Hostitel služby (mistní sys.) check

Zpráva

MartinHaltof · #1 Příspěvek od **MartinHaltof** » 13 led 2015 16:46

Dobrý den

Problém je zřejmě větší než jsem si sám dokázal představit. Tedy obracím se na vás.
Již dříve zmiňovaný problém spočívá v tom, že ačkoli nikterak nepracuji se systémem tak využití CPU a RAM je na hranici maximální výkonnosti mého hardwaru. Samozřejmě vytížení není konstantního rázu je to spíš taková sínusovka.
Nicméně výsledný efekt je že na notebooku nemůžu pracovat s programy které potřebuji právě zmiňovaný CPU a paměti RAM.

Předem děkuji za váš čas.

#2 Příspěvek od **altrok** » 13 led 2015 17:10

Zdravim

Prvne si sem nakopiruju log z CF, ktery jste smazal (nevim proc - kristalove koule jsou ve stadiu vyjednavani).

V logu nevidim nic spatneho (jako bych po svevolnem pouziti ComboFixu mohl - poruseni licencnich podminek i pravidel fora)... nereknu Vam, zda problem vyresime, protoze CF mohl smazat stopy haveti...

Ulozte na plochu AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/

ukoncete vsechny programy
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Scan, pote na Clean
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\AdwCleaner [Sx].txt), jehoz obsah mi zkopirujte do pristi odpovedi

Dejte pak i novy log z FRST (FRST.txt a idealne do prilohy zabalit Addition.txt).

ComboFix 15-01-08.01 - acer . 01. 2015 21:42:58.1.4 - x64
Microsoft Windows 8 6.2.9200.0.1250.420.1029.18.3752.608 [GMT 1:00]
Spuštěný z: c:\users\acer\Downloads\ComboFix.exe
AV: McAfee Anti-Virus and Antispyware *Disabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892}
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Firewall *Disabled* {959DA8E2-3527-57D1-4915-924367AD4FE9}
SP: McAfee Anti-Virus and Antispyware *Disabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Roaming
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-12-12 do 2015-01-12 )))))))))))))))))))))))))))))))
.
.
2015-01-13 03:48 . 2015-01-13 03:48 -------- d--h--r- c:\users\Public\AccountPictures
2015-01-12 20:53 . 2015-01-12 20:53 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-01-12 20:17 . 2015-01-12 20:17 -------- d-----w- c:\programdata\OEM_YAHOO
2015-01-12 20:16 . 2015-01-12 20:17 -------- d-----w- c:\users\acer
2015-01-12 20:15 . 2015-01-12 20:15 94656 ----a-w- c:\windows\system32\WPRO_41_2001woem.tmp
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-01-12 20:30 . 2012-07-26 08:13 23256 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2015-01-12 20:15 . 2013-07-03 01:38 34752 ----a-w- c:\windows\system32\drivers\WPRO_41_2001.sys
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"mcpltui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2012-11-30 454160]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\StartUp\
iSCTsysTray.lnk - c:\program files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe [2013-4-15 247784]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableCursorSuppression"= 1 (0x1)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]
@=""
.
R0 mfeelamk;McAfee Inc. mfeelamk;c:\windows\system32\drivers\mfeelamk.sys;c:\windows\SYSNATIVE\drivers\mfeelamk.sys [x]
R2 0249751421093875mcinstcleanup;McAfee Application Installer Cleanup (0249751421093875);c:\windows\TEMP\024975~1.EXE;c:\windows\TEMP\024975~1.EXE [x]
R3 AMPPALP;Protokol Intel(r) Centrino(r) Wireless Bluetooth(r) + High Speed;c:\windows\system32\DRIVERS\amppal.sys;c:\windows\SYSNATIVE\DRIVERS\amppal.sys [x]
R3 BthLEEnum;Ovladač úspory energie technologie Bluetooth;c:\windows\system32\DRIVERS\BthLEEnum.sys;c:\windows\SYSNATIVE\DRIVERS\BthLEEnum.sys [x]
R3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys;c:\windows\SYSNATIVE\DRIVERS\btmaux.sys [x]
R3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys;c:\windows\SYSNATIVE\DRIVERS\btmhsf.sys [x]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [x]
R3 HipShieldK;McAfee Inc. HipShieldK;c:\windows\system32\drivers\HipShieldK.sys;c:\windows\SYSNATIVE\drivers\HipShieldK.sys [x]
R3 ibtusb;Intel(R) Wireless Bluetooth(R) 4.0 + HS Adapter;c:\windows\system32\DRIVERS\ibtusb.sys;c:\windows\SYSNATIVE\DRIVERS\ibtusb.sys [x]
R3 intaud_WaveExtensible;Intel WiDi Audio Device;c:\windows\system32\drivers\intelaud.sys;c:\windows\SYSNATIVE\drivers\intelaud.sys [x]
R3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
R3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;c:\program files\Intel\iCLS Client\SocketHeciServer.exe;c:\program files\Intel\iCLS Client\SocketHeciServer.exe [x]
R3 mfencrk;McAfee Inc. mfencrk;c:\windows\system32\DRIVERS\mfencrk.sys;c:\windows\SYSNATIVE\DRIVERS\mfencrk.sys [x]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [x]
R3 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x]
R3 QRDCIO;Quanta Generic IO Access;c:\windows\System32\drivers\QRDCIO.sys;c:\windows\SYSNATIVE\drivers\QRDCIO.sys [x]
R3 USecuAppSvc;Acer Theft Shield Service;c:\program files\Acer\Acer Theft Shield\USecuAppSvc.exe;c:\program files\Acer\Acer Theft Shield\USecuAppSvc.exe [x]
R3 vmicheartbeat;Služba prezenčního signálu technologie Hyper-V;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S0 excsd;ExpressCache Storage Filter Driver;c:\windows\system32\DRIVERS\excsd.sys;c:\windows\SYSNATIVE\DRIVERS\excsd.sys [x]
S0 iaStorA;iaStorA;c:\windows\System32\drivers\iaStorA.sys;c:\windows\SYSNATIVE\drivers\iaStorA.sys [x]
S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys;c:\windows\SYSNATIVE\drivers\mfewfpk.sys [x]
S1 excfs;ExpressCache File System Filter Driver;c:\windows\system32\DRIVERS\excfs.sys;c:\windows\SYSNATIVE\DRIVERS\excfs.sys [x]
S2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [x]
S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [x]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [x]
S2 BrcmSetSecurity;BrcmSetSecurity;c:\program files\Intel Corporation\Intel WiDi\BrcmSetSecurity.exe;c:\program files\Intel Corporation\Intel WiDi\BrcmSetSecurity.exe [x]
S2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [x]
S2 CCDMonitorService;CCDMonitorService;c:\program files (x86)\Acer\Acer Cloud\CCDMonitorService.exe;c:\program files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [x]
S2 ETDService;Elan Service;c:\program files\Elantech\ETDService.exe;c:\program files\Elantech\ETDService.exe [x]
S2 ExpressCache;ExpressCache;c:\program files\Condusiv Technologies\ExpressCache\ExpressCache.exe;c:\program files\Condusiv Technologies\ExpressCache\ExpressCache.exe [x]
S2 HomeNetSvc;McAfee Home Network;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 Intel(R) ME Service;Intel(R) ME Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [x]
S2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management;Intel(R) Wireless Bluetooth(R) 4.0 Radio Management;c:\program files (x86)\Intel\Bluetooth\ibtrksrv.exe;c:\program files (x86)\Intel\Bluetooth\ibtrksrv.exe [x]
S2 ISCTAgent;Intel(R) Smart Connect Technology Agent;c:\program files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe ;c:\program files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 LMSvc;Launch Manager Service;c:\program files\Acer\Acer Launch Manager\LMSvc.exe;c:\program files\Acer\Acer Launch Manager\LMSvc.exe [x]
S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\progra~2\mcafee\SITEAD~1\mcsacore.exe;c:\progra~2\mcafee\SITEAD~1\mcsacore.exe [x]
S2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [x]
S2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe;c:\program files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [x]
S2 McOobeSv2;McAfee OOBE Service2;c:\program files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe;c:\program files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [x]
S2 mcpltsvc;McAfee Platform Services;c:\program files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe;c:\program files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [x]
S2 mfecore;McAfee Anti-Malware Core;c:\program files\Common Files\McAfee\AMCore\mcshield.exe;c:\program files\Common Files\McAfee\AMCore\mcshield.exe [x]
S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [x]
S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe;c:\windows\SYSNATIVE\mfevtps.exe [x]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe;c:\program files (x86)\Nero\Update\NASvc.exe [x]
S2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe [x]
S3 AMPPAL;Virtuální adaptér Intel(r) Centrino(r) Wireless Bluetooth(r) + High Speed;c:\windows\System32\drivers\AMPPAL.sys;c:\windows\SYSNATIVE\drivers\AMPPAL.sys [x]
S3 ccSet_NARA;NARA Settings Manager;c:\windows\system32\drivers\NARAx64\0403000.00E\ccSetx64.sys;c:\windows\SYSNATIVE\drivers\NARAx64\0403000.00E\ccSetx64.sys [x]
S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys;c:\windows\SYSNATIVE\drivers\cfwids.sys [x]
S3 ePowerSvc;ePower Service;c:\program files\Acer\Acer Power Management\ePowerSvc.exe;c:\program files\Acer\Acer Power Management\ePowerSvc.exe [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys;c:\windows\SYSNATIVE\DRIVERS\ETD.sys [x]
S3 ikbevent;Intel Upper keyboard Class Filter Driver;c:\windows\system32\DRIVERS\ikbevent.sys;c:\windows\SYSNATIVE\DRIVERS\ikbevent.sys [x]
S3 imsevent;Intel Upper Mouse Class Filter Driver;c:\windows\system32\DRIVERS\imsevent.sys;c:\windows\SYSNATIVE\DRIVERS\imsevent.sys [x]
S3 ISCT;Intel(R) Smart Connect Technology Device Driver;c:\windows\System32\drivers\ISCTD64.sys;c:\windows\SYSNATIVE\drivers\ISCTD64.sys [x]
S3 iwdbus;IWD Bus Enumerator;c:\windows\System32\drivers\iwdbus.sys;c:\windows\SYSNATIVE\drivers\iwdbus.sys [x]
S3 LMDriver;Launch Manager Wireless Driver;c:\windows\System32\drivers\LMDriver.sys;c:\windows\SYSNATIVE\drivers\LMDriver.sys [x]
S3 McAWFwk;McAfee Activation Service;c:\progra~1\COMMON~1\mcafee\actwiz\mcawfwk.exe;c:\progra~1\COMMON~1\mcafee\actwiz\mcawfwk.exe [x]
S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys;c:\windows\SYSNATIVE\drivers\mfefirek.sys [x]
S3 mfencbdc;McAfee Inc. mfencbdc;c:\windows\system32\DRIVERS\mfencbdc.sys;c:\windows\SYSNATIVE\DRIVERS\mfencbdc.sys [x]
S3 NETwNe64;@oem14.inf,___ %NIC_Service_DispName_WIN8_64%;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 8 - 64 Bit;c:\windows\system32\DRIVERS\NETwew02.sys;c:\windows\SYSNATIVE\DRIVERS\NETwew02.sys [x]
S3 RadioShim;Shim for HID-KMDF Interface layer;c:\windows\System32\drivers\RadioShim.sys;c:\windows\SYSNATIVE\drivers\RadioShim.sys [x]
S3 RTL8168;Realtek 8168 NT Driver;c:\windows\system32\DRIVERS\Rt630x64.sys;c:\windows\SYSNATIVE\DRIVERS\Rt630x64.sys [x]
S3 RTSPER;Realtek PCIE Card Reader - PER;c:\windows\system32\DRIVERS\RtsPer.sys;c:\windows\SYSNATIVE\DRIVERS\RtsPer.sys [x]
S3 usb3Hub;UoIP Hub;c:\windows\System32\drivers\usb3Hub.sys;c:\windows\SYSNATIVE\drivers\usb3Hub.sys [x]
S3 WPRO_41_2001;WinPcap Packet Driver (WPRO_41_2001);c:\windows\system32\drivers\WPRO_41_2001.sys;c:\windows\SYSNATIVE\drivers\WPRO_41_2001.sys [x]
.
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2013-05-15 165872]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2013-05-15 407536]
"Persistence"="c:\windows\system32\igfxpers.exe" [2013-05-15 444400]
"BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshellex.dll" [2013-04-12 7770936]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2013-05-13 13538376]
"RtHDVBg_Dolby"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2013-04-24 1307720]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://acer13.msn.com
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 192.168.0.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
Toolbar-Locked - (no file)
HKLM-Run-ETDCtrl - c:\program files (x86)\Elantech\ETDCtrl.exe
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B9A09F18-45AB-4F09-A117-A4ADDA8FA8C8}]
@Denied: (A) (Everyone)
"Solution"="{36eb6792-3a29-43b3-8cd0-f67d266fb426}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane\0]
"Key"="ActionsPane"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\8.0\\ActionsPane.xsd"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
@SACL=(02 0000)
.
Celkový čas: 2015-01-12 22:09:36
ComboFix-quarantined-files.txt 2015-01-12 21:09
.
Před spuštěním: 447 599 734 784 bytes free
Po spuštění: 447 412 027 392 bytes free
.
- - End Of File - - D97DF0769BF1068D953151F3021434F9
5FB38429D5D77768867C76DCBDB3519

MartinHaltof · #3 Příspěvek od **MartinHaltof** » 13 led 2015 17:28

# AdwCleaner v4.107 - Report created 13/01/2015 at 17:25:31
# Updated 07/01/2015 by Xplode
# Database : 2015-01-13.2 [Live]
# Operating System : Windows 8 (64 bits)
# Username : acer - MARTIN
# Running from : C:\Users\acer\Desktop\adwcleaner_4.107.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

***** [ Scheduled Tasks ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.17183

*************************

AdwCleaner[R0].txt - [682 octets] - [13/01/2015 17:24:18]
AdwCleaner[S0].txt - [604 octets] - [13/01/2015 17:25:31]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [663 octets] ##########

MartinHaltof · #4 Příspěvek od **MartinHaltof** » 13 led 2015 17:36

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-01-2015 02
Ran by acer (administrator) on MARTIN on 13-01-2015 17:31:37
Running from C:\Users\acer\Desktop
Loaded Profile: acer (Available profiles: acer)
Platform: Windows 8 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 10 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files (x86)\Acer Incorporated\HID Monitor\HIDMonitor.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Condusiv Technologies) C:\Program Files\Condusiv Technologies\ExpressCache\ExpressCache.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDTouch.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel) C:\Program Files\Intel Corporation\Intel WiDi\BrcmSetSecurity.exe
(McAfee, Inc.) C:\Program Files\mcafee\msc\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\AMCore\mcshield.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\mcsvchost\McSvHost.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.2.9200.17074_none_6233bc1f5106b696\TiWorker.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
() C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\McUICnt.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Theft Shield\USecuAppClient.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\platform\core\mchost.exe
(forum.viry.cz) C:\Users\acer\Desktop\FRSTLauncher.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\ismagent.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2890640 2013-04-10] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13538376 2013-05-13] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1307720 2013-04-24] (Realtek Semiconductor)
HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [537992 2014-04-25] (McAfee, Inc.)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3142761651-1376656185-2842532201-1001\...\Run: [Spotify Web Helper] => C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe [1193176 2013-07-03] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\iSCTsysTray.lnk
ShortcutTarget: iSCTsysTray.lnk -> C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe (Intel Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3142761651-1376656185-2842532201-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-3142761651-1376656185-2842532201-1001\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\S-1-5-21-3142761651-1376656185-2842532201-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://acer13.msn.com
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3142761651-1376656185-2842532201-1001 -> {6A6D8EF9-88F3-4412-A472-9929D8EE0CFF} URL =
BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
BHO-x32: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.20 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2013-05-16]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2013-05-16]

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-01-13]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-01-13]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 BrcmSetSecurity; C:\Program Files\Intel Corporation\Intel WiDi\BrcmSetSecurity.exe [101536 2013-04-17] (Intel)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2615368 2013-02-27] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [662088 2013-03-15] (Acer Incorporated)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [100752 2013-04-10] (ELAN Microelectronics Corp.)
R2 ExpressCache; C:\Program Files\Condusiv Technologies\ExpressCache\ExpressCache.exe [107944 2013-01-08] (Condusiv Technologies)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-03-20] (Intel Corporation)
R2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [156616 2013-06-05] (Intel Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [182760 2013-04-15] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-03-20] (Intel Corporation)
R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [431656 2013-04-26] (Acer Incorporate)
R2 McAfee SiteAdvisor Service; c:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe [154320 2014-12-03] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178528 2014-04-25] (McAfee, Inc.)
S3 McAWFwk; c:\Program Files\Common Files\mcafee\actwiz\McAWFwk.exe [334760 2012-12-21] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [603424 2014-09-04] (McAfee, Inc.)
S4 McOobeSv2; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1041192 2014-08-20] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219752 2014-06-20] (McAfee, Inc.)
R2 mfevtp; C:\windows\system32\mfevtps.exe [189912 2014-06-20] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-04-17] ()
S3 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [4230016 2013-01-28] (Symantec Corporation)
S3 USecuAppSvc; C:\Program Files\Acer\Acer Theft Shield\USecuAppSvc.exe [345744 2012-11-12] (Acer Incorporated)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16032 2014-09-22] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3379440 2013-04-17] (Intel® Corporation)
S3 COMSysApp; %SystemRoot%\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [29696 2013-04-21] (Microsoft Corporation)
S3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [5139968 2012-06-02] (Broadcom Corporation)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
S3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [132920 2013-03-25] (Motorola Solutions, Inc.)
S3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1366328 2013-03-28] (Motorola Solutions, Inc.)
S3 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0403000.00E\ccSetx64.sys [168608 2012-05-26] (Symantec Corporation)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [72128 2014-06-20] (McAfee, Inc.)
R1 excfs; C:\Windows\System32\DRIVERS\excfs.sys [26024 2013-01-08] (Condusiv Technologies)
R0 excsd; C:\Windows\System32\DRIVERS\excsd.sys [112552 2013-01-08] (Condusiv Technologies)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
S3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [115656 2013-06-04] (Intel Corporation)
R3 ikbevent; C:\Windows\system32\DRIVERS\ikbevent.sys [21048 2013-04-15] ()
R3 imsevent; C:\Windows\system32\DRIVERS\imsevent.sys [21048 2013-04-15] ()
R3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [46568 2013-04-15] ()
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-01-10] (Acer Incorporated)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-03-20] (Intel Corporation)
S3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [181704 2014-06-20] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [313544 2014-06-20] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [70600 2014-06-20] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [523792 2014-06-20] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [786296 2014-06-20] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\system32\DRIVERS\mfencbdc.sys [445512 2014-08-20] (McAfee, Inc.)
S3 mfencrk; C:\Windows\system32\DRIVERS\mfencrk.sys [96592 2014-08-20] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [348552 2014-06-20] (McAfee, Inc.)
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew02.sys [3597792 2013-05-14] (Intel Corporation)
S3 QRDCIO; C:\Windows\System32\drivers\QRDCIO.sys [9728 2009-10-20] (QUANTA)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [15704 2013-01-10] (Acer Incorporated)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [455240 2013-03-05] (RTS Corporation)
R3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [207768 2013-04-17] (Windows (R) Win 7 DDK provider)
R3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2015-01-13] ()

