TSR.BOOT virus

[valdoDK]

Zdravim Vas.

Dnes rano som kompletne preinstaloval cely PC so vsetkym ako ma byt. Cize klasicky boot z CD a preformatovat disk. Po nainstalovani antiviru na mna po chvili vyskocila hlaska s TSR.BOOT virusom. Vobec neviem o co sa jedna a pochybujem ze by sa virus nachadzal priamo na HDD pc, pretoze som nic take este neinstaloval. Virus myslim bude schovany niekde v externom 2TB HDD kde mam urobenu aj kompletnu zalohu. Pred preinstalovanim ale NOD32 ziadny podobny virus nehlasil tak som z toho trocha zmateny. Prikladam teda RSIT log aj ked neviem ci pomoze, kedze je tam len log z disku C: no vopred dakujem za akekolvek odpovede, rady a riesenia.

Logfile of random's system information tool 1.09 (written by random/random)
Run by MrVopi at 2013-03-02 14:43:16
Microsoft Windows 7 Professional
System drive C: has 284 GB (93%) free of 305 GB
Total RAM: 4061 MB (65% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:43:22, on 2. 3. 2013
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Users\MrVopi\AppData\Local\Akamai\netsession_win.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Users\MrVopi\AppData\Local\Akamai\netsession_win.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Internet Download Manager\IDMan.exe
C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\MrVopi.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local;<local>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\MrVopi\AppData\Local\Akamai\netsession_win.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Dell Dock.lnk = C:\Program Files\Dell\DellDock\DellDock.exe
O4 - Startup: Rainmeter.lnk = C:\Program Files\Rainmeter\Rainmeter.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm
O15 - Trusted Zone: *.dell.com
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Dock Login Service (DockLoginService) - Stardock Corporation - C:\Program Files\Dell\DellDock\DockLogin.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\STacSV64.exe
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8515 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\STacSV64.exe
C:\Windows\system32\svchost.exe -k LocalService
"C:\Program Files\Dell\DellDock\DockLogin.exe"
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\AESTSr64.exe
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
"C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe"
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Program Files\Dell\QuickSet\quickset.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Users\MrVopi\AppData\Local\Akamai\netsession_win.exe"
"C:\Program Files\Dell\DellDock\DellDock.exe"
"C:\Program Files\Rainmeter\Rainmeter.exe"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\iTunes\iTunesHelper.exe"
"C:/Users/MrVopi/AppData/Local/Akamai/netsession_win.exe" --client
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\iPod\bin\iPodService.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="3564.0.319715515\1722296993" --supports-dual-gpus=false --reduce-gpu-sandbox --disable-image-transport-surface --gpu-vendor-id=0x1002 --gpu-device-id=0x9593 --gpu-driver-vendor="ATI Technologies Inc." --gpu-driver-version=8.631.0.0 --ignored=" --type=renderer " /prefetch:12
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="3564.8.1059180497\1867631837" --lang=sk --ignored=" --type=renderer " /prefetch:13
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
C:\Windows\system32\sppsvc.exe
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials=ForceCompositingMode/thread/InfiniteCache/No/NewTabButton/default/OmniboxHQPNewScoringMax1400/Standard/OmniboxHQPOnlyCountMatchesAtWordBoundaries/Standard/OmniboxHQPReplaceHUPRearrangeNumComponents/Standard/OmniboxHUPCreateShorterMatch/Standard/OmniboxHUPCullRedirects/Standard/OmniboxSearchSuggestTrialStarted2013Q1/15/OneClickSignIn/Standard/OverlappedReadImpact/OverlappedReadEnabled/Prerender/PrerenderEnabled/PrerenderLocalPredictor/Disabled/SideloadWipeout/Enabled/SpdyCwnd/cwndMin16/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_07/UMA-Uniformity-Trial-1-Percent/group_45/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-50-Percent/default/ --renderer-print-preview --enable-threaded-compositing --channel="3564.9.441580670\689837950" /prefetch:3
"C:\Program Files (x86)\Internet Download Manager\IDMan.exe" -Embedding
"C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials=ForceCompositingMode/thread/InfiniteCache/No/NewTabButton/default/OmniboxHQPNewScoringMax1400/Standard/OmniboxHQPOnlyCountMatchesAtWordBoundaries/Standard/OmniboxHQPReplaceHUPRearrangeNumComponents/Standard/OmniboxHUPCreateShorterMatch/Standard/OmniboxHUPCullRedirects/Standard/OmniboxSearchSuggestTrialStarted2013Q1/15/OneClickSignIn/Standard/OverlappedReadImpact/OverlappedReadEnabled/Prerender/PrerenderEnabled/PrerenderLocalPredictor/Disabled/SideloadWipeout/Enabled/SpdyCwnd/cwndMin16/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_07/UMA-Uniformity-Trial-1-Percent/group_45/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-50-Percent/default/ --extension-process --renderer-print-preview --enable-threaded-compositing --channel="3564.32.975758929\1351544888" /prefetch:3
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=plugin --plugin-path="C:\Users\MrVopi\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmolcgpienlcieaajfkkdamlngancncm\6.15.5_0\IDMGCExt.dll" --lang=sk --channel="3564.33.1698644991\277057888" /prefetch:4
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=service --lang=sk
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi-broker --channel="3564.36.1094158729\1914548305" --lang=sk /prefetch:14
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials=ForceCompositingMode/thread/InfiniteCache/No/NewTabButton/default/OmniboxHQPNewScoringMax1400/Standard/OmniboxHQPOnlyCountMatchesAtWordBoundaries/Standard/OmniboxHQPReplaceHUPRearrangeNumComponents/Standard/OmniboxHUPCreateShorterMatch/Standard/OmniboxHUPCullRedirects/Standard/OmniboxSearchSuggestTrialStarted2013Q1/15/OneClickSignIn/Standard/OverlappedReadImpact/OverlappedReadEnabled/Prerender/PrerenderEnabled/PrerenderLocalPredictor/Disabled/SideloadWipeout/Enabled/SpdyCwnd/cwndMin16/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_07/UMA-Uniformity-Trial-1-Percent/group_45/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-50-Percent/default/ --renderer-print-preview --enable-threaded-compositing --channel="3564.39.833229142\1240816684" /prefetch:3
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=sk --force-fieldtrials=ForceCompositingMode/thread/InfiniteCache/No/NewTabButton/default/OmniboxHQPNewScoringMax1400/Standard/OmniboxHQPOnlyCountMatchesAtWordBoundaries/Standard/OmniboxHQPReplaceHUPRearrangeNumComponents/Standard/OmniboxHUPCreateShorterMatch/Standard/OmniboxHUPCullRedirects/Standard/OmniboxSearchSuggestTrialStarted2013Q1/15/OneClickSignIn/Standard/OverlappedReadImpact/OverlappedReadEnabled/Prerender/PrerenderEnabled/PrerenderLocalPredictor/Disabled/SideloadWipeout/Enabled/SpdyCwnd/cwndMin16/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_07/UMA-Uniformity-Trial-1-Percent/group_45/UMA-Uniformity-Trial-10-Percent/group_09/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_19/UMA-Uniformity-Trial-50-Percent/default/ --renderer-print-preview --enable-threaded-compositing --channel="3564.40.778625313\1030615051" /prefetch:3
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe4_ Global\UsGthrCtrlFltPipeMssGthrPipe4 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 508 512 520 65536 516
C:\Windows\explorer.exe /factory,{75dff2b7-6936-4c06-a8bb-676a7b00b24b} -Embedding
"C:\Users\MrVopi\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}]
IDM integration (IDMIEHlprObj Class) - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2013-03-01 396096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-03-02 551840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-03-02 209824]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}]
IDM integration (IDMIEHlprObj Class) - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2013-03-01 363328]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-03-02 461216]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-03-02 170912]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2009-02-06 2680696]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2010-01-21 487424]
"QuickSet"=C:\Program Files\Dell\QuickSet\QuickSet.exe [2010-06-09 3216544]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Akamai NetSession Interface"=C:\Users\MrVopi\AppData\Local\Akamai\netsession_win.exe [2012-10-09 4441920]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-01-28 59720]
"iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2013-02-20 152392]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-06-25 98304]

