : 0x05687000
SIZE    : 96.0 Ko

DRIVER  : C:\Windows\system32\drivers\HTTP.sys => Invisible on the disk
ADDRESS : 0x0569F000
SIZE    : 800.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\bowser.sys => Invisible on the disk
ADDRESS : 0x05767000
SIZE    : 120.0 Ko

DRIVER  : C:\Windows\System32\drivers\mpsdrv.sys => Invisible on the disk
ADDRESS : 0x05785000
SIZE    : 96.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\mrxsmb.sys => Invisible on the disk
ADDRESS : 0x0579D000
SIZE    : 180.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\mrxsmb10.sys => Invisible on the disk
ADDRESS : 0x05600000
SIZE    : 312.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\mrxsmb20.sys => Invisible on the disk
ADDRESS : 0x057CA000
SIZE    : 140.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\aksdf.sys => Invisible on the disk
ADDRESS : 0x057ED000
SIZE    : 64.0 Ko

DRIVER  : C:\Windows\System32\Drivers\fastfat.SYS => Invisible on the disk
ADDRESS : 0x0628E000
SIZE    : 216.0 Ko

DRIVER  : C:\Windows\system32\drivers\hardlock.sys => Invisible on the disk
ADDRESS : 0x062C4000
SIZE    : 308.0 Ko

DRIVER  : C:\Windows\system32\drivers\peauth.sys => Invisible on the disk
ADDRESS : 0x06311000
SIZE    : 664.0 Ko

DRIVER  : C:\Windows\System32\Drivers\secdrv.SYS => Invisible on the disk
ADDRESS : 0x063B7000
SIZE    : 44.0 Ko

DRIVER  : C:\Windows\System32\DRIVERS\srvnet.sys => Invisible on the disk
ADDRESS : 0x063C2000
SIZE    : 180.0 Ko

DRIVER  : C:\Windows\System32\drivers\tcpipreg.sys => Invisible on the disk
ADDRESS : 0x06200000
SIZE    : 72.0 Ko

DRIVER  : C:\Windows\System32\DRIVERS\srv2.sys => Invisible on the disk
ADDRESS : 0x06212000
SIZE    : 412.0 Ko

DRIVER  : C:\Windows\System32\DRIVERS\srv.sys => Invisible on the disk
ADDRESS : 0x068D6000
SIZE    : 596.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\WUDFRd.sys => Invisible on the disk
ADDRESS : 0x0696B000
SIZE    : 196.0 Ko

DRIVER  : C:\Windows\system32\drivers\spsys.sys => Invisible on the disk
ADDRESS : 0x06800000
SIZE    : 452.0 Ko

DRIVER  : C:\Windows\system32\Drivers\PROCEXP113.SYS => Invisible on the disk
ADDRESS : 0x06871000
SIZE    : 32.0 Ko

DRIVER  : C:\Windows\System32\smss.exe => Invisible on the disk
ADDRESS : 0x47BC0000
SIZE    : 128.0 Ko

BCD EmsSettings {0CE4991B-E6B3-4B16-B23C-5E0D9250E5D9} => BcdLibraryBoolean_EmsEnabled (16000020)