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-13 17:31 - 2015-01-13 17:31 - 00017855 _____ () C:\Users\acer\Desktop\FRST.txt
2015-01-13 17:30 - 2015-01-13 17:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2015-01-13 17:26 - 2015-01-13 17:26 - 00094656 _____ (CACE Technologies) C:\WINDOWS\system32\WPRO_41_2001woem.tmp
2015-01-13 17:23 - 2015-01-13 17:25 - 00000000 ____D () C:\AdwCleaner
2015-01-13 17:21 - 2015-01-13 17:22 - 02191360 _____ () C:\Users\acer\Desktop\adwcleaner_4.107.exe
2015-01-13 17:13 - 2015-01-13 17:13 - 00281440 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2015-01-13 16:59 - 2015-01-13 16:59 - 00000000 ____D () C:\Users\acer\AppData\Roaming\Spotify
2015-01-13 16:59 - 2015-01-13 16:59 - 00000000 ____D () C:\Users\acer\AppData\Local\Spotify
2015-01-13 16:44 - 2014-11-21 09:38 - 02237952 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-01-13 16:44 - 2014-11-21 09:38 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-01-13 16:44 - 2014-11-21 09:37 - 01409536 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-01-13 16:44 - 2014-11-21 09:37 - 00915968 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll
2015-01-13 16:44 - 2014-11-21 09:37 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\UXInit.dll
2015-01-13 16:44 - 2014-11-21 09:36 - 19283456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-01-13 16:44 - 2014-11-21 09:36 - 15400960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-01-13 16:44 - 2014-11-21 09:36 - 03959296 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-01-13 16:44 - 2014-11-21 09:36 - 02655232 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-01-13 16:44 - 2014-11-21 09:36 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-01-13 16:44 - 2014-11-21 09:36 - 00603136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-01-13 16:44 - 2014-11-21 09:36 - 00451584 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2015-01-13 16:44 - 2014-11-21 09:36 - 00281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-01-13 16:44 - 2014-11-21 09:36 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-01-13 16:44 - 2014-11-21 09:36 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2015-01-13 16:44 - 2014-11-21 09:36 - 00136704 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesysprep.dll
2015-01-13 16:44 - 2014-11-21 09:36 - 00097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-01-13 16:44 - 2014-11-21 09:36 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2015-01-13 16:44 - 2014-11-21 09:36 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2015-01-13 16:44 - 2014-11-21 09:36 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2015-01-13 16:44 - 2014-11-21 09:35 - 01509376 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-01-13 16:44 - 2014-11-21 08:17 - 14364672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-01-13 16:44 - 2014-11-21 08:17 - 01762816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-01-13 16:44 - 2014-11-21 08:17 - 01181696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-01-13 16:44 - 2014-11-21 08:17 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2015-01-13 16:44 - 2014-11-21 08:17 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2015-01-13 16:44 - 2014-11-21 08:17 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UXInit.dll
2015-01-13 16:44 - 2014-11-21 08:16 - 13758976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-01-13 16:44 - 2014-11-21 08:16 - 02861568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-01-13 16:44 - 2014-11-21 08:16 - 02054656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-01-13 16:44 - 2014-11-21 08:16 - 01441280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-01-13 16:44 - 2014-11-21 08:16 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-01-13 16:44 - 2014-11-21 08:16 - 00493056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-01-13 16:44 - 2014-11-21 08:16 - 00357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2015-01-13 16:44 - 2014-11-21 08:16 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-01-13 16:44 - 2014-11-21 08:16 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2015-01-13 16:44 - 2014-11-21 08:16 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesysprep.dll
2015-01-13 16:44 - 2014-11-21 08:16 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2015-01-13 16:44 - 2014-11-21 08:16 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2015-01-13 16:44 - 2014-11-21 08:16 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2015-01-13 16:44 - 2014-11-21 08:00 - 02706432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2015-01-13 16:44 - 2014-11-21 07:54 - 02706432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2015-01-13 16:44 - 2014-11-21 05:30 - 00534528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uxtheme.dll
2015-01-13 16:24 - 2014-07-07 06:53 - 01125376 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2015-01-13 16:24 - 2014-07-07 06:52 - 00724992 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2015-01-13 16:24 - 2014-07-07 06:52 - 00300544 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsta.dll
2015-01-13 16:24 - 2014-07-07 06:51 - 05982208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2015-01-13 16:24 - 2014-07-07 05:01 - 01049600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2015-01-13 16:24 - 2014-07-07 05:01 - 00233472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winsta.dll
2015-01-13 16:24 - 2014-07-07 05:00 - 05095424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2015-01-13 16:24 - 2014-07-07 04:59 - 00269312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aaclient.dll
2015-01-13 16:22 - 2014-06-02 23:33 - 00265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\InkEd.dll
2015-01-13 16:21 - 2014-07-24 04:33 - 00875688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr120_clr0400.dll
2015-01-13 16:21 - 2014-07-24 04:33 - 00869544 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr120_clr0400.dll
2015-01-13 16:16 - 2014-03-11 04:32 - 06987096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-01-13 16:16 - 2014-03-11 04:25 - 00100184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2015-01-13 16:16 - 2014-03-11 01:41 - 00559104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\objsel.dll
2015-01-13 16:16 - 2014-03-11 01:41 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dimsroam.dll
2015-01-13 16:16 - 2014-03-11 01:39 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsass.exe
2015-01-13 16:16 - 2014-03-11 01:38 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2015-01-13 16:16 - 2014-03-11 01:38 - 00684032 _____ (Microsoft Corporation) C:\WINDOWS\system32\objsel.dll
2015-01-13 16:16 - 2014-03-11 01:38 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2015-01-13 16:16 - 2014-03-11 01:38 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2015-01-13 16:16 - 2014-03-11 01:38 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\dimsroam.dll
2015-01-13 16:16 - 2014-03-11 01:38 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspisrv.dll
2015-01-13 16:16 - 2014-03-10 04:05 - 00668160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2015-01-13 16:16 - 2014-03-10 02:27 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2015-01-13 16:00 - 2013-03-06 07:31 - 19758592 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-01-13 16:00 - 2013-03-06 07:31 - 00222208 _____ (Microsoft Corporation) C:\WINDOWS\system32\shdocvw.dll
2015-01-13 16:00 - 2013-03-06 06:03 - 17561600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-01-13 16:00 - 2013-03-06 06:03 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shdocvw.dll
2015-01-13 15:52 - 2013-09-23 13:49 - 00197704 _____ (McAfee, Inc.) C:\WINDOWS\system32\Drivers\HipShieldK.sys
2015-01-13 15:47 - 2015-01-13 15:49 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-01-13 15:47 - 2014-11-27 16:40 - 112710672 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-01-13 15:43 - 2013-07-13 07:18 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2015-01-13 15:43 - 2013-07-13 07:16 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptsvc.dll
2015-01-13 15:43 - 2013-07-13 07:15 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2015-01-13 15:43 - 2013-07-13 07:15 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2015-01-13 15:43 - 2013-07-13 05:24 - 00261120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2015-01-13 15:43 - 2013-07-13 05:23 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2015-01-13 15:43 - 2013-07-13 05:23 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2015-01-13 15:35 - 2014-08-09 09:30 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2015-01-13 15:35 - 2014-08-09 09:29 - 00144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\tssdisai.dll
2015-01-13 15:30 - 2014-08-28 12:34 - 00059400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-01-13 15:30 - 2014-08-28 07:05 - 00630272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-01-13 15:30 - 2014-08-28 07:05 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2015-01-13 15:30 - 2014-08-28 07:05 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2015-01-13 15:30 - 2014-08-28 07:05 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2015-01-13 15:30 - 2014-08-28 07:02 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2015-01-13 15:30 - 2014-08-28 07:01 - 03285504 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-01-13 15:30 - 2014-08-28 07:01 - 01623552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2015-01-13 15:30 - 2014-08-28 07:01 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-01-13 15:30 - 2014-08-28 07:01 - 00253440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2015-01-13 15:30 - 2014-08-28 07:01 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2015-01-13 15:30 - 2014-08-28 07:01 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2015-01-13 15:30 - 2014-08-28 07:01 - 00100352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2015-01-13 15:30 - 2014-08-28 07:01 - 00017920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaext.dll
2015-01-13 15:29 - 2014-06-10 23:44 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2015-01-13 15:29 - 2014-06-10 23:43 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2015-01-13 15:27 - 2014-09-22 06:53 - 00035320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2015-01-13 15:27 - 2014-08-26 23:08 - 00270024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2015-01-13 15:08 - 2014-09-25 00:29 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2015-01-13 15:08 - 2014-09-25 00:29 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll
2015-01-13 15:08 - 2014-09-25 00:01 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2015-01-13 15:08 - 2014-09-25 00:01 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
2015-01-13 15:07 - 2014-09-03 03:48 - 00510464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2015-01-13 15:07 - 2014-09-03 03:21 - 00585728 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2015-01-13 15:07 - 2014-08-01 00:40 - 01287680 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2015-01-13 15:07 - 2014-06-13 02:57 - 01453400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2015-01-13 15:07 - 2014-06-13 02:55 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2015-01-13 15:07 - 2013-10-10 12:53 - 00096600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2015-01-13 15:07 - 2013-10-10 10:21 - 01160192 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2015-01-13 15:07 - 2013-10-10 10:20 - 00723968 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2015-01-13 15:07 - 2013-06-10 20:16 - 00888832 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2015-01-13 15:07 - 2013-06-10 20:15 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2015-01-13 15:07 - 2013-06-10 20:10 - 00702464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2015-01-13 15:07 - 2013-06-10 20:10 - 00245248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2015-01-13 15:06 - 2013-10-19 06:45 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll
2015-01-13 15:06 - 2013-10-19 05:04 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll
2015-01-13 15:06 - 2013-07-06 01:15 - 00652288 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2015-01-13 15:06 - 2013-07-04 03:13 - 00541696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2015-01-13 15:04 - 2014-10-03 02:21 - 00522728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2015-01-13 15:04 - 2014-10-02 23:29 - 00783872 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-01-13 15:04 - 2014-10-02 23:29 - 00267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll
2015-01-13 15:04 - 2014-10-02 23:29 - 00169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2015-01-13 15:04 - 2014-02-06 00:41 - 01257984 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2015-01-13 15:04 - 2014-02-06 00:19 - 00974848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2015-01-13 15:04 - 2013-07-05 23:02 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbcir.sys
2015-01-13 15:04 - 2013-07-05 23:01 - 00210560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbvideo.sys
2015-01-13 15:04 - 2013-07-01 23:14 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbprint.sys
2015-01-13 15:04 - 2013-06-29 04:08 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2015-01-13 15:04 - 2013-06-29 04:07 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2015-01-13 15:04 - 2013-06-22 06:45 - 00785624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Wdf01000.sys
2015-01-13 15:04 - 2013-06-22 06:45 - 00054488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdfLdr.sys
2015-01-13 15:04 - 2013-05-04 05:48 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidusb.sys
2015-01-13 15:04 - 2013-04-09 06:33 - 00489576 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2015-01-13 15:04 - 2013-04-09 06:33 - 00446792 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2015-01-13 15:04 - 2013-04-09 06:33 - 00253544 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2015-01-13 15:04 - 2013-04-09 00:37 - 00426024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2015-01-13 15:04 - 2013-04-09 00:37 - 00324368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2015-01-13 15:02 - 2013-10-02 00:37 - 01569280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2015-01-13 15:02 - 2013-10-02 00:26 - 01890816 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2015-01-13 15:01 - 2014-10-18 09:44 - 00778240 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2015-01-13 15:01 - 2014-10-18 08:05 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2015-01-13 15:01 - 2014-10-02 00:05 - 04068864 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-01-13 15:01 - 2013-04-24 00:13 - 01013248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certutil.exe
2015-01-13 15:01 - 2013-04-24 00:12 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptnet.dll
2015-01-13 15:01 - 2013-04-23 23:56 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\system32\certutil.exe
2015-01-13 15:01 - 2013-04-23 23:55 - 00141312 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptnet.dll
2015-01-13 14:58 - 2014-10-11 08:44 - 03248640 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2015-01-13 14:58 - 2014-10-11 06:41 - 00713728 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll
2015-01-13 14:58 - 2014-10-11 06:41 - 00146944 _____ (Microsoft Corporation) C:\WINDOWS\system32\msaudite.dll
2015-01-13 14:58 - 2014-10-11 06:05 - 00146944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msaudite.dll
2015-01-13 14:58 - 2014-10-11 06:04 - 00713728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adtschema.dll
2015-01-13 14:58 - 2014-05-03 04:34 - 00235520 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2015-01-13 14:49 - 2015-01-13 17:31 - 00000000 ____D () C:\FRST
2015-01-13 14:46 - 2015-01-13 14:48 - 02124288 _____ (Farbar) C:\Users\acer\Desktop\FRST64.exe
2015-01-13 14:45 - 2015-01-13 14:45 - 00112640 _____ (forum.viry.cz) C:\Users\acer\Downloads\FRSTLauncher.exe
2015-01-13 14:43 - 2015-01-13 14:43 - 00112640 _____ (forum.viry.cz) C:\Users\acer\Desktop\FRSTLauncher.exe
2015-01-13 05:46 - 2015-01-13 05:46 - 00000000 _____ () C:\Recovery.txt
2015-01-13 05:42 - 2014-11-06 07:50 - 01627648 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2015-01-13 05:42 - 2014-11-06 06:03 - 01339392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2015-01-13 05:42 - 2014-07-16 00:03 - 01300992 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2015-01-13 05:42 - 2014-07-12 03:36 - 01023488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2015-01-13 05:42 - 2014-01-13 00:30 - 02238976 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2015-01-13 05:42 - 2014-01-13 00:30 - 02032640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2015-01-13 05:42 - 2013-11-20 01:15 - 03842560 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2015-01-13 05:42 - 2013-11-20 00:57 - 03288576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2015-01-13 05:42 - 2013-10-10 10:32 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cscript.exe
2015-01-13 05:42 - 2013-10-10 10:30 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrobj.dll
2015-01-13 05:42 - 2013-10-10 10:30 - 00156160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll
2015-01-13 05:42 - 2013-10-10 10:24 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshom.ocx
2015-01-13 05:42 - 2013-10-10 10:23 - 00146944 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscript.exe
2015-01-13 05:42 - 2013-10-10 10:22 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrobj.dll
2015-01-13 05:42 - 2013-10-10 10:22 - 00194048 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll
2015-01-13 05:42 - 2013-07-19 23:13 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-01-13 05:42 - 2013-07-19 23:13 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-01-13 05:42 - 2013-07-02 02:41 - 00447320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2015-01-13 05:42 - 2013-07-02 02:41 - 00337752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2015-01-13 05:42 - 2013-07-02 02:41 - 00213336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UCX01000.SYS
2015-01-13 05:42 - 2013-07-01 02:42 - 00623448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2015-01-13 05:42 - 2013-07-01 02:42 - 00498008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbport.sys
2015-01-13 05:42 - 2013-07-01 02:42 - 00079192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbehci.sys
2015-01-13 05:42 - 2013-07-01 02:42 - 00021848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbd.sys
2015-01-13 05:42 - 2013-06-29 04:07 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbuhci.sys
2015-01-13 05:42 - 2013-06-29 04:06 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccgp.sys
2015-01-13 05:42 - 2013-05-27 00:17 - 00035328 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-01-13 05:42 - 2013-05-26 23:59 - 00046080 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-01-13 05:42 - 2013-05-25 04:15 - 00362496 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-01-13 05:42 - 2013-05-25 03:32 - 00300032 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-01-13 05:42 - 2013-05-04 07:59 - 02842112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL
2015-01-13 05:42 - 2013-05-04 05:57 - 02620928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVDECOD.DLL
2015-01-13 05:42 - 2013-04-27 06:20 - 00733184 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2015-01-13 05:42 - 2013-04-11 23:30 - 01421312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2015-01-13 05:42 - 2013-04-11 23:22 - 01838080 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2015-01-13 05:42 - 2013-03-15 01:17 - 00861184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2015-01-12 22:58 - 2014-05-29 23:24 - 00576512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2015-01-12 22:57 - 2014-06-06 15:06 - 00596480 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2015-01-12 22:57 - 2014-06-06 11:17 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2015-01-12 22:57 - 2014-06-05 18:56 - 00112984 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2015-01-12 22:57 - 2014-06-05 18:30 - 10116608 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2015-01-12 22:57 - 2014-06-05 18:29 - 02885632 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2015-01-12 22:57 - 2014-06-05 18:29 - 00393216 _____ (Microsoft Corporation) C:\WINDOWS\system32\msihnd.dll
2015-01-12 22:57 - 2014-06-05 18:28 - 02306560 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2015-01-12 22:57 - 2014-06-05 18:28 - 02146304 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-01-12 22:57 - 2014-06-05 14:12 - 08857600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2015-01-12 22:57 - 2014-06-05 14:11 - 02416128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2015-01-12 22:57 - 2014-06-05 14:11 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msihnd.dll
2015-01-12 22:57 - 2014-06-05 14:10 - 02037760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2015-01-12 22:57 - 2014-06-05 14:10 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2015-01-12 22:57 - 2013-03-06 07:29 - 00070144 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2015-01-12 22:57 - 2013-03-02 11:39 - 00069864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2015-01-12 22:56 - 2014-11-08 12:22 - 00238080 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll
2015-01-12 22:56 - 2014-11-08 12:21 - 00827904 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-01-12 22:56 - 2014-11-08 07:57 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pku2u.dll
2015-01-12 22:56 - 2014-11-08 07:56 - 00666624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-01-12 22:56 - 2014-10-23 13:47 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\packager.dll
2015-01-12 22:56 - 2014-10-23 12:04 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\packager.dll
2015-01-12 22:56 - 2014-10-11 09:35 - 00171840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2015-01-12 22:56 - 2014-10-11 08:44 - 00588288 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2015-01-12 22:56 - 2014-10-11 08:43 - 01281536 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2015-01-12 22:56 - 2014-10-11 06:57 - 00452608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2015-01-12 22:56 - 2014-06-20 00:35 - 01312768 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2015-01-12 22:56 - 2014-06-19 23:24 - 00694272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2015-01-12 22:56 - 2014-05-30 00:02 - 00439808 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll
2015-01-12 22:56 - 2014-04-12 10:10 - 00578048 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-01-12 22:56 - 2014-04-12 10:09 - 01043968 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2015-01-12 22:56 - 2014-04-12 10:09 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdigest.dll
2015-01-12 22:56 - 2014-04-12 10:09 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSpkg.dll
2015-01-12 22:56 - 2014-04-12 10:08 - 00318464 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2015-01-12 22:56 - 2014-04-12 10:07 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\system32\credssp.dll
2015-01-12 22:56 - 2014-04-12 08:23 - 00961536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2015-01-12 22:56 - 2014-04-12 08:23 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2015-01-12 22:56 - 2014-04-12 08:23 - 00178688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wdigest.dll
2015-01-12 22:56 - 2014-04-12 08:23 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSpkg.dll
2015-01-12 22:56 - 2014-04-12 08:22 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credssp.dll
2015-01-12 22:56 - 2014-04-12 07:58 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\workerdd.dll
2015-01-12 22:56 - 2014-04-03 12:22 - 02233176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2015-01-12 22:56 - 2014-03-04 00:07 - 00570216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2015-01-12 22:56 - 2013-09-28 04:35 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys
2015-01-12 22:56 - 2013-03-02 10:59 - 00411880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2015-01-12 22:49 - 2014-08-22 00:56 - 01418752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2015-01-12 22:49 - 2014-08-22 00:27 - 01845760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2015-01-12 22:49 - 2012-11-10 05:23 - 00132608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2015-01-12 22:49 - 2012-11-10 05:22 - 00126976 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDWebAI.dll
2015-01-12 22:49 - 2012-11-10 05:22 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\VmHostAI.dll
2015-01-12 22:49 - 2012-11-10 05:20 - 00135680 _____ (Microsoft Corporation) C:\WINDOWS\system32\appserverai.dll
2015-01-12 22:25 - 2015-01-12 22:25 - 00010752 ___SH () C:\Users\acer\Desktop\Thumbs.db
2015-01-12 22:20 - 2015-01-12 22:20 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2015-01-12 22:09 - 2015-01-12 22:09 - 00015396 _____ () C:\ComboFix.txt
2015-01-12 21:41 - 2011-06-26 07:45 - 00256000 _____ () C:\WINDOWS\PEV.exe
2015-01-12 21:41 - 2010-11-07 18:20 - 00208896 _____ () C:\WINDOWS\MBR.exe
2015-01-12 21:41 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\WINDOWS\NIRCMD.exe
2015-01-12 21:41 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\WINDOWS\SWREG.exe
2015-01-12 21:41 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\WINDOWS\SWSC.exe
2015-01-12 21:41 - 2000-08-31 01:00 - 00212480 _____ (SteelWerX) C:\WINDOWS\SWXCACLS.exe
2015-01-12 21:41 - 2000-08-31 01:00 - 00098816 _____ () C:\WINDOWS\sed.exe
2015-01-12 21:41 - 2000-08-31 01:00 - 00080412 _____ () C:\WINDOWS\grep.exe
2015-01-12 21:41 - 2000-08-31 01:00 - 00068096 _____ () C:\WINDOWS\zip.exe
2015-01-12 21:39 - 2013-08-16 06:21 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2015-01-12 21:39 - 2013-08-16 06:21 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2015-01-12 21:39 - 2013-08-15 23:43 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2015-01-12 21:34 - 2015-01-12 22:10 - 00000000 ____D () C:\Qoobox
2015-01-12 21:34 - 2015-01-12 22:06 - 00000000 ____D () C:\WINDOWS\erdnt
2015-01-12 21:32 - 2015-01-12 21:33 - 05609736 ____R (Swearware) C:\Users\acer\Downloads\ComboFix.exe
2015-01-12 21:20 - 2015-01-12 21:20 - 00000000 ____D () C:\Users\acer\AppData\Roaming\Macromedia
2015-01-12 21:17 - 2015-01-12 21:17 - 00001418 _____ () C:\Users\acer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-01-12 21:17 - 2015-01-12 21:17 - 00000000 ____D () C:\Users\acer\AppData\Roaming\Adobe
2015-01-12 21:17 - 2015-01-12 21:17 - 00000000 ____D () C:\ProgramData\OEM_YAHOO
2015-01-12 21:16 - 2015-01-12 21:17 - 00000000 ____D () C:\Users\acer\AppData\Local\Packages
2015-01-12 21:16 - 2015-01-12 21:17 - 00000000 ____D () C:\Users\acer
2015-01-12 21:16 - 2015-01-12 21:16 - 00000020 ___SH () C:\Users\acer\ntuser.ini
2015-01-12 21:16 - 2015-01-12 21:16 - 00000000 _SHDL () C:\Users\acer\Šablony
2015-01-12 21:16 - 2015-01-12 21:16 - 00000000 _SHDL () C:\Users\acer\Soubory cookie
2015-01-12 21:16 - 2015-01-12 21:16 - 00000000 _SHDL () C:\Users\acer\Poslední
2015-01-12 21:16 - 2015-01-12 21:16 - 00000000 _SHDL () C:\Users\acer\Okolní tiskárny
2015-01-12 21:16 - 2015-01-12 21:16 - 00000000 _SHDL () C:\Users\acer\Okolní síť
2015-01-12 21:16 - 2015-01-12 21:16 - 00000000 _SHDL () C:\Users\acer\Nabídka Start
2015-01-12 21:16 - 2015-01-12 21:16 - 00000000 _SHDL () C:\Users\acer\Dokumenty
2015-01-12 21:16 - 2015-01-12 21:16 - 00000000 _SHDL () C:\Users\acer\Documents\Obrázky
2015-01-12 21:16 - 2015-01-12 21:16 - 00000000 _SHDL () C:\Users\acer\Documents\Hudba
2015-01-12 21:16 - 2015-01-12 21:16 - 00000000 _SHDL () C:\Users\acer\Documents\Filmy
2015-01-12 21:16 - 2015-01-12 21:16 - 00000000 _SHDL () C:\Users\acer\Data aplikací
2015-01-12 21:16 - 2015-01-12 21:16 - 00000000 _SHDL () C:\Users\acer\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2015-01-12 21:16 - 2015-01-12 21:16 - 00000000 _SHDL () C:\Users\acer\AppData\Local\Data aplikací
2015-01-12 21:16 - 2015-01-12 21:16 - 00000000 ____D () C:\Users\acer\AppData\Roaming\Intel
2015-01-12 21:16 - 2015-01-12 21:16 - 00000000 ____D () C:\Users\acer\AppData\Local\VirtualStore
2015-01-12 21:16 - 2013-04-21 10:38 - 00000000 ___RD () C:\Users\acer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-01-12 21:16 - 2012-07-26 09:13 - 00000000 ___RD () C:\Users\acer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-01-12 21:16 - 2012-07-26 09:13 - 00000000 ___RD () C:\Users\acer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-01-12 21:16 - 2012-07-26 09:13 - 00000000 ____D () C:\Users\acer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-13 17:31 - 2013-07-03 01:54 - 01969382 _____ () C:\WINDOWS\WindowsUpdate.log
2015-01-13 17:30 - 2013-07-03 02:36 - 00727488 _____ () C:\WINDOWS\system32\perfh005.dat
2015-01-13 17:30 - 2013-07-03 02:36 - 00148006 _____ () C:\WINDOWS\system32\perfc005.dat
2015-01-13 17:30 - 2012-07-26 08:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-01-13 17:30 - 2012-07-26 08:28 - 01714430 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-01-13 17:26 - 2013-07-03 02:38 - 00034752 _____ () C:\WINDOWS\system32\Drivers\WPRO_41_2001.sys
2015-01-13 17:26 - 2013-05-16 07:00 - 00000000 ____D () C:\Program Files (x86)\McAfee
2015-01-13 17:26 - 2013-05-16 06:47 - 00009766 _____ () C:\WINDOWS\PFRO.log
2015-01-13 17:26 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\AUInstallAgent
2015-01-13 17:26 - 2012-07-26 08:22 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-01-13 17:18 - 2013-05-16 07:00 - 00000000 ____D () C:\ProgramData\McAfee
2015-01-13 17:12 - 2013-05-16 07:00 - 00000000 ____D () C:\Program Files\Common Files\mcafee
2015-01-13 17:12 - 2012-07-26 06:37 - 00000000 ____D () C:\WINDOWS\servicing
2015-01-13 17:11 - 2012-07-26 06:26 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2015-01-13 17:10 - 2012-07-26 09:12 - 00000000 ___RD () C:\WINDOWS\ToastData
2015-01-13 17:10 - 2012-07-26 09:12 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-01-13 17:10 - 2012-07-26 09:12 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-01-13 17:10 - 2012-07-26 09:12 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-01-13 17:10 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\SysWOW64\sk-SK
2015-01-13 17:10 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\system32\sk-SK
2015-01-13 17:10 - 2012-07-26 09:12 - 00000000 ____D () C:\Program Files\Windows Defender
2015-01-13 17:10 - 2012-07-26 09:12 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2015-01-13 17:10 - 2012-07-26 08:52 - 00000000 ____D () C:\Program Files\Windows Journal
2015-01-13 17:00 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-01-13 15:51 - 2012-07-26 09:12 - 00000000 ___HD () C:\WINDOWS\ELAMBKUP
2015-01-13 15:48 - 2012-07-26 06:26 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2015-01-13 05:46 - 2012-07-26 09:13 - 00262144 _____ () C:\WINDOWS\system32\config\BCD-Template
2015-01-13 04:55 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\rescache
2015-01-12 22:20 - 2012-07-26 08:21 - 00024743 _____ () C:\WINDOWS\setupact.log
2015-01-12 22:10 - 2012-07-26 06:37 - 00000000 __RHD () C:\Users\Default
2015-01-12 21:54 - 2012-07-26 06:26 - 00000215 _____ () C:\WINDOWS\system.ini
2015-01-12 21:39 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\system32\restore
2015-01-12 21:21 - 2013-07-03 01:56 - 00000000 ____D () C:\ProgramData\Intel
2015-01-12 21:17 - 2013-07-03 02:53 - 00003550 _____ () C:\WINDOWS\System32\Tasks\Norton Online Backup ARA
2015-01-12 21:17 - 2013-07-03 02:53 - 00000000 ____D () C:\ProgramData\Norton
2015-01-12 21:17 - 2013-05-16 07:43 - 00000000 ____D () C:\OEM
2015-01-12 21:16 - 2012-07-26 09:12 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2015-01-12 21:16 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\WinStore