C:\Users\MrVopi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dell Dock.lnk - C:\Program Files\Dell\DellDock\DellDock.exe
Rainmeter.lnk - C:\Program Files\Rainmeter\Rainmeter.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"VIDC.LAGS"=lagarith.dll
"VIDC.FFDS"=ff_vfw.dll
"msacm.l3codecp"=l3codecp.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2013-03-02 14:43:17 ----D---- C:\Program Files\trend micro
2013-03-02 14:43:16 ----D---- C:\rsit
2013-03-02 14:17:18 ----D---- C:\Users\MrVopi\AppData\Roaming\IDM
2013-03-02 14:17:18 ----D---- C:\Users\MrVopi\AppData\Roaming\DMCache
2013-03-02 14:17:18 ----D---- C:\ProgramData\IDM
2013-03-02 14:17:15 ----D---- C:\Program Files (x86)\Internet Download Manager
2013-03-02 14:15:11 ----D---- C:\Users\MrVopi\AppData\Roaming\Rainmeter
2013-03-02 14:14:13 ----D---- C:\Program Files\Rainmeter
2013-03-02 13:57:31 ----D---- C:\Users\MrVopi\AppData\Roaming\Dell
2013-03-02 13:53:51 ----HDC---- C:\ProgramData\{CBCE2F73-24E4-481F-84B2-1A5EB720D187}
2013-03-02 13:49:45 ----D---- C:\Users\MrVopi\AppData\Roaming\Adobe
2013-03-02 13:41:21 ----D---- C:\Program Files\CCleaner
2013-03-02 13:41:20 ----D---- C:\Users\MrVopi\AppData\Roaming\ATI
2013-03-02 13:41:20 ----D---- C:\ProgramData\ATI
2013-03-02 13:38:51 ----D---- C:\Program Files (x86)\ATI Technologies
2013-03-02 13:38:40 ----D---- C:\Program Files\ATI Technologies
2013-03-02 13:38:37 ----D---- C:\Program Files\ATI
2013-03-02 13:38:10 ----A---- C:\Windows\system32\drivers\AtiHdmi.sys
2013-03-02 13:38:09 ----A---- C:\Windows\SYSWOW64\Oemdspif.dll
2013-03-02 13:38:09 ----A---- C:\Windows\SYSWOW64\atipdlxx.dll
2013-03-02 13:38:09 ----A---- C:\Windows\system32\atiumd6a.dll
2013-03-02 13:38:09 ----A---- C:\Windows\system32\atiumd64.dll
2013-03-02 13:38:09 ----A---- C:\Windows\system32\atitmm64.dll
2013-03-02 13:38:09 ----A---- C:\Windows\system32\atipdl64.dll
2013-03-02 13:38:08 ----A---- C:\Windows\SYSWOW64\atioglxx.dll
2013-03-02 13:38:08 ----A---- C:\Windows\SYSWOW64\atimpc32.dll
2013-03-02 13:38:08 ----A---- C:\Windows\SYSWOW64\atidxx32.dll
2013-03-02 13:38:08 ----A---- C:\Windows\SYSWOW64\aticalrt.dll
2013-03-02 13:38:08 ----A---- C:\Windows\SYSWOW64\aticaldd.dll
2013-03-02 13:38:08 ----A---- C:\Windows\SYSWOW64\aticalcl.dll
2013-03-02 13:38:08 ----A---- C:\Windows\SYSWOW64\atiadlxy.dll
2013-03-02 13:38:08 ----A---- C:\Windows\SYSWOW64\ati2edxx.dll
2013-03-02 13:38:08 ----A---- C:\Windows\SYSWOW64\amdpcom32.dll
2013-03-02 13:38:08 ----A---- C:\Windows\system32\drivers\atikmdag.sys
2013-03-02 13:38:08 ----A---- C:\Windows\system32\drivers\ati2erec.dll
2013-03-02 13:38:08 ----A---- C:\Windows\system32\atio6axx.dll
2013-03-02 13:38:08 ----A---- C:\Windows\system32\atimuixx.dll
2013-03-02 13:38:08 ----A---- C:\Windows\system32\atimpc64.dll
2013-03-02 13:38:08 ----A---- C:\Windows\system32\atiesrxx.exe
2013-03-02 13:38:08 ----A---- C:\Windows\system32\atiedu64.dll
2013-03-02 13:38:08 ----A---- C:\Windows\system32\atieclxx.exe
2013-03-02 13:38:08 ----A---- C:\Windows\system32\ATIDEMGX.dll
2013-03-02 13:38:08 ----A---- C:\Windows\system32\aticalrt64.dll
2013-03-02 13:38:08 ----A---- C:\Windows\system32\aticaldd64.dll
2013-03-02 13:38:08 ----A---- C:\Windows\system32\aticalcl64.dll
2013-03-02 13:38:08 ----A---- C:\Windows\system32\atiadlxx.dll
2013-03-02 13:38:08 ----A---- C:\Windows\system32\amdpcom64.dll
2013-03-02 13:37:16 ----A---- C:\Windows\SYSWOW64\drivers\packet.sys
2013-03-02 13:37:13 ----AD---- C:\ProgramData\TEMP
2013-03-02 13:36:15 ----D---- C:\ProgramData\Dell
2013-03-02 13:36:13 ----D---- C:\Program Files\Dell
2013-03-02 13:29:47 ----A---- C:\Windows\system32\stlang64.dll
2013-03-02 13:29:47 ----A---- C:\Windows\system32\idt64mp1.exe
2013-03-02 13:29:47 ----A---- C:\Windows\system32\ctppld64.dll
2013-03-02 13:29:47 ----A---- C:\Windows\system32\ctapo64.dll
2013-03-02 13:29:47 ----A---- C:\Windows\system32\ctapo32.dll
2013-03-02 13:29:47 ----A---- C:\Windows\system32\AESTEC64.dll
2013-03-02 13:29:47 ----A---- C:\Windows\system32\AESTCo64.dll
2013-03-02 13:29:47 ----A---- C:\Windows\system32\AESTAR64.dll
2013-03-02 13:29:47 ----A---- C:\Windows\system32\AESTAC64.dll
2013-03-02 13:29:46 ----D---- C:\Windows\system32\SRSLabs
2013-03-02 13:29:10 ----A---- C:\Windows\system32\drivers\stwrt64.sys
2013-03-02 13:29:09 ----N---- C:\Windows\system32\stapi64.dll
2013-03-02 13:29:09 ----A---- C:\Windows\system32\stcplx64.dll
2013-03-02 13:29:09 ----A---- C:\Windows\system32\stapo64.dll
2013-03-02 13:29:09 ----A---- C:\Windows\system32\st646267.dll
2013-03-02 13:29:07 ----A---- C:\Windows\SYSWOW64\ctapo32.dll
2013-03-02 13:29:03 ----D---- C:\Program Files\IDT
2013-03-02 13:28:59 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2013-03-02 13:28:36 ----D---- C:\dell
2013-03-02 13:27:39 ----D---- C:\Users\MrVopi\AppData\Roaming\TeraCopy
2013-03-02 13:27:33 ----D---- C:\Program Files\TeraCopy
2013-03-02 13:04:29 ----D---- C:\Users\MrVopi\AppData\Roaming\ESET
2013-03-02 13:03:29 ----D---- C:\ProgramData\ESET
2013-03-02 13:03:29 ----D---- C:\Program Files\ESET
2013-03-02 12:55:45 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2013-03-02 12:54:02 ----D---- C:\Program Files (x86)\Microsoft.NET
2013-03-02 12:52:55 ----A---- C:\Windows\SYSWOW64\PresentationHostProxy.dll
2013-03-02 12:52:55 ----A---- C:\Windows\SYSWOW64\PresentationHost.exe
2013-03-02 12:52:55 ----A---- C:\Windows\SYSWOW64\netfxperf.dll
2013-03-02 12:52:55 ----A---- C:\Windows\SYSWOW64\mscoree.dll
2013-03-02 12:52:55 ----A---- C:\Windows\SYSWOW64\dfshim.dll
2013-03-02 12:52:55 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2013-03-02 12:52:55 ----A---- C:\Windows\system32\PresentationHost.exe
2013-03-02 12:52:55 ----A---- C:\Windows\system32\netfxperf.dll
2013-03-02 12:52:55 ----A---- C:\Windows\system32\mscoree.dll
2013-03-02 12:52:55 ----A---- C:\Windows\system32\dfshim.dll
2013-03-02 12:39:00 ----D---- C:\Users\MrVopi\AppData\Roaming\Notepad++
2013-03-02 12:39:00 ----D---- C:\Program Files (x86)\Notepad++
2013-03-02 12:16:28 ----D---- C:\Users\MrVopi\AppData\Roaming\Apple Computer
2013-03-02 12:13:15 ----D---- C:\Windows\SYSWOW64\Adobe
2013-03-02 12:11:53 ----DC---- C:\Windows\system32\DRVSTORE
2013-03-02 12:11:53 ----A---- C:\Windows\system32\drivers\GEARAspiWDM.sys
2013-03-02 12:11:44 ----D---- C:\ProgramData\Apple Computer
2013-03-02 12:11:44 ----D---- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-03-02 12:11:44 ----D---- C:\Program Files\iTunes
2013-03-02 12:11:44 ----D---- C:\Program Files\iPod
2013-03-02 12:11:44 ----D---- C:\Program Files (x86)\iTunes
2013-03-02 12:11:00 ----D---- C:\Program Files\Common Files\Apple
2013-03-02 12:10:55 ----D---- C:\Program Files (x86)\Apple Software Update
2013-03-02 12:10:51 ----D---- C:\Program Files\Bonjour
2013-03-02 12:10:51 ----D---- C:\Program Files (x86)\Bonjour
2013-03-02 12:10:44 ----D---- C:\ProgramData\Apple
2013-03-02 12:10:29 ----D---- C:\Program Files (x86)\VideoLAN
2013-03-02 12:09:47 ----D---- C:\Users\MrVopi\AppData\Roaming\Dropbox
2013-03-02 12:09:36 ----A---- C:\Windows\SYSWOW64\unrar.dll
2013-03-02 12:09:33 ----D---- C:\Program Files (x86)\K-Lite Codec Pack
2013-03-02 12:09:20 ----A---- C:\Windows\system32\unrar64.dll
2013-03-02 12:09:20 ----A---- C:\Windows\system32\lagarith.dll
2013-03-02 12:09:19 ----A---- C:\Windows\system32\ff_vfw.dll
2013-03-02 12:09:18 ----D---- C:\Program Files\K-Lite Codec Pack x64
2013-03-02 12:08:55 ----D---- C:\Program Files (x86)\TeamViewer
2013-03-02 12:08:51 ----D---- C:\Program Files (x86)\FileZilla FTP Client
2013-03-02 12:08:49 ----D---- C:\Program Files (x86)\foobar2000
2013-03-02 12:08:48 ----D---- C:\Program Files\7-Zip
2013-03-02 12:08:44 ----A---- C:\Windows\system32\npDeployJava1.dll
2013-03-02 12:08:44 ----A---- C:\Windows\system32\javaws.exe
2013-03-02 12:08:44 ----A---- C:\Windows\system32\deployJava1.dll
2013-03-02 12:08:41 ----A---- C:\Windows\system32\WindowsAccessBridge-64.dll
2013-03-02 12:08:41 ----A---- C:\Windows\system32\javaw.exe
2013-03-02 12:08:41 ----A---- C:\Windows\system32\java.exe
2013-03-02 12:08:38 ----D---- C:\Program Files\Java
2013-03-02 12:08:34 ----D---- C:\ProgramData\Sun
2013-03-02 12:08:30 ----A---- C:\Windows\SYSWOW64\npDeployJava1.dll
2013-03-02 12:08:30 ----A---- C:\Windows\SYSWOW64\javaws.exe
2013-03-02 12:08:30 ----A---- C:\Windows\SYSWOW64\deployJava1.dll
2013-03-02 12:08:27 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2013-03-02 12:08:27 ----A---- C:\Windows\SYSWOW64\javaw.exe
2013-03-02 12:08:27 ----A---- C:\Windows\SYSWOW64\java.exe
2013-03-02 12:08:23 ----D---- C:\Program Files (x86)\Java
2013-03-02 12:08:10 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2013-03-02 12:08:09 ----D---- C:\Windows\SYSWOW64\Macromed
2013-03-02 12:08:07 ----N---- C:\Windows\system32\MpSigStub.exe
2013-03-02 12:08:07 ----D---- C:\Windows\system32\Macromed
2013-03-02 12:07:00 ----SHD---- C:\Windows\Installer
2013-03-02 12:02:21 ----D---- C:\Program Files (x86)\Google
2013-03-02 11:59:48 ----A---- C:\Windows\SYSWOW64\rdpcore.dll
2013-03-02 11:59:48 ----A---- C:\Windows\SYSWOW64\cabview.dll
2013-03-02 11:59:48 ----A---- C:\Windows\system32\rdpcore.dll
2013-03-02 11:59:48 ----A---- C:\Windows\system32\drivers\tdtcp.sys
2013-03-02 11:59:48 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2013-03-02 11:59:48 ----A---- C:\Windows\system32\cabview.dll
2013-03-02 11:56:09 ----A---- C:\Windows\system32\wups2.dll
2013-03-02 11:56:09 ----A---- C:\Windows\system32\wucltux.dll
2013-03-02 11:56:09 ----A---- C:\Windows\system32\wuauclt.exe
2013-03-02 11:56:08 ----A---- C:\Windows\system32\wuaueng.dll
2013-03-02 11:56:01 ----A---- C:\Windows\system32\wups.dll
2013-03-02 11:56:01 ----A---- C:\Windows\system32\wudriver.dll
2013-03-02 11:56:01 ----A---- C:\Windows\system32\wuapi.dll
2013-03-02 11:55:49 ----A---- C:\Windows\system32\wuwebv.dll
2013-03-02 11:55:49 ----A---- C:\Windows\system32\wuapp.exe
2013-03-02 11:55:37 ----D---- C:\Users\MrVopi\AppData\Roaming\Identities
2013-03-02 11:55:24 ----SD---- C:\Users\MrVopi\AppData\Roaming\Microsoft
2013-03-02 11:55:24 ----D---- C:\Users\MrVopi\AppData\Roaming\Media Center Programs
2013-03-02 11:55:13 ----SHD---- C:\Recovery
2013-03-02 11:54:37 ----D---- C:\Windows\SoftwareDistribution
2013-03-02 11:45:38 ----D---- C:\Windows\Prefetch
2013-03-02 11:45:24 ----ASH---- C:\pagefile.sys
2013-03-02 11:45:21 ----SHD---- C:\System Volume Information
2013-03-02 11:45:21 ----ASH---- C:\hiberfil.sys
2013-03-02 11:44:53 ----D---- C:\Windows\Panther
2013-03-01 13:04:38 ----A---- C:\Windows\system32\drivers\idmwfp.sys

======List of files/folders modified in the last 1 month======

2013-03-02 14:43:19 ----D---- C:\Windows\Temp
2013-03-02 14:43:17 ----RD---- C:\Program Files
2013-03-02 14:33:51 ----D---- C:\Windows\System32
2013-03-02 14:33:51 ----D---- C:\Windows\inf
2013-03-02 14:33:51 ----A---- C:\Windows\system32\PerfStringBackup.INI
2013-03-02 14:32:50 ----D---- C:\Windows\system32\config
2013-03-02 14:28:18 ----A---- C:\Windows\system32\uxtheme.dll
2013-03-02 14:28:16 ----A---- C:\Windows\system32\themeui.dll
2013-03-02 14:28:14 ----A---- C:\Windows\system32\themeservice.dll
2013-03-02 14:17:20 ----D---- C:\Windows\system32\drivers
2013-03-02 14:17:18 ----HD---- C:\ProgramData
2013-03-02 14:17:15 ----RD---- C:\Program Files (x86)
2013-03-02 14:14:11 ----D---- C:\Program Files\Common Files\Microsoft Shared
2013-03-02 13:54:21 ----RSD---- C:\Windows\assembly
2013-03-02 13:47:22 ----D---- C:\Program Files (x86)\Common Files
2013-03-02 13:45:10 ----D---- C:\Windows
2013-03-02 13:43:16 ----D---- C:\Windows\SysWOW64
2013-03-02 13:41:23 ----D---- C:\Windows\system32\Tasks
2013-03-02 13:40:22 ----D---- C:\Windows\system32\catroot
2013-03-02 13:40:16 ----D---- C:\Windows\system32\DriverStore
2013-03-02 13:40:13 ----D---- C:\Windows\system32\catroot2
2013-03-02 13:39:47 ----D---- C:\Windows\winsxs
2013-03-02 13:37:51 ----RD---- C:\Users
2013-03-02 13:37:16 ----D---- C:\Windows\SYSWOW64\drivers
2013-03-02 13:25:45 ----D---- C:\Windows\Resources
2013-03-02 13:07:50 ----D---- C:\Windows\system32\LogFiles
2013-03-02 13:06:12 ----D---- C:\Windows\Microsoft.NET
2013-03-02 13:02:44 ----D---- C:\Windows\system32\wdi
2013-03-02 12:54:03 ----D---- C:\Windows\SYSWOW64\en-US
2013-03-02 12:54:03 ----D---- C:\Windows\system32\en-US
2013-03-02 12:13:23 ----D---- C:\Windows\system32\sk-SK
2013-03-02 12:11:00 ----D---- C:\Program Files\Common Files
2013-03-02 12:08:59 ----RSD---- C:\Windows\Fonts
2013-03-02 12:08:12 ----D---- C:\Windows\Tasks
2013-03-02 11:59:46 ----D---- C:\Windows\system32\CodeIntegrity
2013-03-02 11:59:07 ----D---- C:\Windows\Logs
2013-03-02 11:55:35 ----D---- C:\Windows\system32\restore
2013-03-02 11:55:34 ----SHD---- C:\$Recycle.Bin
2013-03-02 11:55:13 ----D---- C:\Windows\system32\Recovery
2013-03-02 11:55:09 ----SD---- C:\ProgramData\Microsoft
2013-03-02 11:51:16 ----D---- C:\Windows\rescache
2013-03-02 11:50:51 ----D---- C:\Windows\debug
2013-03-02 11:48:52 ----D---- C:\Windows\system32\sysprep
2013-03-02 11:46:02 ----D---- C:\Windows\CSC

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 514048]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2009-02-06 132464]
R2 eamon;eamon; C:\Windows\system32\DRIVERS\eamon.sys [2009-02-06 141728]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2009-02-06 163400]
R2 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2009-02-06 44944]
R2 IDMWFP;IDMWFP; C:\Windows\system32\DRIVERS\idmwfp.sys [2012-11-22 165112]
R3 AtiHdmiService;ATI Service for HD Audio Codec; C:\Windows\system32\drivers\AtiHdmi.sys [2009-06-05 114192]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-06-25 6036480]
R3 Epfwndis;Eset Personal Firewall; C:\Windows\system32\DRIVERS\Epfwndis.sys [2009-02-06 33608]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60a.sys [2009-06-10 270848]
R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit; C:\Windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-07-14 109056]
R3 STHDA;IDT High Definition Audio CODEC; C:\Windows\system32\DRIVERS\stwrt64.sys [2010-01-21 505856]
S3 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 165376]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 6656]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 34896]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 200272]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 21760]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AESTFilters;Andrea ST Filters Service; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\AESTSr64.exe [2009-03-03 89600]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-06-25 203264]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-12-21 57008]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 DockLoginService;Dock Login Service; C:\Program Files\Dell\DellDock\DockLogin.exe [2010-01-11 155648]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2009-02-06 727720]
R2 STacSV;Audio Service; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\STacSV64.exe [2010-01-21 244736]
R2 TeamViewer8;TeamViewer 8; C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2013-02-26 3560800]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2013-02-20 641352]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-03-02 116648]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-02 251248]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2009-02-06 23296]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-03-02 116648]
S3 gusvc;Google Updater Service; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-05-09 136120]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

