Nazdar.
V PC sa mi usídlili nejaké víry. MSE ich dokáže identifikovať, no odstrániť ich už nedokáže. Resp ich odstráni ale oni sa tam akosi vždy zase dostanú. Už som ich deletoval asi 30 krát.
Zišla by sa mi teda menšia pomoc. Ďakujem
Logfile of random's system information tool 1.09 (written by random/random)
Run by zhulo at 2011-12-23 13:29:46
Microsoft Windows 7 Home Premium
System drive C: has 84 GB (52%) free of 162 GB
Total RAM: 3950 MB (39% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:29:51, on 23. 12. 2011
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16869)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\SugarSync\SugarSyncManager.exe
C:\Program Files (x86)\SONY\Media Gallery\ElbServer.exe
C:\Users\zhulo\AppData\Roaming\QipGuard\QipGuard.exe
C:\Program Files (x86)\QIP 2012\qip.exe
C:\Program Files (x86)\SONY\ISB Utility\ISBMgr.exe
C:\Program Files (x86)\SONY\Marketing Tools\MarketingTools.exe
C:\Program Files\Sony\VAIO Care\listener.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\JetAudio\JetAudio.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files\trend micro\zhulo.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.qip.ru
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.qip.ru/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.qip.ru
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://qip.ru
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.qip.ru/ie
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:61515
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: QIPBHO Class - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Users\zhulo\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll
R3 - URLSearchHook: (no name) - - (no file)
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Pomocník pri prihlasovaní v konte Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: QIPBHO - {95289393-33EA-4F8D-B952-483415B9C955} - C:\Users\zhulo\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [ISBMgr.exe] "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe"
O4 - HKLM\..\Run: [MarketingTools] C:\Program Files (x86)\Sony\Marketing Tools\MarketingTools.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware (reboot)] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [SugarSync] "C:\Program Files (x86)\SugarSync\SugarSyncManager.exe" -startInTray -usedelay=true
O4 - HKCU\..\Run: [Elbserver] C:\Program Files (x86)\Sony\Media Gallery\ElbServer.exe /Stay
O4 - HKCU\..\Run: [QIP Internet Guardian] C:\Users\zhulo\AppData\Roaming\QipGuard\QipGuard.exe /p
O4 - HKCU\..\Run: [Infium] "C:\Program Files (x86)\QIP 2012\qip.exe" /autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: networx - odkaz.lnk = D:\Programy\Networkx\networx.exe
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&oslať do programu OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: (no name) - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - (no file)
O9 - Extra button: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Prepojené poznámky programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{BE1DD507-F8EB-473E-8404-24DC08E19615}: NameServer = 192.168.159.1
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: Connectify - Unknown owner - C:\Program Files (x86)\Connectify\ConnectifyService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PMBDeviceInfoProvider - Sony Corporation - c:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: QipGuard - QIP.ru - C:\Program Files (x86)\QipGuard\QipGuard.exe
O23 - Service: Roxio UPnP Renderer 10 - Sonic Solutions - C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe
O23 - Service: Roxio Upnp Server 10 - Sonic Solutions - C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: VAIO Care Performance Service (SampleCollector) - Sony Corporation - C:\Program Files\Sony\VAIO Care\VCPerfService.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: VAIO Media plus Content Importer (SOHCImp) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