Some content of TEMP:
====================
C:\Users\acer\AppData\Local\temp\Quarantine.exe
C:\Users\acer\AppData\Local\temp\sqlite3.dll

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2013-05-16 06:47

===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: (Acer) (Fixed) (Total:448.17 GB) (Free:409.68 GB) NTFS

Available physical RAM: 1173.08 MB
Total physical RAM: 3752.27 MB
Percentage of memory in use: 68%

==================== MBR and Partition Table ==================

Disk: 0 (Size: 465.8 GB) (Disk ID: B23FDAF2)
Disk: 1 (Size: 22.4 GB) (Disk ID: 74F02DEA)
Partition 1: (Not Active) - (Size=22.4 GB) - (Type=73)

==================== Scheduled Tasks (whitelisted) ==================

==================== Alternate Data Streams (whitelisted) ==================

==================== Security Center ==================

AV: McAfee Anti-Virus and Antispyware (Disabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee Anti-Virus and Antispyware (Disabled - Up to date) {16C7C823-5972-5907-58FA-0004E2F9422F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Firewall (Disabled) {959DA8E2-3527-57D1-4915-924367AD4FE9}

===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

***** Velikost "Plochy" *****

Velikost slozky "C:\Users\acer\Desktop" je 4 MB.

***** Startup Programs *****

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000

==================== End Of Log ==============================

#5 Příspěvek od **altrok** » 13 led 2015 17:51

Do Poznamkoveho bloku (Start -> spustit -> notepad) zkopirujte obsah bileho pole
ulozte na plochu jako fixlist (Typ souboru: Textovy dokument)
znovu spustte FRST a kliknete na Fix

po restartu na Vas vyskoci fixlog (pripadne bude ulozen na Plose), jehoz obsah mi vlozte do pristi odpovedi

Kód: Vybrat vše

Start
CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3142761651-1376656185-2842532201-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3142761651-1376656185-2842532201-1001 -> {6A6D8EF9-88F3-4412-A472-9929D8EE0CFF} URL = 
2015-01-13 17:31 - 2015-01-13 17:31 - 00017855 _____ () C:\Users\acer\Desktop\FRST.txt
2015-01-13 17:23 - 2015-01-13 17:25 - 00000000 ____D () C:\AdwCleaner
2015-01-13 17:21 - 2015-01-13 17:22 - 02191360 _____ () C:\Users\acer\Desktop\adwcleaner_4.107.exe
Hosts:
EmptyTemp:
End

MartinHaltof · #6 Příspěvek od **MartinHaltof** » 13 led 2015 17:57

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 12-01-2015 02
Ran by acer at 2015-01-13 17:54:50 Run:1
Running from C:\Users\acer\Desktop
Loaded Profile: acer (Available profiles: acer)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3142761651-1376656185-2842532201-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3142761651-1376656185-2842532201-1001 -> {6A6D8EF9-88F3-4412-A472-9929D8EE0CFF} URL =
2015-01-13 17:31 - 2015-01-13 17:31 - 00017855 _____ () C:\Users\acer\Desktop\FRST.txt
2015-01-13 17:23 - 2015-01-13 17:25 - 00000000 ____D () C:\AdwCleaner
2015-01-13 17:21 - 2015-01-13 17:22 - 02191360 _____ () C:\Users\acer\Desktop\adwcleaner_4.107.exe
Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
"HKU\S-1-5-21-3142761651-1376656185-2842532201-1001\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKU\S-1-5-21-3142761651-1376656185-2842532201-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A6D8EF9-88F3-4412-A472-9929D8EE0CFF}" => Key deleted successfully.
HKCR\CLSID\{6A6D8EF9-88F3-4412-A472-9929D8EE0CFF} => Key not found.
"C:\Users\acer\Desktop\FRST.txt" => File/Directory not found.
C:\AdwCleaner => Moved successfully.
C:\Users\acer\Desktop\adwcleaner_4.107.exe => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 112.1 MB temporary data.

The system needed a reboot.

==== End of Fixlog 17:54:54 ====

#7 Příspěvek od **altrok** » 13 led 2015 18:06

Od kdy problem pozorujete? Jake procesy v pripade zateze nejvice vytezuji procesor a RAM?

Zkontrolujte, ze je Windows Defender trvale vypnuty - http://windows.microsoft.com/cs-cz/wind ... =windows-7

Pokud jeste nemate, presunte ComboFix na plochu.

Otevrete Poznamkovy blok (Start -> Spustit -> notepad)

zkopirujte do nej skript nize a ulozte na plochu jako CFScript (Typ souboru: Textovy dokument)

Kód: Vybrat vše

KillAll::

RegLock::
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B9A09F18-45AB-4F09-A117-A4ADDA8FA8C8}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane\0]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

ClearJavaCache::

Reboot::

Tento CFScript.txt chytte, doslova pretahnete nad ikonu ComboFixu a pustte.
Po restartu na Vas vyskoci log, jehoz obsah mi vlozte do dalsi odpovedi.

Pokud vyskoci hlaska "Pokus pouzit neplatnou operaci na klic registru, ktery je oznacen pro odstraneni", tak jen restartujte PC - registr se da do kupy - jedna se o vnitrni chybu, kterou zpusobuje CF a autor ji zatim neumi bohuzel opravit

Muze se stat, ze po aplikaci skriptu nenabehnou Windows. V tomto pripade restartuje PC a mackejte F8 a zvolte Posledni znamou konfiguraci

MartinHaltof · #8 Příspěvek od **MartinHaltof** » 13 led 2015 18:31

Problém trvá již zhruba 4 dny. procesy máte viz. obr.
pořád to skáče nahoru a dolu nejvic ta ramka, procesor to zas tak často neděla

