&amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;am p;a mp;a mp;a mp;a mp;a mp;a mp;a mp;a mp;a mp;a mp;a mp;a mp;a mp;a mp;a mp;a mp;a mp;a mp;a mp;a mp;a mp;a mp;a mp;a mp;a mp;a mp;a mp;q uot; Подо зрен и е на маскировку ключа реестра службы/драйве

**aen1975** · 24.07.2015, 23:00

Стоял себе работал сервер Win`2003 (Terminal). При проверке заметил, что нет антивируса (вернее он как бы есть но работает и не открываются некоторые сайты!!!! При попытке переустановить Symantec или Kaspersky в последний момент почти установившийся продукт (например - Служба "Symantec Endpoint Protection" перешла в состояние "Работает".) откатывался назад (В разделе реестра SRTSP запрещен доступ к программам учетной записи SYSTEM, поэтому владельцем раздела реестра стал диспетчер служб. и Установщик Windows выполнил установку продукта. Продукт: Symantec Endpoint Protection Client. Версия: 12.1.5337.5000. Язык: 1033. Установка завершена с состоянием: 1603.)

Файлик hosts содержит 276 "нулевых" записей - список сайтов антивирусов и утилит. Эти же 276 записей есть в Program Files и C:\Documents and Settings\Администратор.TERMINAL\Application Data в виде скрытых файликов с пустыми правами доступа, они же 276 скрытых пустых - но уже папок - в system32\drivers\360AntiHacker.sys и т.п. (список этих 276 будет перечислен в отчете AVZ как "Подозрение на маскировку ключа реестра службы/драйвера")

Надоело быть жертвой? Стань профи по информационной безопасности, получай самую свежую информацию об угрозах и средствах защиты от ведущего российского аналитического центра Anti-Malware.ru:

**Info_bot** · 24.07.2015, 23:03

Уважаемый(ая) aen1975, спасибо за обращение на наш форум!

Помощь в лечении комьютера на VirusInfo.Info оказывается абсолютно бесплатно. Хелперы в самое ближайшее время ответят на Ваш запрос. Для оказания помощи необходимо предоставить логи сканирования утилитами АВЗ и HiJackThis, подробнее можно прочитать в правилах оформления запроса о помощи.

Если наш сайт окажется полезен Вам и у Вас будет такая возможность - пожалуйста поддержите проект.

**Vvvyg** · 25.07.2015, 00:41

Скачайте Farbar Recovery Scan Tool и сохраните на Рабочем столе.

Примечание: необходимо выбрать версию, совместимую с Вашей операционной системой. Если Вы не уверены, какая версия подойдет для Вашей системы, скачайте обе и попробуйте запустить. Только одна из них запустится на Вашей системе.
Запустите программу. Когда программа запустится, нажмите Yes для соглашения с предупреждением.
Отметьте галочками также "Shortcut.txt".

Нажмите кнопку Scan.
После окончания сканирования будут созданы отчеты FRST.txt, Addition.txt, Shortcut.txt в той же папке, откуда была запущена программа.
Прикрепите эти файлы к своему следующему сообщению (можно все в одном архиве).

**aen1975** · 26.07.2015, 21:04

frst

**Vvvyg** · 27.07.2015, 08:54

Откройте Блокнот (Старт =>Программы => Стандартные => Блокнот). Скопируйте в него следующий код:

Код:

