Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Samovolné padání programů do lišty Win 7

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
Uživatelský avatar
Armyt
Návštěvník
Návštěvník
Příspěvky: 21
Registrován: 12 led 2013 14:33
Bydliště: Liberec

Samovolné padání programů do lišty Win 7

#1 Příspěvek od Armyt »

Zdravím, stává se mi, že mi programy, hry a vše možné padá do lišty. Cca minutku mi běží film a padne mi na lištu. Další nepříjemná věc je, že se mi jakoby samovolně vykliknou aktivní okna. To znamená, že z aktivního okna se stane neaktivní a musím na něj znova kliknout. Dokonce mi to samo vypíná WiFi. Musím se znova pojit apod..
Snažil jsem se inspirovat topicem http://forum.viry.cz/viewtopic.php?f=13&t=127201 ale když jsem projel PC prvním programem tak to nic nenašlo :(

Předem děkuji za každou radu.

Logy z RSIT předkládám viz níže.

Logfile of random's system information tool 1.09 (written by random/random)
Run by Armyt at 2013-01-12 14:37:31
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 821 GB (88%) free of 937 GB
Total RAM: 8132 MB (70% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:37:37, on 12.1.2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16457)
Boot mode: Normal

Running processes:
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Hewlett-Packard\HP Desktop Keyboard\HPKEYBOARDx.EXE
C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Hewlett-Packard\HP Desktop Keyboard\Keystatus.exe
C:\Program Files (x86)\uTorrent\uTorrent.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_146.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_146.exe
C:\Program Files\trend micro\Armyt.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMDTDFJS
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=CMDTDFJS
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=CMDTDFJS
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com?pc=CMDTDFJS
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://www.bing.com?pc=CMDTDFJS
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: uTorrentControl_v2 Toolbar - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files (x86)\uTorrentControl_v2\prxtbuTor.dll
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: uTorrentControl_v2 - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files (x86)\uTorrentControl_v2\prxtbuTor.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: uTorrentControl_v2 Toolbar - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files (x86)\uTorrentControl_v2\prxtbuTor.dll
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml
O4 - HKLM\..\Run: [HP KEYBOARDx] "C:\Program Files (x86)\Hewlett-Packard\HP Desktop Keyboard\HPKEYBOARDx.EXE"
O4 - HKLM\..\Run: [HP Remote Solution] %ProgramFiles%\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe
O4 - HKLM\..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\RunOnce: [Z1] cmd /c "C:\Users\Armyt\Desktop\mbar\mbar.exe" /cleanup /s
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [GarenaPlus] "C:\Program Files (x86)\Garena Plus\GarenaMessenger.exe" -autolaunch
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: TP-LINK Wireless Configuration Utility.lnk = C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: avast! Firewall - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Auto (HPAuto) - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files (x86)\PDF Complete\pdfsvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10122 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9661 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files\IDT\WDM\STacSV64.exe"
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Program Files\AVAST Software\Avast\afwServ.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe"
"C:\Program Files (x86)\PDF Complete\pdfsvc.exe" /startedbyscm:66B66708-40E2BE4D-pdfcService
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe"
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-3776a2a1-5d3d-4d06-a61b-b39b476b4dc5 -SystemEventPortName:HostProcess-1768a1d8-ea5c-4de7-9810-e24291f52e9f -IoCancelEventPortName:HostProcess-2055448d-4582-43f1-96ef-024aff49bfe8 -NonStateChangingEventPortName:HostProcess-0b8f4d46-20a2-4762-bca9-0334ad265202 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:fe8002b2-6349-491d-b446-fc5c3ea469b1 -DeviceGroupId:WpdFsGroup
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"taskhost.exe"
taskeng.exe {8F3AED42-64F5-4987-A146-857DA7C0FD9E}
C:\Windows\SysWOW64\rundll32.exe "C:\Program Files (x86)\Garena Plus\ggspawn.dll",rundll_entry -p 0
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\IDT\WDM\Beats64.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe"
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\Steam\Steam.exe" -silent
"C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe" -nogui
"C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Desktop Keyboard\HPKEYBOARDx.EXE"
"C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe"
"C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
"C:\Program Files (x86)\Hewlett-Packard\HP Desktop Keyboard\Keystatus.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\svchost.exe -k SDRSVC
"C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe"
"C:\Program Files (x86)\uTorrent\uTorrent.exe"
rundll32 "C:\Program Files (x86)\uTorrentControl_v2\tbuTor.dll" DllVerifyEnableExtension
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=4316.e5a1000.2082161811 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll" E7CF176E110C211B -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" 4316 "\\.\pipe\gecko-crash-server-pipe.4316" plugin
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_146.exe" --proxy-stub-channel=Flash1776.61BEEFD0.41 --host-broker-channel=Flash1776.61BEEFD0.18467 --host-pid=1776 --host-npapi-version=27 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll"
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_146.exe" --channel=5528.003AF1EC.928846405 --proxy-stub-channel=Flash1776.61BEEFD0.41 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll" --host-npapi-version=27 --type=renderer
taskeng.exe {FB5A025B-6645-4DD8-B2EA-455317FCC62B}
"c:\program files\windows defender\MpCmdRun.exe" SpyNetService -RestrictPrivileges -AccessKey 3CFAF3E0-D7D6-251E-6F61-2505A6393193 -Reinvoke
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe19_ Global\UsGthrCtrlFltPipeMssGthrPipe19 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 536 540 548 65536 544
"C:\Users\Armyt\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\HPCeeScheduleForArmyt.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Armyt\AppData\Roaming\Mozilla\Firefox\Profiles\usv01ixp.default

prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.5.502.146 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0]
"Description"=WildTangent Games App Presence Detector Plugin
"Path"=C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.5.502.146 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_146.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll

C:\Program Files (x86)\Mozilla Firefox\searchplugins\
google.xml
heureka-cz.xml
jyxo-cz.xml
seznam-cz.xml
slunecnice-cz.xml
wikipedia-cz.xml

C:\Users\Armyt\AppData\Roaming\Mozilla\Firefox\Profiles\usv01ixp.default\extensions\
{7473b6bd-4691-4744-a82b-7854eb3d70b6}
{ea614400-e918-4741-9a97-7a972ff7c30b}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2012-10-30 1502288]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7473b6bd-4691-4744-a82b-7854eb3d70b6}]
uTorrentControl_v2 Toolbar - C:\Program Files (x86)\uTorrentControl_v2\prxtbuTor.dll [2011-05-09 176936]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-10-30 1227736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2012-10-30 1502288]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2012-10-30 1227736]
{7473b6bd-4691-4744-a82b-7854eb3d70b6} - uTorrentControl_v2 Toolbar - C:\Program Files (x86)\uTorrentControl_v2\prxtbuTor.dll [2011-05-09 176936]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"BeatsOSDApp"=C:\Program Files\IDT\WDM\beats64.exe [2012-03-30 37888]
"HPSYSDRV"=C:\Program Files (x86)\Hewlett-Packard\HP Odometer\HPSYSDRV.EXE [2008-11-20 62768]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2012-04-24 1425408]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21 1475584]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2012-11-06 3673728]
"Steam"=C:\Program Files (x86)\Steam\steam.exe [2013-01-08 1354736]
"GarenaPlus"=C:\Program Files (x86)\Garena Plus\GarenaMessenger.exe [2012-12-17 9152968]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"=C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [2011-12-05 291096]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2012-06-07 641704]
"AMD AVT"=Cmd.exe /c start AMD Accelerated Video Transcoding device initialization /min C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe aml []
"HP KEYBOARDx"=C:\Program Files (x86)\Hewlett-Packard\HP Desktop Keyboard\HPKEYBOARDx.EXE [2010-02-11 710656]
"HP Remote Solution"=C:\Program Files\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe []
"PDF Complete"=C:\Program Files (x86)\PDF Complete\pdfsty.exe [2012-07-18 684064]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2012-10-30 4297136]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\RunOnce]
"Z1"=cmd /c C:\Users\Armyt\Desktop\mbar\mbar.exe /cleanup /s []