O23 - Service: VAIO Media plus Digital Media Server (SOHDms) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
O23 - Service: VAIO Media plus Device Searcher (SOHDs) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
O23 - Service: VAIO Entertainment Common Service (SpfService) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: CamMonitor (uCamMonitor) - ArcSoft, Inc. - C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Power Management - Sony Corporation - C:\Program Files\Sony\VAIO Power Management\SPMService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: VAIO Content Folder Watcher (VCFw) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
O23 - Service: VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
O23 - Service: VAIO Content Metadata Intelligent Network Service Manager (VcmINSMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
O23 - Service: VAIO Content Metadata XML Interface (VcmXmlIfHelper) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe
O23 - Service: VCService - Sony Corporation - C:\Program Files\Sony\VAIO Care\VCService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VSNService - Sony Corporation - C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: VUAgent - Sony Corporation - C:\Program Files\Sony\VAIO Update Common\VUAgent.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 14737 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
"C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe"
C:\Windows\system32\atiesrxx.exe
winlogon.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
atieclxx
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
"C:\Program Files (x86)\Connectify\ConnectifyService.exe"
C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"ConnectifyD.exe"
\??\C:\Windows\system32\conhost.exe "57414032494255252-1317325762-521202166131345650-2969980831824692596795876542
"C:\Program Files\Microsoft SQL Server\90\DTS\Binn\MsDtsSrvr.exe"
"C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe" -sMSSQLSERVER
"C:\Program Files\Microsoft SQL Server\MSSQL.2\OLAP\bin\msmdsrv.exe" -s "C:\Program Files\Microsoft SQL Server\MSSQL.2\OLAP\Config"
C:\Windows\System32\svchost.exe -k HPZ12
"c:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe"
C:\Windows\System32\svchost.exe -k HPZ12
"C:\Program Files (x86)\QipGuard\QipGuard.exe"
"C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe"
"C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe"
"C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe"
C:\Windows\SysWOW64\DllHost.exe /Processid:{78FD0120-D39C-45D8-A9BE-2B802B3C23E5}
"C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe"
"C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe"
"C:\Program Files\Sony\VAIO Smart Network\VSNService.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\SONY\VAIO Event Service\VESMgrSub.exe"
WLIDSvcM.exe 2116
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
"C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe"
"C:\Windows\system32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-3f5259fa-b1d9-4781-8373-811e8053d49f -SystemEventPortName:HostProcess-49bd1781-c98f-4ec0-b655-281cda64e64e -IoCancelEventPortName:HostProcess-e3025db7-c01e-494c-9f94-0546dcf52192 -NonStateChangingEventPortName:HostProcess-1a9192e1-81b2-4a1f-8411-f2140873468b -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:5e126911-b112-4270-b802-8c7d64404242
"C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"taskhost.exe"
taskeng.exe {FB8240BD-FA2E-45F6-89CE-63029574ECD9}
"C:\Windows\system32\Dwm.exe"
"C:\Windows\explorer.exe"
/Device:000000a1
"C:\Program Files\Sony\VAIO Power Management\SPMgr.exe" /Start
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Apoint\Apoint.exe"
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files\Apoint\ApMsgFwd.exe" -s{05FA8492-C047-4207-BE65-780D8591C113}