[vyosek]

Zdravim

Stahnete MBRScan http://eric71.geekstogo.com/tools/MbrScan.exe

• Ulozte nejlepe na plochu
• Pokud pouzivate Win Vista ci W7, kliknete na MBRScan pravym a dejte Run As Administrator ci Spustit jako spravce
• Kliknete na Report
• Po chvilce se objevi log do souboru MBRScan.txt, ten sem vlozte

Stahnete si TDSSKiller http://support.kaspersky.com/downloads/ ... killer.exe

• Kliknete na volbu Change parametrs
• V okne Additional Option zakliknete vsechny moznosti
• Kliknete na OK
• Utilite prikazte, at skenuje - klik na Start Scan
• Po dokonceni skenu se objevi okno, zkontrolujte, zda-li je vsude moznost Skip
• Pokud moznost Skip nebude primarne nastavena, prekliknete ji na Skip
• Pokud mate vsude Skip, kliknete na Continue
• Na disku, kde mate Windows (obvykle c:\) ve tvaru TDSSKiller.nejaka cisilka _log.txt bude log - jeho obsah sem vlozte

[valdoDK]

Nech sa paci MBR LOG:

MBRScan v1.1.1

OS : Windows 7 (64 bit)
PROCESSOR : Intel64 Family 6 Model 23 Stepping 6, GenuineIntel
BOOT : Normal Boot
DATE : 2013/03/02 (ISO 8601) at 15:29:34
________________________________________________________________________________

DISK : Device\Harddisk0\DR0 __ExternalRAID
BUS_TYPE : (0x0B) S-ATA
USE_PIO : NO
MAX_TRANSFER : 128 Kb
ALIGNMENT_MASK : word aligned
________________________________________________________________________________

DISK : Device\Harddisk1\DR1 __ST9320421ASG (DE16)
BUS_TYPE : (0x0B) S-ATA
USE_PIO : NO
MAX_TRANSFER : 128 Kb
ALIGNMENT_MASK : word aligned
________________________________________________________________________________

Device\Harddisk0\DR0 1.82 To [Fixed] ==> Unknown MBR Code ==> PARTITION TABLE FAKED !!

MBR_MD5 : BF8BC5E8E7779D92062A02FD38FA4AE3
MBR_SHA1 : D7B9089E17768D384A670A67BF240ECC62E13A60

________________________________________________________________________________

Device\Harddisk1\DR1 298.1 Go [Fixed] ==> 7 MBR Code

MBR_MD5 : F7F46DDC1749006B31B923B497BEE4BA
MBR_SHA1 : F26BBA41B7C787D89BB5342F725BC95479A10DBF

Device\Harddisk1\Partition1 512 Ko 0x42 SFS/Linux swap
Device\Harddisk1\Partition2 100 Mo 0x42 SFS/Linux swap __ BOOTABLE __
Device\Harddisk1\Partition3 297 Go 0x42 SFS/Linux swap
Device\Harddisk1\Partition4 0 Ko 0x42 SFS/Linux swap
________________________________________________________________________________

############################### Additional scan ################################

DRIVER : C:\Windows\system32\hal.dll => Invisible on the disk
ADDRESS : 0x02A04000
SIZE : 292.0 Ko

DRIVER : C:\Windows\system32\kdcom.dll => Invisible on the disk
ADDRESS : 0x00BA4000
SIZE : 40.0 Ko

DRIVER : C:\Windows\system32\mcupdate_GenuineIntel.dll => Invisible on the disk
ADDRESS : 0x00C4A000
SIZE : 272.0 Ko

DRIVER : C:\Windows\system32\CLFS.SYS => Invisible on the disk
ADDRESS : 0x00CA2000
SIZE : 376.0 Ko

DRIVER : C:\Windows\system32\CI.dll => Invisible on the disk
ADDRESS : 0x00D00000
SIZE : 768.0 Ko

DRIVER : C:\Windows\system32\drivers\Wdf01000.sys => Invisible on the disk
ADDRESS : 0x00E44000
SIZE : 656.0 Ko

DRIVER : C:\Windows\system32\drivers\WDFLDR.SYS => Invisible on the disk
ADDRESS : 0x00EE8000
SIZE : 60.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\ACPI.sys => Invisible on the disk
ADDRESS : 0x00EF7000
SIZE : 348.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\WMILIB.SYS => Invisible on the disk
ADDRESS : 0x00F4E000
SIZE : 36.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\msisadrv.sys => Invisible on the disk
ADDRESS : 0x00F57000
SIZE : 40.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\pci.sys => Invisible on the disk
ADDRESS : 0x00F61000
SIZE : 204.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\vdrvroot.sys => Invisible on the disk
ADDRESS : 0x00F94000
SIZE : 52.0 Ko

DRIVER : C:\Windows\System32\drivers\partmgr.sys => Invisible on the disk
ADDRESS : 0x00FA1000
SIZE : 84.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\compbatt.sys => Invisible on the disk
ADDRESS : 0x00FB6000
SIZE : 36.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\BATTC.SYS => Invisible on the disk
ADDRESS : 0x00FBF000
SIZE : 48.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\volmgr.sys => Invisible on the disk
ADDRESS : 0x00FCB000
SIZE : 84.0 Ko

DRIVER : C:\Windows\System32\drivers\volmgrx.sys => Invisible on the disk
ADDRESS : 0x0101E000
SIZE : 368.0 Ko

DRIVER : C:\Windows\System32\drivers\mountmgr.sys => Invisible on the disk
ADDRESS : 0x0107A000
SIZE : 104.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\atapi.sys => Invisible on the disk
ADDRESS : 0x01094000
SIZE : 36.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\ataport.SYS => Invisible on the disk
ADDRESS : 0x0109D000
SIZE : 168.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\msahci.sys => Invisible on the disk
ADDRESS : 0x010C7000
SIZE : 44.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\PCIIDEX.SYS => Invisible on the disk
ADDRESS : 0x010D2000
SIZE : 64.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\amdxata.sys => Invisible on the disk
ADDRESS : 0x010E2000
SIZE : 44.0 Ko

DRIVER : C:\Windows\system32\drivers\fltmgr.sys => Invisible on the disk
ADDRESS : 0x010ED000
SIZE : 304.0 Ko

DRIVER : C:\Windows\system32\drivers\fileinfo.sys => Invisible on the disk
ADDRESS : 0x01139000
SIZE : 80.0 Ko

DRIVER : C:\Windows\System32\Drivers\Ntfs.sys => Invisible on the disk
ADDRESS : 0x01216000
SIZE : 1.64 Mo

DRIVER : C:\Windows\System32\Drivers\msrpc.sys => Invisible on the disk
ADDRESS : 0x0114D000
SIZE : 376.0 Ko

DRIVER : C:\Windows\System32\Drivers\ksecdd.sys => Invisible on the disk
ADDRESS : 0x013B9000
SIZE : 104.0 Ko

DRIVER : C:\Windows\System32\Drivers\cng.sys => Invisible on the disk
ADDRESS : 0x0143C000
SIZE : 460.0 Ko

DRIVER : C:\Windows\System32\drivers\pcw.sys => Invisible on the disk
ADDRESS : 0x014AF000
SIZE : 68.0 Ko

DRIVER : C:\Windows\System32\Drivers\Fs_Rec.sys => Invisible on the disk
ADDRESS : 0x014C0000
SIZE : 40.0 Ko

DRIVER : C:\Windows\system32\drivers\ndis.sys => Invisible on the disk
ADDRESS : 0x014CA000
SIZE : 968.0 Ko

DRIVER : C:\Windows\system32\drivers\NETIO.SYS => Invisible on the disk
ADDRESS : 0x0161D000
SIZE : 384.0 Ko

DRIVER : C:\Windows\System32\Drivers\ksecpkg.sys => Invisible on the disk
ADDRESS : 0x0167D000
SIZE : 172.0 Ko

DRIVER : C:\Windows\System32\drivers\tcpip.sys => Invisible on the disk
ADDRESS : 0x01802000
SIZE : 1.99 Mo

DRIVER : C:\Windows\System32\drivers\fwpkclnt.sys => Invisible on the disk
ADDRESS : 0x016A8000
SIZE : 296.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\vmstorfl.sys => Invisible on the disk
ADDRESS : 0x016F2000
SIZE : 64.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\volsnap.sys => Invisible on the disk
ADDRESS : 0x01702000
SIZE : 304.0 Ko

DRIVER : C:\Windows\System32\Drivers\spldr.sys => Invisible on the disk
ADDRESS : 0x0174E000
SIZE : 32.0 Ko

DRIVER : C:\Windows\System32\drivers\rdyboost.sys => Invisible on the disk
ADDRESS : 0x01756000
SIZE : 232.0 Ko

DRIVER : C:\Windows\System32\Drivers\mup.sys => Invisible on the disk
ADDRESS : 0x01790000
SIZE : 72.0 Ko

DRIVER : C:\Windows\System32\drivers\hwpolicy.sys => Invisible on the disk
ADDRESS : 0x017A2000
SIZE : 36.0 Ko

DRIVER : C:\Windows\System32\DRIVERS\fvevol.sys => Invisible on the disk
ADDRESS : 0x017AB000
SIZE : 232.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\disk.sys => Invisible on the disk
ADDRESS : 0x017E5000
SIZE : 88.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\CLASSPNP.SYS => Invisible on the disk
ADDRESS : 0x015BC000
SIZE : 192.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\cdrom.sys => Invisible on the disk
ADDRESS : 0x013D3000
SIZE : 168.0 Ko

DRIVER : C:\Windows\System32\Drivers\Null.SYS => Invisible on the disk
ADDRESS : 0x01413000
SIZE : 36.0 Ko

DRIVER : C:\Windows\System32\Drivers\Beep.SYS => Invisible on the disk
ADDRESS : 0x0141C000
SIZE : 28.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\ehdrv.sys => Invisible on the disk
ADDRESS : 0x011AB000
SIZE : 136.0 Ko

DRIVER : C:\Windows\System32\drivers\vga.sys => Invisible on the disk
ADDRESS : 0x01423000
SIZE : 56.0 Ko

DRIVER : C:\Windows\System32\drivers\VIDEOPRT.SYS => Invisible on the disk
ADDRESS : 0x011CD000
SIZE : 148.0 Ko

DRIVER : C:\Windows\System32\drivers\watchdog.sys => Invisible on the disk
ADDRESS : 0x01200000
SIZE : 64.0 Ko

DRIVER : C:\Windows\System32\DRIVERS\RDPCDD.sys => Invisible on the disk
ADDRESS : 0x01431000
SIZE : 36.0 Ko

DRIVER : C:\Windows\system32\drivers\rdpencdd.sys => Invisible on the disk
ADDRESS : 0x015F7000
SIZE : 36.0 Ko

DRIVER : C:\Windows\system32\drivers\rdprefmp.sys => Invisible on the disk
ADDRESS : 0x011F2000
SIZE : 36.0 Ko

DRIVER : C:\Windows\System32\Drivers\Msfs.SYS => Invisible on the disk
ADDRESS : 0x01000000
SIZE : 44.0 Ko

DRIVER : C:\Windows\System32\Drivers\Npfs.SYS => Invisible on the disk
ADDRESS : 0x0100B000
SIZE : 68.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\tdx.sys => Invisible on the disk
ADDRESS : 0x00FE0000
SIZE : 120.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\TDI.SYS => Invisible on the disk
ADDRESS : 0x00E00000
SIZE : 52.0 Ko

DRIVER : C:\Windows\system32\drivers\afd.sys => Invisible on the disk
ADDRESS : 0x02CDC000
SIZE : 552.0 Ko

DRIVER : C:\Windows\System32\DRIVERS\netbt.sys => Invisible on the disk
ADDRESS : 0x02D66000
SIZE : 276.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\wfplwf.sys => Invisible on the disk
ADDRESS : 0x02DAB000
SIZE : 36.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\pacer.sys => Invisible on the disk
ADDRESS : 0x02DB4000
SIZE : 152.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\netbios.sys => Invisible on the disk
ADDRESS : 0x02DDA000
SIZE : 60.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\wanarp.sys => Invisible on the disk
ADDRESS : 0x02C00000
SIZE : 108.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\termdd.sys => Invisible on the disk
ADDRESS : 0x02C1B000
SIZE : 80.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\rdbss.sys => Invisible on the disk
ADDRESS : 0x02C2F000
SIZE : 324.0 Ko

DRIVER : C:\Windows\system32\drivers\nsiproxy.sys => Invisible on the disk
ADDRESS : 0x02C80000
SIZE : 48.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\mssmbios.sys => Invisible on the disk
ADDRESS : 0x02C8C000
SIZE : 44.0 Ko

DRIVER : C:\Windows\System32\drivers\discache.sys => Invisible on the disk
ADDRESS : 0x02C97000
SIZE : 60.0 Ko

DRIVER : C:\Windows\system32\drivers\csc.sys => Invisible on the disk
ADDRESS : 0x03A60000
SIZE : 524.0 Ko

DRIVER : C:\Windows\System32\Drivers\dfsc.sys => Invisible on the disk
ADDRESS : 0x03AE3000
SIZE : 120.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\blbdrive.sys => Invisible on the disk
ADDRESS : 0x03B01000
SIZE : 68.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\tunnel.sys => Invisible on the disk
ADDRESS : 0x03B12000
SIZE : 152.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\atikmdag.sys => Invisible on the disk
ADDRESS : 0x03C41000
SIZE : 6.09 Mo

DRIVER : C:\Windows\System32\drivers\dxgkrnl.sys => Invisible on the disk
ADDRESS : 0x04258000
SIZE : 976.0 Ko

DRIVER : C:\Windows\System32\drivers\dxgmms1.sys => Invisible on the disk
ADDRESS : 0x0434C000
SIZE : 280.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\HDAudBus.sys => Invisible on the disk
ADDRESS : 0x04392000
SIZE : 144.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\usbuhci.sys => Invisible on the disk
ADDRESS : 0x043B6000
SIZE : 52.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\USBPORT.SYS => Invisible on the disk
ADDRESS : 0x03B38000
SIZE : 344.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\usbehci.sys => Invisible on the disk
ADDRESS : 0x043C3000
SIZE : 68.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\netw5v64.sys => Invisible on the disk
ADDRESS : 0x04827000
SIZE : 5.23 Mo

