Prosim o kontrolu logu

Zpráva

Pablo1 · #1 Příspěvek od **Pablo1** » 22 úno 2013 10:08

Logfile of random's system information tool 1.06 (written by random/random)
Run by Pablo1 at 2013-02-22 09:45:09
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 180 GB (59%) free of 305 GB
Total RAM: 1791 MB (48% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:55:40, on 22.02.2013
Platform: Unknown Windows (WinNT 6.01.3505 SP1)
MSIE: Internet Explorer v9.00 (9.00.8112.16464)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\ProgramData\DatacardService\DCSHelper.exe
C:\ProgramData\BrowserProtect\2.6.1040.25\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe
C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesApp32.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\NetWorx\networx.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Join Air\UIMain.exe
C:\Program Files\Join Air\CMUpdater.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\Pablo1\Desktop\RSIT.exe
C:\Program Files\trend micro\Pablo1.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.searchcompletion.com/?si=10179&home=1
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.searchcompletion.com/?si=10179&home=1
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.searchcompletion.com/?si=10179&home=1
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://windows.microsoft.com/sk-SK/windows/home
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com/?crg=3.1010000.10011
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://search.searchcompletion.com/?si=10179&home=1
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - (no file)
O3 - Toolbar: &NetWorx Desk Band - {FEEA54B4-D80F-41C7-87B9-DC08E6D3255F} - C:\PROGRA~1\NetWorx\deskband.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [NetWorx] "C:\Program Files\NetWorx\networx.exe" /auto
O4 - HKLM\..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\RunOnce: [AvgUninstallURL] cmd.exe /c start http://www.avg.sk/sk.special-uninstalla ... 2decf7d34c
O4 - HKCU\..\Run: [KiesAirMessage] C:\Program Files\Samsung\Kies\KiesAirMessage.exe -startup
O4 - HKCU\..\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe /preload
O4 - HKCU\..\Run: [] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-221763810-776339957-632471727-1003\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-221763810-776339957-632471727-1003\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: Search the Web - C:\Program Files\SweetIM\Toolbars\Internet Explorer\resources\menuext.html
O8 - Extra context menu item: Turbo Internet: Bookmark this page - C:\Program Files\Turbo Internet\exts\addFav.html
O8 - Extra context menu item: Turbo Internet: Download this link - C:\Program Files\Turbo Internet\exts\dl.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O13 - Gopher Prefix:
O17 - HKLM\System\CCS\Services\Tcpip\..\{3B46A15A-7E49-4AF4-93DA-CF68DCA54B8A}: NameServer = 213.151.200.31 85.237.225.250
O17 - HKLM\System\CCS\Services\Tcpip\..\{70C48CF0-D696-45BF-B3AE-BD22F1596840}: NameServer = 213.151.200.31 213.151.208.162
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: c:\progra~2\browse~1\261040~1.25\{c16c1~1\browse~1.dll c:\progra~2\browse~1\261040~1.25\{c16c1~1\browse~1.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: BrowserProtect - Unknown owner - C:\ProgramData\BrowserProtect\2.6.1040.25\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe
O23 - Service: FsUsbExService - Teruten - C:\Windows\system32\FsUsbExService.Exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: HuaweiHiSuiteService.exe - Unknown owner - C:\ProgramData\HandSetService\HuaweiHiSuiteService.exe
O23 - Service: HWDeviceService.exe - Unknown owner - C:\ProgramData\DatacardService\HWDeviceService.exe
O23 - Service: Mobile Partner. OUC (Mobile Partner. RunOuc) - Unknown owner - C:\Program Files\Mobile Partner\UpdateDog\ouc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe
O23 - Service: UI Assistant Service - Unknown owner - C:\Program Files\Join Air\AssistantServices.exe

--
End of file - 7964 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-02-21 1225104]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}]
Yontoo

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{FEEA54B4-D80F-41C7-87B9-DC08E6D3255F} - &NetWorx Desk Band - C:\PROGRA~1\NetWorx\deskband.dll [2012-12-26 1405840]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-02-21 1225104]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NetWorx"=C:\Program Files\NetWorx\networx.exe [2012-12-26 3256208]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2012-06-11 10996368]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2013-02-21 4767304]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"AvgUninstallURL"=cmd.exe /c start http://www.avg.sk/sk.special-uninstalla ... 2decf7d34c []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"KiesAirMessage"=C:\Program Files\Samsung\Kies\KiesAirMessage.exe [2012-12-18 578560]
"KiesPreload"=C:\Program Files\Samsung\Kies\Kies.exe [2012-12-20 1476104]
""=C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [2012-12-20 844296]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="c:\progra~2\browse~1\261040~1.25\{c16c1~1\browse~1.dll c:\progra~2\browse~1\261040~1.25\{c16c1~1\browse~1.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\72540335.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppMgmt]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Base]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot Bus Extender]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot file system]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CryptSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DcomLaunch]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EventLog]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\File system]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Filter]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HelpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Netlogon]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PCI Configuration]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PlugPlay]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PNP Filter]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Primary disk]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcSs]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SCSI Class]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sermouse.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\System Bus Extender]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vga.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vgasave.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vmms]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinMgmt]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{36FC9E60-C465-11CF-8056-444553540000}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E965-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E969-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E977-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97B-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E980-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\72540335.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AppInfo]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AppMgmt]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Base]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\BFE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Boot Bus Extender]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Boot file system]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\bowser]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Browser]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CryptSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\DcomLaunch]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\dfsc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Dhcp]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\DnsCache]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Dot3Svc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Eaphost]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\EFS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\EventLog]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\File system]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Filter]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HelpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\IKEEXT]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ipnat.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\KeyIso]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LanmanServer]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LanmanWorkstation]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\LmHosts]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Messenger]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MPSDrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MPSSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb10]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mrxsmb20]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NativeWifiP]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NDIS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NDIS Wrapper]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ndiscap]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ndisuio]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetBIOS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetBIOSGroup]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetBT]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetDDEGroup]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Netlogon]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetMan]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\netprofm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Network]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetworkProvider]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NlaSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Nsi]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nsiproxy.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NTDS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PCI Configuration]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PlugPlay]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PNP Filter]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PNP_TDI]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PolicyAgent]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Power]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Primary disk]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ProfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdbss]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdpencdd.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\rdsessmgr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\RpcEptMapper]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\RpcSs]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sacsvr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SCardSvr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SCSI Class]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sermouse.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SharedAccess]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Streams Drivers]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SWPRV]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\System Bus Extender]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TabletInputService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TBS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Tcpip]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TDI]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TrustedInstaller]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VaultSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\VDS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vga.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vgasave.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vmms]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\volmgr.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\volmgrx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinMgmt]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wlansvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{36FC9E60-C465-11CF-8056-444553540000}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E965-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E967-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E969-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96A-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96B-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96F-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E972-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E973-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E974-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E975-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E977-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E97B-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E97D-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E980-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{50DD5230-BA8A-11D1-BF5D-0000F805F530}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=00000000
"NoDriveTypeAutoRun"=149
"NoDriveAutoRun"=67108835

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\E]
shell\AutoRun\command - E:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0653f6a7-1ac1-11e1-a920-002421f3d1f7}]
shell\AutoRun\command - E:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{100b24fe-19eb-11e1-8977-002421f3d1f7}]
shell\AutoRun\command - E:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{100b250b-19eb-11e1-8977-002421f3d1f7}]
shell\AutoRun\command - E:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{17dbc6b1-1a0d-11e1-8da0-002421f3d1f7}]
shell\AutoRun\command - E:\Huawei.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{17dbc70d-1a0d-11e1-8da0-002421f3d1f7}]
shell\AutoRun\command - E:\Huawei.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{17dbc76b-1a0d-11e1-8da0-002421f3d1f7}]
shell\AutoRun\command - E:\Huawei.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{17dbc7b2-1a0d-11e1-8da0-002421f3d1f7}]
shell\AutoRun\command - E:\Huawei.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{17dbc7fa-1a0d-11e1-8da0-002421f3d1f7}]
shell\AutoRun\command - E:\Huawei.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{17dbcbc5-1a0d-11e1-8da0-001e101fabdd}]
shell\AutoRun\command - E:\Huawei.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{17dbcc2f-1a0d-11e1-8da0-001e101fabdd}]
shell\AutoRun\command - E:\Huawei.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{17dbcc8c-1a0d-11e1-8da0-001e101fabdd}]
shell\AutoRun\command - E:\Huawei.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{17dbcd04-1a0d-11e1-8da0-001e101fabdd}]
shell\AutoRun\command - E:\Huawei.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{17dbcd68-1a0d-11e1-8da0-001e101fabdd}]
shell\AutoRun\command - E:\Huawei.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{21eec6cc-19ef-11e1-9469-806e6f6e6963}]
shell\AutoRun\command - E:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{21eec70f-19ef-11e1-9469-002421f3d1f7}]
shell\AutoRun\command - E:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2a8bfbd1-6f47-11e1-8f08-002421f3d1f7}]
shell\AutoRun\command - E:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2a8bfc26-6f47-11e1-8f08-002421f3d1f7}]
shell\AutoRun\command - E:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2a8bfcba-6f47-11e1-8f08-002421f3d1f7}]
shell\AutoRun\command - E:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2a8bfd2e-6f47-11e1-8f08-002421f3d1f7}]
shell\AutoRun\command - E:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2a8bfd67-6f47-11e1-8f08-002421f3d1f7}]
shell\AutoRun\command - E:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2a8bfdb3-6f47-11e1-8f08-002421f3d1f7}]
shell\AutoRun\command - E:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2a8bfe12-6f47-11e1-8f08-002421f3d1f7}]
shell\AutoRun\command - E:\Huawei.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2a8bff6c-6f47-11e1-8f08-002421f3d1f7}]
shell\AutoRun\command - E:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2a8bffc9-6f47-11e1-8f08-002421f3d1f7}]
shell\AutoRun\command - E:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2a8c0012-6f47-11e1-8f08-002421f3d1f7}]
shell\AutoRun\command - E:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2a8c0055-6f47-11e1-8f08-002421f3d1f7}]
shell\AutoRun\command - E:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2a8c03f4-6f47-11e1-8f08-002421f3d1f7}]
shell\AutoRun\command - E:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2a8c0519-6f47-11e1-8f08-002421f3d1f7}]
shell\AutoRun\command - E:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2a8c0553-6f47-11e1-8f08-002421f3d1f7}]
shell\AutoRun\command - E:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2a8c0955-6f47-11e1-8f08-002421f3d1f7}]
shell\AutoRun\command - E:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3aa3c8c6-1a79-11e1-8721-002421f3d1f7}]
shell\AutoRun\command - E:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{48f6ccc8-19ea-11e1-9b6b-806e6f6e6963}]
shell\AutoRun\command - E:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4d321840-c837-11e0-9092-806e6f6e6963}]
shell\AutoRun\command - F:\autorun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{626363d7-6f80-11e1-985e-002421f3d1f7}]
shell\AutoRun\command - E:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{62636440-6f80-11e1-985e-002421f3d1f7}]
shell\AutoRun\command - E:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{62636508-6f80-11e1-985e-002421f3d1f7}]
shell\AutoRun\command - E:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{626366cc-6f80-11e1-985e-002421f3d1f7}]
shell\AutoRun\command - E:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6263670a-6f80-11e1-985e-002421f3d1f7}]
shell\AutoRun\command - E:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{62636750-6f80-11e1-985e-002421f3d1f7}]
shell\AutoRun\command - E:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{626367a4-6f80-11e1-985e-002421f3d1f7}]
shell\AutoRun\command - E:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{626367d4-6f80-11e1-985e-002421f3d1f7}]
shell\AutoRun\command - E:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6263682c-6f80-11e1-985e-002421f3d1f7}]
shell\AutoRun\command - E:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{69528751-6e77-11e1-8102-002421f3d1f7}]
shell\AutoRun\command - E:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{69528794-6e77-11e1-8102-002421f3d1f7}]
shell\AutoRun\command - E:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{695287d3-6e77-11e1-8102-002421f3d1f7}]
shell\AutoRun\command - E:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{69528807-6e77-11e1-8102-002421f3d1f7}]
shell\AutoRun\command - E:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{69528ed1-6e77-11e1-8102-002421f3d1f7}]
shell\AutoRun\command - E:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{788777d3-6d16-11e1-af93-002421f3d1f7}]
shell\AutoRun\command - G:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{79757827-5ad8-11e1-93af-002421f3d1f7}]
shell\AutoRun\command - G:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{797578ba-5ad8-11e1-93af-002421f3d1f7}]
shell\AutoRun\command - G:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{79757ac4-5ad8-11e1-93af-002421f3d1f7}]
shell\AutoRun\command - G:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{985ccc2d-6add-11e1-8597-002421f3d1f7}]
shell\AutoRun\command - G:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{985cccc3-6add-11e1-8597-002421f3d1f7}]
shell\AutoRun\command - G:\Huawei.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{985cd602-6add-11e1-8597-002421f3d1f7}]
shell\AutoRun\command - G:\Huawei.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{af0c60a4-6fa3-11e1-a680-002421f3d1f7}]
shell\AutoRun\command - E:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b1154ec7-dba1-11e1-95bf-002421f3d1f7}]
shell\AutoRun\command - E:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b1cb392f-2352-11e1-a417-002421f3d1f7}]
shell\AutoRun\command - E:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b3e7a40c-bea5-11e1-a088-002421f3d1f7}]
shell\AutoRun\command - E:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b7d72af9-19f0-11e1-b324-002421f3d1f7}]
shell\AutoRun\command - E:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b975f998-5f14-11e2-8141-002421f3d1f7}]
shell\AutoRun\command - E:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{bae400cc-4615-11e2-b047-002421f3d1f7}]
shell\AutoRun\command - E:\autorun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c60e61d1-1a5b-11e1-bd28-002421f3d1f7}]
shell\AutoRun\command - E:\Huawei.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c60e6417-1a5b-11e1-bd28-002421f3d1f7}]
shell\AutoRun\command - E:\Huawei.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c60e6487-1a5b-11e1-bd28-002421f3d1f7}]
shell\AutoRun\command - E:\Huawei.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c60e64da-1a5b-11e1-bd28-002421f3d1f7}]
shell\AutoRun\command - E:\Huawei.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c60e64fd-1a5b-11e1-bd28-002421f3d1f7}]
shell\AutoRun\command - E:\Huawei.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c60e654d-1a5b-11e1-bd28-002421f3d1f7}]
shell\AutoRun\command - E:\Huawei.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d2b48c87-242d-11e1-b8b0-002421f3d1f7}]
shell\AutoRun\command - E:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d2b48cd1-242d-11e1-b8b0-002421f3d1f7}]
shell\AutoRun\command - E:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d5a39a4c-24ae-11e1-ac83-002421f3d1f7}]
shell\AutoRun\command - E:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d5a39ae6-24ae-11e1-ac83-002421f3d1f7}]
shell\AutoRun\command - E:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d5a39cec-24ae-11e1-ac83-002421f3d1f7}]
shell\AutoRun\command - E:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d5a39e0b-24ae-11e1-ac83-002421f3d1f7}]
shell\AutoRun\command - E:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d5a3a294-24ae-11e1-ac83-002421f3d1f7}]
shell\AutoRun\command - E:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d5a3a2c3-24ae-11e1-ac83-002421f3d1f7}]
shell\AutoRun\command - E:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e495e234-2130-11e1-bdd8-002421f3d1f7}]
shell\AutoRun\command - E:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e5fb4c93-1a6e-11e1-83d2-002421f3d1f7}]
shell\AutoRun\command - E:\Huawei.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e5fb4cda-1a6e-11e1-83d2-002421f3d1f7}]
shell\AutoRun\command - E:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{fca2429d-2101-11e1-b46d-002421f3d1f7}]
shell\AutoRun\command - E:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{fca24308-2101-11e1-b46d-002421f3d1f7}]
shell\AutoRun\command - E:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{fca24360-2101-11e1-b46d-002421f3d1f7}]
shell\AutoRun\command - E:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{fd97fcd9-19f8-11e1-805a-002421f3d1f7}]
shell\AutoRun\command - E:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{fd97fd5a-19f8-11e1-805a-002421f3d1f7}]
shell\AutoRun\command - E:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{fd97ffa3-19f8-11e1-805a-002421f3d1f7}]
shell\AutoRun\command - E:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{fd97fffe-19f8-11e1-805a-002421f3d1f7}]
shell\AutoRun\command - E:\Huawei.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{feee2b6f-5a53-11e1-848b-002421f3d1f7}]
shell\AutoRun\command - G:\AutoRun.exe