SystemStartOptions :  NOEXECUTE=OPTIN

________________________________________________________________________________

_______MBR   \Device\Harddisk0\DR0  

0x00000000   33 C0 8E D0 BC 00 7C 8E C0 8E D8 BE 00 7C BF 00   3À.Ð¼.|.À.Ø¾.|¿.
0x00000010   06 B9 00 02 FC F3 A4 50 68 1C 06 CB FB B9 04 00   .¹..üó¤Ph..Ëû¹..
0x00000020   BD BE 07 80 7E 00 00 7C 0B 0F 85 0E 01 83 C5 10   ½¾..~..|......Å.
0x00000030   E2 F1 CD 18 88 56 00 55 C6 46 11 05 C6 46 10 00   âñÍ..V.UÆF..ÆF..
0x00000040   B4 41 BB AA 55 CD 13 5D 72 0F 81 FB 55 AA 75 09   ´A»ªUÍ.]r..ûUªu.
0x00000050   F7 C1 01 00 74 03 FE 46 10 66 60 80 7E 10 00 74   ÷Á..t.þF.f`.~..t
0x00000060   26 66 68 00 00 00 00 66 FF 76 08 68 00 00 68 00   &fh....f.v.h..h.
0x00000070   7C 68 01 00 68 10 00 B4 42 8A 56 00 8B F4 CD 13   |h..h..´B.V..ôÍ.
0x00000080   9F 83 C4 10 9E EB 14 B8 01 02 BB 00 7C 8A 56 00   ..Ä..ë.¸..».|.V.
0x00000090   8A 76 01 8A 4E 02 8A 6E 03 CD 13 66 61 73 1C FE   .v..N..n.Í.fas.þ
0x000000A0   4E 11 75 0C 80 7E 00 80 0F 84 8A 00 B2 80 EB 84   N.u..~......².ë.
0x000000B0   55 32 E4 8A 56 00 CD 13 5D EB 9E 81 3E FE 7D 55   U2ä.V.Í.]ë..>þ}U
0x000000C0   AA 75 6E FF 76 00 E8 8D 00 75 17 FA B0 D1 E6 64   ªun.v.è..u.ú°Ñæd
0x000000D0   E8 83 00 B0 DF E6 60 E8 7C 00 B0 FF E6 64 E8 75   è..°ßæ`è|.°.ædèu
0x000000E0   00 FB B8 00 BB CD 1A 66 23 C0 75 3B 66 81 FB 54   .û¸.»Í.f#Àu;f.ûT
0x000000F0   43 50 41 75 32 81 F9 02 01 72 2C 66 68 07 BB 00   CPAu2.ù..r,fh.».
0x00000100   00 66 68 00 02 00 00 66 68 08 00 00 00 66 53 66   .fh....fh....fSf
0x00000110   53 66 55 66 68 00 00 00 00 66 68 00 7C 00 00 66   SfUfh....fh.|..f
0x00000120   61 68 00 00 07 CD 1A 5A 32 F6 EA 00 7C 00 00 CD   ah...Í.Z2öê.|..Í
0x00000130   18 A0 B7 07 EB 08 A0 B6 07 EB 03 A0 B5 07 32 E4   ..·.ë..¶.ë..µ.2ä
0x00000140   05 00 07 8B F0 AC 3C 00 74 09 BB 07 00 B4 0E CD   ....ð¬<.t.»..´.Í
0x00000150   10 EB F2 F4 EB FD 2B C9 E4 64 EB 00 24 02 E0 F8   .ëòôëý+Éädë.$.àø
0x00000160   24 02 C3 49 6E 76 61 6C 69 64 20 70 61 72 74 69   $.ÃInvalid parti
0x00000170   74 69 6F 6E 20 74 61 62 6C 65 00 45 72 72 6F 72   tion table.Error
0x00000180   20 6C 6F 61 64 69 6E 67 20 6F 70 65 72 61 74 69    loading operati
0x00000190   6E 67 20 73 79 73 74 65 6D 00 4D 69 73 73 69 6E   ng system.Missin
0x000001A0   67 20 6F 70 65 72 61 74 69 6E 67 20 73 79 73 74   g operating syst
0x000001B0   65 6D 00 00 00 63 7B 9A 3A 26 3B 26 00 00 80 20   em...c{.:&;&... 
0x000001C0   21 00 07 FE FF FF 00 08 00 00 00 00 35 0C 00 FE   !..þ........5..þ
0x000001D0   FF FF 07 FE FF FF 00 08 35 0C 00 50 03 2E 00 00   ...þ....5..P....
0x000001E0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000001F0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 55 AA   ..............Uª

_______MBR   \Device\Harddisk2\DR2  

0x00000000   33 C0 8E D0 BC 00 7C FB 50 07 50 1F FC BE 1B 7C   3À.Ð¼.|ûP.P.ü¾.|
0x00000010   BF 1B 06 50 57 B9 E5 01 F3 A4 CB BD BE 07 B1 04   ¿..PW¹å.ó¤Ë½¾.±.
0x00000020   38 6E 00 7C 09 75 13 83 C5 10 E2 F4 CD 18 8B F5   8n.|.u..Å.âôÍ..õ
0x00000030   83 C6 10 49 74 19 38 2C 74 F6 A0 B5 07 B4 07 8B   .Æ.It.8,tö.µ.´..
0x00000040   F0 AC 3C 00 74 FC BB 07 00 B4 0E CD 10 EB F2 88   ð¬<.tü»..´.Í.ëò.
0x00000050   4E 10 E8 46 00 73 2A FE 46 10 80 7E 04 0B 74 0B   N.èF.s*þF..~..t.
0x00000060   80 7E 04 0C 74 05 A0 B6 07 75 D2 80 46 02 06 83   .~..t..¶.uÒ.F...
0x00000070   46 08 06 83 56 0A 00 E8 21 00 73 05 A0 B6 07 EB   F...V..è!.s..¶.ë
0x00000080   BC 81 3E FE 7D 55 AA 74 0B 80 7E 10 00 74 C8 A0   ¼.>þ}Uªt..~..tÈ.
0x00000090   B7 07 EB A9 8B FC 1E 57 8B F5 CB BF 05 00 8A 56   ·.ë©.ü.W.õË¿...V
0x000000A0   00 B4 08 CD 13 72 23 8A C1 24 3F 98 8A DE 8A FC   .´.Í.r#.Á$?..Þ.ü
0x000000B0   43 F7 E3 8B D1 86 D6 B1 06 D2 EE 42 F7 E2 39 56   C÷ã.Ñ.Ö±.ÒîB÷â9V
0x000000C0   0A 77 23 72 05 39 46 08 73 1C EB 1A 90 BB 00 7C   .w#r.9F.s.ë..».|
0x000000D0   8B 4E 02 8B 56 00 CD 13 73 51 4F 74 4E 32 E4 8A   .N..V.Í.sQOtN2ä.
0x000000E0   56 00 CD 13 EB E4 8A 56 00 60 BB AA 55 B4 41 CD   V.Í.ëä.V.`»ªU´AÍ
0x000000F0   13 72 36 81 FB 55 AA 75 30 F6 C1 01 74 2B 61 60   .r6.ûUªu0öÁ.t+a`
0x00000100   6A 00 6A 00 FF 76 0A FF 76 08 6A 00 68 00 7C 6A   j.j..v..v.j.h.|j
0x00000110   01 6A 10 B4 42 8B F4 CD 13 61 61 73 0E 4F 74 0B   .j.´B.ôÍ.aas.Ot.
0x00000120   32 E4 8A 56 00 CD 13 EB D6 61 F9 C3 49 6E 76 61   2ä.V.Í.ëÖaùÃInva
0x00000130   6C 69 64 20 70 61 72 74 69 74 69 6F 6E 20 74 61   lid partition ta
0x00000140   62 6C 65 00 45 72 72 6F 72 20 6C 6F 61 64 69 6E   ble.Error loadin
0x00000150   67 20 6F 70 65 72 61 74 69 6E 67 20 73 79 73 74   g operating syst
0x00000160   65 6D 00 4D 69 73 73 69 6E 67 20 6F 70 65 72 61   em.Missing opera
0x00000170   74 69 6E 67 20 73 79 73 74 65 6D 00 00 00 00 00   ting system.....
0x00000180   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000190   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000001A0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000001B0   00 00 00 00 00 2C 44 63 46 69 11 C2 00 00 80 01   .....,DcFi.Â....
0x000001C0   02 00 07 FE FF FF 40 00 00 00 81 D6 42 25 00 00   ...þ..@....ÖB%..
0x000001D0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000001E0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000001F0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 55 AA   ..............Uª