DRIVER : C:\Windows\system32\DRIVERS\k57nd60a.sys => Invisible on the disk
ADDRESS : 0x04D62000
SIZE : 288.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\1394ohci.sys => Invisible on the disk
ADDRESS : 0x04DAA000
SIZE : 248.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\sdbus.sys => Invisible on the disk
ADDRESS : 0x04800000
SIZE : 128.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\i8042prt.sys => Invisible on the disk
ADDRESS : 0x043D4000
SIZE : 120.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\kbdclass.sys => Invisible on the disk
ADDRESS : 0x04DE8000
SIZE : 60.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\mouclass.sys => Invisible on the disk
ADDRESS : 0x03C00000
SIZE : 60.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\GEARAspiWDM.sys => Invisible on the disk
ADDRESS : 0x04DF7000
SIZE : 28.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\intelppm.sys => Invisible on the disk
ADDRESS : 0x03C0F000
SIZE : 88.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\wmiacpi.sys => Invisible on the disk
ADDRESS : 0x03C25000
SIZE : 36.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\CmBatt.sys => Invisible on the disk
ADDRESS : 0x04820000
SIZE : 20.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\CompositeBus.sys => Invisible on the disk
ADDRESS : 0x03C2E000
SIZE : 64.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\Epfwndis.sys => Invisible on the disk
ADDRESS : 0x043F2000
SIZE : 44.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\AgileVpn.sys => Invisible on the disk
ADDRESS : 0x03B8E000
SIZE : 88.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\rasl2tp.sys => Invisible on the disk
ADDRESS : 0x03BA4000
SIZE : 144.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\ndistapi.sys => Invisible on the disk
ADDRESS : 0x03BC8000
SIZE : 48.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\ndiswan.sys => Invisible on the disk
ADDRESS : 0x03A00000
SIZE : 188.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\raspppoe.sys => Invisible on the disk
ADDRESS : 0x03A2F000
SIZE : 108.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\raspptp.sys => Invisible on the disk
ADDRESS : 0x03BD4000
SIZE : 132.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\rassstp.sys => Invisible on the disk
ADDRESS : 0x02CA6000
SIZE : 104.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\rdpbus.sys => Invisible on the disk
ADDRESS : 0x03BF5000
SIZE : 44.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\swenum.sys => Invisible on the disk
ADDRESS : 0x04825000
SIZE : 8.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\ks.sys => Invisible on the disk
ADDRESS : 0x00C00000
SIZE : 268.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\umbus.sys => Invisible on the disk
ADDRESS : 0x03A4A000
SIZE : 72.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\usbhub.sys => Invisible on the disk
ADDRESS : 0x050CA000
SIZE : 360.0 Ko

DRIVER : C:\Windows\System32\Drivers\NDProxy.SYS => Invisible on the disk
ADDRESS : 0x05124000
SIZE : 84.0 Ko

DRIVER : C:\Windows\system32\drivers\AtiHdmi.sys => Invisible on the disk
ADDRESS : 0x05139000
SIZE : 128.0 Ko

DRIVER : C:\Windows\system32\drivers\portcls.sys => Invisible on the disk
ADDRESS : 0x05159000
SIZE : 244.0 Ko

DRIVER : C:\Windows\system32\drivers\drmk.sys => Invisible on the disk
ADDRESS : 0x05196000
SIZE : 136.0 Ko

DRIVER : C:\Windows\system32\drivers\ksthunk.sys => Invisible on the disk
ADDRESS : 0x051B8000
SIZE : 24.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\stwrt64.sys => Invisible on the disk
ADDRESS : 0x05000000
SIZE : 508.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\usbccgp.sys => Invisible on the disk
ADDRESS : 0x0507F000
SIZE : 116.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\USBD.SYS => Invisible on the disk
ADDRESS : 0x0509C000
SIZE : 8.0 Ko

DRIVER : C:\Windows\System32\Drivers\usbvideo.sys => Invisible on the disk
ADDRESS : 0x051BE000
SIZE : 184.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\hidusb.sys => Invisible on the disk
ADDRESS : 0x051EC000
SIZE : 56.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\HIDCLASS.SYS => Invisible on the disk
ADDRESS : 0x0509E000
SIZE : 100.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\HIDPARSE.SYS => Invisible on the disk
ADDRESS : 0x050B7000
SIZE : 36.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\mouhid.sys => Invisible on the disk
ADDRESS : 0x02CC0000
SIZE : 52.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\kbdhid.sys => Invisible on the disk
ADDRESS : 0x02CCD000
SIZE : 56.0 Ko

DRIVER : C:\Windows\System32\Drivers\crashdmp.sys => Invisible on the disk
ADDRESS : 0x02DE9000
SIZE : 56.0 Ko

DRIVER : C:\Windows\System32\Drivers\dump_dumpata.sys => Invisible on the disk
ADDRESS : 0x01600000
SIZE : 48.0 Ko

DRIVER : C:\Windows\System32\Drivers\dump_msahci.sys => Invisible on the disk
ADDRESS : 0x0160C000
SIZE : 44.0 Ko

DRIVER : C:\Windows\System32\Drivers\dump_dumpfve.sys => Invisible on the disk
ADDRESS : 0x01400000
SIZE : 76.0 Ko

DRIVER : C:\Windows\System32\win32k.sys => Invisible on the disk
ADDRESS : 0x00030000
SIZE : 3.06 Mo

DRIVER : C:\Windows\System32\drivers\Dxapi.sys => Invisible on the disk
ADDRESS : 0x00E0D000
SIZE : 48.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\monitor.sys => Invisible on the disk
ADDRESS : 0x00E19000
SIZE : 56.0 Ko

DRIVER : C:\Windows\System32\TSDDD.dll => Invisible on the disk
ADDRESS : 0x00590000
SIZE : 40.0 Ko

DRIVER : C:\Windows\System32\cdd.dll => Invisible on the disk
ADDRESS : 0x007D0000
SIZE : 156.0 Ko

DRIVER : C:\Windows\system32\drivers\luafv.sys => Invisible on the disk
ADDRESS : 0x00DC0000
SIZE : 140.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\eamon.sys => Invisible on the disk
ADDRESS : 0x022CA000
SIZE : 776.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\epfw.sys => Invisible on the disk
ADDRESS : 0x0238C000
SIZE : 172.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\lltdio.sys => Invisible on the disk
ADDRESS : 0x023B7000
SIZE : 84.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\nwifi.sys => Invisible on the disk
ADDRESS : 0x02200000
SIZE : 332.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\ndisuio.sys => Invisible on the disk
ADDRESS : 0x02253000
SIZE : 76.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\rspndr.sys => Invisible on the disk
ADDRESS : 0x02266000
SIZE : 96.0 Ko

DRIVER : C:\Windows\system32\drivers\HTTP.sys => Invisible on the disk
ADDRESS : 0x024DE000
SIZE : 800.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\bowser.sys => Invisible on the disk
ADDRESS : 0x025A6000
SIZE : 120.0 Ko

DRIVER : C:\Windows\System32\drivers\mpsdrv.sys => Invisible on the disk
ADDRESS : 0x025C4000
SIZE : 96.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\mrxsmb.sys => Invisible on the disk
ADDRESS : 0x02400000
SIZE : 176.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\mrxsmb10.sys => Invisible on the disk
ADDRESS : 0x0242C000
SIZE : 308.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\mrxsmb20.sys => Invisible on the disk
ADDRESS : 0x02479000
SIZE : 140.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\epfwwfp.sys => Invisible on the disk
ADDRESS : 0x0249C000
SIZE : 64.0 Ko

DRIVER : C:\Windows\system32\DRIVERS\idmwfp.sys => Invisible on the disk
ADDRESS : 0x024AC000
SIZE : 172.0 Ko

DRIVER : C:\Windows\system32\drivers\peauth.sys => Invisible on the disk
ADDRESS : 0x0264E000
SIZE : 664.0 Ko

DRIVER : C:\Windows\System32\Drivers\secdrv.SYS => Invisible on the disk
ADDRESS : 0x026F4000
SIZE : 44.0 Ko

DRIVER : C:\Windows\System32\DRIVERS\srvnet.sys => Invisible on the disk
ADDRESS : 0x026FF000
SIZE : 180.0 Ko

DRIVER : C:\Windows\System32\drivers\tcpipreg.sys => Invisible on the disk
ADDRESS : 0x0272C000
SIZE : 72.0 Ko

DRIVER : C:\Windows\System32\DRIVERS\srv2.sys => Invisible on the disk
ADDRESS : 0x0273E000
SIZE : 420.0 Ko

DRIVER : C:\Windows\System32\DRIVERS\srv.sys => Invisible on the disk
ADDRESS : 0x028B0000
SIZE : 608.0 Ko

DRIVER : C:\Windows\System32\Drivers\fastfat.SYS => Invisible on the disk
ADDRESS : 0x02948000
SIZE : 216.0 Ko

DRIVER : C:\Windows\system32\drivers\spsys.sys => Invisible on the disk
ADDRESS : 0x0297E000
SIZE : 452.0 Ko

DRIVER : C:\Windows\System32\smss.exe => Invisible on the disk
ADDRESS : 0x47B20000
SIZE : 128.0 Ko

BCD EmsSettings {0CE4991B-E6B3-4B16-B23C-5E0D9250E5D9} => BcdLibraryBoolean_EmsEnabled (16000020)

SystemStartOptions : NOEXECUTE=OPTIN

________________________________________________________________________________

_____FAKED \Device\Harddisk0\DR0

0x00000000 45 46 49 20 50 41 52 54 00 00 01 00 5C 00 00 00 EFI PART....\...
0x00000010 F6 93 CB 03 00 00 00 00 01 00 00 00 00 00 00 00 ö.Ë.............
0x00000020 5B DB E0 E8 00 00 00 00 22 00 00 00 00 00 00 00 [Ûàè....".......
0x00000030 3A DB E0 E8 00 00 00 00 75 3E 85 F8 28 11 9F 4E :Ûàè....u>.ø(..N
0x00000040 A7 54 B4 CF FD 2B AF 93 02 00 00 00 00 00 00 00 §T´Ïý+¯.........
0x00000050 80 00 00 00 80 00 00 00 58 9A D5 79 00 00 00 00 ........X.Õy....
0x00000060 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x00000070 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x00000080 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x00000090 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x000000A0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x000000B0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x000000C0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x000000D0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x000000E0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x000000F0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x00000100 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x00000110 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x00000120 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x00000130 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x00000140 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x00000150 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x00000160 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x00000170 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x00000180 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x00000190 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x000001A0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x000001B0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x000001C0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x000001D0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x000001E0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x000001F0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................

__ORIGINAL \Device\Harddisk0\DR0

0x00000000 EB 63 90 00 00 00 00 00 00 00 00 00 00 00 00 00 ëc..............
0x00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x00000020 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x00000030 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x00000040 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x00000050 00 00 00 00 00 00 00 00 00 00 00 80 B0 CA 82 E8 ............°Ê.è
0x00000060 00 00 00 00 FF FA 90 90 F6 C2 80 75 02 B2 80 EA .....ú..öÂ.u.².ê
0x00000070 74 7C 00 00 31 C0 8E D8 8E D0 BC 00 20 FB A0 64 t|..1À.Ø.м. û.d
0x00000080 7C 3C FF 74 02 88 C2 52 BB 17 04 80 27 03 74 06 |<.t..ÂR»...'.t.
0x00000090 BE 88 7D E8 1C 01 BE 05 7C F6 C2 80 74 48 B4 41 ¾.}è..¾.|öÂ.tH´A
0x000000A0 BB AA 55 CD 13 5A 52 72 3D 81 FB 55 AA 75 37 83 »ªUÍ.ZRr=.ûUªu7.
0x000000B0 E1 01 74 32 31 C0 89 44 04 40 88 44 FF 89 44 02 á.t21À.D.@.D..D.
0x000000C0 C7 04 10 00 66 8B 1E 5C 7C 66 89 5C 08 66 8B 1E Ç...f..\|f.\.f..
0x000000D0 60 7C 66 89 5C 0C C7 44 06 00 70 B4 42 CD 13 72 `|f.\.ÇD..p´BÍ.r
0x000000E0 05 BB 00 70 EB 76 B4 08 CD 13 73 0D F6 C2 80 0F .».pëv´.Í.s.öÂ..
0x000000F0 84 D0 00 BE 93 7D E9 82 00 66 0F B6 C6 88 64 FF .Ð.¾.}é..f.¶Æ.d.
0x00000100 40 66 89 44 04 0F B6 D1 C1 E2 02 88 E8 88 F4 40 @f.D..¶ÑÁâ..è.ô@
0x00000110 89 44 08 0F B6 C2 C0 E8 02 66 89 04 66 A1 60 7C .D..¶ÂÀè.f..f¡`|
0x00000120 66 09 C0 75 4E 66 A1 5C 7C 66 31 D2 66 F7 34 88 f.ÀuNf¡\|f1Òf÷4.
0x00000130 D1 31 D2 66 F7 74 04 3B 44 08 7D 37 FE C1 88 C5 Ñ1Òf÷t.;D.}7þÁ.Å
0x00000140 30 C0 C1 E8 02 08 C1 88 D0 5A 88 C6 BB 00 70 8E 0ÀÁè..Á.ÐZ.Æ».p.
0x00000150 C3 31 DB B8 01 02 CD 13 72 1E 8C C3 60 1E B9 00 Ã1Û¸..Í.r..Ã`.¹.
0x00000160 01 8E DB 31 F6 BF 00 80 8E C6 FC F3 A5 1F 61 FF ..Û1ö¿...Æüó¥.a.
0x00000170 26 5A 7C BE 8E 7D EB 03 BE 9D 7D E8 34 00 BE A2 &Z|¾.}ë.¾.}è4.¾¢
0x00000180 7D E8 2E 00 CD 18 EB FE 47 52 55 42 20 00 47 65 }è..Í.ëþGRUB .Ge
0x00000190 6F 6D 00 48 61 72 64 20 44 69 73 6B 00 52 65 61 om.Hard Disk.Rea
0x000001A0 64 00 20 45 72 72 6F 72 0D 0A 00 BB 01 00 B4 0E d. Error...»..´.
0x000001B0 CD 10 AC 3C 00 75 F4 C3 F8 6E 5A 7A 00 00 00 00 Í.¬<.uôÃønZz....
0x000001C0 01 00 EE FE FF FF 01 00 00 00 5B DB E0 E8 00 00 ..îþ......[Ûàè..
0x000001D0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x000001E0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0x000001F0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 55 AA ..............Uª