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2013-02-22 09:45:26 ----D---- C:\Program Files\trend micro
2013-02-22 09:45:09 ----D---- C:\rsit
2013-02-19 18:26:30 ----A---- C:\Windows\system32\nvopencl.dll
2013-02-19 18:26:30 ----A---- C:\Windows\system32\nvoglv32.dll
2013-02-19 18:26:29 ----A---- C:\Windows\system32\nvdispgenco3220162.dll
2013-02-19 18:26:29 ----A---- C:\Windows\system32\nvdispco3220294.dll
2013-02-19 18:26:29 ----A---- C:\Windows\system32\nvd3dum.dll
2013-02-19 18:26:29 ----A---- C:\Windows\system32\nvcuvid.dll
2013-02-19 18:26:29 ----A---- C:\Windows\system32\nvcuvenc.dll
2013-02-19 18:26:29 ----A---- C:\Windows\system32\nvcuda.dll
2013-02-19 18:26:29 ----A---- C:\Windows\system32\nvcompiler.dll
2013-02-18 21:55:52 ----A---- C:\Windows\system32\lagarith.dll
2013-02-18 21:55:51 ----A---- C:\Windows\system32\xvidvfw.dll
2013-02-18 21:55:51 ----A---- C:\Windows\system32\xvidcore.dll
2013-02-18 21:55:51 ----A---- C:\Windows\system32\x264vfw.dll
2013-02-18 21:55:42 ----A---- C:\Windows\system32\ff_vfw.dll
2013-02-18 21:55:35 ----D---- C:\Program Files\K-Lite Codec Pack
2013-02-18 09:02:11 ----D---- C:\Program Files\AVAST Software
2013-02-17 21:33:40 ----A---- C:\Windows\system32\aswBoot.exe
2013-02-17 18:38:47 ----D---- C:\Users\Pablo1\AppData\Roaming\KW
2013-02-17 11:07:14 ----D---- C:\Users\Pablo1\AppData\Roaming\ESET
2013-02-16 15:16:41 ----D---- C:\Users\Pablo1\AppData\Roaming\vlc
2013-02-16 15:15:54 ----D---- C:\Program Files\VideoLAN
2013-02-14 22:42:08 ----D---- C:\Users\Pablo1\AppData\Roaming\AnvSoft
2013-02-14 22:39:00 ----D---- C:\Program Files\AnvSoft
2013-02-14 20:20:46 ----D---- C:\Users\Pablo1\AppData\Roaming\Broad Intelligence
2013-02-13 10:03:39 ----A---- C:\Windows\system32\mshtmled.dll
2013-02-13 10:03:37 ----A---- C:\Windows\system32\vbscript.dll
2013-02-13 10:03:36 ----A---- C:\Windows\system32\jsproxy.dll
2013-02-13 10:03:36 ----A---- C:\Windows\system32\ieui.dll
2013-02-13 10:03:35 ----A---- C:\Windows\system32\msfeeds.dll
2013-02-13 10:03:35 ----A---- C:\Windows\system32\ieUnatt.exe
2013-02-13 10:03:33 ----A---- C:\Windows\system32\wininet.dll
2013-02-13 10:03:33 ----A---- C:\Windows\system32\jscript.dll
2013-02-13 10:03:31 ----A---- C:\Windows\system32\url.dll
2013-02-13 10:03:31 ----A---- C:\Windows\system32\jscript9.dll
2013-02-13 10:03:30 ----A---- C:\Windows\system32\iertutil.dll
2013-02-13 10:03:28 ----A---- C:\Windows\system32\urlmon.dll
2013-02-13 10:03:26 ----A---- C:\Windows\system32\mshtml.dll
2013-02-13 10:03:23 ----A---- C:\Windows\system32\ieframe.dll
2013-02-13 09:58:25 ----A---- C:\Windows\system32\ntkrnlpa.exe
2013-02-13 09:58:24 ----A---- C:\Windows\system32\ntoskrnl.exe
2013-02-13 09:57:41 ----A---- C:\Windows\system32\winsrv.dll
2013-02-11 17:32:27 ----AH---- C:\aaw7boot.cmd
2013-02-07 19:02:51 ----A---- C:\Windows\system32\unrar.dll
2013-02-02 12:23:14 ----D---- C:\Users\Pablo1\AppData\Roaming\avidemux
2013-01-28 19:50:57 ----D---- C:\Users\Pablo1\AppData\Roaming\eXtremeSenses
2013-01-26 17:01:39 ----D---- C:\Program Files\Microsoft.NET
2013-01-25 21:36:11 ----D---- C:\Program Files\Common Files\Skype
2013-01-23 10:57:25 ----D---- C:\Program Files\Audacity

======List of files/folders modified in the last 1 months======

2013-02-22 09:53:25 ----D---- C:\Windows\Temp
2013-02-22 09:45:26 ----D---- C:\Program Files
2013-02-22 09:25:45 ----D---- C:\Windows\system32\config
2013-02-22 08:56:17 ----SHD---- C:\System Volume Information
2013-02-22 08:32:01 ----D---- C:\Windows\system32\Tasks
2013-02-22 08:30:11 ----D---- C:\Windows
2013-02-22 08:23:25 ----D---- C:\Windows\debug
2013-02-22 08:23:09 ----D---- C:\Windows\System32
2013-02-21 18:05:57 ----D---- C:\Windows\Prefetch
2013-02-21 12:13:04 ----D---- C:\Windows\inf
2013-02-21 11:38:07 ----HD---- C:\ProgramData
2013-02-21 11:33:06 ----D---- C:\Windows\system32\drivers
2013-02-21 09:20:54 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-02-20 22:32:07 ----D---- C:\Windows\system32\catroot
2013-02-19 22:19:57 ----D---- C:\Program Files\Mozilla Maintenance Service
2013-02-19 22:19:57 ----D---- C:\Program Files\Mozilla Firefox
2013-02-19 18:31:53 ----D---- C:\Windows\system32\DriverStore
2013-02-19 18:31:11 ----D---- C:\Temp
2013-02-19 18:31:05 ----D---- C:\ProgramData\NVIDIA
2013-02-19 18:28:23 ----D---- C:\Program Files\NVIDIA Corporation
2013-02-19 18:28:18 ----D---- C:\Windows\system32\catroot2
2013-02-19 17:56:19 ----SHD---- C:\Windows\Installer
2013-02-18 21:04:27 ----D---- C:\Users\Pablo1\AppData\Roaming\AIMP3
2013-02-18 12:28:06 ----D---- C:\Windows\system32\wdi
2013-02-18 09:57:45 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2013-02-18 09:02:11 ----D---- C:\ProgramData\AVAST Software
2013-02-17 20:12:41 ----D---- C:\ProgramData\Xilisoft
2013-02-17 20:12:40 ----D---- C:\Program Files\Xilisoft
2013-02-17 20:07:44 ----D---- C:\Users\Pablo1\AppData\Roaming\Xilisoft
2013-02-15 17:59:10 ----D---- C:\ProgramData\Adobe
2013-02-15 16:04:03 ----D---- C:\Users\Pablo1\AppData\Roaming\XnView
2013-02-13 18:11:19 ----D---- C:\Users\Pablo1\AppData\Roaming\dvdcss
2013-02-13 10:28:49 ----D---- C:\Windows\Microsoft.NET
2013-02-13 10:28:48 ----RSD---- C:\Windows\assembly
2013-02-13 10:17:13 ----D---- C:\Windows\winsxs
2013-02-13 10:13:51 ----D---- C:\Windows\system32\migration
2013-02-13 10:13:50 ----D---- C:\Program Files\Internet Explorer
2013-02-13 10:05:38 ----A---- C:\Windows\system32\MRT.exe
2013-02-13 09:59:12 ----D---- C:\Windows\SoftwareDistribution
2013-02-12 09:34:57 ----SD---- C:\ProgramData\Microsoft
2013-02-11 20:40:21 ----D---- C:\Program Files\Google
2013-02-11 19:59:51 ----A---- C:\Windows\WinInit.Ini
2013-02-11 17:42:10 ----D---- C:\ProgramData\Lavasoft
2013-02-11 17:42:07 ----DC---- C:\Windows\system32\DRVSTORE
2013-02-10 04:20:39 ----A---- C:\Windows\system32\nvwgf2um.dll
2013-02-10 04:20:39 ----A---- C:\Windows\system32\nvapi.dll
2013-02-10 01:35:07 ----A---- C:\Windows\system32\nvsvc.dll
2013-02-10 01:35:07 ----A---- C:\Windows\system32\nvcpl.dll
2013-02-10 01:35:03 ----A---- C:\Windows\system32\nvvsvc.exe
2013-02-10 01:35:03 ----A---- C:\Windows\system32\nvsvcr.dll
2013-02-10 01:35:02 ----A---- C:\Windows\system32\nvshext.dll
2013-02-10 01:35:02 ----A---- C:\Windows\system32\nvmctray.dll
2013-02-06 17:08:58 ----D---- C:\ALFA
2013-01-29 15:39:52 ----D---- C:\Program Files\Realtek
2013-01-29 15:39:35 ----HD---- C:\Program Files\InstallShield Installation Information
2013-01-27 11:34:39 ----D---- C:\Windows\system32\NDF
2013-01-26 18:17:48 ----D---- C:\ProgramData\BlueStacksSetup
2013-01-26 17:01:42 ----D---- C:\Windows\system32\en-US
2013-01-25 21:39:16 ----D---- C:\Users\Pablo1\AppData\Roaming\Skype
2013-01-25 21:36:25 ----D---- C:\ProgramData\Skype
2013-01-25 21:36:11 ----RD---- C:\Program Files\Skype
2013-01-25 21:36:11 ----D---- C:\Program Files\Common Files
2013-01-23 10:57:53 ----D---- C:\Users\Pablo1\AppData\Roaming\Audacity

#2 Příspěvek od **JaRon** » 22 úno 2013 10:12

pouzi http://forum.viry.cz/viewtopic.php?f=24&t=102308 - research - log vloz

Pablo1 · #3 Příspěvek od **Pablo1** » 22 úno 2013 11:10

ale urobi len 20%

############################## | UsbFix V 7.096 | [Research]

User: Pablo1 (Administrator) # PABLO1-PC
Updated 15/08/2012 by El Desaparecido
Started at 10:54:36 | 22/02/2013

Website: http://eldesaparecido.com
Forum: http://forum.eldesaparecido.com
Suspicious file ? : http://eldesaparecido.com/upload.php
Contact: contact@eldesaparecido.com

PC: Micro-Star International (MSI NOTEBOOK VR630) (X86-based PC) # Desktop Computer
CPU: AMD Sempron(tm) SI-42 (2100)
RAM -> [Total : 1791 | Free : 838]
BIOS: MSI NOTEBOOK VR630, BIOS Version: A1672NMS Ver1.0J
BOOT: Normal boot

OS: Microsoft Windows 7 Home Premium (6.1.7601 32-Bit) # Service Pack 1
WB: Windows Internet Explorer 9.0.8112.16421

SC: Security Center Service [Enabled]
WU: Windows Update Service [Enabled]
AV: avast! Antivirus [(!) Disabled | Updated]
FW: Windows FireWall Service [Enabled]

C:\ (%systemdrive%) -> Fixed drive # 298 Gb (176 Mb free - 59%) [] # NTFS
D:\ -> CD-ROM
E:\ -> CD-ROM

################## | Active Processes |

C:\Windows\system32\csrss.exe (492)
C:\Windows\system32\wininit.exe (548)
C:\Windows\system32\csrss.exe (560)
C:\Windows\system32\services.exe (608)
C:\Windows\system32\lsass.exe (624)
C:\Windows\system32\lsm.exe (632)
C:\Windows\system32\winlogon.exe (668)
C:\Windows\system32\svchost.exe (784)
C:\Windows\system32\nvvsvc.exe (856)
C:\Windows\system32\svchost.exe (884)
C:\Windows\System32\svchost.exe (932)
C:\Windows\System32\svchost.exe (1068)
C:\Windows\system32\svchost.exe (1108)
C:\Windows\system32\svchost.exe (1184)
C:\Windows\system32\svchost.exe (1236)
C:\Windows\system32\svchost.exe (1376)
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (1396)
C:\Windows\system32\nvvsvc.exe (1408)
C:\Windows\system32\svchost.exe (1548)
C:\Program Files\AVAST Software\Avast\AvastSvc.exe (1612)
C:\Windows\System32\spoolsv.exe (1756)
C:\Windows\system32\svchost.exe (1836)
C:\ProgramData\BrowserProtect\2.6.1040.25\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe (1868)
C:\Windows\system32\svchost.exe (1896)
C:\Windows\system32\schtasks.exe (1916)
C:\Windows\system32\conhost.exe (1948)
C:\Windows\system32\FsUsbExService.Exe (1968)
C:\ProgramData\HandSetService\HuaweiHiSuiteService.exe (2040)
C:\ProgramData\DatacardService\HWDeviceService.exe (460)
C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe (1432)
C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe (1596)
C:\Program Files\CyberLink\Shared files\RichVideo.exe (1828)
C:\Windows\system32\svchost.exe (1344)
C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe (880)
C:\Program Files\Join Air\AssistantServices.exe (488)
C:\Windows\system32\svchost.exe (1424)
C:\Windows\system32\taskhost.exe (2300)
C:\Windows\system32\Dwm.exe (2400)
C:\Windows\Explorer.EXE (2500)
C:\ProgramData\DatacardService\DCSHelper.exe (2608)
C:\ProgramData\BrowserProtect\2.6.1040.25\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe (2748)
C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesApp32.exe (2916)
C:\Windows\System32\alg.exe (2952)
C:\Windows\System32\WUDFHost.exe (3216)
C:\Windows\system32\svchost.exe (3344)
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (3508)
C:\Program Files\NetWorx\networx.exe (3608)
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (3632)
C:\Program Files\AVAST Software\Avast\AvastUI.exe (3652)
C:\Program Files\Join Air\UIMain.exe (3400)
C:\Program Files\Join Air\CMUpdater.exe (2988)
C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (1060)
C:\Windows\System32\svchost.exe (3580)
C:\Program Files\Mozilla Firefox\firefox.exe (2932)
C:\Windows\system32\ctfmon.exe (2268)
C:\UsbFix\Go.exe (1668)
C:\Windows\system32\wbem\wmiprvse.exe (3600)

################## | Files # Infected Folders |

#4 Příspěvek od **JaRon** » 22 úno 2013 11:16

skoda ,,,
1. prescanuj PC s MBAM - log vloz
2. vloz log z TDSSKiller

Pablo1 · #5 Příspěvek od **Pablo1** » 22 úno 2013 14:39

Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Verzia databázy: v2013.02.22.01

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
Pablo1 :: PABLO1-PC [administrátor]

22.02.2013 11:32:00
mbam-log-2013-02-22 (11-32-00).txt

Typ kontroly: Úplná kontrola (C:\|E:\|F:\|)
Možnosti kontroly zapnuté: Pamäť | Po spustení | Registre | Systémové súbory | Heuristika/Extra | Heuristika/Shuriken | PUP | PUM
Možnosti kontroly vypnuté: P2P
Objektov kontrolovaných: 376778
Uplynutý čas: 2 hod, 57 min, 18 sek

Detegované služby pamäte: 0
(Škodlivé položky neboli zistené)

Detegované moduly pamäte: 0
(Škodlivé položky neboli zistené)

