Страница 1 из 2 12 Последняя
Показано с 1 по 20 из 21.

&am p;a mp;a mp;a mp;a mp;a mp;a mp;a mp;a mp;a mp;a mp;a mp;a mp;a mp;a mp;a mp;a mp;a mp;a mp;a mp;a mp;a mp;a mp;a mp;a mp;a mp;a mp;a mp;q uot; Подо зрен и е на маскировку ключа реестра службы/драйве (заявка № 187581)

  1. #1
    Junior Member Репутация
    Регистрация
    24.07.2015
    Сообщений
    15
    Вес репутации
    9

    &am p;a mp;a mp;a mp;a mp;a mp;a mp;a mp;a mp;a mp;a mp;a mp;a mp;a mp;a mp;a mp;a mp;a mp;a mp;a mp;a mp;a mp;a mp;a mp;a mp;a mp;a mp;a mp;q uot; Подо зрен и е на маскировку ключа реестра службы/драйве

    Стоял себе работал сервер Win`2003 (Terminal). При проверке заметил, что нет антивируса (вернее он как бы есть но работает и не открываются некоторые сайты!!!! При попытке переустановить Symantec или Kaspersky в последний момент почти установившийся продукт (например - Служба "Symantec Endpoint Protection" перешла в состояние "Работает".) откатывался назад (В разделе реестра SRTSP запрещен доступ к программам учетной записи SYSTEM, поэтому владельцем раздела реестра стал диспетчер служб. и Установщик Windows выполнил установку продукта. Продукт: Symantec Endpoint Protection Client. Версия: 12.1.5337.5000. Язык: 1033. Установка завершена с состоянием: 1603.)

    Файлик hosts содержит 276 "нулевых" записей - список сайтов антивирусов и утилит. Эти же 276 записей есть в Program Files и C:\Documents and Settings\Администратор.TERMINAL\Application Data в виде скрытых файликов с пустыми правами доступа, они же 276 скрытых пустых - но уже папок - в system32\drivers\360AntiHacker.sys и т.п. (список этих 276 будет перечислен в отчете AVZ как "Подозрение на маскировку ключа реестра службы/драйвера")
    Вложения Вложения

  2. Будь в курсе!
    Реклама на VirusInfo

    Надоело быть жертвой? Стань профи по информационной безопасности, получай самую свежую информацию об угрозах и средствах защиты от ведущего российского аналитического центра Anti-Malware.ru:

    Anti-Malware Telegram
     

  3. #2
    Cyber Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация Аватар для Info_bot
    Регистрация
    11.05.2011
    Сообщений
    2,460
    Вес репутации
    342
    Уважаемый(ая) aen1975, спасибо за обращение на наш форум!

    Помощь в лечении комьютера на VirusInfo.Info оказывается абсолютно бесплатно. Хелперы в самое ближайшее время ответят на Ваш запрос. Для оказания помощи необходимо предоставить логи сканирования утилитами АВЗ и HiJackThis, подробнее можно прочитать в правилах оформления запроса о помощи.

    Если наш сайт окажется полезен Вам и у Вас будет такая возможность - пожалуйста поддержите проект.

  4. #3
    Senior Helper Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация
    Регистрация
    06.05.2008
    Адрес
    Тула
    Сообщений
    26,585
    Вес репутации
    836
    Скачайте Farbar Recovery Scan Tool и сохраните на Рабочем столе.

    Примечание: необходимо выбрать версию, совместимую с Вашей операционной системой. Если Вы не уверены, какая версия подойдет для Вашей системы, скачайте обе и попробуйте запустить. Только одна из них запустится на Вашей системе.
    Запустите программу. Когда программа запустится, нажмите Yes для соглашения с предупреждением.
    Отметьте галочками также "Shortcut.txt".

    Нажмите кнопку Scan.
    После окончания сканирования будут созданы отчеты FRST.txt, Addition.txt, Shortcut.txt в той же папке, откуда была запущена программа.
    Прикрепите эти файлы к своему следующему сообщению (можно все в одном архиве).
    WBR,
    Vadim

  5. #4
    Junior Member Репутация
    Регистрация
    24.07.2015
    Сообщений
    15
    Вес репутации
    9
    frst
    Вложения Вложения