#21 Příspěvek od **vyosek** » 25 bře 2012 13:37

Fajn, jak se chova nas pacient

Well · #22 Příspěvek od **Well** » 25 bře 2012 13:39

Vždy vyskakovalo jen při kontrolách .. mám tedy projet avastem ?

#23 Příspěvek od **vyosek** » 25 bře 2012 13:43

Ano, projedte ale melo by to byt ciste...

Well · #24 Příspěvek od **Well** » 25 bře 2012 14:27

Test avastu v OS ukazal test bez haveti az na par nejakych html věcí které jsem nechal ostrani.. avšak v testu po restartu (před spustenim os) mi to naslo soubor c:/tdsskiller_quarantine/25.03.12.12_11.54.14/mbr0000/mbr0000/tsk0000.dta je infikovan virem MBR:whistler [RTK] ? Co stim ? jakou akci provést ? není mi jasné proč to pise spojitost s tdskillerem.. dík

#25 Příspěvek od **Márty84** » 25 bře 2012 14:41

Omlouvam se za vstup

At nejste zbytecne nervozni, nez kolega dorazi - je to v poradku, ten vir je bezpecne ulozeny v karantene TDSSKilleru, tedy neskodny a nemusite s nim provadet nic

Well · #26 Příspěvek od **Well** » 25 bře 2012 14:44

Dobrý, děkuji. Zasloužíte si tu všichni za svou práci velké dík. Hlavně p. vyosek. Co udělat se staženými utilitkami a zbytcích po utilitkách na disku c: ? smazat ?

#27 Příspěvek od **vyosek** » 25 bře 2012 14:49

Dekuji kolegovi za vstup

Odinstalujte Combofix

Prejmenujte ComboFix na Uninstall
Spustte jej
Tohle smaze Combofix a jeho slozky

T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe

Stahnete a spustte
Pro potvrzeni volby mackejte A, Enter
Po pouziti utilitu smazte
Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

Stahnete a spustte
Kliknete na CleanUp a potvrdte YES
Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

Stahnete a spustte
Kliknete na Start a potvrdte OK
Program uklidi a restartuje pc
Po pouziti utilitu smazte

Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič

Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

dejte Hledej problémy
nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

Poprosim o novy RSIT a napiste co PC

Well · #28 Příspěvek od **Well** » 25 bře 2012 17:36

Ok, ještě jednou díky...

Hned vložím ten RSIT, zdá se být však vše ok..

#29 Příspěvek od **vyosek** » 25 bře 2012 17:39

Neni zac, jeste mi prosim dejte novy log z RSIT

Well · #30 Příspěvek od **Well** » 25 bře 2012 17:51

Logfile of random's system information tool 1.09 (written by random/random)
Run by Well at 2012-03-25 18:44:51
Microsoft Windows 7 Ultimate
System drive C: has 16 GB (16%) free of 100 GB
Total RAM: 4095 MB (53% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:44:54, on 25.3.2012
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Seznam.cz\bin\postak.exe
C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Opera\opera.exe
C:\Program Files\trend micro\Well.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fullarticles.net
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Print2PDF Print Monitor] "C:\Program Files (x86)\Software602\Print2PDF\Print2PDF.exe" /server
O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Seznam Postak] "C:\Program Files (x86)\Seznam.cz\bin\postak.exe" -s
O4 - HKCU\..\Run: [KiesHelper] C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe /s
O4 - HKCU\..\Run: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - HKUS\S-1-5-21-1552637797-538921506-3541309676-1003\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-1552637797-538921506-3541309676-1003\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - Startup: Samsung Auto Backup Guage.lnk = ?
O4 - Startup: Samsung Auto Backup Real-Time Daemon.lnk = ?
O4 - Startup: Samsung Auto Backup Scheduler.lnk = ?
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Print2PDF - {5B7027AD-AA6D-40df-8F56-9560F277D2A5} - C:\Program Files (x86)\Software602\Print2PDF\Print602.dll
O9 - Extra 'Tools' menuitem: Print2PDF - {5B7027AD-AA6D-40df-8F56-9560F277D2A5} - C:\Program Files (x86)\Software602\Print2PDF\Print602.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDow ... ab_nvd.cab
O16 - DPF: {9BD3C5C6-BCBA-47BF-9CC0-0D5D3E117DE1} (MediaLoader Class) - http://www.bravearms.com/razor/plugins/ ... Player.cab
O16 - DPF: {C8BC46C7-921C-4102-B67D-F1F7E65FB0BE} (Battlefield Play4Free Updater) - https://battlefield.play4free.com/stati ... 0.53.2.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GRA32A~1.DLL
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\Skype4COM.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service 64 - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\SysWOW64\IoctlSvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10050 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe" -s
"C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe"
C:\Windows\SysWOW64\IoctlSvc.exe
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe"
"C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe"
"C:\Windows\system32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-e9ca31fd-10bc-4f5f-8b8c-3218108b316f -SystemEventPortName:HostProcess-bfe88a24-592f-4167-ba72-773ac5c57afd -IoCancelEventPortName:HostProcess-e61dfc26-646f-49d0-856d-db10fbcf55a2 -NonStateChangingEventPortName:HostProcess-3502bec9-c79a-4cbb-b675-914f2c081c2c -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:3afe20f4-273e-47f3-bffa-b708ed55dd16
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesApp64.exe" /TUStart /pid:2000
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\Seznam.cz\bin\postak.exe" -s
"C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\System32\mobsync.exe -Embedding
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe"
C:\Windows\system32\sppsvc.exe
"C:\Program Files (x86)\Opera\opera.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Windows\system32\NOTEPAD.EXE" C:\rsit\info.txt
taskmgr.exe /3
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
C:\Windows\system32\DllHost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
"C:\Users\Well\Desktop\RSITx64.exe"