Detegované registračné kľúče: 0
(Škodlivé položky neboli zistené)

Detegované registračné hodnoty: 0
(Škodlivé položky neboli zistené)

Detegované položky registračných dát: 0
(Škodlivé položky neboli zistené)

Detegované priečinky: 0
(Škodlivé položky neboli zistené)

Detegované súbory: 0
(Škodlivé položky neboli zistené)

(koniec)

14:32:08.0730 3108 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
14:32:10.0759 3108 ============================================================
14:32:10.0759 3108 Current date / time: 2013/02/22 14:32:10.0759
14:32:10.0759 3108 SystemInfo:
14:32:10.0759 3108
14:32:10.0759 3108 OS Version: 6.1.7601 ServicePack: 1.0
14:32:10.0759 3108 Product type: Workstation
14:32:10.0759 3108 ComputerName: PABLO1-PC
14:32:10.0760 3108 UserName: Pablo1
14:32:10.0760 3108 Windows directory: C:\Windows
14:32:10.0760 3108 System windows directory: C:\Windows
14:32:10.0760 3108 Processor architecture: Intel x86
14:32:10.0760 3108 Number of processors: 1
14:32:10.0760 3108 Page size: 0x1000
14:32:10.0760 3108 Boot type: Normal boot
14:32:10.0760 3108 ============================================================
14:32:13.0166 3108 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
14:32:13.0187 3108 ============================================================
14:32:13.0187 3108 \Device\Harddisk0\DR0:
14:32:13.0187 3108 MBR partitions:
14:32:13.0187 3108 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x254297C1
14:32:13.0187 3108 ============================================================
14:32:13.0227 3108 C: <-> \Device\Harddisk0\DR0\Partition1
14:32:13.0272 3108 ============================================================
14:32:13.0272 3108 Initialize success
14:32:13.0272 3108 ============================================================
14:32:16.0044 3740 ============================================================
14:32:16.0044 3740 Scan started
14:32:16.0044 3740 Mode: Manual;
14:32:16.0044 3740 ============================================================
14:32:17.0462 3740 ================ Scan system memory ========================
14:32:17.0462 3740 System memory - ok
14:32:17.0479 3740 ================ Scan services =============================
14:32:17.0636 3740 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
14:32:17.0641 3740 1394ohci - ok
14:32:17.0668 3740 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\Windows\system32\drivers\ACPI.sys
14:32:17.0674 3740 ACPI - ok
14:32:17.0704 3740 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
14:32:17.0706 3740 AcpiPmi - ok
14:32:17.0776 3740 [ 563CDCFEEAEF97163E206AF71A61AA6E ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
14:32:17.0782 3740 AdobeFlashPlayerUpdateSvc - ok
14:32:17.0813 3740 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
14:32:17.0827 3740 adp94xx - ok
14:32:17.0868 3740 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\drivers\adpahci.sys
14:32:17.0875 3740 adpahci - ok
14:32:17.0906 3740 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
14:32:17.0910 3740 adpu320 - ok
14:32:17.0992 3740 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
14:32:17.0994 3740 AeLookupSvc - ok
14:32:18.0044 3740 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\Windows\system32\drivers\afd.sys
14:32:18.0051 3740 AFD - ok
14:32:18.0111 3740 [ 7E10E3BB9B258AD8A9300F91214D67B9 ] AgereSoftModem C:\Windows\system32\DRIVERS\AGRSM.sys
14:32:18.0144 3740 AgereSoftModem - ok
14:32:18.0169 3740 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\drivers\agp440.sys
14:32:18.0172 3740 agp440 - ok
14:32:18.0200 3740 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\drivers\djsvs.sys
14:32:18.0203 3740 aic78xx - ok
14:32:18.0227 3740 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
14:32:18.0230 3740 ALG - ok
14:32:18.0256 3740 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\drivers\aliide.sys
14:32:18.0258 3740 aliide - ok
14:32:18.0281 3740 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\drivers\amdagp.sys
14:32:18.0283 3740 amdagp - ok
14:32:18.0314 3740 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\drivers\amdide.sys
14:32:18.0316 3740 amdide - ok
14:32:18.0333 3740 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
14:32:18.0335 3740 AmdK8 - ok
14:32:18.0359 3740 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
14:32:18.0362 3740 AmdPPM - ok
14:32:18.0398 3740 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\Windows\system32\drivers\amdsata.sys
14:32:18.0401 3740 amdsata - ok
14:32:18.0435 3740 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
14:32:18.0439 3740 amdsbs - ok
14:32:18.0468 3740 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\Windows\system32\drivers\amdxata.sys
14:32:18.0470 3740 amdxata - ok
14:32:18.0500 3740 [ DD8D9C597AF7CD2F6B70A3D6A4A1ACEA ] androidusb C:\Windows\system32\Drivers\ssadadb.sys
14:32:18.0503 3740 androidusb - ok
14:32:18.0539 3740 [ 4A8CB8FEA9DCB6F93017F413E2646001 ] Angelnt C:\Windows\System32\Drivers\ANGELNT.SYS
14:32:18.0542 3740 Angelnt - ok
14:32:18.0616 3740 [ EFA78DCA6DE1B9E5DFA1834AD9DD6B20 ] anvsnddrv C:\Windows\system32\drivers\anvsnddrv.sys
14:32:18.0619 3740 anvsnddrv - ok
14:32:18.0718 3740 [ D1AF38FBAC0DC7E6D796B0ED01707EE0 ] AppHostSvc C:\Windows\system32\inetsrv\apphostsvc.dll
14:32:18.0721 3740 AppHostSvc - ok
14:32:18.0751 3740 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\Windows\system32\drivers\appid.sys
14:32:18.0754 3740 AppID - ok
14:32:18.0785 3740 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
14:32:18.0788 3740 AppIDSvc - ok
14:32:18.0813 3740 [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo C:\Windows\System32\appinfo.dll
14:32:18.0815 3740 Appinfo - ok
14:32:18.0840 3740 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\drivers\arc.sys
14:32:18.0843 3740 arc - ok
14:32:18.0872 3740 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\drivers\arcsas.sys
14:32:18.0876 3740 arcsas - ok
14:32:18.0936 3740 [ 9EBEBD0D904AA57B314C05AB2572D5E4 ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
14:32:18.0939 3740 aswFsBlk - ok
14:32:19.0005 3740 [ 41503060BA332EDF1E8F5302FE982B36 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
14:32:19.0008 3740 aswMonFlt - ok
14:32:19.0061 3740 [ B94F063CF24D3A80289505E5D862BE0A ] aswRdr C:\Windows\System32\Drivers\aswrdr2.sys
14:32:19.0063 3740 aswRdr - ok
14:32:19.0110 3740 [ 34BE83E7E2CCF0EC21929407CFA6A17B ] aswRvrt C:\Windows\system32\drivers\aswRvrt.sys
14:32:19.0113 3740 aswRvrt - ok
14:32:19.0179 3740 [ 9DD41C0E706F9A4274572CF253020291 ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
14:32:19.0202 3740 aswSnx - ok
14:32:19.0242 3740 [ C2B4E5400753DC51D8E975BD421F6B9C ] aswSP C:\Windows\system32\drivers\aswSP.sys
14:32:19.0250 3740 aswSP - ok
14:32:19.0273 3740 [ 0468F859A22066D243A76223B0676860 ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
14:32:19.0275 3740 aswTdi - ok
14:32:19.0304 3740 [ 21AEFFA234C22D86ED155C41D6CFE3FB ] aswVmm C:\Windows\system32\drivers\aswVmm.sys
14:32:19.0309 3740 aswVmm - ok
14:32:19.0340 3740 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
14:32:19.0342 3740 AsyncMac - ok
14:32:19.0372 3740 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\drivers\atapi.sys
14:32:19.0374 3740 atapi - ok
14:32:19.0430 3740 [ EE32C0A39B6D3D0834C4D46D8C45E1D0 ] athr C:\Windows\system32\DRIVERS\athr.sys
14:32:19.0466 3740 athr - ok
14:32:19.0507 3740 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
14:32:19.0517 3740 AudioEndpointBuilder - ok
14:32:19.0552 3740 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
14:32:19.0558 3740 Audiosrv - ok
14:32:19.0681 3740 [ F911EA9ED67C6FBE55261666C5032508 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
14:32:19.0683 3740 avast! Antivirus - ok
14:32:19.0711 3740 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\Windows\System32\AxInstSV.dll
14:32:19.0714 3740 AxInstSV - ok
14:32:19.0749 3740 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\drivers\bxvbdx.sys
14:32:19.0758 3740 b06bdrv - ok
14:32:19.0789 3740 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
14:32:19.0795 3740 b57nd60x - ok
14:32:19.0826 3740 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
14:32:19.0829 3740 BDESVC - ok
14:32:19.0859 3740 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
14:32:19.0860 3740 Beep - ok
14:32:19.0903 3740 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\Windows\System32\bfe.dll
14:32:19.0927 3740 BFE - ok
14:32:19.0976 3740 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\Windows\System32\qmgr.dll
14:32:20.0022 3740 BITS - ok
14:32:20.0050 3740 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
14:32:20.0052 3740 blbdrive - ok
14:32:20.0087 3740 [ B900D52BD62B19F086EBA674911A9AEC ] BMserDiag C:\Windows\system32\DRIVERS\BMserDiag.sys
14:32:20.0090 3740 BMserDiag - ok
14:32:20.0117 3740 [ B900D52BD62B19F086EBA674911A9AEC ] BMserNmea C:\Windows\system32\DRIVERS\BMserNmea.sys
14:32:20.0120 3740 BMserNmea - ok
14:32:20.0146 3740 [ B900D52BD62B19F086EBA674911A9AEC ] BMusbmdm C:\Windows\system32\DRIVERS\BMusbmdm.sys
14:32:20.0149 3740 BMusbmdm - ok
14:32:20.0188 3740 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
14:32:20.0191 3740 bowser - ok
14:32:20.0234 3740 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
14:32:20.0236 3740 BrFiltLo - ok
14:32:20.0263 3740 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
14:32:20.0265 3740 BrFiltUp - ok
14:32:20.0294 3740 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\Windows\System32\browser.dll
14:32:20.0298 3740 Browser - ok
14:32:20.0459 3740 [ 18994CC7A0664F9C8E495F09C38E2FCD ] BrowserProtect C:\ProgramData\BrowserProtect\2.6.1040.25\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe
14:32:20.0540 3740 BrowserProtect - ok
14:32:20.0582 3740 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
14:32:20.0589 3740 Brserid - ok
14:32:20.0617 3740 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
14:32:20.0619 3740 BrSerWdm - ok
14:32:20.0650 3740 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
14:32:20.0653 3740 BrUsbMdm - ok
14:32:20.0682 3740 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
14:32:20.0684 3740 BrUsbSer - ok
14:32:20.0701 3740 BT - ok
14:32:20.0720 3740 BTCOM - ok
14:32:20.0740 3740 BTCOMBUS - ok
14:32:20.0792 3740 [ 2865A5C8E98C70C605F417908CEBB3A4 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
14:32:20.0794 3740 BthEnum - ok
14:32:20.0845 3740 [ 5A5EF0A9F1F6879DFA074D16812ECF85 ] BtHidBus C:\Windows\system32\Drivers\BtHidBus.sys
14:32:20.0847 3740 BtHidBus - ok
14:32:20.0886 3740 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
14:32:20.0890 3740 BTHMODEM - ok
14:32:20.0966 3740 [ AD1872E5829E8A2C3B5B4B641C3EAB0E ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
14:32:20.0969 3740 BthPan - ok
14:32:21.0013 3740 [ 1153DE2E4F5941E10C399CB5592F78A1 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
14:32:21.0022 3740 BTHPORT - ok
14:32:21.0061 3740 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
14:32:21.0064 3740 bthserv - ok
14:32:21.0099 3740 [ C81E9413A25A439F436B1D4B6A0CF9E9 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
14:32:21.0102 3740 BTHUSB - ok
14:32:21.0132 3740 [ 15E581ABCF37F07F1ABE3FC2645F33C0 ] btnetBUs C:\Windows\system32\Drivers\btnetBus.sys
14:32:21.0134 3740 btnetBUs - ok
14:32:21.0157 3740 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
14:32:21.0160 3740 cdfs - ok
14:32:21.0190 3740 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
14:32:21.0192 3740 cdrom - ok
14:32:21.0233 3740 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\drivers\circlass.sys
14:32:21.0236 3740 circlass - ok
14:32:21.0264 3740 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
14:32:21.0269 3740 CLFS - ok
14:32:21.0321 3740 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:32:21.0324 3740 clr_optimization_v2.0.50727_32 - ok
14:32:21.0411 3740 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:32:21.0415 3740 clr_optimization_v4.0.30319_32 - ok
14:32:21.0441 3740 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
14:32:21.0443 3740 CmBatt - ok
14:32:21.0481 3740 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\drivers\cmdide.sys
14:32:21.0482 3740 cmdide - ok
14:32:21.0520 3740 [ 42F158036BD4C2FF3122BF142E60E6FD ] CNG C:\Windows\system32\Drivers\cng.sys
14:32:21.0528 3740 CNG - ok
14:32:21.0581 3740 [ 4EB6222BE3C3C8071F4A9CA076241D1D ] cnnctfy2 C:\Windows\system32\DRIVERS\cnnctfy2.sys
14:32:21.0583 3740 cnnctfy2 - ok
14:32:21.0601 3740 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
14:32:21.0603 3740 Compbatt - ok
14:32:21.0626 3740 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
14:32:21.0629 3740 CompositeBus - ok
14:32:21.0647 3740 COMSysApp - ok
14:32:21.0669 3740 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
14:32:21.0673 3740 crcdisk - ok
14:32:21.0727 3740 [ 96C0E38905CFD788313BE8E11DAE3F2F ] CryptSvc C:\Windows\system32\cryptsvc.dll
14:32:21.0731 3740 CryptSvc - ok
14:32:21.0787 3740 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\Windows\system32\rpcss.dll
14:32:21.0810 3740 DcomLaunch - ok
14:32:21.0850 3740 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
14:32:21.0857 3740 defragsvc - ok
14:32:21.0892 3740 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
14:32:21.0894 3740 DfsC - ok
14:32:21.0919 3740 dgderdrv - ok
14:32:21.0957 3740 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\Windows\system32\dhcpcore.dll
14:32:21.0964 3740 Dhcp - ok
14:32:21.0995 3740 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
14:32:21.0998 3740 discache - ok
14:32:22.0022 3740 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\drivers\disk.sys
14:32:22.0025 3740 Disk - ok
14:32:22.0067 3740 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
14:32:22.0072 3740 Dnscache - ok
14:32:22.0107 3740 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\Windows\System32\dot3svc.dll
14:32:22.0114 3740 dot3svc - ok
14:32:22.0355 3740 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\Windows\system32\dps.dll
14:32:22.0360 3740 DPS - ok
14:32:22.0392 3740 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
14:32:22.0394 3740 drmkaud - ok
14:32:22.0440 3740 [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
14:32:22.0461 3740 DXGKrnl - ok
14:32:22.0482 3740 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
14:32:22.0486 3740 EapHost - ok
14:32:22.0695 3740 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\drivers\evbdx.sys
14:32:22.0843 3740 ebdrv - ok
14:32:22.0898 3740 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\Windows\System32\lsass.exe
14:32:23.0031 3740 EFS - ok
14:32:23.0106 3740 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
14:32:23.0126 3740 ehRecvr - ok
14:32:23.0157 3740 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe
14:32:23.0160 3740 ehSched - ok
14:32:23.0261 3740 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\drivers\elxstor.sys
14:32:23.0394 3740 elxstor - ok
14:32:23.0426 3740 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\drivers\errdev.sys
14:32:23.0428 3740 ErrDev - ok
14:32:23.0501 3740 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
14:32:23.0509 3740 EventSystem - ok
14:32:23.0549 3740 [ 026F6D48CC5293C7B8A696376618B9D2 ] ewusbmbb C:\Windows\system32\DRIVERS\ewusbwwan.sys
14:32:23.0558 3740 ewusbmbb - ok
14:32:23.0577 3740 ewusbnet - ok
14:32:23.0687 3740 [ 57C171EA22F0A7F068FCB0CAEDD1E8E7 ] ew_hwusbdev C:\Windows\system32\DRIVERS\ew_hwusbdev.sys
14:32:23.0695 3740 ew_hwusbdev - ok
14:32:23.0723 3740 [ 61A973F60E94A551BA7B15F3460444FB ] ew_usbenumfilter C:\Windows\system32\DRIVERS\ew_usbenumfilter.sys
14:32:23.0726 3740 ew_usbenumfilter - ok
14:32:23.0762 3740 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
14:32:23.0766 3740 exfat - ok
14:32:23.0809 3740 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
14:32:23.0813 3740 fastfat - ok
14:32:23.0866 3740 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\Windows\system32\fxssvc.exe
14:32:23.0879 3740 Fax - ok
14:32:23.0910 3740 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\drivers\fdc.sys
14:32:23.0912 3740 fdc - ok
14:32:23.0941 3740 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
14:32:23.0945 3740 fdPHost - ok
14:32:24.0161 3740 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
14:32:24.0250 3740 FDResPub - ok
14:32:24.0295 3740 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
14:32:24.0298 3740 FileInfo - ok
14:32:24.0322 3740 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
14:32:24.0326 3740 Filetrace - ok
14:32:24.0358 3740 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
14:32:24.0363 3740 flpydisk - ok
14:32:24.0636 3740 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
14:32:24.0656 3740 FltMgr - ok
14:32:24.0723 3740 [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] FontCache C:\Windows\system32\FntCache.dll
14:32:24.0758 3740 FontCache - ok
14:32:24.0822 3740 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
14:32:24.0824 3740 FontCache3.0.0.0 - ok
14:32:24.0881 3740 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
14:32:24.0891 3740 FsDepends - ok
14:32:24.0966 3740 [ 10398B515653442A5B89FDF6A1D06180 ] FsUsbExDisk C:\Windows\system32\FsUsbExDisk.SYS
14:32:24.0970 3740 FsUsbExDisk - ok
14:32:25.0003 3740 [ 2A0D3EE7D2D42A3A812D3E6795A2382B ] FsUsbExService C:\Windows\system32\FsUsbExService.Exe
14:32:25.0012 3740 FsUsbExService - ok
14:32:25.0191 3740 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
14:32:25.0200 3740 Fs_Rec - ok
14:32:25.0244 3740 [ 8A73E79089B282100B9393B644CB853B ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
14:32:25.0249 3740 fvevol - ok
14:32:25.0282 3740 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
14:32:25.0285 3740 gagp30kx - ok
14:32:25.0464 3740 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\Windows\System32\gpsvc.dll
14:32:25.0569 3740 gpsvc - ok
14:32:25.0623 3740 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
14:32:25.0627 3740 gupdate - ok
14:32:25.0657 3740 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
14:32:25.0660 3740 gupdatem - ok
14:32:25.0686 3740 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
14:32:25.0690 3740 hcw85cir - ok
14:32:26.0076 3740 [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
14:32:26.0085 3740 HdAudAddService - ok
14:32:26.0120 3740 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
14:32:26.0125 3740 HDAudBus - ok
14:32:26.0149 3740 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
14:32:26.0151 3740 HidBatt - ok
14:32:26.0189 3740 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\drivers\hidbth.sys
14:32:26.0304 3740 HidBth - ok
14:32:26.0339 3740 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\drivers\hidir.sys
14:32:26.0342 3740 HidIr - ok
14:32:26.0386 3740 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\system32\hidserv.dll
14:32:26.0392 3740 hidserv - ok
14:32:26.0426 3740 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
14:32:26.0429 3740 HidUsb - ok
14:32:26.0680 3740 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\Windows\system32\kmsvc.dll
14:32:26.0685 3740 hkmsvc - ok
14:32:26.0716 3740 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
14:32:26.0725 3740 HomeGroupListener - ok
14:32:26.0761 3740 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
14:32:26.0840 3740 HomeGroupProvider - ok
14:32:26.0879 3740 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
14:32:26.0881 3740 HpSAMD - ok