ComboFix 15-01-08.01 - acer . 01. 2015 18:15:19.2.4 - x64
Microsoft Windows 8 6.2.9200.0.1250.420.1029.18.3752.1532 [GMT 1:00]
Spuštěný z: c:\users\acer\Downloads\ComboFix.exe
Použité ovládací přepínače :: c:\users\acer\Desktop\CFScript.txt
AV: McAfee Anti-Virus and Antispyware *Disabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892}
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Firewall *Disabled* {959DA8E2-3527-57D1-4915-924367AD4FE9}
SP: McAfee Anti-Virus and Antispyware *Disabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\acer\AppData\Local\Msgbox.exe
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2014-12-13 do 2015-01-13 )))))))))))))))))))))))))))))))
.
.
2015-01-13 17:19 . 2015-01-13 17:19 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-01-13 16:35 . 2015-01-13 16:35 -------- d-----w- c:\program files\WinRAR
2015-01-13 16:26 . 2015-01-13 17:20 94656 ----a-w- c:\windows\system32\WPRO_41_2001woem.tmp
2015-01-13 15:24 . 2014-07-07 05:51 5982208 ----a-w- c:\windows\system32\mstscax.dll
2015-01-13 15:24 . 2014-07-07 05:53 1125376 ----a-w- c:\windows\system32\mstsc.exe
2015-01-13 15:24 . 2014-07-07 05:52 300544 ----a-w- c:\windows\system32\winsta.dll
2015-01-13 15:24 . 2014-07-07 05:52 724992 ----a-w- c:\windows\system32\termsrv.dll
2015-01-13 15:24 . 2014-07-07 04:01 1049600 ----a-w- c:\windows\SysWow64\mstsc.exe
2015-01-13 15:24 . 2014-07-07 04:00 5095424 ----a-w- c:\windows\SysWow64\mstscax.dll
2015-01-13 15:24 . 2014-07-07 04:01 233472 ----a-w- c:\windows\SysWow64\winsta.dll
2015-01-13 15:24 . 2014-07-07 03:59 269312 ----a-w- c:\windows\SysWow64\aaclient.dll
2015-01-13 15:22 . 2014-06-02 22:42 1413632 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\Ink\InkObj.dll
2015-01-13 15:22 . 2014-06-02 22:33 1617920 ----a-w- c:\program files\Windows Journal\NBDoc.DLL
2015-01-13 15:22 . 2014-06-02 22:33 1318912 ----a-w- c:\program files\Windows Journal\JNWDRV.dll
2015-01-13 15:22 . 2014-06-02 22:33 1306624 ----a-w- c:\program files\Windows Journal\JNTFiltr.dll
2015-01-13 15:22 . 2014-06-02 22:33 1272320 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2015-01-13 15:22 . 2013-04-10 22:35 2035200 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\InkObj.dll
2015-01-13 15:22 . 2014-06-02 22:42 1029120 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\Ink\journal.dll
2015-01-13 15:22 . 2014-06-02 22:33 627712 ----a-w- c:\program files\Windows Journal\MSPVWCTL.DLL
2015-01-13 15:22 . 2014-06-02 22:33 881152 ----a-w- c:\program files\Windows Journal\InkSeg.dll
2015-01-13 15:22 . 2014-06-02 22:33 336384 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\InkDiv.dll
2015-01-13 15:22 . 2014-06-02 22:33 265216 ----a-w- c:\windows\system32\InkEd.dll
2015-01-13 15:21 . 2014-07-24 03:33 869544 ----a-w- c:\windows\system32\msvcr120_clr0400.dll
2015-01-13 15:21 . 2014-07-24 03:33 875688 ----a-w- c:\windows\SysWow64\msvcr120_clr0400.dll
2015-01-13 15:00 . 2013-03-06 06:31 19758592 ----a-w- c:\windows\system32\shell32.dll
2015-01-13 15:00 . 2013-03-06 06:31 222208 ----a-w- c:\windows\system32\shdocvw.dll
2015-01-13 14:52 . 2013-09-23 12:49 197704 ----a-w- c:\windows\system32\drivers\HipShieldK.sys
2015-01-13 14:47 . 2015-01-13 14:49 -------- d-----w- c:\windows\system32\MRT
2015-01-13 14:43 . 2013-07-13 06:18 337408 ----a-w- c:\windows\system32\wintrust.dll
2015-01-13 14:43 . 2013-07-13 06:16 68096 ----a-w- c:\windows\system32\cryptsvc.dll
2015-01-13 14:43 . 2013-07-13 06:15 98304 ----a-w- c:\windows\system32\apprepsync.dll
2015-01-13 14:43 . 2013-07-13 06:15 124416 ----a-w- c:\windows\system32\apprepapi.dll
2015-01-13 14:43 . 2013-07-13 04:24 261120 ----a-w- c:\windows\SysWow64\wintrust.dll
2015-01-13 14:43 . 2013-07-13 04:23 87040 ----a-w- c:\windows\SysWow64\apprepapi.dll
2015-01-13 14:43 . 2013-07-13 04:23 74240 ----a-w- c:\windows\SysWow64\apprepsync.dll
2015-01-13 14:35 . 2014-08-09 08:29 144896 ----a-w- c:\windows\system32\tssdisai.dll
2015-01-13 14:35 . 2014-08-09 08:30 148480 ----a-w- c:\windows\system32\poqexec.exe
2015-01-13 14:29 . 2014-06-10 22:44 35480 ----a-w- c:\windows\system32\TsWpfWrp.exe
2015-01-13 14:29 . 2014-06-10 22:43 35480 ----a-w- c:\windows\SysWow64\TsWpfWrp.exe
2015-01-13 14:08 . 2014-09-24 23:29 318976 ----a-w- c:\windows\SysWow64\schannel.dll
2015-01-13 14:08 . 2014-09-24 23:29 72192 ----a-w- c:\windows\SysWow64\ncryptsslp.dll
2015-01-13 14:08 . 2014-09-24 23:01 414208 ----a-w- c:\windows\system32\schannel.dll
2015-01-13 14:08 . 2014-09-24 23:01 86528 ----a-w- c:\windows\system32\ncryptsslp.dll
2015-01-13 14:07 . 2014-07-31 23:40 1287680 ----a-w- c:\windows\system32\schedsvc.dll
2015-01-13 14:07 . 2014-06-13 01:57 1453400 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2015-01-13 14:07 . 2014-06-13 01:55 199680 ----a-w- c:\windows\system32\cdd.dll
2015-01-13 14:07 . 2014-09-03 02:48 510464 ----a-w- c:\windows\SysWow64\rastls.dll
2015-01-13 14:07 . 2014-09-03 02:21 585728 ----a-w- c:\windows\system32\rastls.dll
2015-01-13 14:07 . 2013-10-10 11:53 96600 ----a-w- c:\windows\system32\drivers\wfplwfs.sys
2015-01-13 14:07 . 2013-10-10 09:21 1160192 ----a-w- c:\windows\system32\IKEEXT.DLL
2015-01-13 14:07 . 2013-10-10 09:20 723968 ----a-w- c:\windows\system32\BFE.DLL
2015-01-13 14:07 . 2013-06-10 19:16 888832 ----a-w- c:\windows\system32\nshwfp.dll
2015-01-13 14:07 . 2013-06-10 19:15 381952 ----a-w- c:\windows\system32\FWPUCLNT.DLL
2015-01-13 14:07 . 2013-06-10 19:10 702464 ----a-w- c:\windows\SysWow64\nshwfp.dll
2015-01-13 14:07 . 2013-06-10 19:10 245248 ----a-w- c:\windows\SysWow64\FWPUCLNT.DLL
2015-01-13 14:06 . 2013-10-19 05:45 62976 ----a-w- c:\windows\system32\imagehlp.dll
2015-01-13 14:06 . 2013-10-19 04:04 59392 ----a-w- c:\windows\SysWow64\imagehlp.dll
2015-01-13 14:06 . 2013-07-06 00:15 652288 ----a-w- c:\windows\system32\comctl32.dll
2015-01-13 14:06 . 2013-07-04 02:13 541696 ----a-w- c:\windows\SysWow64\comctl32.dll
2015-01-13 14:02 . 2013-10-01 23:37 1569280 ----a-w- c:\windows\SysWow64\crypt32.dll
2015-01-13 14:02 . 2013-10-01 23:26 1890816 ----a-w- c:\windows\system32\crypt32.dll
2015-01-13 14:01 . 2014-10-18 08:44 778240 ----a-w- c:\windows\system32\oleaut32.dll
2015-01-13 14:01 . 2014-10-18 07:05 567808 ----a-w- c:\windows\SysWow64\oleaut32.dll
2015-01-13 14:01 . 2014-10-01 23:05 4068864 ----a-w- c:\windows\system32\win32k.sys
2015-01-13 14:01 . 2013-04-23 23:13 1013248 ----a-w- c:\windows\SysWow64\certutil.exe
2015-01-13 14:01 . 2013-04-23 23:12 109056 ----a-w- c:\windows\SysWow64\cryptnet.dll
2015-01-13 14:01 . 2013-04-23 22:56 1255936 ----a-w- c:\windows\system32\certutil.exe
2015-01-13 14:01 . 2013-04-23 22:55 141312 ----a-w- c:\windows\system32\cryptnet.dll
2015-01-13 13:58 . 2014-10-11 07:44 3248640 ----a-w- c:\windows\system32\rdpcorets.dll
2015-01-13 13:58 . 2014-10-11 05:41 146944 ----a-w- c:\windows\system32\msaudite.dll
2015-01-13 13:58 . 2014-10-11 05:41 713728 ----a-w- c:\windows\system32\adtschema.dll
2015-01-13 13:58 . 2014-10-11 05:05 146944 ----a-w- c:\windows\SysWow64\msaudite.dll
2015-01-13 13:58 . 2014-10-11 05:04 713728 ----a-w- c:\windows\SysWow64\adtschema.dll
2015-01-13 13:58 . 2014-05-03 03:34 235520 ----a-w- c:\windows\system32\rdpudd.dll
2015-01-13 13:49 . 2015-01-13 16:54 -------- d-----w- C:\FRST
2015-01-13 13:44 . 2015-01-13 13:44 17536 ----a-w- c:\programdata\Microsoft\windowssampling\Sqm\Manifest\Sqm3.bin
2015-01-13 03:48 . 2015-01-13 03:48 -------- d--h--r- c:\users\Public\AccountPictures
2015-01-12 21:58 . 2014-05-29 22:24 576512 ----a-w- c:\windows\system32\drivers\afd.sys
2015-01-12 21:56 . 2014-04-03 11:22 2233176 ----a-w- c:\windows\system32\drivers\tcpip.sys
2015-01-12 21:49 . 2014-08-21 23:56 1418752 ----a-w- c:\windows\SysWow64\msxml3.dll
2015-01-12 21:49 . 2014-08-21 23:27 1845760 ----a-w- c:\windows\system32\msxml3.dll
2015-01-12 21:49 . 2012-11-10 04:23 132608 ----a-w- c:\windows\SysWow64\poqexec.exe
2015-01-12 21:49 . 2012-11-10 04:22 122880 ----a-w- c:\windows\system32\VmHostAI.dll
2015-01-12 21:49 . 2012-11-10 04:22 126976 ----a-w- c:\windows\system32\RDWebAI.dll
2015-01-12 21:49 . 2012-11-10 04:20 135680 ----a-w- c:\windows\system32\appserverai.dll
2015-01-12 20:39 . 2013-08-16 05:21 49664 ----a-w- c:\windows\system32\wups.dll
2015-01-12 20:39 . 2013-08-16 05:21 49152 ----a-w- c:\windows\system32\wups2.dll
2015-01-12 20:39 . 2013-08-15 22:43 20992 ----a-w- c:\windows\SysWow64\wups.dll
2015-01-12 20:17 . 2015-01-12 20:17 -------- d-----w- c:\programdata\OEM_YAHOO
2015-01-12 20:16 . 2015-01-12 20:17 -------- d-----w- c:\users\acer
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-01-13 17:20 . 2013-07-03 01:38 34752 ----a-w- c:\windows\system32\drivers\WPRO_41_2001.sys
2015-01-12 20:30 . 2012-07-26 08:13 23256 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2014-11-26 21:11 . 2012-07-26 08:14 714184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-11-26 21:11 . 2012-07-26 08:14 106440 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Spotify Web Helper"="c:\program files (x86)\Spotify\Data\SpotifyWebHelper.exe" [2013-07-03 1193176]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"mcpltui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2014-04-25 537992]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\StartUp\
iSCTsysTray.lnk - c:\program files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe [2013-4-15 247784]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableCursorSuppression"= 1 (0x1)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]
@=""
.
R0 mfeelamk;McAfee Inc. mfeelamk;c:\windows\system32\drivers\mfeelamk.sys;c:\windows\SYSNATIVE\drivers\mfeelamk.sys [x]
R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [x]
R2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [x]
R2 HomeNetSvc;McAfee Home Network;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [x]
R2 Intel(R) ME Service;Intel(R) ME Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [x]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
R2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe;c:\program files (x86)\Nero\Update\NASvc.exe [x]
R3 AMPPALP;Protokol Intel(r) Centrino(r) Wireless Bluetooth(r) + High Speed;c:\windows\system32\DRIVERS\amppal.sys;c:\windows\SYSNATIVE\DRIVERS\amppal.sys [x]
R3 BthLEEnum;Ovladač úspory energie technologie Bluetooth;c:\windows\system32\DRIVERS\BthLEEnum.sys;c:\windows\SYSNATIVE\DRIVERS\BthLEEnum.sys [x]
R3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys;c:\windows\SYSNATIVE\DRIVERS\btmaux.sys [x]
R3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys;c:\windows\SYSNATIVE\DRIVERS\btmhsf.sys [x]
R3 ccSet_NARA;NARA Settings Manager;c:\windows\system32\drivers\NARAx64\0403000.00E\ccSetx64.sys;c:\windows\SYSNATIVE\drivers\NARAx64\0403000.00E\ccSetx64.sys [x]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [x]
R3 HipShieldK;McAfee Inc. HipShieldK;c:\windows\system32\drivers\HipShieldK.sys;c:\windows\SYSNATIVE\drivers\HipShieldK.sys [x]
R3 ibtusb;Intel(R) Wireless Bluetooth(R) 4.0 + HS Adapter;c:\windows\system32\DRIVERS\ibtusb.sys;c:\windows\SYSNATIVE\DRIVERS\ibtusb.sys [x]
R3 intaud_WaveExtensible;Intel WiDi Audio Device;c:\windows\system32\drivers\intelaud.sys;c:\windows\SYSNATIVE\drivers\intelaud.sys [x]
R3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
R3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;c:\program files\Intel\iCLS Client\SocketHeciServer.exe;c:\program files\Intel\iCLS Client\SocketHeciServer.exe [x]
R3 McAWFwk;McAfee Activation Service;c:\progra~1\COMMON~1\mcafee\actwiz\mcawfwk.exe;c:\progra~1\COMMON~1\mcafee\actwiz\mcawfwk.exe [x]
R3 mfencrk;McAfee Inc. mfencrk;c:\windows\system32\DRIVERS\mfencrk.sys;c:\windows\SYSNATIVE\DRIVERS\mfencrk.sys [x]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [x]
R3 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x]
R3 QRDCIO;Quanta Generic IO Access;c:\windows\System32\drivers\QRDCIO.sys;c:\windows\SYSNATIVE\drivers\QRDCIO.sys [x]
R3 USecuAppSvc;Acer Theft Shield Service;c:\program files\Acer\Acer Theft Shield\USecuAppSvc.exe;c:\program files\Acer\Acer Theft Shield\USecuAppSvc.exe [x]
R3 vmicheartbeat;Služba prezenčního signálu technologie Hyper-V;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R4 McOobeSv2;McAfee OOBE Service2;c:\program files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe;c:\program files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [x]
S0 excsd;ExpressCache Storage Filter Driver;c:\windows\system32\DRIVERS\excsd.sys;c:\windows\SYSNATIVE\DRIVERS\excsd.sys [x]
S0 iaStorA;iaStorA;c:\windows\System32\drivers\iaStorA.sys;c:\windows\SYSNATIVE\drivers\iaStorA.sys [x]
S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys;c:\windows\SYSNATIVE\drivers\mfewfpk.sys [x]
S1 excfs;ExpressCache File System Filter Driver;c:\windows\system32\DRIVERS\excfs.sys;c:\windows\SYSNATIVE\DRIVERS\excfs.sys [x]
S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [x]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [x]
S2 BrcmSetSecurity;BrcmSetSecurity;c:\program files\Intel Corporation\Intel WiDi\BrcmSetSecurity.exe;c:\program files\Intel Corporation\Intel WiDi\BrcmSetSecurity.exe [x]
S2 CCDMonitorService;CCDMonitorService;c:\program files (x86)\Acer\Acer Cloud\CCDMonitorService.exe;c:\program files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [x]
S2 ETDService;Elan Service;c:\program files\Elantech\ETDService.exe;c:\program files\Elantech\ETDService.exe [x]
S2 ExpressCache;ExpressCache;c:\program files\Condusiv Technologies\ExpressCache\ExpressCache.exe;c:\program files\Condusiv Technologies\ExpressCache\ExpressCache.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management;Intel(R) Wireless Bluetooth(R) 4.0 Radio Management;c:\program files (x86)\Intel\Bluetooth\ibtrksrv.exe;c:\program files (x86)\Intel\Bluetooth\ibtrksrv.exe [x]
S2 ISCTAgent;Intel(R) Smart Connect Technology Agent;c:\program files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe ;c:\program files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [x]
S2 LMSvc;Launch Manager Service;c:\program files\Acer\Acer Launch Manager\LMSvc.exe;c:\program files\Acer\Acer Launch Manager\LMSvc.exe [x]
S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\progra~2\mcafee\SITEAD~1\mcsacore.exe;c:\progra~2\mcafee\SITEAD~1\mcsacore.exe [x]
S2 McAPExe;McAfee AP Service;c:\program files\McAfee\MSC\McAPExe.exe;c:\program files\McAfee\MSC\McAPExe.exe [x]
S2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [x]
S2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe;c:\program files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [x]
S2 mcpltsvc;McAfee Platform Services;c:\program files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe;c:\program files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe [x]
S2 mfecore;McAfee Anti-Malware Core;c:\program files\Common Files\McAfee\AMCore\mcshield.exe;c:\program files\Common Files\McAfee\AMCore\mcshield.exe [x]
S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [x]
S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe;c:\windows\SYSNATIVE\mfevtps.exe [x]
S2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe [x]
S3 AMPPAL;Virtuální adaptér Intel(r) Centrino(r) Wireless Bluetooth(r) + High Speed;c:\windows\System32\drivers\AMPPAL.sys;c:\windows\SYSNATIVE\drivers\AMPPAL.sys [x]
S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys;c:\windows\SYSNATIVE\drivers\cfwids.sys [x]
S3 ePowerSvc;ePower Service;c:\program files\Acer\Acer Power Management\ePowerSvc.exe;c:\program files\Acer\Acer Power Management\ePowerSvc.exe [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys;c:\windows\SYSNATIVE\DRIVERS\ETD.sys [x]
S3 ikbevent;Intel Upper keyboard Class Filter Driver;c:\windows\system32\DRIVERS\ikbevent.sys;c:\windows\SYSNATIVE\DRIVERS\ikbevent.sys [x]
S3 imsevent;Intel Upper Mouse Class Filter Driver;c:\windows\system32\DRIVERS\imsevent.sys;c:\windows\SYSNATIVE\DRIVERS\imsevent.sys [x]
S3 ISCT;Intel(R) Smart Connect Technology Device Driver;c:\windows\System32\drivers\ISCTD64.sys;c:\windows\SYSNATIVE\drivers\ISCTD64.sys [x]
S3 iwdbus;IWD Bus Enumerator;c:\windows\System32\drivers\iwdbus.sys;c:\windows\SYSNATIVE\drivers\iwdbus.sys [x]
S3 LMDriver;Launch Manager Wireless Driver;c:\windows\System32\drivers\LMDriver.sys;c:\windows\SYSNATIVE\drivers\LMDriver.sys [x]
S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys;c:\windows\SYSNATIVE\drivers\mfefirek.sys [x]
S3 mfencbdc;McAfee Inc. mfencbdc;c:\windows\system32\DRIVERS\mfencbdc.sys;c:\windows\SYSNATIVE\DRIVERS\mfencbdc.sys [x]
S3 NETwNe64;@oem14.inf,___ %NIC_Service_DispName_WIN8_64%;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 8 - 64 Bit;c:\windows\system32\DRIVERS\NETwew02.sys;c:\windows\SYSNATIVE\DRIVERS\NETwew02.sys [x]
S3 RadioShim;Shim for HID-KMDF Interface layer;c:\windows\System32\drivers\RadioShim.sys;c:\windows\SYSNATIVE\drivers\RadioShim.sys [x]
S3 RTL8168;Realtek 8168 NT Driver;c:\windows\system32\DRIVERS\Rt630x64.sys;c:\windows\SYSNATIVE\DRIVERS\Rt630x64.sys [x]
S3 RTSPER;Realtek PCIE Card Reader - PER;c:\windows\system32\DRIVERS\RtsPer.sys;c:\windows\SYSNATIVE\DRIVERS\RtsPer.sys [x]
S3 usb3Hub;UoIP Hub;c:\windows\System32\drivers\usb3Hub.sys;c:\windows\SYSNATIVE\drivers\usb3Hub.sys [x]
S3 WPRO_41_2001;WinPcap Packet Driver (WPRO_41_2001);c:\windows\system32\drivers\WPRO_41_2001.sys;c:\windows\SYSNATIVE\drivers\WPRO_41_2001.sys [x]
.
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2013-05-15 165872]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2013-05-15 407536]
"Persistence"="c:\windows\system32\igfxpers.exe" [2013-05-15 444400]
"BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshellex.dll" [2013-04-12 7770936]
"ETDCtrl"="c:\program files (x86)\Elantech\ETDCtrl.exe" [BU]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2013-05-13 13538376]
"RtHDVBg_Dolby"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2013-04-24 1307720]
.
------- Doplňkový sken -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://acer13.msn.com
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 192.168.0.1
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
Toolbar-Locked - (no file)
.
.
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\SysWOW64\rundll32.exe
c:\program files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
c:\program files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Celkový čas: 2015-01-13 18:22:33 - počítač byl restartován
ComboFix-quarantined-files.txt 2015-01-13 17:22
ComboFix2.txt 2015-01-12 21:09
.
Před spuštěním: 439 502 684 160 bytes free
Po spuštění: 439 544 131 584 bytes free
.
- - End Of File - - 6DE6B24798ECD56708C2FE50E55CD161
5FB38429D5D77768867C76DCBDB35194

MartinHaltof · #9 Příspěvek od **MartinHaltof** » 13 led 2015 18:32

zde jsou ty procesy

#10 Příspěvek od **altrok** » 13 led 2015 18:48

Tyto procesy daji dohromady ani ne 300 MB z 3752, coz dela ~8 % z celkove RAM, ale na screenu je vyuzito 74 %...

Prejmenujte ComboFix na Uninstall a spustte jako spravce
ComboFix se odinstaluje.

Ulozte na plochu MBRScan - http://eric71.geekstogo.com/tools/MbrScan.exe

Spustte jej, vpravo nahore kliknete na Options a vsechno dooznacte
kliknete na Report
obsah prave otevreneho textaku mi vlozte do pristi odpovedi

Pouzijte tyto utility dle navodu kolegy

vyosek píše: Stahnete si TDSSKiller http://media.kaspersky.com/utilities/Vi ... killer.exe
Po spusteni odsouhlaste licencni podminky (klik na Accept)

Kliknete na volbu Change parametrs

V okne Additional Option zakliknete vsechny moznosti

Kliknete na OK

Utilite prikazte, at skenuje - klik na Start Scan

Po dokonceni skenu se objevi okno, zkontrolujte, zda-li je vsude moznost Skip

Pokud moznost Skip nebude primarne nastavena, prekliknete ji na Skip

Pokud mate vsude Skip, kliknete na Continue

Na disku, kde mate Windows (obvykle c:\) ve tvaru TDSSKiller.nejaka cisilka _log.txt bude log - jeho obsah sem vlozte
Stahnete Malwarebytes Anti-Rootkit http://www.bleepingcomputer.com/downloa ... i-rootkit/
Ulozte nejlepe na Plochu a rozbalte

Spustte kliknutim na mbar

Nyni postupne kliknete na Next a Update

Po dokonceni update (aktualizace) databaze kliknete opet na Next

Nechte zaskrtnute vsechny tri moznosti a klinete na Scan cimz spustite prohledavani PC

Po dokonceni skenu (cca 5 minutek) zkontrolujte, zda-li je u vsech nalezu (samozrejme pokud budou) zatrzitko

Tez zkontrolujte, jetsli je zatrzitko u Create Restore point

Nyni kliknete na CleanUp cimz nalezenou infekci odstranime

PC bude restartovan

Slozka mbar by mela obsahovat log (a zrejme se i sam otevre) mbar-log-rok-mesic-den (hodina-minuta-sekunda).txt, ten mi sem dejte

MartinHaltof · #11 Příspěvek od **MartinHaltof** » 13 led 2015 19:00

ano ano ty procesy celkově nevycházi mam tam sice 90 procesu ale většina je 1 MB a zbytek je tak normalně a ty hostitel služby neukazujou nijak velkou zatěž ale konečny výsledek ukazuje jak ukazuje ,, nechapu a ty služby se samozřejmě po smazani obnovují.

Kód: Vybrat vše

MBRScan v1.1.1

OS             : Windows 8  (64 bit)
PROCESSOR      : Intel64 Family 6 Model 69 Stepping 1, GenuineIntel
BOOT           : Normal Boot
DATE           : 2015/01/13 (ISO 8601) at 18:54:14
________________________________________________________________________________

DISK           : Device\Harddisk0\DR0 __ST500LT012-9WS142 (0001SDM1)
BUS_TYPE       : (0x0B)  S-ATA
USE_PIO        : YES
MAX_TRANSFER   : 128 Kb
ALIGNMENT_MASK : word aligned
________________________________________________________________________________

DISK           : Device\Harddisk1\DR1 __KINGSTON SMS151S324G (S9FM00.7)
BUS_TYPE       : (0x0B)  S-ATA
USE_PIO        : YES
MAX_TRANSFER   : 128 Kb
ALIGNMENT_MASK : word aligned
________________________________________________________________________________

DISK           : Device\Harddisk2\DR2 __TOSHIBA TransMemory (1.00)
BUS_TYPE       : (0x07)  USB
USE_PIO        : NO
MAX_TRANSFER   : 64 Kb
ALIGNMENT_MASK : byte aligned
________________________________________________________________________________

Device\Harddisk0\DR0	465.8 Go  [Fixed] ==> Unknown MBR Code...

MBR_MD5   : 4427AD979CF21D1C780EDBD8E06DFB5A
MBR_SHA1  : 80347EBD60089C7F403747B11F46222CCA4A0F95

Device\Harddisk0\Partition1	2.00 To  	0xEE EFI GPT[1] 
________________________________________________________________________________

Device\Harddisk1\DR1	22.37 Go  [Fixed] ==> Unknown MBR Code...