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
TP-LINK Wireless Configuration Utility.lnk - C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2013-01-12 14:37:32 ----D---- C:\Program Files\trend micro
2013-01-12 14:37:31 ----D---- C:\rsit
2013-01-12 14:28:00 ----D---- C:\ProgramData\Malwarebytes
2013-01-12 13:43:27 ----D---- C:\Program Files (x86)\Conduit
2013-01-12 13:43:24 ----D---- C:\Program Files (x86)\uTorrentControl_v2
2013-01-12 13:43:03 ----D---- C:\Program Files (x86)\uTorrent
2013-01-12 13:42:26 ----D---- C:\Users\Armyt\AppData\Roaming\uTorrent
2013-01-11 21:50:12 ----D---- C:\Program Files (x86)\Mozilla Firefox
2013-01-11 21:22:40 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2013-01-11 21:22:40 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2013-01-11 21:22:40 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll
2013-01-11 21:22:37 ----A---- C:\Windows\system32\drivers\TsUsbGD.sys
2013-01-11 21:22:37 ----A---- C:\Windows\system32\drivers\rdpvideominiport.sys
2013-01-11 21:22:36 ----A---- C:\Windows\system32\drivers\TsUsbFlt.sys
2013-01-11 21:22:30 ----A---- C:\Windows\SYSWOW64\wksprtPS.dll
2013-01-11 21:22:30 ----A---- C:\Windows\SYSWOW64\tsgqec.dll
2013-01-11 21:22:30 ----A---- C:\Windows\SYSWOW64\rdpendp_winip.dll
2013-01-11 21:22:30 ----A---- C:\Windows\SYSWOW64\mstsc.exe
2013-01-11 21:22:30 ----A---- C:\Windows\SYSWOW64\MsRdpWebAccess.dll
2013-01-11 21:22:30 ----A---- C:\Windows\SYSWOW64\aaclient.dll
2013-01-11 21:22:30 ----A---- C:\Windows\system32\wksprtPS.dll
2013-01-11 21:22:30 ----A---- C:\Windows\system32\wksprt.exe
2013-01-11 21:22:30 ----A---- C:\Windows\system32\TSWbPrxy.exe
2013-01-11 21:22:30 ----A---- C:\Windows\system32\TsUsbGDCoInstaller.dll
2013-01-11 21:22:30 ----A---- C:\Windows\system32\tsgqec.dll
2013-01-11 21:22:30 ----A---- C:\Windows\system32\rdpudd.dll
2013-01-11 21:22:30 ----A---- C:\Windows\system32\rdpendp_winip.dll
2013-01-11 21:22:30 ----A---- C:\Windows\system32\rdpcorets.dll
2013-01-11 21:22:30 ----A---- C:\Windows\system32\mstsc.exe
2013-01-11 21:22:30 ----A---- C:\Windows\system32\MsRdpWebAccess.dll
2013-01-11 21:22:30 ----A---- C:\Windows\system32\aaclient.dll
2013-01-11 21:22:29 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2013-01-11 21:22:29 ----A---- C:\Windows\system32\mstscax.dll
2013-01-11 21:22:04 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2013-01-11 21:22:04 ----A---- C:\Windows\SYSWOW64\schannel.dll
2013-01-11 21:22:04 ----A---- C:\Windows\SYSWOW64\secur32.dll
2013-01-11 21:22:04 ----A---- C:\Windows\system32\schannel.dll
2013-01-11 21:22:04 ----A---- C:\Windows\system32\lsasrv.dll
2013-01-11 21:22:04 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2013-01-11 21:22:04 ----A---- C:\Windows\system32\drivers\cng.sys
2013-01-11 21:22:02 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2013-01-11 21:22:02 ----A---- C:\Windows\system32\qdvd.dll
2013-01-11 21:19:49 ----A---- C:\Windows\system32\MRT.exe
2013-01-10 19:12:36 ----A---- C:\Windows\SYSWOW64\XAudio2_7.dll
2013-01-10 19:12:36 ----A---- C:\Windows\SYSWOW64\XAPOFX1_5.dll
2013-01-10 19:12:36 ----A---- C:\Windows\SYSWOW64\xactengine3_7.dll
2013-01-10 19:12:36 ----A---- C:\Windows\SYSWOW64\D3DCompiler_43.dll
2013-01-10 19:12:36 ----A---- C:\Windows\system32\XAudio2_7.dll
2013-01-10 19:12:36 ----A---- C:\Windows\system32\XAPOFX1_5.dll
2013-01-10 19:12:36 ----A---- C:\Windows\system32\xactengine3_7.dll
2013-01-10 19:12:36 ----A---- C:\Windows\system32\D3DCompiler_43.dll
2013-01-10 19:12:35 ----A---- C:\Windows\SYSWOW64\d3dx11_43.dll
2013-01-10 19:12:35 ----A---- C:\Windows\SYSWOW64\d3dx10_43.dll
2013-01-10 19:12:35 ----A---- C:\Windows\SYSWOW64\d3dcsx_43.dll
2013-01-10 19:12:35 ----A---- C:\Windows\system32\d3dx11_43.dll
2013-01-10 19:12:35 ----A---- C:\Windows\system32\d3dx10_43.dll
2013-01-10 19:12:35 ----A---- C:\Windows\system32\d3dcsx_43.dll
2013-01-10 19:12:34 ----A---- C:\Windows\SYSWOW64\XAudio2_6.dll
2013-01-10 19:12:34 ----A---- C:\Windows\SYSWOW64\XAPOFX1_4.dll
2013-01-10 19:12:34 ----A---- C:\Windows\SYSWOW64\D3DX9_43.dll
2013-01-10 19:12:34 ----A---- C:\Windows\system32\XAudio2_6.dll
2013-01-10 19:12:34 ----A---- C:\Windows\system32\XAPOFX1_4.dll
2013-01-10 19:12:34 ----A---- C:\Windows\system32\D3DX9_43.dll
2013-01-10 19:12:33 ----A---- C:\Windows\SYSWOW64\XAudio2_5.dll
2013-01-10 19:12:33 ----A---- C:\Windows\SYSWOW64\xactengine3_6.dll
2013-01-10 19:12:33 ----A---- C:\Windows\SYSWOW64\X3DAudio1_7.dll
2013-01-10 19:12:33 ----A---- C:\Windows\system32\XAudio2_5.dll
2013-01-10 19:12:33 ----A---- C:\Windows\system32\xactengine3_6.dll
2013-01-10 19:12:33 ----A---- C:\Windows\system32\X3DAudio1_7.dll
2013-01-10 19:12:32 ----A---- C:\Windows\SYSWOW64\xactengine3_5.dll
2013-01-10 19:12:32 ----A---- C:\Windows\system32\xactengine3_5.dll
2013-01-10 19:12:31 ----A---- C:\Windows\SYSWOW64\d3dcsx_42.dll
2013-01-10 19:12:31 ----A---- C:\Windows\SYSWOW64\D3DCompiler_42.dll
2013-01-10 19:12:31 ----A---- C:\Windows\system32\d3dcsx_42.dll
2013-01-10 19:12:31 ----A---- C:\Windows\system32\D3DCompiler_42.dll
2013-01-10 19:12:30 ----A---- C:\Windows\SYSWOW64\d3dx11_42.dll
2013-01-10 19:12:30 ----A---- C:\Windows\SYSWOW64\d3dx10_42.dll
2013-01-10 19:12:30 ----A---- C:\Windows\system32\d3dx11_42.dll
2013-01-10 19:12:30 ----A---- C:\Windows\system32\d3dx10_42.dll
2013-01-10 19:12:29 ----A---- C:\Windows\SYSWOW64\D3DX9_42.dll
2013-01-10 19:12:29 ----A---- C:\Windows\SYSWOW64\d3dx10_41.dll
2013-01-10 19:12:29 ----A---- C:\Windows\SYSWOW64\D3DCompiler_41.dll
2013-01-10 19:12:29 ----A---- C:\Windows\system32\D3DX9_42.dll
2013-01-10 19:12:29 ----A---- C:\Windows\system32\d3dx10_41.dll
2013-01-10 19:12:29 ----A---- C:\Windows\system32\D3DCompiler_41.dll
2013-01-10 19:12:28 ----A---- C:\Windows\SYSWOW64\XAudio2_4.dll
2013-01-10 19:12:28 ----A---- C:\Windows\SYSWOW64\XAPOFX1_3.dll
2013-01-10 19:12:28 ----A---- C:\Windows\SYSWOW64\D3DX9_41.dll
2013-01-10 19:12:28 ----A---- C:\Windows\system32\XAudio2_4.dll
2013-01-10 19:12:28 ----A---- C:\Windows\system32\XAPOFX1_3.dll
2013-01-10 19:12:28 ----A---- C:\Windows\system32\D3DX9_41.dll
2013-01-10 19:12:27 ----A---- C:\Windows\SYSWOW64\xactengine3_4.dll
2013-01-10 19:12:27 ----A---- C:\Windows\SYSWOW64\X3DAudio1_6.dll
2013-01-10 19:12:27 ----A---- C:\Windows\SYSWOW64\d3dx10_40.dll
2013-01-10 19:12:27 ----A---- C:\Windows\SYSWOW64\D3DCompiler_40.dll
2013-01-10 19:12:27 ----A---- C:\Windows\system32\xactengine3_4.dll
2013-01-10 19:12:27 ----A---- C:\Windows\system32\X3DAudio1_6.dll
2013-01-10 19:12:27 ----A---- C:\Windows\system32\d3dx10_40.dll
2013-01-10 19:12:27 ----A---- C:\Windows\system32\D3DCompiler_40.dll
2013-01-10 19:12:26 ----A---- C:\Windows\SYSWOW64\XAudio2_3.dll
2013-01-10 19:12:26 ----A---- C:\Windows\SYSWOW64\XAPOFX1_2.dll
2013-01-10 19:12:26 ----A---- C:\Windows\SYSWOW64\xactengine3_3.dll
2013-01-10 19:12:26 ----A---- C:\Windows\SYSWOW64\D3DX9_40.dll
2013-01-10 19:12:26 ----A---- C:\Windows\system32\XAudio2_3.dll
2013-01-10 19:12:26 ----A---- C:\Windows\system32\XAPOFX1_2.dll
2013-01-10 19:12:26 ----A---- C:\Windows\system32\xactengine3_3.dll
2013-01-10 19:12:26 ----A---- C:\Windows\system32\D3DX9_40.dll
2013-01-10 19:12:25 ----A---- C:\Windows\SYSWOW64\XAudio2_2.dll
2013-01-10 19:12:25 ----A---- C:\Windows\SYSWOW64\XAPOFX1_1.dll
2013-01-10 19:12:25 ----A---- C:\Windows\SYSWOW64\xactengine3_2.dll
2013-01-10 19:12:25 ----A---- C:\Windows\SYSWOW64\X3DAudio1_5.dll
2013-01-10 19:12:25 ----A---- C:\Windows\SYSWOW64\d3dx10_39.dll
2013-01-10 19:12:25 ----A---- C:\Windows\SYSWOW64\D3DCompiler_39.dll
2013-01-10 19:12:25 ----A---- C:\Windows\system32\XAudio2_2.dll
2013-01-10 19:12:25 ----A---- C:\Windows\system32\XAPOFX1_1.dll
2013-01-10 19:12:25 ----A---- C:\Windows\system32\xactengine3_2.dll
2013-01-10 19:12:25 ----A---- C:\Windows\system32\X3DAudio1_5.dll
2013-01-10 19:12:25 ----A---- C:\Windows\system32\d3dx10_39.dll
2013-01-10 19:12:25 ----A---- C:\Windows\system32\D3DCompiler_39.dll
2013-01-10 19:12:24 ----A---- C:\Windows\SYSWOW64\D3DX9_39.dll
2013-01-10 19:12:24 ----A---- C:\Windows\system32\D3DX9_39.dll
2013-01-09 16:28:54 ----D---- C:\Users\Armyt\AppData\Roaming\Allstar
2013-01-09 13:03:48 ----A---- C:\Windows\SYSWOW64\win32spl.dll
2013-01-09 13:03:48 ----A---- C:\Windows\system32\win32spl.dll
2013-01-09 13:03:26 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2013-01-09 13:03:26 ----A---- C:\Windows\system32\msxml6.dll
2013-01-09 13:03:26 ----A---- C:\Windows\system32\msxml3.dll
2013-01-09 13:03:25 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2013-01-09 13:03:21 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2013-01-09 13:03:21 ----A---- C:\Windows\system32\ncrypt.dll
2013-01-09 13:03:18 ----A---- C:\Windows\SYSWOW64\usp10.dll
2013-01-09 13:03:18 ----A---- C:\Windows\system32\usp10.dll
2013-01-09 13:03:13 ----A---- C:\Windows\SYSWOW64\Wpc.dll
2013-01-09 13:03:13 ----A---- C:\Windows\SYSWOW64\gameux.dll
2013-01-09 13:03:13 ----A---- C:\Windows\system32\Wpc.dll
2013-01-09 13:03:13 ----A---- C:\Windows\system32\gameux.dll
2013-01-09 13:02:36 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2013-01-09 13:02:36 ----A---- C:\Windows\system32\winsrv.dll
2013-01-09 13:02:36 ----A---- C:\Windows\system32\KernelBase.dll
2013-01-09 13:02:36 ----A---- C:\Windows\system32\kernel32.dll
2013-01-09 13:02:36 ----A---- C:\Windows\system32\conhost.exe
2013-01-09 13:02:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2013-01-09 13:02:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-01-09 13:02:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2013-01-09 13:02:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-01-09 13:02:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-01-09 13:02:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-01-09 13:02:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2013-01-09 13:02:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-01-09 13:02:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-01-09 13:02:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-01-09 13:02:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-01-09 13:02:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-01-09 13:02:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-01-09 13:02:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-01-09 13:02:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-01-09 13:02:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-01-09 13:02:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2013-01-09 13:02:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-01-09 13:02:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-01-09 13:02:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-01-09 13:02:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2013-01-09 13:02:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-01-09 13:02:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-01-09 13:02:35 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2013-01-09 13:02:35 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-01-09 13:02:35 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-01-09 13:02:35 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-01-09 13:02:35 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-01-09 13:02:35 ----A---- C:\Windows\SYSWOW64\wow32.dll
2013-01-09 13:02:35 ----A---- C:\Windows\SYSWOW64\user.exe
2013-01-09 13:02:35 ----A---- C:\Windows\SYSWOW64\setup16.exe
2013-01-09 13:02:35 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2013-01-09 13:02:35 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2013-01-09 13:02:35 ----A---- C:\Windows\SYSWOW64\instnm.exe
2013-01-09 13:02:35 ----A---- C:\Windows\system32\wow64win.dll
2013-01-09 13:02:35 ----A---- C:\Windows\system32\wow64cpu.dll
2013-01-09 13:02:35 ----A---- C:\Windows\system32\wow64.dll
2013-01-09 13:02:35 ----A---- C:\Windows\system32\ntvdm64.dll
2013-01-09 13:02:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-01-09 13:02:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-01-09 13:02:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-01-09 13:02:34 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-01-09 13:02:34 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-01-09 13:02:34 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-01-09 13:02:34 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-01-09 13:02:34 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-01-09 13:02:34 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-01-09 13:02:34 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-01-09 13:02:34 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-01-09 13:02:34 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-01-09 13:02:34 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-01-09 13:02:34 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-01-09 13:02:34 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-01-09 13:02:34 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-01-09 13:02:34 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-01-09 13:02:34 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-01-09 13:02:34 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-01-09 13:02:34 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-01-09 13:02:34 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-01-09 13:02:34 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-01-09 13:02:34 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-01-09 13:02:34 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-01-09 13:02:34 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-01-09 13:02:34 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-01-09 13:02:34 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-01-09 13:02:34 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-01-09 13:02:10 ----A---- C:\Windows\system32\taskhost.exe
2013-01-09 13:02:09 ----A---- C:\Windows\system32\win32k.sys
2013-01-09 12:10:37 ----D---- C:\Program Files (x86)\GamePark
2013-01-09 03:40:29 ----D---- C:\Windows\SYSWOW64\Wat
2013-01-09 03:40:29 ----D---- C:\Windows\system32\Wat
2013-01-09 03:17:25 ----A---- C:\Windows\system32\drivers\Wdf01000.sys
2013-01-09 03:17:24 ----A---- C:\Windows\system32\Wdfres.dll
2013-01-09 03:17:24 ----A---- C:\Windows\system32\drivers\WdfLdr.sys
2013-01-09 03:15:45 ----A---- C:\Windows\system32\browserchoice.exe
2013-01-09 03:09:27 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2013-01-09 03:09:27 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2013-01-09 03:09:27 ----A---- C:\Windows\system32\mshtmled.dll
2013-01-09 03:09:26 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-01-09 03:09:26 ----A---- C:\Windows\SYSWOW64\url.dll
2013-01-09 03:09:26 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2013-01-09 03:09:26 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-01-09 03:09:26 ----A---- C:\Windows\system32\urlmon.dll
2013-01-09 03:09:26 ----A---- C:\Windows\system32\url.dll
2013-01-09 03:09:26 ----A---- C:\Windows\system32\ieUnatt.exe
2013-01-09 03:09:26 ----A---- C:\Windows\system32\ieui.dll
2013-01-09 03:09:25 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-01-09 03:09:25 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-01-09 03:09:25 ----A---- C:\Windows\system32\wininet.dll
2013-01-09 03:09:25 ----A---- C:\Windows\system32\msfeeds.dll
2013-01-09 03:09:25 ----A---- C:\Windows\system32\jscript9.dll
2013-01-09 03:09:24 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-01-09 03:09:24 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-01-09 03:09:24 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-01-09 03:09:24 ----A---- C:\Windows\system32\vbscript.dll
2013-01-09 03:09:24 ----A---- C:\Windows\system32\jsproxy.dll
2013-01-09 03:09:24 ----A---- C:\Windows\system32\jscript.dll
2013-01-09 03:09:24 ----A---- C:\Windows\system32\iertutil.dll
2013-01-09 03:09:23 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-01-09 03:09:22 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-01-09 03:09:22 ----A---- C:\Windows\system32\mshtml.dll
2013-01-09 03:09:21 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-01-09 03:09:21 ----A---- C:\Windows\system32\ieframe.dll
2013-01-09 03:07:49 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2013-01-09 03:07:49 ----A---- C:\Windows\system32\atmlib.dll
2013-01-09 03:07:48 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2013-01-09 03:07:48 ----A---- C:\Windows\system32\atmfd.dll
2013-01-09 03:07:39 ----A---- C:\Windows\system32\drivers\WUDFRd.sys
2013-01-09 03:07:39 ----A---- C:\Windows\system32\drivers\WUDFPf.sys
2013-01-09 03:07:38 ----A---- C:\Windows\system32\WUDFSvc.dll
2013-01-09 03:07:38 ----A---- C:\Windows\system32\WUDFPlatform.dll
2013-01-09 03:07:37 ----A---- C:\Windows\system32\WUDFx.dll
2013-01-09 03:07:37 ----A---- C:\Windows\system32\WUDFHost.exe
2013-01-09 03:07:37 ----A---- C:\Windows\system32\WUDFCoinstaller.dll
2013-01-08 23:07:58 ----A---- C:\Users\Armyt\AppData\Roaming\room_v3.dat
2013-01-08 20:54:08 ----D---- C:\Users\Armyt\AppData\Roaming\GarenaPlus
2013-01-08 20:53:21 ----D---- C:\Program Files (x86)\Garena Plus
2013-01-08 20:53:18 ----D---- C:\ProgramData\GarenaMessenger
2013-01-08 20:08:51 ----A---- C:\Windows\Codec Pack - All In 1 Setup Log.txt
2013-01-08 19:45:06 ----D---- C:\ProgramData\Adobe
2013-01-08 18:14:53 ----D---- C:\Program Files (x86)\Steam
2013-01-08 17:48:43 ----D---- C:\Users\Armyt\AppData\Roaming\TS3Client
2013-01-08 17:48:30 ----D---- C:\Program Files\TeamSpeak 3 Client
2013-01-08 16:07:38 ----A---- C:\Windows\system32\drivers\ntfs.sys
2013-01-08 16:07:33 ----A---- C:\Windows\SYSWOW64\poqexec.exe
2013-01-08 16:07:33 ----A---- C:\Windows\system32\poqexec.exe
2013-01-08 16:07:32 ----A---- C:\Windows\SYSWOW64\dhcpcore6.dll
2013-01-08 16:07:32 ----A---- C:\Windows\system32\dhcpcsvc6.dll
2013-01-08 16:07:32 ----A---- C:\Windows\system32\dhcpcore6.dll
2013-01-08 16:07:31 ----A---- C:\Windows\SYSWOW64\dhcpcsvc6.dll
2013-01-08 16:07:25 ----A---- C:\Windows\SYSWOW64\tzres.dll
2013-01-08 16:07:25 ----A---- C:\Windows\system32\tzres.dll
2013-01-08 16:07:19 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2013-01-08 16:07:19 ----A---- C:\Windows\system32\msxml3r.dll
2013-01-08 16:07:18 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2013-01-08 16:07:18 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2013-01-08 16:07:18 ----A---- C:\Windows\system32\ntoskrnl.exe
2013-01-08 16:07:17 ----A---- C:\Windows\SYSWOW64\XpsPrint.dll
2013-01-08 16:07:17 ----A---- C:\Windows\system32\XpsPrint.dll
2013-01-08 16:07:16 ----A---- C:\Windows\system32\shell32.dll
2013-01-08 16:07:15 ----A---- C:\Windows\SYSWOW64\shell32.dll
2013-01-08 16:07:14 ----A---- C:\Windows\system32\drivers\RNDISMP.sys
2013-01-08 16:07:14 ----A---- C:\Windows\system32\drivers\ndis.sys
2013-01-08 16:07:14 ----A---- C:\Windows\system32\d3d10level9.dll
2013-01-08 16:07:13 ----A---- C:\Windows\SYSWOW64\d3d10level9.dll
2013-01-08 16:07:12 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2013-01-08 16:07:09 ----A---- C:\Windows\SYSWOW64\nlaapi.dll
2013-01-08 16:07:09 ----A---- C:\Windows\SYSWOW64\netevent.dll
2013-01-08 16:07:09 ----A---- C:\Windows\SYSWOW64\netcorehc.dll
2013-01-08 16:07:09 ----A---- C:\Windows\SYSWOW64\ncsi.dll
2013-01-08 16:07:09 ----A---- C:\Windows\system32\nlasvc.dll
2013-01-08 16:07:09 ----A---- C:\Windows\system32\nlaapi.dll
2013-01-08 16:07:09 ----A---- C:\Windows\system32\netevent.dll
2013-01-08 16:07:09 ----A---- C:\Windows\system32\netcorehc.dll
2013-01-08 16:07:09 ----A---- C:\Windows\system32\ncsi.dll
2013-01-08 16:07:09 ----A---- C:\Windows\system32\iphlpsvc.dll
2013-01-08 16:07:09 ----A---- C:\Windows\system32\drivers\tcpipreg.sys
2013-01-08 16:07:09 ----A---- C:\Windows\system32\drivers\tcpip.sys
2013-01-08 16:07:09 ----A---- C:\Windows\system32\drivers\netio.sys
2013-01-08 16:07:09 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2013-01-08 16:06:52 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2013-01-08 16:06:52 ----A---- C:\Windows\SYSWOW64\dpnet.dll
2013-01-08 16:06:52 ----A---- C:\Windows\system32\wintrust.dll
2013-01-08 16:06:52 ----A---- C:\Windows\system32\dpnet.dll
2013-01-08 16:06:50 ----A---- C:\Windows\system32\OxpsConverter.exe
2013-01-08 16:06:26 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2013-01-08 16:06:26 ----A---- C:\Windows\system32\kerberos.dll
2013-01-08 16:06:25 ----A---- C:\Windows\SYSWOW64\synceng.dll
2013-01-08 16:06:25 ----A---- C:\Windows\system32\synceng.dll
2013-01-08 16:06:20 ----A---- C:\Windows\SYSWOW64\netapi32.dll
2013-01-08 16:06:20 ----A---- C:\Windows\SYSWOW64\browcli.dll
2013-01-08 16:06:20 ----A---- C:\Windows\system32\netapi32.dll
2013-01-08 16:06:20 ----A---- C:\Windows\system32\browser.dll
2013-01-08 16:06:20 ----A---- C:\Windows\system32\browcli.dll
2013-01-08 16:06:19 ----A---- C:\Windows\SYSWOW64\srclient.dll
2013-01-08 16:06:19 ----A---- C:\Windows\system32\srcore.dll
2013-01-08 16:06:09 ----A---- C:\Windows\system32\localspl.dll
2013-01-08 16:06:08 ----A---- C:\Windows\system32\drivers\bowser.sys
2013-01-08 16:06:00 ----A---- C:\Windows\SYSWOW64\cdosys.dll
2013-01-08 16:05:59 ----A---- C:\Windows\system32\cdosys.dll
2013-01-08 16:05:57 ----A---- C:\Windows\system32\spoolsv.exe
2013-01-08 16:05:57 ----A---- C:\Windows\splwow64.exe
2013-01-08 16:05:53 ----A---- C:\Windows\system32\crypt32.dll
2013-01-08 16:05:52 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2013-01-08 16:05:52 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2013-01-08 16:05:52 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2013-01-08 16:05:52 ----A---- C:\Windows\system32\cryptsvc.dll
2013-01-08 16:05:52 ----A---- C:\Windows\system32\cryptnet.dll
2013-01-08 16:00:46 ----A---- C:\Windows\SYSWOW64\rdpcore.dll
2013-01-08 16:00:46 ----A---- C:\Windows\system32\rdpcore.dll
2013-01-08 16:00:46 ----A---- C:\Windows\system32\drivers\tdtcp.sys
2013-01-08 15:58:06 ----A---- C:\Windows\system32\wups2.dll
2013-01-08 15:58:06 ----A---- C:\Windows\system32\wuauclt.exe
2013-01-08 15:58:05 ----A---- C:\Windows\system32\wucltux.dll
2013-01-08 15:58:05 ----A---- C:\Windows\system32\wuaueng.dll
2013-01-08 15:57:56 ----A---- C:\Windows\system32\wups.dll
2013-01-08 15:57:56 ----A---- C:\Windows\system32\wudriver.dll
2013-01-08 15:57:56 ----A---- C:\Windows\system32\wuapi.dll
2013-01-08 15:57:47 ----A---- C:\Windows\system32\wuwebv.dll
2013-01-08 15:57:47 ----A---- C:\Windows\system32\wuapp.exe
2013-01-08 15:56:52 ----D---- C:\Users\Armyt\AppData\Roaming\TP-LINK
2013-01-08 15:56:35 ----D---- C:\Program Files (x86)\TP-LINK
2013-01-08 15:56:10 ----A---- C:\Windows\system32\rtl8192cu.sys
2013-01-08 15:56:10 ----A---- C:\Windows\system32\drivers\RTL8192cu.sys
2013-01-08 15:55:17 ----D---- C:\ProgramData\TP-LINK
2013-01-07 14:52:26 ----D---- C:\Users\Armyt\AppData\Roaming\CyberLink
2013-01-07 14:36:28 ----A---- C:\Windows\system32\drivers\aswSP.sys
2013-01-07 14:36:28 ----A---- C:\Windows\system32\drivers\aswFW.sys
2013-01-07 14:36:28 ----A---- C:\Windows\system32\drivers\aswFsBlk.sys
2013-01-07 14:36:20 ----A---- C:\Windows\system32\drivers\aswTdi.sys
2013-01-07 14:36:20 ----A---- C:\Windows\system32\drivers\aswSnx.sys
2013-01-07 14:36:20 ----A---- C:\Windows\system32\drivers\aswRdr2.sys
2013-01-07 14:36:20 ----A---- C:\Windows\system32\drivers\aswNdis2.sys
2013-01-07 14:36:20 ----A---- C:\Windows\system32\drivers\aswKbd.sys
2013-01-07 14:36:19 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2013-01-07 14:36:19 ----A---- C:\Windows\system32\aswBoot.exe
2013-01-07 14:36:14 ----A---- C:\Windows\system32\drivers\aswNdis.sys
2013-01-07 14:36:08 ----A---- C:\Windows\SYSWOW64\aswBoot.exe
2013-01-07 14:36:08 ----A---- C:\Windows\avastSS.scr
2013-01-07 14:36:00 ----D---- C:\ProgramData\AVAST Software
2013-01-07 14:36:00 ----D---- C:\Program Files\AVAST Software
2013-01-07 12:18:21 ----D---- C:\Users\Armyt\AppData\Roaming\Mozilla
2013-01-07 12:18:11 ----D---- C:\ProgramData\Mozilla
2013-01-07 12:18:11 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2013-01-07 12:05:00 ----A---- C:\Windows\system32\drivers\dtsoftbus01.sys
2013-01-07 12:04:59 ----D---- C:\Users\Armyt\AppData\Roaming\DAEMON Tools Lite
2013-01-07 12:04:58 ----D---- C:\Program Files (x86)\DAEMON Tools Lite
2013-01-07 12:04:07 ----D---- C:\ProgramData\DAEMON Tools Lite
2013-01-06 17:34:59 ----D---- C:\Users\Armyt\AppData\Roaming\Adobe
2013-01-04 16:19:10 ----A---- C:\Windows\SYSWOW64\XAudio2_1.dll
2013-01-04 16:19:10 ----A---- C:\Windows\SYSWOW64\XAPOFX1_0.dll
2013-01-04 16:19:10 ----A---- C:\Windows\SYSWOW64\xactengine3_1.dll
2013-01-04 16:19:10 ----A---- C:\Windows\SYSWOW64\X3DAudio1_4.dll
2013-01-04 16:19:10 ----A---- C:\Windows\SYSWOW64\d3dx10_38.dll
2013-01-04 16:19:10 ----A---- C:\Windows\SYSWOW64\D3DCompiler_38.dll
2013-01-04 16:19:10 ----A---- C:\Windows\system32\XAudio2_1.dll
2013-01-04 16:19:10 ----A---- C:\Windows\system32\XAPOFX1_0.dll
2013-01-04 16:19:10 ----A---- C:\Windows\system32\xactengine3_1.dll
2013-01-04 16:19:10 ----A---- C:\Windows\system32\X3DAudio1_4.dll
2013-01-04 16:19:10 ----A---- C:\Windows\system32\d3dx10_38.dll
2013-01-04 16:19:10 ----A---- C:\Windows\system32\D3DCompiler_38.dll
2013-01-04 16:19:09 ----A---- C:\Windows\SYSWOW64\XAudio2_0.dll
2013-01-04 16:19:09 ----A---- C:\Windows\SYSWOW64\xactengine3_0.dll
2013-01-04 16:19:09 ----A---- C:\Windows\SYSWOW64\X3DAudio1_3.dll
2013-01-04 16:19:09 ----A---- C:\Windows\SYSWOW64\D3DX9_38.dll
2013-01-04 16:19:09 ----A---- C:\Windows\SYSWOW64\D3DX9_37.dll
2013-01-04 16:19:09 ----A---- C:\Windows\SYSWOW64\d3dx10_37.dll
2013-01-04 16:19:09 ----A---- C:\Windows\SYSWOW64\D3DCompiler_37.dll
2013-01-04 16:19:09 ----A---- C:\Windows\system32\XAudio2_0.dll
2013-01-04 16:19:09 ----A---- C:\Windows\system32\xactengine3_0.dll
2013-01-04 16:19:09 ----A---- C:\Windows\system32\X3DAudio1_3.dll
2013-01-04 16:19:09 ----A---- C:\Windows\system32\D3DX9_38.dll
2013-01-04 16:19:09 ----A---- C:\Windows\system32\D3DX9_37.dll
2013-01-04 16:19:09 ----A---- C:\Windows\system32\d3dx10_37.dll
2013-01-04 16:19:09 ----A---- C:\Windows\system32\D3DCompiler_37.dll
2013-01-04 16:19:08 ----A---- C:\Windows\SYSWOW64\xactengine2_9.dll
2013-01-04 16:19:08 ----A---- C:\Windows\SYSWOW64\xactengine2_10.dll
2013-01-04 16:19:08 ----A---- C:\Windows\SYSWOW64\d3dx9_36.dll
2013-01-04 16:19:08 ----A---- C:\Windows\SYSWOW64\d3dx10_36.dll
2013-01-04 16:19:08 ----A---- C:\Windows\SYSWOW64\D3DCompiler_36.dll
2013-01-04 16:19:08 ----A---- C:\Windows\system32\xactengine2_9.dll
2013-01-04 16:19:08 ----A---- C:\Windows\system32\xactengine2_10.dll
2013-01-04 16:19:08 ----A---- C:\Windows\system32\d3dx9_36.dll
2013-01-04 16:19:08 ----A---- C:\Windows\system32\d3dx10_36.dll
2013-01-04 16:19:08 ----A---- C:\Windows\system32\D3DCompiler_36.dll
2013-01-04 16:19:07 ----A---- C:\Windows\SYSWOW64\xactengine2_8.dll
2013-01-04 16:19:07 ----A---- C:\Windows\SYSWOW64\X3DAudio1_2.dll
2013-01-04 16:19:07 ----A---- C:\Windows\SYSWOW64\d3dx9_35.dll
2013-01-04 16:19:07 ----A---- C:\Windows\SYSWOW64\d3dx10_35.dll
2013-01-04 16:19:07 ----A---- C:\Windows\SYSWOW64\D3DCompiler_35.dll
2013-01-04 16:19:07 ----A---- C:\Windows\system32\xactengine2_8.dll
2013-01-04 16:19:07 ----A---- C:\Windows\system32\X3DAudio1_2.dll
2013-01-04 16:19:07 ----A---- C:\Windows\system32\d3dx9_35.dll
2013-01-04 16:19:07 ----A---- C:\Windows\system32\d3dx10_35.dll
2013-01-04 16:19:07 ----A---- C:\Windows\system32\D3DCompiler_35.dll
2013-01-04 16:13:48 ----A---- C:\Windows\SYSWOW64\pbsvc.exe
2013-01-04 14:40:51 ----A---- C:\Windows\SYSWOW64\d3dx10_34.dll
2013-01-04 14:40:51 ----A---- C:\Windows\SYSWOW64\D3DCompiler_34.dll
2013-01-04 14:40:51 ----A---- C:\Windows\system32\d3dx10_34.dll
2013-01-04 14:40:51 ----A---- C:\Windows\system32\D3DCompiler_34.dll
2013-01-04 14:40:50 ----A---- C:\Windows\SYSWOW64\xinput1_3.dll
2013-01-04 14:40:50 ----A---- C:\Windows\SYSWOW64\xactengine2_7.dll
2013-01-04 14:40:50 ----A---- C:\Windows\SYSWOW64\xactengine2_6.dll
2013-01-04 14:40:50 ----A---- C:\Windows\SYSWOW64\d3dx9_34.dll
2013-01-04 14:40:50 ----A---- C:\Windows\SYSWOW64\d3dx9_33.dll
2013-01-04 14:40:50 ----A---- C:\Windows\SYSWOW64\d3dx10_33.dll
2013-01-04 14:40:50 ----A---- C:\Windows\SYSWOW64\D3DCompiler_33.dll
2013-01-04 14:40:50 ----A---- C:\Windows\system32\xinput1_3.dll
2013-01-04 14:40:50 ----A---- C:\Windows\system32\xactengine2_7.dll
2013-01-04 14:40:50 ----A---- C:\Windows\system32\xactengine2_6.dll
2013-01-04 14:40:50 ----A---- C:\Windows\system32\d3dx9_34.dll
2013-01-04 14:40:50 ----A---- C:\Windows\system32\d3dx9_33.dll
2013-01-04 14:40:50 ----A---- C:\Windows\system32\d3dx10_33.dll
2013-01-04 14:40:50 ----A---- C:\Windows\system32\D3DCompiler_33.dll
2013-01-04 14:40:49 ----A---- C:\Windows\SYSWOW64\xactengine2_5.dll
2013-01-04 14:40:49 ----A---- C:\Windows\SYSWOW64\xactengine2_4.dll
2013-01-04 14:40:49 ----A---- C:\Windows\SYSWOW64\xactengine2_3.dll
2013-01-04 14:40:49 ----A---- C:\Windows\SYSWOW64\x3daudio1_1.dll
2013-01-04 14:40:49 ----A---- C:\Windows\SYSWOW64\d3dx9_32.dll
2013-01-04 14:40:49 ----A---- C:\Windows\SYSWOW64\d3dx9_31.dll
2013-01-04 14:40:49 ----A---- C:\Windows\SYSWOW64\d3dx10.dll
2013-01-04 14:40:49 ----A---- C:\Windows\system32\xactengine2_5.dll
2013-01-04 14:40:49 ----A---- C:\Windows\system32\xactengine2_4.dll
2013-01-04 14:40:49 ----A---- C:\Windows\system32\xactengine2_3.dll
2013-01-04 14:40:49 ----A---- C:\Windows\system32\x3daudio1_1.dll
2013-01-04 14:40:49 ----A---- C:\Windows\system32\d3dx9_32.dll
2013-01-04 14:40:49 ----A---- C:\Windows\system32\d3dx9_31.dll
2013-01-04 14:40:49 ----A---- C:\Windows\system32\d3dx10.dll
2013-01-04 14:40:48 ----A---- C:\Windows\SYSWOW64\xinput1_2.dll
2013-01-04 14:40:48 ----A---- C:\Windows\SYSWOW64\xinput1_1.dll
2013-01-04 14:40:48 ----A---- C:\Windows\SYSWOW64\xactengine2_2.dll
2013-01-04 14:40:48 ----A---- C:\Windows\SYSWOW64\xactengine2_1.dll
2013-01-04 14:40:48 ----A---- C:\Windows\system32\xinput1_2.dll
2013-01-04 14:40:48 ----A---- C:\Windows\system32\xinput1_1.dll
2013-01-04 14:40:48 ----A---- C:\Windows\system32\xactengine2_2.dll
2013-01-04 14:40:48 ----A---- C:\Windows\system32\xactengine2_1.dll
2013-01-04 14:40:46 ----A---- C:\Windows\SYSWOW64\d3dx9_30.dll
2013-01-04 14:40:46 ----A---- C:\Windows\system32\d3dx9_30.dll
2013-01-04 14:40:45 ----A---- C:\Windows\SYSWOW64\xactengine2_0.dll
2013-01-04 14:40:45 ----A---- C:\Windows\SYSWOW64\x3daudio1_0.dll
2013-01-04 14:40:45 ----A---- C:\Windows\SYSWOW64\d3dx9_29.dll
2013-01-04 14:40:45 ----A---- C:\Windows\SYSWOW64\d3dx9_28.dll
2013-01-04 14:40:45 ----A---- C:\Windows\system32\xactengine2_0.dll
2013-01-04 14:40:45 ----A---- C:\Windows\system32\x3daudio1_0.dll
2013-01-04 14:40:45 ----A---- C:\Windows\system32\d3dx9_29.dll
2013-01-04 14:40:45 ----A---- C:\Windows\system32\d3dx9_28.dll
2013-01-04 14:40:44 ----A---- C:\Windows\SYSWOW64\d3dx9_27.dll
2013-01-04 14:40:44 ----A---- C:\Windows\SYSWOW64\d3dx9_26.dll
2013-01-04 14:40:44 ----A---- C:\Windows\SYSWOW64\d3dx9_25.dll
2013-01-04 14:40:44 ----A---- C:\Windows\SYSWOW64\d3dx9_24.dll
2013-01-04 14:40:44 ----A---- C:\Windows\system32\d3dx9_27.dll
2013-01-04 14:40:44 ----A---- C:\Windows\system32\d3dx9_26.dll
2013-01-04 14:40:44 ----A---- C:\Windows\system32\d3dx9_25.dll
2013-01-04 14:40:44 ----A---- C:\Windows\system32\d3dx9_24.dll
2013-01-04 14:37:36 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2013-01-04 14:37:35 ----A---- C:\Windows\SYSWOW64\PnkBstrA.exe
2013-01-04 14:37:30 ----A---- C:\Windows\game.ini
2013-01-04 14:26:14 ----D---- C:\Users\Armyt\AppData\Roaming\Macromedia
2013-01-04 14:24:50 ----D---- C:\Hry
2013-01-04 13:14:04 ----D---- C:\Users\Armyt\AppData\Roaming\ATI
2013-01-04 13:12:46 ----D---- C:\Users\Armyt\AppData\Roaming\Identities
2013-01-04 13:12:26 ----D---- C:\Users\Armyt\AppData\Roaming\Hewlett-Packard
2013-01-04 13:10:09 ----A---- C:\Windows\SYSWOW64\log.txt
2013-01-04 13:08:34 ----ASH---- C:\hiberfil.sys
2013-01-04 13:08:28 ----SD---- C:\Users\Armyt\AppData\Roaming\Microsoft
2013-01-04 13:08:28 ----D---- C:\Users\Armyt\AppData\Roaming\Media Center Programs
2013-01-04 13:07:15 ----D---- C:\Windows\SoftwareDistribution