14:32:26.0916 3740 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\Windows\system32\drivers\HTTP.sys
14:32:26.0937 3740 HTTP - ok
14:32:27.0098 3740 [ F0C7BDBEF1E4BBFB80FCD540FD2CBD0B ] HuaweiHiSuiteService.exe C:\ProgramData\HandSetService\HuaweiHiSuiteService.exe
14:32:27.0103 3740 HuaweiHiSuiteService.exe - ok
14:32:27.0143 3740 [ F44461E66F1B7DD267957FE9BAA63ED0 ] huawei_enumerator C:\Windows\system32\DRIVERS\ew_jubusenum.sys
14:32:27.0146 3740 huawei_enumerator - ok
14:32:27.0201 3740 [ B50E1D8627354BA8E4DF83470F1272C8 ] hwdatacard C:\Windows\system32\DRIVERS\ewusbmdm.sys
14:32:27.0207 3740 hwdatacard - ok
14:32:27.0806 3740 [ 5EF3427AE503B5C03A48F7C9FF458B69 ] HWDeviceService.exe C:\ProgramData\DatacardService\HWDeviceService.exe
14:32:27.0811 3740 HWDeviceService.exe - ok
14:32:27.0873 3740 [ C2E3F59FEF137480D838FB0ED8500F43 ] hwmassfilter C:\Windows\system32\DRIVERS\ewmassfilter.sys
14:32:27.0875 3740 hwmassfilter - ok
14:32:27.0900 3740 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
14:32:27.0902 3740 hwpolicy - ok
14:32:27.0999 3740 hwusbdev - ok
14:32:28.0031 3740 hwusbfake - ok
14:32:28.0099 3740 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
14:32:28.0102 3740 i8042prt - ok
14:32:28.0252 3740 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
14:32:28.0265 3740 iaStorV - ok
14:32:28.0328 3740 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
14:32:28.0362 3740 idsvc - ok
14:32:28.0395 3740 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\drivers\iirsp.sys
14:32:28.0397 3740 iirsp - ok
14:32:28.0484 3740 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\Windows\System32\ikeext.dll
14:32:28.0505 3740 IKEEXT - ok
14:32:28.0721 3740 [ F2C17D2C3D70C389193D9954E375E5E3 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
14:32:28.0813 3740 IntcAzAudAddService - ok
14:32:28.0844 3740 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\drivers\intelide.sys
14:32:28.0852 3740 intelide - ok
14:32:28.0871 3740 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\drivers\intelppm.sys
14:32:28.0876 3740 intelppm - ok
14:32:28.0906 3740 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
14:32:28.0912 3740 IPBusEnum - ok
14:32:28.0939 3740 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:32:28.0943 3740 IpFilterDriver - ok
14:32:29.0409 3740 [ 58F67245D041FBE7AF88F4EAF79DF0FA ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
14:32:29.0452 3740 iphlpsvc - ok
14:32:29.0470 3740 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
14:32:29.0474 3740 IPMIDRV - ok
14:32:29.0586 3740 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
14:32:29.0667 3740 IPNAT - ok
14:32:29.0689 3740 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
14:32:29.0693 3740 IRENUM - ok
14:32:29.0711 3740 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\drivers\isapnp.sys
14:32:29.0714 3740 isapnp - ok
14:32:29.0745 3740 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
14:32:29.0811 3740 iScsiPrt - ok
14:32:29.0986 3740 [ 132EB047E3F94DC9EAB83C74E8C2E85A ] IvtBtBUs C:\Windows\system32\Drivers\IvtBtBus.sys
14:32:29.0988 3740 IvtBtBUs - ok
14:32:30.0023 3740 [ A69A1B991824B98F744913555F665893 ] JMCR C:\Windows\system32\DRIVERS\jmcr.sys
14:32:30.0027 3740 JMCR - ok
14:32:30.0057 3740 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
14:32:30.0060 3740 kbdclass - ok
14:32:30.0079 3740 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
14:32:30.0081 3740 kbdhid - ok
14:32:30.0114 3740 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\Windows\system32\lsass.exe
14:32:30.0118 3740 KeyIso - ok
14:32:30.0162 3740 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
14:32:30.0165 3740 KSecDD - ok
14:32:30.0193 3740 [ 5FE1ABF1AF591A3458C9CF24ED9A4D35 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
14:32:30.0204 3740 KSecPkg - ok
14:32:30.0252 3740 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
14:32:30.0274 3740 KtmRm - ok
14:32:30.0318 3740 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\Windows\system32\srvsvc.dll
14:32:30.0364 3740 LanmanServer - ok
14:32:30.0396 3740 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
14:32:30.0406 3740 LanmanWorkstation - ok
14:32:30.0440 3740 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
14:32:30.0580 3740 lltdio - ok
14:32:30.0769 3740 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
14:32:30.0778 3740 lltdsvc - ok
14:32:30.0879 3740 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
14:32:30.0884 3740 lmhosts - ok
14:32:30.0956 3740 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
14:32:30.0960 3740 LSI_FC - ok
14:32:30.0984 3740 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
14:32:30.0989 3740 LSI_SAS - ok
14:32:31.0160 3740 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
14:32:31.0162 3740 LSI_SAS2 - ok
14:32:31.0197 3740 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
14:32:31.0201 3740 LSI_SCSI - ok
14:32:31.0228 3740 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
14:32:31.0231 3740 luafv - ok
14:32:31.0265 3740 [ 79EC6C0033776F89DD5131241F0170E1 ] massfilter C:\Windows\system32\drivers\massfilter.sys
14:32:31.0267 3740 massfilter - ok
14:32:31.0494 3740 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
14:32:31.0500 3740 Mcx2Svc - ok
14:32:31.0517 3740 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\drivers\megasas.sys
14:32:31.0519 3740 megasas - ok
14:32:31.0560 3740 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
14:32:31.0652 3740 MegaSR - ok
14:32:31.0841 3740 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
14:32:31.0846 3740 MMCSS - ok
14:32:31.0910 3740 [ 1CE0621B591913C12BECAA5B50E88BB2 ] Mobile Partner. RunOuc C:\Program Files\Mobile Partner\UpdateDog\ouc.exe
14:32:31.0916 3740 Mobile Partner. RunOuc - ok
14:32:31.0945 3740 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
14:32:31.0946 3740 Modem - ok
14:32:32.0064 3740 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
14:32:32.0071 3740 monitor - ok
14:32:32.0103 3740 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
14:32:32.0106 3740 mouclass - ok
14:32:32.0141 3740 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
14:32:32.0144 3740 mouhid - ok
14:32:32.0290 3740 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
14:32:32.0365 3740 mountmgr - ok
14:32:32.0435 3740 [ 5C5E45DDABEFBC9F564F1D5C83258B8F ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
14:32:32.0439 3740 MozillaMaintenance - ok
14:32:32.0471 3740 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\Windows\system32\drivers\mpio.sys
14:32:32.0476 3740 mpio - ok
14:32:32.0502 3740 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
14:32:32.0578 3740 mpsdrv - ok
14:32:32.0637 3740 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\Windows\system32\mpssvc.dll
14:32:32.0660 3740 MpsSvc - ok
14:32:32.0691 3740 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
14:32:32.0735 3740 MRxDAV - ok
14:32:32.0913 3740 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
14:32:32.0916 3740 mrxsmb - ok
14:32:32.0979 3740 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:32:32.0984 3740 mrxsmb10 - ok
14:32:33.0078 3740 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:32:33.0081 3740 mrxsmb20 - ok
14:32:33.0112 3740 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\Windows\system32\drivers\msahci.sys
14:32:33.0114 3740 msahci - ok
14:32:33.0140 3740 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\Windows\system32\drivers\msdsm.sys
14:32:33.0144 3740 msdsm - ok
14:32:33.0306 3740 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
14:32:33.0313 3740 MSDTC - ok
14:32:33.0351 3740 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
14:32:33.0353 3740 Msfs - ok
14:32:33.0500 3740 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
14:32:33.0585 3740 mshidkmdf - ok
14:32:33.0610 3740 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
14:32:33.0612 3740 msisadrv - ok
14:32:33.0650 3740 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
14:32:33.0657 3740 MSiSCSI - ok
14:32:33.0676 3740 msiserver - ok
14:32:33.0694 3740 MSI_MSIBIOS_010507 - ok
14:32:33.0728 3740 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
14:32:33.0730 3740 MSKSSRV - ok
14:32:33.0761 3740 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
14:32:33.0763 3740 MSPCLOCK - ok
14:32:33.0797 3740 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
14:32:33.0799 3740 MSPQM - ok
14:32:33.0837 3740 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
14:32:33.0843 3740 MsRPC - ok
14:32:33.0882 3740 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
14:32:33.0884 3740 mssmbios - ok
14:32:34.0062 3740 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
14:32:34.0064 3740 MSTEE - ok
14:32:34.0087 3740 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
14:32:34.0091 3740 MTConfig - ok
14:32:34.0129 3740 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
14:32:34.0131 3740 Mup - ok
14:32:34.0218 3740 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\Windows\system32\qagentRT.dll
14:32:34.0246 3740 napagent - ok
14:32:34.0278 3740 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
14:32:34.0285 3740 NativeWifiP - ok
14:32:34.0861 3740 [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS C:\Windows\system32\drivers\ndis.sys
14:32:34.0875 3740 NDIS - ok
14:32:34.0907 3740 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
14:32:34.0910 3740 NdisCap - ok
14:32:35.0074 3740 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
14:32:35.0076 3740 NdisTapi - ok
14:32:35.0105 3740 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
14:32:35.0110 3740 Ndisuio - ok
14:32:35.0137 3740 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
14:32:35.0142 3740 NdisWan - ok
14:32:35.0309 3740 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
14:32:35.0311 3740 NDProxy - ok
14:32:35.0335 3740 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
14:32:35.0338 3740 NetBIOS - ok
14:32:35.0371 3740 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
14:32:35.0376 3740 NetBT - ok
14:32:35.0454 3740 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\Windows\system32\lsass.exe
14:32:35.0458 3740 Netlogon - ok
14:32:35.0533 3740 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
14:32:35.0543 3740 Netman - ok
14:32:35.0606 3740 [ F476EC40033CDB91EFBE73EB99B8362D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
14:32:35.0609 3740 NetMsmqActivator - ok
14:32:35.0682 3740 [ F476EC40033CDB91EFBE73EB99B8362D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
14:32:35.0685 3740 NetPipeActivator - ok
14:32:35.0712 3740 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
14:32:35.0728 3740 netprofm - ok
14:32:36.0378 3740 [ 27EE4B406E2F26F6117A9A420BD4CB65 ] netr28u C:\Windows\system32\DRIVERS\netr28u.sys
14:32:36.0399 3740 netr28u - ok
14:32:36.0428 3740 [ F476EC40033CDB91EFBE73EB99B8362D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
14:32:36.0430 3740 NetTcpActivator - ok
14:32:36.0452 3740 [ F476EC40033CDB91EFBE73EB99B8362D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
14:32:36.0545 3740 NetTcpPortSharing - ok
14:32:36.0740 3740 [ D7162634D7CE8EC60B96F8614D39C25A ] networx C:\Windows\system32\drivers\networx.sys
14:32:36.0744 3740 networx - ok
14:32:36.0788 3740 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
14:32:36.0792 3740 nfrd960 - ok
14:32:36.0847 3740 [ 374071043F9E4231EE43BE2BB48DD36D ] NlaSvc C:\Windows\System32\nlasvc.dll
14:32:36.0903 3740 NlaSvc - ok
14:32:36.0937 3740 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
14:32:36.0941 3740 Npfs - ok
14:32:36.0969 3740 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
14:32:36.0977 3740 nsi - ok
14:32:37.0122 3740 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
14:32:37.0124 3740 nsiproxy - ok
14:32:37.0249 3740 [ 0D87503986BB3DFED58E343FE39DDE13 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
14:32:37.0287 3740 Ntfs - ok
14:32:37.0317 3740 NTIOLib_1_0_4 - ok
14:32:37.0359 3740 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
14:32:37.0362 3740 Null - ok
14:32:43.0372 3740 [ ED4239D1B92BDBA4F85C62A6F904E64B ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
14:32:43.0810 3740 nvlddmkm - ok
14:32:43.0911 3740 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\Windows\system32\drivers\nvraid.sys
14:32:43.0914 3740 nvraid - ok
14:32:43.0957 3740 [ 02A9F366BCB94B286E34825B2094CB38 ] nvsmu C:\Windows\system32\DRIVERS\nvsmu.sys
14:32:43.0960 3740 nvsmu - ok
14:32:44.0009 3740 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\Windows\system32\drivers\nvstor.sys
14:32:44.0013 3740 nvstor - ok
14:32:44.0516 3740 [ E74F08719D6C92FDA6092D0E36E33CAB ] nvsvc C:\Windows\system32\nvvsvc.exe
14:32:44.0530 3740 nvsvc - ok
14:32:44.0678 3740 [ A6204EB813259F81217F65A02EDC5F09 ] nvUpdatusService C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
14:32:44.0714 3740 nvUpdatusService - ok
14:32:44.0746 3740 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
14:32:44.0750 3740 nv_agp - ok
14:32:44.0791 3740 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
14:32:44.0837 3740 ohci1394 - ok
14:32:44.0889 3740 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
14:32:44.0900 3740 p2pimsvc - ok
14:32:44.0943 3740 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
14:32:45.0067 3740 p2psvc - ok
14:32:45.0096 3740 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\drivers\parport.sys
14:32:45.0099 3740 Parport - ok
14:32:45.0139 3740 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\Windows\system32\drivers\partmgr.sys
14:32:45.0143 3740 partmgr - ok
14:32:45.0358 3740 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\drivers\parvdm.sys
14:32:45.0360 3740 Parvdm - ok
14:32:45.0389 3740 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll
14:32:45.0398 3740 PcaSvc - ok
14:32:45.0486 3740 [ F451DCACBAA67F3307305EBD4A39EA07 ] pccsmcfd C:\Windows\system32\DRIVERS\pccsmcfd.sys
14:32:45.0488 3740 pccsmcfd - ok
14:32:45.0512 3740 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\Windows\system32\drivers\pci.sys
14:32:45.0516 3740 pci - ok
14:32:45.0536 3740 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\drivers\pciide.sys
14:32:45.0538 3740 pciide - ok
14:32:45.0958 3740 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
14:32:46.0042 3740 pcmcia - ok
14:32:46.0062 3740 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
14:32:46.0065 3740 pcw - ok
14:32:46.0112 3740 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
14:32:46.0191 3740 PEAUTH - ok
14:32:46.0331 3740 PfFilter - ok
14:32:47.0407 3740 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\Windows\system32\pla.dll
14:32:47.0444 3740 pla - ok
14:32:47.0561 3740 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\Windows\system32\umpnpmgr.dll
14:32:47.0584 3740 PlugPlay - ok
14:32:47.0613 3740 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
14:32:47.0654 3740 PNRPAutoReg - ok
14:32:47.0692 3740 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
14:32:47.0700 3740 PNRPsvc - ok
14:32:47.0819 3740 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
14:32:47.0835 3740 PolicyAgent - ok
14:32:47.0885 3740 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\Windows\system32\umpo.dll
14:32:47.0895 3740 Power - ok
14:32:48.0173 3740 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
14:32:48.0250 3740 PptpMiniport - ok
14:32:48.0278 3740 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\drivers\processr.sys
14:32:48.0281 3740 Processor - ok
14:32:48.0523 3740 [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:\Windows\system32\profsvc.dll
14:32:48.0532 3740 ProfSvc - ok
14:32:48.0560 3740 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
14:32:48.0564 3740 ProtectedStorage - ok
14:32:48.0598 3740 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
14:32:48.0658 3740 Psched - ok
14:32:49.0657 3740 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
14:32:49.0813 3740 ql2300 - ok
14:32:49.0850 3740 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
14:32:49.0853 3740 ql40xx - ok
14:32:50.0012 3740 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
14:32:50.0021 3740 QWAVE - ok
14:32:50.0051 3740 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
14:32:50.0054 3740 QWAVEdrv - ok
14:32:50.0086 3740 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
14:32:50.0088 3740 RasAcd - ok
14:32:50.0323 3740 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
14:32:50.0325 3740 RasAgileVpn - ok
14:32:50.0358 3740 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
14:32:50.0366 3740 RasAuto - ok
14:32:50.0529 3740 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
14:32:50.0537 3740 Rasl2tp - ok
14:32:50.0582 3740 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\Windows\System32\rasmans.dll
14:32:50.0593 3740 RasMan - ok
14:32:50.0750 3740 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
14:32:50.0754 3740 RasPppoe - ok
14:32:50.0777 3740 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
14:32:50.0780 3740 RasSstp - ok
14:32:50.0817 3740 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
14:32:50.0822 3740 rdbss - ok
14:32:51.0099 3740 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
14:32:51.0178 3740 rdpbus - ok
14:32:51.0207 3740 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
14:32:51.0211 3740 RDPCDD - ok
14:32:51.0396 3740 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
14:32:51.0398 3740 RDPENCDD - ok
14:32:51.0429 3740 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
14:32:51.0432 3740 RDPREFMP - ok
14:32:51.0740 3740 [ 65375DF758CA1872AB7EBBBA457FD5E6 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
14:32:51.0742 3740 RdpVideoMiniport - ok
14:32:51.0801 3740 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
14:32:51.0806 3740 RDPWD - ok
14:32:51.0842 3740 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
14:32:51.0966 3740 rdyboost - ok
14:32:52.0018 3740 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll
14:32:52.0026 3740 RemoteAccess - ok
14:32:52.0070 3740 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
14:32:52.0099 3740 RemoteRegistry - ok
14:32:52.0272 3740 [ CB928D9E6DAF51879DD6BA8D02F01321 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
14:32:52.0275 3740 RFCOMM - ok
14:32:52.0333 3740 [ 616F6E52CAE254727A886BA8EDA1BEEA ] RichVideo C:\Program Files\CyberLink\Shared files\RichVideo.exe
14:32:52.0338 3740 RichVideo - ok
14:32:52.0562 3740 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
14:32:52.0569 3740 RpcEptMapper - ok
14:32:52.0611 3740 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
14:32:52.0616 3740 RpcLocator - ok
14:32:52.0695 3740 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\Windows\system32\rpcss.dll
14:32:52.0704 3740 RpcSs - ok
14:32:52.0970 3740 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
14:32:53.0047 3740 rspndr - ok
14:32:53.0298 3740 [ 87FBE0AA5B7DFD003D4BC6B625A2B180 ] RTL2832UBDA C:\Windows\system32\drivers\RTL2832UBDA.sys
14:32:53.0303 3740 RTL2832UBDA - ok
14:32:53.0356 3740 [ 1E4462CEA673A4F58A2ADABB19344B93 ] RTL2832UUSB C:\Windows\system32\Drivers\RTL2832UUSB.sys
14:32:53.0360 3740 RTL2832UUSB - ok
14:32:53.0868 3740 [ 48E68E7BB2B1E8A294490FA3249A2A7D ] RTL8167 C:\Windows\system32\DRIVERS\Rt86win7.sys
14:32:53.0878 3740 RTL8167 - ok
14:32:53.0908 3740 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\Windows\system32\lsass.exe
14:32:53.0913 3740 SamSs - ok
14:32:54.0163 3740 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
14:32:54.0245 3740 sbp2port - ok
14:32:54.0265 3740 SBRE - ok