  6. #5
    Senior Helper Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация
    Регистрация
    06.05.2008
    Адрес
    Тула
    Сообщений
    26,585
    Вес репутации
    836
    Откройте Блокнот (Старт =>Программы => Стандартные => Блокнот). Скопируйте в него следующий код:
    Код:
    CreateRestorePoint:
    IFEO\Adaware_Installer.exe: [Debugger] msiexec.exe
    IFEO\autoruns.exe: [Debugger] msiexec.exe
    IFEO\autorunsc.exe: [Debugger] msiexec.exe
    IFEO\avast_free_antivirus_setup_online.exe: [Debugger] msiexec.exe
    IFEO\avast_internet_security_setup.exe: [Debugger] msiexec.exe
    IFEO\avast_internet_security_setup_online.exe: [Debugger] msiexec.exe
    IFEO\avast_premier_antivirus_setup_online.exe: [Debugger] msiexec.exe
    IFEO\avira_family_protection_suite_ru.exe: [Debugger] msiexec.exe
    IFEO\avira_ultimate_protection_suite_ru.exe: [Debugger] msiexec.exe
    IFEO\BavPro_Setup_Mini_GL.exe: [Debugger] msiexec.exe
    IFEO\bitdefender_tsecurity.exe: [Debugger] msiexec.exe
    IFEO\BullGuardDownloaderBPP.exe: [Debugger] msiexec.exe
    IFEO\cispremium_installer.exe: [Debugger] msiexec.exe
    IFEO\ClamAVSetup.exe: [Debugger] msiexec.exe
    IFEO\cureit.exe: [Debugger] msiexec.exe
    IFEO\drweb-900-win-space.exe: [Debugger] msiexec.exe
    IFEO\drweb-900-win.exe: [Debugger] msiexec.exe
    IFEO\EmsisoftEmergencyKit.exe: [Debugger] msiexec.exe
    IFEO\EmsisoftInternetSecuritySetup.exe: [Debugger] msiexec.exe
    IFEO\ess_trial32_rus.exe: [Debugger] msiexec.exe
    IFEO\F-SecureNetworkInstallerUpg.exe: [Debugger] msiexec.exe
    IFEO\F-SecureNetworkInstaller_IS-ESTORE-TRIAL-GLOBAL_.exe: [Debugger] msiexec.exe
    IFEO\HijackThis.exe: [Debugger] msiexec.exe
    IFEO\HousecallLauncher.exe: [Debugger] msiexec.exe
    IFEO\K7UltimateSecurity_installer.exe: [Debugger] msiexec.exe
    IFEO\McAfeeSetup.exe: [Debugger] msiexec.exe
    IFEO\md_setup_en.exe: [Debugger] msiexec.exe
    IFEO\OnlineArmorSetup.exe: [Debugger] msiexec.exe
    IFEO\OutpostSecuritySuiteProInstall.exe: [Debugger] msiexec.exe
    IFEO\OutpostSecuritySuiteProInstall_x64.exe: [Debugger] msiexec.exe
    IFEO\PadvishAntivirusFree.exe: [Debugger] msiexec.exe
    IFEO\PandaCloudAntivirus.exe: [Debugger] msiexec.exe
    IFEO\ProcessHacker.exe: [Debugger] msiexec.exe
    IFEO\procexp.exe: [Debugger] msiexec.exe
    IFEO\PSafeAntivirusSetup.exe: [Debugger] msiexec.exe
    IFEO\registry-life-setup.exe: [Debugger] msiexec.exe
    IFEO\SandboxieInstall.exe: [Debugger] msiexec.exe
    IFEO\SecurityScan_Release.exe: [Debugger] msiexec.exe
    IFEO\setup-vipre-internet-security-en-us-trial.exe: [Debugger] msiexec.exe
    IFEO\SoftonicDownloader_for_panda-antivirus-pro.exe: [Debugger] msiexec.exe
    IFEO\SpyShelter.exe: [Debugger] msiexec.exe
    IFEO\stop-sign_install.exe: [Debugger] msiexec.exe
    IFEO\TrojanHunterSetup.exe: [Debugger] msiexec.exe
    IFEO\UnThreatProSetup.exe: [Debugger] msiexec.exe
    IFEO\Vba32.Vista.exe: [Debugger] msiexec.exe
    IFEO\Wireshark.exe: [Debugger] msiexec.exe
    U5 360AntiHacker; C:\Windows\System32\Drivers\360AntiHacker.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 360AvFlt; C:\Windows\System32\Drivers\360AvFlt.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 360Box; C:\Windows\System32\Drivers\360Box.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 360Box64; C:\Windows\System32\Drivers\360Box64.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 360Camera; C:\Windows\System32\Drivers\360Camera.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 360fsflt; C:\Windows\System32\Drivers\360fsflt.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 360SelfProtection; C:\Windows\System32\Drivers\360SelfProtection.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 ABndis; C:\Windows\System32\Drivers\ABndis.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 AFW; C:\Windows\System32\Drivers\AFW.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 afwcore; C:\Windows\System32\Drivers\afwcore.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 AhnFlt2K; C:\Windows\System32\Drivers\AhnFlt2K.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 AhnRec2K; C:\Windows\System32\Drivers\AhnRec2K.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 AhnRghNt; C:\Windows\System32\Drivers\AhnRghNt.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 AhnSZE; C:\Windows\System32\Drivers\AhnSZE.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 ALE_NF; C:\Windows\System32\Drivers\ALE_NF.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 AMonLWLH; C:\Windows\System32\Drivers\AMonLWLH.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 AMonTDLH; C:\Windows\System32\Drivers\AMonTDLH.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 APPFLT; C:\Windows\System32\Drivers\APPFLT.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 arcawfp; C:\Windows\System32\Drivers\arcawfp.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 aswHwid; C:\Windows\System32\Drivers\aswHwid.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 aswMonFlt; C:\Windows\System32\Drivers\aswMonFlt.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 aswNdis; C:\Windows\System32\Drivers\aswNdis.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 aswNdis2; C:\Windows\System32\Drivers\aswNdis2.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 aswNdisFlt; C:\Windows\System32\Drivers\aswNdisFlt.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 aswRdr; C:\Windows\System32\Drivers\aswRdr.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 aswSP; C:\Windows\System32\Drivers\aswSP.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 aswStm; C:\Windows\System32\Drivers\aswStm.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 avasdmft; C:\Windows\System32\Drivers\avasdmft.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 avc3; C:\Windows\System32\Drivers\avc3.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 avchv; C:\Windows\System32\Drivers\avchv.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 avckf; C:\Windows\System32\Drivers\avckf.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 Avgboota; C:\Windows\System32\Drivers\Avgboota.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 Avgdiska; C:\Windows\System32\Drivers\Avgdiska.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 Avgdiskx; C:\Windows\System32\Drivers\Avgdiskx.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 AVGIDSHA; C:\Windows\System32\Drivers\AVGIDSHA.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 AVGIDSHX; C:\Windows\System32\Drivers\AVGIDSHX.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 Avgldx64; C:\Windows\System32\Drivers\Avgldx64.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 Avgldx86; C:\Windows\System32\Drivers\Avgldx86.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 Avgloga; C:\Windows\System32\Drivers\Avgloga.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 Avglogx; C:\Windows\System32\Drivers\Avglogx.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 Avgmfx64; C:\Windows\System32\Drivers\Avgmfx64.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 Avgmfx86; C:\Windows\System32\Drivers\Avgmfx86.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 avgntflt; C:\Windows\System32\Drivers\avgntflt.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 Avgrkx64; C:\Windows\System32\Drivers\Avgrkx64.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 Avgrkx86; C:\Windows\System32\Drivers\Avgrkx86.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 Avgtdia; C:\Windows\System32\Drivers\Avgtdia.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 Avgtdix; C:\Windows\System32\Drivers\Avgtdix.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 Avgwfpa; C:\Windows\System32\Drivers\Avgwfpa.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 avipbb; C:\Windows\System32\Drivers\avipbb.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 avkmgr; C:\Windows\System32\Drivers\avkmgr.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 avnetflt; C:\Windows\System32\Drivers\avnetflt.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 BAPIDRV; C:\Windows\System32\Drivers\BAPIDRV.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 Bcfilter; C:\Windows\System32\Drivers\Bcfilter.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 bcfsrm; C:\Windows\System32\Drivers\bcfsrm.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 bcftdi; C:\Windows\System32\Drivers\bcftdi.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 bc_hash_f; C:\Windows\System32\Drivers\bc_hash_f.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 bc_ip_f; C:\Windows\System32\Drivers\bc_ip_f.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 bc_ngn; C:\Windows\System32\Drivers\bc_ngn.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 bc_pat_f; C:\Windows\System32\Drivers\bc_pat_f.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 bc_prt_f; C:\Windows\System32\Drivers\bc_prt_f.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 bc_tdi_f; C:\Windows\System32\Drivers\bc_tdi_f.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 BdAgent; C:\Windows\System32\Drivers\BdAgent.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 bdelam; C:\Windows\System32\Drivers\bdelam.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 Bdfndisf; C:\Windows\System32\Drivers\Bdfndisf.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 bdfsfltr; C:\Windows\System32\Drivers\bdfsfltr.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 BdNet; C:\Windows\System32\Drivers\BdNet.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 BDSandBox; C:\Windows\System32\Drivers\BDSandBox.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 bdsflt; C:\Windows\System32\Drivers\bdsflt.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 bdsnm; C:\Windows\System32\Drivers\bdsnm.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 BdSpy; C:\Windows\System32\Drivers\BdSpy.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 BDVEDISK; C:\Windows\System32\Drivers\BDVEDISK.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 Bfilter; C:\Windows\System32\Drivers\Bfilter.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 Bfmon; C:\Windows\System32\Drivers\Bfmon.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 Bhbase; C:\Windows\System32\Drivers\Bhbase.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 Bprotect; C:\Windows\System32\Drivers\Bprotect.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 catflt; C:\Windows\System32\Drivers\catflt.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 CdmDrvNt; C:\Windows\System32\Drivers\CdmDrvNt.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 cfwids; C:\Windows\System32\Drivers\cfwids.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 cmderd; C:\Windows\System32\Drivers\cmderd.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 cmdGuard; C:\Windows\System32\Drivers\cmdGuard.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 cmdHlp; C:\Windows\System32\Drivers\cmdHlp.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 ComFiltr; C:\Windows\System32\Drivers\ComFiltr.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 DrWebLwf; C:\Windows\System32\Drivers\DrWebLwf.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 DSAFLT; C:\Windows\System32\Drivers\DSAFLT.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 DwProt; C:\Windows\System32\Drivers\DwProt.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 eamon; C:\Windows\System32\Drivers\eamon.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 eamonm; C:\Windows\System32\Drivers\eamonm.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 econceal; C:\Windows\System32\Drivers\econceal.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 edevmon; C:\Windows\System32\Drivers\edevmon.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 EfiMon; C:\Windows\System32\Drivers\EfiMon.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 ehdrv; C:\Windows\System32\Drivers\ehdrv.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 epfw; C:\Windows\System32\Drivers\epfw.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 EpfwLWF; C:\Windows\System32\Drivers\EpfwLWF.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 Epfwndis; C:\Windows\System32\Drivers\Epfwndis.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 epfwtdi; C:\Windows\System32\Drivers\epfwtdi.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 epfwwfp; C:\Windows\System32\Drivers\epfwwfp.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 epfwwfpr; C:\Windows\System32\Drivers\epfwwfpr.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 FNETMON; C:\Windows\System32\Drivers\FNETMON.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 FPAV_RTP; C:\Windows\System32\Drivers\FPAV_RTP.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 fsbts; C:\Windows\System32\Drivers\fsbts.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 FWCore; C:\Windows\System32\Drivers\FWCore.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 GDBehave; C:\Windows\System32\Drivers\GDBehave.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 GDNdisIc; C:\Windows\System32\Drivers\GDNdisIc.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 gfiark; C:\Windows\System32\Drivers\gfiark.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 gfiutil; C:\Windows\System32\Drivers\gfiutil.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 ggc; C:\Windows\System32\Drivers\ggc.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 gzflt; C:\Windows\System32\Drivers\gzflt.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 HipShieldK; C:\Windows\System32\Drivers\HipShieldK.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 HookCentre; C:\Windows\System32\Drivers\HookCentre.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 HookPort; C:\Windows\System32\Drivers\HookPort.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 hooksys; C:\Windows\System32\Drivers\hooksys.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 HookTdi; C:\Windows\System32\Drivers\HookTdi.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 IDSFLT; C:\Windows\System32\Drivers\IDSFLT.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 inspect; C:\Windows\System32\Drivers\inspect.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 K7FWFilt; C:\Windows\System32\Drivers\K7FWFilt.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 K7FWHlpr; C:\Windows\System32\Drivers\K7FWHlpr.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 K7Sentry; C:\Windows\System32\Drivers\K7Sentry.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 K7TdiHlp; C:\Windows\System32\Drivers\K7TdiHlp.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 kl1; C:\Windows\System32\Drivers\kl1.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 klelam; C:\Windows\System32\Drivers\klelam.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 klflt; C:\Windows\System32\Drivers\klflt.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 KLIF; C:\Windows\System32\Drivers\KLIF.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 KLIM6; C:\Windows\System32\Drivers\KLIM6.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 kltdi; C:\Windows\System32\Drivers\kltdi.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 klwfp; C:\Windows\System32\Drivers\klwfp.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 KmxAgent; C:\Windows\System32\Drivers\KmxAgent.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 KmxAMRT; C:\Windows\System32\Drivers\KmxAMRT.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 KmxCF; C:\Windows\System32\Drivers\KmxCF.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 KmxCfg; C:\Windows\System32\Drivers\KmxCfg.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 KmxFile; C:\Windows\System32\Drivers\KmxFile.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 KmxFilter; C:\Windows\System32\Drivers\KmxFilter.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 KmxFw; C:\Windows\System32\Drivers\KmxFw.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 KmxSbx; C:\Windows\System32\Drivers\KmxSbx.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 KmxStart; C:\Windows\System32\Drivers\KmxStart.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 kneps; C:\Windows\System32\Drivers\kneps.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 kvnet; C:\Windows\System32\Drivers\kvnet.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 kwflower; C:\Windows\System32\Drivers\kwflower.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 kwfupper; C:\Windows\System32\Drivers\kwfupper.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 McPvDrv; C:\Windows\System32\Drivers\McPvDrv.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 mfeapfk; C:\Windows\System32\Drivers\mfeapfk.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 mfeavfk; C:\Windows\System32\Drivers\mfeavfk.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 mfebopk; C:\Windows\System32\Drivers\mfebopk.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 mfeelamk; C:\Windows\System32\Drivers\mfeelamk.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 mfefirek; C:\Windows\System32\Drivers\mfefirek.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 mfehidk; C:\Windows\System32\Drivers\mfehidk.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 mfencbdc; C:\Windows\System32\Drivers\mfencbdc.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 mfencrk; C:\Windows\System32\Drivers\mfencrk.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 mfewfpk; C:\Windows\System32\Drivers\mfewfpk.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 mscank; C:\Windows\System32\Drivers\mscank.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 netfilter; C:\Windows\System32\Drivers\netfilter.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 NETFLTDI; C:\Windows\System32\Drivers\NETFLTDI.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 nnetsec; C:\Windows\System32\Drivers\nnetsec.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 NNSALPC; C:\Windows\System32\Drivers\NNSALPC.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 NNSHTTP; C:\Windows\System32\Drivers\NNSHTTP.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 NNSHTTPS; C:\Windows\System32\Drivers\NNSHTTPS.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 NNSIDS; C:\Windows\System32\Drivers\NNSIDS.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 NNSNAHS; C:\Windows\System32\Drivers\NNSNAHS.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 NNSPICC; C:\Windows\System32\Drivers\NNSPICC.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 NNSPIHS; C:\Windows\System32\Drivers\NNSPIHS.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 NNSPIHSW; C:\Windows\System32\Drivers\NNSPIHSW.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 NNSPOP3; C:\Windows\System32\Drivers\NNSPOP3.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 NNSPROT; C:\Windows\System32\Drivers\NNSPROT.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 NNSPRV; C:\Windows\System32\Drivers\NNSPRV.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 NNSSMTP; C:\Windows\System32\Drivers\NNSSMTP.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 NNSSTRM; C:\Windows\System32\Drivers\NNSSTRM.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 NNSTLSC; C:\Windows\System32\Drivers\NNSTLSC.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 OAmon; C:\Windows\System32\Drivers\OAmon.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 OAnet; C:\Windows\System32\Drivers\OAnet.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 pavboot; C:\Windows\System32\Drivers\pavboot.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 PavProc; C:\Windows\System32\Drivers\PavProc.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 PSINAflt; C:\Windows\System32\Drivers\PSINAflt.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 PSINFile; C:\Windows\System32\Drivers\PSINFile.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 PSINKNC; C:\Windows\System32\Drivers\PSINKNC.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 PSINProc; C:\Windows\System32\Drivers\PSINProc.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 PSINProt; C:\Windows\System32\Drivers\PSINProt.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 PSINReg; C:\Windows\System32\Drivers\PSINReg.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 PSKMAD; C:\Windows\System32\Drivers\PSKMAD.