======List of files/folders modified in the last 1 month======

2013-01-12 14:37:36 ----D---- C:\Windows\Temp
2013-01-12 14:37:32 ----RD---- C:\Program Files
2013-01-12 14:32:31 ----D---- C:\Windows\system32\drivers
2013-01-12 14:30:48 ----SHD---- C:\System Volume Information
2013-01-12 14:28:00 ----HD---- C:\ProgramData
2013-01-12 14:24:28 ----D---- C:\Windows\system32\config
2013-01-12 13:43:27 ----RD---- C:\Program Files (x86)
2013-01-12 13:31:38 ----D---- C:\Windows\System32
2013-01-12 13:31:38 ----D---- C:\Windows\inf
2013-01-12 13:31:38 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-01-12 13:27:08 ----D---- C:\Windows\Tasks
2013-01-12 13:27:08 ----D---- C:\Windows\system32\Tasks
2013-01-12 13:25:53 ----D---- C:\ProgramData\PDFC
2013-01-12 13:20:56 ----D---- C:\Windows\SysWOW64
2013-01-11 22:03:33 ----D---- C:\ProgramData\Norton
2013-01-11 22:02:48 ----D---- C:\Program Files\Common Files
2013-01-11 21:34:50 ----SD---- C:\ProgramData\Microsoft
2013-01-11 21:30:02 ----D---- C:\Windows
2013-01-11 21:30:01 ----D---- C:\Windows\winsxs
2013-01-11 21:29:04 ----D---- C:\Windows\SYSWOW64\wbem
2013-01-11 21:29:04 ----D---- C:\Windows\SYSWOW64\en-US
2013-01-11 21:29:04 ----D---- C:\Windows\SYSWOW64\cs-CZ
2013-01-11 21:29:04 ----D---- C:\Windows\system32\wbem
2013-01-11 21:29:04 ----D---- C:\Windows\system32\en-US
2013-01-11 21:29:04 ----D---- C:\Windows\system32\drivers\en-US
2013-01-11 21:29:04 ----D---- C:\Windows\system32\cs-CZ
2013-01-11 21:29:04 ----D---- C:\Windows\PolicyDefinitions
2013-01-11 21:29:03 ----D---- C:\Windows\system32\DriverStore
2013-01-11 21:23:49 ----D---- C:\Windows\system32\catroot
2013-01-11 21:23:33 ----D---- C:\ProgramData\SonicFocus
2013-01-11 21:23:32 ----D---- C:\Program Files\IDT
2013-01-11 21:22:55 ----D---- C:\Windows\system32\catroot2
2013-01-11 21:19:51 ----D---- C:\Windows\debug
2013-01-10 19:12:04 ----RSD---- C:\Windows\assembly
2013-01-09 18:18:11 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2013-01-09 18:17:36 ----SHD---- C:\Windows\Installer
2013-01-09 17:13:55 ----D---- C:\Windows\Microsoft.NET
2013-01-09 16:46:45 ----D---- C:\Windows\Prefetch
2013-01-09 16:43:38 ----D---- C:\Windows\AppPatch
2013-01-09 16:41:40 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2013-01-09 12:04:08 ----D---- C:\Windows\system32\NDF
2013-01-09 04:42:31 ----D---- C:\Windows\rescache
2013-01-09 03:40:30 ----D---- C:\Program Files\Common Files\System
2013-01-09 03:40:29 ----D---- C:\Windows\SYSWOW64\migration
2013-01-09 03:40:29 ----D---- C:\Windows\system32\migration
2013-01-09 03:40:29 ----D---- C:\Windows\system32\drivers\cs-CZ
2013-01-09 03:40:28 ----RSD---- C:\Windows\Fonts
2013-01-09 03:40:28 ----D---- C:\Program Files\Internet Explorer
2013-01-09 03:40:28 ----D---- C:\Program Files (x86)\Internet Explorer
2013-01-09 03:40:27 ----D---- C:\Program Files\Windows Journal
2013-01-08 20:35:35 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-01-08 20:03:40 ----D---- C:\Windows\system32\LogFiles
2013-01-08 18:14:55 ----D---- C:\Program Files (x86)\Common Files
2013-01-08 16:00:35 ----D---- C:\Windows\Logs
2013-01-07 14:28:10 ----D---- C:\Windows\system32\wdi
2013-01-07 14:26:14 ----D---- C:\Windows\SYSWOW64\winrm
2013-01-07 14:26:14 ----D---- C:\Windows\SYSWOW64\slmgr
2013-01-07 14:26:14 ----D---- C:\Windows\SYSWOW64\sk-SK
2013-01-07 14:26:14 ----D---- C:\Windows\SYSWOW64\migwiz
2013-01-07 14:26:14 ----D---- C:\Windows\SYSWOW64\en
2013-01-07 14:26:14 ----D---- C:\Windows\servicing
2013-01-07 14:26:14 ----D---- C:\Windows\ehome
2013-01-07 14:26:14 ----D---- C:\Program Files\Windows Sidebar
2013-01-07 14:26:14 ----D---- C:\Program Files\Windows Photo Viewer
2013-01-07 14:26:14 ----D---- C:\Program Files\Windows Media Player
2013-01-07 14:26:14 ----D---- C:\Program Files\Windows Mail
2013-01-07 14:26:14 ----D---- C:\Program Files\Windows Defender
2013-01-07 14:26:14 ----D---- C:\Program Files (x86)\Windows Sidebar
2013-01-07 14:26:14 ----D---- C:\Program Files (x86)\Windows Photo Viewer
2013-01-07 14:26:14 ----D---- C:\Program Files (x86)\Windows Media Player
2013-01-07 14:26:14 ----D---- C:\Program Files (x86)\Windows Mail
2013-01-07 14:26:14 ----D---- C:\Program Files (x86)\Windows Defender
2013-01-07 14:26:13 ----D---- C:\Windows\SYSWOW64\drivers\en-US
2013-01-07 14:26:13 ----D---- C:\Windows\SYSWOW64\drivers
2013-01-07 14:26:12 ----D---- C:\Windows\SYSWOW64\WCN
2013-01-07 14:26:12 ----D---- C:\Windows\SYSWOW64\Printing_Admin_Scripts
2013-01-07 14:26:12 ----D---- C:\Windows\SYSWOW64\DriverStore
2013-01-07 14:26:12 ----D---- C:\Windows\SYSWOW64\Dism
2013-01-07 14:26:12 ----D---- C:\Windows\en-US
2013-01-07 14:26:11 ----D---- C:\Windows\system32\winrm
2013-01-07 14:26:11 ----D---- C:\Windows\system32\sysprep
2013-01-07 14:26:11 ----D---- C:\Windows\system32\slmgr
2013-01-07 14:26:11 ----D---- C:\Windows\system32\sk-SK
2013-01-07 14:26:11 ----D---- C:\Windows\system32\oobe
2013-01-07 14:26:11 ----D---- C:\Windows\system32\migwiz
2013-01-07 14:26:11 ----D---- C:\Windows\system32\en
2013-01-07 14:26:11 ----D---- C:\Windows\system32\Boot
2013-01-07 14:26:09 ----D---- C:\Windows\system32\WCN
2013-01-07 14:26:09 ----D---- C:\Windows\system32\Printing_Admin_Scripts
2013-01-07 14:26:09 ----D---- C:\Windows\system32\Dism
2013-01-07 14:26:06 ----D---- C:\Program Files\DVD Maker
2013-01-07 14:26:04 ----D---- C:\Windows\Speech
2013-01-07 14:12:57 ----D---- C:\Windows\system32\restore
2013-01-07 12:11:02 ----D---- C:\ProgramData\WinZip
2013-01-04 13:12:41 ----SHD---- C:\$RECYCLE.BIN
2013-01-04 13:12:36 ----D---- C:\SWSETUP
2013-01-04 13:12:31 ----RHD---- C:\SYSTEM.SAV
2013-01-04 13:08:46 ----RD---- C:\Program Files\Online Services
2013-01-04 13:08:46 ----RD---- C:\Program Files (x86)\Online Services
2013-01-04 13:08:38 ----D---- C:\ProgramData\Hewlett-Packard
2013-01-04 13:08:28 ----RD---- C:\Users
2013-01-04 13:08:26 ----D---- C:\Windows\Panther

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswNdis;avast! Firewall NDIS Filter Service; C:\Windows\system32\DRIVERS\aswNdis.sys [2012-09-21 12368]
R0 aswNdis2;avast! Firewall Core Firewall Service; C:\Windows\system32\drivers\aswNdis2.sys [2012-10-30 262656]
R0 iaStor;Intel RAID Controller; C:\Windows\system32\drivers\iaStor.sys [2012-04-10 568600]
R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver; C:\Windows\system32\drivers\iusb3hcs.sys [2011-12-05 16152]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 aswFW;avast! TDI Firewall driver; C:\Windows\system32\drivers\aswFW.sys [2012-10-30 132864]
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys [2012-10-30 21136]
R1 aswRdr;aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [2012-10-15 54072]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2012-10-30 984144]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2012-10-30 370288]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2012-10-30 59728]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-01-07 283200]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2012-10-30 25232]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2012-10-30 71600]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2012-06-08 11172864]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2012-06-08 339456]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2012-02-24 95760]
R3 iusb3hub;Intel(R) USB 3.0 Hub Driver; C:\Windows\system32\drivers\iusb3hub.sys [2011-12-05 355096]
R3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver; C:\Windows\system32\drivers\iusb3xhc.sys [2011-12-05 785688]
R3 L1C;NDIS Miniport Driver for Atheros AR81xx PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2011-10-14 108656]
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2012-07-17 62784]
R3 RTL8192cu;TP-LINK 150Mbps Wireless N Nano USB Adapter; C:\Windows\system32\DRIVERS\RTL8192cu.sys [2012-03-14 926824]
R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10322; C:\Windows\system32\DRIVERS\stwrt64.sys [2012-04-24 536576]
S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
S3 GGSAFERDriver;GGSAFER Driver; \??\C:\Program Files (x86)\Garena Plus\Room\safedrv.sys []
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2009-06-10 6108416]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656]
S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552]
S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2012-06-08 236544]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-10-30 44808]
R2 avast! Firewall;avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [2012-10-30 133912]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-09-10 86072]
R2 HPAuto;HP Auto; C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe [2011-02-17 682040]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service; C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-03-29 94264]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2012-04-11 277784]
R2 pdfcDispatcher;PDF Document Manager; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2012-07-18 1134624]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2013-01-09 76888]
R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10122; C:\Program Files\IDT\WDM\STacSV64.exe [2012-04-24 318464]
R3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2013-01-08 541760]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-01-08 251400]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-19 44376]
S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2011-03-29 799800]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-01-11 115760]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-01-09 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------
Nahoru
Uživatelský avatar
Armyt
Návštěvník
Návštěvník
Příspěvky: 21
Registrován: 12 led 2013 14:33
Bydliště: Liberec

Re: Samovolné padání programů do lišty Win 7

#2 Příspěvek od Armyt »

Kód: Vybrat vše

MBRScan v1.1.1

OS             : Windows 7 Service Pack 1 (64 bit)
PROCESSOR      : Intel64 Family 6 Model 58 Stepping 9, GenuineIntel
BOOT           : Normal Boot
DATE           : 2013/01/12 (ISO 8601) at 15:05:04
________________________________________________________________________________

DISK           : Device\Harddisk0\DR0 __WDC WD10 EZEX-60ZF5A0 (80.0)
BUS_TYPE       : (0x03)  P-ATA
USE_PIO        : NO
MAX_TRANSFER   : 128 Kb
ALIGNMENT_MASK : word aligned
________________________________________________________________________________

Device\Harddisk0\DR0	931.5 Go  [Fixed] ==> 7 MBR Code ==> PARTITION TABLE FAKED !!

MBR_MD5   : 86C2C45730536E8FEB2F32652C97087E
MBR_SHA1  : 63E26EB0796C8EE8342A735CDF0E0C774162B5B1

Device\Harddisk0\Partition1	100.0 Mo  	0x07 NTFS / HPFS __ BOOTABLE __
Device\Harddisk0\Partition2	915.0 Go  	0x07 NTFS / HPFS
Device\Harddisk0\Partition3	16.36 Go  	0x07 NTFS / HPFS
Device\Harddisk0\Partition4	100.0 Mo  	0x27 RE Hidden partition 
________________________________________________________________________________

############################### Additional scan ################################

DRIVER  : C:\Windows\system32\hal.dll => Invisible on the disk
ADDRESS : 0x031F2000
SIZE    : 292.0 Ko

DRIVER  : C:\Windows\system32\kdcom.dll => Invisible on the disk
ADDRESS : 0x00BAC000
SIZE    : 40.0 Ko

DRIVER  : C:\Windows\system32\mcupdate_GenuineIntel.dll => Invisible on the disk
ADDRESS : 0x00CE8000
SIZE    : 316.0 Ko

DRIVER  : C:\Windows\system32\CLFS.SYS => Invisible on the disk
ADDRESS : 0x00D4B000
SIZE    : 376.0 Ko

DRIVER  : C:\Windows\system32\CI.dll => Invisible on the disk
ADDRESS : 0x00C00000
SIZE    : 768.0 Ko

DRIVER  : C:\Windows\system32\drivers\Wdf01000.sys => Invisible on the disk
ADDRESS : 0x00E14000
SIZE    : 776.0 Ko

DRIVER  : C:\Windows\system32\drivers\WDFLDR.SYS => Invisible on the disk
ADDRESS : 0x00ED6000
SIZE    : 64.0 Ko

DRIVER  : C:\Windows\system32\drivers\ACPI.sys => Invisible on the disk
ADDRESS : 0x00EE6000
SIZE    : 348.0 Ko

DRIVER  : C:\Windows\system32\drivers\WMILIB.SYS => Invisible on the disk
ADDRESS : 0x00F3D000
SIZE    : 36.0 Ko

DRIVER  : C:\Windows\system32\drivers\msisadrv.sys => Invisible on the disk
ADDRESS : 0x00F46000
SIZE    : 40.0 Ko

DRIVER  : C:\Windows\system32\drivers\pci.sys => Invisible on the disk
ADDRESS : 0x00F50000
SIZE    : 204.0 Ko

DRIVER  : C:\Windows\system32\drivers\vdrvroot.sys => Invisible on the disk
ADDRESS : 0x00F83000
SIZE    : 52.0 Ko

DRIVER  : C:\Windows\System32\drivers\partmgr.sys => Invisible on the disk
ADDRESS : 0x00F90000
SIZE    : 84.0 Ko

DRIVER  : C:\Windows\system32\drivers\volmgr.sys => Invisible on the disk
ADDRESS : 0x00FA5000
SIZE    : 84.0 Ko

DRIVER  : C:\Windows\System32\drivers\volmgrx.sys => Invisible on the disk
ADDRESS : 0x01069000
SIZE    : 368.0 Ko

DRIVER  : C:\Windows\System32\drivers\mountmgr.sys => Invisible on the disk
ADDRESS : 0x010C5000
SIZE    : 104.0 Ko

DRIVER  : C:\Windows\system32\drivers\iaStor.sys => Invisible on the disk
ADDRESS : 0x01211000
SIZE    : 3.64 Mo

DRIVER  : C:\Windows\system32\drivers\amdxata.sys => Invisible on the disk
ADDRESS : 0x015B5000
SIZE    : 44.0 Ko

DRIVER  : C:\Windows\system32\drivers\fltmgr.sys => Invisible on the disk
ADDRESS : 0x010DF000
SIZE    : 304.0 Ko

DRIVER  : C:\Windows\system32\drivers\fileinfo.sys => Invisible on the disk
ADDRESS : 0x015C0000
SIZE    : 80.0 Ko

DRIVER  : C:\Windows\System32\Drivers\Ntfs.sys => Invisible on the disk
ADDRESS : 0x01657000
SIZE    : 1.64 Mo

DRIVER  : C:\Windows\System32\Drivers\msrpc.sys => Invisible on the disk
ADDRESS : 0x0112B000
SIZE    : 376.0 Ko

DRIVER  : C:\Windows\System32\Drivers\ksecdd.sys => Invisible on the disk
ADDRESS : 0x01600000
SIZE    : 108.0 Ko

DRIVER  : C:\Windows\System32\Drivers\cng.sys => Invisible on the disk
ADDRESS : 0x01189000
SIZE    : 456.0 Ko

DRIVER  : C:\Windows\System32\drivers\pcw.sys => Invisible on the disk
ADDRESS : 0x0161B000
SIZE    : 68.0 Ko

DRIVER  : C:\Windows\System32\Drivers\Fs_Rec.sys => Invisible on the disk
ADDRESS : 0x0162C000
SIZE    : 40.0 Ko

DRIVER  : C:\Windows\system32\drivers\ndis.sys => Invisible on the disk
ADDRESS : 0x0188A000
SIZE    : 968.0 Ko

DRIVER  : C:\Windows\system32\drivers\NETIO.SYS => Invisible on the disk
ADDRESS : 0x0197C000
SIZE    : 384.0 Ko

DRIVER  : C:\Windows\System32\Drivers\aswNdis2.sys => Invisible on the disk
ADDRESS : 0x01800000
SIZE    : 268.0 Ko

DRIVER  : C:\Windows\System32\Drivers\ksecpkg.sys => Invisible on the disk
ADDRESS : 0x01843000
SIZE    : 172.0 Ko

DRIVER  : C:\Windows\System32\drivers\tcpip.sys => Invisible on the disk
ADDRESS : 0x01AB9000
SIZE    : 2.00 Mo

DRIVER  : C:\Windows\System32\drivers\fwpkclnt.sys => Invisible on the disk
ADDRESS : 0x01CBA000
SIZE    : 296.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\aswNdis.sys => Invisible on the disk
ADDRESS : 0x01D04000
SIZE    : 28.0 Ko

DRIVER  : C:\Windows\system32\drivers\vmstorfl.sys => Invisible on the disk
ADDRESS : 0x01D0B000
SIZE    : 64.0 Ko

DRIVER  : C:\Windows\system32\drivers\volsnap.sys => Invisible on the disk
ADDRESS : 0x01D1B000
SIZE    : 304.0 Ko

DRIVER  : C:\Windows\System32\Drivers\spldr.sys => Invisible on the disk
ADDRESS : 0x01D67000
SIZE    : 32.0 Ko

DRIVER  : C:\Windows\System32\drivers\rdyboost.sys => Invisible on the disk
ADDRESS : 0x01D6F000
SIZE    : 232.0 Ko

DRIVER  : C:\Windows\System32\Drivers\mup.sys => Invisible on the disk
ADDRESS : 0x01DA9000
SIZE    : 72.0 Ko