MBR_MD5   : 654C84DB5BA844B251861D61D968DE4C
MBR_SHA1  : 956EE8ED7C078BCC9D7EF408A795006719FF9237

Device\Harddisk1\Partition1	22.36 Go  	0x73 0x73 
________________________________________________________________________________

Device\Harddisk2\DR2	7.23 Go  [Removable] ==> Unknown MBR Code

MBR_MD5   : 91AAFF3D7319902FFF01559DADA56CE0
MBR_SHA1  : 24F81A4206BD919048D28B40BAD60E23CB49B4BE

Device\Harddisk2\Partition1	7.23 Go  	0x07 NTFS / HPFS
________________________________________________________________________________

############################### Additional scan ################################

DRIVER  : C:\WINDOWS\system32\ntoskrnl.exe => Invisible on the disk
ADDRESS : 0x02E88000
SIZE    : 7.30 Mo

DRIVER  : C:\WINDOWS\system32\hal.dll => Invisible on the disk
ADDRESS : 0x02E1C000
SIZE    : 432.0 Ko

DRIVER  : C:\WINDOWS\system32\kd.dll => Invisible on the disk
ADDRESS : 0x01F25000
SIZE    : 36.0 Ko

DRIVER  : C:\WINDOWS\system32\mcupdate_GenuineIntel.dll => Invisible on the disk
ADDRESS : 0x00C9E000
SIZE    : 380.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\CLFS.SYS => Invisible on the disk
ADDRESS : 0x00CFD000
SIZE    : 368.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\tm.sys => Invisible on the disk
ADDRESS : 0x00D59000
SIZE    : 140.0 Ko

DRIVER  : C:\WINDOWS\system32\CI.dll => Invisible on the disk
ADDRESS : 0x00C00000
SIZE    : 508.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\msrpc.sys => Invisible on the disk
ADDRESS : 0x00D9B000
SIZE    : 396.0 Ko

DRIVER  : C:\WINDOWS\system32\drivers\Wdf01000.sys => Invisible on the disk
ADDRESS : 0x010DE000
SIZE    : 776.0 Ko

DRIVER  : C:\WINDOWS\system32\drivers\WDFLDR.SYS => Invisible on the disk
ADDRESS : 0x011A0000
SIZE    : 64.0 Ko

DRIVER  : C:\WINDOWS\System32\Drivers\acpiex.sys => Invisible on the disk
ADDRESS : 0x011B0000
SIZE    : 92.0 Ko

DRIVER  : C:\WINDOWS\System32\Drivers\WppRecorder.sys => Invisible on the disk
ADDRESS : 0x011C7000
SIZE    : 44.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\ACPI.sys => Invisible on the disk
ADDRESS : 0x01000000
SIZE    : 436.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\WMILIB.SYS => Invisible on the disk
ADDRESS : 0x0106D000
SIZE    : 40.0 Ko

DRIVER  : C:\WINDOWS\System32\Drivers\cng.sys => Invisible on the disk
ADDRESS : 0x00EE2000
SIZE    : 564.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\msisadrv.sys => Invisible on the disk
ADDRESS : 0x00F89000
SIZE    : 40.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\pci.sys => Invisible on the disk
ADDRESS : 0x00F93000
SIZE    : 244.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\vdrvroot.sys => Invisible on the disk
ADDRESS : 0x00FD0000
SIZE    : 52.0 Ko

DRIVER  : C:\WINDOWS\system32\DRIVERS\excsd.sys => Invisible on the disk
ADDRESS : 0x00E00000
SIZE    : 776.0 Ko

DRIVER  : C:\WINDOWS\system32\drivers\pdc.sys => Invisible on the disk
ADDRESS : 0x00EC2000
SIZE    : 92.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\partmgr.sys => Invisible on the disk
ADDRESS : 0x00FDD000
SIZE    : 104.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\spaceport.sys => Invisible on the disk
ADDRESS : 0x01077000
SIZE    : 292.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\volmgr.sys => Invisible on the disk
ADDRESS : 0x010C0000
SIZE    : 96.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\volmgrx.sys => Invisible on the disk
ADDRESS : 0x012F4000
SIZE    : 384.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\mountmgr.sys => Invisible on the disk
ADDRESS : 0x01354000
SIZE    : 104.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\iaStorA.sys => Invisible on the disk
ADDRESS : 0x01610000
SIZE    : 2.82 Mo

DRIVER  : C:\WINDOWS\System32\drivers\storport.sys => Invisible on the disk
ADDRESS : 0x018E1000
SIZE    : 340.0 Ko

DRIVER  : C:\WINDOWS\system32\drivers\fltmgr.sys => Invisible on the disk
ADDRESS : 0x01950000
SIZE    : 384.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\fileinfo.sys => Invisible on the disk
ADDRESS : 0x019B0000
SIZE    : 80.0 Ko

DRIVER  : C:\WINDOWS\system32\drivers\mfehidk.sys => Invisible on the disk
ADDRESS : 0x01200000
SIZE    : 756.0 Ko

DRIVER  : C:\WINDOWS\System32\Drivers\Ntfs.sys => Invisible on the disk
ADDRESS : 0x01A3F000
SIZE    : 1.89 Mo

DRIVER  : C:\WINDOWS\System32\Drivers\ksecdd.sys => Invisible on the disk
ADDRESS : 0x01C22000
SIZE    : 108.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\pcw.sys => Invisible on the disk
ADDRESS : 0x01C3D000
SIZE    : 68.0 Ko

DRIVER  : C:\WINDOWS\System32\Drivers\Fs_Rec.sys => Invisible on the disk
ADDRESS : 0x01C4E000
SIZE    : 40.0 Ko

DRIVER  : C:\WINDOWS\system32\drivers\ndis.sys => Invisible on the disk
ADDRESS : 0x01C58000
SIZE    : 996.0 Ko

DRIVER  : C:\WINDOWS\system32\drivers\NETIO.SYS => Invisible on the disk
ADDRESS : 0x01D51000
SIZE    : 444.0 Ko

DRIVER  : C:\WINDOWS\System32\Drivers\ksecpkg.sys => Invisible on the disk
ADDRESS : 0x01DC0000
SIZE    : 188.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\tcpip.sys => Invisible on the disk
ADDRESS : 0x01E3F000
SIZE    : 2.22 Mo

DRIVER  : C:\WINDOWS\System32\drivers\fwpkclnt.sys => Invisible on the disk
ADDRESS : 0x02078000
SIZE    : 416.0 Ko

DRIVER  : C:\WINDOWS\system32\DRIVERS\wfplwfs.sys => Invisible on the disk
ADDRESS : 0x020E0000
SIZE    : 108.0 Ko

DRIVER  : C:\WINDOWS\system32\drivers\mfewfpk.sys => Invisible on the disk
ADDRESS : 0x020FB000
SIZE    : 332.0 Ko

DRIVER  : C:\WINDOWS\System32\DRIVERS\fvevol.sys => Invisible on the disk
ADDRESS : 0x0214E000
SIZE    : 472.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\volsnap.sys => Invisible on the disk
ADDRESS : 0x0136E000
SIZE    : 340.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\rdyboost.sys => Invisible on the disk
ADDRESS : 0x021C4000
SIZE    : 236.0 Ko

DRIVER  : C:\WINDOWS\System32\Drivers\mup.sys => Invisible on the disk
ADDRESS : 0x01E00000
SIZE    : 92.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\disk.sys => Invisible on the disk
ADDRESS : 0x01E23000
SIZE    : 112.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\CLASSPNP.SYS => Invisible on the disk
ADDRESS : 0x022AC000
SIZE    : 344.0 Ko

DRIVER  : C:\WINDOWS\System32\Drivers\crashdmp.sys => Invisible on the disk
ADDRESS : 0x02302000
SIZE    : 80.0 Ko

DRIVER  : C:\WINDOWS\system32\DRIVERS\excfs.sys => Invisible on the disk
ADDRESS : 0x03E31000
SIZE    : 40.0 Ko

DRIVER  : C:\WINDOWS\System32\Drivers\Null.SYS => Invisible on the disk
ADDRESS : 0x03E3B000
SIZE    : 36.0 Ko

DRIVER  : C:\WINDOWS\System32\Drivers\Beep.SYS => Invisible on the disk
ADDRESS : 0x03E44000
SIZE    : 32.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\BasicRender.sys => Invisible on the disk
ADDRESS : 0x03E4C000
SIZE    : 52.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\dxgkrnl.sys => Invisible on the disk
ADDRESS : 0x044EA000
SIZE    : 1.41 Mo

DRIVER  : C:\WINDOWS\System32\drivers\watchdog.sys => Invisible on the disk
ADDRESS : 0x04653000
SIZE    : 68.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\dxgmms1.sys => Invisible on the disk
ADDRESS : 0x04664000
SIZE    : 312.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\BasicDisplay.sys => Invisible on the disk
ADDRESS : 0x046B2000
SIZE    : 68.0 Ko

DRIVER  : C:\WINDOWS\System32\Drivers\Npfs.SYS => Invisible on the disk
ADDRESS : 0x046C3000
SIZE    : 72.0 Ko

DRIVER  : C:\WINDOWS\System32\Drivers\Msfs.SYS => Invisible on the disk
ADDRESS : 0x046D5000
SIZE    : 48.0 Ko

DRIVER  : C:\WINDOWS\system32\DRIVERS\tdx.sys => Invisible on the disk
ADDRESS : 0x046E1000
SIZE    : 136.0 Ko

DRIVER  : C:\WINDOWS\system32\DRIVERS\TDI.SYS => Invisible on the disk
ADDRESS : 0x04703000
SIZE    : 56.0 Ko

DRIVER  : C:\WINDOWS\system32\drivers\ws2ifsl.sys => Invisible on the disk
ADDRESS : 0x04711000
SIZE    : 48.0 Ko

DRIVER  : C:\WINDOWS\System32\DRIVERS\netbt.sys => Invisible on the disk
ADDRESS : 0x0471D000
SIZE    : 352.0 Ko

DRIVER  : C:\WINDOWS\system32\drivers\afd.sys => Invisible on the disk
ADDRESS : 0x04400000
SIZE    : 600.0 Ko

DRIVER  : C:\WINDOWS\system32\DRIVERS\pacer.sys => Invisible on the disk
ADDRESS : 0x04496000
SIZE    : 168.0 Ko

DRIVER  : C:\WINDOWS\system32\DRIVERS\vwififlt.sys => Invisible on the disk
ADDRESS : 0x044C0000
SIZE    : 88.0 Ko

DRIVER  : C:\WINDOWS\system32\DRIVERS\netbios.sys => Invisible on the disk
ADDRESS : 0x044D6000
SIZE    : 64.0 Ko

DRIVER  : C:\WINDOWS\system32\DRIVERS\rdbss.sys => Invisible on the disk
ADDRESS : 0x04775000
SIZE    : 456.0 Ko

DRIVER  : C:\WINDOWS\system32\DRIVERS\wanarp.sys => Invisible on the disk
ADDRESS : 0x03E59000
SIZE    : 104.0 Ko

DRIVER  : C:\WINDOWS\system32\drivers\nsiproxy.sys => Invisible on the disk
ADDRESS : 0x047E7000
SIZE    : 56.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\npsvctrig.sys => Invisible on the disk
ADDRESS : 0x03E73000
SIZE    : 48.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\mssmbios.sys => Invisible on the disk
ADDRESS : 0x03E7F000
SIZE    : 48.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\discache.sys => Invisible on the disk
ADDRESS : 0x03E8B000
SIZE    : 68.0 Ko

DRIVER  : C:\WINDOWS\System32\Drivers\dfsc.sys => Invisible on the disk
ADDRESS : 0x03E9C000
SIZE    : 132.0 Ko

DRIVER  : C:\WINDOWS\system32\DRIVERS\ndistapi.sys => Invisible on the disk
ADDRESS : 0x03ECF000
SIZE    : 48.0 Ko

DRIVER  : C:\WINDOWS\system32\DRIVERS\ndiswan.sys => Invisible on the disk
ADDRESS : 0x03E00000
SIZE    : 188.0 Ko

DRIVER  : C:\WINDOWS\system32\DRIVERS\rassstp.sys => Invisible on the disk
ADDRESS : 0x03EDB000
SIZE    : 120.0 Ko

DRIVER  : C:\WINDOWS\system32\DRIVERS\AgileVpn.sys => Invisible on the disk
ADDRESS : 0x041E2000
SIZE    : 96.0 Ko

DRIVER  : C:\WINDOWS\system32\DRIVERS\tunnel.sys => Invisible on the disk
ADDRESS : 0x02323000
SIZE    : 176.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\CompositeBus.sys => Invisible on the disk
ADDRESS : 0x03EBD000
SIZE    : 60.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\usb3Hub.sys => Invisible on the disk
ADDRESS : 0x0234F000
SIZE    : 224.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\USBD.SYS => Invisible on the disk
ADDRESS : 0x047F5000
SIZE    : 44.0 Ko

DRIVER  : C:\WINDOWS\system32\DRIVERS\kdnic.sys => Invisible on the disk
ADDRESS : 0x02387000
SIZE    : 44.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\umbus.sys => Invisible on the disk
ADDRESS : 0x02392000
SIZE    : 72.0 Ko

DRIVER  : C:\WINDOWS\system32\DRIVERS\igdkmd64.sys => Invisible on the disk
ADDRESS : 0x04852000
SIZE    : 4.23 Mo

DRIVER  : C:\WINDOWS\System32\Drivers\fastfat.SYS => Invisible on the disk
ADDRESS : 0x04C8C000
SIZE    : 220.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\HDAudBus.sys => Invisible on the disk
ADDRESS : 0x04CC3000
SIZE    : 88.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\USBXHCI.SYS => Invisible on the disk
ADDRESS : 0x04CD9000
SIZE    : 348.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\ucx01000.sys => Invisible on the disk
ADDRESS : 0x04D30000
SIZE    : 224.0 Ko

DRIVER  : C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys => Invisible on the disk
ADDRESS : 0x04D68000
SIZE    : 112.0 Ko

DRIVER  : C:\WINDOWS\system32\DRIVERS\RtsPer.sys => Invisible on the disk
ADDRESS : 0x04D84000
SIZE    : 460.0 Ko

DRIVER  : C:\WINDOWS\system32\DRIVERS\Rt630x64.sys => Invisible on the disk
ADDRESS : 0x0422C000
SIZE    : 788.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\usbehci.sys => Invisible on the disk
ADDRESS : 0x042F1000
SIZE    : 88.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\USBPORT.SYS => Invisible on the disk
ADDRESS : 0x04307000
SIZE    : 500.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\i8042prt.sys => Invisible on the disk
ADDRESS : 0x04384000
SIZE    : 128.0 Ko

DRIVER  : C:\WINDOWS\system32\DRIVERS\ikbevent.sys => Invisible on the disk
ADDRESS : 0x043A4000
SIZE    : 40.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\kbdclass.sys => Invisible on the disk
ADDRESS : 0x043AE000
SIZE    : 60.0 Ko

DRIVER  : C:\WINDOWS\system32\DRIVERS\ETD.sys => Invisible on the disk
ADDRESS : 0x023A4000
SIZE    : 364.0 Ko

DRIVER  : C:\WINDOWS\system32\DRIVERS\imsevent.sys => Invisible on the disk
ADDRESS : 0x043BD000
SIZE    : 40.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\mouclass.sys => Invisible on the disk
ADDRESS : 0x043C7000
SIZE    : 60.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\wmiacpi.sys => Invisible on the disk
ADDRESS : 0x043D6000
SIZE    : 40.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\msgpiowin32.sys => Invisible on the disk
ADDRESS : 0x043E0000
SIZE    : 48.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\mshidkmdf.sys => Invisible on the disk
ADDRESS : 0x043EC000
SIZE    : 36.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\HIDCLASS.SYS => Invisible on the disk
ADDRESS : 0x04200000
SIZE    : 108.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\HIDPARSE.SYS => Invisible on the disk
ADDRESS : 0x0421B000
SIZE    : 32.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\intelppm.sys => Invisible on the disk
ADDRESS : 0x053A8000
SIZE    : 112.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\CmBatt.sys => Invisible on the disk
ADDRESS : 0x04223000
SIZE    : 28.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\BATTC.SYS => Invisible on the disk
ADDRESS : 0x053C4000
SIZE    : 48.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\ISCTD64.sys => Invisible on the disk
ADDRESS : 0x053D0000
SIZE    : 68.0 Ko

DRIVER  : C:\WINDOWS\system32\DRIVERS\raspptp.sys => Invisible on the disk
ADDRESS : 0x04800000
SIZE    : 132.0 Ko

DRIVER  : C:\WINDOWS\system32\DRIVERS\rasl2tp.sys => Invisible on the disk
ADDRESS : 0x04821000
SIZE    : 148.0 Ko

DRIVER  : C:\WINDOWS\system32\DRIVERS\raspppoe.sys => Invisible on the disk
ADDRESS : 0x053E1000
SIZE    : 104.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\swenum.sys => Invisible on the disk
ADDRESS : 0x0422A000
SIZE    : 8.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\ks.sys => Invisible on the disk
ADDRESS : 0x02200000
SIZE    : 316.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\iwdbus.sys => Invisible on the disk
ADDRESS : 0x05000000
SIZE    : 48.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\LMDriver.sys => Invisible on the disk
ADDRESS : 0x043F5000
SIZE    : 44.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\RadioShim.sys => Invisible on the disk
ADDRESS : 0x04846000
SIZE    : 36.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\rdpbus.sys => Invisible on the disk
ADDRESS : 0x02285000
SIZE    : 44.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\AMPPAL.sys => Invisible on the disk
ADDRESS : 0x0224F000
SIZE    : 180.0 Ko

DRIVER  : C:\WINDOWS\System32\Drivers\NDProxy.SYS => Invisible on the disk
ADDRESS : 0x02290000
SIZE    : 80.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\usbhub.sys => Invisible on the disk
ADDRESS : 0x07230000
SIZE    : 624.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\kbdhid.sys => Invisible on the disk
ADDRESS : 0x072CC000
SIZE    : 52.0 Ko

DRIVER  : C:\WINDOWS\system32\DRIVERS\portcls.sys => Invisible on the disk
ADDRESS : 0x0734C000
SIZE    : 300.0 Ko

DRIVER  : C:\WINDOWS\system32\DRIVERS\drmk.sys => Invisible on the disk
ADDRESS : 0x07397000
SIZE    : 136.0 Ko

DRIVER  : C:\WINDOWS\system32\drivers\ksthunk.sys => Invisible on the disk
ADDRESS : 0x073B9000
SIZE    : 24.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\UsbHub3.sys => Invisible on the disk
ADDRESS : 0x07664000
SIZE    : 464.0 Ko

DRIVER  : C:\WINDOWS\system32\drivers\RTKVHD64.sys => Invisible on the disk
ADDRESS : 0x078EF000
SIZE    : 3.25 Mo

DRIVER  : C:\WINDOWS\System32\drivers\hidusb.sys => Invisible on the disk
ADDRESS : 0x07C2F000
SIZE    : 52.0 Ko

DRIVER  : C:\WINDOWS\system32\drivers\mfeavfk.sys => Invisible on the disk
ADDRESS : 0x07C3C000
SIZE    : 300.0 Ko

DRIVER  : C:\WINDOWS\system32\drivers\mfefirek.sys => Invisible on the disk
ADDRESS : 0x07C87000
SIZE    : 504.0 Ko

DRIVER  : C:\WINDOWS\system32\DRIVERS\mfencbdc.sys => Invisible on the disk
ADDRESS : 0x07D05000
SIZE    : 428.0 Ko

DRIVER  : C:\WINDOWS\System32\win32k.sys => Invisible on the disk
ADDRESS : 0x00026000
SIZE    : 3.97 Mo

DRIVER  : C:\WINDOWS\System32\drivers\usbccgp.sys => Invisible on the disk
ADDRESS : 0x07D70000
SIZE    : 140.0 Ko

DRIVER  : C:\WINDOWS\System32\Drivers\usbvideo.sys => Invisible on the disk
ADDRESS : 0x07D93000
SIZE    : 208.0 Ko

DRIVER  : C:\WINDOWS\System32\TSDDD.dll => Invisible on the disk
ADDRESS : 0x0079C000
SIZE    : 36.0 Ko

DRIVER  : C:\WINDOWS\System32\cdd.dll => Invisible on the disk
ADDRESS : 0x00916000
SIZE    : 216.0 Ko

DRIVER  : C:\WINDOWS\system32\DRIVERS\monitor.sys => Invisible on the disk
ADDRESS : 0x07DC7000
SIZE    : 56.0 Ko

DRIVER  : C:\WINDOWS\System32\Drivers\dump_iaStorA.sys => Invisible on the disk
ADDRESS : 0x03EF9000
SIZE    : 2.82 Mo

DRIVER  : C:\WINDOWS\system32\drivers\luafv.sys => Invisible on the disk
ADDRESS : 0x07800000
SIZE    : 160.0 Ko

DRIVER  : C:\WINDOWS\system32\DRIVERS\lltdio.sys => Invisible on the disk
ADDRESS : 0x07828000
SIZE    : 80.0 Ko

DRIVER  : C:\WINDOWS\system32\DRIVERS\nwifi.sys => Invisible on the disk
ADDRESS : 0x0783C000
SIZE    : 440.0 Ko

DRIVER  : C:\WINDOWS\system32\DRIVERS\ndisuio.sys => Invisible on the disk
ADDRESS : 0x078AA000
SIZE    : 80.0 Ko

DRIVER  : C:\WINDOWS\system32\DRIVERS\rspndr.sys => Invisible on the disk
ADDRESS : 0x078BE000
SIZE    : 96.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\condrv.sys => Invisible on the disk
ADDRESS : 0x078D6000
SIZE    : 52.0 Ko

DRIVER  : C:\WINDOWS\system32\drivers\HTTP.sys => Invisible on the disk
ADDRESS : 0x076D8000
SIZE    : 892.0 Ko

DRIVER  : C:\WINDOWS\system32\DRIVERS\bowser.sys => Invisible on the disk
ADDRESS : 0x077B7000
SIZE    : 128.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\mpsdrv.sys => Invisible on the disk
ADDRESS : 0x077D7000
SIZE    : 92.0 Ko