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2012-03-07 1211776]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-01-03 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2011-08-22 414416]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-03-07 1003704]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-01-17 3855520]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2010-05-13 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17}
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2012-03-07 1211776]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-03-07 1003704]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"CanonSolutionMenu"=C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [2008-03-10 689488]
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2008-03-17 2114376]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06 500208]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14 1475072]
"Seznam Postak"=C:\Program Files (x86)\Seznam.cz\bin\postak.exe [2012-01-10 491040]
"KiesHelper"=C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe [2011-12-28 937360]
"KiesPDLR"=C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [2011-12-28 21392]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
"Print2PDF Print Monitor"=C:\Program Files (x86)\Software602\Print2PDF\Print2PDF.exe [2009-02-25 77824]
"KiesTrayAgent"=C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [2011-12-28 3508624]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2012-03-07 4241512]

C:\Users\Well\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Samsung Auto Backup Guage.lnk - C:\Program Files (x86)\Clarus\Samsung Auto Backup\ISFGuage.exe
Samsung Auto Backup Real-Time Daemon.lnk - C:\Program Files (x86)\Clarus\Samsung Auto Backup\ISFRealTimeD.exe
Samsung Auto Backup Scheduler.lnk - C:\Program Files (x86)\Clarus\Samsung Auto Backup\ISFTimerD.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll [2011-05-29 249344]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Hamachi2Svc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"bin\CodeMeter.exe"="C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe:*:Enabled:CodeMeter Runtime Server"
"C:\Users\Well\Desktop\P17535732.JPG.exe"="C:\Windows\nvsvc32.exe:*:Enabled:NVIDIA driver monitor"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"bin\CodeMeter.exe"="C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe:*:Enabled:CodeMeter Runtime Server"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.cpl - cplopen - %SystemRoot%\SysWow64\control.exe "%1",%*