DRIVER  : C:\Windows\system32\drivers\iusb3hcs.sys => Invisible on the disk
ADDRESS : 0x01DBB000
SIZE    : 36.0 Ko

DRIVER  : C:\Windows\System32\drivers\hwpolicy.sys => Invisible on the disk
ADDRESS : 0x01DC4000
SIZE    : 36.0 Ko

DRIVER  : C:\Windows\System32\DRIVERS\fvevol.sys => Invisible on the disk
ADDRESS : 0x01A00000
SIZE    : 232.0 Ko

DRIVER  : C:\Windows\system32\drivers\disk.sys => Invisible on the disk
ADDRESS : 0x01A3A000
SIZE    : 88.0 Ko

DRIVER  : C:\Windows\system32\drivers\CLASSPNP.SYS => Invisible on the disk
ADDRESS : 0x01A50000
SIZE    : 192.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\dtsoftbus01.sys => Invisible on the disk
ADDRESS : 0x01000000
SIZE    : 292.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\cdrom.sys => Invisible on the disk
ADDRESS : 0x01A8E000
SIZE    : 168.0 Ko

DRIVER  : C:\Windows\System32\Drivers\aswSnx.SYS => Invisible on the disk
ADDRESS : 0x04672000
SIZE    : 976.0 Ko

DRIVER  : C:\Windows\System32\Drivers\Null.SYS => Invisible on the disk
ADDRESS : 0x04766000
SIZE    : 36.0 Ko

DRIVER  : C:\Windows\System32\Drivers\Beep.SYS => Invisible on the disk
ADDRESS : 0x0476F000
SIZE    : 28.0 Ko

DRIVER  : C:\Windows\System32\Drivers\aswKbd.SYS => Invisible on the disk
ADDRESS : 0x04776000
SIZE    : 36.0 Ko

DRIVER  : C:\Windows\System32\drivers\vga.sys => Invisible on the disk
ADDRESS : 0x0477F000
SIZE    : 56.0 Ko

DRIVER  : C:\Windows\System32\drivers\VIDEOPRT.SYS => Invisible on the disk
ADDRESS : 0x0478D000
SIZE    : 148.0 Ko

DRIVER  : C:\Windows\System32\drivers\watchdog.sys => Invisible on the disk
ADDRESS : 0x047B2000
SIZE    : 64.0 Ko

DRIVER  : C:\Windows\System32\DRIVERS\RDPCDD.sys => Invisible on the disk
ADDRESS : 0x047C2000
SIZE    : 36.0 Ko

DRIVER  : C:\Windows\system32\drivers\rdpencdd.sys => Invisible on the disk
ADDRESS : 0x047CB000
SIZE    : 36.0 Ko

DRIVER  : C:\Windows\system32\drivers\rdprefmp.sys => Invisible on the disk
ADDRESS : 0x047D4000
SIZE    : 36.0 Ko

DRIVER  : C:\Windows\System32\Drivers\Msfs.SYS => Invisible on the disk
ADDRESS : 0x047DD000
SIZE    : 44.0 Ko

DRIVER  : C:\Windows\System32\Drivers\Npfs.SYS => Invisible on the disk
ADDRESS : 0x047E8000
SIZE    : 68.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\tdx.sys => Invisible on the disk
ADDRESS : 0x04600000
SIZE    : 136.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\TDI.SYS => Invisible on the disk
ADDRESS : 0x04622000
SIZE    : 52.0 Ko

DRIVER  : C:\Windows\System32\Drivers\aswFW.SYS => Invisible on the disk
ADDRESS : 0x0462F000
SIZE    : 140.0 Ko

DRIVER  : C:\Windows\System32\Drivers\aswTdi.SYS => Invisible on the disk
ADDRESS : 0x04652000
SIZE    : 72.0 Ko

DRIVER  : C:\Windows\system32\drivers\afd.sys => Invisible on the disk
ADDRESS : 0x0724E000
SIZE    : 548.0 Ko

DRIVER  : C:\Windows\System32\Drivers\aswrdr2.sys => Invisible on the disk
ADDRESS : 0x072D7000
SIZE    : 64.0 Ko

DRIVER  : C:\Windows\System32\DRIVERS\netbt.sys => Invisible on the disk
ADDRESS : 0x072E7000
SIZE    : 276.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\wfplwf.sys => Invisible on the disk
ADDRESS : 0x0732C000
SIZE    : 36.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\pacer.sys => Invisible on the disk
ADDRESS : 0x07335000
SIZE    : 152.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\vwififlt.sys => Invisible on the disk
ADDRESS : 0x0735B000
SIZE    : 88.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\netbios.sys => Invisible on the disk
ADDRESS : 0x07371000
SIZE    : 60.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\wanarp.sys => Invisible on the disk
ADDRESS : 0x07380000
SIZE    : 108.0 Ko

DRIVER  : C:\Windows\system32\drivers\termdd.sys => Invisible on the disk
ADDRESS : 0x0739B000
SIZE    : 80.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\rdbss.sys => Invisible on the disk
ADDRESS : 0x073AF000
SIZE    : 324.0 Ko

DRIVER  : C:\Windows\system32\drivers\nsiproxy.sys => Invisible on the disk
ADDRESS : 0x07200000
SIZE    : 48.0 Ko

DRIVER  : C:\Windows\system32\drivers\mssmbios.sys => Invisible on the disk
ADDRESS : 0x0720C000
SIZE    : 44.0 Ko

DRIVER  : C:\Windows\System32\drivers\discache.sys => Invisible on the disk
ADDRESS : 0x07217000
SIZE    : 60.0 Ko

DRIVER  : C:\Windows\system32\drivers\csc.sys => Invisible on the disk
ADDRESS : 0x07085000
SIZE    : 524.0 Ko

DRIVER  : C:\Windows\System32\Drivers\dfsc.sys => Invisible on the disk
ADDRESS : 0x07108000
SIZE    : 120.0 Ko

DRIVER  : C:\Windows\system32\drivers\blbdrive.sys => Invisible on the disk
ADDRESS : 0x07126000
SIZE    : 68.0 Ko

DRIVER  : C:\Windows\System32\Drivers\aswSP.SYS => Invisible on the disk
ADDRESS : 0x07137000
SIZE    : 388.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\tunnel.sys => Invisible on the disk
ADDRESS : 0x07198000
SIZE    : 152.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\atikmpag.sys => Invisible on the disk
ADDRESS : 0x07000000
SIZE    : 352.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\atikmdag.sys => Invisible on the disk
ADDRESS : 0x084FF000
SIZE    : 10.98 Mo

DRIVER  : C:\Windows\System32\drivers\dxgkrnl.sys => Invisible on the disk
ADDRESS : 0x08400000
SIZE    : 976.0 Ko

DRIVER  : C:\Windows\System32\drivers\dxgmms1.sys => Invisible on the disk
ADDRESS : 0x00FBA000
SIZE    : 280.0 Ko

DRIVER  : C:\Windows\system32\drivers\HDAudBus.sys => Invisible on the disk
ADDRESS : 0x07058000
SIZE    : 144.0 Ko

DRIVER  : C:\Windows\system32\drivers\iusb3xhc.sys => Invisible on the disk
ADDRESS : 0x0765C000
SIZE    : 784.0 Ko

DRIVER  : C:\Windows\system32\drivers\USBD.SYS => Invisible on the disk
ADDRESS : 0x07720000
SIZE    : 8.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\HECIx64.sys => Invisible on the disk
ADDRESS : 0x07722000
SIZE    : 76.0 Ko

DRIVER  : C:\Windows\System32\Drivers\fastfat.SYS => Invisible on the disk
ADDRESS : 0x07735000
SIZE    : 216.0 Ko

DRIVER  : C:\Windows\system32\drivers\usbehci.sys => Invisible on the disk
ADDRESS : 0x0776B000
SIZE    : 68.0 Ko

DRIVER  : C:\Windows\system32\drivers\USBPORT.SYS => Invisible on the disk
ADDRESS : 0x0777C000
SIZE    : 344.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\L1C62x64.sys => Invisible on the disk
ADDRESS : 0x077D2000
SIZE    : 112.0 Ko

DRIVER  : C:\Windows\system32\drivers\intelppm.sys => Invisible on the disk
ADDRESS : 0x07600000
SIZE    : 88.0 Ko

DRIVER  : C:\Windows\system32\drivers\wmiacpi.sys => Invisible on the disk
ADDRESS : 0x07616000
SIZE    : 36.0 Ko

DRIVER  : C:\Windows\system32\drivers\CompositeBus.sys => Invisible on the disk
ADDRESS : 0x0761F000
SIZE    : 64.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\AgileVpn.sys => Invisible on the disk
ADDRESS : 0x0762F000
SIZE    : 88.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\rasl2tp.sys => Invisible on the disk
ADDRESS : 0x071BE000
SIZE    : 144.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\ndistapi.sys => Invisible on the disk
ADDRESS : 0x07645000
SIZE    : 48.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\ndiswan.sys => Invisible on the disk
ADDRESS : 0x01DCD000
SIZE    : 188.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\raspppoe.sys => Invisible on the disk
ADDRESS : 0x071E2000
SIZE    : 108.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\raspptp.sys => Invisible on the disk
ADDRESS : 0x07226000
SIZE    : 132.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\rassstp.sys => Invisible on the disk
ADDRESS : 0x045DC000
SIZE    : 104.0 Ko

DRIVER  : C:\Windows\system32\drivers\rdpbus.sys => Invisible on the disk
ADDRESS : 0x07651000
SIZE    : 44.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\kbdclass.sys => Invisible on the disk
ADDRESS : 0x077EE000
SIZE    : 60.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\mouclass.sys => Invisible on the disk
ADDRESS : 0x04200000
SIZE    : 60.0 Ko

DRIVER  : C:\Windows\system32\drivers\swenum.sys => Invisible on the disk
ADDRESS : 0x077FD000
SIZE    : 8.0 Ko

DRIVER  : C:\Windows\system32\drivers\ks.sys => Invisible on the disk
ADDRESS : 0x00DA9000
SIZE    : 268.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\umbus.sys => Invisible on the disk
ADDRESS : 0x0420F000
SIZE    : 72.0 Ko

DRIVER  : C:\Windows\system32\drivers\usbhub.sys => Invisible on the disk
ADDRESS : 0x07CA5000
SIZE    : 360.0 Ko

DRIVER  : C:\Windows\System32\Drivers\NDProxy.SYS => Invisible on the disk
ADDRESS : 0x07CFF000
SIZE    : 84.0 Ko

DRIVER  : C:\Windows\system32\drivers\AtihdW76.sys => Invisible on the disk
ADDRESS : 0x07D14000
SIZE    : 108.0 Ko

DRIVER  : C:\Windows\system32\drivers\portcls.sys => Invisible on the disk
ADDRESS : 0x07D2F000
SIZE    : 244.0 Ko

DRIVER  : C:\Windows\system32\drivers\drmk.sys => Invisible on the disk
ADDRESS : 0x07D6C000
SIZE    : 136.0 Ko

DRIVER  : C:\Windows\system32\drivers\ksthunk.sys => Invisible on the disk
ADDRESS : 0x07D8E000
SIZE    : 24.0 Ko

DRIVER  : C:\Windows\system32\drivers\iusb3hub.sys => Invisible on the disk
ADDRESS : 0x07D94000
SIZE    : 372.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\stwrt64.sys => Invisible on the disk
ADDRESS : 0x07C00000
SIZE    : 544.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\RTL8192cu.sys => Invisible on the disk
ADDRESS : 0x04221000
SIZE    : 1.26 Mo

DRIVER  : C:\Windows\system32\DRIVERS\vwifibus.sys => Invisible on the disk
ADDRESS : 0x07C88000
SIZE    : 52.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\hidusb.sys => Invisible on the disk
ADDRESS : 0x07C95000
SIZE    : 56.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\HIDCLASS.SYS => Invisible on the disk
ADDRESS : 0x04363000
SIZE    : 100.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\HIDPARSE.SYS => Invisible on the disk
ADDRESS : 0x07DF1000
SIZE    : 36.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\usbccgp.sys => Invisible on the disk
ADDRESS : 0x0437C000
SIZE    : 116.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\mouhid.sys => Invisible on the disk
ADDRESS : 0x04664000
SIZE    : 52.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\kbdhid.sys => Invisible on the disk
ADDRESS : 0x04399000
SIZE    : 56.0 Ko

DRIVER  : C:\Windows\System32\win32k.sys => Invisible on the disk
ADDRESS : 0x000D0000
SIZE    : 3.09 Mo

DRIVER  : C:\Windows\System32\drivers\Dxapi.sys => Invisible on the disk
ADDRESS : 0x043A7000
SIZE    : 48.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\USBSTOR.SYS => Invisible on the disk
ADDRESS : 0x043B3000
SIZE    : 108.0 Ko

DRIVER  : C:\Windows\System32\Drivers\crashdmp.sys => Invisible on the disk
ADDRESS : 0x043CE000
SIZE    : 56.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\monitor.sys => Invisible on the disk
ADDRESS : 0x08000000
SIZE    : 56.0 Ko

DRIVER  : C:\Windows\System32\TSDDD.dll => Invisible on the disk
ADDRESS : 0x004B0000
SIZE    : 40.0 Ko

DRIVER  : C:\Windows\System32\cdd.dll => Invisible on the disk
ADDRESS : 0x007A0000
SIZE    : 156.0 Ko

DRIVER  : C:\Windows\system32\drivers\luafv.sys => Invisible on the disk
ADDRESS : 0x0800E000
SIZE    : 140.0 Ko

DRIVER  : C:\Windows\system32\drivers\aswMonFlt.sys => Invisible on the disk
ADDRESS : 0x043DC000
SIZE    : 136.0 Ko

DRIVER  : C:\Windows\System32\Drivers\aswFsBlk.SYS => Invisible on the disk
ADDRESS : 0x08031000
SIZE    : 36.0 Ko

DRIVER  : C:\Windows\system32\drivers\WudfPf.sys => Invisible on the disk
ADDRESS : 0x043FE000
SIZE    : 100.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\lltdio.sys => Invisible on the disk
ADDRESS : 0x04417000
SIZE    : 84.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\nwifi.sys => Invisible on the disk
ADDRESS : 0x0442C000
SIZE    : 332.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\ndisuio.sys => Invisible on the disk
ADDRESS : 0x0447F000
SIZE    : 76.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\rspndr.sys => Invisible on the disk
ADDRESS : 0x04492000
SIZE    : 96.0 Ko

DRIVER  : C:\Windows\system32\drivers\HTTP.sys => Invisible on the disk
ADDRESS : 0x044AA000
SIZE    : 804.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\bowser.sys => Invisible on the disk
ADDRESS : 0x04573000
SIZE    : 120.0 Ko

DRIVER  : C:\Windows\System32\drivers\mpsdrv.sys => Invisible on the disk
ADDRESS : 0x04591000
SIZE    : 96.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\mrxsmb.sys => Invisible on the disk
ADDRESS : 0x045A9000
SIZE    : 180.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\mrxsmb10.sys => Invisible on the disk
ADDRESS : 0x066E3000
SIZE    : 312.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\mrxsmb20.sys => Invisible on the disk
ADDRESS : 0x06731000
SIZE    : 144.0 Ko

DRIVER  : C:\Windows\system32\drivers\peauth.sys => Invisible on the disk
ADDRESS : 0x06755000
SIZE    : 664.0 Ko

DRIVER  : C:\Windows\System32\Drivers\secdrv.SYS => Invisible on the disk
ADDRESS : 0x06600000
SIZE    : 44.0 Ko

DRIVER  : C:\Windows\System32\DRIVERS\srvnet.sys => Invisible on the disk
ADDRESS : 0x0660B000
SIZE    : 196.0 Ko

DRIVER  : C:\Windows\System32\drivers\tcpipreg.sys => Invisible on the disk
ADDRESS : 0x0663C000
SIZE    : 72.0 Ko

DRIVER  : C:\Windows\System32\DRIVERS\srv2.sys => Invisible on the disk
ADDRESS : 0x0664E000
SIZE    : 420.0 Ko

DRIVER  : C:\Windows\System32\DRIVERS\srv.sys => Invisible on the disk
ADDRESS : 0x0A086000
SIZE    : 608.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\WUDFRd.sys => Invisible on the disk
ADDRESS : 0x0A11E000
SIZE    : 216.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\umpass.sys => Invisible on the disk
ADDRESS : 0x0A187000
SIZE    : 40.0 Ko

DRIVER  : C:\Windows\System32\smss.exe => Invisible on the disk
ADDRESS : 0x47940000
SIZE    : 128.0 Ko

Device\Harddisk0\DR0 => 7 MBR Code found in sector 1
Device\Harddisk0\DR0 => 7 MBR Code found in sector 2
Device\Harddisk0\DR0 => 7 MBR Code found in sector 3
SystemStartOptions :  NOEXECUTE=OPTIN

________________________________________________________________________________

_____FAKED   \Device\Harddisk0\DR0  

0x00000000   33 C0 8E D0 BC 00 7C 8E C0 8E D8 BE 00 7C BF 00   3À.м.|.À.ؾ.|¿.
0x00000010   06 B9 00 02 FC F3 A4 50 68 1C 06 CB FB B9 04 00   .¹..üó¤Ph..Ëû¹..
0x00000020   BD BE 07 80 7E 00 00 7C 0B 0F 85 0E 01 83 C5 10   ½¾..~..|......Å.
0x00000030   E2 F1 CD 18 88 56 00 55 C6 46 11 05 C6 46 10 00   âñÍ..V.UÆF..ÆF..
0x00000040   B4 41 BB AA 55 CD 13 5D 72 0F 81 FB 55 AA 75 09   ´A»ªUÍ.]r..ûUªu.
0x00000050   F7 C1 01 00 74 03 FE 46 10 66 60 80 7E 10 00 74   ÷Á..t.þF.f`.~..t
0x00000060   26 66 68 00 00 00 00 66 FF 76 08 68 00 00 68 00   &fh....f.v.h..h.
0x00000070   7C 68 01 00 68 10 00 B4 42 8A 56 00 8B F4 CD 13   |h..h..´B.V..ôÍ.
0x00000080   9F 83 C4 10 9E EB 14 B8 01 02 BB 00 7C 8A 56 00   ..Ä..ë.¸..».|.V.
0x00000090   8A 76 01 8A 4E 02 8A 6E 03 CD 13 66 61 73 1C FE   .v..N..n.Í.fas.þ
0x000000A0   4E 11 75 0C 80 7E 00 80 0F 84 8A 00 B2 80 EB 84   N.u..~......².ë.
0x000000B0   55 32 E4 8A 56 00 CD 13 5D EB 9E 81 3E FE 7D 55   U2ä.V.Í.]ë..>þ}U
0x000000C0   AA 75 6E FF 76 00 E8 8D 00 75 17 FA B0 D1 E6 64   ªun.v.è..u.ú°Ñæd
0x000000D0   E8 83 00 B0 DF E6 60 E8 7C 00 B0 FF E6 64 E8 75   è..°ßæ`è|.°.ædèu
0x000000E0   00 FB B8 00 BB CD 1A 66 23 C0 75 3B 66 81 FB 54   .û¸.»Í.f#Àu;f.ûT
0x000000F0   43 50 41 75 32 81 F9 02 01 72 2C 66 68 07 BB 00   CPAu2.ù..r,fh.».
0x00000100   00 66 68 00 02 00 00 66 68 08 00 00 00 66 53 66   .fh....fh....fSf
0x00000110   53 66 55 66 68 00 00 00 00 66 68 00 7C 00 00 66   SfUfh....fh.|..f
0x00000120   61 68 00 00 07 CD 1A 5A 32 F6 EA 00 7C 00 00 CD   ah...Í.Z2öê.|..Í
0x00000130   18 A0 B7 07 EB 08 A0 B6 07 EB 03 A0 B5 07 32 E4   ..·.ë..¶.ë..µ.2ä
0x00000140   05 00 07 8B F0 AC 3C 00 74 09 BB 07 00 B4 0E CD   ....ð¬<.t.»..´.Í
0x00000150   10 EB F2 F4 EB FD 2B C9 E4 64 EB 00 24 02 E0 F8   .ëòôëý+Éädë.$.àø
0x00000160   24 02 C3 49 6E 76 61 6C 69 64 20 70 61 72 74 69   $.ÃInvalid parti
0x00000170   74 69 6F 6E 20 74 61 62 6C 65 00 45 72 72 6F 72   tion table.Error
0x00000180   20 6C 6F 61 64 69 6E 67 20 6F 70 65 72 61 74 69    loading operati
0x00000190   6E 67 20 73 79 73 74 65 6D 00 4D 69 73 73 69 6E   ng system.Missin
0x000001A0   67 20 6F 70 65 72 61 74 69 6E 67 20 73 79 73 74   g operating syst
0x000001B0   65 6D 00 00 00 63 7B 9A EB 3C 2C 1D 00 00 80 FE   em...c{.ë<,....þ
0x000001C0   FF FF 07 FE FF FF 00 68 3A 0C 00 60 09 00 00 00   ...þ...h:..`....
0x000001D0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000001E0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000001F0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 55 AA   ..............Uª