DRIVER  : C:\WINDOWS\system32\DRIVERS\mrxsmb.sys => Invisible on the disk
ADDRESS : 0x07600000
SIZE    : 396.0 Ko

DRIVER  : C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys => Invisible on the disk
ADDRESS : 0x18C92000
SIZE    : 300.0 Ko

DRIVER  : C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys => Invisible on the disk
ADDRESS : 0x18CDD000
SIZE    : 236.0 Ko

DRIVER  : C:\WINDOWS\system32\drivers\Ndu.sys => Invisible on the disk
ADDRESS : 0x18D18000
SIZE    : 112.0 Ko

DRIVER  : C:\WINDOWS\system32\drivers\peauth.sys => Invisible on the disk
ADDRESS : 0x18D34000
SIZE    : 812.0 Ko

DRIVER  : C:\WINDOWS\System32\Drivers\secdrv.SYS => Invisible on the disk
ADDRESS : 0x18C00000
SIZE    : 44.0 Ko

DRIVER  : C:\WINDOWS\System32\DRIVERS\srvnet.sys => Invisible on the disk
ADDRESS : 0x18C0B000
SIZE    : 272.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\tcpipreg.sys => Invisible on the disk
ADDRESS : 0x18C4F000
SIZE    : 72.0 Ko

DRIVER  : C:\WINDOWS\System32\DRIVERS\srv2.sys => Invisible on the disk
ADDRESS : 0x19447000
SIZE    : 644.0 Ko

DRIVER  : C:\WINDOWS\System32\DRIVERS\srv.sys => Invisible on the disk
ADDRESS : 0x194E8000
SIZE    : 564.0 Ko

DRIVER  : C:\WINDOWS\system32\drivers\WPRO_41_2001.sys => Invisible on the disk
ADDRESS : 0x1957F000
SIZE    : 48.0 Ko

DRIVER  : C:\WINDOWS\system32\drivers\WudfPf.sys => Invisible on the disk
ADDRESS : 0x1958B000
SIZE    : 100.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\WUDFRd.sys => Invisible on the disk
ADDRESS : 0x195A4000
SIZE    : 216.0 Ko

DRIVER  : C:\WINDOWS\system32\drivers\cfwids.sys => Invisible on the disk
ADDRESS : 0x195DA000
SIZE    : 64.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\USBSTOR.SYS => Invisible on the disk
ADDRESS : 0x19400000
SIZE    : 124.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\WpdUpFltr.sys => Invisible on the disk
ADDRESS : 0x19438000
SIZE    : 44.0 Ko

DRIVER  : C:\WINDOWS\system32\DRIVERS\NETwew02.sys => Invisible on the disk
ADDRESS : 0x0500C000
SIZE    : 3.59 Mo

DRIVER  : C:\WINDOWS\System32\drivers\vwifibus.sys => Invisible on the disk
ADDRESS : 0x195F2000
SIZE    : 52.0 Ko

DRIVER  : C:\WINDOWS\system32\DRIVERS\vwifimp.sys => Invisible on the disk
ADDRESS : 0x1941F000
SIZE    : 40.0 Ko

DRIVER  : C:\WINDOWS\System32\drivers\mouhid.sys => Invisible on the disk
ADDRESS : 0x19429000
SIZE    : 48.0 Ko

SystemStartOptions :  NOEXECUTE=OPTIN  NOVGA

________________________________________________________________________________

_______MBR   \Device\Harddisk0\DR0  

0x00000000   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000010   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000020   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000030   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000040   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000050   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000060   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000070   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000080   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000090   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000000A0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000000B0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000000C0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000000D0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000000E0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000000F0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000100   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000110   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000120   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000130   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000140   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000150   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000160   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000170   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000180   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000190   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000001A0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000001B0   00 00 00 00 00 00 00 00 F2 DA 3F B2 00 00 00 00   ........òÚ?²....
0x000001C0   02 00 EE FF FF FF 01 00 00 00 FF FF FF FF 00 00   ..î.............
0x000001D0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000001E0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000001F0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 55 AA   ..............Uª

__________________________16_BIT_ASM_CODE
   
0x0000    0000            ADD [BX+SI], AL   
0x0002    0000            ADD [BX+SI], AL   
0x0004    0000            ADD [BX+SI], AL   
0x0006    0000            ADD [BX+SI], AL   
0x0008    0000            ADD [BX+SI], AL   
0x000A    0000            ADD [BX+SI], AL   
0x000C    0000            ADD [BX+SI], AL   
0x000E    0000            ADD [BX+SI], AL   
0x0010    0000            ADD [BX+SI], AL   
0x0012    0000            ADD [BX+SI], AL   
0x0014    0000            ADD [BX+SI], AL   
0x0016    0000            ADD [BX+SI], AL   
0x0018    0000            ADD [BX+SI], AL   
0x001A    0000            ADD [BX+SI], AL   
0x001C    0000            ADD [BX+SI], AL   
0x001E    0000            ADD [BX+SI], AL   
0x0020    0000            ADD [BX+SI], AL   
0x0022    0000            ADD [BX+SI], AL   
0x0024    0000            ADD [BX+SI], AL   
0x0026    0000            ADD [BX+SI], AL   
0x0028    0000            ADD [BX+SI], AL   
0x002A    0000            ADD [BX+SI], AL   
0x002C    0000            ADD [BX+SI], AL   
0x002E    0000            ADD [BX+SI], AL   
0x0030    0000            ADD [BX+SI], AL   
0x0032    0000            ADD [BX+SI], AL   
0x0034    0000            ADD [BX+SI], AL   
0x0036    0000            ADD [BX+SI], AL   
0x0038    0000            ADD [BX+SI], AL   
0x003A    0000            ADD [BX+SI], AL   
0x003C    0000            ADD [BX+SI], AL   
0x003E    0000            ADD [BX+SI], AL   
0x0040    0000            ADD [BX+SI], AL   
0x0042    0000            ADD [BX+SI], AL   
0x0044    0000            ADD [BX+SI], AL   
0x0046    0000            ADD [BX+SI], AL   
0x0048    0000            ADD [BX+SI], AL   
0x004A    0000            ADD [BX+SI], AL   
0x004C    0000            ADD [BX+SI], AL   
0x004E    0000            ADD [BX+SI], AL   
0x0050    0000            ADD [BX+SI], AL   
0x0052    0000            ADD [BX+SI], AL   
0x0054    0000            ADD [BX+SI], AL   
0x0056    0000            ADD [BX+SI], AL   
0x0058    0000            ADD [BX+SI], AL   
0x005A    0000            ADD [BX+SI], AL   
0x005C    0000            ADD [BX+SI], AL   
0x005E    0000            ADD [BX+SI], AL   
0x0060    0000            ADD [BX+SI], AL   
0x0062    0000            ADD [BX+SI], AL   
0x0064    0000            ADD [BX+SI], AL   
0x0066    0000            ADD [BX+SI], AL   
0x0068    0000            ADD [BX+SI], AL   
0x006A    0000            ADD [BX+SI], AL   
0x006C    0000            ADD [BX+SI], AL   
0x006E    0000            ADD [BX+SI], AL   
0x0070    0000            ADD [BX+SI], AL   
0x0072    0000            ADD [BX+SI], AL   
0x0074    0000            ADD [BX+SI], AL   
0x0076    0000            ADD [BX+SI], AL   
0x0078    0000            ADD [BX+SI], AL   
0x007A    0000            ADD [BX+SI], AL   
0x007C    0000            ADD [BX+SI], AL   
0x007E    0000            ADD [BX+SI], AL   
0x0080    0000            ADD [BX+SI], AL   
0x0082    0000            ADD [BX+SI], AL   
0x0084    0000            ADD [BX+SI], AL   
0x0086    0000            ADD [BX+SI], AL   
0x0088    0000            ADD [BX+SI], AL   
0x008A    0000            ADD [BX+SI], AL   
0x008C    0000            ADD [BX+SI], AL   
0x008E    0000            ADD [BX+SI], AL   
0x0090    0000            ADD [BX+SI], AL   
0x0092    0000            ADD [BX+SI], AL   
0x0094    0000            ADD [BX+SI], AL   
0x0096    0000            ADD [BX+SI], AL   
0x0098    0000            ADD [BX+SI], AL   
0x009A    0000            ADD [BX+SI], AL   
0x009C    0000            ADD [BX+SI], AL   
0x009E    0000            ADD [BX+SI], AL   
0x00A0    0000            ADD [BX+SI], AL   
0x00A2    0000            ADD [BX+SI], AL   
0x00A4    0000            ADD [BX+SI], AL   
0x00A6    0000            ADD [BX+SI], AL   
0x00A8    0000            ADD [BX+SI], AL   
0x00AA    0000            ADD [BX+SI], AL   
0x00AC    0000            ADD [BX+SI], AL   
0x00AE    0000            ADD [BX+SI], AL   
0x00B0    0000            ADD [BX+SI], AL   
0x00B2    0000            ADD [BX+SI], AL   
0x00B4    0000            ADD [BX+SI], AL   
0x00B6    0000            ADD [BX+SI], AL   
0x00B8    0000            ADD [BX+SI], AL   
0x00BA    0000            ADD [BX+SI], AL   
0x00BC    0000            ADD [BX+SI], AL   
0x00BE    0000            ADD [BX+SI], AL   
0x00C0    0000            ADD [BX+SI], AL   
0x00C2    0000            ADD [BX+SI], AL   
0x00C4    0000            ADD [BX+SI], AL   
0x00C6    0000            ADD [BX+SI], AL   
0x00C8    0000            ADD [BX+SI], AL   
0x00CA    0000            ADD [BX+SI], AL   
0x00CC    0000            ADD [BX+SI], AL   
0x00CE    0000            ADD [BX+SI], AL   
0x00D0    0000            ADD [BX+SI], AL   
0x00D2    0000            ADD [BX+SI], AL   
0x00D4    0000            ADD [BX+SI], AL   
0x00D6    0000            ADD [BX+SI], AL   
0x00D8    0000            ADD [BX+SI], AL   
0x00DA    0000            ADD [BX+SI], AL   
0x00DC    0000            ADD [BX+SI], AL   
0x00DE    0000            ADD [BX+SI], AL   
0x00E0    0000            ADD [BX+SI], AL   
0x00E2    0000            ADD [BX+SI], AL   
0x00E4    0000            ADD [BX+SI], AL   
0x00E6    0000            ADD [BX+SI], AL   
0x00E8    0000            ADD [BX+SI], AL   
0x00EA    0000            ADD [BX+SI], AL   
0x00EC    0000            ADD [BX+SI], AL   
0x00EE    0000            ADD [BX+SI], AL   
0x00F0    0000            ADD [BX+SI], AL   
0x00F2    0000            ADD [BX+SI], AL   
0x00F4    0000            ADD [BX+SI], AL   
0x00F6    0000            ADD [BX+SI], AL   
0x00F8    0000            ADD [BX+SI], AL   
0x00FA    0000            ADD [BX+SI], AL   
0x00FC    0000            ADD [BX+SI], AL   
0x00FE    0000            ADD [BX+SI], AL   
0x0100    0000            ADD [BX+SI], AL   
0x0102    0000            ADD [BX+SI], AL   
0x0104    0000            ADD [BX+SI], AL   
0x0106    0000            ADD [BX+SI], AL   
0x0108    0000            ADD [BX+SI], AL   
0x010A    0000            ADD [BX+SI], AL   
0x010C    0000            ADD [BX+SI], AL   
0x010E    0000            ADD [BX+SI], AL   
0x0110    0000            ADD [BX+SI], AL   
0x0112    0000            ADD [BX+SI], AL   
0x0114    0000            ADD [BX+SI], AL   
0x0116    0000            ADD [BX+SI], AL   
0x0118    0000            ADD [BX+SI], AL   
0x011A    0000            ADD [BX+SI], AL   
0x011C    0000            ADD [BX+SI], AL   
0x011E    0000            ADD [BX+SI], AL   
0x0120    0000            ADD [BX+SI], AL   
0x0122    0000            ADD [BX+SI], AL   
0x0124    0000            ADD [BX+SI], AL   
0x0126    0000            ADD [BX+SI], AL   
0x0128    0000            ADD [BX+SI], AL   
0x012A    0000            ADD [BX+SI], AL   
0x012C    0000            ADD [BX+SI], AL   
0x012E    0000            ADD [BX+SI], AL   
0x0130    0000            ADD [BX+SI], AL   
0x0132    0000            ADD [BX+SI], AL   
0x0134    0000            ADD [BX+SI], AL   
0x0136    0000            ADD [BX+SI], AL   
0x0138    0000            ADD [BX+SI], AL   
0x013A    0000            ADD [BX+SI], AL   
0x013C    0000            ADD [BX+SI], AL   
0x013E    0000            ADD [BX+SI], AL   
0x0140    0000            ADD [BX+SI], AL   
0x0142    0000            ADD [BX+SI], AL   
0x0144    0000            ADD [BX+SI], AL   
0x0146    0000            ADD [BX+SI], AL   
0x0148    0000            ADD [BX+SI], AL   
0x014A    0000            ADD [BX+SI], AL   
0x014C    0000            ADD [BX+SI], AL   
0x014E    0000            ADD [BX+SI], AL   
0x0150    0000            ADD [BX+SI], AL   
0x0152    0000            ADD [BX+SI], AL   
0x0154    0000            ADD [BX+SI], AL   
0x0156    0000            ADD [BX+SI], AL   
0x0158    0000            ADD [BX+SI], AL   
0x015A    0000            ADD [BX+SI], AL   
0x015C    0000            ADD [BX+SI], AL   
0x015E    0000            ADD [BX+SI], AL   
0x0160    0000            ADD [BX+SI], AL   
0x0162    0000            ADD [BX+SI], AL   
0x0164    0000            ADD [BX+SI], AL   
0x0166    0000            ADD [BX+SI], AL   
0x0168    0000            ADD [BX+SI], AL   
0x016A    0000            ADD [BX+SI], AL   
0x016C    0000            ADD [BX+SI], AL   
0x016E    0000            ADD [BX+SI], AL   
0x0170    0000            ADD [BX+SI], AL   
0x0172    0000            ADD [BX+SI], AL   
0x0174    0000            ADD [BX+SI], AL   
0x0176    0000            ADD [BX+SI], AL   
0x0178    0000            ADD [BX+SI], AL   
0x017A    0000            ADD [BX+SI], AL   
0x017C    0000            ADD [BX+SI], AL   
0x017E    0000            ADD [BX+SI], AL   
0x0180    0000            ADD [BX+SI], AL   
0x0182    0000            ADD [BX+SI], AL   
0x0184    0000            ADD [BX+SI], AL   
0x0186    0000            ADD [BX+SI], AL   
0x0188    0000            ADD [BX+SI], AL   
0x018A    0000            ADD [BX+SI], AL   
0x018C    0000            ADD [BX+SI], AL   
0x018E    0000            ADD [BX+SI], AL   
0x0190    0000            ADD [BX+SI], AL   
0x0192    0000            ADD [BX+SI], AL   
0x0194    0000            ADD [BX+SI], AL   
0x0196    0000            ADD [BX+SI], AL   
0x0198    0000            ADD [BX+SI], AL   
0x019A    0000            ADD [BX+SI], AL   
0x019C    0000            ADD [BX+SI], AL   
0x019E    0000            ADD [BX+SI], AL   
0x01A0    0000            ADD [BX+SI], AL   
0x01A2    0000            ADD [BX+SI], AL   
0x01A4    0000            ADD [BX+SI], AL   
0x01A6    0000            ADD [BX+SI], AL   
0x01A8    0000            ADD [BX+SI], AL   
0x01AA    0000            ADD [BX+SI], AL   
0x01AC    0000            ADD [BX+SI], AL   
0x01AE    0000            ADD [BX+SI], AL   
0x01B0    0000            ADD [BX+SI], AL   
0x01B2    0000            ADD [BX+SI], AL   
0x01B4    0000            ADD [BX+SI], AL   
0x01B6    0000            ADD [BX+SI], AL   
0x01B8    f2              DB 0xf2   
0x01B8    f2 da3f         FIDIVR DWORD [BX]   
0x01BB    b2 00           MOV DL, 0x0   
0x01BD    0000            ADD [BX+SI], AL   
0x01BF    0002            ADD [BP+SI], AL   
0x01C1    00ee            ADD DH, CH   
0x01C3    ff              DB 0xff   
0x01C4    ff              DB 0xff   
0x01C5    ff01            INC WORD [BX+DI]   
0x01C7    0000            ADD [BX+SI], AL   
0x01C9    00ff            ADD BH, BH   
0x01CB    ff              DB 0xff   
0x01CC    ff              DB 0xff   
0x01CD    ff00            INC WORD [BX+SI]   
0x01CF    0000            ADD [BX+SI], AL   
0x01D1    0000            ADD [BX+SI], AL   
0x01D3    0000            ADD [BX+SI], AL   
0x01D5    0000            ADD [BX+SI], AL   
0x01D7    0000            ADD [BX+SI], AL   
0x01D9    0000            ADD [BX+SI], AL   
0x01DB    0000            ADD [BX+SI], AL   
0x01DD    0000            ADD [BX+SI], AL   
0x01DF    0000            ADD [BX+SI], AL   
0x01E1    0000            ADD [BX+SI], AL   
0x01E3    0000            ADD [BX+SI], AL   
0x01E5    0000            ADD [BX+SI], AL   
0x01E7    0000            ADD [BX+SI], AL   
0x01E9    0000            ADD [BX+SI], AL   
0x01EB    0000            ADD [BX+SI], AL   
0x01ED    0000            ADD [BX+SI], AL   
0x01EF    0000            ADD [BX+SI], AL   
0x01F1    0000            ADD [BX+SI], AL   
0x01F3    0000            ADD [BX+SI], AL   
0x01F5    0000            ADD [BX+SI], AL   
0x01F7    0000            ADD [BX+SI], AL   
0x01F9    0000            ADD [BX+SI], AL   
0x01FB    0000            ADD [BX+SI], AL   
0x01FD    0055 aa         ADD [DI-0x56], DL   


_______MBR   \Device\Harddisk1\DR1  

0x00000000   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000010   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000020   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000030   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000040   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000050   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000060   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000070   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000080   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000090   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000000A0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000000B0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000000C0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000000D0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000000E0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000000F0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000100   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000110   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000120   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000130   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000140   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000150   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000160   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000170   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000180   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000190   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000001A0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000001B0   00 00 00 00 00 00 00 00 EA 2D F0 74 00 00 00 20   ........ê-ðt... 
0x000001C0   21 00 73 FE FF FF 00 08 00 00 00 A8 CB 02 00 00   !.sþ.......¨Ë...
0x000001D0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000001E0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000001F0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 55 AA   ..............Uª