======List of files/folders created in the last 1 month======

2012-03-25 18:41:07 ----D---- C:\rsit
2012-03-25 18:36:05 ----D---- C:\Program Files\CCleaner
2012-03-25 14:08:07 ----D---- C:\$RECYCLE.BIN
2012-03-25 12:21:31 ----D---- C:\Windows\ERDNT
2012-03-25 12:05:29 ----D---- C:\TDSSKiller_Quarantine
2012-03-25 10:53:06 ----A---- C:\Windows\system32\drivers\aswFsBlk.sys
2012-03-25 10:53:05 ----A---- C:\Windows\system32\drivers\aswSP.sys
2012-03-25 10:52:59 ----A---- C:\Windows\system32\drivers\aswRdr2.sys
2012-03-25 10:52:58 ----A---- C:\Windows\system32\drivers\aswTdi.sys
2012-03-25 10:52:57 ----A---- C:\Windows\system32\drivers\aswSnx.sys
2012-03-25 10:52:57 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2012-03-25 10:52:57 ----A---- C:\Windows\system32\aswBoot.exe
2012-03-25 10:52:39 ----A---- C:\Windows\SYSWOW64\aswBoot.exe
2012-03-25 10:52:39 ----A---- C:\Windows\avastSS.scr
2012-03-25 10:52:32 ----D---- C:\ProgramData\AVAST Software
2012-03-25 10:52:32 ----D---- C:\Program Files\AVAST Software
2012-03-25 10:45:39 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2012-03-25 10:45:39 ----A---- C:\Windows\system32\mshtmled.dll
2012-03-25 10:45:39 ----A---- C:\Windows\system32\iertutil.dll
2012-03-25 10:45:38 ----A---- C:\Windows\SYSWOW64\url.dll
2012-03-25 10:45:38 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2012-03-25 10:45:38 ----A---- C:\Windows\SYSWOW64\jscript.dll
2012-03-25 10:45:38 ----A---- C:\Windows\SYSWOW64\ieui.dll
2012-03-25 10:45:38 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2012-03-25 10:45:38 ----A---- C:\Windows\system32\url.dll
2012-03-25 10:45:38 ----A---- C:\Windows\system32\jscript9.dll
2012-03-25 10:45:38 ----A---- C:\Windows\system32\jscript.dll
2012-03-25 10:45:38 ----A---- C:\Windows\system32\ieui.dll
2012-03-25 10:45:37 ----A---- C:\Windows\SYSWOW64\wininet.dll
2012-03-25 10:45:37 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2012-03-25 10:45:37 ----A---- C:\Windows\system32\wininet.dll
2012-03-25 10:45:37 ----A---- C:\Windows\system32\urlmon.dll
2012-03-25 10:45:37 ----A---- C:\Windows\system32\jsproxy.dll
2012-03-25 10:45:36 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2012-03-25 10:45:36 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2012-03-25 10:45:35 ----A---- C:\Windows\system32\mshtml.dll
2012-03-25 10:45:34 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2012-03-25 10:45:34 ----A---- C:\Windows\system32\ieframe.dll
2012-03-25 10:44:56 ----A---- C:\Windows\system32\csrsrv.dll
2012-03-25 10:44:39 ----A---- C:\Windows\system32\drivers\dfsc.sys
2012-03-25 10:44:33 ----A---- C:\Windows\SYSWOW64\setup16.exe
2012-03-25 10:44:33 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2012-03-25 10:44:33 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2012-03-25 10:44:33 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2012-03-25 10:44:33 ----A---- C:\Windows\system32\wow64win.dll
2012-03-25 10:44:33 ----A---- C:\Windows\system32\wow64.dll
2012-03-25 10:44:33 ----A---- C:\Windows\system32\winsrv.dll
2012-03-25 10:44:33 ----A---- C:\Windows\system32\ntvdm64.dll
2012-03-25 10:44:33 ----A---- C:\Windows\system32\KernelBase.dll
2012-03-25 10:44:33 ----A---- C:\Windows\system32\kernel32.dll
2012-03-25 10:44:33 ----A---- C:\Windows\system32\conhost.exe
2012-03-25 10:44:32 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2012-03-25 10:44:32 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2012-03-25 10:44:32 ----A---- C:\Windows\SYSWOW64\wow32.dll
2012-03-25 10:44:32 ----A---- C:\Windows\SYSWOW64\instnm.exe
2012-03-25 10:44:32 ----A---- C:\Windows\system32\wow64cpu.dll
2012-03-25 10:44:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2012-03-25 10:44:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2012-03-25 10:44:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2012-03-25 10:44:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2012-03-25 10:44:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2012-03-25 10:44:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2012-03-25 10:44:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2012-03-25 10:44:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-03-25 10:44:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2012-03-25 10:44:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2012-03-25 10:44:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2012-03-25 10:44:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2012-03-25 10:44:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2012-03-25 10:44:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2012-03-25 10:44:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2012-03-25 10:44:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2012-03-25 10:44:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2012-03-25 10:44:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2012-03-25 10:44:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2012-03-25 10:44:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2012-03-25 10:44:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2012-03-25 10:44:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2012-03-25 10:44:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2012-03-25 10:44:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2012-03-25 10:44:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2012-03-25 10:44:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2012-03-25 10:44:31 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2012-03-25 10:44:31 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2012-03-25 10:44:31 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2012-03-25 10:44:31 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2012-03-25 10:44:31 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2012-03-25 10:44:31 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2012-03-25 10:44:31 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2012-03-25 10:44:31 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2012-03-25 10:44:31 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2012-03-25 10:44:31 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2012-03-25 10:44:31 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2012-03-25 10:44:31 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2012-03-25 10:44:31 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2012-03-25 10:44:31 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2012-03-25 10:44:31 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2012-03-25 10:44:31 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2012-03-25 10:44:31 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2012-03-25 10:44:31 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2012-03-25 10:44:31 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2012-03-25 10:44:31 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2012-03-25 10:44:31 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2012-03-25 10:44:31 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2012-03-25 10:44:31 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2012-03-25 10:44:31 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2012-03-25 10:44:31 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2012-03-25 10:44:31 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2012-03-25 10:44:31 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2012-03-25 10:44:31 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2012-03-25 10:44:30 ----A---- C:\Windows\SYSWOW64\user.exe