_______MBR \Device\Harddisk1\DR1

0x00000000 33 C0 8E D0 BC 00 7C 8E C0 8E D8 BE 00 7C BF 00 3À.м.|.À.ؾ.|¿.
0x00000010 06 B9 00 02 FC F3 A4 50 68 1C 06 CB FB B9 04 00 .¹..üó¤Ph..Ëû¹..
0x00000020 BD BE 07 80 7E 00 00 7C 0B 0F 85 0E 01 83 C5 10 ½¾..~..|......Å.
0x00000030 E2 F1 CD 18 88 56 00 55 C6 46 11 05 C6 46 10 00 âñÍ..V.UÆF..ÆF..
0x00000040 B4 41 BB AA 55 CD 13 5D 72 0F 81 FB 55 AA 75 09 ´A»ªUÍ.]r..ûUªu.
0x00000050 F7 C1 01 00 74 03 FE 46 10 66 60 80 7E 10 00 74 ÷Á..t.þF.f`.~..t
0x00000060 26 66 68 00 00 00 00 66 FF 76 08 68 00 00 68 00 &fh....f.v.h..h.
0x00000070 7C 68 01 00 68 10 00 B4 42 8A 56 00 8B F4 CD 13 |h..h..´B.V..ôÍ.
0x00000080 9F 83 C4 10 9E EB 14 B8 01 02 BB 00 7C 8A 56 00 ..Ä..ë.¸..».|.V.
0x00000090 8A 76 01 8A 4E 02 8A 6E 03 CD 13 66 61 73 1C FE .v..N..n.Í.fas.þ
0x000000A0 4E 11 75 0C 80 7E 00 80 0F 84 8A 00 B2 80 EB 84 N.u..~......².ë.
0x000000B0 55 32 E4 8A 56 00 CD 13 5D EB 9E 81 3E FE 7D 55 U2ä.V.Í.]ë..>þ}U
0x000000C0 AA 75 6E FF 76 00 E8 8D 00 75 17 FA B0 D1 E6 64 ªun.v.è..u.ú°Ñæd
0x000000D0 E8 83 00 B0 DF E6 60 E8 7C 00 B0 FF E6 64 E8 75 è..°ßæ`è|.°.ædèu
0x000000E0 00 FB B8 00 BB CD 1A 66 23 C0 75 3B 66 81 FB 54 .û¸.»Í.f#Àu;f.ûT
0x000000F0 43 50 41 75 32 81 F9 02 01 72 2C 66 68 07 BB 00 CPAu2.ù..r,fh.».
0x00000100 00 66 68 00 02 00 00 66 68 08 00 00 00 66 53 66 .fh....fh....fSf
0x00000110 53 66 55 66 68 00 00 00 00 66 68 00 7C 00 00 66 SfUfh....fh.|..f
0x00000120 61 68 00 00 07 CD 1A 5A 32 F6 EA 00 7C 00 00 CD ah...Í.Z2öê.|..Í
0x00000130 18 A0 B7 07 EB 08 A0 B6 07 EB 03 A0 B5 07 32 E4 ..·.ë..¶.ë..µ.2ä
0x00000140 05 00 07 8B F0 AC 3C 00 74 09 BB 07 00 B4 0E CD ....ð¬<.t.»..´.Í
0x00000150 10 EB F2 F4 EB FD 2B C9 E4 64 EB 00 24 02 E0 F8 .ëòôëý+Éädë.$.àø
0x00000160 24 02 C3 49 6E 76 61 6C 69 64 20 70 61 72 74 69 $.ÃInvalid parti
0x00000170 74 69 6F 6E 20 74 61 62 6C 65 00 45 72 72 6F 72 tion table.Error
0x00000180 20 6C 6F 61 64 69 6E 67 20 6F 70 65 72 61 74 69 loading operati
0x00000190 6E 67 20 73 79 73 74 65 6D 00 4D 69 73 73 69 6E ng system.Missin
0x000001A0 67 20 6F 70 65 72 61 74 69 6E 67 20 73 79 73 74 g operating syst
0x000001B0 65 6D 00 00 00 63 7B 9A 00 00 00 B0 00 00 00 01 em...c{....°....
0x000001C0 01 00 42 20 20 00 3F 00 00 00 C1 07 00 00 80 20 ..B .?...Á....
0x000001D0 21 00 42 DF 13 0C 00 08 00 00 00 20 03 00 00 DF !.Bß....... ...ß
0x000001E0 14 0C 42 FE FF FF 00 28 03 00 00 B8 3F 25 00 FE ..Bþ...(...¸?%.þ
0x000001F0 FF FF 42 FE FF FF 00 E0 42 25 B0 02 00 00 55 AA ..Bþ...àB%°...Uª

[valdoDK]