__ORIGINAL   \Device\Harddisk0\DR0  

0x00000000   33 C0 8E D0 BC 00 7C 8E C0 8E D8 BE 00 7C BF 00   3À.м.|.À.ؾ.|¿.
0x00000010   06 B9 00 02 FC F3 A4 50 68 1C 06 CB FB B9 04 00   .¹..üó¤Ph..Ëû¹..
0x00000020   BD BE 07 80 7E 00 00 7C 0B 0F 85 0E 01 83 C5 10   ½¾..~..|......Å.
0x00000030   E2 F1 CD 18 88 56 00 55 C6 46 11 05 C6 46 10 00   âñÍ..V.UÆF..ÆF..
0x00000040   B4 41 BB AA 55 CD 13 5D 72 0F 81 FB 55 AA 75 09   ´A»ªUÍ.]r..ûUªu.
0x00000050   F7 C1 01 00 74 03 FE 46 10 66 60 80 7E 10 00 74   ÷Á..t.þF.f`.~..t
0x00000060   26 66 68 00 00 00 00 66 FF 76 08 68 00 00 68 00   &fh....f.v.h..h.
0x00000070   7C 68 01 00 68 10 00 B4 42 8A 56 00 8B F4 CD 13   |h..h..´B.V..ôÍ.
0x00000080   9F 83 C4 10 9E EB 14 B8 01 02 BB 00 7C 8A 56 00   ..Ä..ë.¸..».|.V.
0x00000090   8A 76 01 8A 4E 02 8A 6E 03 CD 13 66 61 73 1C FE   .v..N..n.Í.fas.þ
0x000000A0   4E 11 75 0C 80 7E 00 80 0F 84 8A 00 B2 80 EB 84   N.u..~......².ë.
0x000000B0   55 32 E4 8A 56 00 CD 13 5D EB 9E 81 3E FE 7D 55   U2ä.V.Í.]ë..>þ}U
0x000000C0   AA 75 6E FF 76 00 E8 8D 00 75 17 FA B0 D1 E6 64   ªun.v.è..u.ú°Ñæd
0x000000D0   E8 83 00 B0 DF E6 60 E8 7C 00 B0 FF E6 64 E8 75   è..°ßæ`è|.°.ædèu
0x000000E0   00 FB B8 00 BB CD 1A 66 23 C0 75 3B 66 81 FB 54   .û¸.»Í.f#Àu;f.ûT
0x000000F0   43 50 41 75 32 81 F9 02 01 72 2C 66 68 07 BB 00   CPAu2.ù..r,fh.».
0x00000100   00 66 68 00 02 00 00 66 68 08 00 00 00 66 53 66   .fh....fh....fSf
0x00000110   53 66 55 66 68 00 00 00 00 66 68 00 7C 00 00 66   SfUfh....fh.|..f
0x00000120   61 68 00 00 07 CD 1A 5A 32 F6 EA 00 7C 00 00 CD   ah...Í.Z2öê.|..Í
0x00000130   18 A0 B7 07 EB 08 A0 B6 07 EB 03 A0 B5 07 32 E4   ..·.ë..¶.ë..µ.2ä
0x00000140   05 00 07 8B F0 AC 3C 00 74 09 BB 07 00 B4 0E CD   ....ð¬<.t.»..´.Í
0x00000150   10 EB F2 F4 EB FD 2B C9 E4 64 EB 00 24 02 E0 F8   .ëòôëý+Éädë.$.àø
0x00000160   24 02 C3 49 6E 76 61 6C 69 64 20 70 61 72 74 69   $.ÃInvalid parti
0x00000170   74 69 6F 6E 20 74 61 62 6C 65 00 45 72 72 6F 72   tion table.Error
0x00000180   20 6C 6F 61 64 69 6E 67 20 6F 70 65 72 61 74 69    loading operati
0x00000190   6E 67 20 73 79 73 74 65 6D 00 4D 69 73 73 69 6E   ng system.Missin
0x000001A0   67 20 6F 70 65 72 61 74 69 6E 67 20 73 79 73 74   g operating syst
0x000001B0   65 6D 00 00 00 63 7B 9A CD 3C 2C 1D 00 00 80 20   em...c{.Í<,.... 
0x000001C0   21 00 07 DF 13 0C 00 08 00 00 00 20 03 00 00 DF   !..ß....... ...ß
0x000001D0   14 0C 07 FE FF FF 00 28 03 00 00 88 5E 72 00 FE   ...þ...(....^r.þ
0x000001E0   FF FF 07 FE FF FF 00 B0 61 72 00 90 0B 02 00 FE   ...þ...°ar.....þ
0x000001F0   FF FF 27 FE FF FF 00 40 6D 74 00 20 03 00 55 AA   ..'þ...@mt. ..Uª

__________________________16_BIT_ASM_CODE
   
0x0000    33c0            XOR AX, AX   
0x0002    8ed0            MOV SS, AX   
0x0004    bc 007c         MOV SP, 0x7c00   
0x0007    8ec0            MOV ES, AX   
0x0009    8ed8            MOV DS, AX   
0x000B    be 007c         MOV SI, 0x7c00   
0x000E    bf 0006         MOV DI, 0x600   
0x0011    b9 0002         MOV CX, 0x200   
0x0014    fc              CLD   
0x0015    f3 a4           REP MOVSB   
0x0017    50              PUSH AX   
0x0018    68 1c06         PUSH 0x61c   
0x001B    cb              RETF   
0x001C    fb              STI   
0x001D    b9 0400         MOV CX, 0x4   
0x0020    bd be07         MOV BP, 0x7be   
0x0023    807e 00 00      CMP BYTE [BP+0x0], 0x0   
0x0027    7c 0b           JL 0x34   
0x0029    0f85 0e01       JNZ 0x13b   
0x002D    83c5 10         ADD BP, 0x10   
0x0030    e2 f1           LOOP 0x23   
0x0032    cd 18           INT 0x18   
0x0034    8856 00         MOV [BP+0x0], DL   
0x0037    55              PUSH BP   
0x0038    c646 11 05      MOV BYTE [BP+0x11], 0x5   
0x003C    c646 10 00      MOV BYTE [BP+0x10], 0x0   
0x0040    b4 41           MOV AH, 0x41   
0x0042    bb aa55         MOV BX, 0x55aa   
0x0045    cd 13           INT 0x13   
0x0047    5d              POP BP   
0x0048    72 0f           JB 0x59   
0x004A    81fb 55aa       CMP BX, 0xaa55   
0x004E    75 09           JNZ 0x59   
0x0050    f7c1 0100       TEST CX, 0x1   
0x0054    74 03           JZ 0x59   
0x0056    fe46 10         INC BYTE [BP+0x10]   
0x0059    66 60           PUSHAD   
0x005B    807e 10 00      CMP BYTE [BP+0x10], 0x0   
0x005F    74 26           JZ 0x87   
0x0061    66 68 00000000  PUSH 0x0   
0x0067    66 ff76 08      PUSH DWORD [BP+0x8]   
0x006B    68 0000         PUSH 0x0   
0x006E    68 007c         PUSH 0x7c00   
0x0071    68 0100         PUSH 0x1   
0x0074    68 1000         PUSH 0x10   
0x0077    b4 42           MOV AH, 0x42   
0x0079    8a56 00         MOV DL, [BP+0x0]   
0x007C    8bf4            MOV SI, SP   
0x007E    cd 13           INT 0x13   
0x0080    9f              LAHF   
0x0081    83c4 10         ADD SP, 0x10   
0x0084    9e              SAHF   
0x0085    eb 14           JMP 0x9b   
0x0087    b8 0102         MOV AX, 0x201   
0x008A    bb 007c         MOV BX, 0x7c00   
0x008D    8a56 00         MOV DL, [BP+0x0]   
0x0090    8a76 01         MOV DH, [BP+0x1]   
0x0093    8a4e 02         MOV CL, [BP+0x2]   
0x0096    8a6e 03         MOV CH, [BP+0x3]   
0x0099    cd 13           INT 0x13   
0x009B    66 61           POPAD   
0x009D    73 1c           JAE 0xbb   
0x009F    fe4e 11         DEC BYTE [BP+0x11]   
0x00A2    75 0c           JNZ 0xb0   
0x00A4    807e 00 80      CMP BYTE [BP+0x0], 0x80   
0x00A8    0f84 8a00       JZ 0x136   
0x00AC    b2 80           MOV DL, 0x80   
0x00AE    eb 84           JMP 0x34   
0x00B0    55              PUSH BP   
0x00B1    32e4            XOR AH, AH   
0x00B3    8a56 00         MOV DL, [BP+0x0]   
0x00B6    cd 13           INT 0x13   
0x00B8    5d              POP BP   
0x00B9    eb 9e           JMP 0x59   
0x00BB    813e fe7d 55aa  CMP WORD [0x7dfe], 0xaa55   
0x00C1    75 6e           JNZ 0x131   
0x00C3    ff76 00         PUSH WORD [BP+0x0]   
0x00C6    e8 8d00         CALL 0x156   
0x00C9    75 17           JNZ 0xe2   
0x00CB    fa              CLI   
0x00CC    b0 d1           MOV AL, 0xd1   
0x00CE    e6 64           OUT 0x64, AL   
0x00D0    e8 8300         CALL 0x156   
0x00D3    b0 df           MOV AL, 0xdf   
0x00D5    e6 60           OUT 0x60, AL   
0x00D7    e8 7c00         CALL 0x156   
0x00DA    b0 ff           MOV AL, 0xff   
0x00DC    e6 64           OUT 0x64, AL   
0x00DE    e8 7500         CALL 0x156   
0x00E1    fb              STI   
0x00E2    b8 00bb         MOV AX, 0xbb00   
0x00E5    cd 1a           INT 0x1a   
0x00E7    66 23c0         AND EAX, EAX   
0x00EA    75 3b           JNZ 0x127   
0x00EC    66 81fb 54435041CMP EBX, 0x41504354   
0x00F3    75 32           JNZ 0x127   
0x00F5    81f9 0201       CMP CX, 0x102   
0x00F9    72 2c           JB 0x127   
0x00FB    66 68 07bb0000  PUSH 0xbb07   
0x0101    66 68 00020000  PUSH 0x200   
0x0107    66 68 08000000  PUSH 0x8   
0x010D    66 53           PUSH EBX   
0x010F    66 53           PUSH EBX   
0x0111    66 55           PUSH EBP   
0x0113    66 68 00000000  PUSH 0x0   
0x0119    66 68 007c0000  PUSH 0x7c00   
0x011F    66 61           POPAD   
0x0121    68 0000         PUSH 0x0   
0x0124    07              POP ES   
0x0125    cd 1a           INT 0x1a   
0x0127    5a              POP DX   
0x0128    32f6            XOR DH, DH   
0x012A    ea 007c 0000    JMP FAR 0x0:0x7c00   
0x012F    cd 18           INT 0x18   
0x0131    a0 b707         MOV AL, [0x7b7]   
0x0134    eb 08           JMP 0x13e   
0x0136    a0 b607         MOV AL, [0x7b6]   
0x0139    eb 03           JMP 0x13e   
0x013B    a0 b507         MOV AL, [0x7b5]   
0x013E    32e4            XOR AH, AH   
0x0140    05 0007         ADD AX, 0x700   
0x0143    8bf0            MOV SI, AX   
0x0145    ac              LODSB   
0x0146    3c 00           CMP AL, 0x0   
0x0148    74 09           JZ 0x153   
0x014A    bb 0700         MOV BX, 0x7   
0x014D    b4 0e           MOV AH, 0xe   
0x014F    cd 10           INT 0x10   
0x0151    eb f2           JMP 0x145   
0x0153    f4              HLT   
0x0154    eb fd           JMP 0x153   
0x0156    2bc9            SUB CX, CX   
0x0158    e4 64           IN AL, 0x64   
0x015A    eb 00           JMP 0x15c   
0x015C    24 02           AND AL, 0x2   
0x015E    e0 f8           LOOPNZ 0x158   
0x0160    24 02           AND AL, 0x2   
0x0162    c3              RET   
0x0163    49              DEC CX   
0x0164    6e              OUTSB   
0x0165    76 61           JBE 0x1c8   
0x0167    6c              INSB   
0x0168    6964 20 7061    IMUL SP, [SI+0x20], 0x6170   
0x016D    72 74           JB 0x1e3   
0x016F    6974 69 6f6e    IMUL SI, [SI+0x69], 0x6e6f   
0x0174    2074 61         AND [SI+0x61], DH   
0x0177    626c 65         BOUND BP, [SI+0x65]   
0x017A    0045 72         ADD [DI+0x72], AL   
0x017D    72 6f           JB 0x1ee   
0x017F    72 20           JB 0x1a1   
0x0181    6c              INSB   
0x0182    6f              OUTSW   
0x0183    61              POPA   
0x0184    64 696e 67 206f IMUL BP, FS:[BP+0x67], 0x6f20   
0x018A    70 65           JO 0x1f1   
0x018C    72 61           JB 0x1ef   
0x018E    74 69           JZ 0x1f9   
0x0190    6e              OUTSB   
0x0191    67 2073 79      AND [EBX+0x79], DH   
0x0195    73 74           JAE 0x20b   
0x0197    65 6d           INS WORD GS:[DI], DX   
0x0199    004d 69         ADD [DI+0x69], CL   
0x019C    73 73           JAE 0x211   
0x019E    696e 67 206f    IMUL BP, [BP+0x67], 0x6f20   
0x01A3    70 65           JO 0x20a   
0x01A5    72 61           JB 0x208   
0x01A7    74 69           JZ 0x212   
0x01A9    6e              OUTSB   
0x01AA    67 2073 79      AND [EBX+0x79], DH   
0x01AE    73 74           JAE 0x224   
0x01B0    65 6d           INS WORD GS:[DI], DX   
0x01B2    0000            ADD [BX+SI], AL   
0x01B4    0063 7b         ADD [BP+DI+0x7b], AH   
0x01B7    9a eb3c 2c1d    CALL FAR 0x1d2c:0x3ceb   
0x01BC    0000            ADD [BX+SI], AL   
0x01BE    80fe ff         CMP DH, 0xff   
0x01C1    ff07            INC WORD [BX]   
0x01C3    fe              DB 0xfe   
0x01C4    ff              DB 0xff   
0x01C5    ff00            INC WORD [BX+SI]   
0x01C7    68 3a0c         PUSH 0xc3a   
0x01CA    0060 09         ADD [BX+SI+0x9], AH   
0x01CD    0000            ADD [BX+SI], AL   
0x01CF    0000            ADD [BX+SI], AL   
0x01D1    0000            ADD [BX+SI], AL   
0x01D3    0000            ADD [BX+SI], AL   
0x01D5    0000            ADD [BX+SI], AL   
0x01D7    0000            ADD [BX+SI], AL   
0x01D9    0000            ADD [BX+SI], AL   
0x01DB    0000            ADD [BX+SI], AL   
0x01DD    0000            ADD [BX+SI], AL   
0x01DF    0000            ADD [BX+SI], AL   
0x01E1    0000            ADD [BX+SI], AL   
0x01E3    0000            ADD [BX+SI], AL   
0x01E5    0000            ADD [BX+SI], AL   
0x01E7    0000            ADD [BX+SI], AL   
0x01E9    0000            ADD [BX+SI], AL   
0x01EB    0000            ADD [BX+SI], AL   
0x01ED    0000            ADD [BX+SI], AL   
0x01EF    0000            ADD [BX+SI], AL   
0x01F1    0000            ADD [BX+SI], AL   
0x01F3    0000            ADD [BX+SI], AL   
0x01F5    0000            ADD [BX+SI], AL   
0x01F7    0000            ADD [BX+SI], AL   
0x01F9    0000            ADD [BX+SI], AL   
0x01FB    0000            ADD [BX+SI], AL   
0x01FD    0055 aa         ADD [DI-0x56], DL
Akorád ten poslední bod jsem nějak nepochopil :D

Jen dodám, že PC je doma cca týden. Je komplet nový.
Nahoru
Uživatelský avatar
Armyt
Návštěvník
Návštěvník
Příspěvky: 21
Registrován: 12 led 2013 14:33
Bydliště: Liberec

Re: Samovolné padání programů do lišty Win 7

#3 Příspěvek od Armyt »

Co přesně z té stránky mám sem dát? :???:
Nahoru
Uživatelský avatar
Armyt
Návštěvník
Návštěvník
Příspěvky: 21
Registrován: 12 led 2013 14:33
Bydliště: Liberec

Re: Samovolné padání programů do lišty Win 7

#4 Příspěvek od Armyt »

https://www.virustotal.com/file/27b1ef3 ... 358000103/ - Dump_Hdd0_DR0.mbr
https://www.virustotal.com/file/0f8bd6e ... 358000207/ - Dump_Hdd0_DR0.old
Nahoru
Uživatelský avatar
Armyt
Návštěvník
Návštěvník
Příspěvky: 21
Registrován: 12 led 2013 14:33
Bydliště: Liberec

Re: Samovolné padání programů do lišty Win 7

#5 Příspěvek od Armyt »

Napsal: Nebyla nalezena žádná rizika

Chceš sem třeba protokol či tak něco? :)
Nahoru
Uživatelský avatar
Armyt
Návštěvník
Návštěvník
Příspěvky: 21
Registrován: 12 led 2013 14:33
Bydliště: Liberec

Re: Samovolné padání programů do lišty Win 7

#6 Příspěvek od Armyt »

PC je sestava. Tak jak je, tak jsem jí koupil.