14:32:54.0303 3740 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
14:32:54.0325 3740 SCardSvr - ok
14:32:54.0479 3740 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
14:32:54.0481 3740 scfilter - ok
14:32:54.0530 3740 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\Windows\system32\schedsvc.dll
14:32:54.0609 3740 Schedule - ok
14:32:54.0642 3740 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\Windows\System32\certprop.dll
14:32:54.0645 3740 SCPolicySvc - ok
14:32:54.0677 3740 [ 0328BE1C7F1CBA23848179F8762E391C ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
14:32:54.0681 3740 sdbus - ok
14:32:54.0955 3740 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\Windows\System32\SDRSVC.dll
14:32:54.0963 3740 SDRSVC - ok
14:32:54.0997 3740 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
14:32:55.0000 3740 secdrv - ok
14:32:55.0235 3740 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
14:32:55.0242 3740 seclogon - ok
14:32:55.0270 3740 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\System32\sens.dll
14:32:55.0279 3740 SENS - ok
14:32:55.0529 3740 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll
14:32:55.0535 3740 SensrSvc - ok
14:32:55.0562 3740 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\drivers\serenum.sys
14:32:55.0564 3740 Serenum - ok
14:32:55.0592 3740 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\drivers\serial.sys
14:32:55.0657 3740 Serial - ok
14:32:55.0687 3740 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\drivers\sermouse.sys
14:32:55.0689 3740 sermouse - ok
14:32:55.0774 3740 [ 9BDE8F1F5D060E912FCF9FB58B71CBC1 ] ServiceLayer C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
14:32:55.0847 3740 ServiceLayer - ok
14:32:56.0110 3740 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\Windows\system32\sessenv.dll
14:32:56.0190 3740 SessionEnv - ok
14:32:56.0220 3740 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
14:32:56.0226 3740 sffdisk - ok
14:32:56.0258 3740 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
14:32:56.0262 3740 sffp_mmc - ok
14:32:56.0417 3740 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
14:32:56.0419 3740 sffp_sd - ok
14:32:56.0454 3740 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
14:32:56.0456 3740 sfloppy - ok
14:32:56.0706 3740 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\Windows\System32\ipnathlp.dll
14:32:56.0714 3740 SharedAccess - ok
14:32:56.0760 3740 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
14:32:56.0782 3740 ShellHWDetection - ok
14:32:56.0898 3740 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\drivers\sisagp.sys
14:32:56.0901 3740 sisagp - ok
14:32:56.0928 3740 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
14:32:56.0931 3740 SiSRaid2 - ok
14:32:56.0963 3740 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
14:32:57.0035 3740 SiSRaid4 - ok
14:32:57.0085 3740 [ 8C4F0DCC6A5100D48F9B2F950CDD220F ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
14:32:57.0090 3740 SkypeUpdate - ok
14:32:57.0118 3740 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
14:32:57.0121 3740 Smb - ok
14:32:57.0258 3740 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
14:32:57.0266 3740 SNMPTRAP - ok
14:32:57.0344 3740 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
14:32:57.0346 3740 spldr - ok
14:32:57.0392 3740 [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler C:\Windows\System32\spoolsv.exe
14:32:57.0415 3740 Spooler - ok
14:32:59.0686 3740 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\Windows\system32\sppsvc.exe
14:32:59.0927 3740 sppsvc - ok
14:32:59.0977 3740 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\Windows\system32\sppuinotify.dll
14:32:59.0985 3740 sppuinotify - ok
14:33:00.0369 3740 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\Windows\system32\DRIVERS\srv.sys
14:33:00.0376 3740 srv - ok
14:33:00.0411 3740 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
14:33:00.0418 3740 srv2 - ok
14:33:00.0670 3740 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
14:33:00.0674 3740 srvnet - ok
14:33:00.0729 3740 [ 64E44ACD8C238FCBBB78F0BA4BDC4B05 ] ssadbus C:\Windows\system32\DRIVERS\ssadbus.sys
14:33:00.0733 3740 ssadbus - ok
14:33:00.0804 3740 [ BB2C84A15C765DA89FD832B0E73F26CE ] ssadmdfl C:\Windows\system32\DRIVERS\ssadmdfl.sys
14:33:00.0806 3740 ssadmdfl - ok
14:33:00.0847 3740 [ 6D0D132DDC6F43EDA00DCED6D8B1CA31 ] ssadmdm C:\Windows\system32\DRIVERS\ssadmdm.sys
14:33:00.0851 3740 ssadmdm - ok
14:33:00.0884 3740 [ 1A5A397BC459F346AB56492B61EF79F6 ] ssadserd C:\Windows\system32\DRIVERS\ssadserd.sys
14:33:00.0976 3740 ssadserd - ok
14:33:01.0031 3740 [ 069351A1D7D291013177A90AE6EDCCBC ] sscdbus C:\Windows\system32\DRIVERS\sscdbus.sys
14:33:01.0034 3740 sscdbus - ok
14:33:01.0063 3740 [ 1C925BE223A5C0F9F469252292A48DF6 ] sscdmdfl C:\Windows\system32\DRIVERS\sscdmdfl.sys
14:33:01.0066 3740 sscdmdfl - ok
14:33:01.0290 3740 [ AE3E77AE0FBDB07EB1AC3FED74A0695E ] sscdmdm C:\Windows\system32\DRIVERS\sscdmdm.sys
14:33:01.0294 3740 sscdmdm - ok
14:33:01.0344 3740 [ 6C239402A3303C66016F5F915E0E8698 ] sscdserd C:\Windows\system32\DRIVERS\sscdserd.sys
14:33:01.0348 3740 sscdserd - ok
14:33:01.0390 3740 [ B2063CE662AF3AB20045121A5B716DF6 ] sscebus C:\Windows\system32\DRIVERS\sscebus.sys
14:33:01.0423 3740 sscebus - ok
14:33:01.0468 3740 [ 66799DC0AFE3DCAF8368CAE17394A762 ] sscemdfl C:\Windows\system32\DRIVERS\sscemdfl.sys
14:33:01.0470 3740 sscemdfl - ok
14:33:01.0510 3740 [ CBF03FFC08F8DB547BAB2F79AA663D16 ] sscemdm C:\Windows\system32\DRIVERS\sscemdm.sys
14:33:01.0514 3740 sscemdm - ok
14:33:01.0632 3740 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
14:33:01.0641 3740 SSDPSRV - ok
14:33:01.0670 3740 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
14:33:01.0750 3740 SstpSvc - ok
14:33:01.0802 3740 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\drivers\stexstor.sys
14:33:01.0804 3740 stexstor - ok
14:33:01.0854 3740 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\Windows\System32\wiaservc.dll
14:33:01.0944 3740 StiSvc - ok
14:33:01.0971 3740 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
14:33:01.0975 3740 swenum - ok
14:33:02.0093 3740 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
14:33:02.0119 3740 swprv - ok
14:33:02.0175 3740 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\Windows\system32\sysmain.dll
14:33:02.0245 3740 SysMain - ok
14:33:02.0274 3740 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
14:33:02.0335 3740 TabletInputService - ok
14:33:02.0592 3740 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\Windows\System32\tapisrv.dll
14:33:02.0602 3740 TapiSrv - ok
14:33:02.0629 3740 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
14:33:02.0710 3740 TBS - ok
14:33:02.0785 3740 [ 7C0507D2391AF5933600CBCED799F277 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
14:33:02.0837 3740 Tcpip - ok
14:33:03.0715 3740 [ 7C0507D2391AF5933600CBCED799F277 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
14:33:03.0800 3740 TCPIP6 - ok
14:33:04.0043 3740 [ 3EEBD3BD93DA46A26E89893C7AB2FF3B ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
14:33:04.0046 3740 tcpipreg - ok
14:33:04.0313 3740 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
14:33:04.0387 3740 TDPIPE - ok
14:33:04.0427 3740 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
14:33:04.0429 3740 TDTCP - ok
14:33:04.0664 3740 [ B459575348C20E8121D6039DA063C704 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
14:33:04.0745 3740 tdx - ok
14:33:04.0779 3740 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
14:33:04.0781 3740 TermDD - ok
14:33:05.0307 3740 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\Windows\System32\termsrv.dll
14:33:05.0318 3740 TermService - ok
14:33:05.0491 3740 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
14:33:05.0575 3740 Themes - ok
14:33:05.0603 3740 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
14:33:05.0610 3740 THREADORDER - ok
14:33:05.0636 3740 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
14:33:05.0711 3740 TrkWks - ok
14:33:05.0782 3740 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
14:33:05.0788 3740 TrustedInstaller - ok
14:33:06.0016 3740 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
14:33:06.0024 3740 tssecsrv - ok
14:33:06.0070 3740 [ 9CE253214ACAA5A7D323327D2055EFAA ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
14:33:06.0073 3740 TsUsbFlt - ok
14:33:06.0125 3740 [ 57C527AF84748B5C2F5178C499C0B81F ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
14:33:06.0128 3740 TsUsbGD - ok
14:33:06.0284 3740 [ 423B19F510B1BE1952DB95722BC1FC42 ] TuneUp.UtilitiesSvc C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe
14:33:06.0330 3740 TuneUp.UtilitiesSvc - ok
14:33:06.0372 3740 [ 94C4CD2D19B8C4137A46261F229FEC24 ] TuneUpUtilitiesDrv C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesDriver32.sys
14:33:06.0375 3740 TuneUpUtilitiesDrv - ok
14:33:06.0576 3740 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
14:33:06.0651 3740 tunnel - ok
14:33:06.0680 3740 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\drivers\uagp35.sys
14:33:06.0683 3740 uagp35 - ok
14:33:06.0719 3740 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\Windows\system32\DRIVERS\udfs.sys
14:33:06.0798 3740 udfs - ok
14:33:06.0924 3740 [ 09EB52ED7761E2AA38CCEA7E94F5320D ] UI Assistant Service C:\Program Files\Join Air\AssistantServices.exe
14:33:06.0979 3740 UI Assistant Service - ok
14:33:07.0171 3740 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
14:33:07.0252 3740 UI0Detect - ok
14:33:07.0289 3740 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
14:33:07.0350 3740 uliagpkx - ok
14:33:07.0454 3740 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\Windows\system32\DRIVERS\umbus.sys
14:33:07.0457 3740 umbus - ok
14:33:07.0493 3740 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\drivers\umpass.sys
14:33:07.0496 3740 UmPass - ok
14:33:07.0892 3740 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
14:33:07.0968 3740 upnphost - ok
14:33:08.0013 3740 [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
14:33:08.0016 3740 usbccgp - ok
14:33:08.0273 3740 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\drivers\usbcir.sys
14:33:08.0276 3740 usbcir - ok
14:33:08.0324 3740 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
14:33:08.0328 3740 usbehci - ok
14:33:08.0631 3740 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
14:33:08.0637 3740 usbhub - ok
14:33:08.0662 3740 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
14:33:08.0665 3740 usbohci - ok
14:33:08.0693 3740 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
14:33:08.0773 3740 usbprint - ok
14:33:08.0946 3740 [ 576096CCBC07E7C4EA4F5E6686D6888F ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
14:33:09.0058 3740 usbscan - ok
14:33:09.0092 3740 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:33:09.0102 3740 USBSTOR - ok
14:33:09.0134 3740 [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
14:33:09.0137 3740 usbuhci - ok
14:33:09.0468 3740 [ 45F4E7BF43DB40A6C6B4D92C76CBC3F2 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
14:33:09.0473 3740 usbvideo - ok
14:33:09.0506 3740 [ D82F43D15FDAA666856C0190CB73E7C9 ] usb_rndisx C:\Windows\system32\DRIVERS\usb8023x.sys
14:33:09.0509 3740 usb_rndisx - ok
14:33:09.0750 3740 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
14:33:09.0758 3740 UxSms - ok
14:33:09.0784 3740 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\Windows\system32\lsass.exe
14:33:09.0788 3740 VaultSvc - ok
14:33:10.0079 3740 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
14:33:10.0082 3740 vdrvroot - ok
14:33:10.0130 3740 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\Windows\System32\vds.exe
14:33:10.0218 3740 vds - ok
14:33:10.0403 3740 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
14:33:10.0406 3740 vga - ok
14:33:10.0438 3740 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
14:33:10.0440 3740 VgaSave - ok
14:33:10.0764 3740 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
14:33:10.0769 3740 vhdmp - ok
14:33:10.0815 3740 [ E8FADC3A2797E19334B8A40D485A370A ] vhidmini C:\Windows\system32\DRIVERS\crazyremote.sys
14:33:10.0818 3740 vhidmini - ok
14:33:11.0015 3740 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\drivers\viaagp.sys
14:33:11.0018 3740 viaagp - ok
14:33:11.0047 3740 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\drivers\viac7.sys
14:33:11.0050 3740 ViaC7 - ok
14:33:11.0083 3740 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\drivers\viaide.sys
14:33:11.0151 3740 viaide - ok
14:33:11.0327 3740 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\Windows\system32\drivers\volmgr.sys
14:33:11.0330 3740 volmgr - ok
14:33:11.0356 3740 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
14:33:11.0364 3740 volmgrx - ok
14:33:11.0395 3740 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
14:33:11.0401 3740 volsnap - ok
14:33:11.0442 3740 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
14:33:11.0447 3740 vsmraid - ok
14:33:11.0517 3740 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\Windows\system32\vssvc.exe
14:33:11.0551 3740 VSS - ok
14:33:11.0580 3740 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
14:33:11.0582 3740 vwifibus - ok
14:33:11.0619 3740 [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
14:33:11.0731 3740 vwififlt - ok
14:33:11.0916 3740 [ A3F04CBEA6C2A10E6CB01F8B47611882 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
14:33:11.0999 3740 vwifimp - ok
14:33:12.0400 3740 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
14:33:12.0411 3740 W32Time - ok
14:33:12.0499 3740 [ 57C8C20BFA5BEF6BD851EBAC67A8CED0 ] W3SVC C:\Windows\system32\inetsrv\iisw3adm.dll
14:33:12.0523 3740 W3SVC - ok
14:33:12.0622 3740 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
14:33:12.0624 3740 WacomPen - ok
14:33:12.0647 3740 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
14:33:12.0650 3740 WANARP - ok
14:33:12.0671 3740 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
14:33:12.0673 3740 Wanarpv6 - ok
14:33:12.0844 3740 [ 57C8C20BFA5BEF6BD851EBAC67A8CED0 ] WAS C:\Windows\system32\inetsrv\iisw3adm.dll
14:33:12.0848 3740 WAS - ok
14:33:13.0023 3740 [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
14:33:13.0070 3740 WatAdminSvc - ok
14:33:13.0206 3740 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\Windows\system32\wbengine.exe
14:33:13.0254 3740 wbengine - ok
14:33:13.0292 3740 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
14:33:13.0315 3740 WbioSrvc - ok
14:33:13.0348 3740 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\Windows\System32\wcncsvc.dll
14:33:13.0370 3740 wcncsvc - ok
14:33:13.0627 3740 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
14:33:13.0635 3740 WcsPlugInService - ok
14:33:13.0672 3740 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\drivers\wd.sys
14:33:13.0674 3740 Wd - ok
14:33:14.0277 3740 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
14:33:14.0286 3740 Wdf01000 - ok
14:33:14.0318 3740 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
14:33:14.0329 3740 WdiServiceHost - ok
14:33:14.0349 3740 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
14:33:14.0356 3740 WdiSystemHost - ok
14:33:14.0410 3740 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\Windows\System32\webclnt.dll
14:33:14.0477 3740 WebClient - ok
14:33:14.0500 3740 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
14:33:14.0512 3740 Wecsvc - ok
14:33:14.0758 3740 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
14:33:14.0766 3740 wercplsupport - ok
14:33:14.0803 3740 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
14:33:14.0873 3740 WerSvc - ok
14:33:14.0969 3740 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
14:33:14.0976 3740 WfpLwf - ok
14:33:15.0026 3740 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
14:33:15.0029 3740 WIMMount - ok
14:33:15.0156 3740 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
14:33:15.0184 3740 WinDefend - ok
14:33:15.0217 3740 WinHttpAutoProxySvc - ok
14:33:16.0917 3740 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
14:33:16.0921 3740 Winmgmt - ok
14:33:17.0034 3740 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\Windows\system32\WsmSvc.dll
14:33:17.0087 3740 WinRM - ok
14:33:17.0155 3740 [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
14:33:17.0158 3740 WinUsb - ok
14:33:17.0806 3740 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
14:33:17.0825 3740 Wlansvc - ok
14:33:17.0958 3740 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
14:33:17.0961 3740 WmiAcpi - ok
14:33:18.0022 3740 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
14:33:18.0027 3740 wmiApSrv - ok
14:33:19.0078 3740 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
14:33:19.0124 3740 WMPNetworkSvc - ok
14:33:19.0157 3740 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
14:33:19.0166 3740 WPCSvc - ok
14:33:19.0203 3740 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
14:33:19.0213 3740 WPDBusEnum - ok
14:33:19.0461 3740 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
14:33:19.0541 3740 ws2ifsl - ok
14:33:19.0569 3740 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\Windows\System32\wscsvc.dll
14:33:19.0580 3740 wscsvc - ok
14:33:19.0674 3740 WSearch - ok
14:33:21.0123 3740 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
14:33:21.0236 3740 wuauserv - ok
14:33:21.0450 3740 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
14:33:21.0458 3740 WudfPf - ok
14:33:21.0570 3740 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
14:33:21.0588 3740 WUDFRd - ok
14:33:21.0639 3740 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
14:33:21.0648 3740 wudfsvc - ok
14:33:21.0959 3740 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\Windows\System32\wwansvc.dll
14:33:21.0969 3740 WwanSvc - ok
14:33:22.0277 3740 [ F6520E06C15DEA5AB7BB016309FE4BB3 ] ZTEusbmdm6k C:\Windows\system32\DRIVERS\ZTEusbmdm6k.sys
14:33:22.0281 3740 ZTEusbmdm6k - ok
14:33:22.0316 3740 [ F6520E06C15DEA5AB7BB016309FE4BB3 ] ZTEusbnmea C:\Windows\system32\DRIVERS\ZTEusbnmea.sys
14:33:22.0320 3740 ZTEusbnmea - ok
14:33:22.0578 3740 [ F6520E06C15DEA5AB7BB016309FE4BB3 ] ZTEusbser6k C:\Windows\system32\DRIVERS\ZTEusbser6k.sys
14:33:22.0582 3740 ZTEusbser6k - ok
14:33:23.0033 3740 ================ Scan global ===============================
14:33:23.0095 3740 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
14:33:23.0136 3740 [ 1F5F07091D50244F17DD8D5147A628CC ] C:\Windows\system32\winsrv.dll
14:33:23.0197 3740 [ 1F5F07091D50244F17DD8D5147A628CC ] C:\Windows\system32\winsrv.dll
14:33:23.0462 3740 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
14:33:23.0512 3740 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
14:33:23.0533 3740 [Global] - ok
14:33:23.0538 3740 ================ Scan MBR ==================================
14:33:23.0557 3740 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
14:34:32.0410 3740 \Device\Harddisk0\DR0 - ok
14:34:32.0415 3740 ================ Scan VBR ==================================
14:34:32.0495 3740 [ 721BE068A0C8D936F5FADE5865F447B6 ] \Device\Harddisk0\DR0\Partition1
14:34:32.0722 3740 \Device\Harddisk0\DR0\Partition1 - ok
14:34:32.0727 3740 ============================================================
14:34:32.0727 3740 Scan finished
14:34:32.0727 3740 ============================================================
14:34:32.0912 3716 Detected object count: 0
14:34:32.0912 3716 Actual detected object count: 0