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 qutmipc; C:\Windows\System32\Drivers\qutmipc.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 SandBox; C:\Windows\System32\Drivers\SandBox.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 SAVOnAccess; C:\Windows\System32\Drivers\SAVOnAccess.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 SAVOnAccessControl; C:\Windows\System32\Drivers\SAVOnAccessControl.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 SAVOnAccessFilter; C:\Windows\System32\Drivers\SAVOnAccessFilter.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 sbaphd; C:\Windows\System32\Drivers\sbaphd.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 sbapifs; C:\Windows\System32\Drivers\sbapifs.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 SbFw; C:\Windows\System32\Drivers\SbFw.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 sbhips; C:\Windows\System32\Drivers\sbhips.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 sbtis; C:\Windows\System32\Drivers\sbtis.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 sbwtis; C:\Windows\System32\Drivers\sbwtis.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 scfdriver; C:\Windows\System32\Drivers\scfdriver.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 scfndis; C:\Windows\System32\Drivers\scfndis.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 ShldFlt; C:\Windows\System32\Drivers\ShldFlt.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 SKMScan; C:\Windows\System32\Drivers\SKMScan.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 SophosBootDriver; C:\Windows\System32\Drivers\SophosBootDriver.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 SpiderG3; C:\Windows\System32\Drivers\SpiderG3.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 ssmdrv; C:\Windows\System32\Drivers\ssmdrv.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 tdifw; C:\Windows\System32\Drivers\tdifw.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 tdi_nf; C:\Windows\System32\Drivers\tdi_nf.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 tmcomm; C:\Windows\System32\Drivers\tmcomm.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 tpdevflt; C:\Windows\System32\Drivers\tpdevflt.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 tpsec; C:\Windows\System32\Drivers\tpsec.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 trufos; C:\Windows\System32\Drivers\trufos.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 TS4NT; C:\Windows\System32\Drivers\TS4NT.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 v3engine; C:\Windows\System32\Drivers\v3engine.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 VBEngNT; C:\Windows\System32\Drivers\VBEngNT.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 Vsdatant; C:\Windows\System32\Drivers\Vsdatant.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 webssx; C:\Windows\System32\Drivers\webssx.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 WNMFLT; C:\Windows\System32\Drivers\WNMFLT.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 wsnf; C:\Windows\System32\Drivers\wsnf.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    U5 wstif; C:\Windows\System32\Drivers\wstif.sys [0 2015-07-25] () <==== ATTENTION (zero byte File/Folder)
    2015-07-25 01:25 - 2015-07-25 01:25 - 00000000 __SHD C:\Documents and Settings\Администратор.TERMINAL\Application Data\gf4VnZnZY6I
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\wstif.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\wsnf.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\wnmflt64.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\wnmflt.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\webssx.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\vsdatant.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\VBEngNT.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\v3engine.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\TS4nt.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\Trufos.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\tpsec.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\tpdevflt.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\tmcomm.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\tdifw.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\tdi_nf.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\ssmdrv.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\spiderg3.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\SophosBootDriver.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\skmscan.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\ShlDrv51.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\ShldFlt.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\scfndis.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\scfdriver.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\sbwtis.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\sbtis.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\sbhips.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\SbFwIm.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\SbFw.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\sbapifs.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\sbaphd.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\savonaccessfilter.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\savonaccesscontrol.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\savonaccess.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\SandBox64.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\SandBox.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\qutmipc.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\qutmdrv.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\PSKMAD.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\PSINReg.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\PSINProt.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\PSINProc.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\PSINKNC.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\PSINFile.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\PSINAflt.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\protreg.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\PROCEXP152.SYS
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\PktIcpt.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\PavProc.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\pavboot64.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\pavboot.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\OAnet.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\OAmon.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\oahlp32.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\OADriver.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\nvcv64mf.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\NSNetmon.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\NSKernel.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\npf.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\NNStlsc.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\NNSStrm.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\NNSSmtp.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\NNSPrv.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\NNSProt.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\NNSPop3.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\NNSPihsw.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\NNSpihs.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\NNSpicc.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\NNSNAHS.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\NNSIds.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\NNSHttps.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\NNSHttp.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\NNSAlpc.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\nnetsecl64.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\nnetsecl.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\nnetsec.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\NETTDI64.SYS
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\neti1644.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\NETFLTDI.SYS
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\netfilter.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\n64i1644.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\mwfsmflt.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\mscank.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\MOBK.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\MiniIcpt.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\mfewfpk.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\mfencrk.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\mfencbdc.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\mfehidk.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\mfefirek.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\mfeelamk.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\mfeclnrk.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\mfebopk.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\mfeavfk.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\mfeapfk.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\McPvDrv.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\mbam.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\llio.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\kwfupper.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\kwflower.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\kvnet.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\kneps.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\KmxStart.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\KmxSbx.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\KmxFw.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\KmxFilter.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\KmxFile.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\KmxCfg.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\KmxCF.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\KmxAMRT.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\KmxAgent.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\klwfp.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\kltdi.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\klim6.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\klim5.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\klif.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\klflt.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\klelam.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\kl2.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\kl1.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\K7TdiHlp.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\K7Sentry.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\K7FWHlpr.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\K7FWFilt.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\inspect.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\idsflt64.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\idsflt.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\hvm.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\HookTdi.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\Hooksys.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\hookport.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\HookHelp.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\HookCentre.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\HipShieldK.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\gzflt.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\ggc.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\gfiutil.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\gfiark.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\gdwfpcd32.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\GDTdiIcpt.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\GDNdisIc.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\GDBehave.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\fwcore.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\fsbts.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\FPAV_RTP.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\fnetmon.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\fnetm64.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\epfwwfpr.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\epfwwfp.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\epfwtdi.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\epfwndis.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\EpfwLWF.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\epfw.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\EMLTDI.SYS
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\ehdrv.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\efimon.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\edevmon.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\econceal.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\eamonm.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\eamon.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\dwprot.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\dw_wfp.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\dsaflt64.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\dsaflt.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\DrWebLwf.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\COMFiltr.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\cmdhlp.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\cmdguard.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\cmderd.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\cfwids.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\CdmDrvNt.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\catflt.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\Bprotect.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\Bhbase.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\Bfmon.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\Bfilter.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\bdvedisk.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\BdSpy.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\bdsnm.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\bdsflt.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\bdsandbox.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\BdNet.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\bdfsfltr.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\BdfNdisf6.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\bdfndisf.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\bdelam.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\BdAgent.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\bcftdi.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\bcfsrm.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\bcfilter.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\bc_tdi_f.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\bc_prt_f.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\bc_pat_f.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\bc_ngn.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\bc_ip_f.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\bc_hash_f.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\BAPIDRV64.SYS
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\BAPIDRV.SYS
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\avnetflt.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\avkmgr.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\avipbb.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\avgwfpa.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\avgtdix.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\avgtdia.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\avgrkx86.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\avgrkx64.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\avgntflt.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\avgmfx86.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\avgmfx64.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\avglogx.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\avgloga.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\avgldx86.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\avgldx64.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\avgidsshimx.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\avgidshx.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\avgidsha.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\avgidsdriverx.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\avgidsdrivera.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\avgfwdx.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\avgfwd6x.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\avgfwd6a.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\avgdiskx.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\avgdiska.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\avgboota.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\avf.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\avckf.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\avchv.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\avc3.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\avasdmft.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\aswVmm.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\aswTdi.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\aswStm.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\aswSP.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\aswSnx.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\aswRvrt.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\aswRdr2.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\aswRdr.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\aswNdisFlt.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\aswNdis2.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\aswNdis.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\aswMonFlt.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\aswMon2.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\aswHwid.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\arcawfp.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\apsp.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\APPFLT.SYS
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\apkhelper.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\AMonTDNt.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\AMonTDLH.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\AMonLWLH.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\AMonHKNT.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\amm8660.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\amm8651.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\amm6460.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\ale7_nf64.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\ale7_nf.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\ale_nf64.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\ale_nf.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\ahnsze.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\AhnRghNt.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\AhnRec2k.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\AhnFlt2k.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\afwcore.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\afw.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\abp470n5.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\abndis.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\Aavmker4.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\360SelfProtection.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\360FsFlt.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\360Camera64.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\360Camera.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\360Box64.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\360Box.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\360AvFlt.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\360AntiHacker64.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\360AntiHacker.sys