U TDSSKillera se mi žádné okno neobjevilo.
Přikládám log.
15:49:16.0880 4776 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
15:49:17.0326 4776 ============================================================
15:49:17.0326 4776 Current date / time: 2013/01/12 15:49:17.0326
15:49:17.0326 4776 SystemInfo:
15:49:17.0326 4776
15:49:17.0326 4776 OS Version: 6.1.7601 ServicePack: 1.0
15:49:17.0326 4776 Product type: Workstation
15:49:17.0327 4776 ComputerName: ARMYT-PC
15:49:17.0327 4776 UserName: Armyt
15:49:17.0327 4776 Windows directory: C:\Windows
15:49:17.0327 4776 System windows directory: C:\Windows
15:49:17.0327 4776 Running under WOW64
15:49:17.0327 4776 Processor architecture: Intel x64
15:49:17.0327 4776 Number of processors: 4
15:49:17.0327 4776 Page size: 0x1000
15:49:17.0327 4776 Boot type: Normal boot
15:49:17.0327 4776 ============================================================
15:49:17.0560 4776 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:49:17.0577 4776 ============================================================
15:49:17.0577 4776 \Device\Harddisk0\DR0:
15:49:17.0577 4776 MBR partitions:
15:49:17.0577 4776 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
15:49:17.0577 4776 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x725E8800
15:49:17.0577 4776 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x7261B000, BlocksNum 0x20B9000
15:49:17.0577 4776 ============================================================
15:49:17.0641 4776 C: <-> \Device\Harddisk0\DR0\Partition2
15:49:17.0675 4776 D: <-> \Device\Harddisk0\DR0\Partition3
15:49:17.0675 4776 ============================================================
15:49:17.0675 4776 Initialize success
15:49:17.0675 4776 ============================================================
15:49:35.0582 3904 ============================================================
15:49:35.0582 3904 Scan started
15:49:35.0582 3904 Mode: Manual; SigCheck; TDLFS;
15:49:35.0582 3904 ============================================================
15:49:35.0756 3904 ================ Scan system memory ========================
15:49:35.0756 3904 System memory - ok
15:49:35.0756 3904 ================ Scan services =============================
15:49:35.0843 3904 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
15:49:35.0899 3904 1394ohci - ok
15:49:35.0920 3904 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
15:49:35.0930 3904 ACPI - ok
15:49:35.0947 3904 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
15:49:35.0957 3904 AcpiPmi - ok
15:49:36.0005 3904 [ 424877CB9D5517F980FF7BACA2EB379D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
15:49:36.0023 3904 AdobeFlashPlayerUpdateSvc - ok
15:49:36.0050 3904 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
15:49:36.0060 3904 adp94xx - ok
15:49:36.0077 3904 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
15:49:36.0087 3904 adpahci - ok
15:49:36.0103 3904 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
15:49:36.0111 3904 adpu320 - ok
15:49:36.0132 3904 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
15:49:36.0154 3904 AeLookupSvc - ok
15:49:36.0179 3904 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
15:49:36.0190 3904 AFD - ok
15:49:36.0212 3904 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
15:49:36.0219 3904 agp440 - ok
15:49:36.0222 3904 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
15:49:36.0231 3904 ALG - ok
15:49:36.0247 3904 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
15:49:36.0254 3904 aliide - ok
15:49:36.0271 3904 [ D7C896249AB4B8C0490D59BB93D2285E ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
15:49:36.0283 3904 AMD External Events Utility - ok
15:49:36.0295 3904 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
15:49:36.0302 3904 amdide - ok
15:49:36.0313 3904 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
15:49:36.0322 3904 AmdK8 - ok
15:49:36.0461 3904 [ CFE8D738DED1F00F4DB3D847DF58EC54 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
15:49:36.0534 3904 amdkmdag - ok
15:49:36.0554 3904 [ A9FBCDA80D72CFEE4471FA1F79C70BE1 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
15:49:36.0566 3904 amdkmdap - ok
15:49:36.0574 3904 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
15:49:36.0583 3904 AmdPPM - ok
15:49:36.0592 3904 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
15:49:36.0599 3904 amdsata - ok
15:49:36.0613 3904 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
15:49:36.0621 3904 amdsbs - ok
15:49:36.0633 3904 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
15:49:36.0640 3904 amdxata - ok
15:49:36.0651 3904 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
15:49:36.0671 3904 AppID - ok
15:49:36.0691 3904 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
15:49:36.0712 3904 AppIDSvc - ok
15:49:36.0715 3904 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
15:49:36.0735 3904 Appinfo - ok
15:49:36.0738 3904 [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt C:\Windows\System32\appmgmts.dll
15:49:36.0783 3904 AppMgmt - ok
15:49:36.0785 3904 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
15:49:36.0793 3904 arc - ok
15:49:36.0795 3904 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
15:49:36.0803 3904 arcsas - ok
15:49:36.0889 3904 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
15:49:36.0898 3904 aspnet_state - ok
15:49:36.0916 3904 [ 4FCAEF0C5BE7629AEB878998E0FE959B ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
15:49:36.0930 3904 aswFsBlk - ok
15:49:36.0974 3904 [ 9FFC732E12FF53E05FE9E02C8C00CE87 ] aswFW C:\Windows\system32\drivers\aswFW.sys
15:49:36.0990 3904 aswFW - ok
15:49:37.0011 3904 [ 6B91E6D483AADB3FC4E13E2355200611 ] aswKbd C:\Windows\system32\drivers\aswKbd.sys
15:49:37.0021 3904 aswKbd - ok
15:49:37.0040 3904 [ B50CDD87772D6A11CB90924AAD399DF8 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
15:49:37.0050 3904 aswMonFlt - ok
15:49:37.0062 3904 [ 518B8D447A1975AB46DA093A2E743256 ] aswNdis C:\Windows\system32\DRIVERS\aswNdis.sys
15:49:37.0071 3904 aswNdis - ok
15:49:37.0079 3904 [ 5A832BBB1B563B6B3FDA46239B630037 ] aswNdis2 C:\Windows\system32\drivers\aswNdis2.sys
15:49:37.0092 3904 aswNdis2 - ok
15:49:37.0126 3904 [ 57768C7DB4681F2510F247F82EF31D4F ] aswRdr C:\Windows\System32\Drivers\aswrdr2.sys
15:49:37.0136 3904 aswRdr - ok
15:49:37.0153 3904 [ E71D826A1F3CE9C9DE3E77F2D02AFFBF ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
15:49:37.0174 3904 aswSnx - ok
15:49:37.0188 3904 [ 538A32E2C99BF073D4CA76C30BEDAA60 ] aswSP C:\Windows\system32\drivers\aswSP.sys
15:49:37.0197 3904 aswSP - ok
15:49:37.0205 3904 [ 6EDC79D73745FD44C41B55B2D13D0B70 ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
15:49:37.0212 3904 aswTdi - ok
15:49:37.0218 3904 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
15:49:37.0238 3904 AsyncMac - ok
15:49:37.0240 3904 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
15:49:37.0247 3904 atapi - ok
15:49:37.0260 3904 [ 24464B908E143D2561E9E452FEE97309 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
15:49:37.0266 3904 AtiHDAudioService - ok
15:49:37.0278 3904 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:49:37.0301 3904 AudioEndpointBuilder - ok
15:49:37.0311 3904 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
15:49:37.0334 3904 AudioSrv - ok
15:49:37.0375 3904 [ 8FA553E9AE69808D99C164733A0F9590 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
15:49:37.0382 3904 avast! Antivirus - ok
15:49:37.0400 3904 [ BC0E07A768A0A14C48E3CE1875F2C377 ] avast! Firewall C:\Program Files\AVAST Software\Avast\afwServ.exe
15:49:37.0408 3904 avast! Firewall - ok
15:49:37.0420 3904 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
15:49:37.0432 3904 AxInstSV - ok
15:49:37.0450 3904 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
15:49:37.0461 3904 b06bdrv - ok
15:49:37.0484 3904 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
15:49:37.0494 3904 b57nd60a - ok
15:49:37.0504 3904 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
15:49:37.0512 3904 BDESVC - ok
15:49:37.0518 3904 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
15:49:37.0538 3904 Beep - ok
15:49:37.0546 3904 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
15:49:37.0570 3904 BFE - ok
15:49:37.0594 3904 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
15:49:37.0620 3904 BITS - ok
15:49:37.0630 3904 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
15:49:37.0639 3904 blbdrive - ok
15:49:37.0656 3904 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
15:49:37.0664 3904 bowser - ok
15:49:37.0666 3904 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
15:49:37.0676 3904 BrFiltLo - ok
15:49:37.0689 3904 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
15:49:37.0699 3904 BrFiltUp - ok
15:49:37.0718 3904 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
15:49:37.0727 3904 Browser - ok
15:49:37.0737 3904 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
15:49:37.0747 3904 Brserid - ok
15:49:37.0754 3904 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
15:49:37.0764 3904 BrSerWdm - ok
15:49:37.0783 3904 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
15:49:37.0792 3904 BrUsbMdm - ok
15:49:37.0794 3904 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
15:49:37.0803 3904 BrUsbSer - ok
15:49:37.0814 3904 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
15:49:37.0824 3904 BTHMODEM - ok
15:49:37.0827 3904 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
15:49:37.0848 3904 bthserv - ok
15:49:37.0863 3904 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
15:49:37.0884 3904 cdfs - ok
15:49:37.0894 3904 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
15:49:37.0903 3904 cdrom - ok
15:49:37.0909 3904 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
15:49:37.0929 3904 CertPropSvc - ok
15:49:37.0940 3904 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
15:49:37.0950 3904 circlass - ok
15:49:37.0966 3904 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
15:49:37.0976 3904 CLFS - ok
15:49:38.0014 3904 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:49:38.0028 3904 clr_optimization_v2.0.50727_32 - ok
15:49:38.0045 3904 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:49:38.0054 3904 clr_optimization_v2.0.50727_64 - ok
15:49:38.0074 3904 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:49:38.0086 3904 clr_optimization_v4.0.30319_32 - ok
15:49:38.0109 3904 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:49:38.0120 3904 clr_optimization_v4.0.30319_64 - ok
15:49:38.0134 3904 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
15:49:38.0147 3904 CmBatt - ok
15:49:38.0180 3904 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
15:49:38.0191 3904 cmdide - ok
15:49:38.0239 3904 [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG C:\Windows\system32\Drivers\cng.sys
15:49:38.0266 3904 CNG - ok
15:49:38.0276 3904 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
15:49:38.0286 3904 Compbatt - ok
15:49:38.0288 3904 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
15:49:38.0297 3904 CompositeBus - ok
15:49:38.0299 3904 COMSysApp - ok
15:49:38.0305 3904 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
15:49:38.0312 3904 crcdisk - ok
15:49:38.0330 3904 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
15:49:38.0339 3904 CryptSvc - ok
15:49:38.0352 3904 [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC C:\Windows\system32\drivers\csc.sys
15:49:38.0363 3904 CSC - ok
15:49:38.0384 3904 [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService C:\Windows\System32\cscsvc.dll
15:49:38.0396 3904 CscService - ok
15:49:38.0419 3904 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
15:49:38.0443 3904 DcomLaunch - ok
15:49:38.0461 3904 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
15:49:38.0484 3904 defragsvc - ok
15:49:38.0486 3904 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
15:49:38.0507 3904 DfsC - ok
15:49:38.0511 3904 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
15:49:38.0521 3904 Dhcp - ok
15:49:38.0523 3904 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
15:49:38.0544 3904 discache - ok
15:49:38.0551 3904 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
15:49:38.0559 3904 Disk - ok
15:49:38.0570 3904 [ 5DB085A8A6600BE6401F2B24EECB5415 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
15:49:38.0579 3904 dmvsc - ok
15:49:38.0595 3904 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
15:49:38.0605 3904 Dnscache - ok
15:49:38.0619 3904 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
15:49:38.0641 3904 dot3svc - ok
15:49:38.0644 3904 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
15:49:38.0665 3904 DPS - ok
15:49:38.0676 3904 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
15:49:38.0685 3904 drmkaud - ok
15:49:38.0706 3904 [ 46571ED73AE84469DCA53081D33CF3C8 ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
15:49:38.0715 3904 dtsoftbus01 - ok
15:49:38.0722 3904 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
15:49:38.0736 3904 DXGKrnl - ok
15:49:38.0744 3904 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
15:49:38.0767 3904 EapHost - ok
15:49:38.0802 3904 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
15:49:38.0829 3904 ebdrv - ok
15:49:38.0847 3904 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
15:49:38.0856 3904 EFS - ok
15:49:38.0895 3904 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
15:49:38.0917 3904 ehRecvr - ok
15:49:38.0927 3904 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
15:49:38.0936 3904 ehSched - ok
15:49:38.0948 3904 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
15:49:38.0959 3904 elxstor - ok
15:49:38.0968 3904 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
15:49:38.0976 3904 ErrDev - ok
15:49:39.0001 3904 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
15:49:39.0025 3904 EventSystem - ok
15:49:39.0041 3904 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
15:49:39.0063 3904 exfat - ok
15:49:39.0066 3904 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
15:49:39.0088 3904 fastfat - ok
15:49:39.0101 3904 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
15:49:39.0113 3904 Fax - ok
15:49:39.0132 3904 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
15:49:39.0140 3904 fdc - ok
15:49:39.0151 3904 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
15:49:39.0173 3904 fdPHost - ok
15:49:39.0175 3904 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
15:49:39.0196 3904 FDResPub - ok
15:49:39.0207 3904 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
15:49:39.0214 3904 FileInfo - ok
15:49:39.0216 3904 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
15:49:39.0237 3904 Filetrace - ok
15:49:39.0247 3904 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
15:49:39.0255 3904 flpydisk - ok
15:49:39.0263 3904 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
15:49:39.0272 3904 FltMgr - ok
15:49:39.0296 3904 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
15:49:39.0310 3904 FontCache - ok
15:49:39.0342 3904 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:49:39.0348 3904 FontCache3.0.0.0 - ok
15:49:39.0350 3904 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
15:49:39.0358 3904 FsDepends - ok
15:49:39.0363 3904 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
15:49:39.0370 3904 Fs_Rec - ok
15:49:39.0373 3904 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
15:49:39.0383 3904 fvevol - ok
15:49:39.0391 3904 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
15:49:39.0398 3904 gagp30kx - ok
15:49:39.0436 3904 [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
15:49:39.0443 3904 GamesAppService - ok
15:49:39.0481 3904 GGSAFERDriver - ok
15:49:39.0496 3904 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
15:49:39.0536 3904 gpsvc - ok
15:49:39.0545 3904 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
15:49:39.0553 3904 hcw85cir - ok
15:49:39.0564 3904 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
15:49:39.0576 3904 HdAudAddService - ok
15:49:39.0589 3904 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
15:49:39.0600 3904 HDAudBus - ok
15:49:39.0612 3904 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
15:49:39.0620 3904 HidBatt - ok
15:49:39.0631 3904 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
15:49:39.0641 3904 HidBth - ok
15:49:39.0652 3904 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
15:49:39.0662 3904 HidIr - ok
15:49:39.0664 3904 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
15:49:39.0685 3904 hidserv - ok
15:49:39.0687 3904 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
15:49:39.0695 3904 HidUsb - ok
15:49:39.0701 3904 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
15:49:39.0722 3904 hkmsvc - ok
15:49:39.0730 3904 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:49:39.0740 3904 HomeGroupListener - ok
15:49:39.0757 3904 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:49:39.0767 3904 HomeGroupProvider - ok
15:49:39.0805 3904 [ 13BB1114451C63BFB41BA7DAA4D70A29 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
15:49:39.0812 3904 HP Support Assistant Service - ok
15:49:39.0832 3904 [ 7B8C1B09C11E8DB7C4480ABD7D17E821 ] HPAuto C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe
15:49:39.0843 3904 HPAuto - ok
15:49:39.0867 3904 [ BCC4A8B2E2E902F52E7F2E7D8E125765 ] HPDrvMntSvc.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
15:49:39.0874 3904 HPDrvMntSvc.exe - ok
15:49:39.0891 3904 [ EC9739A46F1F83C6E52A7A4697F44A65 ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
15:49:39.0902 3904 hpqwmiex - ok
15:49:39.0913 3904 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
15:49:39.0920 3904 HpSAMD - ok
15:49:39.0926 3904 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
15:49:39.0950 3904 HTTP - ok
15:49:39.0952 3904 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
15:49:39.0959 3904 hwpolicy - ok
15:49:39.0978 3904 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
15:49:39.0987 3904 i8042prt - ok
15:49:40.0000 3904 [ C224331A54571C8C9162F7714400BBBD ] iaStor C:\Windows\system32\drivers\iaStor.sys
15:49:40.0011 3904 iaStor - ok
15:49:40.0022 3904 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
15:49:40.0032 3904 iaStorV - ok
15:49:40.0060 3904 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:49:40.0073 3904 idsvc - ok
15:49:40.0147 3904 [ A87261EF1546325B559374F5689CF5BC ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
15:49:40.0191 3904 igfx - ok
15:49:40.0204 3904 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
15:49:40.0211 3904 iirsp - ok
15:49:40.0230 3904 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
15:49:40.0255 3904 IKEEXT - ok
15:49:40.0268 3904 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
15:49:40.0276 3904 intelide - ok
15:49:40.0291 3904 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\drivers\intelppm.sys
15:49:40.0300 3904 intelppm - ok
15:49:40.0302 3904 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
15:49:40.0323 3904 IPBusEnum - ok
15:49:40.0339 3904 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:49:40.0360 3904 IpFilterDriver - ok
15:49:40.0377 3904 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
15:49:40.0389 3904 iphlpsvc - ok
15:49:40.0396 3904 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
15:49:40.0404 3904 IPMIDRV - ok
15:49:40.0407 3904 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
15:49:40.0428 3904 IPNAT - ok
15:49:40.0430 3904 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
15:49:40.0441 3904 IRENUM - ok
15:49:40.0451 3904 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
15:49:40.0457 3904 isapnp - ok
15:49:40.0464 3904 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
15:49:40.0472 3904 iScsiPrt - ok
15:49:40.0482 3904 [ DC0DBA5164F657DE2AE94B9D1FF75DA4 ] iusb3hcs C:\Windows\system32\drivers\iusb3hcs.sys
15:49:40.0488 3904 iusb3hcs - ok
15:49:40.0500 3904 [ BA4F3A70F03584E5B907DA815677727D ] iusb3hub C:\Windows\system32\drivers\iusb3hub.sys
15:49:40.0508 3904 iusb3hub - ok
15:49:40.0523 3904 [ E6130F70D61867C7EFC13A2F808EDC58 ] iusb3xhc C:\Windows\system32\drivers\iusb3xhc.sys
15:49:40.0535 3904 iusb3xhc - ok
15:49:40.0553 3904 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
15:49:40.0560 3904 kbdclass - ok
15:49:40.0579 3904 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
15:49:40.0587 3904 kbdhid - ok
15:49:40.0596 3904 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
15:49:40.0605 3904 KeyIso - ok
15:49:40.0612 3904 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
15:49:40.0620 3904 KSecDD - ok
15:49:40.0659 3904 [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
15:49:40.0676 3904 KSecPkg - ok
15:49:40.0680 3904 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
15:49:40.0705 3904 ksthunk - ok
15:49:40.0728 3904 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
15:49:40.0752 3904 KtmRm - ok
15:49:40.0790 3904 [ 320F16CA30BC0B8FF59F6C9E1ACD8516 ] L1C C:\Windows\system32\DRIVERS\L1C62x64.sys
15:49:40.0798 3904 L1C - ok
15:49:40.0808 3904 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
15:49:40.0831 3904 LanmanServer - ok
15:49:40.0844 3904 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:49:40.0866 3904 LanmanWorkstation - ok
15:49:40.0869 3904 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
15:49:40.0890 3904 lltdio - ok
15:49:40.0904 3904 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
15:49:40.0926 3904 lltdsvc - ok
15:49:40.0938 3904 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
15:49:40.0960 3904 lmhosts - ok
15:49:40.0980 3904 [ BF22ACF4CF3734D61357E67F0521BC03 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
15:49:40.0988 3904 LMS - ok
15:49:41.0000 3904 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
15:49:41.0007 3904 LSI_FC - ok
15:49:41.0016 3904 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
15:49:41.0024 3904 LSI_SAS - ok
15:49:41.0030 3904 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
15:49:41.0037 3904 LSI_SAS2 - ok
15:49:41.0047 3904 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
15:49:41.0055 3904 LSI_SCSI - ok
15:49:41.0068 3904 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
15:49:41.0089 3904 luafv - ok
15:49:41.0097 3904 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
15:49:41.0106 3904 Mcx2Svc - ok
15:49:41.0116 3904 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
15:49:41.0123 3904 megasas - ok
15:49:41.0134 3904 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
15:49:41.0143 3904 MegaSR - ok
15:49:41.0178 3904 [ 772A1DEEDFDBC244183B5C805D1B7D85 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
15:49:41.0184 3904 MEIx64 - ok
15:49:41.0190 3904 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
15:49:41.0213 3904 MMCSS - ok
15:49:41.0224 3904 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
15:49:41.0245 3904 Modem - ok
15:49:41.0255 3904 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
15:49:41.0266 3904 monitor - ok
15:49:41.0267 3904 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
15:49:41.0275 3904 mouclass - ok
15:49:41.0283 3904 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
15:49:41.0292 3904 mouhid - ok
15:49:41.0298 3904 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
15:49:41.0305 3904 mountmgr - ok
15:49:41.0338 3904 [ 730A519505621DF46BCBF9CDAC9FB6AD ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
15:49:41.0346 3904 MozillaMaintenance - ok
15:49:41.0359 3904 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
15:49:41.0367 3904 mpio - ok
15:49:41.0369 3904 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
15:49:41.0390 3904 mpsdrv - ok
15:49:41.0403 3904 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
15:49:41.0429 3904 MpsSvc - ok
15:49:41.0432 3904 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
15:49:41.0443 3904 MRxDAV - ok
15:49:41.0461 3904 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
15:49:41.0470 3904 mrxsmb - ok
15:49:41.0473 3904 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:49:41.0483 3904 mrxsmb10 - ok
15:49:41.0490 3904 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:49:41.0499 3904 mrxsmb20 - ok
15:49:41.0506 3904 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
15:49:41.0513 3904 msahci - ok
15:49:41.0521 3904 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
15:49:41.0529 3904 msdsm - ok
15:49:41.0537 3904 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
15:49:41.0548 3904 MSDTC - ok
15:49:41.0551 3904 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
15:49:41.0572 3904 Msfs - ok
15:49:41.0574 3904 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
15:49:41.0595 3904 mshidkmdf - ok
15:49:41.0597 3904 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
15:49:41.0604 3904 msisadrv - ok
15:49:41.0616 3904 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
15:49:41.0638 3904 MSiSCSI - ok
15:49:41.0640 3904 msiserver - ok