2012-03-25 10:44:29 ----A---- C:\Windows\system32\drivers\tcpip.sys
2012-03-25 10:44:28 ----A---- C:\Windows\system32\rdpcore.dll
2012-03-25 10:44:27 ----A---- C:\Windows\SYSWOW64\rdpcore.dll
2012-03-25 10:44:27 ----A---- C:\Windows\system32\drivers\tdtcp.sys
2012-03-25 10:44:27 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2012-03-25 10:44:26 ----A---- C:\Windows\system32\schannel.dll
2012-03-25 10:44:26 ----A---- C:\Windows\system32\lsasrv.dll
2012-03-25 10:44:26 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2012-03-25 10:44:25 ----A---- C:\Windows\SYSWOW64\webio.dll
2012-03-25 10:44:25 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2012-03-25 10:44:25 ----A---- C:\Windows\SYSWOW64\schannel.dll
2012-03-25 10:44:25 ----A---- C:\Windows\SYSWOW64\secur32.dll
2012-03-25 10:44:25 ----A---- C:\Windows\system32\webio.dll
2012-03-25 10:44:25 ----A---- C:\Windows\system32\sspisrv.dll
2012-03-25 10:44:25 ----A---- C:\Windows\system32\sspicli.dll
2012-03-25 10:44:25 ----A---- C:\Windows\system32\secur32.dll
2012-03-25 10:44:25 ----A---- C:\Windows\system32\lsass.exe
2012-03-25 10:44:25 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2012-03-25 10:44:25 ----A---- C:\Windows\system32\drivers\cng.sys
2012-03-25 10:44:24 ----A---- C:\Windows\system32\ntdll.dll
2012-03-25 10:44:23 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2012-03-25 10:44:23 ----A---- C:\Windows\SYSWOW64\d2d1.dll
2012-03-25 10:44:23 ----A---- C:\Windows\system32\DWrite.dll
2012-03-25 10:44:22 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2012-03-25 10:44:22 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2012-03-25 10:44:22 ----A---- C:\Windows\SYSWOW64\d3d10_1core.dll
2012-03-25 10:44:22 ----A---- C:\Windows\SYSWOW64\d3d10_1.dll
2012-03-25 10:44:22 ----A---- C:\Windows\system32\d3d10warp.dll
2012-03-25 10:44:22 ----A---- C:\Windows\system32\d3d10_1core.dll
2012-03-25 10:44:22 ----A---- C:\Windows\system32\d3d10_1.dll
2012-03-25 10:44:22 ----A---- C:\Windows\system32\d2d1.dll
2012-03-25 10:44:21 ----A---- C:\Windows\system32\EncDec.dll
2012-03-25 10:44:20 ----A---- C:\Windows\SYSWOW64\EncDec.dll
2012-03-25 10:44:20 ----A---- C:\Windows\system32\drivers\srv2.sys
2012-03-25 10:44:19 ----A---- C:\Windows\system32\drivers\srvnet.sys
2012-03-25 10:44:19 ----A---- C:\Windows\system32\drivers\srv.sys
2012-03-25 10:44:18 ----A---- C:\Windows\system32\psisdecd.dll
2012-03-25 10:44:17 ----A---- C:\Windows\SYSWOW64\psisdecd.dll
2012-03-25 10:44:14 ----A---- C:\Windows\system32\win32k.sys
2012-03-25 10:44:13 ----A---- C:\Windows\SYSWOW64\quartz.dll
2012-03-25 10:44:13 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2012-03-25 10:44:13 ----A---- C:\Windows\system32\quartz.dll
2012-03-25 10:44:13 ----A---- C:\Windows\system32\qdvd.dll
2012-03-25 10:44:12 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2012-03-25 10:44:12 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2012-03-25 10:44:12 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2012-03-25 10:44:11 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2012-03-25 10:44:11 ----A---- C:\Windows\SYSWOW64\oleacc.dll
2012-03-25 10:44:11 ----A---- C:\Windows\system32\oleaut32.dll
2012-03-25 10:44:11 ----A---- C:\Windows\system32\oleacc.dll
2012-03-25 10:44:08 ----A---- C:\Windows\system32\odbctrac.dll
2012-03-25 10:44:08 ----A---- C:\Windows\system32\odbccu32.dll
2012-03-25 10:44:08 ----A---- C:\Windows\system32\odbccr32.dll
2012-03-25 10:44:08 ----A---- C:\Windows\system32\odbccp32.dll
2012-03-25 10:44:07 ----A---- C:\Windows\SYSWOW64\odbctrac.dll
2012-03-25 10:44:07 ----A---- C:\Windows\SYSWOW64\odbcjt32.dll
2012-03-25 10:44:07 ----A---- C:\Windows\SYSWOW64\odbccu32.dll
2012-03-25 10:44:07 ----A---- C:\Windows\SYSWOW64\odbccr32.dll
2012-03-25 10:44:07 ----A---- C:\Windows\SYSWOW64\odbccp32.dll
2012-03-25 10:44:06 ----A---- C:\Windows\system32\drivers\afd.sys
2012-03-25 10:44:04 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2012-03-25 10:44:04 ----A---- C:\Windows\system32\inetcomm.dll
2012-03-25 10:44:03 ----A---- C:\Windows\system32\rdrmemptylst.exe
2012-03-25 10:44:03 ----A---- C:\Windows\system32\rdpwsx.dll
2012-03-25 10:44:03 ----A---- C:\Windows\system32\rdpcorekmts.dll
2012-03-25 10:43:57 ----A---- C:\Windows\system32\msvcrt.dll
2012-03-25 10:43:56 ----A---- C:\Windows\SYSWOW64\msvcrt.dll
2012-03-25 10:43:53 ----A---- C:\Windows\SYSWOW64\tzres.dll
2012-03-25 10:43:53 ----A---- C:\Windows\system32\tzres.dll
2012-03-25 10:43:48 ----A---- C:\Windows\SYSWOW64\drvinst.exe
2012-03-25 10:43:48 ----A---- C:\Windows\SYSWOW64\cfgmgr32.dll
2012-03-25 10:43:48 ----A---- C:\Windows\system32\umpnpmgr.dll
2012-03-25 10:43:47 ----A---- C:\Windows\SYSWOW64\devrtl.dll
2012-03-25 10:43:47 ----A---- C:\Windows\SYSWOW64\devobj.dll
2012-03-25 10:41:35 ----A---- C:\Windows\system32\ntoskrnl.exe
2012-03-25 10:41:33 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2012-03-25 10:41:32 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2012-03-25 10:40:23 ----A---- C:\Windows\SYSWOW64\packager.dll
2012-03-25 10:40:23 ----A---- C:\Windows\system32\packager.dll
2012-03-25 01:07:10 ----D---- C:\Program Files\trend micro
2012-03-25 00:11:06 ----A---- C:\Windows\system32\drivers\VBoxDrv.sys
2012-03-25 00:10:27 ----A---- C:\Windows\system32\drivers\VBoxUSBMon.sys
2012-03-24 23:59:59 ----D---- C:\VB
2012-03-24 22:39:28 ----D---- C:\VBI
2012-03-24 20:24:16 ----DC---- C:\Windows\system32\DRVSTORE
2012-03-11 15:29:26 ----D---- C:\Program Files\n2n Gui
2012-03-11 15:29:26 ----A---- C:\Windows\system32\drivers\tap0901.sys
2012-03-11 15:18:37 ----D---- C:\Program Files (x86)\LogMeIn Hamachi
2012-03-11 15:01:04 ----D---- C:\Program Files (x86)\Mplayer
2012-03-11 14:44:16 ----A---- C:\Windows\Q3version.ini
2012-03-11 14:42:12 ----A---- C:\Windows\Qiii.INI
2012-03-08 13:35:15 ----D---- C:\Windows\Minidump
2012-02-29 01:52:36 ----D---- C:\Program Files (x86)\MSECache
2012-02-29 01:15:07 ----D---- C:\Output
2012-02-29 01:13:33 ----D---- C:\Program Files (x86)\Free Power Word to Pdf Converter
2012-02-29 01:03:09 ----D---- C:\Program Files (x86)\WordToPDF