#6 Příspěvek od **JaRon** » 22 úno 2013 14:58

1. vycisti PC s ADWCleanerom - volba delete
2. skus zopakovat USBFix v nudzovom rezime PC

Pablo1 · #7 Příspěvek od **Pablo1** » 22 úno 2013 15:31

# AdwCleaner v2.112 - Logfile created 02/22/2013 at 15:00:51
# Updated 10/02/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (32 bits)
# User : Pablo1 - PABLO1-PC
# Boot Mode : Normal
# Running from : C:\Users\Pablo1\Desktop\adwcleaner0.exe
# Option [Delete]

***** [Services] *****

Stopped & Deleted : BrowserProtect

***** [Files / Folders] *****

Deleted on reboot : C:\ProgramData\BrowserProtect
File Deleted : C:\Users\Pablo1\AppData\Roaming\Mozilla\Firefox\Profiles\pwexg0vf.default\bprotector_extensions.sqlite
File Deleted : C:\Users\Pablo1\AppData\Roaming\Mozilla\Firefox\Profiles\pwexg0vf.default\searchplugins\Askcom.xml
File Deleted : C:\Users\Pablo1\AppData\Roaming\Mozilla\Firefox\Profiles\pwexg0vf.default\searchplugins\babylon1.xml
Folder Deleted : C:\ProgramData\Tarma Installer
Folder Deleted : C:\ProgramData\Trymedia
Folder Deleted : C:\Users\Pablo1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserProtect

***** [Registry] *****

Data Deleted : HKLM\..\Windows [AppInit_DLLs] = c:\progra~2\browse~1\261040~1.25\{c16c1~1\browse~1.dll
Data Deleted : HKLM\..\Windows [AppInit_DLLs] = c:\progra~2\browse~1\261040~1.25\{c16c1~1\browse~1.dll
Key Deleted : HKCU\Software\1ClickDownload
Key Deleted : HKCU\Software\82d98ce23dea49
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\Complitly
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\DataMngr
Key Deleted : HKCU\Software\IM
Key Deleted : HKCU\Software\ImInstaller
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Deleted : HKCU\Software\PIP
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKLM\SOFTWARE\82d98ce23dea49
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E84186E-B5DE-4226-8A66-6E49C6B511B4}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Api
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Api.1
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Layers
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Layers.1
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\DataMngr
Key Deleted : HKLM\Software\Freeze.com
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jplinpmadfkdgipabgcdchbdikologlh
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc
Key Deleted : HKLM\Software\Iminent
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BabylonTC_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BabylonTC_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\incredibar_installer_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\incredibar_installer_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SweetIM_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Key Deleted : HKLM\Software\PIP
Key Deleted : HKLM\SOFTWARE\Software
Key Deleted : HKLM\Software\Tarma Installer
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16464

Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Search Page] = hxxp://search.searchcompletion.com/?si=10179&home=1 --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Default_Search_URL] = hxxp://search.searchcompletion.com/?si=10179&home=1 --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Search Bar] = hxxp://search.searchcompletion.com/?si=10179&home=1 --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Default_Page_URL] = hxxp://search.searchcompletion.com/?si=10179&home=1 --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Search - Default_Search_URL] = hxxp://search.searchcompletion.com/?si=10179&home=1 --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Search - Search Page] = hxxp://search.searchcompletion.com/?si=10179&home=1 --> hxxp://www.google.com
Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Start Page] = hxxp://home.sweetim.com/?crg=3.1010000.10011 --> hxxp://www.google.com

-\\ Mozilla Firefox v19.0 (sk)

File : C:\Users\Pablo1\AppData\Roaming\Mozilla\Firefox\Profiles\pwexg0vf.default\prefs.js

C:\Users\Pablo1\AppData\Roaming\Mozilla\Firefox\Profiles\pwexg0vf.default\user.js ... Deleted !