CreateRestorePoint:
IFEO\Adaware_Installer.exe: [Debugger] msiexec.exe
IFEO\autoruns.exe: [Debugger] msiexec.exe
IFEO\autorunsc.exe: [Debugger] msiexec.exe
IFEO\avast_free_antivirus_setup_online.exe: [Debugger] msiexec.exe
IFEO\avast_internet_security_setup.exe: [Debugger] msiexec.exe
IFEO\avast_internet_security_setup_online.exe: [Debugger] msiexec.exe
IFEO\avast_premier_antivirus_setup_online.exe: [Debugger] msiexec.exe
IFEO\avira_family_protection_suite_ru.exe: [Debugger] msiexec.exe
IFEO\avira_ultimate_protection_suite_ru.exe: [Debugger] msiexec.exe
IFEO\BavPro_Setup_Mini_GL.exe: [Debugger] msiexec.exe
IFEO\bitdefender_tsecurity.exe: [Debugger] msiexec.exe
IFEO\BullGuardDownloaderBPP.exe: [Debugger] msiexec.exe
IFEO\cispremium_installer.exe: [Debugger] msiexec.exe
IFEO\ClamAVSetup.exe: [Debugger] msiexec.exe
IFEO\cureit.exe: [Debugger] msiexec.exe
IFEO\drweb-900-win-space.exe: [Debugger] msiexec.exe
IFEO\drweb-900-win.exe: [Debugger] msiexec.exe
IFEO\EmsisoftEmergencyKit.exe: [Debugger] msiexec.exe
IFEO\EmsisoftInternetSecuritySetup.exe: [Debugger] msiexec.exe
IFEO\ess_trial32_rus.exe: [Debugger] msiexec.exe
IFEO\F-SecureNetworkInstallerUpg.exe: [Debugger] msiexec.exe
IFEO\F-SecureNetworkInstaller_IS-ESTORE-TRIAL-GLOBAL_.exe: [Debugger] msiexec.exe
IFEO\HijackThis.exe: [Debugger] msiexec.exe
IFEO\HousecallLauncher.exe: [Debugger] msiexec.exe
IFEO\K7UltimateSecurity_installer.exe: [Debugger] msiexec.exe
IFEO\McAfeeSetup.exe: [Debugger] msiexec.exe
IFEO\md_setup_en.exe: [Debugger] msiexec.exe
IFEO\OnlineArmorSetup.exe: [Debugger] msiexec.exe
IFEO\OutpostSecuritySuiteProInstall.exe: [Debugger] msiexec.exe
IFEO\OutpostSecuritySuiteProInstall_x64.exe: [Debugger] msiexec.exe
IFEO\PadvishAntivirusFree.exe: [Debugger] msiexec.exe
IFEO\PandaCloudAntivirus.exe: [Debugger] msiexec.exe
IFEO\ProcessHacker.exe: [Debugger] msiexec.exe
IFEO\procexp.exe: [Debugger] msiexec.exe
IFEO\PSafeAntivirusSetup.exe: [Debugger] msiexec.exe
IFEO\registry-life-setup.exe: [Debugger] msiexec.exe
IFEO\SandboxieInstall.exe: [Debugger] msiexec.exe
IFEO\SecurityScan_Release.exe: [Debugger] msiexec.exe
IFEO\setup-vipre-internet-security-en-us-trial.exe: [Debugger] msiexec.exe
IFEO\SoftonicDownloader_for_panda-antivirus-pro.exe: [Debugger] msiexec.exe
IFEO\SpyShelter.exe: [Debugger] msiexec.exe
IFEO\stop-sign_install.exe: [Debugger] msiexec.exe
IFEO\TrojanHunterSetup.exe: [Debugger] msiexec.exe
IFEO\UnThreatProSetup.exe: [Debugger] msiexec.exe
IFEO\Vba32.Vista.exe: [Debugger] msiexec.exe
IFEO\Wireshark.exe: [Debugger] msiexec.exe
U5 360AntiHacker; C:\Windows\System32\Drivers\360AntiHacker.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 360AvFlt; C:\Windows\System32\Drivers\360AvFlt.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 360Box; C:\Windows\System32\Drivers\360Box.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 360Box64; C:\Windows\System32\Drivers\360Box64.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 360Camera; C:\Windows\System32\Drivers\360Camera.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 360fsflt; C:\Windows\System32\Drivers\360fsflt.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 360SelfProtection; C:\Windows\System32\Drivers\360SelfProtection.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 ABndis; C:\Windows\System32\Drivers\ABndis.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 AFW; C:\Windows\System32\Drivers\AFW.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 afwcore; C:\Windows\System32\Drivers\afwcore.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 AhnFlt2K; C:\Windows\System32\Drivers\AhnFlt2K.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 AhnRec2K; C:\Windows\System32\Drivers\AhnRec2K.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 AhnRghNt; C:\Windows\System32\Drivers\AhnRghNt.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 AhnSZE; C:\Windows\System32\Drivers\AhnSZE.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 ALE_NF; C:\Windows\System32\Drivers\ALE_NF.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 AMonLWLH; C:\Windows\System32\Drivers\AMonLWLH.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 AMonTDLH; C:\Windows\System32\Drivers\AMonTDLH.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 APPFLT; C:\Windows\System32\Drivers\APPFLT.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 arcawfp; C:\Windows\System32\Drivers\arcawfp.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 aswHwid; C:\Windows\System32\Drivers\aswHwid.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 aswMonFlt; C:\Windows\System32\Drivers\aswMonFlt.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 aswNdis; C:\Windows\System32\Drivers\aswNdis.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 aswNdis2; C:\Windows\System32\Drivers\aswNdis2.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 aswNdisFlt; C:\Windows\System32\Drivers\aswNdisFlt.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 aswRdr; C:\Windows\System32\Drivers\aswRdr.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 aswSP; C:\Windows\System32\Drivers\aswSP.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 aswStm; C:\Windows\System32\Drivers\aswStm.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 avasdmft; C:\Windows\System32\Drivers\avasdmft.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 avc3; C:\Windows\System32\Drivers\avc3.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 avchv; C:\Windows\System32\Drivers\avchv.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 avckf; C:\Windows\System32\Drivers\avckf.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 Avgboota; C:\Windows\System32\Drivers\Avgboota.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 Avgdiska; C:\Windows\System32\Drivers\Avgdiska.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 Avgdiskx; C:\Windows\System32\Drivers\Avgdiskx.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 AVGIDSHA; C:\Windows\System32\Drivers\AVGIDSHA.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 AVGIDSHX; C:\Windows\System32\Drivers\AVGIDSHX.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 Avgldx64; C:\Windows\System32\Drivers\Avgldx64.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 Avgldx86; C:\Windows\System32\Drivers\Avgldx86.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 Avgloga; C:\Windows\System32\Drivers\Avgloga.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 Avglogx; C:\Windows\System32\Drivers\Avglogx.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 Avgmfx64; C:\Windows\System32\Drivers\Avgmfx64.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 Avgmfx86; C:\Windows\System32\Drivers\Avgmfx86.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 avgntflt; C:\Windows\System32\Drivers\avgntflt.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 Avgrkx64; C:\Windows\System32\Drivers\Avgrkx64.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 Avgrkx86; C:\Windows\System32\Drivers\Avgrkx86.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 Avgtdia; C:\Windows\System32\Drivers\Avgtdia.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 Avgtdix; C:\Windows\System32\Drivers\Avgtdix.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 Avgwfpa; C:\Windows\System32\Drivers\Avgwfpa.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 avipbb; C:\Windows\System32\Drivers\avipbb.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 avkmgr; C:\Windows\System32\Drivers\avkmgr.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 avnetflt; C:\Windows\System32\Drivers\avnetflt.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 BAPIDRV; C:\Windows\System32\Drivers\BAPIDRV.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 Bcfilter; C:\Windows\System32\Drivers\Bcfilter.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 bcfsrm; C:\Windows\System32\Drivers\bcfsrm.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 bcftdi; C:\Windows\System32\Drivers\bcftdi.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 bc_hash_f; C:\Windows\System32\Drivers\bc_hash_f.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 bc_ip_f; C:\Windows\System32\Drivers\bc_ip_f.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 bc_ngn; C:\Windows\System32\Drivers\bc_ngn.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 bc_pat_f; C:\Windows\System32\Drivers\bc_pat_f.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 bc_prt_f; C:\Windows\System32\Drivers\bc_prt_f.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 bc_tdi_f; C:\Windows\System32\Drivers\bc_tdi_f.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 BdAgent; C:\Windows\System32\Drivers\BdAgent.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 bdelam; C:\Windows\System32\Drivers\bdelam.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 Bdfndisf; C:\Windows\System32\Drivers\Bdfndisf.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 bdfsfltr; C:\Windows\System32\Drivers\bdfsfltr.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 BdNet; C:\Windows\System32\Drivers\BdNet.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 BDSandBox; C:\Windows\System32\Drivers\BDSandBox.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 bdsflt; C:\Windows\System32\Drivers\bdsflt.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 bdsnm; C:\Windows\System32\Drivers\bdsnm.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 BdSpy; C:\Windows\System32\Drivers\BdSpy.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 BDVEDISK; C:\Windows\System32\Drivers\BDVEDISK.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 Bfilter; C:\Windows\System32\Drivers\Bfilter.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 Bfmon; C:\Windows\System32\Drivers\Bfmon.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 Bhbase; C:\Windows\System32\Drivers\Bhbase.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 Bprotect; C:\Windows\System32\Drivers\Bprotect.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 catflt; C:\Windows\System32\Drivers\catflt.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 CdmDrvNt; C:\Windows\System32\Drivers\CdmDrvNt.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 cfwids; C:\Windows\System32\Drivers\cfwids.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 cmderd; C:\Windows\System32\Drivers\cmderd.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 cmdGuard; C:\Windows\System32\Drivers\cmdGuard.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 cmdHlp; C:\Windows\System32\Drivers\cmdHlp.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 ComFiltr; C:\Windows\System32\Drivers\ComFiltr.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 DrWebLwf; C:\Windows\System32\Drivers\DrWebLwf.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 DSAFLT; C:\Windows\System32\Drivers\DSAFLT.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 DwProt; C:\Windows\System32\Drivers\DwProt.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 eamon; C:\Windows\System32\Drivers\eamon.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 eamonm; C:\Windows\System32\Drivers\eamonm.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 econceal; C:\Windows\System32\Drivers\econceal.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 edevmon; C:\Windows\System32\Drivers\edevmon.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 EfiMon; C:\Windows\System32\Drivers\EfiMon.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 ehdrv; C:\Windows\System32\Drivers\ehdrv.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 epfw; C:\Windows\System32\Drivers\epfw.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 EpfwLWF; C:\Windows\System32\Drivers\EpfwLWF.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 Epfwndis; C:\Windows\System32\Drivers\Epfwndis.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 epfwtdi; C:\Windows\System32\Drivers\epfwtdi.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 epfwwfp; C:\Windows\System32\Drivers\epfwwfp.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 epfwwfpr; C:\Windows\System32\Drivers\epfwwfpr.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 FNETMON; C:\Windows\System32\Drivers\FNETMON.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 FPAV_RTP; C:\Windows\System32\Drivers\FPAV_RTP.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 fsbts; C:\Windows\System32\Drivers\fsbts.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 FWCore; C:\Windows\System32\Drivers\FWCore.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 GDBehave; C:\Windows\System32\Drivers\GDBehave.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 GDNdisIc; C:\Windows\System32\Drivers\GDNdisIc.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 gfiark; C:\Windows\System32\Drivers\gfiark.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 gfiutil; C:\Windows\System32\Drivers\gfiutil.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 ggc; C:\Windows\System32\Drivers\ggc.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 gzflt; C:\Windows\System32\Drivers\gzflt.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 HipShieldK; C:\Windows\System32\Drivers\HipShieldK.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 HookCentre; C:\Windows\System32\Drivers\HookCentre.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 HookPort; C:\Windows\System32\Drivers\HookPort.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 hooksys; C:\Windows\System32\Drivers\hooksys.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 HookTdi; C:\Windows\System32\Drivers\HookTdi.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 IDSFLT; C:\Windows\System32\Drivers\IDSFLT.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 inspect; C:\Windows\System32\Drivers\inspect.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 K7FWFilt; C:\Windows\System32\Drivers\K7FWFilt.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 K7FWHlpr; C:\Windows\System32\Drivers\K7FWHlpr.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 K7Sentry; C:\Windows\System32\Drivers\K7Sentry.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 K7TdiHlp; C:\Windows\System32\Drivers\K7TdiHlp.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 kl1; C:\Windows\System32\Drivers\kl1.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 klelam; C:\Windows\System32\Drivers\klelam.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 KLIF; C:\Windows\System32\Drivers\KLIF.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 KLIM6; C:\Windows\System32\Drivers\KLIM6.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 kltdi; C:\Windows\System32\Drivers\kltdi.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 klwfp; C:\Windows\System32\Drivers\klwfp.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 KmxAgent; C:\Windows\System32\Drivers\KmxAgent.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 KmxAMRT; C:\Windows\System32\Drivers\KmxAMRT.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 KmxCF; C:\Windows\System32\Drivers\KmxCF.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 KmxCfg; C:\Windows\System32\Drivers\KmxCfg.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 KmxFile; C:\Windows\System32\Drivers\KmxFile.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 KmxFilter; C:\Windows\System32\Drivers\KmxFilter.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 KmxFw; C:\Windows\System32\Drivers\KmxFw.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 KmxSbx; C:\Windows\System32\Drivers\KmxSbx.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 KmxStart; C:\Windows\System32\Drivers\KmxStart.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 kneps; C:\Windows\System32\Drivers\kneps.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 kvnet; C:\Windows\System32\Drivers\kvnet.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 kwflower; C:\Windows\System32\Drivers\kwflower.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 kwfupper; C:\Windows\System32\Drivers\kwfupper.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 McPvDrv; C:\Windows\System32\Drivers\McPvDrv.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 mfeapfk; C:\Windows\System32\Drivers\mfeapfk.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 mfeavfk; C:\Windows\System32\Drivers\mfeavfk.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 mfebopk; C:\Windows\System32\Drivers\mfebopk.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 mfeelamk; C:\Windows\System32\Drivers\mfeelamk.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 mfefirek; C:\Windows\System32\Drivers\mfefirek.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 mfehidk; C:\Windows\System32\Drivers\mfehidk.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 mfencbdc; C:\Windows\System32\Drivers\mfencbdc.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 mfencrk; C:\Windows\System32\Drivers\mfencrk.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 mfewfpk; C:\Windows\System32\Drivers\mfewfpk.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 mscank; C:\Windows\System32\Drivers\mscank.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 netfilter; C:\Windows\System32\Drivers\netfilter.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 NETFLTDI; C:\Windows\System32\Drivers\NETFLTDI.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 nnetsec; C:\Windows\System32\Drivers\nnetsec.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 NNSALPC; C:\Windows\System32\Drivers\NNSALPC.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 NNSHTTP; C:\Windows\System32\Drivers\NNSHTTP.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 NNSHTTPS; C:\Windows\System32\Drivers\NNSHTTPS.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 NNSIDS; C:\Windows\System32\Drivers\NNSIDS.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 NNSNAHS; C:\Windows\System32\Drivers\NNSNAHS.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 NNSPICC; C:\Windows\System32\Drivers\NNSPICC.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 NNSPIHS; C:\Windows\System32\Drivers\NNSPIHS.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 NNSPIHSW; C:\Windows\System32\Drivers\NNSPIHSW.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 NNSPOP3; C:\Windows\System32\Drivers\NNSPOP3.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 NNSPROT; C:\Windows\System32\Drivers\NNSPROT.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 NNSPRV; C:\Windows\System32\Drivers\NNSPRV.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 NNSSMTP; C:\Windows\System32\Drivers\NNSSMTP.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 NNSSTRM; C:\Windows\System32\Drivers\NNSSTRM.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 NNSTLSC; C:\Windows\System32\Drivers\NNSTLSC.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 OAmon; C:\Windows\System32\Drivers\OAmon.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 OAnet; C:\Windows\System32\Drivers\OAnet.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 pavboot; C:\Windows\System32\Drivers\pavboot.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 PavProc; C:\Windows\System32\Drivers\PavProc.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 PSINAflt; C:\Windows\System32\Drivers\PSINAflt.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 PSINFile; C:\Windows\System32\Drivers\PSINFile.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 PSINKNC; C:\Windows\System32\Drivers\PSINKNC.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 PSINProc; C:\Windows\System32\Drivers\PSINProc.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 PSINProt; C:\Windows\System32\Drivers\PSINProt.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 PSINReg; C:\Windows\System32\Drivers\PSINReg.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 PSKMAD; C:\Windows\System32\Drivers\PSKMAD.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 qutmipc; C:\Windows\System32\Drivers\qutmipc.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 SandBox; C:\Windows\System32\Drivers\SandBox.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 SAVOnAccess; C:\Windows\System32\Drivers\SAVOnAccess.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 SAVOnAccessControl; C:\Windows\System32\Drivers\SAVOnAccessControl.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 SAVOnAccessFilter; C:\Windows\System32\Drivers\SAVOnAccessFilter.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 sbaphd; C:\Windows\System32\Drivers\sbaphd.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 sbapifs; C:\Windows\System32\Drivers\sbapifs.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 SbFw; C:\Windows\System32\Drivers\SbFw.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 sbhips; C:\Windows\System32\Drivers\sbhips.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 sbtis; C:\Windows\System32\Drivers\sbtis.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 sbwtis; C:\Windows\System32\Drivers\sbwtis.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 scfdriver; C:\Windows\System32\Drivers\scfdriver.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 scfndis; C:\Windows\System32\Drivers\scfndis.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 ShldFlt; C:\Windows\System32\Drivers\ShldFlt.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 SKMScan; C:\Windows\System32\Drivers\SKMScan.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 SophosBootDriver; C:\Windows\System32\Drivers\SophosBootDriver.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 SpiderG3; C:\Windows\System32\Drivers\SpiderG3.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 ssmdrv; C:\Windows\System32\Drivers\ssmdrv.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 tdifw; C:\Windows\System32\Drivers\tdifw.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 tdi_nf; C:\Windows\System32\Drivers\tdi_nf.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 tmcomm; C:\Windows\System32\Drivers\tmcomm.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 tpdevflt; C:\Windows\System32\Drivers\tpdevflt.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 tpsec; C:\Windows\System32\Drivers\tpsec.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 trufos; C:\Windows\System32\Drivers\trufos.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 TS4NT; C:\Windows\System32\Drivers\TS4NT.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 v3engine; C:\Windows\System32\Drivers\v3engine.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 VBEngNT; C:\Windows\System32\Drivers\VBEngNT.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 Vsdatant; C:\Windows\System32\Drivers\Vsdatant.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 webssx; C:\Windows\System32\Drivers\webssx.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 WNMFLT; C:\Windows\System32\Drivers\WNMFLT.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 wsnf; C:\Windows\System32\Drivers\wsnf.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