======List of files/folders modified in the last 1 month======

2012-03-25 18:44:34 ----D---- C:\Windows\Prefetch
2012-03-25 18:37:51 ----D---- C:\Users\Well\AppData\Roaming\uTorrent
2012-03-25 18:37:51 ----D---- C:\Users\Well\AppData\Roaming\Skype
2012-03-25 18:37:51 ----D---- C:\Users\Well\AppData\Roaming\DAEMON Tools Lite
2012-03-25 18:37:47 ----D---- C:\Windows\Panther
2012-03-25 18:37:47 ----D---- C:\Windows\Logs
2012-03-25 18:37:47 ----D---- C:\Windows\inf
2012-03-25 18:37:46 ----D---- C:\Windows\debug
2012-03-25 18:37:46 ----D---- C:\Windows
2012-03-25 18:36:05 ----RD---- C:\Program Files
2012-03-25 16:43:32 ----D---- C:\Windows\system32\config
2012-03-25 16:35:45 ----D---- C:\Windows\rescache
2012-03-25 16:33:22 ----D---- C:\Windows\Temp
2012-03-25 16:12:30 ----RSD---- C:\Windows\assembly
2012-03-25 16:12:30 ----D---- C:\Windows\Microsoft.NET
2012-03-25 15:55:05 ----SHD---- C:\System Volume Information
2012-03-25 15:54:58 ----D---- C:\Windows\system32\drivers
2012-03-25 15:47:37 ----SHD---- C:\Windows\Installer
2012-03-25 15:47:37 ----RD---- C:\Program Files (x86)
2012-03-25 15:47:35 ----D---- C:\Windows\Tasks
2012-03-25 14:08:21 ----A---- C:\Windows\system.ini
2012-03-25 14:08:02 ----D---- C:\Windows\system32\drivers\etc
2012-03-25 13:53:28 ----D---- C:\Program Files (x86)\BS_Player
2012-03-25 13:49:16 ----D---- C:\Windows\SYSWOW64\drivers
2012-03-25 13:49:16 ----D---- C:\Windows\SysWOW64
2012-03-25 13:49:16 ----D---- C:\Windows\System32
2012-03-25 13:49:16 ----D---- C:\Windows\AppPatch
2012-03-25 13:49:14 ----D---- C:\Program Files\Common Files
2012-03-25 13:49:14 ----D---- C:\Program Files (x86)\Common Files
2012-03-25 12:48:06 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-03-25 11:39:32 ----D---- C:\Program Files (x86)\DAEMON Tools Toolbar
2012-03-25 11:38:16 ----D---- C:\Windows\system32\Tasks
2012-03-25 11:11:49 ----D---- C:\Windows\winsxs
2012-03-25 11:09:19 ----D---- C:\Windows\ehome
2012-03-25 11:09:19 ----D---- C:\Program Files\Common Files\System
2012-03-25 11:09:17 ----D---- C:\Windows\SYSWOW64\migration
2012-03-25 11:09:17 ----D---- C:\Windows\SYSWOW64\cs-CZ
2012-03-25 11:09:17 ----D---- C:\Windows\system32\migration
2012-03-25 11:09:17 ----D---- C:\Windows\system32\cs-CZ
2012-03-25 11:09:17 ----D---- C:\Program Files\Internet Explorer
2012-03-25 11:09:17 ----D---- C:\Program Files (x86)\Internet Explorer
2012-03-25 11:07:16 ----D---- C:\Windows\system32\catroot
2012-03-25 10:58:38 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2012-03-25 10:52:32 ----D---- C:\ProgramData
2012-03-25 10:49:42 ----D---- C:\Windows\system32\catroot2
2012-03-25 00:34:58 ----D---- C:\Windows\system32\DriverStore
2012-03-24 13:14:23 ----RD---- C:\Program Files (x86)\Skype
2012-03-24 13:14:22 ----D---- C:\ProgramData\Skype
2012-03-11 14:49:15 ----D---- C:\Temp
2012-03-09 15:19:22 ----D---- C:\Program Files (x86)\NVIDIA Corporation
2012-03-09 15:17:20 ----D---- C:\ProgramData\NVIDIA
2012-03-04 17:19:46 ----A---- C:\Windows\system32\MRT.exe
2012-02-29 01:08:13 ----D---- C:\Windows\SYSWOW64\lib
2012-02-29 01:08:11 ----D---- C:\Windows\SYSWOW64\fonts