A tu teda prikladam este TDSS log

15:31:07.0491 4828 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
15:31:08.0252 4828 ============================================================
15:31:08.0252 4828 Current date / time: 2013/03/02 15:31:08.0252
15:31:08.0252 4828 SystemInfo:
15:31:08.0252 4828
15:31:08.0252 4828 OS Version: 6.1.7600 ServicePack: 0.0
15:31:08.0252 4828 Product type: Workstation
15:31:08.0252 4828 ComputerName: MRVOPI-PC
15:31:08.0252 4828 UserName: MrVopi
15:31:08.0252 4828 Windows directory: C:\Windows
15:31:08.0252 4828 System windows directory: C:\Windows
15:31:08.0252 4828 Running under WOW64
15:31:08.0252 4828 Processor architecture: Intel x64
15:31:08.0252 4828 Number of processors: 2
15:31:08.0252 4828 Page size: 0x1000
15:31:08.0252 4828 Boot type: Normal boot
15:31:08.0252 4828 ============================================================
15:31:09.0202 4828 Drive \Device\Harddisk1\DR1 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:31:09.0255 4828 Drive \Device\Harddisk0\DR0 - Size: 0x1D1C1B6B800 (1863.03 Gb), SectorSize: 0x200, Cylinders: 0x3B602, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:31:09.0259 4828 ============================================================
15:31:09.0259 4828 \Device\Harddisk1\DR1:
15:31:09.0260 4828 MBR partitions:
15:31:09.0260 4828 \Device\Harddisk0\DR0:
15:31:09.0260 4828 GPT partitions:
15:31:09.0269 4828 \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {D54E53EB-139F-436F-AD91-14434AD88D76}, Name: EFI System Partition, StartLBA 0x28, BlocksNum 0x64000
15:31:09.0269 4828 \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {7C582EB6-2852-41B3-BF2E-740B3BF62F6C}, Name: Basic data partition, StartLBA 0x64800, BlocksNum 0xE863561B
15:31:09.0269 4828 \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {3F482E21-5A67-44CD-B9DB-D70916F3B3CD}, Name: , StartLBA 0xE869A000, BlocksNum 0x714000
15:31:09.0269 4828 \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {0657FD6D-A4AB-43C4-84E5-0933C84B4F4F}, UniqueGUID: {20B07EA4-766E-4B8E-992F-48B06E6E3946}, Name: , StartLBA 0xE8DAE000, BlocksNum 0x5F800
15:31:09.0269 4828 MBR partitions:
15:31:09.0269 4828 ============================================================
15:31:09.0300 4828 E: <-> \Device\Harddisk0\DR0\Partition2
15:31:09.0321 4828 ============================================================
15:31:09.0321 4828 Initialize success
15:31:09.0321 4828 ============================================================
15:31:38.0256 0692 ============================================================
15:31:38.0256 0692 Scan started
15:31:38.0256 0692 Mode: Manual; SigCheck; TDLFS;
15:31:38.0256 0692 ============================================================
15:31:38.0277 0692 ================ Scan system memory ========================
15:31:38.0277 0692 System memory - ok
15:31:38.0278 0692 ================ Scan services =============================
15:31:38.0305 0692 1394ohci - ok
15:31:38.0309 0692 ACPI - ok
15:31:38.0315 0692 AcpiPmi - ok
15:31:38.0332 0692 AdobeFlashPlayerUpdateSvc - ok
15:31:38.0343 0692 adp94xx - ok
15:31:38.0360 0692 adpahci - ok
15:31:38.0363 0692 adpu320 - ok
15:31:38.0368 0692 AeLookupSvc - ok
15:31:38.0392 0692 AESTFilters - ok
15:31:38.0424 0692 AFD - ok
15:31:38.0427 0692 agp440 - ok
15:31:38.0430 0692 ALG - ok
15:31:38.0433 0692 aliide - ok
15:31:38.0446 0692 AMD External Events Utility - ok
15:31:38.0449 0692 amdide - ok
15:31:38.0453 0692 AmdK8 - ok
15:31:38.0456 0692 AmdPPM - ok
15:31:38.0459 0692 amdsata - ok
15:31:38.0462 0692 amdsbs - ok
15:31:38.0465 0692 amdxata - ok
15:31:38.0473 0692 AppID - ok
15:31:38.0480 0692 AppIDSvc - ok
15:31:38.0484 0692 Appinfo - ok
15:31:38.0487 0692 Apple Mobile Device - ok
15:31:38.0507 0692 AppMgmt - ok
15:31:38.0510 0692 arc - ok
15:31:38.0513 0692 arcsas - ok
15:31:38.0520 0692 aspnet_state - ok
15:31:38.0527 0692 AsyncMac - ok
15:31:38.0531 0692 atapi - ok
15:31:38.0549 0692 AtiHdmiService - ok
15:31:38.0552 0692 atikmdag - ok
15:31:38.0555 0692 AudioEndpointBuilder - ok
15:31:38.0558 0692 AudioSrv - ok
15:31:38.0561 0692 AxInstSV - ok
15:31:38.0564 0692 b06bdrv - ok
15:31:38.0568 0692 b57nd60a - ok
15:31:38.0572 0692 BDESVC - ok
15:31:38.0577 0692 Beep - ok
15:31:38.0589 0692 BFE - ok
15:31:38.0592 0692 BITS - ok
15:31:38.0595 0692 blbdrive - ok
15:31:38.0598 0692 Bonjour Service - ok
15:31:38.0602 0692 bowser - ok
15:31:38.0605 0692 BrFiltLo - ok
15:31:38.0608 0692 BrFiltUp - ok
15:31:38.0612 0692 Browser - ok
15:31:38.0615 0692 Brserid - ok
15:31:38.0618 0692 BrSerWdm - ok
15:31:38.0622 0692 BrUsbMdm - ok
15:31:38.0625 0692 BrUsbSer - ok
15:31:38.0629 0692 BTHMODEM - ok
15:31:38.0633 0692 bthserv - ok
15:31:38.0636 0692 cdfs - ok
15:31:38.0640 0692 cdrom - ok
15:31:38.0656 0692 CertPropSvc - ok
15:31:38.0661 0692 circlass - ok
15:31:38.0665 0692 CLFS - ok
15:31:38.0668 0692 clr_optimization_v2.0.50727_32 - ok
15:31:38.0672 0692 clr_optimization_v2.0.50727_64 - ok
15:31:38.0690 0692 clr_optimization_v4.0.30319_32 - ok
15:31:38.0693 0692 clr_optimization_v4.0.30319_64 - ok
15:31:38.0697 0692 CmBatt - ok
15:31:38.0701 0692 cmdide - ok
15:31:38.0704 0692 CNG - ok
15:31:38.0707 0692 Compbatt - ok
15:31:38.0710 0692 CompositeBus - ok
15:31:38.0713 0692 COMSysApp - ok
15:31:38.0718 0692 crcdisk - ok
15:31:38.0722 0692 CryptSvc - ok
15:31:38.0725 0692 CSC - ok
15:31:38.0728 0692 CscService - ok
15:31:38.0733 0692 DcomLaunch - ok
15:31:38.0736 0692 defragsvc - ok
15:31:38.0739 0692 DfsC - ok
15:31:38.0742 0692 Dhcp - ok
15:31:38.0745 0692 discache - ok
15:31:38.0749 0692 Disk - ok
15:31:38.0752 0692 Dnscache - ok
15:31:38.0762 0692 DockLoginService - ok
15:31:38.0765 0692 dot3svc - ok
15:31:38.0769 0692 DPS - ok
15:31:38.0784 0692 drmkaud - ok
15:31:38.0787 0692 DXGKrnl - ok
15:31:38.0790 0692 eamon - ok
15:31:38.0793 0692 EapHost - ok
15:31:38.0796 0692 ebdrv - ok
15:31:38.0799 0692 EFS - ok
15:31:38.0802 0692 ehdrv - ok
15:31:38.0805 0692 ehRecvr - ok
15:31:38.0808 0692 ehSched - ok
15:31:38.0812 0692 EhttpSrv - ok
15:31:38.0818 0692 ekrn - ok
15:31:38.0822 0692 elxstor - ok
15:31:38.0825 0692 epfw - ok
15:31:38.0828 0692 Epfwndis - ok
15:31:38.0831 0692 epfwwfp - ok
15:31:38.0835 0692 ErrDev - ok
15:31:38.0841 0692 EventSystem - ok
15:31:38.0844 0692 exfat - ok
15:31:38.0847 0692 fastfat - ok
15:31:38.0851 0692 Fax - ok
15:31:38.0854 0692 fdc - ok
15:31:38.0857 0692 fdPHost - ok
15:31:38.0860 0692 FDResPub - ok
15:31:38.0863 0692 FileInfo - ok
15:31:38.0866 0692 Filetrace - ok
15:31:38.0870 0692 flpydisk - ok
15:31:38.0873 0692 FltMgr - ok
15:31:38.0876 0692 FontCache - ok
15:31:38.0879 0692 FontCache3.0.0.0 - ok
15:31:38.0882 0692 FsDepends - ok
15:31:38.0885 0692 Fs_Rec - ok
15:31:38.0889 0692 fvevol - ok
15:31:38.0892 0692 gagp30kx - ok
15:31:38.0896 0692 GEARAspiWDM - ok
15:31:38.0899 0692 gpsvc - ok
15:31:38.0902 0692 gupdate - ok
15:31:38.0905 0692 gupdatem - ok
15:31:38.0908 0692 gusvc - ok
15:31:38.0912 0692 hcw85cir - ok
15:31:38.0941 0692 HdAudAddService - ok
15:31:38.0951 0692 HDAudBus - ok
15:31:38.0955 0692 HidBatt - ok
15:31:38.0958 0692 HidBth - ok
15:31:38.0961 0692 HidIr - ok
15:31:38.0964 0692 hidserv - ok
15:31:38.0968 0692 HidUsb - ok
15:31:38.0971 0692 hkmsvc - ok
15:31:38.0974 0692 HomeGroupListener - ok
15:31:38.0977 0692 HomeGroupProvider - ok
15:31:38.0980 0692 HpSAMD - ok
15:31:38.0984 0692 HTTP - ok
15:31:38.0987 0692 hwpolicy - ok
15:31:38.0990 0692 i8042prt - ok
15:31:38.0993 0692 iaStorV - ok
15:31:39.0035 0692 IDMWFP - ok
15:31:39.0038 0692 idsvc - ok
15:31:39.0041 0692 iirsp - ok
15:31:39.0045 0692 IKEEXT - ok
15:31:39.0049 0692 intelide - ok
15:31:39.0052 0692 intelppm - ok
15:31:39.0056 0692 IPBusEnum - ok
15:31:39.0059 0692 IpFilterDriver - ok
15:31:39.0062 0692 iphlpsvc - ok
15:31:39.0065 0692 IPMIDRV - ok
15:31:39.0068 0692 IPNAT - ok
15:31:39.0071 0692 iPod Service - ok
15:31:39.0074 0692 IRENUM - ok
15:31:39.0077 0692 isapnp - ok
15:31:39.0080 0692 iScsiPrt - ok
15:31:39.0104 0692 k57nd60a - ok
15:31:39.0107 0692 kbdclass - ok
15:31:39.0110 0692 kbdhid - ok
15:31:39.0113 0692 KeyIso - ok
15:31:39.0116 0692 KSecDD - ok
15:31:39.0120 0692 KSecPkg - ok
15:31:39.0123 0692 ksthunk - ok
15:31:39.0126 0692 KtmRm - ok
15:31:39.0129 0692 LanmanServer - ok
15:31:39.0132 0692 LanmanWorkstation - ok
15:31:39.0143 0692 lltdio - ok
15:31:39.0146 0692 lltdsvc - ok
15:31:39.0149 0692 lmhosts - ok
15:31:39.0153 0692 LSI_FC - ok
15:31:39.0156 0692 LSI_SAS - ok
15:31:39.0159 0692 LSI_SAS2 - ok
15:31:39.0163 0692 LSI_SCSI - ok
15:31:39.0166 0692 luafv - ok
15:31:39.0169 0692 Mcx2Svc - ok
15:31:39.0172 0692 megasas - ok
15:31:39.0175 0692 MegaSR - ok
15:31:39.0179 0692 MMCSS - ok
15:31:39.0182 0692 Modem - ok
15:31:39.0185 0692 monitor - ok
15:31:39.0188 0692 mouclass - ok
15:31:39.0191 0692 mouhid - ok
15:31:39.0195 0692 mountmgr - ok
15:31:39.0199 0692 mpio - ok
15:31:39.0202 0692 mpsdrv - ok
15:31:39.0205 0692 MpsSvc - ok
15:31:39.0208 0692 MRxDAV - ok
15:31:39.0211 0692 mrxsmb - ok
15:31:39.0214 0692 mrxsmb10 - ok
15:31:39.0217 0692 mrxsmb20 - ok
15:31:39.0221 0692 msahci - ok
15:31:39.0224 0692 msdsm - ok
15:31:39.0227 0692 MSDTC - ok
15:31:39.0232 0692 Msfs - ok
15:31:39.0236 0692 mshidkmdf - ok
15:31:39.0239 0692 msisadrv - ok
15:31:39.0243 0692 MSiSCSI - ok
15:31:39.0246 0692 msiserver - ok
15:31:39.0249 0692 MSKSSRV - ok
15:31:39.0252 0692 MSPCLOCK - ok
15:31:39.0256 0692 MSPQM - ok
15:31:39.0259 0692 MsRPC - ok
15:31:39.0263 0692 mssmbios - ok
15:31:39.0267 0692 MSTEE - ok
15:31:39.0270 0692 MTConfig - ok
15:31:39.0273 0692 Mup - ok
15:31:39.0276 0692 napagent - ok
15:31:39.0300 0692 NativeWifiP - ok
15:31:39.0304 0692 NDIS - ok
15:31:39.0307 0692 NdisCap - ok
15:31:39.0310 0692 NdisTapi - ok
15:31:39.0314 0692 Ndisuio - ok
15:31:39.0317 0692 NdisWan - ok
15:31:39.0320 0692 NDProxy - ok
15:31:39.0324 0692 NetBIOS - ok
15:31:39.0327 0692 NetBT - ok
15:31:39.0330 0692 Netlogon - ok
15:31:39.0334 0692 Netman - ok
15:31:39.0336 0692 NetMsmqActivator - ok
15:31:39.0339 0692 NetPipeActivator - ok
15:31:39.0342 0692 netprofm - ok
15:31:39.0346 0692 NetTcpActivator - ok
15:31:39.0349 0692 NetTcpPortSharing - ok
15:31:39.0352 0692 netw5v64 - ok
15:31:39.0355 0692 nfrd960 - ok
15:31:39.0368 0692 NlaSvc - ok
15:31:39.0371 0692 Npfs - ok
15:31:39.0374 0692 nsi - ok
15:31:39.0377 0692 nsiproxy - ok
15:31:39.0382 0692 Ntfs - ok
15:31:39.0385 0692 Null - ok
15:31:39.0388 0692 nvraid - ok
15:31:39.0391 0692 nvstor - ok
15:31:39.0395 0692 nv_agp - ok
15:31:39.0398 0692 ohci1394 - ok
15:31:39.0402 0692 p2pimsvc - ok
15:31:39.0405 0692 p2psvc - ok
15:31:39.0408 0692 Parport - ok
15:31:39.0411 0692 partmgr - ok
15:31:39.0415 0692 PcaSvc - ok
15:31:39.0417 0692 pci - ok
15:31:39.0420 0692 pciide - ok
15:31:39.0423 0692 pcmcia - ok
15:31:39.0426 0692 pcw - ok
15:31:39.0429 0692 PEAUTH - ok
15:31:39.0433 0692 PeerDistSvc - ok
15:31:39.0437 0692 PerfHost - ok
15:31:39.0444 0692 pla - ok
15:31:39.0447 0692 PlugPlay - ok
15:31:39.0451 0692 PNRPAutoReg - ok
15:31:39.0454 0692 PNRPsvc - ok
15:31:39.0457 0692 PolicyAgent - ok
15:31:39.0461 0692 Power - ok
15:31:39.0464 0692 PptpMiniport - ok
15:31:39.0468 0692 Processor - ok
15:31:39.0471 0692 ProfSvc - ok
15:31:39.0475 0692 ProtectedStorage - ok