15:49:41.0651 3904 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
15:49:41.0671 3904 MSKSSRV - ok
15:49:41.0677 3904 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
15:49:41.0698 3904 MSPCLOCK - ok
15:49:41.0700 3904 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
15:49:41.0720 3904 MSPQM - ok
15:49:41.0724 3904 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
15:49:41.0733 3904 MsRPC - ok
15:49:41.0752 3904 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
15:49:41.0759 3904 mssmbios - ok
15:49:41.0761 3904 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
15:49:41.0782 3904 MSTEE - ok
15:49:41.0793 3904 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
15:49:41.0801 3904 MTConfig - ok
15:49:41.0803 3904 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
15:49:41.0810 3904 Mup - ok
15:49:41.0830 3904 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
15:49:41.0853 3904 napagent - ok
15:49:41.0877 3904 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
15:49:41.0897 3904 NativeWifiP - ok
15:49:41.0932 3904 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
15:49:41.0958 3904 NDIS - ok
15:49:41.0967 3904 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
15:49:41.0991 3904 NdisCap - ok
15:49:42.0003 3904 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
15:49:42.0024 3904 NdisTapi - ok
15:49:42.0026 3904 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
15:49:42.0047 3904 Ndisuio - ok
15:49:42.0049 3904 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
15:49:42.0070 3904 NdisWan - ok
15:49:42.0072 3904 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
15:49:42.0092 3904 NDProxy - ok
15:49:42.0094 3904 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
15:49:42.0115 3904 NetBIOS - ok
15:49:42.0127 3904 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
15:49:42.0148 3904 NetBT - ok
15:49:42.0164 3904 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
15:49:42.0173 3904 Netlogon - ok
15:49:42.0184 3904 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
15:49:42.0207 3904 Netman - ok
15:49:42.0230 3904 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:49:42.0237 3904 NetMsmqActivator - ok
15:49:42.0239 3904 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:49:42.0246 3904 NetPipeActivator - ok
15:49:42.0251 3904 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
15:49:42.0275 3904 netprofm - ok
15:49:42.0277 3904 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:49:42.0284 3904 NetTcpActivator - ok
15:49:42.0286 3904 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:49:42.0293 3904 NetTcpPortSharing - ok
15:49:42.0310 3904 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
15:49:42.0317 3904 nfrd960 - ok
15:49:42.0333 3904 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
15:49:42.0343 3904 NlaSvc - ok
15:49:42.0345 3904 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
15:49:42.0366 3904 Npfs - ok
15:49:42.0384 3904 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
15:49:42.0406 3904 nsi - ok
15:49:42.0408 3904 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
15:49:42.0429 3904 nsiproxy - ok
15:49:42.0462 3904 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
15:49:42.0481 3904 Ntfs - ok
15:49:42.0483 3904 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
15:49:42.0504 3904 Null - ok
15:49:42.0513 3904 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
15:49:42.0522 3904 nvraid - ok
15:49:42.0534 3904 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
15:49:42.0542 3904 nvstor - ok
15:49:42.0554 3904 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
15:49:42.0562 3904 nv_agp - ok
15:49:42.0570 3904 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
15:49:42.0578 3904 ohci1394 - ok
15:49:42.0591 3904 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
15:49:42.0602 3904 p2pimsvc - ok
15:49:42.0616 3904 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
15:49:42.0627 3904 p2psvc - ok
15:49:42.0647 3904 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
15:49:42.0655 3904 Parport - ok
15:49:42.0676 3904 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
15:49:42.0683 3904 partmgr - ok
15:49:42.0686 3904 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
15:49:42.0699 3904 PcaSvc - ok
15:49:42.0710 3904 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
15:49:42.0718 3904 pci - ok
15:49:42.0726 3904 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
15:49:42.0733 3904 pciide - ok
15:49:42.0744 3904 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
15:49:42.0752 3904 pcmcia - ok
15:49:42.0755 3904 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
15:49:42.0762 3904 pcw - ok
15:49:42.0785 3904 pdfcDispatcher - ok
15:49:42.0791 3904 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
15:49:42.0816 3904 PEAUTH - ok
15:49:42.0835 3904 [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
15:49:42.0853 3904 PeerDistSvc - ok
15:49:42.0901 3904 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
15:49:42.0911 3904 PerfHost - ok
15:49:42.0931 3904 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
15:49:42.0965 3904 pla - ok
15:49:42.0983 3904 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
15:49:42.0994 3904 PlugPlay - ok
15:49:43.0000 3904 PnkBstrA - ok
15:49:43.0005 3904 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
15:49:43.0014 3904 PNRPAutoReg - ok
15:49:43.0017 3904 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
15:49:43.0029 3904 PNRPsvc - ok
15:49:43.0040 3904 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
15:49:43.0063 3904 PolicyAgent - ok
15:49:43.0071 3904 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
15:49:43.0094 3904 Power - ok
15:49:43.0097 3904 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
15:49:43.0117 3904 PptpMiniport - ok
15:49:43.0131 3904 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
15:49:43.0140 3904 Processor - ok
15:49:43.0148 3904 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
15:49:43.0158 3904 ProfSvc - ok
15:49:43.0164 3904 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
15:49:43.0173 3904 ProtectedStorage - ok
15:49:43.0175 3904 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
15:49:43.0196 3904 Psched - ok
15:49:43.0216 3904 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
15:49:43.0234 3904 ql2300 - ok
15:49:43.0247 3904 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
15:49:43.0255 3904 ql40xx - ok
15:49:43.0270 3904 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
15:49:43.0284 3904 QWAVE - ok
15:49:43.0286 3904 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
15:49:43.0297 3904 QWAVEdrv - ok
15:49:43.0308 3904 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
15:49:43.0329 3904 RasAcd - ok
15:49:43.0358 3904 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
15:49:43.0399 3904 RasAgileVpn - ok
15:49:43.0407 3904 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
15:49:43.0431 3904 RasAuto - ok
15:49:43.0434 3904 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
15:49:43.0454 3904 Rasl2tp - ok
15:49:43.0458 3904 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
15:49:43.0481 3904 RasMan - ok
15:49:43.0487 3904 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
15:49:43.0509 3904 RasPppoe - ok
15:49:43.0520 3904 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
15:49:43.0540 3904 RasSstp - ok
15:49:43.0544 3904 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
15:49:43.0565 3904 rdbss - ok
15:49:43.0573 3904 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
15:49:43.0583 3904 rdpbus - ok
15:49:43.0584 3904 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
15:49:43.0604 3904 RDPCDD - ok
15:49:43.0620 3904 [ 1B6163C503398B23FF8B939C67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
15:49:43.0628 3904 RDPDR - ok
15:49:43.0630 3904 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
15:49:43.0650 3904 RDPENCDD - ok
15:49:43.0653 3904 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
15:49:43.0673 3904 RDPREFMP - ok
15:49:43.0704 3904 [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
15:49:43.0712 3904 RdpVideoMiniport - ok
15:49:43.0730 3904 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
15:49:43.0739 3904 RDPWD - ok
15:49:43.0748 3904 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
15:49:43.0756 3904 rdyboost - ok
15:49:43.0764 3904 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
15:49:43.0787 3904 RemoteAccess - ok
15:49:43.0792 3904 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
15:49:43.0815 3904 RemoteRegistry - ok
15:49:43.0822 3904 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
15:49:43.0845 3904 RpcEptMapper - ok
15:49:43.0872 3904 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
15:49:43.0881 3904 RpcLocator - ok
15:49:43.0902 3904 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
15:49:43.0926 3904 RpcSs - ok
15:49:43.0939 3904 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
15:49:43.0960 3904 rspndr - ok
15:49:43.0991 3904 [ 7461D3DA1AABB5F703504E958455A900 ] RTL8192cu C:\Windows\system32\DRIVERS\RTL8192cu.sys
15:49:44.0005 3904 RTL8192cu - ok
15:49:44.0020 3904 [ E60C0A09F997826C7627B244195AB581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
15:49:44.0027 3904 s3cap - ok
15:49:44.0029 3904 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
15:49:44.0038 3904 SamSs - ok
15:49:44.0058 3904 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
15:49:44.0065 3904 sbp2port - ok
15:49:44.0068 3904 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
15:49:44.0091 3904 SCardSvr - ok
15:49:44.0121 3904 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
15:49:44.0142 3904 scfilter - ok
15:49:44.0158 3904 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
15:49:44.0185 3904 Schedule - ok
15:49:44.0201 3904 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
15:49:44.0221 3904 SCPolicySvc - ok
15:49:44.0229 3904 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
15:49:44.0238 3904 SDRSVC - ok
15:49:44.0240 3904 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
15:49:44.0261 3904 secdrv - ok
15:49:44.0263 3904 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
15:49:44.0283 3904 seclogon - ok
15:49:44.0288 3904 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
15:49:44.0322 3904 SENS - ok
15:49:44.0324 3904 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
15:49:44.0333 3904 SensrSvc - ok
15:49:44.0335 3904 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
15:49:44.0343 3904 Serenum - ok
15:49:44.0362 3904 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
15:49:44.0371 3904 Serial - ok
15:49:44.0393 3904 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
15:49:44.0401 3904 sermouse - ok
15:49:44.0406 3904 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
15:49:44.0439 3904 SessionEnv - ok
15:49:44.0449 3904 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
15:49:44.0459 3904 sffdisk - ok
15:49:44.0472 3904 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
15:49:44.0481 3904 sffp_mmc - ok
15:49:44.0501 3904 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
15:49:44.0511 3904 sffp_sd - ok
15:49:44.0520 3904 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
15:49:44.0528 3904 sfloppy - ok
15:49:44.0545 3904 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
15:49:44.0569 3904 SharedAccess - ok
15:49:44.0581 3904 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:49:44.0604 3904 ShellHWDetection - ok
15:49:44.0624 3904 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
15:49:44.0631 3904 SiSRaid2 - ok
15:49:44.0649 3904 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
15:49:44.0656 3904 SiSRaid4 - ok
15:49:44.0666 3904 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
15:49:44.0687 3904 Smb - ok
15:49:44.0713 3904 [ D48F87803F3965EE04D9BCB318791AAB ] SMR311 C:\Windows\system32\drivers\SMR311.SYS
15:49:44.0720 3904 SMR311 - ok
15:49:44.0723 3904 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
15:49:44.0733 3904 SNMPTRAP - ok
15:49:44.0735 3904 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
15:49:44.0742 3904 spldr - ok
15:49:44.0758 3904 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
15:49:44.0770 3904 Spooler - ok
15:49:44.0829 3904 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
15:49:44.0880 3904 sppsvc - ok
15:49:44.0882 3904 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
15:49:44.0905 3904 sppuinotify - ok
15:49:44.0927 3904 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
15:49:44.0938 3904 srv - ok
15:49:44.0949 3904 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
15:49:44.0958 3904 srv2 - ok
15:49:44.0961 3904 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
15:49:44.0969 3904 srvnet - ok
15:49:44.0984 3904 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
15:49:45.0007 3904 SSDPSRV - ok
15:49:45.0009 3904 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
15:49:45.0032 3904 SstpSvc - ok
15:49:45.0129 3904 [ 605ECCCE95ACF7AF12CBCCDAB55B8DD0 ] STacSV C:\Program Files\IDT\WDM\STacSV64.exe
15:49:45.0150 3904 STacSV - ok
15:49:45.0171 3904 Steam Client Service - ok
15:49:45.0177 3904 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
15:49:45.0184 3904 stexstor - ok
15:49:45.0213 3904 [ 5709F6AEECC9C43AD9D550FB1D882209 ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys
15:49:45.0236 3904 STHDA - ok
15:49:45.0267 3904 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
15:49:45.0283 3904 stisvc - ok
15:49:45.0300 3904 [ 7785DC213270D2FC066538DAF94087E7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
15:49:45.0307 3904 storflt - ok
15:49:45.0309 3904 [ C40841817EF57D491F22EB103DA587CC ] StorSvc C:\Windows\system32\storsvc.dll
15:49:45.0318 3904 StorSvc - ok
15:49:45.0329 3904 [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc C:\Windows\system32\drivers\storvsc.sys
15:49:45.0336 3904 storvsc - ok
15:49:45.0348 3904 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
15:49:45.0354 3904 swenum - ok
15:49:45.0370 3904 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
15:49:45.0395 3904 swprv - ok
15:49:45.0415 3904 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
15:49:45.0437 3904 SysMain - ok
15:49:45.0440 3904 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:49:45.0453 3904 TabletInputService - ok
15:49:45.0456 3904 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
15:49:45.0492 3904 TapiSrv - ok
15:49:45.0503 3904 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
15:49:45.0526 3904 TBS - ok
15:49:45.0560 3904 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
15:49:45.0582 3904 Tcpip - ok
15:49:45.0602 3904 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
15:49:45.0624 3904 TCPIP6 - ok
15:49:45.0632 3904 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
15:49:45.0640 3904 tcpipreg - ok
15:49:45.0651 3904 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
15:49:45.0659 3904 TDPIPE - ok
15:49:45.0669 3904 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
15:49:45.0678 3904 TDTCP - ok
15:49:45.0691 3904 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
15:49:45.0712 3904 tdx - ok
15:49:45.0716 3904 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
15:49:45.0724 3904 TermDD - ok
15:49:45.0733 3904 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
15:49:45.0758 3904 TermService - ok
15:49:45.0762 3904 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
15:49:45.0774 3904 Themes - ok
15:49:45.0783 3904 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
15:49:45.0804 3904 THREADORDER - ok
15:49:45.0812 3904 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
15:49:45.0835 3904 TrkWks - ok
15:49:45.0874 3904 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:49:45.0910 3904 TrustedInstaller - ok
15:49:45.0918 3904 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
15:49:45.0938 3904 tssecsrv - ok
15:49:45.0943 3904 [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
15:49:45.0952 3904 TsUsbFlt - ok
15:49:45.0983 3904 [ AD64450A4ABE076F5CB34CC08EEACB07 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
15:49:45.0991 3904 TsUsbGD - ok
15:49:45.0993 3904 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
15:49:46.0014 3904 tunnel - ok
15:49:46.0029 3904 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
15:49:46.0036 3904 uagp35 - ok
15:49:46.0046 3904 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
15:49:46.0067 3904 udfs - ok
15:49:46.0082 3904 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
15:49:46.0093 3904 UI0Detect - ok
15:49:46.0105 3904 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
15:49:46.0113 3904 uliagpkx - ok
15:49:46.0124 3904 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
15:49:46.0133 3904 umbus - ok
15:49:46.0147 3904 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
15:49:46.0155 3904 UmPass - ok
15:49:46.0163 3904 [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService C:\Windows\System32\umrdp.dll
15:49:46.0174 3904 UmRdpService - ok
15:49:46.0179 3904 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
15:49:46.0203 3904 upnphost - ok
15:49:46.0211 3904 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
15:49:46.0220 3904 usbccgp - ok
15:49:46.0228 3904 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
15:49:46.0238 3904 usbcir - ok
15:49:46.0240 3904 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
15:49:46.0248 3904 usbehci - ok
15:49:46.0263 3904 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\drivers\usbhub.sys
15:49:46.0273 3904 usbhub - ok
15:49:46.0284 3904 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
15:49:46.0292 3904 usbohci - ok
15:49:46.0298 3904 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\drivers\usbprint.sys
15:49:46.0308 3904 usbprint - ok
15:49:46.0325 3904 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:49:46.0334 3904 USBSTOR - ok
15:49:46.0345 3904 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
15:49:46.0353 3904 usbuhci - ok
15:49:46.0364 3904 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
15:49:46.0386 3904 UxSms - ok
15:49:46.0397 3904 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
15:49:46.0405 3904 VaultSvc - ok
15:49:46.0411 3904 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
15:49:46.0418 3904 vdrvroot - ok
15:49:46.0435 3904 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
15:49:46.0458 3904 vds - ok
15:49:46.0465 3904 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
15:49:46.0475 3904 vga - ok
15:49:46.0484 3904 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
15:49:46.0504 3904 VgaSave - ok
15:49:46.0517 3904 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
15:49:46.0526 3904 vhdmp - ok
15:49:46.0543 3904 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
15:49:46.0550 3904 viaide - ok
15:49:46.0560 3904 [ 86EA3E79AE350FEA5331A1303054005F ] vmbus C:\Windows\system32\drivers\vmbus.sys
15:49:46.0568 3904 vmbus - ok
15:49:46.0587 3904 [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
15:49:46.0595 3904 VMBusHID - ok
15:49:46.0607 3904 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
15:49:46.0615 3904 volmgr - ok
15:49:46.0625 3904 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
15:49:46.0635 3904 volmgrx - ok
15:49:46.0652 3904 [ DF8126BD41180351A093A3AD2FC8903B ] volsnap C:\Windows\system32\drivers\volsnap.sys
15:49:46.0661 3904 volsnap - ok
15:49:46.0670 3904 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
15:49:46.0678 3904 vsmraid - ok
15:49:46.0698 3904 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
15:49:46.0729 3904 VSS - ok
15:49:46.0731 3904 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
15:49:46.0741 3904 vwifibus - ok
15:49:46.0743 3904 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
15:49:46.0754 3904 vwififlt - ok
15:49:46.0758 3904 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
15:49:46.0782 3904 W32Time - ok
15:49:46.0785 3904 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
15:49:46.0793 3904 WacomPen - ok
15:49:46.0795 3904 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
15:49:46.0815 3904 WANARP - ok
15:49:46.0817 3904 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
15:49:46.0837 3904 Wanarpv6 - ok
15:49:46.0863 3904 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
15:49:46.0880 3904 WatAdminSvc - ok
15:49:46.0904 3904 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
15:49:46.0921 3904 wbengine - ok
15:49:46.0924 3904 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
15:49:46.0938 3904 WbioSrvc - ok
15:49:46.0942 3904 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
15:49:46.0966 3904 wcncsvc - ok
15:49:46.0968 3904 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:49:46.0985 3904 WcsPlugInService - ok
15:49:46.0995 3904 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
15:49:47.0002 3904 Wd - ok
15:49:47.0024 3904 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
15:49:47.0037 3904 Wdf01000 - ok
15:49:47.0040 3904 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
15:49:47.0053 3904 WdiServiceHost - ok
15:49:47.0061 3904 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
15:49:47.0074 3904 WdiSystemHost - ok
15:49:47.0077 3904 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
15:49:47.0105 3904 WebClient - ok
15:49:47.0108 3904 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
15:49:47.0132 3904 Wecsvc - ok
15:49:47.0134 3904 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
15:49:47.0156 3904 wercplsupport - ok
15:49:47.0159 3904 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
15:49:47.0181 3904 WerSvc - ok
15:49:47.0183 3904 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
15:49:47.0203 3904 WfpLwf - ok
15:49:47.0212 3904 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
15:49:47.0219 3904 WIMMount - ok
15:49:47.0234 3904 WinDefend - ok
15:49:47.0237 3904 WinHttpAutoProxySvc - ok
15:49:47.0269 3904 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
15:49:47.0291 3904 Winmgmt - ok
15:49:47.0318 3904 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
15:49:47.0368 3904 WinRM - ok
15:49:47.0387 3904 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
15:49:47.0404 3904 Wlansvc - ok
15:49:47.0428 3904 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
15:49:47.0436 3904 WmiAcpi - ok
15:49:47.0450 3904 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
15:49:47.0460 3904 wmiApSrv - ok
15:49:47.0466 3904 WMPNetworkSvc - ok
15:49:47.0472 3904 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
15:49:47.0482 3904 WPCSvc - ok
15:49:47.0484 3904 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
15:49:47.0496 3904 WPDBusEnum - ok
15:49:47.0498 3904 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
15:49:47.0518 3904 ws2ifsl - ok
15:49:47.0529 3904 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
15:49:47.0542 3904 wscsvc - ok
15:49:47.0543 3904 WSearch - ok
15:49:47.0579 3904 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
15:49:47.0607 3904 wuauserv - ok
15:49:47.0613 3904 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
15:49:47.0621 3904 WudfPf - ok
15:49:47.0629 3904 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
15:49:47.0638 3904 WUDFRd - ok
15:49:47.0646 3904 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
15:49:47.0656 3904 wudfsvc - ok
15:49:47.0665 3904 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
15:49:47.0678 3904 WwanSvc - ok
15:49:47.0681 3904 ================ Scan global ===============================
15:49:47.0710 3904 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
15:49:47.0748 3904 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
15:49:47.0757 3904 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
15:49:47.0771 3904 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
15:49:47.0789 3904 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
15:49:47.0793 3904 [Global] - ok
15:49:47.0793 3904 ================ Scan MBR ==================================
15:49:47.0817 3904 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
15:49:48.0388 3904 \Device\Harddisk0\DR0 - ok
15:49:48.0389 3904 ================ Scan VBR ==================================
15:49:48.0391 3904 [ CA77314E3EA7394C9AB40C23F17AC9A2 ] \Device\Harddisk0\DR0\Partition1
15:49:48.0393 3904 \Device\Harddisk0\DR0\Partition1 - ok
15:49:48.0420 3904 [ 13DD72CE79036974120D49C39DBB4AB5 ] \Device\Harddisk0\DR0\Partition2
15:49:48.0422 3904 \Device\Harddisk0\DR0\Partition2 - ok
15:49:48.0447 3904 [ 45FD649F0677C92A33FF31B811C8C62A ] \Device\Harddisk0\DR0\Partition3
15:49:48.0448 3904 \Device\Harddisk0\DR0\Partition3 - ok
15:49:48.0448 3904 ============================================================
15:49:48.0448 3904 Scan finished
15:49:48.0448 3904 ============================================================
15:49:48.0458 3432 Detected object count: 0
15:49:48.0458 3432 Actual detected object count: 0