__________________________16_BIT_ASM_CODE
   
0x0000    0000            ADD [BX+SI], AL   
0x0002    0000            ADD [BX+SI], AL   
0x0004    0000            ADD [BX+SI], AL   
0x0006    0000            ADD [BX+SI], AL   
0x0008    0000            ADD [BX+SI], AL   
0x000A    0000            ADD [BX+SI], AL   
0x000C    0000            ADD [BX+SI], AL   
0x000E    0000            ADD [BX+SI], AL   
0x0010    0000            ADD [BX+SI], AL   
0x0012    0000            ADD [BX+SI], AL   
0x0014    0000            ADD [BX+SI], AL   
0x0016    0000            ADD [BX+SI], AL   
0x0018    0000            ADD [BX+SI], AL   
0x001A    0000            ADD [BX+SI], AL   
0x001C    0000            ADD [BX+SI], AL   
0x001E    0000            ADD [BX+SI], AL   
0x0020    0000            ADD [BX+SI], AL   
0x0022    0000            ADD [BX+SI], AL   
0x0024    0000            ADD [BX+SI], AL   
0x0026    0000            ADD [BX+SI], AL   
0x0028    0000            ADD [BX+SI], AL   
0x002A    0000            ADD [BX+SI], AL   
0x002C    0000            ADD [BX+SI], AL   
0x002E    0000            ADD [BX+SI], AL   
0x0030    0000            ADD [BX+SI], AL   
0x0032    0000            ADD [BX+SI], AL   
0x0034    0000            ADD [BX+SI], AL   
0x0036    0000            ADD [BX+SI], AL   
0x0038    0000            ADD [BX+SI], AL   
0x003A    0000            ADD [BX+SI], AL   
0x003C    0000            ADD [BX+SI], AL   
0x003E    0000            ADD [BX+SI], AL   
0x0040    0000            ADD [BX+SI], AL   
0x0042    0000            ADD [BX+SI], AL   
0x0044    0000            ADD [BX+SI], AL   
0x0046    0000            ADD [BX+SI], AL   
0x0048    0000            ADD [BX+SI], AL   
0x004A    0000            ADD [BX+SI], AL   
0x004C    0000            ADD [BX+SI], AL   
0x004E    0000            ADD [BX+SI], AL   
0x0050    0000            ADD [BX+SI], AL   
0x0052    0000            ADD [BX+SI], AL   
0x0054    0000            ADD [BX+SI], AL   
0x0056    0000            ADD [BX+SI], AL   
0x0058    0000            ADD [BX+SI], AL   
0x005A    0000            ADD [BX+SI], AL   
0x005C    0000            ADD [BX+SI], AL   
0x005E    0000            ADD [BX+SI], AL   
0x0060    0000            ADD [BX+SI], AL   
0x0062    0000            ADD [BX+SI], AL   
0x0064    0000            ADD [BX+SI], AL   
0x0066    0000            ADD [BX+SI], AL   
0x0068    0000            ADD [BX+SI], AL   
0x006A    0000            ADD [BX+SI], AL   
0x006C    0000            ADD [BX+SI], AL   
0x006E    0000            ADD [BX+SI], AL   
0x0070    0000            ADD [BX+SI], AL   
0x0072    0000            ADD [BX+SI], AL   
0x0074    0000            ADD [BX+SI], AL   
0x0076    0000            ADD [BX+SI], AL   
0x0078    0000            ADD [BX+SI], AL   
0x007A    0000            ADD [BX+SI], AL   
0x007C    0000            ADD [BX+SI], AL   
0x007E    0000            ADD [BX+SI], AL   
0x0080    0000            ADD [BX+SI], AL   
0x0082    0000            ADD [BX+SI], AL   
0x0084    0000            ADD [BX+SI], AL   
0x0086    0000            ADD [BX+SI], AL   
0x0088    0000            ADD [BX+SI], AL   
0x008A    0000            ADD [BX+SI], AL   
0x008C    0000            ADD [BX+SI], AL   
0x008E    0000            ADD [BX+SI], AL   
0x0090    0000            ADD [BX+SI], AL   
0x0092    0000            ADD [BX+SI], AL   
0x0094    0000            ADD [BX+SI], AL   
0x0096    0000            ADD [BX+SI], AL   
0x0098    0000            ADD [BX+SI], AL   
0x009A    0000            ADD [BX+SI], AL   
0x009C    0000            ADD [BX+SI], AL   
0x009E    0000            ADD [BX+SI], AL   
0x00A0    0000            ADD [BX+SI], AL   
0x00A2    0000            ADD [BX+SI], AL   
0x00A4    0000            ADD [BX+SI], AL   
0x00A6    0000            ADD [BX+SI], AL   
0x00A8    0000            ADD [BX+SI], AL   
0x00AA    0000            ADD [BX+SI], AL   
0x00AC    0000            ADD [BX+SI], AL   
0x00AE    0000            ADD [BX+SI], AL   
0x00B0    0000            ADD [BX+SI], AL   
0x00B2    0000            ADD [BX+SI], AL   
0x00B4    0000            ADD [BX+SI], AL   
0x00B6    0000            ADD [BX+SI], AL   
0x00B8    0000            ADD [BX+SI], AL   
0x00BA    0000            ADD [BX+SI], AL   
0x00BC    0000            ADD [BX+SI], AL   
0x00BE    0000            ADD [BX+SI], AL   
0x00C0    0000            ADD [BX+SI], AL   
0x00C2    0000            ADD [BX+SI], AL   
0x00C4    0000            ADD [BX+SI], AL   
0x00C6    0000            ADD [BX+SI], AL   
0x00C8    0000            ADD [BX+SI], AL   
0x00CA    0000            ADD [BX+SI], AL   
0x00CC    0000            ADD [BX+SI], AL   
0x00CE    0000            ADD [BX+SI], AL   
0x00D0    0000            ADD [BX+SI], AL   
0x00D2    0000            ADD [BX+SI], AL   
0x00D4    0000            ADD [BX+SI], AL   
0x00D6    0000            ADD [BX+SI], AL   
0x00D8    0000            ADD [BX+SI], AL   
0x00DA    0000            ADD [BX+SI], AL   
0x00DC    0000            ADD [BX+SI], AL   
0x00DE    0000            ADD [BX+SI], AL   
0x00E0    0000            ADD [BX+SI], AL   
0x00E2    0000            ADD [BX+SI], AL   
0x00E4    0000            ADD [BX+SI], AL   
0x00E6    0000            ADD [BX+SI], AL   
0x00E8    0000            ADD [BX+SI], AL   
0x00EA    0000            ADD [BX+SI], AL   
0x00EC    0000            ADD [BX+SI], AL   
0x00EE    0000            ADD [BX+SI], AL   
0x00F0    0000            ADD [BX+SI], AL   
0x00F2    0000            ADD [BX+SI], AL   
0x00F4    0000            ADD [BX+SI], AL   
0x00F6    0000            ADD [BX+SI], AL   
0x00F8    0000            ADD [BX+SI], AL   
0x00FA    0000            ADD [BX+SI], AL   
0x00FC    0000            ADD [BX+SI], AL   
0x00FE    0000            ADD [BX+SI], AL   
0x0100    0000            ADD [BX+SI], AL   
0x0102    0000            ADD [BX+SI], AL   
0x0104    0000            ADD [BX+SI], AL   
0x0106    0000            ADD [BX+SI], AL   
0x0108    0000            ADD [BX+SI], AL   
0x010A    0000            ADD [BX+SI], AL   
0x010C    0000            ADD [BX+SI], AL   
0x010E    0000            ADD [BX+SI], AL   
0x0110    0000            ADD [BX+SI], AL   
0x0112    0000            ADD [BX+SI], AL   
0x0114    0000            ADD [BX+SI], AL   
0x0116    0000            ADD [BX+SI], AL   
0x0118    0000            ADD [BX+SI], AL   
0x011A    0000            ADD [BX+SI], AL   
0x011C    0000            ADD [BX+SI], AL   
0x011E    0000            ADD [BX+SI], AL   
0x0120    0000            ADD [BX+SI], AL   
0x0122    0000            ADD [BX+SI], AL   
0x0124    0000            ADD [BX+SI], AL   
0x0126    0000            ADD [BX+SI], AL   
0x0128    0000            ADD [BX+SI], AL   
0x012A    0000            ADD [BX+SI], AL   
0x012C    0000            ADD [BX+SI], AL   
0x012E    0000            ADD [BX+SI], AL   
0x0130    0000            ADD [BX+SI], AL   
0x0132    0000            ADD [BX+SI], AL   
0x0134    0000            ADD [BX+SI], AL   
0x0136    0000            ADD [BX+SI], AL   
0x0138    0000            ADD [BX+SI], AL   
0x013A    0000            ADD [BX+SI], AL   
0x013C    0000            ADD [BX+SI], AL   
0x013E    0000            ADD [BX+SI], AL   
0x0140    0000            ADD [BX+SI], AL   
0x0142    0000            ADD [BX+SI], AL   
0x0144    0000            ADD [BX+SI], AL   
0x0146    0000            ADD [BX+SI], AL   
0x0148    0000            ADD [BX+SI], AL   
0x014A    0000            ADD [BX+SI], AL   
0x014C    0000            ADD [BX+SI], AL   
0x014E    0000            ADD [BX+SI], AL   
0x0150    0000            ADD [BX+SI], AL   
0x0152    0000            ADD [BX+SI], AL   
0x0154    0000            ADD [BX+SI], AL   
0x0156    0000            ADD [BX+SI], AL   
0x0158    0000            ADD [BX+SI], AL   
0x015A    0000            ADD [BX+SI], AL   
0x015C    0000            ADD [BX+SI], AL   
0x015E    0000            ADD [BX+SI], AL   
0x0160    0000            ADD [BX+SI], AL   
0x0162    0000            ADD [BX+SI], AL   
0x0164    0000            ADD [BX+SI], AL   
0x0166    0000            ADD [BX+SI], AL   
0x0168    0000            ADD [BX+SI], AL   
0x016A    0000            ADD [BX+SI], AL   
0x016C    0000            ADD [BX+SI], AL   
0x016E    0000            ADD [BX+SI], AL   
0x0170    0000            ADD [BX+SI], AL   
0x0172    0000            ADD [BX+SI], AL   
0x0174    0000            ADD [BX+SI], AL   
0x0176    0000            ADD [BX+SI], AL   
0x0178    0000            ADD [BX+SI], AL   
0x017A    0000            ADD [BX+SI], AL   
0x017C    0000            ADD [BX+SI], AL   
0x017E    0000            ADD [BX+SI], AL   
0x0180    0000            ADD [BX+SI], AL   
0x0182    0000            ADD [BX+SI], AL   
0x0184    0000            ADD [BX+SI], AL   
0x0186    0000            ADD [BX+SI], AL   
0x0188    0000            ADD [BX+SI], AL   
0x018A    0000            ADD [BX+SI], AL   
0x018C    0000            ADD [BX+SI], AL   
0x018E    0000            ADD [BX+SI], AL   
0x0190    0000            ADD [BX+SI], AL   
0x0192    0000            ADD [BX+SI], AL   
0x0194    0000            ADD [BX+SI], AL   
0x0196    0000            ADD [BX+SI], AL   
0x0198    0000            ADD [BX+SI], AL   
0x019A    0000            ADD [BX+SI], AL   
0x019C    0000            ADD [BX+SI], AL   
0x019E    0000            ADD [BX+SI], AL   
0x01A0    0000            ADD [BX+SI], AL   
0x01A2    0000            ADD [BX+SI], AL   
0x01A4    0000            ADD [BX+SI], AL   
0x01A6    0000            ADD [BX+SI], AL   
0x01A8    0000            ADD [BX+SI], AL   
0x01AA    0000            ADD [BX+SI], AL   
0x01AC    0000            ADD [BX+SI], AL   
0x01AE    0000            ADD [BX+SI], AL   
0x01B0    0000            ADD [BX+SI], AL   
0x01B2    0000            ADD [BX+SI], AL   
0x01B4    0000            ADD [BX+SI], AL   
0x01B6    0000            ADD [BX+SI], AL   
0x01B8    ea 2df0 7400    JMP FAR 0x74:0xf02d   
0x01BD    0000            ADD [BX+SI], AL   
0x01BF    2021            AND [BX+DI], AH   
0x01C1    0073 fe         ADD [BP+DI-0x2], DH   
0x01C4    ff              DB 0xff   
0x01C5    ff00            INC WORD [BX+SI]   
0x01C7    0800            OR [BX+SI], AL   
0x01C9    0000            ADD [BX+SI], AL   
0x01CB    a8 cb           TEST AL, 0xcb   
0x01CD    0200            ADD AL, [BX+SI]   
0x01CF    0000            ADD [BX+SI], AL   
0x01D1    0000            ADD [BX+SI], AL   
0x01D3    0000            ADD [BX+SI], AL   
0x01D5    0000            ADD [BX+SI], AL   
0x01D7    0000            ADD [BX+SI], AL   
0x01D9    0000            ADD [BX+SI], AL   
0x01DB    0000            ADD [BX+SI], AL   
0x01DD    0000            ADD [BX+SI], AL   
0x01DF    0000            ADD [BX+SI], AL   
0x01E1    0000            ADD [BX+SI], AL   
0x01E3    0000            ADD [BX+SI], AL   
0x01E5    0000            ADD [BX+SI], AL   
0x01E7    0000            ADD [BX+SI], AL   
0x01E9    0000            ADD [BX+SI], AL   
0x01EB    0000            ADD [BX+SI], AL   
0x01ED    0000            ADD [BX+SI], AL   
0x01EF    0000            ADD [BX+SI], AL   
0x01F1    0000            ADD [BX+SI], AL   
0x01F3    0000            ADD [BX+SI], AL   
0x01F5    0000            ADD [BX+SI], AL   
0x01F7    0000            ADD [BX+SI], AL   
0x01F9    0000            ADD [BX+SI], AL   
0x01FB    0000            ADD [BX+SI], AL   
0x01FD    0055 aa         ADD [DI-0x56], DL   


_______MBR   \Device\Harddisk2\DR2  

0x00000000   FA B8 00 00 8E D0 BC 00 7C 8B F4 50 07 50 1F FB   ú¸...Ð¼.|.ôP.P.û
0x00000010   FC BF 00 06 B9 00 01 F3 A5 EA 1E 06 00 00 BE BE   ü¿..¹..ó¥ê....¾¾
0x00000020   07 80 3C 80 74 02 CD 18 56 53 06 BB 00 7C B9 01   ..<.t.Í.VS.».|¹.
0x00000030   00 BA 00 00 B8 01 02 CD 13 07 5B 5E B2 80 72 0B   .º..¸..Í..[^².r.
0x00000040   BF BC 7D 81 3D 55 53 75 02 B2 00 BF EB 06 88 15   ¿¼}.=USu.².¿ë...
0x00000050   8A 74 01 8B 4C 02 8B EE EB 15 BE 9B 06 AC 3C 00   .t..L..îë.¾..¬<.
0x00000060   74 0B 56 BB 07 00 B4 0E CD 10 5E EB F0 EB FE BB   t.V»..´.Í.^ëðëþ»
0x00000070   00 7C B8 01 02 CD 13 73 05 BE B3 06 EB DF BE D2   .|¸..Í.s.¾³.ëß¾Ò
0x00000080   06 BF FE 7D 81 3D 55 AA 75 D3 BF 24 7C BE EB 06   .¿þ}.=UªuÓ¿$|¾ë.
0x00000090   8A 04 88 05 8B F5 EA 00 7C 00 00 49 6E 76 61 6C   .....õê.|..Inval
0x000000A0   69 64 20 70 61 72 74 69 74 69 6F 6E 20 74 61 62   id partition tab
0x000000B0   6C 65 00 45 72 72 6F 72 20 6C 6F 61 64 69 6E 67   le.Error loading
0x000000C0   20 6F 70 65 72 61 74 69 6E 67 20 73 79 73 74 65    operating syste
0x000000D0   6D 00 4D 69 73 73 69 6E 67 20 6F 70 65 72 61 74   m.Missing operat
0x000000E0   69 6E 67 20 73 79 73 74 65 6D 00 00 00 00 00 00   ing system......
0x000000F0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000100   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000110   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000120   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000130   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000140   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000150   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000160   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000170   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000180   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x00000190   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000001A0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000001B0   00 00 00 00 00 00 00 00 9F 70 BE 43 00 00 00 01   .........p¾C....
0x000001C0   01 00 07 1F 7F 5C 3F 00 00 00 21 3C E7 00 00 00   .....\?...!<ç...
0x000001D0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000001E0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00   ................
0x000001F0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 55 AA   ..............Uª