"C:\Program Files (x86)\SugarSync\SugarSyncManager.exe" -startInTray -usedelay=true
"C:\Program Files (x86)\SONY\Media Gallery\ElbServer.exe" /Stay
"C:\Users\zhulo\AppData\Roaming\QipGuard\QipGuard.exe" /p
"C:\Program Files (x86)\QIP 2012\qip.exe" /autorun
"C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe"
"C:\Program Files (x86)\SONY\ISB Utility\ISBMgr.exe"
"C:\Program Files (x86)\SONY\Marketing Tools\MarketingTools.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files\Apoint\Apvfb.exe"
"Apntex.exe"
\??\C:\Windows\system32\conhost.exe "176492264837980681-1653284727-213745225588013939210793543051948117380-1244489485
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"D:\Programy\Networkx\networx.exe"
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\Sony\VAIO Power Management\SPMService.exe"
"C:\Program Files\Sony\VAIO Care\VCPerfService.exe" "/service" "/sstates" "/sampleinterval=5000" "/procinterval=5" "/dllinterval=120" "/counter=\Processor(_Total)\% Processor Time:1/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:1" "/counter=\Network Interface(*)\Bytes Total/sec:1" "/expandcounter=\Processor Information(*)\Processor Frequency:1" "/expandcounter=\Processor(*)\% Idle Time:1" "/expandcounter=\Processor(*)\% C1 Time:1" "/expandcounter=\Processor(*)\% C2 Time:1" "/expandcounter=\Processor(*)\% C3 Time:1" "/expandcounter=\Processor(*)\% Processor Time:1" "/directory=C:\ProgramData\Sony Corporation\VAIO Care\inteldata"
C:\Program Files\Sony\VAIO Care/listener.exe /silent /slot=0
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files\Sony\VAIO Update Common\VUAgent.exe"
"C:\Program Files\Sony\VAIO Update 5\VAIOUpdt.exe" /Stationary
"C:\Program Files\Sony\VAIO Care\VCsystray.exe"
"C:\Program Files\Sony\VAIO Care\VCService.exe"
"C:\Program Files\Sony\VAIO Care\VCAgent.exe"
C:\Windows\System32\vds.exe
"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe"
"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /startalways
StartVC*SelfHeal*silence+EU\sk-SK
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\JetAudio\JetAudio.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=1744.ec9d5d0.604507084 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll" Mozilla.Firefox.9.0.1 -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.jar" 1744 "\\.\pipe\gecko-crash-server-pipe.1744" plugin
taskeng.exe {171DDF94-6DE8-4BEA-8531-5C196F5FFAE0}
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe9_ Global\UsGthrCtrlFltPipeMssGthrPipe9 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 524 528 536 65536 532
C:\Windows\System32\svchost.exe -k WerSvcGroup
"C:\Program Files\Microsoft Security Client\Antimalware\MpCmdRun.exe" SpyNetService -RestrictPrivileges -AccessKey FB5A471E-4A89-91CB-240E-F9F498497F17 -Reinvoke
"C:\Users\zhulo\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe
======Scheduled tasks folder======
C:\Windows\tasks\AutoKMS.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-949965917-3753343039-3259282721-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-949965917-3753343039-3259282721-1000UA.job
=========Mozilla firefox=========
ProfilePath - C:\Users\zhulo\AppData\Roaming\Mozilla\Firefox\Profiles\bwbpj3wv.default
prefs.js - "browser.startup.homepage" - "http://www.google.com/ig"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL
C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}
C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
C:\Program Files (x86)\Mozilla Firefox\plugins\
np-mswmp.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt
C:\Program Files (x86)\Mozilla Firefox\searchplugins\
atlas-sk.xml
azet-sk.xml
dunaj-sk.xml
eBay.xml
google.xml
slovnik-sk.xml
wikipedia-sk.xml
zoznam-sk.xml
C:\Users\zhulo\AppData\Roaming\Mozilla\Firefox\Profiles\bwbpj3wv.default\extensions\
{7b1bf0b6-a1b9-42b0-b75d-252036438bdc}
{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
C:\Users\zhulo\AppData\Roaming\Mozilla\Firefox\Profiles\bwbpj3wv.default\searchplugins\