U5 wstif; C:\Windows\System32\Drivers\wstif.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
2015-07-25 01:25 - 2015-07-25 01:25 - 00000000 __SHD C:\Documents and Settings\Администратор.TERMINAL\Application Data\gf4VnZnZY6I
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\wstif.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\wsnf.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\wnmflt64.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\wnmflt.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\webssx.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\vsdatant.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\VBEngNT.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\v3engine.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\TS4nt.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\Trufos.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\tpsec.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\tpdevflt.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\tmcomm.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\tdifw.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\tdi_nf.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\ssmdrv.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\spiderg3.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\SophosBootDriver.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\skmscan.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\ShlDrv51.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\ShldFlt.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\scfndis.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\scfdriver.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\sbwtis.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\sbtis.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\sbhips.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\SbFwIm.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\SbFw.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\sbapifs.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\sbaphd.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\savonaccessfilter.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\savonaccesscontrol.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\savonaccess.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\SandBox64.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\SandBox.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\qutmipc.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\qutmdrv.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\PSKMAD.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\PSINReg.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\PSINProt.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\PSINProc.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\PSINKNC.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\PSINFile.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\PSINAflt.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\protreg.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\PROCEXP152.SYS
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\PktIcpt.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\PavProc.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\pavboot64.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\pavboot.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\OAnet.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\OAmon.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\oahlp32.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\OADriver.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\nvcv64mf.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\NSNetmon.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\NSKernel.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\npf.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\NNStlsc.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\NNSStrm.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\NNSSmtp.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\NNSPrv.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\NNSProt.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\NNSPop3.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\NNSPihsw.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\NNSpihs.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\NNSpicc.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\NNSNAHS.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\NNSIds.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\NNSHttps.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\NNSHttp.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\NNSAlpc.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\nnetsecl64.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\nnetsecl.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\nnetsec.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\NETTDI64.SYS
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\neti1644.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\NETFLTDI.SYS
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\netfilter.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\n64i1644.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\mwfsmflt.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\mscank.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\MOBK.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\MiniIcpt.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\mfewfpk.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\mfencrk.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\mfencbdc.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\mfehidk.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\mfefirek.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\mfeelamk.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\mfeclnrk.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\mfebopk.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\mfeavfk.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\mfeapfk.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\McPvDrv.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\mbam.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\llio.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\kwfupper.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\kwflower.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\kvnet.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\kneps.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\KmxStart.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\KmxSbx.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\KmxFw.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\KmxFilter.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\KmxFile.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\KmxCfg.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\KmxCF.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\KmxAMRT.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\KmxAgent.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\klwfp.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\kltdi.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\klim6.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\klim5.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\klif.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\klflt.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\klelam.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\kl2.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\kl1.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\K7TdiHlp.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\K7Sentry.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\K7FWHlpr.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\K7FWFilt.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\inspect.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\idsflt64.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\idsflt.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\hvm.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\HookTdi.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\Hooksys.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\hookport.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\HookHelp.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\HookCentre.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\HipShieldK.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\gzflt.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\ggc.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\gfiutil.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\gfiark.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\gdwfpcd32.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\GDTdiIcpt.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\GDNdisIc.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\GDBehave.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\fwcore.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\fsbts.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\FPAV_RTP.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\fnetmon.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\fnetm64.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\epfwwfpr.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\epfwwfp.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\epfwtdi.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\epfwndis.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\EpfwLWF.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\epfw.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\EMLTDI.SYS
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\ehdrv.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\efimon.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\edevmon.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\econceal.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\eamonm.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\eamon.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\dwprot.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\dw_wfp.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\dsaflt64.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\dsaflt.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\DrWebLwf.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\COMFiltr.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\cmdhlp.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\cmdguard.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\cmderd.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\cfwids.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\CdmDrvNt.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\catflt.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\Bprotect.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\Bhbase.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\Bfmon.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\Bfilter.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\bdvedisk.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\BdSpy.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\bdsnm.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\bdsflt.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\bdsandbox.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\BdNet.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\bdfsfltr.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\BdfNdisf6.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\bdfndisf.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\bdelam.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\BdAgent.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\bcftdi.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\bcfsrm.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\bcfilter.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\bc_tdi_f.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\bc_prt_f.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\bc_pat_f.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\bc_ngn.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\bc_ip_f.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\bc_hash_f.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\BAPIDRV64.SYS
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\BAPIDRV.SYS
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\avnetflt.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\avkmgr.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\avipbb.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\avgwfpa.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\avgtdix.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\avgtdia.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\avgrkx86.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\avgrkx64.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\avgntflt.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\avgmfx86.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\avgmfx64.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\avglogx.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\avgloga.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\avgldx86.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\avgldx64.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\avgidsshimx.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\avgidshx.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\avgidsha.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\avgidsdriverx.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\avgidsdrivera.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\avgfwdx.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\avgfwd6x.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\avgfwd6a.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\avgdiskx.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\avgdiska.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\avgboota.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\avf.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\avckf.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\avchv.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\avc3.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\avasdmft.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\aswVmm.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\aswTdi.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\aswStm.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\aswSP.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\aswSnx.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\aswRvrt.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\aswRdr2.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\aswRdr.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\aswNdisFlt.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\aswNdis2.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\aswNdis.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\aswMon2.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\aswHwid.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\arcawfp.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\apsp.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\APPFLT.SYS
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\apkhelper.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\AMonTDNt.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\AMonTDLH.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\AMonLWLH.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\AMonHKNT.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\amm8660.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\amm8651.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\amm6460.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\ale7_nf64.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\ale7_nf.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\ale_nf64.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\ale_nf.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\ahnsze.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\AhnRghNt.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\AhnRec2k.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\AhnFlt2k.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\afwcore.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\afw.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\abp470n5.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\abndis.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\Aavmker4.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\360SelfProtection.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\360FsFlt.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\360Camera64.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\360Camera.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\360Box64.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\360Box.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\360AvFlt.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\360AntiHacker64.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\360AntiHacker.sys