Deleted : user_pref("browser.babylon.HPOnNewTab", "search.babylon.com");
Deleted : user_pref("browser.search.defaultengine", "Ask.com");
Deleted : user_pref("extensions.BabylonToolbar.admin", false);
Deleted : user_pref("extensions.BabylonToolbar.aflt", "babsst");
Deleted : user_pref("extensions.BabylonToolbar.appId", "{BDB69379-802F-4eaf-B541-F8DE92DD98DB}");
Deleted : user_pref("extensions.BabylonToolbar.autoRvrt", "false");
Deleted : user_pref("extensions.BabylonToolbar.babTrack", "affID=101434");
Deleted : user_pref("extensions.BabylonToolbar.bbDpng", 25);
Deleted : user_pref("extensions.BabylonToolbar.dfltLng", "en");
Deleted : user_pref("extensions.BabylonToolbar.excTlbr", false);
Deleted : user_pref("extensions.BabylonToolbar.id", "c47ef168000000000000000000000000");
Deleted : user_pref("extensions.BabylonToolbar.instlDay", "15713");
Deleted : user_pref("extensions.BabylonToolbar.instlRef", "sst");
Deleted : user_pref("extensions.BabylonToolbar.keyWordUrl", "hxxp://search.babylon.com/?babsrc=SP_ss&q={search[...]
Deleted : user_pref("extensions.BabylonToolbar.lastDP", 25);
Deleted : user_pref("extensions.BabylonToolbar.lastVrsnTs", "1.4.35.1014:07:46");
Deleted : user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");
Deleted : user_pref("extensions.BabylonToolbar.prtnrId", "babylon");
Deleted : user_pref("extensions.BabylonToolbar.rvrt", "false");
Deleted : user_pref("extensions.BabylonToolbar.smplGrp", "none");
Deleted : user_pref("extensions.BabylonToolbar.srcExt", "ss");
Deleted : user_pref("extensions.BabylonToolbar.srchPrvdr", "Search the web (Babylon)");
Deleted : user_pref("extensions.BabylonToolbar.tlbrId", "base");
Deleted : user_pref("extensions.BabylonToolbar.tlbrSrchUrl", "hxxp://search.babylon.com/?babsrc=TB_def&mntrId=[...]
Deleted : user_pref("extensions.BabylonToolbar.vrsn", "1.8.7.2");
Deleted : user_pref("extensions.BabylonToolbar.vrsnTs", "1.4.35.1014:07:46");
Deleted : user_pref("extensions.BabylonToolbar.vrsni", "1.8.7.2");
Deleted : user_pref("extensions.BabylonToolbar_i.babExt", "");
Deleted : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=117023&tt=0213_3");
Deleted : user_pref("extensions.BabylonToolbar_i.excTlbr", false);
Deleted : user_pref("extensions.BabylonToolbar_i.newTab", false);
Deleted : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
Deleted : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
Deleted : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.8.7.216:07:01");
Deleted : user_pref("somoto.dnscatch", "hxxp://www.bigseekpro.com/search/toolbar/flyon ... D82-30B0-4[...]
Deleted : user_pref("somoto.homepage", "hxxp://www.bigseekpro.com/flyondesktop/{91F70D ... 986-9E5F09[...]

*************************

AdwCleaner[S1].txt - [10147 octets] - [22/02/2013 15:00:51]

########## EOF - C:\AdwCleaner[S1].txt - [10208 octets] ##########

############################## | UsbFix V 7.096 | [Research]

User: Pablo1 (Administrator) # PABLO1-PC
Updated 15/08/2012 by El Desaparecido
Started at 15:22:27 | 22/02/2013

Website: http://eldesaparecido.com
Forum: http://forum.eldesaparecido.com
Suspicious file ? : http://eldesaparecido.com/upload.php
Contact: contact@eldesaparecido.com

PC: Micro-Star International (MSI NOTEBOOK VR630) (X86-based PC) # Desktop Computer
CPU: AMD Sempron(tm) SI-42 (2100)
RAM -> [Total : 1791 | Free : 1352]
BIOS: MSI NOTEBOOK VR630, BIOS Version: A1672NMS Ver1.0J
BOOT: Fail-safe boot

OS: Microsoft Windows 7 Home Premium (6.1.7601 32-Bit) # Service Pack 1
WB: Windows Internet Explorer 9.0.8112.16421

SC: Security Center Service [Enabled]
WU: Windows Update Service [Enabled]
AV: avast! Antivirus [(!) Disabled | Updated]
FW: Windows FireWall Service [Enabled]

C:\ (%systemdrive%) -> Fixed drive # 298 Gb (176 Mb free - 59%) [] # NTFS
D:\ -> CD-ROM
E:\ -> CD-ROM

################## | Active Processes |

C:\Windows\system32\csrss.exe (316)
C:\Windows\system32\wininit.exe (352)
C:\Windows\system32\csrss.exe (364)
C:\Windows\system32\services.exe (408)
C:\Windows\system32\lsass.exe (416)
C:\Windows\system32\lsm.exe (424)
C:\Windows\system32\winlogon.exe (448)
C:\Windows\system32\svchost.exe (576)
C:\Windows\system32\svchost.exe (636)
C:\Windows\System32\svchost.exe (684)
C:\Windows\system32\svchost.exe (788)
C:\Windows\system32\svchost.exe (848)
C:\Windows\Explorer.EXE (1000)
C:\Windows\system32\ctfmon.exe (1056)
C:\Windows\System32\svchost.exe (1416)
C:\UsbFix\Go.exe (284)
C:\Windows\system32\wbem\wmiprvse.exe (952)

################## | Files # Infected Folders |

Found ! C:\Users\Pablo1\AppData\Roaming\Temp
Found ! E:\AutoRun.exe
Found ! E:\autorun.inf

################## | Registry |

Found ! HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\explorer|NoDrives

################## | Mountpoints2 |

HKCU\.\.\.\.\Explorer\MountPoints2\E
Shell\AutoRun\Command = E:\AutoRun.exe

HKCU\.\.\.\.\Explorer\MountPoints2\{0653f6a7-1ac1-11e1-a920-002421f3d1f7}
Shell\AutoRun\Command = E:\AutoRun.exe

HKCU\.\.\.\.\Explorer\MountPoints2\{100b24fe-19eb-11e1-8977-002421f3d1f7}
Shell\AutoRun\Command = E:\AutoRun.exe

HKCU\.\.\.\.\Explorer\MountPoints2\{100b250b-19eb-11e1-8977-002421f3d1f7}
Shell\AutoRun\Command = E:\AutoRun.exe

HKCU\.\.\.\.\Explorer\MountPoints2\{17dbc6b1-1a0d-11e1-8da0-002421f3d1f7}
Shell\AutoRun\Command = E:\Huawei.exe

HKCU\.\.\.\.\Explorer\MountPoints2\{17dbc70d-1a0d-11e1-8da0-002421f3d1f7}
Shell\AutoRun\Command = E:\Huawei.exe

HKCU\.\.\.\.\Explorer\MountPoints2\{17dbc76b-1a0d-11e1-8da0-002421f3d1f7}
Shell\AutoRun\Command = E:\Huawei.exe

HKCU\.\.\.\.\Explorer\MountPoints2\{17dbc7b2-1a0d-11e1-8da0-002421f3d1f7}
Shell\AutoRun\Command = E:\Huawei.exe

HKCU\.\.\.\.\Explorer\MountPoints2\{17dbc7fa-1a0d-11e1-8da0-002421f3d1f7}
Shell\AutoRun\Command = E:\Huawei.exe

HKCU\.\.\.\.\Explorer\MountPoints2\{17dbcbc5-1a0d-11e1-8da0-001e101fabdd}
Shell\AutoRun\Command = E:\Huawei.exe

HKCU\.\.\.\.\Explorer\MountPoints2\{17dbcc2f-1a0d-11e1-8da0-001e101fabdd}
Shell\AutoRun\Command = E:\Huawei.exe

HKCU\.\.\.\.\Explorer\MountPoints2\{17dbcc8c-1a0d-11e1-8da0-001e101fabdd}
Shell\AutoRun\Command = E:\Huawei.exe

HKCU\.\.\.\.\Explorer\MountPoints2\{17dbcd04-1a0d-11e1-8da0-001e101fabdd}
Shell\AutoRun\Command = E:\Huawei.exe

HKCU\.\.\.\.\Explorer\MountPoints2\{17dbcd68-1a0d-11e1-8da0-001e101fabdd}
Shell\AutoRun\Command = E:\Huawei.exe

HKCU\.\.\.\.\Explorer\MountPoints2\{21eec6cc-19ef-11e1-9469-806e6f6e6963}
Shell\AutoRun\Command = E:\AutoRun.exe

HKCU\.\.\.\.\Explorer\MountPoints2\{21eec70f-19ef-11e1-9469-002421f3d1f7}
Shell\AutoRun\Command = E:\AutoRun.exe

HKCU\.\.\.\.\Explorer\MountPoints2\{2a8bfbd1-6f47-11e1-8f08-002421f3d1f7}
Shell\AutoRun\Command = E:\AutoRun.exe

HKCU\.\.\.\.\Explorer\MountPoints2\{2a8bfc26-6f47-11e1-8f08-002421f3d1f7}
Shell\AutoRun\Command = E:\AutoRun.exe

HKCU\.\.\.\.\Explorer\MountPoints2\{2a8bfcba-6f47-11e1-8f08-002421f3d1f7}
Shell\AutoRun\Command = E:\AutoRun.exe

HKCU\.\.\.\.\Explorer\MountPoints2\{2a8bfd2e-6f47-11e1-8f08-002421f3d1f7}
Shell\AutoRun\Command = E:\AutoRun.exe

HKCU\.\.\.\.\Explorer\MountPoints2\{2a8bfd67-6f47-11e1-8f08-002421f3d1f7}
Shell\AutoRun\Command = E:\AutoRun.exe

HKCU\.\.\.\.\Explorer\MountPoints2\{2a8bfdb3-6f47-11e1-8f08-002421f3d1f7}
Shell\AutoRun\Command = E:\AutoRun.exe

HKCU\.\.\.\.\Explorer\MountPoints2\{2a8bfe12-6f47-11e1-8f08-002421f3d1f7}
Shell\AutoRun\Command = E:\Huawei.exe

HKCU\.\.\.\.\Explorer\MountPoints2\{2a8bff6c-6f47-11e1-8f08-002421f3d1f7}
Shell\AutoRun\Command = E:\AutoRun.exe

HKCU\.\.\.\.\Explorer\MountPoints2\{2a8bffc9-6f47-11e1-8f08-002421f3d1f7}
Shell\AutoRun\Command = E:\AutoRun.exe

HKCU\.\.\.\.\Explorer\MountPoints2\{2a8c0012-6f47-11e1-8f08-002421f3d1f7}
Shell\AutoRun\Command = E:\AutoRun.exe

HKCU\.\.\.\.\Explorer\MountPoints2\{2a8c0055-6f47-11e1-8f08-002421f3d1f7}
Shell\AutoRun\Command = E:\AutoRun.exe

HKCU\.\.\.\.\Explorer\MountPoints2\{2a8c03f4-6f47-11e1-8f08-002421f3d1f7}
Shell\AutoRun\Command = E:\AutoRun.exe

HKCU\.\.\.\.\Explorer\MountPoints2\{2a8c0519-6f47-11e1-8f08-002421f3d1f7}
Shell\AutoRun\Command = E:\AutoRun.exe

HKCU\.\.\.\.\Explorer\MountPoints2\{2a8c0553-6f47-11e1-8f08-002421f3d1f7}
Shell\AutoRun\Command = E:\AutoRun.exe

HKCU\.\.\.\.\Explorer\MountPoints2\{2a8c0955-6f47-11e1-8f08-002421f3d1f7}
Shell\AutoRun\Command = E:\AutoRun.exe

HKCU\.\.\.\.\Explorer\MountPoints2\{3aa3c8c6-1a79-11e1-8721-002421f3d1f7}
Shell\AutoRun\Command = E:\AutoRun.exe

HKCU\.\.\.\.\Explorer\MountPoints2\{48f6ccc8-19ea-11e1-9b6b-806e6f6e6963}
Shell\AutoRun\Command = E:\AutoRun.exe

HKCU\.\.\.\.\Explorer\MountPoints2\{4d321840-c837-11e0-9092-806e6f6e6963}
Shell\AutoRun\Command = F:\autorun.exe

HKCU\.\.\.\.\Explorer\MountPoints2\{626363d7-6f80-11e1-985e-002421f3d1f7}
Shell\AutoRun\Command = E:\AutoRun.exe

HKCU\.\.\.\.\Explorer\MountPoints2\{62636440-6f80-11e1-985e-002421f3d1f7}
Shell\AutoRun\Command = E:\AutoRun.exe

HKCU\.\.\.\.\Explorer\MountPoints2\{62636508-6f80-11e1-985e-002421f3d1f7}
Shell\AutoRun\Command = E:\AutoRun.exe

HKCU\.\.\.\.\Explorer\MountPoints2\{626366cc-6f80-11e1-985e-002421f3d1f7}
Shell\AutoRun\Command = E:\AutoRun.exe

HKCU\.\.\.\.\Explorer\MountPoints2\{6263670a-6f80-11e1-985e-002421f3d1f7}
Shell\AutoRun\Command = E:\AutoRun.exe

HKCU\.\.\.\.\Explorer\MountPoints2\{62636750-6f80-11e1-985e-002421f3d1f7}
Shell\AutoRun\Command = E:\AutoRun.exe

HKCU\.\.\.\.\Explorer\MountPoints2\{626367a4-6f80-11e1-985e-002421f3d1f7}
Shell\AutoRun\Command = E:\AutoRun.exe

HKCU\.\.\.\.\Explorer\MountPoints2\{626367d4-6f80-11e1-985e-002421f3d1f7}
Shell\AutoRun\Command = E:\AutoRun.exe

HKCU\.\.\.\.\Explorer\MountPoints2\{6263682c-6f80-11e1-985e-002421f3d1f7}
Shell\AutoRun\Command = E:\AutoRun.exe

HKCU\.\.\.\.\Explorer\MountPoints2\{69528751-6e77-11e1-8102-002421f3d1f7}
Shell\AutoRun\Command = E:\AutoRun.exe

HKCU\.\.\.\.\Explorer\MountPoints2\{69528794-6e77-11e1-8102-002421f3d1f7}
Shell\AutoRun\Command = E:\AutoRun.exe

HKCU\.\.\.\.\Explorer\MountPoints2\{695287d3-6e77-11e1-8102-002421f3d1f7}
Shell\AutoRun\Command = E:\AutoRun.exe

HKCU\.\.\.\.\Explorer\MountPoints2\{69528807-6e77-11e1-8102-002421f3d1f7}
Shell\AutoRun\Command = E:\AutoRun.exe

HKCU\.\.\.\.\Explorer\MountPoints2\{69528ed1-6e77-11e1-8102-002421f3d1f7}
Shell\AutoRun\Command = E:\AutoRun.exe

HKCU\.\.\.\.\Explorer\MountPoints2\{788777d3-6d16-11e1-af93-002421f3d1f7}
Shell\AutoRun\Command = G:\AutoRun.exe

HKCU\.\.\.\.\Explorer\MountPoints2\{79757827-5ad8-11e1-93af-002421f3d1f7}
Shell\AutoRun\Command = G:\AutoRun.exe

HKCU\.\.\.\.\Explorer\MountPoints2\{797578ba-5ad8-11e1-93af-002421f3d1f7}
Shell\AutoRun\Command = G:\AutoRun.exe

HKCU\.\.\.\.\Explorer\MountPoints2\{79757ac4-5ad8-11e1-93af-002421f3d1f7}
Shell\AutoRun\Command = G:\AutoRun.exe

HKCU\.\.\.\.\Explorer\MountPoints2\{985ccc2d-6add-11e1-8597-002421f3d1f7}
Shell\AutoRun\Command = G:\AutoRun.exe

HKCU\.\.\.\.\Explorer\MountPoints2\{985cccc3-6add-11e1-8597-002421f3d1f7}
Shell\AutoRun\Command = G:\Huawei.exe

HKCU\.\.\.\.\Explorer\MountPoints2\{985cd602-6add-11e1-8597-002421f3d1f7}
Shell\AutoRun\Command = G:\Huawei.exe

HKCU\.\.\.\.\Explorer\MountPoints2\{af0c60a4-6fa3-11e1-a680-002421f3d1f7}
Shell\AutoRun\Command = E:\AutoRun.exe

HKCU\.\.\.\.\Explorer\MountPoints2\{b1154ec7-dba1-11e1-95bf-002421f3d1f7}
Shell\AutoRun\Command = E:\AutoRun.exe