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\Zillya Internet Security
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\Zillya Antivirus
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\WRData
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\WinRoute Pro
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\Windows Defender
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\Winalysis
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\Webroot
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\VIPRE
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\Vba32
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\UnThreat AntiVirus
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\UnThreat
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\TrustPort
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\TrojanHunter 5.5
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\TrojanHunter
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\Trend Micro
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\TotalDefense
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\Total Defense
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\Symantec AntiVirus
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\StopSign
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\SpyShelter Premium
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\SpyShelter
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\Spybot - Search & Destroy 2
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\Spybot - Search & Destroy
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\Sophos
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\Rising
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\Quick Heal
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\PSafe
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\Proland Software
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\Proland
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\pandasecuritytb
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\Panda Security URL Filtering
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\Panda Security
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\Padvish Antivirus
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\OnlineArmor
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\Online Armor
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\Norton Internet Security
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\Norton AntiVirus
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\Norton 360
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\Norman
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\nanolsp
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\nanoav
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\NANO Antivirus
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\mks_vir_9
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\MicroWorld
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\Microsoft Security Client
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\McAfeeMOBK
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\McAfee.com
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\McAfee Security Scan
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\McAfee
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\Malwarebytes' Anti-Malware
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\Malwarebytes
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\Malware Defender
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\Lavasoft
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\Kerio
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\Kaspersky Lab
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\K7 Computing
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\Jetico
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\IObit
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\IKARUS
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\GFI
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\G DATA Software
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\G Data
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\F-Secure
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\FRISK Software
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\Fortego Security
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\Filseclab
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\ESET
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\eScan
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\Emsisoft Anti-Malware
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\eAcceleration
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\DrWeb Enterprise Suite
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\DrWeb
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\Doctor Web
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\Comodo Downloader
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\COMODO
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\ClamWin
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\CheckPoint
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\CA
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\BullGuard Ltd
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\BullGuard
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\BitGuard
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\Bitdefender
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\Baidu Security
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\Avira
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\AVG Nation toolbar
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\AVG
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\AVAST Software
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\Avanquest
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\Arcabit
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\AntiVirus
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\Alwil Software
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\AhnLab
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\Agnitum
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\Acceleration Software
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\360SD
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\360
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\.clamwin
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Zillya Internet Security
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Zillya Internet Security
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Zillya Antivirus
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Zillya Antivirus
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\WRData
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\WRData
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\WinRoute Pro
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\WinRoute Pro
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Windows Defender
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Windows Defender
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Winalysis
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Winalysis
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Webroot
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Webroot
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\VIPRE
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\VIPRE
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Vba32
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Vba32
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\UnThreat AntiVirus
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\UnThreat AntiVirus
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\UnThreat
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\UnThreat
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\TrustPort
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\TrustPort
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\TrojanHunter 5.5
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\TrojanHunter 5.5
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\TrojanHunter
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\TrojanHunter
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Trend Micro
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Trend Micro
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\TotalDefense
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\TotalDefense
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Total Defense
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Total Defense
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Symantec AntiVirus
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Symantec AntiVirus
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\StopSign
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\StopSign
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\SpyShelter Premium
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\SpyShelter Premium
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\SpyShelter
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\SpyShelter
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy 2
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy 2
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Sophos
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Sophos
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Rising
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Rising
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Quick Heal
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Quick Heal
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\PSafe
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\PSafe
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Proland Software
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Proland Software
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Proland
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Proland
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\pandasecuritytb
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\pandasecuritytb
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Panda Security URL Filtering
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Panda Security URL Filtering
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Panda Security
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Panda Security
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Padvish Antivirus
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Padvish Antivirus
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\OnlineArmor
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\OnlineArmor
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Online Armor
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Online Armor
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Norton Internet Security
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Norton Internet Security
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Norton AntiVirus
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Norton AntiVirus
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Norton 360
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Norton 360
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Norman
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Norman
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\nanolsp
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\nanolsp
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\nanoav
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\nanoav
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\NANO Antivirus
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\NANO Antivirus
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\mks_vir_9
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\mks_vir_9
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\MicroWorld
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\MicroWorld
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft Security Client
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft Security Client
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\McAfeeMOBK
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\McAfeeMOBK
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\McAfee.com
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\McAfee.com
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\McAfee Security Scan
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\McAfee Security Scan
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\McAfee
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\McAfee
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Malwarebytes' Anti-Malware
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Malwarebytes' Anti-Malware
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Malwarebytes
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Malwarebytes
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Malware Defender
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Malware Defender
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Lavasoft
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Lavasoft
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Kerio
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Kerio
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Kaspersky Lab
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Kaspersky Lab
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\K7 Computing
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\K7 Computing
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Jetico
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Jetico
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\IObit
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\IObit
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\IKARUS
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\IKARUS
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\GFI
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\GFI
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\G DATA Software
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\G DATA Software
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\G Data
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\G Data
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\F-Secure
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\F-Secure
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\FRISK Software
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\FRISK Software
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Fortego Security
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Fortego Security
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Filseclab
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Filseclab
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\ESET
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\ESET
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\eScan
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\eScan
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Emsisoft Anti-Malware
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Emsisoft Anti-Malware
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\eAcceleration
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\eAcceleration
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\DrWeb Enterprise Suite
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\DrWeb Enterprise Suite
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\DrWeb
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\DrWeb
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Doctor Web
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Doctor Web
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Comodo Downloader
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Comodo Downloader
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\COMODO
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\COMODO
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\ClamWin
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\ClamWin
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\CheckPoint
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\CheckPoint
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\CA
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\CA
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\BullGuard Ltd
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\BullGuard Ltd
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\BullGuard
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\BullGuard
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\BitGuard
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\BitGuard
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Bitdefender
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Bitdefender
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Baidu Security
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Baidu Security
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Avira
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Avira
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\AVG Nation toolbar
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\AVG Nation toolbar
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\AVG
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\AVG
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\AVAST Software
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\AVAST Software
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Avanquest
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Avanquest
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Arcabit
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Arcabit
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\AntiVirus
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\AntiVirus
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Alwil Software
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Alwil Software
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\AhnLab
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\AhnLab
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Agnitum
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Agnitum
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Acceleration Software
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Acceleration Software
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\360SD
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\360SD
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\360
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\360
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\.clamwin
    2015-07-25 01:23 - 2015-07-25 01:23 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\.clamwin
    2015-07-24 14:22 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\Common Files\TrustPort
    2015-07-24 14:22 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\Common Files\Panda Security
    2015-07-24 14:22 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\Common Files\MicroWorld
    2015-07-24 14:22 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\Common Files\McAfee
    2015-07-24 14:22 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\Common Files\InfoWatch
    2015-07-24 14:22 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\Common Files\G Data
    2015-07-24 14:22 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\Common Files\eAcceleration
    2015-07-24 14:22 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\Common Files\Doctor Web
    2015-07-24 14:22 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\Common Files\BullGuard Ltd
    2015-07-24 14:22 - 2015-07-25 01:23 - 00000000 __RSH C:\Program Files\Common Files\Bitdefender
    Hosts:
    и сохраните как fixlist.txt в папку с Farbar Recovery Scan Tool.
    Отключите до перезагрузки антивирус, закройте все браузеры, запустите FRST, нажмите Fix и подождите. Программа создаст лог-файл (Fixlog.txt). Прикрепите его к своему следующему сообщению.