conduit.xml
qip-search.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 6722448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2010-02-28 688528]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2011-10-26 75656]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pri prihlasovaní v konte Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95289393-33EA-4F8D-B952-483415B9C955}]
QIPBHO Class - C:\Users\zhulo\AppData\Roaming\Microsoft\Internet Explorer\qipsearchbar.dll [2011-08-22 141184]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-02-28 561552]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-08-03 42272]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2009-12-16 9636896]
"Apoint"=C:\Program Files\Apoint\Apoint.exe [2009-11-04 208384]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2011-06-15 1436736]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06 500208]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SugarSync"=C:\Program Files (x86)\SugarSync\SugarSyncManager.exe [2011-11-11 12210176]
"Elbserver"=C:\Program Files (x86)\Sony\Media Gallery\ElbServer.exe [2009-10-15 72192]
"QIP Internet Guardian"=C:\Users\zhulo\AppData\Roaming\QipGuard\QipGuard.exe [2011-11-23 191440]
"Infium"=C:\Program Files (x86)\QIP 2012\qip.exe [2011-11-23 7248848]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"ISBMgr.exe"=C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [2009-08-26 320880]
"MarketingTools"=C:\Program Files (x86)\Sony\Marketing Tools\MarketingTools.exe [2011-10-03 26624]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-09-20 102400]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2011-09-07 37296]
"Malwarebytes' Anti-Malware"=C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe [2011-08-31 449608]
"Malwarebytes' Anti-Malware (reboot)"=C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe [2011-08-31 1047208]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes' Anti-Malware"=C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe [2011-08-31 449608]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Users\zhulo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
networx - odkaz.lnk - D:\Programy\Networkx\networx.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2009-12-16 268800]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]
FencesShellExt - {1984DD45-52CF-49cd-AB77-18F378FEA264} - C:\Program Files (x86)\Stardock\Fences\FencesMenu64.dll [2010-06-22 253288]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2010-03-25 6722448]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2010-03-25 4222864]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"HideSCAHealth"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2011-12-23 13:29:46 ----D---- C:\rsit
2011-12-23 13:29:46 ----D---- C:\Program Files\trend micro
2011-12-23 12:08:01 ----D---- C:\Users\zhulo\AppData\Roaming\Malwarebytes
2011-12-23 12:07:46 ----D---- C:\ProgramData\Malwarebytes
2011-12-23 12:07:43 ----D---- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2011-12-23 12:07:43 ----A---- C:\Windows\system32\drivers\mbam.sys
2011-12-14 23:35:18 ----D---- C:\Program Files (x86)\StarUML
2011-12-10 21:39:04 ----D---- C:\Program Files\NETGATE
2011-12-09 19:55:43 ----D---- C:\Program Files (x86)\5E4AF
2011-12-09 19:55:10 ----D---- C:\Users\zhulo\AppData\Roaming\C2E5E
2011-12-09 19:55:10 ----D---- C:\Program Files (x86)\LP
2011-12-04 18:06:23 ----D---- C:\Users\zhulo\AppData\Roaming\TeamViewer
2011-12-01 17:02:04 ----A---- C:\Windows\SYSWOW64\XAudio2_5.dll
2011-12-01 17:02:00 ----A---- C:\Windows\system32\d3dx10_42.dll
2011-12-01 17:01:56 ----A---- C:\Windows\SYSWOW64\XAPOFX1_3.dll
2011-12-01 16:50:29 ----D---- C:\Program Files (x86)\Ubisoft
2011-11-30 20:30:21 ----A---- C:\Windows\SYSWOW64\perf-ReportServer$DATABAZA-rsctr.dll
2011-11-30 20:30:21 ----A---- C:\Windows\system32\perf-ReportServer$DATABAZA-rsctr.dll