15:31:39.0478 0692 Psched - ok
15:31:39.0482 0692 ql2300 - ok
15:31:39.0485 0692 ql40xx - ok
15:31:39.0488 0692 QWAVE - ok
15:31:39.0491 0692 QWAVEdrv - ok
15:31:39.0494 0692 RasAcd - ok
15:31:39.0497 0692 RasAgileVpn - ok
15:31:39.0501 0692 RasAuto - ok
15:31:39.0504 0692 Rasl2tp - ok
15:31:39.0506 0692 RasMan - ok
15:31:39.0510 0692 RasPppoe - ok
15:31:39.0513 0692 RasSstp - ok
15:31:39.0517 0692 rdbss - ok
15:31:39.0520 0692 rdpbus - ok
15:31:39.0523 0692 RDPCDD - ok
15:31:39.0528 0692 RDPDR - ok
15:31:39.0531 0692 RDPENCDD - ok
15:31:39.0537 0692 RDPREFMP - ok
15:31:39.0540 0692 RDPWD - ok
15:31:39.0543 0692 rdyboost - ok
15:31:39.0546 0692 RemoteAccess - ok
15:31:39.0549 0692 RemoteRegistry - ok
15:31:39.0552 0692 RpcEptMapper - ok
15:31:39.0556 0692 RpcLocator - ok
15:31:39.0559 0692 RpcSs - ok
15:31:39.0562 0692 rspndr - ok
15:31:39.0565 0692 s3cap - ok
15:31:39.0568 0692 SamSs - ok
15:31:39.0571 0692 sbp2port - ok
15:31:39.0574 0692 SCardSvr - ok
15:31:39.0577 0692 scfilter - ok
15:31:39.0580 0692 Schedule - ok
15:31:39.0583 0692 SCPolicySvc - ok
15:31:39.0586 0692 sdbus - ok
15:31:39.0589 0692 SDRSVC - ok
15:31:39.0592 0692 secdrv - ok
15:31:39.0596 0692 seclogon - ok
15:31:39.0599 0692 SENS - ok
15:31:39.0602 0692 SensrSvc - ok
15:31:39.0606 0692 Serenum - ok
15:31:39.0609 0692 Serial - ok
15:31:39.0612 0692 sermouse - ok
15:31:39.0620 0692 SessionEnv - ok
15:31:39.0623 0692 sffdisk - ok
15:31:39.0626 0692 sffp_mmc - ok
15:31:39.0629 0692 sffp_sd - ok
15:31:39.0632 0692 sfloppy - ok
15:31:39.0635 0692 SharedAccess - ok
15:31:39.0638 0692 ShellHWDetection - ok
15:31:39.0641 0692 SiSRaid2 - ok
15:31:39.0647 0692 SiSRaid4 - ok
15:31:39.0650 0692 Smb - ok
15:31:39.0656 0692 SNMPTRAP - ok
15:31:39.0659 0692 spldr - ok
15:31:39.0662 0692 Spooler - ok
15:31:39.0665 0692 sppsvc - ok
15:31:39.0669 0692 sppuinotify - ok
15:31:39.0672 0692 srv - ok
15:31:39.0675 0692 srv2 - ok
15:31:39.0678 0692 srvnet - ok
15:31:39.0681 0692 SSDPSRV - ok
15:31:39.0684 0692 SstpSvc - ok
15:31:39.0688 0692 STacSV - ok
15:31:39.0691 0692 stexstor - ok
15:31:39.0707 0692 STHDA - ok
15:31:39.0710 0692 stisvc - ok
15:31:39.0714 0692 storflt - ok
15:31:39.0717 0692 StorSvc - ok
15:31:39.0720 0692 storvsc - ok
15:31:39.0723 0692 swenum - ok
15:31:39.0726 0692 swprv - ok
15:31:39.0729 0692 SysMain - ok
15:31:39.0732 0692 TabletInputService - ok
15:31:39.0735 0692 TapiSrv - ok
15:31:39.0738 0692 TBS - ok
15:31:39.0741 0692 Tcpip - ok
15:31:39.0744 0692 TCPIP6 - ok
15:31:39.0749 0692 tcpipreg - ok
15:31:39.0754 0692 TDPIPE - ok
15:31:39.0757 0692 TDTCP - ok
15:31:39.0761 0692 tdx - ok
15:31:39.0764 0692 TeamViewer8 - ok
15:31:39.0767 0692 TermDD - ok
15:31:39.0771 0692 TermService - ok
15:31:39.0774 0692 Themes - ok
15:31:39.0777 0692 THREADORDER - ok
15:31:39.0781 0692 TrkWks - ok
15:31:39.0784 0692 TrustedInstaller - ok
15:31:39.0789 0692 tssecsrv - ok
15:31:39.0792 0692 tunnel - ok
15:31:39.0795 0692 uagp35 - ok
15:31:39.0798 0692 udfs - ok
15:31:39.0805 0692 UI0Detect - ok
15:31:39.0808 0692 uliagpkx - ok
15:31:39.0811 0692 umbus - ok
15:31:39.0815 0692 UmPass - ok
15:31:39.0818 0692 UmRdpService - ok
15:31:39.0821 0692 upnphost - ok
15:31:39.0825 0692 usbccgp - ok
15:31:39.0828 0692 usbcir - ok
15:31:39.0831 0692 usbehci - ok
15:31:39.0834 0692 usbhub - ok
15:31:39.0837 0692 usbohci - ok
15:31:39.0840 0692 usbprint - ok
15:31:39.0844 0692 USBSTOR - ok
15:31:39.0847 0692 usbuhci - ok
15:31:39.0864 0692 usbvideo - ok
15:31:39.0867 0692 UxSms - ok
15:31:39.0870 0692 VaultSvc - ok
15:31:39.0873 0692 vdrvroot - ok
15:31:39.0876 0692 vds - ok
15:31:39.0879 0692 vga - ok
15:31:39.0882 0692 VgaSave - ok
15:31:39.0886 0692 vhdmp - ok
15:31:39.0889 0692 viaide - ok
15:31:39.0892 0692 vmbus - ok
15:31:39.0897 0692 VMBusHID - ok
15:31:39.0900 0692 volmgr - ok
15:31:39.0903 0692 volmgrx - ok
15:31:39.0906 0692 volsnap - ok
15:31:39.0910 0692 vsmraid - ok
15:31:39.0913 0692 VSS - ok
15:31:39.0916 0692 vwifibus - ok
15:31:39.0920 0692 W32Time - ok
15:31:39.0925 0692 WacomPen - ok
15:31:39.0928 0692 WANARP - ok
15:31:39.0932 0692 Wanarpv6 - ok
15:31:39.0935 0692 wbengine - ok
15:31:39.0938 0692 WbioSrvc - ok
15:31:39.0941 0692 wcncsvc - ok
15:31:39.0944 0692 WcsPlugInService - ok
15:31:39.0947 0692 Wd - ok
15:31:39.0951 0692 Wdf01000 - ok
15:31:39.0954 0692 WdiServiceHost - ok
15:31:39.0957 0692 WdiSystemHost - ok
15:31:39.0960 0692 WebClient - ok
15:31:39.0963 0692 Wecsvc - ok
15:31:39.0966 0692 wercplsupport - ok
15:31:39.0969 0692 WerSvc - ok
15:31:39.0973 0692 WfpLwf - ok
15:31:39.0976 0692 WIMMount - ok
15:31:39.0979 0692 WinDefend - ok
15:31:39.0985 0692 WinHttpAutoProxySvc - ok
15:31:39.0988 0692 Winmgmt - ok
15:31:39.0991 0692 WinRM - ok
15:31:39.0997 0692 Wlansvc - ok
15:31:40.0000 0692 WmiAcpi - ok
15:31:40.0005 0692 wmiApSrv - ok
15:31:40.0008 0692 WMPNetworkSvc - ok
15:31:40.0011 0692 WPCSvc - ok
15:31:40.0014 0692 WPDBusEnum - ok
15:31:40.0018 0692 ws2ifsl - ok
15:31:40.0021 0692 wscsvc - ok
15:31:40.0024 0692 WSearch - ok
15:31:40.0028 0692 wuauserv - ok
15:31:40.0031 0692 WudfPf - ok
15:31:40.0035 0692 wudfsvc - ok
15:31:40.0038 0692 WwanSvc - ok
15:31:40.0043 0692 ================ Scan global ===============================
15:31:40.0045 0692 [Global] - ok
15:31:40.0046 0692 ================ Scan MBR ==================================
15:31:40.0058 0692 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
15:31:40.0433 0692 \Device\Harddisk1\DR1 - ok
15:31:40.0437 0692 [ 96FAACCE66A7DBFB46BE6ECB0C189739 ] \Device\Harddisk0\DR0
15:31:40.0505 0692 \Device\Harddisk0\DR0 - ok
15:31:40.0505 0692 ================ Scan VBR ==================================
15:31:40.0507 0692 [ 2AE862F98FEF3264BD2C0B911CBA09DC ] \Device\Harddisk0\DR0\Partition1
15:31:40.0508 0692 \Device\Harddisk0\DR0\Partition1 - ok
15:31:40.0511 0692 [ 78746657898E650A280301F4E8C04315 ] \Device\Harddisk0\DR0\Partition2
15:31:40.0513 0692 \Device\Harddisk0\DR0\Partition2 - ok
15:31:40.0515 0692 [ FD21075C603B6F795FA908C739FEF7DB ] \Device\Harddisk0\DR0\Partition3
15:31:40.0515 0692 \Device\Harddisk0\DR0\Partition3 - ok
15:31:40.0523 0692 [ 39A21FDAE380DDA8FAF59692398875AB ] \Device\Harddisk0\DR0\Partition4
15:31:40.0523 0692 \Device\Harddisk0\DR0\Partition4 - ok
15:31:40.0523 0692 ============================================================
15:31:40.0523 0692 Scan finished
15:31:40.0523 0692 ============================================================
15:31:40.0530 4088 Detected object count: 0
15:31:40.0530 4088 Actual detected object count: 0
15:32:14.0424 3872 ============================================================
15:32:14.0424 3872 Scan started
15:32:14.0424 3872 Mode: Manual; SigCheck; TDLFS;
15:32:14.0424 3872 ============================================================
15:32:14.0451 3872 ================ Scan system memory ========================
15:32:14.0451 3872 System memory - ok
15:32:14.0451 3872 ================ Scan services =============================
15:32:14.0463 3872 1394ohci - ok
15:32:14.0466 3872 ACPI - ok
15:32:14.0469 3872 AcpiPmi - ok
15:32:14.0472 3872 AdobeFlashPlayerUpdateSvc - ok
15:32:14.0480 3872 adp94xx - ok
15:32:14.0483 3872 adpahci - ok
15:32:14.0499 3872 adpu320 - ok
15:32:14.0504 3872 AeLookupSvc - ok
15:32:14.0507 3872 AESTFilters - ok
15:32:14.0511 3872 AFD - ok
15:32:14.0514 3872 agp440 - ok
15:32:14.0517 3872 ALG - ok
15:32:14.0520 3872 aliide - ok
15:32:14.0523 3872 AMD External Events Utility - ok
15:32:14.0526 3872 amdide - ok
15:32:14.0529 3872 AmdK8 - ok
15:32:14.0532 3872 AmdPPM - ok
15:32:14.0536 3872 amdsata - ok
15:32:14.0539 3872 amdsbs - ok
15:32:14.0542 3872 amdxata - ok
15:32:14.0545 3872 AppID - ok
15:32:14.0548 3872 AppIDSvc - ok
15:32:14.0551 3872 Appinfo - ok
15:32:14.0555 3872 Apple Mobile Device - ok
15:32:14.0558 3872 AppMgmt - ok
15:32:14.0561 3872 arc - ok
15:32:14.0564 3872 arcsas - ok
15:32:14.0570 3872 aspnet_state - ok
15:32:14.0573 3872 AsyncMac - ok
15:32:14.0576 3872 atapi - ok
15:32:14.0581 3872 AtiHdmiService - ok
15:32:14.0584 3872 atikmdag - ok
15:32:14.0587 3872 AudioEndpointBuilder - ok
15:32:14.0590 3872 AudioSrv - ok
15:32:14.0593 3872 AxInstSV - ok
15:32:14.0596 3872 b06bdrv - ok
15:32:14.0599 3872 b57nd60a - ok
15:32:14.0604 3872 BDESVC - ok
15:32:14.0607 3872 Beep - ok
15:32:14.0610 3872 BFE - ok
15:32:14.0613 3872 BITS - ok
15:32:14.0616 3872 blbdrive - ok
15:32:14.0619 3872 Bonjour Service - ok
15:32:14.0622 3872 bowser - ok
15:32:14.0625 3872 BrFiltLo - ok
15:32:14.0628 3872 BrFiltUp - ok
15:32:14.0631 3872 Browser - ok
15:32:14.0635 3872 Brserid - ok
15:32:14.0638 3872 BrSerWdm - ok
15:32:14.0641 3872 BrUsbMdm - ok
15:32:14.0644 3872 BrUsbSer - ok
15:32:14.0647 3872 BTHMODEM - ok
15:32:14.0652 3872 bthserv - ok
15:32:14.0655 3872 cdfs - ok
15:32:14.0658 3872 cdrom - ok
15:32:14.0661 3872 CertPropSvc - ok
15:32:14.0664 3872 circlass - ok
15:32:14.0667 3872 CLFS - ok
15:32:14.0670 3872 clr_optimization_v2.0.50727_32 - ok
15:32:14.0674 3872 clr_optimization_v2.0.50727_64 - ok
15:32:14.0677 3872 clr_optimization_v4.0.30319_32 - ok
15:32:14.0680 3872 clr_optimization_v4.0.30319_64 - ok
15:32:14.0684 3872 CmBatt - ok
15:32:14.0687 3872 cmdide - ok
15:32:14.0690 3872 CNG - ok
15:32:14.0693 3872 Compbatt - ok
15:32:14.0697 3872 CompositeBus - ok
15:32:14.0700 3872 COMSysApp - ok
15:32:14.0704 3872 crcdisk - ok
15:32:14.0708 3872 CryptSvc - ok
15:32:14.0711 3872 CSC - ok
15:32:14.0715 3872 CscService - ok
15:32:14.0719 3872 DcomLaunch - ok
15:32:14.0722 3872 defragsvc - ok
15:32:14.0725 3872 DfsC - ok
15:32:14.0728 3872 Dhcp - ok
15:32:14.0731 3872 discache - ok
15:32:14.0736 3872 Disk - ok
15:32:14.0739 3872 Dnscache - ok
15:32:14.0742 3872 DockLoginService - ok
15:32:14.0745 3872 dot3svc - ok
15:32:14.0748 3872 DPS - ok
15:32:14.0752 3872 drmkaud - ok
15:32:14.0755 3872 DXGKrnl - ok
15:32:14.0758 3872 eamon - ok
15:32:14.0761 3872 EapHost - ok
15:32:14.0764 3872 ebdrv - ok
15:32:14.0767 3872 EFS - ok
15:32:14.0770 3872 ehdrv - ok
15:32:14.0773 3872 ehRecvr - ok
15:32:14.0776 3872 ehSched - ok
15:32:14.0779 3872 EhttpSrv - ok
15:32:14.0782 3872 ekrn - ok
15:32:14.0786 3872 elxstor - ok
15:32:14.0789 3872 epfw - ok
15:32:14.0792 3872 Epfwndis - ok
15:32:14.0795 3872 epfwwfp - ok
15:32:14.0798 3872 ErrDev - ok
15:32:14.0804 3872 EventSystem - ok
15:32:14.0807 3872 exfat - ok
15:32:14.0810 3872 fastfat - ok
15:32:14.0813 3872 Fax - ok
15:32:14.0816 3872 fdc - ok
15:32:14.0819 3872 fdPHost - ok
15:32:14.0822 3872 FDResPub - ok
15:32:14.0825 3872 FileInfo - ok
15:32:14.0828 3872 Filetrace - ok
15:32:14.0831 3872 flpydisk - ok
15:32:14.0835 3872 FltMgr - ok
15:32:14.0838 3872 FontCache - ok
15:32:14.0841 3872 FontCache3.0.0.0 - ok
15:32:14.0844 3872 FsDepends - ok
15:32:14.0847 3872 Fs_Rec - ok
15:32:14.0851 3872 fvevol - ok
15:32:14.0854 3872 gagp30kx - ok
15:32:14.0857 3872 GEARAspiWDM - ok
15:32:14.0860 3872 gpsvc - ok
15:32:14.0863 3872 gupdate - ok
15:32:14.0866 3872 gupdatem - ok
15:32:14.0869 3872 gusvc - ok
15:32:14.0873 3872 hcw85cir - ok
15:32:14.0876 3872 HdAudAddService - ok
15:32:14.0879 3872 HDAudBus - ok
15:32:14.0882 3872 HidBatt - ok
15:32:14.0885 3872 HidBth - ok
15:32:14.0888 3872 HidIr - ok
15:32:14.0891 3872 hidserv - ok