    Перезагрузите сервер и сделайте новые логи Farbar Recovery Scan Tool без галочки "Shortcut.txt".
    Последний раз редактировалось Vvvyg; 27.07.2015 в 10:40.
    WBR,
    Vadim

  7. #6
    Junior Member Репутация
    Регистрация
    24.07.2015
    Сообщений
    15
    Вес репутации
    9
    вот лог ( файл hosts очистился после fix - но после перезагрузки вновь "поломался")
    Вложения Вложения

  8. #7
    Senior Helper Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация
    Регистрация
    06.05.2008
    Адрес
    Тула
    Сообщений
    26,585
    Вес репутации
    836
    Ещё бы Fixlog.txt увидеть.

    Смените администраторский пароль, есть подозрение, что снаружи ломают. Есть к серверу доступ по RDP из интернета?

    Скачайте программу Universal Virus Sniffer и сделайте полный образ автозапуска uVS.
    WBR,
    Vadim

  9. #8
    Junior Member Репутация
    Регистрация
    24.07.2015
    Сообщений
    15
    Вес репутации
    9
    fixlog в архиве - что с ним не так?

  10. #9
    Senior Helper Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация
    Регистрация
    06.05.2008
    Адрес
    Тула
    Сообщений
    26,585
    Вес репутации
    836
    Не заметил сразу, пардон.
    Всё отработало, как задумано, но вернулось на круги своя...

    Жду полный образ автозапуска uVS.
    WBR,
    Vadim

  11. #10
    Junior Member Репутация
    Регистрация
    24.07.2015
    Сообщений
    15
    Вес репутации
    9
    доступ по RDP есть. редактор реестра не доступен.

    в логах нет - но есть подозрительные файлики rdpinst.exe и PsfjH4KN.txt (пустой) в \windows - avast (проверил на другом пк) - win32:malob-hp (cryp).
    Последний раз редактировалось aen1975; 28.07.2015 в 09:52.

  12. #11
    Senior Helper Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация
    Регистрация
    06.05.2008
    Адрес
    Тула
    Сообщений
    26,585
    Вес репутации
    836
    Интересно, троян в исполняемом файловом потоке...

    А что не по моей ссылке UVS скачали, там последний билд, и настройки под карантин VirusInfo сделаны.
    Скачайте ту версию, что я просил и сделайте следующее.