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\Zillya Internet Security
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\Zillya Antivirus
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\WRData
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\WinRoute Pro
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\Windows Defender
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\Winalysis
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\Webroot
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\VIPRE
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\Vba32
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\UnThreat AntiVirus
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\UnThreat
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\TrustPort
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\TrojanHunter 5.5
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\TrojanHunter
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\Trend Micro
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\TotalDefense
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\Total Defense
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\Symantec AntiVirus
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\StopSign
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\SpyShelter Premium
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\SpyShelter
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\Spybot - Search & Destroy 2
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\Spybot - Search & Destroy
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\Sophos
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\Rising
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\Quick Heal
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\PSafe
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\Proland Software
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\Proland
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\pandasecuritytb
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\Panda Security URL Filtering
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\Panda Security
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\Padvish Antivirus
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\OnlineArmor
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\Online Armor
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\Norton Internet Security
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\Norton AntiVirus
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\Norton 360
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\Norman
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\nanolsp
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\nanoav
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\NANO Antivirus
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\mks_vir_9
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\MicroWorld
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\Microsoft Security Client
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\McAfeeMOBK
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\McAfee.com
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\McAfee Security Scan
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\McAfee
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\Malwarebytes' Anti-Malware
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\Malwarebytes
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\Malware Defender
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\Lavasoft
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\Kerio
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\Kaspersky Lab
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\K7 Computing
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\Jetico
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\IObit
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\IKARUS
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\GFI
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\G DATA Software
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\G Data
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\F-Secure
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\FRISK Software
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\Fortego Security
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\Filseclab
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\ESET
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\eScan
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\Emsisoft Anti-Malware
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\eAcceleration
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\DrWeb Enterprise Suite
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\DrWeb
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\Doctor Web
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\Comodo Downloader
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\COMODO
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\ClamWin
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\CheckPoint
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\CA
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\BullGuard Ltd
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\BullGuard
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\BitGuard
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\Bitdefender
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\Baidu Security
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\Avira
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\AVG Nation toolbar
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\AVG
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\AVAST Software
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\Avanquest
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\Arcabit
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\AntiVirus
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\Alwil Software
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\AhnLab
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\Agnitum
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\Acceleration Software
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\360SD
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\360
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\.clamwin
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Zillya Internet Security
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Zillya Internet Security
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Zillya Antivirus
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Zillya Antivirus
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\WRData
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\WRData
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\WinRoute Pro
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\WinRoute Pro
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Windows Defender
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Windows Defender
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Winalysis
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Winalysis
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Webroot
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Webroot
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\VIPRE
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\VIPRE
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Vba32
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Vba32
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\UnThreat AntiVirus
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\UnThreat AntiVirus
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\UnThreat
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\UnThreat
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\TrustPort
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\TrustPort
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\TrojanHunter 5.5
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\TrojanHunter 5.5
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\TrojanHunter
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\TrojanHunter
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Trend Micro
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Trend Micro
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\TotalDefense
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\TotalDefense
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Total Defense
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Total Defense
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Symantec AntiVirus
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Symantec AntiVirus
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\StopSign
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\StopSign
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\SpyShelter Premium
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\SpyShelter Premium
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\SpyShelter
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\SpyShelter
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy 2
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy 2
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Sophos
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Sophos
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Rising
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Rising
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Quick Heal
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Quick Heal
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\PSafe
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\PSafe
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Proland Software
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Proland Software
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Proland
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Proland
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\pandasecuritytb
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\pandasecuritytb
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Panda Security URL Filtering
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Panda Security URL Filtering
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Panda Security
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Panda Security
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Padvish Antivirus
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Padvish Antivirus
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\OnlineArmor
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\OnlineArmor
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Online Armor
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Online Armor
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Norton Internet Security
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Norton Internet Security
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Norton AntiVirus
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Norton AntiVirus
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Norton 360
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Norton 360
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Norman
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Norman
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\nanolsp
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\nanolsp
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\nanoav
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\nanoav
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\NANO Antivirus
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\NANO Antivirus
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\mks_vir_9
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\mks_vir_9
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\MicroWorld
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\MicroWorld
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft Security Client
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft Security Client
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\McAfeeMOBK
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\McAfeeMOBK
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\McAfee.com
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\McAfee.com
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\McAfee Security Scan
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\McAfee Security Scan
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\McAfee
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\McAfee
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Malwarebytes' Anti-Malware
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Malwarebytes' Anti-Malware
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Malwarebytes
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Malwarebytes
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Malware Defender
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Malware Defender
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Lavasoft
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Lavasoft
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Kerio
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Kerio
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Kaspersky Lab
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Kaspersky Lab
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\K7 Computing
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\K7 Computing
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Jetico
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Jetico
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\IObit
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\IObit
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\IKARUS
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\IKARUS
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\GFI
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\GFI
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\G DATA Software
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\G DATA Software
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\G Data
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\G Data
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\F-Secure
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\F-Secure
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\FRISK Software
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\FRISK Software
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Fortego Security
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Fortego Security
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Filseclab
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Filseclab
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\ESET
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\ESET
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\eScan
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\eScan
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Emsisoft Anti-Malware
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Emsisoft Anti-Malware
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\eAcceleration
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\eAcceleration
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\DrWeb Enterprise Suite
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\DrWeb Enterprise Suite
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\DrWeb
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\DrWeb
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Doctor Web
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Doctor Web
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Comodo Downloader
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Comodo Downloader
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\COMODO
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\COMODO
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\ClamWin
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\ClamWin
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\CheckPoint
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\CheckPoint
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\CA
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\CA
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\BullGuard Ltd
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\BullGuard Ltd
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\BullGuard
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\BullGuard
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\BitGuard
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\BitGuard
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Bitdefender
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Bitdefender
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Baidu Security
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Baidu Security
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Avira
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Avira
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\AVG Nation toolbar
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\AVG Nation toolbar
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\AVG
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\AVG
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\AVAST Software
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\AVAST Software
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Avanquest
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Avanquest
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Arcabit
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Arcabit
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\AntiVirus
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\AntiVirus
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Alwil Software
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Alwil Software
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\AhnLab
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\AhnLab
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Agnitum
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Agnitum
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Acceleration Software
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Acceleration Software
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\360SD
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\360SD
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\360
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\360
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\.clamwin
2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\.clamwin
2015-07-24 14:22 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\Common Files\TrustPort
2015-07-24 14:22 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\Common Files\Panda Security
2015-07-24 14:22 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\Common Files\MicroWorld
2015-07-24 14:22 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\Common Files\McAfee
2015-07-24 14:22 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\Common Files\InfoWatch
2015-07-24 14:22 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\Common Files\G Data
2015-07-24 14:22 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\Common Files\eAcceleration
2015-07-24 14:22 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\Common Files\Doctor Web
2015-07-24 14:22 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\Common Files\BullGuard Ltd
2015-07-24 14:22 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\Common Files\Bitdefender
Hosts:

и сохраните как fixlist.txt в папку с Farbar Recovery Scan Tool.
Отключите до перезагрузки антивирус, закройте все браузеры, запустите FRST, нажмите Fix и подождите. Программа создаст лог-файл (Fixlog.txt). Прикрепите его к своему следующему сообщению.

Перезагрузите сервер и сделайте новые логи Farbar Recovery Scan Tool без галочки "Shortcut.txt".

**aen1975** · 27.07.2015, 19:51

вот лог ( файл hosts очистился после fix - но после перезагрузки вновь "поломался")

**Vvvyg** · 27.07.2015, 21:59

Ещё бы Fixlog.txt увидеть.

Смените администраторский пароль, есть подозрение, что снаружи ломают. Есть к серверу доступ по RDP из интернета?

Скачайте программу Universal Virus Sniffer и сделайте полный образ автозапуска uVS.

**aen1975** · 28.07.2015, 08:56

fixlog в архиве - что с ним не так?

**Vvvyg** · 28.07.2015, 09:22

Не заметил сразу, пардон.
Всё отработало, как задумано, но вернулось на круги своя...

Жду полный образ автозапуска uVS.

**aen1975** · 28.07.2015, 09:36

доступ по RDP есть. редактор реестра не доступен.

в логах нет - но есть подозрительные файлики rdpinst.exe и PsfjH4KN.txt (пустой) в \windows - avast (проверил на другом пк) - win32:malob-hp (cryp).

**Vvvyg** · 28.07.2015, 10:20

Интересно, троян в исполняемом файловом потоке...

А что не по моей ссылке UVS скачали, там последний билд, и настройки под карантин VirusInfo сделаны.
Скачайте ту версию, что я просил и сделайте следующее.

Выполните скрипт в uVS:

Код:

;uVS v3.85.25 [http://dsrt.dyndns.org]
;Target OS: NTv5.2
v385c
zoo %SystemRoot%\RDPINST.EXE
delall %SystemRoot%\RDPINST.EXE
zoo %SystemRoot%\TEMP:1
delall %SystemRoot%\TEMP:1
deldir C:\Windows\System32\Drivers\360AntiHacker.sys
deldir C:\Windows\System32\Drivers\360AvFlt.sys
deldir C:\Windows\System32\Drivers\360Box.sys
deldir C:\Windows\System32\Drivers\360Box64.sys
deldir C:\Windows\System32\Drivers\360Camera.sys
deldir C:\Windows\System32\Drivers\360fsflt.sys
deldir C:\Windows\System32\Drivers\360SelfProtection.sys
deldir C:\Windows\System32\Drivers\ABndis.sys
deldir C:\Windows\System32\Drivers\AFW.sys
deldir C:\Windows\System32\Drivers\afwcore.sys
deldir C:\Windows\System32\Drivers\AhnFlt2K.sys
deldir C:\Windows\System32\Drivers\AhnRec2K.sys
deldir C:\Windows\System32\Drivers\AhnRghNt.sys
deldir C:\Windows\System32\Drivers\AhnSZE.sys
deldir C:\Windows\System32\Drivers\ALE_NF.sys
deldir C:\Windows\System32\Drivers\AMonLWLH.sys
deldir C:\Windows\System32\Drivers\AMonTDLH.sys
deldir C:\Windows\System32\Drivers\APPFLT.sys
deldir C:\Windows\System32\Drivers\arcawfp.sys
deldir C:\Windows\System32\Drivers\aswHwid.sys
deldir C:\Windows\System32\Drivers\aswMonFlt.sys
deldir C:\Windows\System32\Drivers\aswNdis.sys
deldir C:\Windows\System32\Drivers\aswNdis2.sys
deldir C:\Windows\System32\Drivers\aswNdisFlt.sys
deldir C:\Windows\System32\Drivers\aswRdr.sys
deldir C:\Windows\System32\Drivers\aswRvrt.sys
deldir C:\Windows\System32\Drivers\aswSnx.sys
deldir C:\Windows\System32\Drivers\aswSP.sys
deldir C:\Windows\System32\Drivers\aswStm.sys
deldir C:\Windows\System32\Drivers\aswTdi.sys
deldir C:\Windows\System32\Drivers\aswVmm.sys
deldir C:\Windows\System32\Drivers\avasdmft.sys
deldir C:\Windows\System32\Drivers\avc3.sys
deldir C:\Windows\System32\Drivers\avchv.sys
deldir C:\Windows\System32\Drivers\avckf.sys
deldir C:\Windows\System32\Drivers\Avgboota.sys
deldir C:\Windows\System32\Drivers\Avgdiska.sys
deldir C:\Windows\System32\Drivers\Avgdiskx.sys
deldir C:\Windows\System32\Drivers\AVGIDSHA.sys
deldir C:\Windows\System32\Drivers\AVGIDSHX.sys
deldir C:\Windows\System32\Drivers\Avgldx64.sys
deldir C:\Windows\System32\Drivers\Avgldx86.sys
deldir C:\Windows\System32\Drivers\Avgloga.sys
deldir C:\Windows\System32\Drivers\Avglogx.sys
deldir C:\Windows\System32\Drivers\Avgmfx64.sys
deldir C:\Windows\System32\Drivers\Avgmfx86.sys
deldir C:\Windows\System32\Drivers\avgntflt.sys
deldir C:\Windows\System32\Drivers\Avgrkx64.sys
deldir C:\Windows\System32\Drivers\Avgrkx86.sys
deldir C:\Windows\System32\Drivers\Avgtdia.sys
deldir C:\Windows\System32\Drivers\Avgtdix.sys
deldir C:\Windows\System32\Drivers\Avgwfpa.sys
deldir C:\Windows\System32\Drivers\avipbb.sys
deldir C:\Windows\System32\Drivers\avkmgr.sys
deldir C:\Windows\System32\Drivers\avnetflt.sys
deldir C:\Windows\System32\Drivers\BAPIDRV.sys
deldir C:\Windows\System32\Drivers\Bcfilter.sys
deldir C:\Windows\System32\Drivers\bcfsrm.sys
deldir C:\Windows\System32\Drivers\bcftdi.sys
deldir C:\Windows\System32\Drivers\bc_hash_f.sys
deldir C:\Windows\System32\Drivers\bc_ip_f.sys
deldir C:\Windows\System32\Drivers\bc_ngn.sys
deldir C:\Windows\System32\Drivers\bc_pat_f.sys
deldir C:\Windows\System32\Drivers\bc_prt_f.sys
deldir C:\Windows\System32\Drivers\bc_tdi_f.sys
deldir C:\Windows\System32\Drivers\BdAgent.sys
deldir C:\Windows\System32\Drivers\bdelam.sys
deldir C:\Windows\System32\Drivers\Bdfndisf.sys
deldir C:\Windows\System32\Drivers\bdfsfltr.sys
deldir C:\Windows\System32\Drivers\BdNet.sys
deldir C:\Windows\System32\Drivers\BDSandBox.sys
deldir C:\Windows\System32\Drivers\bdsflt.sys
deldir C:\Windows\System32\Drivers\bdsnm.sys
deldir C:\Windows\System32\Drivers\BdSpy.sys
deldir C:\Windows\System32\Drivers\BDVEDISK.sys
deldir C:\Windows\System32\Drivers\Bfilter.sys
deldir C:\Windows\System32\Drivers\Bfmon.sys
deldir C:\Windows\System32\Drivers\Bhbase.sys
deldir C:\Windows\System32\Drivers\Bprotect.sys
deldir C:\Windows\System32\Drivers\catflt.sys
deldir C:\Windows\System32\Drivers\CdmDrvNt.sys
deldir C:\Windows\System32\Drivers\cfwids.sys
deldir C:\Windows\System32\Drivers\cmderd.sys
deldir C:\Windows\System32\Drivers\cmdGuard.sys
deldir C:\Windows\System32\Drivers\cmdHlp.sys
deldir C:\Windows\System32\Drivers\ComFiltr.sys
deldir C:\Windows\System32\Drivers\DrWebLwf.sys
deldir C:\Windows\System32\Drivers\DSAFLT.sys
deldir C:\Windows\System32\Drivers\DwProt.sys
deldir C:\Windows\System32\Drivers\eamon.sys
deldir C:\Windows\System32\Drivers\eamonm.sys
deldir C:\Windows\System32\Drivers\econceal.sys
deldir C:\Windows\System32\Drivers\edevmon.sys
deldir C:\Windows\System32\Drivers\EfiMon.sys
deldir C:\Windows\System32\Drivers\ehdrv.sys
deldir C:\Windows\System32\Drivers\epfw.sys
deldir C:\Windows\System32\Drivers\EpfwLWF.sys
deldir C:\Windows\System32\Drivers\Epfwndis.sys
deldir C:\Windows\System32\Drivers\epfwtdi.sys
deldir C:\Windows\System32\Drivers\epfwwfp.sys
deldir C:\Windows\System32\Drivers\epfwwfpr.sys
deldir C:\Windows\System32\Drivers\FNETMON.sys
deldir C:\Windows\System32\Drivers\FPAV_RTP.sys
deldir C:\Windows\System32\Drivers\fsbts.sys
deldir C:\Windows\System32\Drivers\FWCore.sys
deldir C:\Windows\System32\Drivers\GDBehave.sys
deldir C:\Windows\System32\Drivers\GDNdisIc.sys
deldir C:\Windows\System32\Drivers\gfiark.sys
deldir C:\Windows\System32\Drivers\gfiutil.sys
deldir C:\Windows\System32\Drivers\ggc.sys
deldir C:\Windows\System32\Drivers\gzflt.sys
deldir C:\Windows\System32\Drivers\HipShieldK.sys
deldir C:\Windows\System32\Drivers\HookCentre.sys
deldir C:\Windows\System32\Drivers\HookPort.sys
deldir C:\Windows\System32\Drivers\hooksys.sys
deldir C:\Windows\System32\Drivers\HookTdi.sys
deldir C:\Windows\System32\Drivers\inspect.sys
deldir C:\Windows\System32\Drivers\K7FWFilt.sys
deldir C:\Windows\System32\Drivers\K7FWHlpr.sys
deldir C:\Windows\System32\Drivers\K7Sentry.sys
deldir C:\Windows\System32\Drivers\K7TdiHlp.sys
deldir C:\Windows\System32\Drivers\kl1.sys
deldir C:\Windows\System32\Drivers\klelam.sys
deldir C:\Windows\System32\Drivers\klflt.sys
deldir C:\Windows\System32\Drivers\KLIF.sys
deldir C:\Windows\System32\Drivers\KLIM6.sys
deldir C:\Windows\System32\Drivers\kltdi.sys
deldir C:\Windows\System32\Drivers\klwfp.sys
deldir C:\Windows\System32\Drivers\KmxAgent.sys
deldir C:\Windows\System32\Drivers\KmxAMRT.sys
deldir C:\Windows\System32\Drivers\KmxCF.sys
deldir C:\Windows\System32\Drivers\KmxCfg.sys
deldir C:\Windows\System32\Drivers\KmxFile.sys
deldir C:\Windows\System32\Drivers\KmxFilter.sys
deldir C:\Windows\System32\Drivers\KmxFw.sys
deldir C:\Windows\System32\Drivers\KmxSbx.sys
deldir C:\Windows\System32\Drivers\KmxStart.sys
deldir C:\Windows\System32\Drivers\kneps.sys
deldir C:\Windows\System32\Drivers\kvnet.sys
deldir C:\Windows\System32\Drivers\kwflower.sys
deldir C:\Windows\System32\Drivers\kwfupper.sys
deldir C:\Windows\System32\Drivers\llio.sys
deldir C:\Windows\System32\Drivers\McPvDrv.sys
deldir C:\Windows\System32\Drivers\mfeapfk.sys
deldir C:\Windows\System32\Drivers\mfeavfk.sys
deldir C:\Windows\System32\Drivers\mfebopk.sys
deldir C:\Windows\System32\Drivers\mfeelamk.sys
deldir C:\Windows\System32\Drivers\mfefirek.sys
deldir C:\Windows\System32\Drivers\mfehidk.sys
deldir C:\Windows\System32\Drivers\mfencbdc.sys
deldir C:\Windows\System32\Drivers\mfencrk.sys
deldir C:\Windows\System32\Drivers\mfewfpk.sys
deldir C:\Windows\System32\Drivers\mscank.sys
deldir C:\Windows\System32\Drivers\netfilter.sys
deldir C:\Windows\System32\Drivers\NETFLTDI.sys
deldir C:\Windows\System32\Drivers\nnetsec.sys
deldir C:\Windows\System32\Drivers\NNSALPC.sys
deldir C:\Windows\System32\Drivers\NNSHTTP.sys
deldir C:\Windows\System32\Drivers\NNSHTTPS.sys
deldir C:\Windows\System32\Drivers\NNSIDS.sys
deldir C:\Windows\System32\Drivers\NNSNAHS.sys
deldir C:\Windows\System32\Drivers\NNSPICC.sys
deldir C:\Windows\System32\Drivers\NNSPIHS.sys
deldir C:\Windows\System32\Drivers\NNSPIHSW.sys
deldir C:\Windows\System32\Drivers\NNSPOP3.sys
deldir C:\Windows\System32\Drivers\NNSPROT.sys
deldir C:\Windows\System32\Drivers\NNSPRV.sys
deldir C:\Windows\System32\Drivers\NNSSMTP.sys
deldir C:\Windows\System32\Drivers\NNSSTRM.sys
deldir C:\Windows\System32\Drivers\NNSTLSC.sys
deldir C:\Windows\System32\Drivers\OAmon.sys
deldir C:\Windows\System32\Drivers\OAnet.sys
deldir C:\Windows\System32\Drivers\pavboot.sys
deldir C:\Windows\System32\Drivers\PavProc.sys
deldir \??\C:\WINDOWS\system32\drivers\phkcrcix.sys
deldir C:\Windows\System32\Drivers\PSINAflt.sys
deldir C:\Windows\System32\Drivers\PSINFile.sys
deldir C:\Windows\System32\Drivers\PSINKNC.sys
deldir C:\Windows\System32\Drivers\PSINProc.sys
deldir C:\Windows\System32\Drivers\PSINProt.sys
deldir C:\Windows\System32\Drivers\PSINReg.sys
deldir C:\Windows\System32\Drivers\PSKMAD.sys
deldir C:\Windows\System32\Drivers\qutmipc.sys
deldir C:\Windows\System32\Drivers\SandBox.sys
deldir C:\Windows\System32\Drivers\SAVOnAccess.sys
deldir C:\Windows\System32\Drivers\SAVOnAccessControl.sys
deldir C:\Windows\System32\Drivers\SAVOnAccessFilter.sys
deldir C:\Windows\System32\Drivers\sbaphd.sys
deldir C:\Windows\System32\Drivers\sbapifs.sys
deldir C:\Windows\System32\Drivers\SbFw.sys
deldir C:\Windows\System32\Drivers\sbhips.sys
deldir C:\Windows\System32\Drivers\sbtis.sys
deldir C:\Windows\System32\Drivers\sbwtis.sys
deldir C:\Windows\System32\Drivers\scfdriver.sys
deldir C:\Windows\System32\Drivers\scfndis.sys
deldir C:\Windows\System32\Drivers\ShldFlt.sys
deldir C:\Windows\System32\Drivers\SKMScan.sys
deldir C:\Windows\System32\Drivers\SophosBootDriver.sys
deldir C:\Windows\System32\Drivers\SpiderG3.sys
deldir C:\Windows\System32\Drivers\ssmdrv.sys
deldir C:\Windows\System32\Drivers\tdifw.sys
deldir C:\Windows\System32\Drivers\tdi_nf.sys
deldir C:\Windows\System32\Drivers\tmcomm.sys
deldir C:\Windows\System32\Drivers\tpdevflt.sys
deldir C:\Windows\System32\Drivers\tpsec.sys
deldir C:\Windows\System32\Drivers\trufos.sys
deldir C:\Windows\System32\Drivers\TS4NT.sys
deldir C:\Windows\System32\Drivers\v3engine.sys
deldir C:\Windows\System32\Drivers\VBEngNT.sys
deldir C:\Windows\System32\Drivers\Vsdatant.sys
deldir C:\Windows\System32\Drivers\webssx.sys
deldir C:\Windows\System32\Drivers\WNMFLT.sys
deldir C:\Windows\System32\Drivers\wsnf.sys
deldir C:\Windows\System32\Drivers\wstif.sys
regt 14
regt 35
czoo

Перезагрузите сервер.
В папке с uVS появится архив ZIP с именем, начинающимся с ZOO_ и далее из даты и времени, отправьте этот файл по ссылке "Прислать запрошенный карантин" над над первым сообщением в теме.

В папке с UVS будет лог выполнения скрипта, текстовый файл с именем из даты и времени выполнения, прикрепите его с своему сообщению.

Сделайте новый лог FRST.