__________________________16_BIT_ASM_CODE
   
0x0000    fa              CLI   
0x0001    b8 0000         MOV AX, 0x0   
0x0004    8ed0            MOV SS, AX   
0x0006    bc 007c         MOV SP, 0x7c00   
0x0009    8bf4            MOV SI, SP   
0x000B    50              PUSH AX   
0x000C    07              POP ES   
0x000D    50              PUSH AX   
0x000E    1f              POP DS   
0x000F    fb              STI   
0x0010    fc              CLD   
0x0011    bf 0006         MOV DI, 0x600   
0x0014    b9 0001         MOV CX, 0x100   
0x0017    f3 a5           REP MOVSW   
0x0019    ea 1e06 0000    JMP FAR 0x0:0x61e   
0x001E    be be07         MOV SI, 0x7be   
0x0021    803c 80         CMP BYTE [SI], 0x80   
0x0024    74 02           JZ 0x28   
0x0026    cd 18           INT 0x18   
0x0028    56              PUSH SI   
0x0029    53              PUSH BX   
0x002A    06              PUSH ES   
0x002B    bb 007c         MOV BX, 0x7c00   
0x002E    b9 0100         MOV CX, 0x1   
0x0031    ba 0000         MOV DX, 0x0   
0x0034    b8 0102         MOV AX, 0x201   
0x0037    cd 13           INT 0x13   
0x0039    07              POP ES   
0x003A    5b              POP BX   
0x003B    5e              POP SI   
0x003C    b2 80           MOV DL, 0x80   
0x003E    72 0b           JB 0x4b   
0x0040    bf bc7d         MOV DI, 0x7dbc   
0x0043    813d 5553       CMP WORD [DI], 0x5355   
0x0047    75 02           JNZ 0x4b   
0x0049    b2 00           MOV DL, 0x0   
0x004B    bf eb06         MOV DI, 0x6eb   
0x004E    8815            MOV [DI], DL   
0x0050    8a74 01         MOV DH, [SI+0x1]   
0x0053    8b4c 02         MOV CX, [SI+0x2]   
0x0056    8bee            MOV BP, SI   
0x0058    eb 15           JMP 0x6f   
0x005A    be 9b06         MOV SI, 0x69b   
0x005D    ac              LODSB   
0x005E    3c 00           CMP AL, 0x0   
0x0060    74 0b           JZ 0x6d   
0x0062    56              PUSH SI   
0x0063    bb 0700         MOV BX, 0x7   
0x0066    b4 0e           MOV AH, 0xe   
0x0068    cd 10           INT 0x10   
0x006A    5e              POP SI   
0x006B    eb f0           JMP 0x5d   
0x006D    eb fe           JMP 0x6d   
0x006F    bb 007c         MOV BX, 0x7c00   
0x0072    b8 0102         MOV AX, 0x201   
0x0075    cd 13           INT 0x13   
0x0077    73 05           JAE 0x7e   
0x0079    be b306         MOV SI, 0x6b3   
0x007C    eb df           JMP 0x5d   
0x007E    be d206         MOV SI, 0x6d2   
0x0081    bf fe7d         MOV DI, 0x7dfe   
0x0084    813d 55aa       CMP WORD [DI], 0xaa55   
0x0088    75 d3           JNZ 0x5d   
0x008A    bf 247c         MOV DI, 0x7c24   
0x008D    be eb06         MOV SI, 0x6eb   
0x0090    8a04            MOV AL, [SI]   
0x0092    8805            MOV [DI], AL   
0x0094    8bf5            MOV SI, BP   
0x0096    ea 007c 0000    JMP FAR 0x0:0x7c00   
0x009B    49              DEC CX   
0x009C    6e              OUTSB   
0x009D    76 61           JBE 0x100   
0x009F    6c              INSB   
0x00A0    6964 20 7061    IMUL SP, [SI+0x20], 0x6170   
0x00A5    72 74           JB 0x11b   
0x00A7    6974 69 6f6e    IMUL SI, [SI+0x69], 0x6e6f   
0x00AC    2074 61         AND [SI+0x61], DH   
0x00AF    626c 65         BOUND BP, [SI+0x65]   
0x00B2    0045 72         ADD [DI+0x72], AL   
0x00B5    72 6f           JB 0x126   
0x00B7    72 20           JB 0xd9   
0x00B9    6c              INSB   
0x00BA    6f              OUTSW   
0x00BB    61              POPA   
0x00BC    64 696e 67 206f IMUL BP, FS:[BP+0x67], 0x6f20   
0x00C2    70 65           JO 0x129   
0x00C4    72 61           JB 0x127   
0x00C6    74 69           JZ 0x131   
0x00C8    6e              OUTSB   
0x00C9    67 2073 79      AND [EBX+0x79], DH   
0x00CD    73 74           JAE 0x143   
0x00CF    65 6d           INS WORD GS:[DI], DX   
0x00D1    004d 69         ADD [DI+0x69], CL   
0x00D4    73 73           JAE 0x149   
0x00D6    696e 67 206f    IMUL BP, [BP+0x67], 0x6f20   
0x00DB    70 65           JO 0x142   
0x00DD    72 61           JB 0x140   
0x00DF    74 69           JZ 0x14a   
0x00E1    6e              OUTSB   
0x00E2    67 2073 79      AND [EBX+0x79], DH   
0x00E6    73 74           JAE 0x15c   
0x00E8    65 6d           INS WORD GS:[DI], DX   
0x00EA    0000            ADD [BX+SI], AL   
0x00EC    0000            ADD [BX+SI], AL   
0x00EE    0000            ADD [BX+SI], AL   
0x00F0    0000            ADD [BX+SI], AL   
0x00F2    0000            ADD [BX+SI], AL   
0x00F4    0000            ADD [BX+SI], AL   
0x00F6    0000            ADD [BX+SI], AL   
0x00F8    0000            ADD [BX+SI], AL   
0x00FA    0000            ADD [BX+SI], AL   
0x00FC    0000            ADD [BX+SI], AL   
0x00FE    0000            ADD [BX+SI], AL   
0x0100    0000            ADD [BX+SI], AL   
0x0102    0000            ADD [BX+SI], AL   
0x0104    0000            ADD [BX+SI], AL   
0x0106    0000            ADD [BX+SI], AL   
0x0108    0000            ADD [BX+SI], AL   
0x010A    0000            ADD [BX+SI], AL   
0x010C    0000            ADD [BX+SI], AL   
0x010E    0000            ADD [BX+SI], AL   
0x0110    0000            ADD [BX+SI], AL   
0x0112    0000            ADD [BX+SI], AL   
0x0114    0000            ADD [BX+SI], AL   
0x0116    0000            ADD [BX+SI], AL   
0x0118    0000            ADD [BX+SI], AL   
0x011A    0000            ADD [BX+SI], AL   
0x011C    0000            ADD [BX+SI], AL   
0x011E    0000            ADD [BX+SI], AL   
0x0120    0000            ADD [BX+SI], AL   
0x0122    0000            ADD [BX+SI], AL   
0x0124    0000            ADD [BX+SI], AL   
0x0126    0000            ADD [BX+SI], AL   
0x0128    0000            ADD [BX+SI], AL   
0x012A    0000            ADD [BX+SI], AL   
0x012C    0000            ADD [BX+SI], AL   
0x012E    0000            ADD [BX+SI], AL   
0x0130    0000            ADD [BX+SI], AL   
0x0132    0000            ADD [BX+SI], AL   
0x0134    0000            ADD [BX+SI], AL   
0x0136    0000            ADD [BX+SI], AL   
0x0138    0000            ADD [BX+SI], AL   
0x013A    0000            ADD [BX+SI], AL   
0x013C    0000            ADD [BX+SI], AL   
0x013E    0000            ADD [BX+SI], AL   
0x0140    0000            ADD [BX+SI], AL   
0x0142    0000            ADD [BX+SI], AL   
0x0144    0000            ADD [BX+SI], AL   
0x0146    0000            ADD [BX+SI], AL   
0x0148    0000            ADD [BX+SI], AL   
0x014A    0000            ADD [BX+SI], AL   
0x014C    0000            ADD [BX+SI], AL   
0x014E    0000            ADD [BX+SI], AL   
0x0150    0000            ADD [BX+SI], AL   
0x0152    0000            ADD [BX+SI], AL   
0x0154    0000            ADD [BX+SI], AL   
0x0156    0000            ADD [BX+SI], AL   
0x0158    0000            ADD [BX+SI], AL   
0x015A    0000            ADD [BX+SI], AL   
0x015C    0000            ADD [BX+SI], AL   
0x015E    0000            ADD [BX+SI], AL   
0x0160    0000            ADD [BX+SI], AL   
0x0162    0000            ADD [BX+SI], AL   
0x0164    0000            ADD [BX+SI], AL   
0x0166    0000            ADD [BX+SI], AL   
0x0168    0000            ADD [BX+SI], AL   
0x016A    0000            ADD [BX+SI], AL   
0x016C    0000            ADD [BX+SI], AL   
0x016E    0000            ADD [BX+SI], AL   
0x0170    0000            ADD [BX+SI], AL   
0x0172    0000            ADD [BX+SI], AL   
0x0174    0000            ADD [BX+SI], AL   
0x0176    0000            ADD [BX+SI], AL   
0x0178    0000            ADD [BX+SI], AL   
0x017A    0000            ADD [BX+SI], AL   
0x017C    0000            ADD [BX+SI], AL   
0x017E    0000            ADD [BX+SI], AL   
0x0180    0000            ADD [BX+SI], AL   
0x0182    0000            ADD [BX+SI], AL   
0x0184    0000            ADD [BX+SI], AL   
0x0186    0000            ADD [BX+SI], AL   
0x0188    0000            ADD [BX+SI], AL   
0x018A    0000            ADD [BX+SI], AL   
0x018C    0000            ADD [BX+SI], AL   
0x018E    0000            ADD [BX+SI], AL   
0x0190    0000            ADD [BX+SI], AL   
0x0192    0000            ADD [BX+SI], AL   
0x0194    0000            ADD [BX+SI], AL   
0x0196    0000            ADD [BX+SI], AL   
0x0198    0000            ADD [BX+SI], AL   
0x019A    0000            ADD [BX+SI], AL   
0x019C    0000            ADD [BX+SI], AL   
0x019E    0000            ADD [BX+SI], AL   
0x01A0    0000            ADD [BX+SI], AL   
0x01A2    0000            ADD [BX+SI], AL   
0x01A4    0000            ADD [BX+SI], AL   
0x01A6    0000            ADD [BX+SI], AL   
0x01A8    0000            ADD [BX+SI], AL   
0x01AA    0000            ADD [BX+SI], AL   
0x01AC    0000            ADD [BX+SI], AL   
0x01AE    0000            ADD [BX+SI], AL   
0x01B0    0000            ADD [BX+SI], AL   
0x01B2    0000            ADD [BX+SI], AL   
0x01B4    0000            ADD [BX+SI], AL   
0x01B6    0000            ADD [BX+SI], AL   
0x01B8    9f              LAHF   
0x01B9    70 be           JO 0x179   
0x01BB    43              INC BX   
0x01BC    0000            ADD [BX+SI], AL   
0x01BE    0001            ADD [BX+DI], AL   
0x01C0    0100            ADD [BX+SI], AX   
0x01C2    07              POP ES   
0x01C3    1f              POP DS   
0x01C4    7f 5c           JG 0x222   
0x01C6    3f              AAS   
0x01C7    0000            ADD [BX+SI], AL   
0x01C9    0021            ADD [BX+DI], AH   
0x01CB    3c e7           CMP AL, 0xe7   
0x01CD    0000            ADD [BX+SI], AL   
0x01CF    0000            ADD [BX+SI], AL   
0x01D1    0000            ADD [BX+SI], AL   
0x01D3    0000            ADD [BX+SI], AL   
0x01D5    0000            ADD [BX+SI], AL   
0x01D7    0000            ADD [BX+SI], AL   
0x01D9    0000            ADD [BX+SI], AL   
0x01DB    0000            ADD [BX+SI], AL   
0x01DD    0000            ADD [BX+SI], AL   
0x01DF    0000            ADD [BX+SI], AL   
0x01E1    0000            ADD [BX+SI], AL   
0x01E3    0000            ADD [BX+SI], AL   
0x01E5    0000            ADD [BX+SI], AL   
0x01E7    0000            ADD [BX+SI], AL   
0x01E9    0000            ADD [BX+SI], AL   
0x01EB    0000            ADD [BX+SI], AL   
0x01ED    0000            ADD [BX+SI], AL   
0x01EF    0000            ADD [BX+SI], AL   
0x01F1    0000            ADD [BX+SI], AL   
0x01F3    0000            ADD [BX+SI], AL   
0x01F5    0000            ADD [BX+SI], AL   
0x01F7    0000            ADD [BX+SI], AL   
0x01F9    0000            ADD [BX+SI], AL   
0x01FB    0000            ADD [BX+SI], AL   
0x01FD    0055 aa         ADD [DI-0x56], DL

MartinHaltof · #12 Příspěvek od **MartinHaltof** » 13 led 2015 19:08

posilam v rar páč mi to zprava nepobere

MartinHaltof · #13 Příspěvek od **MartinHaltof** » 13 led 2015 19:42

---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.08.2.1001

(c) Malwarebytes Corporation 2011-2012

OS version: 6.2.9200 Windows 8 x64

Account is Administrative

Internet Explorer version: 10.0.9200.17183

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED
CPU speed: 1.696000 GHz
Memory total: 3934539776, free: 1441648640

Downloaded database version: v2015.01.13.13
Downloaded database version: v2015.01.07.01
Downloaded database version: v2014.12.06.01
Initializing...
======================
------------ Kernel report ------------
01/13/2015 19:15:53
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kd.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\System32\drivers\CLFS.SYS
\SystemRoot\System32\drivers\tm.sys
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\BOOTVID.dll
\SystemRoot\system32\CI.dll
\SystemRoot\System32\drivers\msrpc.sys
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\System32\Drivers\acpiex.sys
\SystemRoot\System32\Drivers\WppRecorder.sys
\SystemRoot\System32\drivers\ACPI.sys
\SystemRoot\System32\drivers\WMILIB.SYS
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\msisadrv.sys
\SystemRoot\System32\drivers\pci.sys
\SystemRoot\System32\drivers\vdrvroot.sys
\SystemRoot\system32\DRIVERS\excsd.sys
\SystemRoot\system32\drivers\pdc.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\System32\drivers\spaceport.sys
\SystemRoot\System32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\System32\drivers\iaStorA.sys
\SystemRoot\System32\drivers\storport.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\System32\drivers\fileinfo.sys
\SystemRoot\system32\drivers\mfehidk.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\DRIVERS\wfplwfs.sys
\SystemRoot\system32\drivers\mfewfpk.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\System32\drivers\volsnap.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\disk.sys
\SystemRoot\System32\drivers\CLASSPNP.SYS
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\system32\DRIVERS\excfs.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\BasicRender.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\System32\drivers\BasicDisplay.sys
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\drivers\ws2ifsl.sys
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\vwififlt.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\System32\drivers\npsvctrig.sys
\SystemRoot\System32\drivers\mssmbios.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\System32\drivers\CompositeBus.sys
\SystemRoot\System32\drivers\usb3Hub.sys
\SystemRoot\System32\drivers\USBD.SYS
\SystemRoot\system32\DRIVERS\kdnic.sys
\SystemRoot\System32\drivers\umbus.sys
\SystemRoot\system32\DRIVERS\igdkmd64.sys
\SystemRoot\System32\Drivers\fastfat.SYS
\SystemRoot\System32\drivers\HDAudBus.sys
\SystemRoot\System32\drivers\USBXHCI.SYS
\SystemRoot\System32\drivers\ucx01000.sys
\SystemRoot\system32\DRIVERS\TeeDriverx64.sys
\SystemRoot\system32\DRIVERS\RtsPer.sys
\SystemRoot\system32\DRIVERS\Rt630x64.sys
\SystemRoot\System32\drivers\usbehci.sys
\SystemRoot\System32\drivers\USBPORT.SYS
\SystemRoot\System32\drivers\i8042prt.sys
\SystemRoot\system32\DRIVERS\ikbevent.sys
\SystemRoot\System32\drivers\kbdclass.sys
\SystemRoot\system32\DRIVERS\ETD.sys
\SystemRoot\system32\DRIVERS\imsevent.sys
\SystemRoot\System32\drivers\mouclass.sys
\SystemRoot\System32\drivers\wmiacpi.sys
\SystemRoot\System32\drivers\msgpiowin32.sys
\SystemRoot\System32\drivers\mshidkmdf.sys
\SystemRoot\System32\drivers\HIDCLASS.SYS
\SystemRoot\System32\drivers\HIDPARSE.SYS
\SystemRoot\System32\drivers\intelppm.sys
\SystemRoot\System32\drivers\CmBatt.sys
\SystemRoot\System32\drivers\BATTC.SYS
\SystemRoot\System32\drivers\ISCTD64.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\System32\drivers\swenum.sys
\SystemRoot\System32\drivers\ks.sys
\SystemRoot\System32\drivers\iwdbus.sys
\SystemRoot\System32\drivers\LMDriver.sys
\SystemRoot\System32\drivers\RadioShim.sys
\SystemRoot\System32\drivers\rdpbus.sys
\SystemRoot\System32\drivers\AMPPAL.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\System32\drivers\usbhub.sys
\SystemRoot\System32\drivers\kbdhid.sys
\SystemRoot\system32\DRIVERS\portcls.sys
\SystemRoot\system32\DRIVERS\drmk.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\System32\drivers\UsbHub3.sys
\SystemRoot\system32\drivers\RTKVHD64.sys
\SystemRoot\System32\drivers\hidusb.sys
\SystemRoot\system32\drivers\mfeavfk.sys
\SystemRoot\system32\drivers\mfefirek.sys
\SystemRoot\system32\DRIVERS\mfencbdc.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\usbccgp.sys
\SystemRoot\System32\Drivers\usbvideo.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\Drivers\dump_diskdump.sys
\SystemRoot\System32\Drivers\dump_iaStorA.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\System32\drivers\condrv.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\system32\drivers\Ndu.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\system32\drivers\WPRO_41_2001.sys
\SystemRoot\system32\drivers\WudfPf.sys
\SystemRoot\System32\drivers\WUDFRd.sys
\SystemRoot\system32\drivers\cfwids.sys
\??\C:\WINDOWS\system32\Drivers\PROCEXP113.SYS
\SystemRoot\System32\drivers\USBSTOR.SYS
\SystemRoot\System32\drivers\WpdUpFltr.sys
\SystemRoot\system32\DRIVERS\NETwew02.sys
\SystemRoot\System32\drivers\vwifibus.sys
\SystemRoot\system32\DRIVERS\vwifimp.sys
\SystemRoot\System32\drivers\mouhid.sys
\??\C:\WINDOWS\system32\drivers\mbamchameleon.sys
\??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
----------- End -----------
Done!
<<<1>>>
Upper Device Name: \Device\Harddisk2\DR2
Upper Device Object: 0xfffffa80054b33d0
Upper Device Driver Name: \Driver\disk\
Lower Device Name: \Device\00000065\
Lower Device Object: 0xfffffa800c1ee060
Lower Device Driver Name: \Driver\USBSTOR\
<<<1>>>
Upper Device Name: \Device\Harddisk1\DR1
Upper Device Object: 0xfffffa800739d060
Upper Device Driver Name: \Driver\disk\
Lower Device Name: \Device\0000003c\
Lower Device Object: 0xfffffa8005126060
Lower Device Driver Name: \Driver\iaStorA\
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xfffffa800739e060
Upper Device Driver Name: \Driver\disk\
Lower Device Name: \Device\0000003b\
Lower Device Object: 0xfffffa80051291e0
Lower Device Driver Name: \Driver\iaStorA\
<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xfffffa800739e060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa800739eb10, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa80065e6880, DeviceName: \Device\excsd0\, DriverName: \Driver\excsd\
DevicePointer: 0xfffffa800739e060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
DevicePointer: 0xfffffa8005127350, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xfffffa80051291e0, DeviceName: \Device\0000003b\, DriverName: \Driver\iaStorA\
------------ End ----------
Alternate DeviceName: \Device\excsd0\, DriverName: \Driver\excsd\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
Done!
Drive 0
This is a System drive
Scanning MBR on drive 0...
Inspecting partition table:
This drive is a GPT Drive.
MBR Signature: 55AA
Disk Signature: B23FDAF2

GPT Protective MBR Partition information:

Partition 0 type is EFI-GPT (0xee)
Partition is NOT ACTIVE.
Partition starts at LBA: 1 Numsec = 4294967295

Partition 1 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Partition 2 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

GPT Partition information:

GPT Header Signature 4546492050415254
GPT Header Revision 65536 Size 92 CRC 655955643
GPT Header CurrentLba = 1 BackupLba 976773167
GPT Header FirstUsableLba 34 LastUsableLba 976773134
GPT Header Guid c99a74c3-68cd-45d3-943b-9d3d732967e0
GPT Header Contains 128 partition entries starting at LBA 2
GPT Header Partition entry size = 128

Backup GPT header Signature 4546492050415254
Backup GPT header Revision 65536 Size 92 CRC 655955643
Backup GPT header CurrentLba = 976773167 BackupLba 1
Backup GPT header FirstUsableLba 34 LastUsableLba 976773134
Backup GPT header Guid c99a74c3-68cd-45d3-943b-9d3d732967e0
Backup GPT header Contains 128 partition entries starting at LBA 976773135
Backup GPT header Partition entry size = 128

Partition 0 Type de94bba4-6d1-4d40-a16a-bfd5179d6ac
Partition ID c7ae3d48-755-4a76-aaf9-b2448b9178d
FirstLBA 2048 Last LBA 821247
Attributes 1
Partition Name Basic data partition

Partition 1 Type c12a7328-f81f-11d2-ba4b-0a0c93ec93b
Partition ID 5c7b7dac-2937-4f12-8983-9b2a113da4d2
FirstLBA 821248 Last LBA 1435647
Attributes 0
Partition Name EFI system partition

GPT Partition 1 is bootable
Partition 2 Type e3c9e316-b5c-4db8-817d-f92df0215ae
Partition ID 1355699e-1b71-4cd6-8bef-c2925a681578
FirstLBA 1435648 Last LBA 1697791
Attributes 0
Partition Name Microsoft reserved partition

Partition 3 Type ebd0a0a2-b9e5-4433-87c0-68b6b72699c7
Partition ID 80b5ebc7-c9c3-444d-a48b-5c519e1e3366
FirstLBA 1697792 Last LBA 941580287
Attributes 0
Partition Name Basic data partition

Partition 4 Type de94bba4-6d1-4d40-a16a-bfd5179d6ac
Partition ID a086ec47-23ae-4506-a2d5-b7f0f238daf5
FirstLBA 941580288 Last LBA 942501887
Attributes 1
Partition Name

Partition 5 Type de94bba4-6d1-4d40-a16a-bfd5179d6ac
Partition ID acad6f2b-d16f-49b9-8f30-6b704d2f36d6
FirstLBA 942501888 Last LBA 943218687
Attributes 1
Partition Name

Partition 6 Type de94bba4-6d1-4d40-a16a-bfd5179d6ac
Partition ID b826dd02-d386-4d5e-ac3e-92dc38583324
FirstLBA 943218688 Last LBA 976773119
Attributes 1
Partition Name Basic data partition

Disk Size: 500107862016 bytes
Sector size: 512 bytes

Done!
Physical Sector Size: 512
Drive: 1, DevicePointer: 0xfffffa800739d060, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa800739db10, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa80065e5880, DeviceName: \Device\excsd1\, DriverName: \Driver\excsd\
DevicePointer: 0xfffffa800739d060, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\disk\
DevicePointer: 0xfffffa800512a950, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xfffffa8005126060, DeviceName: \Device\0000003c\, DriverName: \Driver\iaStorA\
------------ End ----------
Alternate DeviceName: \Device\excsd1\, DriverName: \Driver\excsd\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
Drive 1
Scanning MBR on drive 1...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 74F02DEA

Partition information:

Partition 0 type is Other (0x73)
Partition is NOT ACTIVE.
Partition starts at LBA: 2048 Numsec = 46901248

Partition 1 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Partition 2 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Disk Size: 24015495168 bytes
Sector size: 512 bytes

Done!
Physical Sector Size: 512
Drive: 2, DevicePointer: 0xfffffa80054b33d0, DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa800d756b10, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa80054b33d0, DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\disk\
DevicePointer: 0xfffffa800c1ee060, DeviceName: \Device\00000065\, DriverName: \Driver\USBSTOR\
------------ End ----------
Alternate DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
Drive 2
Scanning MBR on drive 2...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 43BE709F

Partition information:

Partition 0 type is Primary (0x7)
Partition is NOT ACTIVE.
Partition starts at LBA: 63 Numsec = 15154209

Partition 1 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Partition 2 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Disk Size: 7759462400 bytes
Sector size: 512 bytes

Done!
Scan finished
=======================================

Removal queue found; removal started
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-r.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-1-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-1-r.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-2-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-2-r.mbam...
Removal finished

#14 Příspěvek od **altrok** » 13 led 2015 21:21

Nainstalujte MBAM a udelejte vlastni sken vsech disku - http://forum.viry.cz/viewtopic.php?f=29&t=137928

Upozorneni: tento sken zabere od 30 minut po nekolik hodin

MartinHaltof · #15 Příspěvek od **MartinHaltof** » 14 led 2015 06:22

Nenašel žadnou chybu .. pokud jsem opravdu nějak smazal stopy po těch virech pomuže reinstal Windows ?

VIRY.CZ

Hostitel služby (mistní sys.) check

Hostitel služby (mistní sys.) check

Re: Hostitel služby (mistní sys.) check

Re: Hostitel služby (mistní sys.) check

Re: Hostitel služby (mistní sys.) check

Re: Hostitel služby (mistní sys.) check

Re: Hostitel služby (mistní sys.) check

Re: Hostitel služby (mistní sys.) check

Re: Hostitel služby (mistní sys.) check

Re: Hostitel služby (mistní sys.) check

Re: Hostitel služby (mistní sys.) check

Re: Hostitel služby (mistní sys.) check

Re: Hostitel služby (mistní sys.) check

Re: Hostitel služby (mistní sys.) check

Re: Hostitel služby (mistní sys.) check

Re: Hostitel služby (mistní sys.) check