    Выполните скрипт в uVS:
    Код:
    ;uVS v3.85.25 [http://dsrt.dyndns.org]
    ;Target OS: NTv5.2
    v385c
    zoo %SystemRoot%\RDPINST.EXE
    delall %SystemRoot%\RDPINST.EXE
    zoo %SystemRoot%\TEMP:1
    delall %SystemRoot%\TEMP:1
    deldir C:\Windows\System32\Drivers\360AntiHacker.sys
    deldir C:\Windows\System32\Drivers\360AvFlt.sys
    deldir C:\Windows\System32\Drivers\360Box.sys
    deldir C:\Windows\System32\Drivers\360Box64.sys
    deldir C:\Windows\System32\Drivers\360Camera.sys
    deldir C:\Windows\System32\Drivers\360fsflt.sys
    deldir C:\Windows\System32\Drivers\360SelfProtection.sys
    deldir C:\Windows\System32\Drivers\ABndis.sys
    deldir C:\Windows\System32\Drivers\AFW.sys
    deldir C:\Windows\System32\Drivers\afwcore.sys
    deldir C:\Windows\System32\Drivers\AhnFlt2K.sys
    deldir C:\Windows\System32\Drivers\AhnRec2K.sys
    deldir C:\Windows\System32\Drivers\AhnRghNt.sys
    deldir C:\Windows\System32\Drivers\AhnSZE.sys
    deldir C:\Windows\System32\Drivers\ALE_NF.sys
    deldir C:\Windows\System32\Drivers\AMonLWLH.sys
    deldir C:\Windows\System32\Drivers\AMonTDLH.sys
    deldir C:\Windows\System32\Drivers\APPFLT.sys
    deldir C:\Windows\System32\Drivers\arcawfp.sys
    deldir C:\Windows\System32\Drivers\aswHwid.sys
    deldir C:\Windows\System32\Drivers\aswMonFlt.sys
    deldir C:\Windows\System32\Drivers\aswNdis.sys
    deldir C:\Windows\System32\Drivers\aswNdis2.sys
    deldir C:\Windows\System32\Drivers\aswNdisFlt.sys
    deldir C:\Windows\System32\Drivers\aswRdr.sys
    deldir C:\Windows\System32\Drivers\aswRvrt.sys
    deldir C:\Windows\System32\Drivers\aswSnx.sys
    deldir C:\Windows\System32\Drivers\aswSP.sys
    deldir C:\Windows\System32\Drivers\aswStm.sys
    deldir C:\Windows\System32\Drivers\aswTdi.sys
    deldir C:\Windows\System32\Drivers\aswVmm.sys
    deldir C:\Windows\System32\Drivers\avasdmft.sys
    deldir C:\Windows\System32\Drivers\avc3.sys
    deldir C:\Windows\System32\Drivers\avchv.sys
    deldir C:\Windows\System32\Drivers\avckf.sys
    deldir C:\Windows\System32\Drivers\Avgboota.sys
    deldir C:\Windows\System32\Drivers\Avgdiska.sys
    deldir C:\Windows\System32\Drivers\Avgdiskx.sys
    deldir C:\Windows\System32\Drivers\AVGIDSHA.sys
    deldir C:\Windows\System32\Drivers\AVGIDSHX.sys
    deldir C:\Windows\System32\Drivers\Avgldx64.sys
    deldir C:\Windows\System32\Drivers\Avgldx86.sys
    deldir C:\Windows\System32\Drivers\Avgloga.sys
    deldir C:\Windows\System32\Drivers\Avglogx.sys
    deldir C:\Windows\System32\Drivers\Avgmfx64.sys
    deldir C:\Windows\System32\Drivers\Avgmfx86.sys
    deldir C:\Windows\System32\Drivers\avgntflt.sys
    deldir C:\Windows\System32\Drivers\Avgrkx64.sys
    deldir C:\Windows\System32\Drivers\Avgrkx86.sys
    deldir C:\Windows\System32\Drivers\Avgtdia.sys
    deldir C:\Windows\System32\Drivers\Avgtdix.sys
    deldir C:\Windows\System32\Drivers\Avgwfpa.sys
    deldir C:\Windows\System32\Drivers\avipbb.sys
    deldir C:\Windows\System32\Drivers\avkmgr.sys
    deldir C:\Windows\System32\Drivers\avnetflt.sys
    deldir C:\Windows\System32\Drivers\BAPIDRV.sys
    deldir C:\Windows\System32\Drivers\Bcfilter.sys
    deldir C:\Windows\System32\Drivers\bcfsrm.sys
    deldir C:\Windows\System32\Drivers\bcftdi.sys
    deldir C:\Windows\System32\Drivers\bc_hash_f.sys
    deldir C:\Windows\System32\Drivers\bc_ip_f.sys
    deldir C:\Windows\System32\Drivers\bc_ngn.sys
    deldir C:\Windows\System32\Drivers\bc_pat_f.sys
    deldir C:\Windows\System32\Drivers\bc_prt_f.sys
    deldir C:\Windows\System32\Drivers\bc_tdi_f.sys
    deldir C:\Windows\System32\Drivers\BdAgent.sys
    deldir C:\Windows\System32\Drivers\bdelam.sys
    deldir C:\Windows\System32\Drivers\Bdfndisf.sys
    deldir C:\Windows\System32\Drivers\bdfsfltr.sys
    deldir C:\Windows\System32\Drivers\BdNet.sys
    deldir C:\Windows\System32\Drivers\BDSandBox.sys
    deldir C:\Windows\System32\Drivers\bdsflt.sys
    deldir C:\Windows\System32\Drivers\bdsnm.sys
    deldir C:\Windows\System32\Drivers\BdSpy.sys
    deldir C:\Windows\System32\Drivers\BDVEDISK.sys
    deldir C:\Windows\System32\Drivers\Bfilter.sys
    deldir C:\Windows\System32\Drivers\Bfmon.sys
    deldir C:\Windows\System32\Drivers\Bhbase.sys
    deldir C:\Windows\System32\Drivers\Bprotect.sys
    deldir C:\Windows\System32\Drivers\catflt.sys
    deldir C:\Windows\System32\Drivers\CdmDrvNt.sys
    deldir C:\Windows\System32\Drivers\cfwids.sys
    deldir C:\Windows\System32\Drivers\cmderd.sys
    deldir C:\Windows\System32\Drivers\cmdGuard.sys
    deldir C:\Windows\System32\Drivers\cmdHlp.sys
    deldir C:\Windows\System32\Drivers\ComFiltr.sys
    deldir C:\Windows\System32\Drivers\DrWebLwf.sys
    deldir C:\Windows\System32\Drivers\DSAFLT.sys
    deldir C:\Windows\System32\Drivers\DwProt.sys
    deldir C:\Windows\System32\Drivers\eamon.sys
    deldir C:\Windows\System32\Drivers\eamonm.sys
    deldir C:\Windows\System32\Drivers\econceal.sys
    deldir C:\Windows\System32\Drivers\edevmon.sys
    deldir C:\Windows\System32\Drivers\EfiMon.sys
    deldir C:\Windows\System32\Drivers\ehdrv.sys
    deldir C:\Windows\System32\Drivers\epfw.sys
    deldir C:\Windows\System32\Drivers\EpfwLWF.sys
    deldir C:\Windows\System32\Drivers\Epfwndis.sys
    deldir C:\Windows\System32\Drivers\epfwtdi.sys
    deldir C:\Windows\System32\Drivers\epfwwfp.sys
    deldir C:\Windows\System32\Drivers\epfwwfpr.sys
    deldir C:\Windows\System32\Drivers\FNETMON.sys
    deldir C:\Windows\System32\Drivers\FPAV_RTP.sys
    deldir C:\Windows\System32\Drivers\fsbts.sys
    deldir C:\Windows\System32\Drivers\FWCore.sys
    deldir C:\Windows\System32\Drivers\GDBehave.sys
    deldir C:\Windows\System32\Drivers\GDNdisIc.sys
    deldir C:\Windows\System32\Drivers\gfiark.sys
    deldir C:\Windows\System32\Drivers\gfiutil.sys
    deldir C:\Windows\System32\Drivers\ggc.sys
    deldir C:\Windows\System32\Drivers\gzflt.sys
    deldir C:\Windows\System32\Drivers\HipShieldK.sys
    deldir C:\Windows\System32\Drivers\HookCentre.sys
    deldir C:\Windows\System32\Drivers\HookPort.sys
    deldir C:\Windows\System32\Drivers\hooksys.sys
    deldir C:\Windows\System32\Drivers\HookTdi.sys
    deldir C:\Windows\System32\Drivers\inspect.sys
    deldir C:\Windows\System32\Drivers\K7FWFilt.sys
    deldir C:\Windows\System32\Drivers\K7FWHlpr.sys
    deldir C:\Windows\System32\Drivers\K7Sentry.sys
    deldir C:\Windows\System32\Drivers\K7TdiHlp.sys
    deldir C:\Windows\System32\Drivers\kl1.sys
    deldir C:\Windows\System32\Drivers\klelam.sys
    deldir C:\Windows\System32\Drivers\klflt.sys
    deldir C:\Windows\System32\Drivers\KLIF.sys
    deldir C:\Windows\System32\Drivers\KLIM6.sys
    deldir C:\Windows\System32\Drivers\kltdi.sys
    deldir C:\Windows\System32\Drivers\klwfp.sys
    deldir C:\Windows\System32\Drivers\KmxAgent.sys
    deldir C:\Windows\System32\Drivers\KmxAMRT.sys
    deldir C:\Windows\System32\Drivers\KmxCF.sys
    deldir C:\Windows\System32\Drivers\KmxCfg.sys
    deldir C:\Windows\System32\Drivers\KmxFile.sys
    deldir C:\Windows\System32\Drivers\KmxFilter.sys
    deldir C:\Windows\System32\Drivers\KmxFw.sys
    deldir C:\Windows\System32\Drivers\KmxSbx.sys
    deldir C:\Windows\System32\Drivers\KmxStart.sys
    deldir C:\Windows\System32\Drivers\kneps.sys
    deldir C:\Windows\System32\Drivers\kvnet.sys
    deldir C:\Windows\System32\Drivers\kwflower.sys
    deldir C:\Windows\System32\Drivers\kwfupper.sys
    deldir C:\Windows\System32\Drivers\llio.sys
    deldir C:\Windows\System32\Drivers\McPvDrv.sys
    deldir C:\Windows\System32\Drivers\mfeapfk.sys
    deldir C:\Windows\System32\Drivers\mfeavfk.sys
    deldir C:\Windows\System32\Drivers\mfebopk.sys
    deldir C:\Windows\System32\Drivers\mfeelamk.sys
    deldir C:\Windows\System32\Drivers\mfefirek.sys
    deldir C:\Windows\System32\Drivers\mfehidk.sys
    deldir C:\Windows\System32\Drivers\mfencbdc.sys
    deldir C:\Windows\System32\Drivers\mfencrk.sys
    deldir C:\Windows\System32\Drivers\mfewfpk.sys
    deldir C:\Windows\System32\Drivers\mscank.sys
    deldir C:\Windows\System32\Drivers\netfilter.sys
    deldir C:\Windows\System32\Drivers\NETFLTDI.sys
    deldir C:\Windows\System32\Drivers\nnetsec.sys
    deldir C:\Windows\System32\Drivers\NNSALPC.sys
    deldir C:\Windows\System32\Drivers\NNSHTTP.sys
    deldir C:\Windows\System32\Drivers\NNSHTTPS.sys
    deldir C:\Windows\System32\Drivers\NNSIDS.sys
    deldir C:\Windows\System32\Drivers\NNSNAHS.sys
    deldir C:\Windows\System32\Drivers\NNSPICC.sys
    deldir C:\Windows\System32\Drivers\NNSPIHS.sys
    deldir C:\Windows\System32\Drivers\NNSPIHSW.sys
    deldir C:\Windows\System32\Drivers\NNSPOP3.sys
    deldir C:\Windows\System32\Drivers\NNSPROT.sys
    deldir C:\Windows\System32\Drivers\NNSPRV.sys
    deldir C:\Windows\System32\Drivers\NNSSMTP.sys
    deldir C:\Windows\System32\Drivers\NNSSTRM.sys
    deldir C:\Windows\System32\Drivers\NNSTLSC.sys
    deldir C:\Windows\System32\Drivers\OAmon.sys
    deldir C:\Windows\System32\Drivers\OAnet.sys
    deldir C:\Windows\System32\Drivers\pavboot.sys
    deldir C:\Windows\System32\Drivers\PavProc.sys
    deldir \??\C:\WINDOWS\system32\drivers\phkcrcix.sys
    deldir C:\Windows\System32\Drivers\PSINAflt.sys
    deldir C:\Windows\System32\Drivers\PSINFile.sys
    deldir C:\Windows\System32\Drivers\PSINKNC.sys
    deldir C:\Windows\System32\Drivers\PSINProc.sys
    deldir C:\Windows\System32\Drivers\PSINProt.sys
    deldir C:\Windows\System32\Drivers\PSINReg.sys
    deldir C:\Windows\System32\Drivers\PSKMAD.sys
    deldir C:\Windows\System32\Drivers\qutmipc.sys
    deldir C:\Windows\System32\Drivers\SandBox.sys
    deldir C:\Windows\System32\Drivers\SAVOnAccess.sys
    deldir C:\Windows\System32\Drivers\SAVOnAccessControl.sys
    deldir C:\Windows\System32\Drivers\SAVOnAccessFilter.sys
    deldir C:\Windows\System32\Drivers\sbaphd.sys
    deldir C:\Windows\System32\Drivers\sbapifs.sys
    deldir C:\Windows\System32\Drivers\SbFw.sys
    deldir C:\Windows\System32\Drivers\sbhips.sys
    deldir C:\Windows\System32\Drivers\sbtis.sys
    deldir C:\Windows\System32\Drivers\sbwtis.sys
    deldir C:\Windows\System32\Drivers\scfdriver.sys
    deldir C:\Windows\System32\Drivers\scfndis.sys
    deldir C:\Windows\System32\Drivers\ShldFlt.sys
    deldir C:\Windows\System32\Drivers\SKMScan.sys
    deldir C:\Windows\System32\Drivers\SophosBootDriver.sys
    deldir C:\Windows\System32\Drivers\SpiderG3.sys
    deldir C:\Windows\System32\Drivers\ssmdrv.sys
    deldir C:\Windows\System32\Drivers\tdifw.sys
    deldir C:\Windows\System32\Drivers\tdi_nf.sys
    deldir C:\Windows\System32\Drivers\tmcomm.sys
    deldir C:\Windows\System32\Drivers\tpdevflt.sys
    deldir C:\Windows\System32\Drivers\tpsec.sys
    deldir C:\Windows\System32\Drivers\trufos.sys
    deldir C:\Windows\System32\Drivers\TS4NT.sys
    deldir C:\Windows\System32\Drivers\v3engine.sys
    deldir C:\Windows\System32\Drivers\VBEngNT.sys
    deldir C:\Windows\System32\Drivers\Vsdatant.sys
    deldir C:\Windows\System32\Drivers\webssx.sys
    deldir C:\Windows\System32\Drivers\WNMFLT.sys
    deldir C:\Windows\System32\Drivers\wsnf.sys
    deldir C:\Windows\System32\Drivers\wstif.sys
    regt 14
    regt 35
    czoo
    Перезагрузите сервер.
    В папке с uVS появится архив ZIP с именем, начинающимся с ZOO_ и далее из даты и времени, отправьте этот файл по ссылке "Прислать запрошенный карантин" над над первым сообщением в теме.

    В папке с UVS будет лог выполнения скрипта, текстовый файл с именем из даты и времени выполнения, прикрепите его с своему сообщению.

    Сделайте новый лог FRST.
    WBR,
    Vadim

  13. #12
    Junior Member Репутация
    Регистрация
    24.07.2015
    Сообщений
    15
    Вес репутации
    9
    карантин отправил

    лог
    Вложения Вложения
    Последний раз редактировалось aen1975; 28.07.2015 в 19:19.