Nyní jdu tedy na ComboFix
Nahoru
Uživatelský avatar
Armyt
Návštěvník
Návštěvník
Příspěvky: 21
Registrován: 12 led 2013 14:33
Bydliště: Liberec

Re: Samovolné padání programů do lišty Win 7

#7 Příspěvek od Armyt »

Předem se omlouvám za další odpověď, ale do jedné se to nevlezlo :(

ComboFix:

ComboFix 13-01-12.01 - Armyt 12.01.2013 15:58:15.1.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1250.420.1029.18.8132.6119 [GMT 1:00]
Spuštěný z: c:\users\Armyt\Desktop\ComboFix.exe
AV: avast! Internet Security *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
FW: avast! Internet Security *Enabled* {131692B0-0864-D491-4E21-3A3A1D8BBB47}
SP: avast! Internet Security *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2012-12-12 do 2013-01-12 )))))))))))))))))))))))))))))))
.
.
2013-01-12 15:01 . 2013-01-12 15:01 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-01-12 14:40 . 2013-01-12 14:40 95392 ----a-w- c:\windows\system32\drivers\SMR311.SYS
2013-01-12 13:37 . 2013-01-12 13:37 -------- d-----w- c:\program files\trend micro
2013-01-12 13:37 . 2013-01-12 13:37 -------- d-----w- C:\rsit
2013-01-12 13:28 . 2013-01-12 13:28 -------- d-----w- c:\programdata\Malwarebytes
2013-01-12 12:43 . 2013-01-12 12:43 -------- d-----w- c:\program files (x86)\Conduit
2013-01-12 12:43 . 2013-01-12 12:43 -------- d-----w- c:\program files (x86)\uTorrent
2013-01-11 20:19 . 2012-12-16 16:31 67599240 ----a-w- c:\windows\system32\MRT.exe
2013-01-09 16:28 . 2013-01-11 21:55 281768 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2013-01-09 12:02 . 2012-11-30 05:45 215040 ----a-w- c:\windows\system32\winsrv.dll
2013-01-09 11:10 . 2013-01-09 11:10 -------- d-----w- c:\program files (x86)\GamePark
2013-01-09 02:40 . 2013-01-09 02:40 -------- d-----w- c:\windows\SysWow64\Wat
2013-01-09 02:40 . 2013-01-09 02:40 -------- d-----w- c:\windows\system32\Wat
2013-01-09 02:17 . 2012-07-26 07:40 2560 ----a-w- c:\windows\system32\drivers\cs-CZ\wdf01000.sys.mui
2013-01-09 02:17 . 2012-07-26 04:55 785512 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2013-01-09 02:17 . 2012-07-26 04:55 54376 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2013-01-09 02:17 . 2012-07-26 02:36 9728 ----a-w- c:\windows\system32\Wdfres.dll
2013-01-09 02:15 . 2010-02-23 08:16 294912 ----a-w- c:\windows\system32\browserchoice.exe
2013-01-09 02:07 . 2012-12-16 17:11 46080 ----a-w- c:\windows\system32\atmlib.dll
2013-01-09 02:07 . 2012-12-16 14:13 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2013-01-09 02:07 . 2012-12-16 14:45 367616 ----a-w- c:\windows\system32\atmfd.dll
2013-01-09 02:07 . 2012-12-16 14:13 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2013-01-09 02:07 . 2012-07-26 02:26 87040 ----a-w- c:\windows\system32\drivers\WUDFPf.sys
2013-01-09 02:07 . 2012-07-26 02:26 198656 ----a-w- c:\windows\system32\drivers\WUDFRd.sys
2013-01-09 02:07 . 2012-07-26 03:08 84992 ----a-w- c:\windows\system32\WUDFSvc.dll
2013-01-09 02:07 . 2012-07-26 03:08 194048 ----a-w- c:\windows\system32\WUDFPlatform.dll
2013-01-09 02:07 . 2012-07-26 03:08 229888 ----a-w- c:\windows\system32\WUDFHost.exe
2013-01-09 02:07 . 2012-07-26 03:08 744448 ----a-w- c:\windows\system32\WUDFx.dll
2013-01-09 02:07 . 2012-07-26 03:08 45056 ----a-w- c:\windows\system32\WUDFCoinstaller.dll
2013-01-08 21:05 . 2013-01-08 21:05 163056 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10142.bin
2013-01-08 19:53 . 2013-01-08 19:53 -------- d-----w- c:\program files (x86)\Garena Plus
2013-01-08 19:53 . 2013-01-12 14:46 -------- d-----w- c:\programdata\GarenaMessenger
2013-01-08 17:14 . 2013-01-08 19:28 -------- d-----w- c:\program files (x86)\Common Files\Steam
2013-01-08 17:14 . 2013-01-12 14:43 -------- d-----w- c:\program files (x86)\Steam
2013-01-08 16:48 . 2013-01-08 16:48 -------- d-----w- c:\program files\TeamSpeak 3 Client
2013-01-08 15:06 . 2012-11-02 05:59 478208 ----a-w- c:\windows\system32\dpnet.dll
2013-01-08 15:05 . 2012-06-06 06:05 61440 ----a-w- c:\program files\Common Files\System\ado\msador15.dll
2013-01-08 15:00 . 2012-02-17 06:38 1031680 ----a-w- c:\windows\system32\rdpcore.dll
2013-01-08 15:00 . 2012-02-17 05:34 826880 ----a-w- c:\windows\SysWow64\rdpcore.dll
2013-01-08 15:00 . 2012-02-17 04:57 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys
2013-01-08 14:58 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe
2013-01-08 14:58 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll
2013-01-08 14:58 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2013-01-08 14:58 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll
2013-01-08 14:57 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll
2013-01-08 14:57 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll
2013-01-08 14:57 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll
2013-01-08 14:57 . 2012-06-02 14:19 186752 ----a-w- c:\windows\system32\wuwebv.dll
2013-01-08 14:57 . 2012-06-02 14:15 36864 ----a-w- c:\windows\system32\wuapp.exe
2013-01-08 14:56 . 2013-01-08 14:56 -------- d-----w- c:\program files (x86)\TP-LINK
2013-01-08 14:56 . 2012-03-14 08:04 926824 ----a-w- c:\windows\system32\rtl8192cu.sys
2013-01-08 14:56 . 2012-03-14 08:04 926824 ----a-w- c:\windows\system32\drivers\RTL8192cu.sys
2013-01-08 14:55 . 2013-01-08 14:56 -------- d-----w- c:\programdata\TP-LINK
2013-01-07 13:01 . 2013-01-11 21:02 -------- d-----w- c:\program files (x86)\Common Files\Symantec Shared
2013-01-07 11:18 . 2013-01-12 12:25 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service
2013-01-07 11:05 . 2013-01-07 11:05 283200 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2013-01-07 11:04 . 2013-01-07 11:05 -------- d-----w- c:\program files (x86)\DAEMON Tools Lite
2013-01-07 11:04 . 2013-01-07 11:06 -------- d-----w- c:\programdata\DAEMON Tools Lite
2013-01-06 16:35 . 2013-01-07 11:08 -------- d-----w- c:\program files (x86)\Common Files\InstallShield
2013-01-04 15:13 . 2013-01-09 11:20 840264 ----a-w- c:\windows\SysWow64\pbsvc.exe
2013-01-04 13:37 . 2013-01-11 21:55 281768 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2013-01-04 13:37 . 2013-01-11 21:53 103736 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2013-01-04 13:37 . 2013-01-09 11:21 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2013-01-04 13:24 . 2013-01-11 21:05 -------- d-----w- C:\Hry
2013-01-04 12:08 . 2013-01-12 12:27 -------- d-----w- c:\users\Armyt
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-01-08 19:35 . 2012-11-20 03:53 74248 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-01-08 19:35 . 2012-11-20 03:53 697864 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-11-30 04:45 . 2013-01-09 12:02 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2012-11-20 03:40 . 2012-11-20 03:40 296320 ----a-w- c:\windows\system32\drivers\volsnap.sys
2012-11-20 03:40 . 2012-11-20 03:40 96768 ----a-w- c:\windows\system32\fsutil.exe
2012-11-20 03:40 . 2012-11-20 03:40 91648 ----a-w- c:\windows\system32\drivers\USBSTOR.SYS
2012-11-20 03:40 . 2012-11-20 03:40 74240 ----a-w- c:\windows\SysWow64\fsutil.exe
2012-11-20 03:40 . 2012-11-20 03:40 410496 ----a-w- c:\windows\system32\drivers\iaStorV.sys
2012-11-20 03:40 . 2012-11-20 03:40 27008 ----a-w- c:\windows\system32\drivers\amdxata.sys
2012-11-20 03:40 . 2012-11-20 03:40 2565632 ----a-w- c:\windows\system32\esent.dll
2012-11-20 03:40 . 2012-11-20 03:40 189824 ----a-w- c:\windows\system32\drivers\storport.sys
2012-11-20 03:40 . 2012-11-20 03:40 1699328 ----a-w- c:\windows\SysWow64\esent.dll
2012-11-20 03:40 . 2012-11-20 03:40 166272 ----a-w- c:\windows\system32\drivers\nvstor.sys
2012-11-20 03:40 . 2012-11-20 03:40 148352 ----a-w- c:\windows\system32\drivers\nvraid.sys
2012-11-20 03:40 . 2012-11-20 03:40 107904 ----a-w- c:\windows\system32\drivers\amdsata.sys
2012-11-20 03:39 . 2012-11-20 03:39 209920 ----a-w- c:\windows\system32\profsvc.dll
2012-11-20 03:39 . 2012-11-20 03:39 3216384 ----a-w- c:\windows\system32\msi.dll
2012-11-20 03:39 . 2012-11-20 03:39 2342400 ----a-w- c:\windows\SysWow64\msi.dll
2012-11-20 03:39 . 2012-11-20 03:39 75120 ----a-w- c:\windows\system32\drivers\partmgr.sys
2012-11-20 03:38 . 2012-11-20 03:38 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-11-20 03:38 . 2012-11-20 03:38 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe
2012-11-20 03:38 . 2012-11-20 03:38 77312 ----a-w- c:\windows\system32\rdpwsx.dll
2012-11-20 03:38 . 2012-11-20 03:38 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll
2012-11-20 03:38 . 2012-11-20 03:38 515584 ----a-w- c:\windows\system32\timedate.cpl
2012-11-20 03:38 . 2012-11-20 03:38 478720 ----a-w- c:\windows\SysWow64\timedate.cpl
2012-11-20 03:37 . 2012-11-20 03:37 1544704 ----a-w- c:\windows\system32\DWrite.dll
2012-11-20 03:37 . 2012-11-20 03:37 1077248 ----a-w- c:\windows\SysWow64\DWrite.dll
2012-11-20 03:37 . 2012-11-20 03:37 634880 ----a-w- c:\windows\system32\msvcrt.dll
2012-11-20 03:37 . 2012-11-20 03:37 690688 ----a-w- c:\windows\SysWow64\msvcrt.dll
2012-11-20 03:37 . 2012-11-20 03:37 81408 ----a-w- c:\windows\system32\imagehlp.dll
2012-11-20 03:37 . 2012-11-20 03:37 5120 ----a-w- c:\windows\SysWow64\wmi.dll
2012-11-20 03:37 . 2012-11-20 03:37 5120 ----a-w- c:\windows\system32\wmi.dll
2012-11-20 03:37 . 2012-11-20 03:37 23408 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2012-11-20 03:37 . 2012-11-20 03:37 159232 ----a-w- c:\windows\SysWow64\imagehlp.dll
2012-11-20 03:37 . 2012-11-20 03:37 498688 ----a-w- c:\windows\system32\drivers\afd.sys
2012-11-20 03:37 . 2012-11-20 03:37 1731920 ----a-w- c:\windows\system32\ntdll.dll
2012-11-20 03:37 . 2012-11-20 03:37 1292080 ----a-w- c:\windows\SysWow64\ntdll.dll
2012-11-20 03:37 . 2012-11-20 03:37 509952 ----a-w- c:\windows\system32\ntshrui.dll
2012-11-20 03:37 . 2012-11-20 03:37 442880 ----a-w- c:\windows\SysWow64\ntshrui.dll
2012-11-20 03:36 . 2012-11-20 03:36 1572864 ----a-w- c:\windows\system32\quartz.dll
2012-11-20 03:36 . 2012-11-20 03:36 1328128 ----a-w- c:\windows\SysWow64\quartz.dll
2012-11-20 03:36 . 2012-11-20 03:36 43520 ----a-w- c:\windows\system32\csrsrv.dll
2012-11-20 03:36 . 2012-11-20 03:36 723456 ----a-w- c:\windows\system32\EncDec.dll
2012-11-20 03:36 . 2012-11-20 03:36 534528 ----a-w- c:\windows\SysWow64\EncDec.dll
2012-11-20 03:36 . 2012-11-20 03:36 395776 ----a-w- c:\windows\system32\webio.dll
2012-11-20 03:36 . 2012-11-20 03:36 314880 ----a-w- c:\windows\SysWow64\webio.dll
2012-11-20 03:36 . 2012-11-20 03:36 31232 ----a-w- c:\windows\system32\lsass.exe
2012-11-20 03:36 . 2012-11-20 03:36 29184 ----a-w- c:\windows\system32\sspisrv.dll
2012-11-20 03:36 . 2012-11-20 03:36 28160 ----a-w- c:\windows\system32\secur32.dll
2012-11-20 03:36 . 2012-11-20 03:36 136192 ----a-w- c:\windows\system32\sspicli.dll
2012-11-20 03:36 . 2012-11-20 03:36 77312 ----a-w- c:\windows\system32\packager.dll
2012-11-20 03:36 . 2012-11-20 03:36 67072 ----a-w- c:\windows\SysWow64\packager.dll
2012-11-20 03:35 . 2012-11-20 03:35 75776 ----a-w- c:\windows\SysWow64\psisrndr.ax
2012-11-20 03:35 . 2012-11-20 03:35 613888 ----a-w- c:\windows\system32\psisdecd.dll
2012-11-20 03:35 . 2012-11-20 03:35 465408 ----a-w- c:\windows\SysWow64\psisdecd.dll
2012-11-20 03:35 . 2012-11-20 03:35 108032 ----a-w- c:\windows\system32\psisrndr.ax
2012-11-20 03:35 . 2012-11-20 03:35 861696 ----a-w- c:\windows\system32\oleaut32.dll
2012-11-20 03:35 . 2012-11-20 03:35 571904 ----a-w- c:\windows\SysWow64\oleaut32.dll
2012-11-20 03:35 . 2012-11-20 03:35 331776 ----a-w- c:\windows\system32\oleacc.dll
2012-11-20 03:35 . 2012-11-20 03:35 233472 ----a-w- c:\windows\SysWow64\oleacc.dll
2012-11-20 03:35 . 2012-11-20 03:35 199680 ----a-w- c:\windows\system32\xmllite.dll
2012-11-20 03:35 . 2012-11-20 03:35 86016 ----a-w- c:\windows\SysWow64\odbccu32.dll
2012-11-20 03:35 . 2012-11-20 03:35 81920 ----a-w- c:\windows\SysWow64\odbccr32.dll
2012-11-20 03:35 . 2012-11-20 03:35 319488 ----a-w- c:\windows\SysWow64\odbcjt32.dll
2012-11-20 03:35 . 2012-11-20 03:35 212992 ----a-w- c:\windows\system32\odbctrac.dll
2012-11-20 03:35 . 2012-11-20 03:35 163840 ----a-w- c:\windows\SysWow64\odbctrac.dll
2012-11-20 03:35 . 2012-11-20 03:35 163840 ----a-w- c:\windows\system32\odbccp32.dll
2012-11-20 03:35 . 2012-11-20 03:35 122880 ----a-w- c:\windows\SysWow64\odbccp32.dll
2012-11-20 03:35 . 2012-11-20 03:35 106496 ----a-w- c:\windows\system32\odbccu32.dll
2012-11-20 03:35 . 2012-11-20 03:35 106496 ----a-w- c:\windows\system32\odbccr32.dll
2012-11-20 03:35 . 2012-11-20 03:35 64512 ----a-w- c:\windows\SysWow64\devobj.dll
2012-11-20 03:35 . 2012-11-20 03:35 44544 ----a-w- c:\windows\SysWow64\devrtl.dll
2012-11-20 03:35 . 2012-11-20 03:35 404480 ----a-w- c:\windows\system32\umpnpmgr.dll
2012-11-20 03:35 . 2012-11-20 03:35 252928 ----a-w- c:\windows\SysWow64\drvinst.exe
2012-11-20 03:35 . 2012-11-20 03:35 145920 ----a-w- c:\windows\SysWow64\cfgmgr32.dll
2012-11-20 03:35 . 2012-11-20 03:35 86528 ----a-w- c:\windows\SysWow64\SearchFilterHost.exe
2012-11-20 03:35 . 2012-11-20 03:35 778752 ----a-w- c:\windows\system32\mssvp.dll
2012-11-20 03:35 . 2012-11-20 03:35 75264 ----a-w- c:\windows\system32\msscntrs.dll
2012-11-20 03:35 . 2012-11-20 03:35 666624 ----a-w- c:\windows\SysWow64\mssvp.dll
2012-11-20 03:35 . 2012-11-20 03:35 59392 ----a-w- c:\windows\SysWow64\msscntrs.dll
2012-11-20 03:35 . 2012-11-20 03:35 591872 ----a-w- c:\windows\system32\SearchIndexer.exe
2012-11-20 03:35 . 2012-11-20 03:35 491520 ----a-w- c:\windows\system32\mssph.dll
2012-11-20 03:35 . 2012-11-20 03:35 427520 ----a-w- c:\windows\SysWow64\SearchIndexer.exe
2012-11-20 03:35 . 2012-11-20 03:35 337408 ----a-w- c:\windows\SysWow64\mssph.dll
2012-11-20 03:35 . 2012-11-20 03:35 288256 ----a-w- c:\windows\system32\mssphtb.dll
2012-11-20 03:35 . 2012-11-20 03:35 249856 ----a-w- c:\windows\system32\SearchProtocolHost.exe
2012-11-20 03:35 . 2012-11-20 03:35 2315776 ----a-w- c:\windows\system32\tquery.dll
2012-11-20 03:35 . 2012-11-20 03:35 2223616 ----a-w- c:\windows\system32\mssrch.dll
2012-11-20 03:35 . 2012-11-20 03:35 197120 ----a-w- c:\windows\SysWow64\mssphtb.dll
2012-11-20 03:35 . 2012-11-20 03:35 164352 ----a-w- c:\windows\SysWow64\SearchProtocolHost.exe
2012-11-20 03:35 . 2012-11-20 03:35 1549312 ----a-w- c:\windows\SysWow64\tquery.dll
2012-11-20 03:35 . 2012-11-20 03:35 1401344 ----a-w- c:\windows\SysWow64\mssrch.dll
2012-11-20 03:35 . 2012-11-20 03:35 113664 ----a-w- c:\windows\system32\SearchFilterHost.exe
2012-11-20 03:34 . 2012-11-20 03:34 976896 ----a-w- c:\windows\system32\inetcomm.dll
2012-11-20 03:34 . 2012-11-20 03:34 741376 ----a-w- c:\windows\SysWow64\inetcomm.dll
2012-11-20 03:34 . 2012-11-20 03:34 27520 ----a-w- c:\windows\system32\drivers\Diskdump.sys
2012-11-20 03:34 . 2012-11-20 03:34 288768 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2012-11-20 03:34 . 2012-11-20 03:34 158208 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2012-11-20 03:34 . 2012-11-20 03:34 128000 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2012-11-20 03:34 . 2012-11-20 03:34 467456 ----a-w- c:\windows\system32\drivers\srv.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{7473b6bd-4691-4744-a82b-7854eb3d70b6}"= "c:\program files (x86)\uTorrentControl_v2\prxtbuTor.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{7473b6bd-4691-4744-a82b-7854eb3d70b6}]
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{7473b6bd-4691-4744-a82b-7854eb3d70b6}]
2011-05-09 09:49 176936 ----a-w- c:\program files (x86)\uTorrentControl_v2\prxtbuTor.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{7473b6bd-4691-4744-a82b-7854eb3d70b6}"= "c:\program files (x86)\uTorrentControl_v2\prxtbuTor.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{7473b6bd-4691-4744-a82b-7854eb3d70b6}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-11-06 3673728]
"Steam"="c:\program files (x86)\Steam\steam.exe" [2013-01-08 1354736]
"GarenaPlus"="c:\program files (x86)\Garena Plus\GarenaMessenger.exe" [2012-12-17 9152968]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AMD AVT"="start AMD Accelerated Video Transcoding device initialization" [X]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2011-12-05 291096]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-06-07 641704]
"HP KEYBOARDx"="c:\program files (x86)\Hewlett-Packard\HP Desktop Keyboard\HPKEYBOARDx.EXE" [2010-02-11 710656]
"HP Remote Solution"="c:\program files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe" [2009-08-25 656896]
"PDF Complete"="c:\program files (x86)\PDF Complete\pdfsty.exe" [2012-07-18 684064]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-10-30 4297136]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
TP-LINK Wireless Configuration Utility.lnk - c:\program files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe [2013-1-8 841216]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
R3 GGSAFERDriver;GGSAFER Driver;c:\program files (x86)\Garena Plus\Room\safedrv.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2012-08-23 30208]
R3 WatAdminSvc;Služba Technologie aktivace Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2013-01-09 1255736]
S0 aswNdis;avast! Firewall NDIS Filter Service;c:\windows\system32\DRIVERS\aswNdis.sys [2012-09-21 12368]
S0 aswNdis2;avast! Firewall Core Firewall Service; [x]
S0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;c:\windows\system32\drivers\iusb3hcs.sys [2011-12-05 16152]
S0 SMR311;Symantec SMR Utility Service 3.1.1;c:\windows\System32\drivers\SMR311.SYS [2013-01-12 95392]
S1 aswFW;avast! TDI Firewall driver; [x]
S1 aswKbd;aswKbd; [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2013-01-07 283200]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-06-08 236544]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-10-30 71600]
S2 avast! Firewall;avast! Firewall;c:\program files\AVAST Software\Avast\afwServ.exe [2012-10-30 133912]
S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-09-10 86072]
S2 HPAuto;HP Auto;c:\program files\Hewlett-Packard\HP Auto\HPAuto.exe [2011-02-17 682040]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-03-29 94264]
S2 pdfcDispatcher;PDF Document Manager;c:\program files (x86)\PDF Complete\pdfsvc.exe [2012-07-18 1134624]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2012-02-24 95760]
S3 iusb3hub;Intel(R) USB 3.0 Hub Driver;c:\windows\system32\drivers\iusb3hub.sys [2011-12-05 355096]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;c:\windows\system32\drivers\iusb3xhc.sys [2011-12-05 785688]
S3 L1C;NDIS Miniport Driver for Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [2011-10-14 108656]
S3 RTL8192cu;TP-LINK 150Mbps Wireless N Nano USB Adapter;c:\windows\system32\DRIVERS\RTL8192cu.sys [2012-03-14 926824]
.
.
--- Ostatní služby/ovladače v paměti ---
.
*NewlyCreated* - 93004723
*Deregistered* - 93004723
.
Obsah adresáře 'Naplánované úlohy'
.
2013-01-12 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-11-20 19:35]
.
2013-01-12 c:\windows\Tasks\HPCeeScheduleForArmyt.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15 12:43]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-10-30 22:50 133400 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BeatsOSDApp"="c:\program files\IDT\WDM\beats64.exe" [2012-03-30 37888]
"HPSYSDRV"="c:\program files (x86)\Hewlett-Packard\HP Odometer\HPSYSDRV.EXE" [2008-11-20 62768]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2012-04-24 1425408]
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.bing.com?pc=CMDTDFJS
uLocal Page = c:\windows\system32\blank.htm
mDefault_Page_URL = hxxp://www.bing.com?pc=CMDTDFJS
mStart Page = hxxp://www.bing.com?pc=CMDTDFJS
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Armyt\AppData\Roaming\Mozilla\Firefox\Profiles\usv01ixp.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/
FF - ExtSQL: 2013-01-07 12:18; {ea614400-e918-4741-9a97-7a972ff7c30b}; c:\users\Armyt\AppData\Roaming\Mozilla\Firefox\Profiles\usv01ixp.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
FF - ExtSQL: 2013-01-07 14:36; wrc@avast.com; c:\program files\AVAST Software\Avast\WebRep\FF
FF - ExtSQL: 2013-01-12 13:43; {7473b6bd-4691-4744-a82b-7854eb3d70b6}; c:\users\Armyt\AppData\Roaming\Mozilla\Firefox\Profiles\usv01ixp.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
HKLM_Wow6432Node-ActiveSetup-{438363A8-F486-4C37-834C-4955773CB3D3} - msiexec
WebBrowser-{7473B6BD-4691-4744-A82B-7854EB3D70B6} - (no file)
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
AddRemove-{6F44AF95-3CDE-4513-AD3F-6D45F17BF324} - c:\program files (x86)\InstallShield Installation Information\{6F44AF95-3CDE-4513-AD3F-6D45F17BF324}\setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\pdfcDispatcher]
"ImagePath"="c:\program files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_146_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_146_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Nico Mak Computing\WinZip]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Celkový čas: 2013-01-12 16:02:59
ComboFix-quarantined-files.txt 2013-01-12 15:02
.
Před spuštěním: Volných bajtů: 859 934 924 800
Po spuštění: Volných bajtů: 860 154 032 128
.
- - End Of File - - CA0DFE26AB43C6D32619B9DC9DF875E5
Nahoru
Uživatelský avatar
Armyt
Návštěvník
Návštěvník
Příspěvky: 21
Registrován: 12 led 2013 14:33
Bydliště: Liberec

Re: Samovolné padání programů do lišty Win 7

#8 Příspěvek od Armyt »

https://www.virustotal.com/file/cd15e5a ... 358004171/ - ----A---- C:\Windows\system32\poqexec.exe
https://www.virustotal.com/file/cd15e5a ... 358004228/ - ----A---- C:\Windows\SYSWOW64\poqexec.exe
----A---- C:\Windows\system32\drivers\ntfs.sys nejde nikde najít :D Ani když dám skrýté soubory, ani pomocí vyhledat :D resp. Když do složky najedu přez průzkumníka tak to tam mám :D Ale když to chci nahrát na VT tak to tam nemám :D
Nahoru
Uživatelský avatar
Armyt
Návštěvník
Návštěvník
Příspěvky: 21
Registrován: 12 led 2013 14:33
Bydliště: Liberec

Re: Samovolné padání programů do lišty Win 7

#9 Příspěvek od Armyt »

Bohužel jsem nucen jít do práce. Tak ti to sem hodím zítra kolem 2 odpolední :-)
Nahoru
Uživatelský avatar
Armyt
Návštěvník
Návštěvník
Příspěvky: 21
Registrován: 12 led 2013 14:33
Bydliště: Liberec

Re: Samovolné padání programů do lišty Win 7

#10 Příspěvek od Armyt »

Ok :) tady to máš :) Snad jsem to nejak nezblbnul.
Přílohy
ziskej.zip
(145.19 KiB) Staženo 44 x
Nahoru
Uživatelský avatar
Armyt
Návštěvník
Návštěvník
Příspěvky: 21
Registrován: 12 led 2013 14:33
Bydliště: Liberec

Re: Samovolné padání programů do lišty Win 7

#11 Příspěvek od Armyt »

Bohužel musím zase napsat další odpověď. Je tu omezení na 1 soubor.

Pardon :)
Přílohy
PowerTool.zip
(15.32 KiB) Staženo 37 x
Nahoru
Uživatelský avatar
Armyt
Návštěvník
Návštěvník
Příspěvky: 21
Registrován: 12 led 2013 14:33
Bydliště: Liberec

Re: Samovolné padání programů do lišty Win 7

#12 Příspěvek od Armyt »

Radši se zeptám :)
Mám se proklikat tím Mbrscan.exe nebo PowerTool ?
Naughty píše:V klidu, jeste se proklikavej sektorama a najdi sektor kde bude napsano navrvchu hlavicky NTFS, tem mi dumpni + 6 nasledujicich po nem sektoru, nekam je zas upni. :-)
A ta hlavicka, tim se mysli co? :D
Nahoru
Uživatelský avatar
Armyt
Návštěvník
Návštěvník
Příspěvky: 21
Registrován: 12 led 2013 14:33
Bydliště: Liberec

Re: Samovolné padání programů do lišty Win 7

#13 Příspěvek od Armyt »

No tak to vypadá, že ti to sem hodím zítra :) V 5 jdu ještě na poslední noční.

Jinak jsem už u 1600 sektoru a pořád nic :D Takže to trochu dýl potrvá :)
Nahoru
Uživatelský avatar
Armyt
Návštěvník
Návštěvník
Příspěvky: 21
Registrován: 12 led 2013 14:33
Bydliště: Liberec

Re: Samovolné padání programů do lišty Win 7

#14 Příspěvek od Armyt »

Došel jsem až na 15000 a pořád nic :D Jdu se pomalu chystat do práce. Takže to dodělám zítra :(
Nahoru
Uživatelský avatar
Armyt
Návštěvník
Návštěvník
Příspěvky: 21
Registrován: 12 led 2013 14:33
Bydliště: Liberec

Re: Samovolné padání programů do lišty Win 7

#15 Příspěvek od Armyt »

Akorad nainstaloval par her, par patchu na multak a stahl Team Speak 64bit. Na noťasu jsem používal 32bit a vše bylo ok :D

a akorad jsem zapojil sluchatka dozadu bedny :D driv byly vpredu :D
Nahoru
Zamčeno

Zpět na „Řešení problémů, logy“