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2010-04-18 871408]
R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [2012-03-07 53080]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2012-03-07 819032]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2012-03-07 337240]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2012-03-07 59224]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 514048]
R2 aksdf;aksdf; C:\Windows\system32\DRIVERS\aksdf.sys [2006-12-13 65024]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2012-03-07 24408]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2012-03-07 69976]
R2 Hardlock;Hardlock; \??\C:\Windows\system32\drivers\hardlock.sys [2006-12-04 314368]
R3 hamachi;Hamachi Network Interface; C:\Windows\system32\DRIVERS\hamachi.sys [2009-03-18 33856]
R3 L1E;NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1E62x64.sys [2009-08-23 56320]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2005-03-29 8192]
R3 tap0901;TAP-Win32 Adapter V9; C:\Windows\system32\DRIVERS\tap0901.sys [2011-04-26 31232]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys [2010-10-07 11856]
R3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S1 StarOpen;StarOpen; C:\Windows\system32\drivers\StarOpen.sys []
S3 awk1uiko;awk1uiko; C:\Windows\system32\drivers\awk1uiko.sys []
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 GGSAFERDriver;GGSAFER Driver; \??\C:\Program Files (x86)\Garena\safedrv.sys []
S3 mdf15;mdf15; \??\C:\Program Files (x86)\Clarus\Samsung SecretZone\mdf15.sys [2010-03-18 12288]
S3 mvd21;mvd21; \??\C:\Program Files (x86)\Clarus\Samsung SecretZone\mvd21.sys [2010-06-14 64512]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 165376]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 6656]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2011-12-08 157672]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\Windows\system32\DRIVERS\ssadmdfl.sys [2011-12-08 16872]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\Windows\system32\DRIVERS\ssadmdm.sys [2011-12-08 177640]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 34896]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter; C:\Windows\system32\DRIVERS\VBoxNetAdp.sys [2010-06-25 144656]
S3 VBoxNetFlt;VBoxNetFlt Service; C:\Windows\system32\DRIVERS\VBoxNetFlt.sys []
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 200272]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 21760]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2009-07-14 40448]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-03-07 44768]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine; C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-02-28 2343816]
R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe [2008-06-08 877864]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2011-10-15 1640768]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-10-15 2253120]
R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\Windows\SysWOW64\IoctlSvc.exe [2006-12-19 81920]
R2 TeamViewer6;TeamViewer 6; C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-08-30 2358656]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service; C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe [2010-10-27 1974080]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-01-01 136176]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-02-29 158856]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2010-05-02 1030600]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-01-01 136176]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 NMIndexingService;NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [2008-06-24 537896]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2012-03-22 489256]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 SZASSIST;SecretZone Assist Service; C:\Program Files (x86)\Clarus\Samsung SecretZone\SZAssistSVC.exe [2010-07-30 90112]
S4 WPEServ;soft Xpansion Print2Document; C:\Program Files (x86)\Common Files\WPE\wpeserv.exe [2008-03-17 339968]

-----------------EOF-----------------

VIRY.CZ

MBR sektor 0. fyzického disku - Win32/Agent.SDG.Gen trojský

Re: MBR sektor 0. fyzického disku - Win32/Agent.SDG.Gen troj

Re: MBR sektor 0. fyzického disku - Win32/Agent.SDG.Gen troj

Re: MBR sektor 0. fyzického disku - Win32/Agent.SDG.Gen troj

Re: MBR sektor 0. fyzického disku - Win32/Agent.SDG.Gen troj

Re: MBR sektor 0. fyzického disku - Win32/Agent.SDG.Gen troj

Re: MBR sektor 0. fyzického disku - Win32/Agent.SDG.Gen troj

Re: MBR sektor 0. fyzického disku - Win32/Agent.SDG.Gen troj

Re: MBR sektor 0. fyzického disku - Win32/Agent.SDG.Gen troj

Re: MBR sektor 0. fyzického disku - Win32/Agent.SDG.Gen troj

Re: MBR sektor 0. fyzického disku - Win32/Agent.SDG.Gen troj

Re: MBR sektor 0. fyzického disku - Win32/Agent.SDG.Gen troj

Re: MBR sektor 0. fyzického disku - Win32/Agent.SDG.Gen troj

Re: MBR sektor 0. fyzického disku - Win32/Agent.SDG.Gen troj

Re: MBR sektor 0. fyzického disku - Win32/Agent.SDG.Gen troj

Re: MBR sektor 0. fyzického disku - Win32/Agent.SDG.Gen troj