  14. #13
    Senior Helper Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация
    Регистрация
    06.05.2008
    Адрес
    Тула
    Сообщений
    26,585
    Вес репутации
    836
    Скормите FRST такой fixlist.txt:
    Код:
    2015-07-27 18:55 - 2015-07-27 18:55 - 00000000 __SHD C:\Documents and Settings\Администратор.TERMINAL\Application Data\gf4VnZnZY6I
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\Zillya Internet Security
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\Zillya Antivirus
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\WRData
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\WinRoute Pro
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\Windows Defender
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\Winalysis
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\Webroot
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\VIPRE
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\Vba32
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\UnThreat AntiVirus
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\UnThreat
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\TrustPort
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\TrojanHunter 5.5
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\TrojanHunter
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\Trend Micro
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\TotalDefense
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\Total Defense
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\Symantec AntiVirus
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\StopSign
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\SpyShelter Premium
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\SpyShelter
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\Spybot - Search & Destroy 2
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\Spybot - Search & Destroy
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\Sophos
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\Rising
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\Quick Heal
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\PSafe
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\Proland Software
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\Proland
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\pandasecuritytb
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\Panda Security URL Filtering
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\Panda Security
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\Padvish Antivirus
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\OnlineArmor
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\Online Armor
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\Norton Internet Security
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\Norton AntiVirus
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\Norton 360
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\Norman
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\nanolsp
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\nanoav
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\NANO Antivirus
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\mks_vir_9
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\MicroWorld
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\Microsoft Security Client
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\McAfeeMOBK
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\McAfee.com
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\McAfee Security Scan
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\McAfee
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\Malwarebytes' Anti-Malware
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\Malwarebytes
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\Malware Defender
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\Lavasoft
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\Kerio
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\Kaspersky Lab
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\K7 Computing
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\Jetico
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\IObit
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\IKARUS
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\GFI
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\G DATA Software
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\G Data
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\F-Secure
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\FRISK Software
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\Fortego Security
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\Filseclab
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\ESET
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\eScan
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\Emsisoft Anti-Malware
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\eAcceleration
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\DrWeb Enterprise Suite
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\DrWeb
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\Doctor Web
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\Comodo Downloader
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\COMODO
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\Common Files\TrustPort
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\Common Files\Panda Security
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\Common Files\MicroWorld
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\Common Files\McAfee
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\Common Files\InfoWatch
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\Common Files\G Data
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\Common Files\eAcceleration
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\Common Files\Doctor Web
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\Common Files\BullGuard Ltd
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\Common Files\Bitdefender
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\ClamWin
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\CheckPoint
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\CA
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\BullGuard Ltd
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\BullGuard
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\BitGuard
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\Bitdefender
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\Baidu Security
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\Avira
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\AVG Nation toolbar
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\AVG
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\AVAST Software
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\Avanquest
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\Arcabit
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\AntiVirus
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\Alwil Software
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\AhnLab
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\Agnitum
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\Acceleration Software
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\360SD
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\360
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Program Files\.clamwin
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Zillya Internet Security
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Zillya Internet Security
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Zillya Antivirus
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Zillya Antivirus
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\WRData
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\WRData
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\WinRoute Pro
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\WinRoute Pro
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Windows Defender
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Windows Defender
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Winalysis
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Winalysis
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Webroot
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Webroot
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\VIPRE
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\VIPRE
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Vba32
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Vba32
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\UnThreat AntiVirus
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\UnThreat AntiVirus
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\UnThreat
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\UnThreat
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\TrustPort
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\TrustPort
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\TrojanHunter 5.5
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\TrojanHunter 5.5
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\TrojanHunter
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\TrojanHunter
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Trend Micro
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Trend Micro
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\TotalDefense
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\TotalDefense
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Total Defense
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Total Defense
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Symantec AntiVirus
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Symantec AntiVirus
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\StopSign
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\StopSign
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\SpyShelter Premium
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\SpyShelter Premium
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\SpyShelter
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\SpyShelter
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy 2
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy 2
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Sophos
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Sophos
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Rising
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Rising
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Quick Heal
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Quick Heal
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\PSafe
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\PSafe
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Proland Software
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Proland Software
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Proland
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Proland
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\pandasecuritytb
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\pandasecuritytb
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Panda Security URL Filtering
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Panda Security URL Filtering
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Panda Security
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Panda Security
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Padvish Antivirus
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Padvish Antivirus
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\OnlineArmor
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\OnlineArmor
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Online Armor
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Online Armor
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Norton Internet Security
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Norton Internet Security
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Norton AntiVirus
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Norton AntiVirus
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Norton 360
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Norton 360
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Norman
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Norman
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\nanolsp
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\nanolsp
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\nanoav
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\nanoav
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\NANO Antivirus
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\NANO Antivirus
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\mks_vir_9
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\mks_vir_9
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\MicroWorld
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\MicroWorld
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft Security Client
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft Security Client
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\McAfeeMOBK
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\McAfeeMOBK
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\McAfee.com
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\McAfee.com
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\McAfee Security Scan
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\McAfee Security Scan
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\McAfee
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\McAfee
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Malwarebytes' Anti-Malware
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Malwarebytes' Anti-Malware
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Malwarebytes
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Malwarebytes
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Malware Defender
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Malware Defender
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Lavasoft
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Lavasoft
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Kerio
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Kerio
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Kaspersky Lab
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Kaspersky Lab
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\K7 Computing
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\K7 Computing
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Jetico
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Jetico
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\IObit
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\IObit
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\IKARUS
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\IKARUS
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\GFI
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\GFI
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\G DATA Software
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\G DATA Software
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\G Data
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\G Data
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\F-Secure
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\F-Secure
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\FRISK Software
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\FRISK Software
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Fortego Security
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Fortego Security
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Filseclab
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Filseclab
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\ESET
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\ESET
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\eScan
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\eScan
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Emsisoft Anti-Malware
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Emsisoft Anti-Malware
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\eAcceleration
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\eAcceleration
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\DrWeb Enterprise Suite
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\DrWeb Enterprise Suite
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\DrWeb
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\DrWeb
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Doctor Web
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Doctor Web
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Comodo Downloader
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Comodo Downloader
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\COMODO
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\COMODO
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\ClamWin
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\ClamWin
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\CheckPoint
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\CheckPoint
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\CA
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\CA
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\BullGuard Ltd
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\BullGuard Ltd
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\BullGuard
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\BullGuard
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\BitGuard
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\BitGuard
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Bitdefender
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Bitdefender
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Baidu Security
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Baidu Security
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Avira
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Avira
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\AVG Nation toolbar
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\AVG Nation toolbar
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\AVG
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\AVG
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\AVAST Software
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\AVAST Software
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Avanquest
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Avanquest
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Arcabit
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Arcabit
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\AntiVirus
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\AntiVirus
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Alwil Software
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Alwil Software
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\AhnLab
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\AhnLab
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Agnitum
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Agnitum
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Acceleration Software
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\Acceleration Software
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\360SD
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\360SD
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\360
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\360
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\.clamwin
    2015-07-27 18:54 - 2015-07-28 09:05 - 00000000 __RSH C:\Documents and Settings\All Users.WINDOWS\Application Data\.clamwin
    2015-07-27 18:54 - 2015-07-27 18:54 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\wnmflt64.sys
    2015-07-27 18:54 - 2015-07-27 18:54 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS
    2015-07-27 18:54 - 2015-07-27 18:54 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\ShlDrv51.sys
    2015-07-27 18:54 - 2015-07-27 18:54 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\SbFwIm.sys
    2015-07-27 18:54 - 2015-07-27 18:54 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\SandBox64.sys
    2015-07-27 18:54 - 2015-07-27 18:54 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\qutmdrv.sys
    2015-07-27 18:54 - 2015-07-27 18:54 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\protreg.sys
    2015-07-27 18:54 - 2015-07-27 18:54 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\PROCEXP152.SYS
    2015-07-27 18:54 - 2015-07-27 18:54 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\PktIcpt.sys
    2015-07-27 18:54 - 2015-07-27 18:54 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\pavboot64.sys
    2015-07-27 18:54 - 2015-07-27 18:54 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\oahlp32.sys
    2015-07-27 18:54 - 2015-07-27 18:54 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\OADriver.sys
    2015-07-27 18:54 - 2015-07-27 18:54 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\nvcv64mf.sys
    2015-07-27 18:54 - 2015-07-27 18:54 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\NSNetmon.sys
    2015-07-27 18:54 - 2015-07-27 18:54 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\NSKernel.sys
    2015-07-27 18:54 - 2015-07-27 18:54 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\npf.sys
    2015-07-27 18:54 - 2015-07-27 18:54 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\nnetsecl64.sys
    2015-07-27 18:54 - 2015-07-27 18:54 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\nnetsecl.sys
    2015-07-27 18:54 - 2015-07-27 18:54 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\NETTDI64.SYS
    2015-07-27 18:54 - 2015-07-27 18:54 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\neti1644.sys
    2015-07-27 18:54 - 2015-07-27 18:54 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\n64i1644.sys
    2015-07-27 18:54 - 2015-07-27 18:54 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\mwfsmflt.sys
    2015-07-27 18:54 - 2015-07-27 18:54 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\MOBK.sys
    2015-07-27 18:54 - 2015-07-27 18:54 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\MiniIcpt.sys
    2015-07-27 18:54 - 2015-07-27 18:54 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\mfeclnrk.sys
    2015-07-27 18:54 - 2015-07-27 18:54 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\mbam.sys
    2015-07-27 18:54 - 2015-07-27 18:54 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\klim5.sys
    2015-07-27 18:54 - 2015-07-27 18:54 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\kl2.sys
    2015-07-27 18:54 - 2015-07-27 18:54 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\idsflt64.sys
    2015-07-27 18:54 - 2015-07-27 18:54 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\idsflt.sys
    2015-07-27 18:54 - 2015-07-27 18:54 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\hvm.sys
    2015-07-27 18:54 - 2015-07-27 18:54 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\HookHelp.sys
    2015-07-27 18:54 - 2015-07-27 18:54 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\gdwfpcd32.sys
    2015-07-27 18:54 - 2015-07-27 18:54 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\GDTdiIcpt.sys
    2015-07-27 18:54 - 2015-07-27 18:54 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\fnetm64.sys
    2015-07-27 18:54 - 2015-07-27 18:54 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\EMLTDI.SYS
    2015-07-27 18:54 - 2015-07-27 18:54 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\dw_wfp.sys
    2015-07-27 18:54 - 2015-07-27 18:54 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\dsaflt64.sys
    2015-07-27 18:54 - 2015-07-27 18:54 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\BdfNdisf6.sys
    2015-07-27 18:54 - 2015-07-27 18:54 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\BAPIDRV64.SYS
    2015-07-27 18:54 - 2015-07-27 18:54 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\avgidsshimx.sys
    2015-07-27 18:54 - 2015-07-27 18:54 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\avgidsdriverx.sys
    2015-07-27 18:54 - 2015-07-27 18:54 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\avgidsdrivera.sys
    2015-07-27 18:54 - 2015-07-27 18:54 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\avgfwdx.sys
    2015-07-27 18:54 - 2015-07-27 18:54 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\avgfwd6x.sys
    2015-07-27 18:54 - 2015-07-27 18:54 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\avgfwd6a.sys
    2015-07-27 18:54 - 2015-07-27 18:54 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\avf.sys
    2015-07-27 18:54 - 2015-07-27 18:54 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\aswRdr2.sys
    2015-07-27 18:54 - 2015-07-27 18:54 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\aswMon2.sys
    2015-07-27 18:54 - 2015-07-27 18:54 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\apsp.sys
    2015-07-27 18:54 - 2015-07-27 18:54 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\apkhelper.sys
    2015-07-27 18:54 - 2015-07-27 18:54 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\AMonTDNt.sys
    2015-07-27 18:54 - 2015-07-27 18:54 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\AMonHKNT.sys
    2015-07-27 18:54 - 2015-07-27 18:54 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\amm8660.sys
    2015-07-27 18:54 - 2015-07-27 18:54 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\amm8651.sys
    2015-07-27 18:54 - 2015-07-27 18:54 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\amm6460.sys
    2015-07-27 18:54 - 2015-07-27 18:54 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\ale7_nf64.sys
    2015-07-27 18:54 - 2015-07-27 18:54 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\ale7_nf.sys
    2015-07-27 18:54 - 2015-07-27 18:54 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\ale_nf64.sys
    2015-07-27 18:54 - 2015-07-27 18:54 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\abp470n5.sys
    2015-07-27 18:54 - 2015-07-27 18:54 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\Aavmker4.sys
    2015-07-27 18:54 - 2015-07-27 18:54 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\360Camera64.sys
    2015-07-27 18:54 - 2015-07-27 18:54 - 00000000 _RSHD C:\WINDOWS\system32\Drivers\360AntiHacker64.sys
    2015-07-24 20:40 - 2015-07-27 20:44 - 00000000 ___SH C:\WINDOWS\PsfjH4KN.txt
    HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local: [ActivePolicy] SOFTWARE\Policies\Microsoft\Windows\IPSEC\Policy\Local\ipsecPolicy{b4f9004c-904c-45a5-8711-3501b4a3f465} <======= ATTENTION (Policy restriction on IP)
    Новый Fixlog.txt прикрепите.