**aen1975** · 28.07.2015, 19:08

карантин отправил

лог

**Vvvyg** · 28.07.2015, 21:27

Скормите FRST такой fixlist.txt:

Код:

2015-07-27 18:55 - 2015-07-27 18:55 - 00000000 __SHD C:\Documents and Settings\Администратор.TERMINAL\Application Data\gf4VnZnZY6I
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\Zillya Internet Security
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\Zillya Antivirus
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\WRData
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\WinRoute Pro
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\Windows Defender
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\Winalysis
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\Webroot
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\VIPRE
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\Vba32
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\UnThreat AntiVirus
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\UnThreat
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\TrustPort
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\TrojanHunter 5.5
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\TrojanHunter
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\Trend Micro
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\TotalDefense
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\Total Defense
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\Symantec AntiVirus
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\StopSign
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\SpyShelter Premium
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\SpyShelter
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\Spybot - Search & Destroy 2
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\Spybot - Search & Destroy
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\Sophos
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\Rising
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\Quick Heal
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\PSafe
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\Proland Software
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\Proland
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\pandasecuritytb
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\Panda Security URL Filtering
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\Panda Security
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\Padvish Antivirus
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\OnlineArmor
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\Online Armor
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\Norton Internet Security
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\Norton AntiVirus
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\Norton 360
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\Norman
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\nanolsp
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\nanoav
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\NANO Antivirus
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\mks_vir_9
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\MicroWorld
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\Microsoft Security Client
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\McAfeeMOBK
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\McAfee.com
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\McAfee Security Scan
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\McAfee
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\Malwarebytes' Anti-Malware
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\Malwarebytes
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\Malware Defender
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\Lavasoft
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\Kerio
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\Kaspersky Lab
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\K7 Computing
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\Jetico
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\IObit
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\IKARUS
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\GFI
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\G DATA Software
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\G Data
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\F-Secure
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\FRISK Software
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\Fortego Security
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\Filseclab
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\ESET
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\eScan
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\Emsisoft Anti-Malware
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\eAcceleration
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\DrWeb Enterprise Suite
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\DrWeb
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\Doctor Web
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\Comodo Downloader
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\COMODO
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\Common Files\TrustPort
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\Common Files\Panda Security
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\Common Files\MicroWorld
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\Common Files\McAfee
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\Common Files\InfoWatch
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\Common Files\G Data
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\Common Files\eAcceleration
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\Common Files\Doctor Web
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\Common Files\BullGuard Ltd
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\Common Files\Bitdefender
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\ClamWin
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\CheckPoint
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\CA
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\BullGuard Ltd
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\BullGuard
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\BitGuard
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\Bitdefender
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\Baidu Security
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\Avira
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\AVG Nation toolbar
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\AVG
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\AVAST Software
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\Avanquest
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\Arcabit
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\AntiVirus
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\Alwil Software
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\AhnLab
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\Agnitum
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\Acceleration Software
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\360SD
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\360
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\.clamwin
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Zillya Internet Security
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Zillya Internet Security
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Zillya Antivirus
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Zillya Antivirus
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\WRData
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\WRData
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\WinRoute Pro
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\WinRoute Pro
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Windows Defender
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Windows Defender
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Winalysis
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Winalysis
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Webroot
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Webroot
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\VIPRE
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\VIPRE
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Vba32
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Vba32
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\UnThreat AntiVirus
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\UnThreat AntiVirus
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\UnThreat
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\UnThreat
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\TrustPort
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\TrustPort
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\TrojanHunter 5.5
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\TrojanHunter 5.5
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\TrojanHunter
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\TrojanHunter
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Trend Micro
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Trend Micro
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\TotalDefense
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\TotalDefense
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Total Defense
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Total Defense
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Symantec AntiVirus
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Symantec AntiVirus
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\StopSign
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\StopSign
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\SpyShelter Premium
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\SpyShelter Premium
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\SpyShelter
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\SpyShelter
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy 2
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy 2
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Sophos
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Sophos
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Rising
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Rising
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Quick Heal
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Quick Heal
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\PSafe
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\PSafe
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Proland Software
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Proland Software
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Proland
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Proland
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\pandasecuritytb
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\pandasecuritytb
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Panda Security URL Filtering
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Panda Security URL Filtering
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Panda Security
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Panda Security
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Padvish Antivirus
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Padvish Antivirus
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\OnlineArmor
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\OnlineArmor
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Online Armor
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Online Armor
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Norton Internet Security
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Norton Internet Security
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Norton AntiVirus
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Norton AntiVirus
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Norton 360
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Norton 360
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Norman
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Norman
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\nanolsp
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\nanolsp
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\nanoav
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\nanoav
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\NANO Antivirus
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\NANO Antivirus
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\mks_vir_9
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\mks_vir_9
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\MicroWorld
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\MicroWorld
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft Security Client
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft Security Client
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\McAfeeMOBK
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\McAfeeMOBK
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\McAfee.com
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\McAfee.com
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\McAfee Security Scan
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\McAfee Security Scan
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\McAfee
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\McAfee
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Malwarebytes' Anti-Malware
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Malwarebytes' Anti-Malware
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Malwarebytes
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Malwarebytes
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Malware Defender
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Malware Defender
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Lavasoft
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Lavasoft
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Kerio
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Kerio
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Kaspersky Lab
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Kaspersky Lab
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\K7 Computing
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\K7 Computing
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Jetico
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Jetico
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\IObit
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\IObit
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\IKARUS
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\IKARUS
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\GFI
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\GFI
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\G DATA Software
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\G DATA Software
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\G Data
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\G Data
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\F-Secure
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\F-Secure
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\FRISK Software
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\FRISK Software
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Fortego Security
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Fortego Security
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Filseclab
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Filseclab
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\ESET
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\ESET
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\eScan
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\eScan
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Emsisoft Anti-Malware
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Emsisoft Anti-Malware
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\eAcceleration
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\eAcceleration
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\DrWeb Enterprise Suite
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\DrWeb Enterprise Suite
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\DrWeb
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\DrWeb
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Doctor Web
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Doctor Web
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Comodo Downloader
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Comodo Downloader
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\COMODO
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\COMODO
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\ClamWin
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\ClamWin
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\CheckPoint
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\CheckPoint
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\CA
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\CA
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\BullGuard Ltd
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\BullGuard Ltd
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\BullGuard
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\BullGuard
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\BitGuard
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\BitGuard
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Bitdefender
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Bitdefender
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Baidu Security
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Baidu Security
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Avira
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Avira
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\AVG Nation toolbar
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\AVG Nation toolbar
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\AVG
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\AVG
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\AVAST Software
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\AVAST Software
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Avanquest
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Avanquest
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Arcabit
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Arcabit
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\AntiVirus
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\AntiVirus
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Alwil Software
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Alwil Software
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\AhnLab
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\AhnLab
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Agnitum
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Agnitum
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Acceleration Software
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Acceleration Software
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\360SD
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\360SD
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\360
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\360
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\.clamwin
2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\.clamwin
2015-07-27 18:54 - 2015-07-27 18:54 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\wnmflt64.sys
2015-07-27 18:54 - 2015-07-27 18:54 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS
2015-07-27 18:54 - 2015-07-27 18:54 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\ShlDrv51.sys
2015-07-27 18:54 - 2015-07-27 18:54 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\SbFwIm.sys
2015-07-27 18:54 - 2015-07-27 18:54 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\SandBox64.sys
2015-07-27 18:54 - 2015-07-27 18:54 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\qutmdrv.sys
2015-07-27 18:54 - 2015-07-27 18:54 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\protreg.sys
2015-07-27 18:54 - 2015-07-27 18:54 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\PROCEXP152.SYS
2015-07-27 18:54 - 2015-07-27 18:54 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\PktIcpt.sys
2015-07-27 18:54 - 2015-07-27 18:54 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\pavboot64.sys
2015-07-27 18:54 - 2015-07-27 18:54 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\oahlp32.sys
2015-07-27 18:54 - 2015-07-27 18:54 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\OADriver.sys
2015-07-27 18:54 - 2015-07-27 18:54 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\nvcv64mf.sys
2015-07-27 18:54 - 2015-07-27 18:54 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\NSNetmon.sys
2015-07-27 18:54 - 2015-07-27 18:54 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\NSKernel.sys
2015-07-27 18:54 - 2015-07-27 18:54 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\npf.sys
2015-07-27 18:54 - 2015-07-27 18:54 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\nnetsecl64.sys
2015-07-27 18:54 - 2015-07-27 18:54 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\nnetsecl.sys
2015-07-27 18:54 - 2015-07-27 18:54 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\NETTDI64.SYS
2015-07-27 18:54 - 2015-07-27 18:54 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\neti1644.sys
2015-07-27 18:54 - 2015-07-27 18:54 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\n64i1644.sys
2015-07-27 18:54 - 2015-07-27 18:54 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\mwfsmflt.sys
2015-07-27 18:54 - 2015-07-27 18:54 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\MOBK.sys
2015-07-27 18:54 - 2015-07-27 18:54 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\MiniIcpt.sys
2015-07-27 18:54 - 2015-07-27 18:54 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\mfeclnrk.sys
2015-07-27 18:54 - 2015-07-27 18:54 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\mbam.sys
2015-07-27 18:54 - 2015-07-27 18:54 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\klim5.sys
2015-07-27 18:54 - 2015-07-27 18:54 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\kl2.sys
2015-07-27 18:54 - 2015-07-27 18:54 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\idsflt64.sys
2015-07-27 18:54 - 2015-07-27 18:54 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\idsflt.sys
2015-07-27 18:54 - 2015-07-27 18:54 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\hvm.sys
2015-07-27 18:54 - 2015-07-27 18:54 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\HookHelp.sys
2015-07-27 18:54 - 2015-07-27 18:54 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\gdwfpcd32.sys
2015-07-27 18:54 - 2015-07-27 18:54 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\GDTdiIcpt.sys
2015-07-27 18:54 - 2015-07-27 18:54 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\fnetm64.sys
2015-07-27 18:54 - 2015-07-27 18:54 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\EMLTDI.SYS
2015-07-27 18:54 - 2015-07-27 18:54 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\dw_wfp.sys
2015-07-27 18:54 - 2015-07-27 18:54 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\dsaflt64.sys
2015-07-27 18:54 - 2015-07-27 18:54 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\BdfNdisf6.sys
2015-07-27 18:54 - 2015-07-27 18:54 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\BAPIDRV64.SYS
2015-07-27 18:54 - 2015-07-27 18:54 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\avgidsshimx.sys
2015-07-27 18:54 - 2015-07-27 18:54 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\avgidsdriverx.sys
2015-07-27 18:54 - 2015-07-27 18:54 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\avgidsdrivera.sys
2015-07-27 18:54 - 2015-07-27 18:54 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\avgfwdx.sys
2015-07-27 18:54 - 2015-07-27 18:54 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\avgfwd6x.sys
2015-07-27 18:54 - 2015-07-27 18:54 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\avgfwd6a.sys
2015-07-27 18:54 - 2015-07-27 18:54 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\avf.sys
2015-07-27 18:54 - 2015-07-27 18:54 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\aswRdr2.sys
2015-07-27 18:54 - 2015-07-27 18:54 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\aswMon2.sys
2015-07-27 18:54 - 2015-07-27 18:54 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\apsp.sys
2015-07-27 18:54 - 2015-07-27 18:54 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\apkhelper.sys
2015-07-27 18:54 - 2015-07-27 18:54 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\AMonTDNt.sys
2015-07-27 18:54 - 2015-07-27 18:54 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\AMonHKNT.sys
2015-07-27 18:54 - 2015-07-27 18:54 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\amm8660.sys
2015-07-27 18:54 - 2015-07-27 18:54 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\amm8651.sys
2015-07-27 18:54 - 2015-07-27 18:54 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\amm6460.sys
2015-07-27 18:54 - 2015-07-27 18:54 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\ale7_nf64.sys
2015-07-27 18:54 - 2015-07-27 18:54 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\ale7_nf.sys
2015-07-27 18:54 - 2015-07-27 18:54 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\ale_nf64.sys
2015-07-27 18:54 - 2015-07-27 18:54 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\abp470n5.sys
2015-07-27 18:54 - 2015-07-27 18:54 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\Aavmker4.sys
2015-07-27 18:54 - 2015-07-27 18:54 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\360Camera64.sys
2015-07-27 18:54 - 2015-07-27 18:54 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\360AntiHacker64.sys
2015-07-24 20:40 - 2015-07-27 20:44 - 00000000 ___SH C:\WINDOWS\PsfjH4KN.txt
HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local: [ActivePolicy] SOFTWARE\Policies\Microsoft\Windows\IPSEC\Policy\Local\ipsecPolicy{b4f9004c-904c-45a5-8711-3501b4a3f465} <======= ATTENTION (Policy restriction on IP)