15:32:14.0894 3872 HidUsb - ok
15:32:14.0897 3872 hkmsvc - ok
15:32:14.0901 3872 HomeGroupListener - ok
15:32:14.0904 3872 HomeGroupProvider - ok
15:32:14.0907 3872 HpSAMD - ok
15:32:14.0910 3872 HTTP - ok
15:32:14.0913 3872 hwpolicy - ok
15:32:14.0916 3872 i8042prt - ok
15:32:14.0919 3872 iaStorV - ok
15:32:14.0922 3872 IDMWFP - ok
15:32:14.0924 3872 idsvc - ok
15:32:14.0927 3872 iirsp - ok
15:32:14.0930 3872 IKEEXT - ok
15:32:14.0935 3872 intelide - ok
15:32:14.0938 3872 intelppm - ok
15:32:14.0941 3872 IPBusEnum - ok
15:32:14.0946 3872 IpFilterDriver - ok
15:32:14.0948 3872 iphlpsvc - ok
15:32:14.0952 3872 IPMIDRV - ok
15:32:14.0955 3872 IPNAT - ok
15:32:14.0958 3872 iPod Service - ok
15:32:14.0961 3872 IRENUM - ok
15:32:14.0965 3872 isapnp - ok
15:32:14.0968 3872 iScsiPrt - ok
15:32:14.0971 3872 k57nd60a - ok
15:32:14.0974 3872 kbdclass - ok
15:32:14.0978 3872 kbdhid - ok
15:32:14.0981 3872 KeyIso - ok
15:32:14.0984 3872 KSecDD - ok
15:32:14.0987 3872 KSecPkg - ok
15:32:14.0990 3872 ksthunk - ok
15:32:14.0993 3872 KtmRm - ok
15:32:14.0997 3872 LanmanServer - ok
15:32:15.0000 3872 LanmanWorkstation - ok
15:32:15.0004 3872 lltdio - ok
15:32:15.0007 3872 lltdsvc - ok
15:32:15.0011 3872 lmhosts - ok
15:32:15.0015 3872 LSI_FC - ok
15:32:15.0018 3872 LSI_SAS - ok
15:32:15.0021 3872 LSI_SAS2 - ok
15:32:15.0024 3872 LSI_SCSI - ok
15:32:15.0028 3872 luafv - ok
15:32:15.0031 3872 Mcx2Svc - ok
15:32:15.0034 3872 megasas - ok
15:32:15.0037 3872 MegaSR - ok
15:32:15.0040 3872 MMCSS - ok
15:32:15.0043 3872 Modem - ok
15:32:15.0047 3872 monitor - ok
15:32:15.0050 3872 mouclass - ok
15:32:15.0053 3872 mouhid - ok
15:32:15.0056 3872 mountmgr - ok
15:32:15.0059 3872 mpio - ok
15:32:15.0062 3872 mpsdrv - ok
15:32:15.0065 3872 MpsSvc - ok
15:32:15.0069 3872 MRxDAV - ok
15:32:15.0072 3872 mrxsmb - ok
15:32:15.0075 3872 mrxsmb10 - ok
15:32:15.0078 3872 mrxsmb20 - ok
15:32:15.0081 3872 msahci - ok
15:32:15.0084 3872 msdsm - ok
15:32:15.0087 3872 MSDTC - ok
15:32:15.0093 3872 Msfs - ok
15:32:15.0096 3872 mshidkmdf - ok
15:32:15.0099 3872 msisadrv - ok
15:32:15.0103 3872 MSiSCSI - ok
15:32:15.0106 3872 msiserver - ok
15:32:15.0109 3872 MSKSSRV - ok
15:32:15.0112 3872 MSPCLOCK - ok
15:32:15.0115 3872 MSPQM - ok
15:32:15.0118 3872 MsRPC - ok
15:32:15.0123 3872 mssmbios - ok
15:32:15.0126 3872 MSTEE - ok
15:32:15.0129 3872 MTConfig - ok
15:32:15.0132 3872 Mup - ok
15:32:15.0136 3872 napagent - ok
15:32:15.0139 3872 NativeWifiP - ok
15:32:15.0142 3872 NDIS - ok
15:32:15.0145 3872 NdisCap - ok
15:32:15.0148 3872 NdisTapi - ok
15:32:15.0151 3872 Ndisuio - ok
15:32:15.0154 3872 NdisWan - ok
15:32:15.0157 3872 NDProxy - ok
15:32:15.0160 3872 NetBIOS - ok
15:32:15.0163 3872 NetBT - ok
15:32:15.0166 3872 Netlogon - ok
15:32:15.0170 3872 Netman - ok
15:32:15.0173 3872 NetMsmqActivator - ok
15:32:15.0175 3872 NetPipeActivator - ok
15:32:15.0178 3872 netprofm - ok
15:32:15.0181 3872 NetTcpActivator - ok
15:32:15.0185 3872 NetTcpPortSharing - ok
15:32:15.0188 3872 netw5v64 - ok
15:32:15.0191 3872 nfrd960 - ok
15:32:15.0196 3872 NlaSvc - ok
15:32:15.0199 3872 Npfs - ok
15:32:15.0202 3872 nsi - ok
15:32:15.0205 3872 nsiproxy - ok
15:32:15.0209 3872 Ntfs - ok
15:32:15.0213 3872 Null - ok
15:32:15.0215 3872 nvraid - ok
15:32:15.0219 3872 nvstor - ok
15:32:15.0222 3872 nv_agp - ok
15:32:15.0225 3872 ohci1394 - ok
15:32:15.0228 3872 p2pimsvc - ok
15:32:15.0231 3872 p2psvc - ok
15:32:15.0235 3872 Parport - ok
15:32:15.0238 3872 partmgr - ok
15:32:15.0241 3872 PcaSvc - ok
15:32:15.0244 3872 pci - ok
15:32:15.0247 3872 pciide - ok
15:32:15.0250 3872 pcmcia - ok
15:32:15.0253 3872 pcw - ok
15:32:15.0256 3872 PEAUTH - ok
15:32:15.0259 3872 PeerDistSvc - ok
15:32:15.0264 3872 PerfHost - ok
15:32:15.0271 3872 pla - ok
15:32:15.0274 3872 PlugPlay - ok
15:32:15.0277 3872 PNRPAutoReg - ok
15:32:15.0280 3872 PNRPsvc - ok
15:32:15.0283 3872 PolicyAgent - ok
15:32:15.0288 3872 Power - ok
15:32:15.0291 3872 PptpMiniport - ok
15:32:15.0294 3872 Processor - ok
15:32:15.0298 3872 ProfSvc - ok
15:32:15.0301 3872 ProtectedStorage - ok
15:32:15.0304 3872 Psched - ok
15:32:15.0307 3872 ql2300 - ok
15:32:15.0311 3872 ql40xx - ok
15:32:15.0314 3872 QWAVE - ok
15:32:15.0317 3872 QWAVEdrv - ok
15:32:15.0321 3872 RasAcd - ok
15:32:15.0324 3872 RasAgileVpn - ok
15:32:15.0327 3872 RasAuto - ok
15:32:15.0330 3872 Rasl2tp - ok
15:32:15.0333 3872 RasMan - ok
15:32:15.0336 3872 RasPppoe - ok
15:32:15.0340 3872 RasSstp - ok
15:32:15.0343 3872 rdbss - ok
15:32:15.0346 3872 rdpbus - ok
15:32:15.0351 3872 RDPCDD - ok
15:32:15.0355 3872 RDPDR - ok
15:32:15.0358 3872 RDPENCDD - ok
15:32:15.0363 3872 RDPREFMP - ok
15:32:15.0366 3872 RDPWD - ok
15:32:15.0369 3872 rdyboost - ok
15:32:15.0372 3872 RemoteAccess - ok
15:32:15.0376 3872 RemoteRegistry - ok
15:32:15.0378 3872 RpcEptMapper - ok
15:32:15.0381 3872 RpcLocator - ok
15:32:15.0386 3872 RpcSs - ok
15:32:15.0390 3872 rspndr - ok
15:32:15.0393 3872 s3cap - ok
15:32:15.0396 3872 SamSs - ok
15:32:15.0399 3872 sbp2port - ok
15:32:15.0402 3872 SCardSvr - ok
15:32:15.0406 3872 scfilter - ok
15:32:15.0409 3872 Schedule - ok
15:32:15.0412 3872 SCPolicySvc - ok
15:32:15.0416 3872 sdbus - ok
15:32:15.0419 3872 SDRSVC - ok
15:32:15.0422 3872 secdrv - ok
15:32:15.0426 3872 seclogon - ok
15:32:15.0429 3872 SENS - ok
15:32:15.0432 3872 SensrSvc - ok
15:32:15.0436 3872 Serenum - ok
15:32:15.0439 3872 Serial - ok
15:32:15.0442 3872 sermouse - ok
15:32:15.0450 3872 SessionEnv - ok
15:32:15.0454 3872 sffdisk - ok
15:32:15.0457 3872 sffp_mmc - ok
15:32:15.0460 3872 sffp_sd - ok
15:32:15.0464 3872 sfloppy - ok
15:32:15.0467 3872 SharedAccess - ok
15:32:15.0470 3872 ShellHWDetection - ok
15:32:15.0473 3872 SiSRaid2 - ok
15:32:15.0476 3872 SiSRaid4 - ok
15:32:15.0479 3872 Smb - ok
15:32:15.0486 3872 SNMPTRAP - ok
15:32:15.0489 3872 spldr - ok
15:32:15.0492 3872 Spooler - ok
15:32:15.0495 3872 sppsvc - ok
15:32:15.0498 3872 sppuinotify - ok
15:32:15.0501 3872 srv - ok
15:32:15.0504 3872 srv2 - ok
15:32:15.0507 3872 srvnet - ok
15:32:15.0511 3872 SSDPSRV - ok
15:32:15.0514 3872 SstpSvc - ok
15:32:15.0517 3872 STacSV - ok
15:32:15.0521 3872 stexstor - ok
15:32:15.0525 3872 STHDA - ok
15:32:15.0528 3872 stisvc - ok
15:32:15.0531 3872 storflt - ok
15:32:15.0534 3872 StorSvc - ok
15:32:15.0537 3872 storvsc - ok
15:32:15.0540 3872 swenum - ok
15:32:15.0544 3872 swprv - ok
15:32:15.0547 3872 SysMain - ok
15:32:15.0551 3872 TabletInputService - ok
15:32:15.0554 3872 TapiSrv - ok
15:32:15.0557 3872 TBS - ok
15:32:15.0560 3872 Tcpip - ok
15:32:15.0563 3872 TCPIP6 - ok
15:32:15.0568 3872 tcpipreg - ok
15:32:15.0573 3872 TDPIPE - ok
15:32:15.0576 3872 TDTCP - ok
15:32:15.0579 3872 tdx - ok
15:32:15.0582 3872 TeamViewer8 - ok
15:32:15.0586 3872 TermDD - ok
15:32:15.0589 3872 TermService - ok
15:32:15.0592 3872 Themes - ok
15:32:15.0596 3872 THREADORDER - ok
15:32:15.0599 3872 TrkWks - ok
15:32:15.0602 3872 TrustedInstaller - ok
15:32:15.0607 3872 tssecsrv - ok
15:32:15.0610 3872 tunnel - ok
15:32:15.0614 3872 uagp35 - ok
15:32:15.0617 3872 udfs - ok
15:32:15.0624 3872 UI0Detect - ok
15:32:15.0627 3872 uliagpkx - ok
15:32:15.0630 3872 umbus - ok
15:32:15.0634 3872 UmPass - ok
15:32:15.0638 3872 UmRdpService - ok
15:32:15.0641 3872 upnphost - ok
15:32:15.0644 3872 usbccgp - ok
15:32:15.0648 3872 usbcir - ok
15:32:15.0652 3872 usbehci - ok
15:32:15.0655 3872 usbhub - ok
15:32:15.0658 3872 usbohci - ok
15:32:15.0661 3872 usbprint - ok
15:32:15.0664 3872 USBSTOR - ok
15:32:15.0668 3872 usbuhci - ok
15:32:15.0671 3872 usbvideo - ok
15:32:15.0674 3872 UxSms - ok
15:32:15.0676 3872 VaultSvc - ok
15:32:15.0680 3872 vdrvroot - ok
15:32:15.0683 3872 vds - ok
15:32:15.0686 3872 vga - ok
15:32:15.0689 3872 VgaSave - ok
15:32:15.0692 3872 vhdmp - ok
15:32:15.0695 3872 viaide - ok
15:32:15.0699 3872 vmbus - ok
15:32:15.0702 3872 VMBusHID - ok
15:32:15.0705 3872 volmgr - ok
15:32:15.0708 3872 volmgrx - ok
15:32:15.0712 3872 volsnap - ok
15:32:15.0715 3872 vsmraid - ok
15:32:15.0719 3872 VSS - ok
15:32:15.0722 3872 vwifibus - ok
15:32:15.0725 3872 W32Time - ok
15:32:15.0729 3872 WacomPen - ok
15:32:15.0732 3872 WANARP - ok
15:32:15.0736 3872 Wanarpv6 - ok
15:32:15.0739 3872 wbengine - ok
15:32:15.0742 3872 WbioSrvc - ok
15:32:15.0745 3872 wcncsvc - ok
15:32:15.0748 3872 WcsPlugInService - ok
15:32:15.0752 3872 Wd - ok
15:32:15.0755 3872 Wdf01000 - ok
15:32:15.0758 3872 WdiServiceHost - ok
15:32:15.0761 3872 WdiSystemHost - ok
15:32:15.0764 3872 WebClient - ok
15:32:15.0768 3872 Wecsvc - ok
15:32:15.0771 3872 wercplsupport - ok
15:32:15.0774 3872 WerSvc - ok
15:32:15.0777 3872 WfpLwf - ok
15:32:15.0780 3872 WIMMount - ok
15:32:15.0783 3872 WinDefend - ok
15:32:15.0790 3872 WinHttpAutoProxySvc - ok
15:32:15.0792 3872 Winmgmt - ok
15:32:15.0795 3872 WinRM - ok
15:32:15.0801 3872 Wlansvc - ok
15:32:15.0805 3872 WmiAcpi - ok
15:32:15.0809 3872 wmiApSrv - ok
15:32:15.0812 3872 WMPNetworkSvc - ok
15:32:15.0816 3872 WPCSvc - ok
15:32:15.0819 3872 WPDBusEnum - ok
15:32:15.0822 3872 ws2ifsl - ok
15:32:15.0825 3872 wscsvc - ok
15:32:15.0828 3872 WSearch - ok
15:32:15.0833 3872 wuauserv - ok
15:32:15.0837 3872 WudfPf - ok
15:32:15.0839 3872 wudfsvc - ok
15:32:15.0843 3872 WwanSvc - ok
15:32:15.0849 3872 ================ Scan global ===============================
15:32:15.0850 3872 [Global] - ok
15:32:15.0852 3872 ================ Scan MBR ==================================
15:32:15.0854 3872 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
15:32:16.0200 3872 \Device\Harddisk1\DR1 - ok
15:32:16.0203 3872 [ 96FAACCE66A7DBFB46BE6ECB0C189739 ] \Device\Harddisk0\DR0
15:32:16.0233 3872 \Device\Harddisk0\DR0 - ok
15:32:16.0234 3872 ================ Scan VBR ==================================
15:32:16.0236 3872 [ 2AE862F98FEF3264BD2C0B911CBA09DC ] \Device\Harddisk0\DR0\Partition1
15:32:16.0237 3872 \Device\Harddisk0\DR0\Partition1 - ok
15:32:16.0239 3872 [ 78746657898E650A280301F4E8C04315 ] \Device\Harddisk0\DR0\Partition2
15:32:16.0240 3872 \Device\Harddisk0\DR0\Partition2 - ok
15:32:16.0242 3872 [ FD21075C603B6F795FA908C739FEF7DB ] \Device\Harddisk0\DR0\Partition3
15:32:16.0242 3872 \Device\Harddisk0\DR0\Partition3 - ok
15:32:16.0245 3872 [ 39A21FDAE380DDA8FAF59692398875AB ] \Device\Harddisk0\DR0\Partition4
15:32:16.0246 3872 \Device\Harddisk0\DR0\Partition4 - ok
15:32:16.0247 3872 ============================================================
15:32:16.0247 3872 Scan finished
15:32:16.0247 3872 ============================================================
15:32:16.0252 4400 Detected object count: 0
15:32:16.0252 4400 Actual detected object count: 0

[vyosek]

V miste spusteni MBRScanu by mely byt soubory Dump_?.mbr, zabalte mi je a nekam uploadnete

[valdoDK]

Nech sa paci :

Kód: Vybrat vše

http://www.uloz.to/xnXVFmf/mbr-zip

[vyosek]

OK, je to falesna detekce ESETu, poslu jej klukum do VirusLabu at na to mrknou, jeste mi prosim napiste jakou mate verzi virove databaze

[valdoDK]

tak to som potom rad trochu sa to pomenilo teraz, mam tam provizornu verziu, pretoze az zajtra sa dostanem k vlastnej licencii

8072 (20130303)

nevsimol som si ale zeby teraz nieco vypisovalo

[vyosek]

Zrejme probehla jiz aktualizace databaze...

Udelejte kompletni sken ESEtem a napiste