    Проверьте содержимое архива C:\WINDOWS\rdp.rar на virustotal.com.

    Выполните 2-й стандартный скрипт в AVZ, только скачайте программу отсюда, обновление баз не требуется.
    Прикрепите к своему следующему сообщению файл virusinfo_syscheck.zip.
    WBR,
    Vadim

  15. #14
    Junior Member Репутация
    Регистрация
    24.07.2015
    Сообщений
    15
    Вес репутации
    9
    в архиве есть rdpinst - там вирус https://www.virustotal.com/ru/file/5...is/1438114076/

    папки от пустых папок и файлов очистились
    Вложения Вложения

  16. #15
    Senior Helper Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация
    Регистрация
    06.05.2008
    Адрес
    Тула
    Сообщений
    26,585
    Вес репутации
    836
    Какие ещё проблемы остались?
    WBR,
    Vadim

  17. #16
    Junior Member Репутация
    Регистрация
    24.07.2015
    Сообщений
    15
    Вес репутации
    9
    Цитата Сообщение от Vvvyg Посмотреть сообщение
    Какие ещё проблемы остались?
    не могу корректно удалить MBAM - Ошибка приложения mbam.exe, версия 2.3.55.0, модуль msvcr100.dll, версия 10.0.40219.325, адрес 0x0008d6fd.

    и установить антивирус например Symantec -

    Сбой при запуске службы "Symantec Real Time Storage Protection (PEL)" из-за ошибки
    Указанная служба не может быть запущена, поскольку она отключена или все связанные с ней устройства отключены.

    Тип запуска службы "Symantec Extended File Attributes (SI)" был изменен с "загрузка" на "отключено".

    Устройство Root\LEGACY_SRTSPX\0000 было отключено из системы без предварительной подготовки.

    Служба "Symantec Endpoint Protection" перешла в состояние "Остановлена".

    Установщик Windows выполнил установку продукта. Продукт: Symantec Endpoint Protection Client. Версия: 12.1.5337.5000. Язык: 1033. Установка завершена с состоянием: 1603.


    да и smss.exe смущает
    Последний раз редактировалось aen1975; 29.07.2015 в 00:00.

  18. #17
    Senior Helper Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация
    Регистрация
    06.05.2008
    Адрес
    Тула
    Сообщений
    26,585
    Вес репутации
    836
    Symantec Endpoint Security удалите штатно, потом прогоните Norton Removal Tool - возможно, поможет.

    Насчёт smss.exe - не обращайте внимания, особенность восприятия серверных систем avz и другими утилитами.

    По поводу MBAM - завтра попробуем грубой силой вычистить.
    WBR,
    Vadim

  19. #18
    Junior Member Репутация
    Регистрация
    24.07.2015
    Сообщений
    15
    Вес репутации
    9
    SEP - не установлен (был раньше - переустановить не давали вирусы) - NRT запускается в никуда ... т.е. тишина.

    Ошибка приложения SymNRT.exe, версия 22.5.0.4, модуль SymNRT.exe, версия 22.5.0.4, адрес 0x00023ca2.

    Нельзя прочесть раздел реестра для строк счетчика производительности, код языка 009. Возвращенное состояние Win32 находится в первом DWORD секции данных.

  20. #19
    Senior Helper Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация Репутация
    Регистрация
    06.05.2008
    Адрес
    Тула
    Сообщений
    26,585
    Вес репутации
    836
    С проблемами SES лучше в ТП Symantec обращаться. Или пробовать другой антивирус устанавливать.

    MBAM пробуйте таким скриптом удалить.
    Код:
    ;uVS v3.85.26 [http://dsrt.dyndns.org]
    ;Target OS: NTv5.2
    v385c
    del %Sys32%\DRIVERS\MBAMSWISSARMY.SYS
    delref %Sys32%\DRIVERS\MBAMSWISSARMY.SYS
    deldirex %SystemDrive%\PROGRAM FILES\MALWAREBYTES ANTI-MALWARE
    uidel "C:\Program Files\Malwarebytes Anti-Malware\unins000.exe"
    delref %SystemDrive%\POKER\POKER 770\WIDGETBAR\PTCONTAINERUI.DLL
    delref %SystemDrive%\POKER\POKER 770\WIDGETBAR\WIDGETBARAPI.DLL
    delref %SystemDrive%\POKER\POKER 770\WIDGETBAR\WIDGETBARMANAGERUI.DLL
    delref %SystemDrive%\DOCUME~1\ALLUSE~1.WIN\APPLIC~1\SYMANTEC\SYKNAPPS\SYKNAPPS.DLL
    И перезагрузка.
    WBR,
    Vadim

  21. Это понравилось:


  22. #20
    Junior Member Репутация
    Регистрация
    24.07.2015
    Сообщений
    15
    Вес репутации
    9
    MBAM удалился, антивирус установился. Допрос с пристрастием отложил до приезда на место.

  • Уважаемый(ая) aen1975, наши специалисты оказали Вам всю возможную помощь по вашему обращению.

    В целях поддержания безопасности вашего компьютера настоятельно рекомендуем:

     

     

    Чтобы всегда быть в курсе актуальных угроз в области информационной безопасности и сохранять свой компьютер защищенным, рекомендуем следить за последними новостями ИТ-сферы портала Anti-Malware.ru:

     

     

    Anti-Malware VK

     

    Anti-Malware Telegram

     

     

    Надеемся больше никогда не увидеть ваш компьютер зараженным!

     

    Если Вас не затруднит, пополните пожалуйста нашу базу безопасных файлов.

  • Страница 1 из 2 12 Последняя

    Похожие темы

    1. Ответов: 8
      Последнее сообщение: 05.09.2011, 19:00
    2. Ответов: 4
      Последнее сообщение: 28.12.2010, 14:30
    3. Ответов: 1
      Последнее сообщение: 08.10.2010, 15:17
    4. Ответов: 2
      Последнее сообщение: 13.08.2010, 11:53
    5. Ответов: 6
      Последнее сообщение: 26.07.2010, 13:28

    Свернуть/Развернуть Ваши права в разделе

    • Вы не можете создавать новые темы
    • Вы не можете отвечать в темах
    • Вы не можете прикреплять вложения
    • Вы не можете редактировать свои сообщения
    •  
    Page generated in 0.00546 seconds with 17 queries