HKCU\.\.\.\.\Explorer\MountPoints2\{b1cb392f-2352-11e1-a417-002421f3d1f7}
Shell\AutoRun\Command = E:\AutoRun.exe

HKCU\.\.\.\.\Explorer\MountPoints2\{b3e7a40c-bea5-11e1-a088-002421f3d1f7}
Shell\AutoRun\Command = E:\AutoRun.exe

HKCU\.\.\.\.\Explorer\MountPoints2\{b7d72af9-19f0-11e1-b324-002421f3d1f7}
Shell\AutoRun\Command = E:\AutoRun.exe

HKCU\.\.\.\.\Explorer\MountPoints2\{b975f998-5f14-11e2-8141-002421f3d1f7}
Shell\AutoRun\Command = E:\AutoRun.exe

HKCU\.\.\.\.\Explorer\MountPoints2\{bae400cc-4615-11e2-b047-002421f3d1f7}
Shell\AutoRun\Command = E:\autorun.exe

HKCU\.\.\.\.\Explorer\MountPoints2\{c60e61d1-1a5b-11e1-bd28-002421f3d1f7}
Shell\AutoRun\Command = E:\Huawei.exe

HKCU\.\.\.\.\Explorer\MountPoints2\{c60e6417-1a5b-11e1-bd28-002421f3d1f7}
Shell\AutoRun\Command = E:\Huawei.exe

HKCU\.\.\.\.\Explorer\MountPoints2\{c60e6487-1a5b-11e1-bd28-002421f3d1f7}
Shell\AutoRun\Command = E:\Huawei.exe

HKCU\.\.\.\.\Explorer\MountPoints2\{c60e64da-1a5b-11e1-bd28-002421f3d1f7}
Shell\AutoRun\Command = E:\Huawei.exe

HKCU\.\.\.\.\Explorer\MountPoints2\{c60e64fd-1a5b-11e1-bd28-002421f3d1f7}
Shell\AutoRun\Command = E:\Huawei.exe

HKCU\.\.\.\.\Explorer\MountPoints2\{c60e654d-1a5b-11e1-bd28-002421f3d1f7}
Shell\AutoRun\Command = E:\Huawei.exe

HKCU\.\.\.\.\Explorer\MountPoints2\{d2b48c87-242d-11e1-b8b0-002421f3d1f7}
Shell\AutoRun\Command = E:\AutoRun.exe

HKCU\.\.\.\.\Explorer\MountPoints2\{d2b48cd1-242d-11e1-b8b0-002421f3d1f7}
Shell\AutoRun\Command = E:\AutoRun.exe

HKCU\.\.\.\.\Explorer\MountPoints2\{d5a39a4c-24ae-11e1-ac83-002421f3d1f7}
Shell\AutoRun\Command = E:\AutoRun.exe

HKCU\.\.\.\.\Explorer\MountPoints2\{d5a39ae6-24ae-11e1-ac83-002421f3d1f7}
Shell\AutoRun\Command = E:\AutoRun.exe

HKCU\.\.\.\.\Explorer\MountPoints2\{d5a39cec-24ae-11e1-ac83-002421f3d1f7}
Shell\AutoRun\Command = E:\AutoRun.exe

HKCU\.\.\.\.\Explorer\MountPoints2\{d5a39e0b-24ae-11e1-ac83-002421f3d1f7}
Shell\AutoRun\Command = E:\AutoRun.exe

HKCU\.\.\.\.\Explorer\MountPoints2\{d5a3a294-24ae-11e1-ac83-002421f3d1f7}
Shell\AutoRun\Command = E:\AutoRun.exe

HKCU\.\.\.\.\Explorer\MountPoints2\{d5a3a2c3-24ae-11e1-ac83-002421f3d1f7}
Shell\AutoRun\Command = E:\AutoRun.exe

HKCU\.\.\.\.\Explorer\MountPoints2\{e495e234-2130-11e1-bdd8-002421f3d1f7}
Shell\AutoRun\Command = E:\AutoRun.exe

HKCU\.\.\.\.\Explorer\MountPoints2\{e5fb4c93-1a6e-11e1-83d2-002421f3d1f7}
Shell\AutoRun\Command = E:\Huawei.exe

HKCU\.\.\.\.\Explorer\MountPoints2\{e5fb4cda-1a6e-11e1-83d2-002421f3d1f7}
Shell\AutoRun\Command = E:\AutoRun.exe

HKCU\.\.\.\.\Explorer\MountPoints2\{fca2429d-2101-11e1-b46d-002421f3d1f7}
Shell\AutoRun\Command = E:\AutoRun.exe

HKCU\.\.\.\.\Explorer\MountPoints2\{fca24308-2101-11e1-b46d-002421f3d1f7}
Shell\AutoRun\Command = E:\AutoRun.exe

HKCU\.\.\.\.\Explorer\MountPoints2\{fca24360-2101-11e1-b46d-002421f3d1f7}
Shell\AutoRun\Command = E:\AutoRun.exe

HKCU\.\.\.\.\Explorer\MountPoints2\{fd97fcd9-19f8-11e1-805a-002421f3d1f7}
Shell\AutoRun\Command = E:\AutoRun.exe

HKCU\.\.\.\.\Explorer\MountPoints2\{fd97fd5a-19f8-11e1-805a-002421f3d1f7}
Shell\AutoRun\Command = E:\AutoRun.exe

HKCU\.\.\.\.\Explorer\MountPoints2\{fd97ffa3-19f8-11e1-805a-002421f3d1f7}
Shell\AutoRun\Command = E:\AutoRun.exe

HKCU\.\.\.\.\Explorer\MountPoints2\{fd97fffe-19f8-11e1-805a-002421f3d1f7}
Shell\AutoRun\Command = E:\Huawei.exe

HKCU\.\.\.\.\Explorer\MountPoints2\{feee2b6f-5a53-11e1-848b-002421f3d1f7}
Shell\AutoRun\Command = G:\AutoRun.exe

################## | Vaccin |

(!) This computer is not vaccinated!

################## | E.O.F |

Pablo1 · #8 Příspěvek od **Pablo1** » 22 úno 2013 19:09

Prosim vas uz je to v poriadku alebo mam este nieco urobit ?

#9 Příspěvek od **JaRon** » 23 úno 2013 13:19

zopakuj USBFix v nudzovom rezime - volba deletion - a bude to OK

Pablo1 · #10 Příspěvek od **Pablo1** » 23 úno 2013 14:53

Ak je to OK tak dakujem za pomoc.

############################## | UsbFix V 7.096 | [Deletion]

User: Pablo1 (Administrator) # PABLO1-PC
Updated 15/08/2012 by El Desaparecido
Started at 14:38:32 | 23/02/2013

Website: http://eldesaparecido.com
Forum: http://forum.eldesaparecido.com
Suspicious file ? : http://eldesaparecido.com/upload.php
Contact: contact@eldesaparecido.com

PC: Micro-Star International (MSI NOTEBOOK VR630) (X86-based PC) # Desktop Computer
CPU: AMD Sempron(tm) SI-42 (2100)
RAM -> [Total : 1791 | Free : 1075]
BIOS: MSI NOTEBOOK VR630, BIOS Version: A1672NMS Ver1.0J
BOOT: Fail-safe boot

OS: Microsoft Windows 7 Home Premium (6.1.7601 32-Bit) # Service Pack 1
WB: Windows Internet Explorer 9.0.8112.16421

SC: Security Center Service [Enabled]
WU: Windows Update Service [Enabled]
AV: avast! Antivirus [Enabled | Updated]
FW: Windows FireWall Service [Enabled]

C:\ (%systemdrive%) -> Fixed drive # 298 Gb (175 Mb free - 59%) [] # NTFS
D:\ -> CD-ROM
E:\ -> CD-ROM

################## | Active Processes |

C:\Windows\system32\csrss.exe (320)
C:\Windows\system32\wininit.exe (356)
C:\Windows\system32\csrss.exe (364)
C:\Windows\system32\services.exe (420)
C:\Windows\system32\lsass.exe (428)
C:\Windows\system32\lsm.exe (436)
C:\Windows\system32\winlogon.exe (460)
C:\Windows\system32\svchost.exe (572)
C:\Windows\system32\svchost.exe (632)
C:\Windows\System32\svchost.exe (680)
C:\Windows\system32\svchost.exe (780)
C:\Windows\system32\svchost.exe (852)
C:\Windows\Explorer.EXE (996)
C:\Windows\system32\ctfmon.exe (1052)
C:\UsbFix\Go.exe (1488)
C:\Windows\system32\wbem\wmiprvse.exe (1564)

################## | Stopped processes |

Stopped! C:\Windows\Explorer.EXE (996)
Stopped! C:\Windows\system32\ctfmon.exe (1052)

################## | Files # Infected Folders |

Deleted ! C:\Users\Pablo1\AppData\Roaming\Temp
Not deleted ! E:\AutoRun.exe
Deleted ! C:\$RECYCLE.BIN\S-1-5-21-221763810-776339957-632471727-1000
Deleted ! C:\$RECYCLE.BIN\S-1-5-21-221763810-776339957-632471727-501
Not deleted ! E:\autorun.inf

(!) Temporary files deleted.

################## | Registry |

Deleted ! HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\explorer|NoDrives

################## | Mountpoints2 |

Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\E
Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{0653f6a7-1ac1-11e1-a920-002421f3d1f7}
Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{100b24fe-19eb-11e1-8977-002421f3d1f7}
Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{17dbc6b1-1a0d-11e1-8da0-002421f3d1f7}
Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{17dbc76b-1a0d-11e1-8da0-002421f3d1f7}
Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{17dbc7fa-1a0d-11e1-8da0-002421f3d1f7}
Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{17dbcc2f-1a0d-11e1-8da0-001e101fabdd}
Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{17dbcd04-1a0d-11e1-8da0-001e101fabdd}
Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{21eec6cc-19ef-11e1-9469-806e6f6e6963}
Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{2a8bfbd1-6f47-11e1-8f08-002421f3d1f7}
Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{2a8bfcba-6f47-11e1-8f08-002421f3d1f7}
Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{2a8bfd67-6f47-11e1-8f08-002421f3d1f7}
Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{2a8bfe12-6f47-11e1-8f08-002421f3d1f7}
Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{2a8bffc9-6f47-11e1-8f08-002421f3d1f7}
Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{2a8c0055-6f47-11e1-8f08-002421f3d1f7}
Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{2a8c0519-6f47-11e1-8f08-002421f3d1f7}
Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{2a8c0955-6f47-11e1-8f08-002421f3d1f7}
Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{48f6ccc8-19ea-11e1-9b6b-806e6f6e6963}
Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{626363d7-6f80-11e1-985e-002421f3d1f7}
Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{62636508-6f80-11e1-985e-002421f3d1f7}
Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{6263670a-6f80-11e1-985e-002421f3d1f7}
Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{626367a4-6f80-11e1-985e-002421f3d1f7}
Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{6263682c-6f80-11e1-985e-002421f3d1f7}
Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{69528794-6e77-11e1-8102-002421f3d1f7}
Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{69528807-6e77-11e1-8102-002421f3d1f7}
Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{788777d3-6d16-11e1-af93-002421f3d1f7}
Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{797578ba-5ad8-11e1-93af-002421f3d1f7}
Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{985ccc2d-6add-11e1-8597-002421f3d1f7}
Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{985cd602-6add-11e1-8597-002421f3d1f7}
Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{af0c60a4-6fa3-11e1-a680-002421f3d1f7}
Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{b1cb392f-2352-11e1-a417-002421f3d1f7}
Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{b3e7a40c-bea5-11e1-a088-002421f3d1f7}
Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{bae400cc-4615-11e2-b047-002421f3d1f7}
Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{c60e61d1-1a5b-11e1-bd28-002421f3d1f7}
Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{c60e6487-1a5b-11e1-bd28-002421f3d1f7}
Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{c60e64fd-1a5b-11e1-bd28-002421f3d1f7}
Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{d2b48c87-242d-11e1-b8b0-002421f3d1f7}
Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{d5a39a4c-24ae-11e1-ac83-002421f3d1f7}
Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{d5a39cec-24ae-11e1-ac83-002421f3d1f7}
Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{d5a3a294-24ae-11e1-ac83-002421f3d1f7}
Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{e495e234-2130-11e1-bdd8-002421f3d1f7}
Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{e5fb4cda-1a6e-11e1-83d2-002421f3d1f7}
Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{fca2429d-2101-11e1-b46d-002421f3d1f7}
Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{fca24360-2101-11e1-b46d-002421f3d1f7}
Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{fd97fd5a-19f8-11e1-805a-002421f3d1f7}
Deleted ! HKCU\.\.\.\.\Explorer\MountPoints2\{fd97fffe-19f8-11e1-805a-002421f3d1f7}

################## | Listing |

[23/02/2013 - 14:41:00 | SHD ] C:\$Recycle.Bin
[11/02/2013 - 17:34:22 | N | 216] C:\aaw7boot.cmd
[06/02/2013 - 17:08:58 | D ] C:\ALFA
[10/06/2009 - 22:42:20 | N | 24] C:\autoexec.bat
[30/10/2012 - 09:42:41 | SHD ] C:\Boot
[20/11/2010 - 22:29:06 | RASH | 383786] C:\bootmgr
[03/08/2011 - 21:07:27 | N | 8192] C:\BOOTSECT.BAK
[10/06/2009 - 22:42:20 | N | 10] C:\config.sys
[14/07/2009 - 05:53:55 | SHD ] C:\Documents and Settings
[13/08/2012 - 18:58:34 | D ] C:\Drivers Backup
[23/02/2013 - 14:36:53 | ASH | 1408589824] C:\hiberfil.sys
[08/01/2013 - 15:37:08 | D ] C:\inetpub
[13/04/2012 - 12:30:36 | D ] C:\logs
[03/08/2011 - 20:50:55 | | 0] C:\mbne.ld
[23/02/2013 - 14:36:55 | ASH | 1878122496] C:\pagefile.sys
[14/07/2009 - 03:37:05 | D ] C:\PerfLogs
[22/02/2013 - 20:20:31 | D ] C:\Program Files
[22/02/2013 - 15:01:19 | HD ] C:\ProgramData
[07/12/2011 - 22:43:46 | SHD ] C:\Recovery
[22/02/2013 - 16:37:55 | SHD ] C:\System Volume Information
[19/02/2013 - 18:31:11 | D ] C:\Temp
[23/02/2013 - 14:41:00 | D ] C:\UsbFix
[23/02/2013 - 14:38:54 | A | 1814] C:\UsbFix.txt
[12/01/2013 - 21:22:44 | D ] C:\Users
[22/02/2013 - 18:31:07 | D ] C:\Windows
[03/08/2011 - 20:49:09 | D ] C:\Windows Loader
[03/08/2011 - 20:50:54 | | 381467] C:\XGZPQ
[19/07/2011 - 05:10:58 | R | 643] E:\AutoRun.dat
[19/07/2011 - 05:10:58 | R | 334672] E:\AutoRun.exe
[19/07/2011 - 05:10:58 | R | 44] E:\autorun.inf
[19/07/2011 - 17:44:20 | D ] E:\Data
[19/07/2011 - 05:10:58 | R | 9662] E:\P18D.ico

################## | Vaccin |

C:\Autorun.inf -> Vaccine created by UsbFix (El Desaparecido)

################## | Upload |

Please send the file: C:\UsbFix_Upload_Me_PABLO1-PC.zip
http://eldesaparecido.com/upload.php
Thank you for your contribution.

################## | E.O.F |

#11 Příspěvek od **JaRon** » 24 úno 2013 14:45

rado sa stalo

VIRY.CZ

Prosim o kontrolu logu

Prosim o kontrolu logu

Re: Prosim o kontrolu logu

Re: Prosim o kontrolu logu

Re: Prosim o kontrolu logu

Re: Prosim o kontrolu logu

Re: Prosim o kontrolu logu

Re: Prosim o kontrolu logu

Re: Prosim o kontrolu logu

Re: Prosim o kontrolu logu

Re: Prosim o kontrolu logu

Re: Prosim o kontrolu logu