Новый Fixlog.txt прикрепите.

Проверьте содержимое архива C:\WINDOWS\rdp.rar на virustotal.com.

Выполните 2-й стандартный скрипт в AVZ, только скачайте программу отсюда, обновление баз не требуется.
Прикрепите к своему следующему сообщению файл virusinfo_syscheck.zip.

**aen1975** · 28.07.2015, 23:18

в архиве есть rdpinst - там вирус https://www.virustotal.com/ru/file/5...is/1438114076/

папки от пустых папок и файлов очистились

**Vvvyg** · 28.07.2015, 23:28

Какие ещё проблемы остались?

**aen1975** · 28.07.2015, 23:52

Сообщение от Vvvyg

Какие ещё проблемы остались?

не могу корректно удалить MBAM - Ошибка приложения mbam.exe, версия 2.3.55.0, модуль msvcr100.dll, версия 10.0.40219.325, адрес 0x0008d6fd.

и установить антивирус например Symantec -

Сбой при запуске службы "Symantec Real Time Storage Protection (PEL)" из-за ошибки
Указанная служба не может быть запущена, поскольку она отключена или все связанные с ней устройства отключены.

Тип запуска службы "Symantec Extended File Attributes (SI)" был изменен с "загрузка" на "отключено".

Устройство Root\LEGACY_SRTSPX\0000 было отключено из системы без предварительной подготовки.

Служба "Symantec Endpoint Protection" перешла в состояние "Остановлена".

Установщик Windows выполнил установку продукта. Продукт: Symantec Endpoint Protection Client. Версия: 12.1.5337.5000. Язык: 1033. Установка завершена с состоянием: 1603.

да и smss.exe смущает

**Vvvyg** · 29.07.2015, 00:15

Symantec Endpoint Security удалите штатно, потом прогоните Norton Removal Tool - возможно, поможет.

Насчёт smss.exe - не обращайте внимания, особенность восприятия серверных систем avz и другими утилитами.

По поводу MBAM - завтра попробуем грубой силой вычистить.

**aen1975** · 29.07.2015, 17:38

SEP - не установлен (был раньше - переустановить не давали вирусы) - NRT запускается в никуда ... т.е. тишина.

Ошибка приложения SymNRT.exe, версия 22.5.0.4, модуль SymNRT.exe, версия 22.5.0.4, адрес 0x00023ca2.

Нельзя прочесть раздел реестра для строк счетчика производительности, код языка 009. Возвращенное состояние Win32 находится в первом DWORD секции данных.

**Vvvyg** · 29.07.2015, 21:52

С проблемами SES лучше в ТП Symantec обращаться. Или пробовать другой антивирус устанавливать.

MBAM пробуйте таким скриптом удалить.

Код:

;uVS v3.85.26 [http://dsrt.dyndns.org]
;Target OS: NTv5.2
v385c
del %Sys32%\DRIVERS\MBAMSWISSARMY.SYS
delref %Sys32%\DRIVERS\MBAMSWISSARMY.SYS
deldirex %SystemDrive%\PROGRAM FILES\MALWAREBYTES ANTI-MALWARE
uidel "C:\Program Files\Malwarebytes Anti-Malware\unins000.exe"
delref %SystemDrive%\POKER\POKER 770\WIDGETBAR\PTCONTAINERUI.DLL
delref %SystemDrive%\POKER\POKER 770\WIDGETBAR\WIDGETBARAPI.DLL
delref %SystemDrive%\POKER\POKER 770\WIDGETBAR\WIDGETBARMANAGERUI.DLL
delref %SystemDrive%\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\SYMANTEC\SYKNAPPS\SYKNAPPS.DLL

И перезагрузка.

**aen1975** · 30.07.2015, 11:33

MBAM удалился, антивирус установился. Допрос с пристрастием отложил до приезда на место.

Опции темы

&amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;am p;a mp;a mp;a mp;a mp;a mp;a mp;a mp;a mp;a mp;a mp;a mp;a mp;a mp;a mp;a mp;a mp;a mp;a mp;a mp;a mp;a mp;a mp;a mp;a mp;a mp;a mp;a mp;q uot; Подо зрен и е на маскировку ключа реестра службы/драйве

Это понравилось:

Похожие темы

Avz при проверке выявил подозрение на маскировку ключа реестра службы\драйвера "PLFlash DeviceIoControl Servic"

Подозрение на маскировку ключа реестра службы/Драйвера

Подозрение на маскировку ключа реестра службы\драйвера "powfnfz"

AVZ пишет "Подозрение на маскировку ключа реестра службы\драйвера "zkgtvln" "

Подозрение на маскировку ключа реестра службы\драйвера "mshomo.sys"

Ваши права в разделе

Опции темы

&amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;amp;am p;a mp;a mp;a mp;a mp;a mp;a mp;a mp;a mp;a mp;a mp;a mp;a mp;a mp;a mp;a mp;a mp;a mp;a mp;a mp;a mp;a mp;a mp;a mp;a mp;a mp;a mp;a mp;q uot; Подо зрен и е на маскировку ключа реестра службы/драйве

Это понравилось:

Похожие темы

Avz при проверке выявил подозрение на маскировку ключа реестра службы\драйвера "PLFlash DeviceIoControl Servic"

Подозрение на маскировку ключа реестра службы/Драйвера

Подозрение на маскировку ключа реестра службы\драйвера "powfnfz"

AVZ пишет "Подозрение на маскировку ключа реестра службы\драйвера "zkgtvln" "

Подозрение на маскировку ключа реестра службы\драйвера "mshomo.sys"

Ваши права в разделе

&amp;amp;amp;amp;amp;amp;amp;amp;amp;am p;a mp;a mp;a mp;a mp;a mp;a mp;a mp;a mp;a mp;a mp;a mp;a mp;a mp;a mp;a mp;a mp;a mp;a mp;a mp;a mp;a mp;a mp;a mp;a mp;a mp;a mp;a mp;q uot; Подо зрен и е на маскировку ключа реестра службы/драйве