2011-11-30 20:29:35 ----A---- C:\Windows\SYSWOW64\perf-MSSQL10_50.DATABAZA-sqlagtctr.dll
2011-11-30 20:29:34 ----A---- C:\Windows\system32\perf-MSSQL10_50.DATABAZA-sqlagtctr.dll
2011-11-30 20:29:20 ----A---- C:\Windows\SYSWOW64\perf-MSSQL$DATABAZA-sqlctr10.50.1600.1.dll
2011-11-30 20:29:19 ----A---- C:\Windows\system32\perf-MSSQL$DATABAZA-sqlctr10.50.1600.1.dll
2011-11-30 20:25:52 ----D---- C:\Windows\system32\RsFx
2011-11-30 20:25:38 ----D---- C:\Program Files\Microsoft Analysis Services
2011-11-30 20:25:04 ----D---- C:\Program Files\Microsoft Visual Studio 9.0
2011-11-30 20:25:04 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 9.0
2011-11-30 20:23:32 ----D---- C:\Windows\system32\1033
2011-11-30 18:23:10 ----D---- C:\Users\zhulo\AppData\Roaming\postgresql
2011-11-30 18:11:11 ----D---- C:\Program Files\PostgreSQL
2011-11-30 17:39:57 ----D---- C:\Program Files\SQLXML 4.0
2011-11-30 17:39:57 ----D---- C:\Program Files (x86)\SQLXML 4.0
2011-11-30 17:34:10 ----D---- C:\Windows\SYSWOW64\1033
2011-11-30 17:16:25 ----D---- C:\Program Files\Microsoft.NET
2011-11-30 17:02:26 ----D---- C:\Program Files (x86)\Microsoft SQL Server
2011-11-30 17:02:04 ----D---- C:\Program Files\Microsoft SQL Server
2011-11-26 12:48:28 ----D---- C:\Users\zhulo\AppData\Roaming\InstallShield
2011-11-26 12:30:59 ----D---- C:\Users\zhulo\AppData\Roaming\Stardock
2011-11-26 12:30:58 ----HDC---- C:\ProgramData\{A3A26C56-02C3-4F76-A033-12EE2FB52AE6}
2011-11-26 12:30:57 ----D---- C:\Program Files (x86)\Stardock
2011-11-26 11:56:35 ----HD---- C:\SPLASH.SYS
2011-11-25 23:43:59 ----D---- C:\Users\zhulo\AppData\Roaming\QIP
2011-11-25 23:32:40 ----D---- C:\Windows\system32\Macromed
2011-11-25 23:01:10 ----A---- C:\Windows\system32\win32k.sys
2011-11-25 23:00:03 ----A---- C:\Windows\system32\drivers\tcpip.sys
2011-11-25 22:59:16 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2011-11-25 22:59:16 ----A---- C:\Windows\SYSWOW64\ieui.dll
2011-11-25 22:59:16 ----A---- C:\Windows\SYSWOW64\iepeers.dll
2011-11-25 22:59:16 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2011-11-25 22:59:16 ----A---- C:\Windows\system32\msfeeds.dll
2011-11-25 22:59:16 ----A---- C:\Windows\system32\ieui.dll
2011-11-25 22:59:16 ----A---- C:\Windows\system32\iepeers.dll
2011-11-25 22:59:15 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2011-11-25 22:59:15 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2011-11-25 22:59:15 ----A---- C:\Windows\system32\mshtmled.dll
2011-11-25 22:59:15 ----A---- C:\Windows\system32\mshtml.dll
2011-11-25 22:59:15 ----A---- C:\Windows\system32\ieframe.dll
2011-11-25 22:59:14 ----A---- C:\Windows\SYSWOW64\mstime.dll
2011-11-25 22:59:14 ----A---- C:\Windows\SYSWOW64\msfeedssync.exe
2011-11-25 22:59:14 ----A---- C:\Windows\SYSWOW64\msfeedsbs.dll
2011-11-25 22:59:14 ----A---- C:\Windows\SYSWOW64\licmgr10.dll
2011-11-25 22:59:14 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2011-11-25 22:59:14 ----A---- C:\Windows\system32\url.dll
2011-11-25 22:59:14 ----A---- C:\Windows\system32\mstime.dll
2011-11-25 22:59:14 ----A---- C:\Windows\system32\msfeedssync.exe
2011-11-25 22:59:14 ----A---- C:\Windows\system32\msfeedsbs.dll
2011-11-25 22:59:14 ----A---- C:\Windows\system32\licmgr10.dll
2011-11-25 22:59:14 ----A---- C:\Windows\system32\iedkcs32.dll
2011-11-25 22:59:13 ----A---- C:\Windows\SYSWOW64\wininet.dll
2011-11-25 22:59:13 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2011-11-25 22:59:13 ----A---- C:\Windows\SYSWOW64\url.dll
2011-11-25 22:59:13 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2011-11-25 22:59:13 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2011-11-25 22:59:13 ----A---- C:\Windows\system32\wininet.dll
2011-11-25 22:59:13 ----A---- C:\Windows\system32\urlmon.dll
2011-11-25 22:59:13 ----A---- C:\Windows\system32\jsproxy.dll
2011-11-25 22:59:13 ----A---- C:\Windows\system32\iertutil.dll
2011-11-25 22:51:14 ----A---- C:\Windows\SYSWOW64\psisdecd.dll
2011-11-25 22:51:13 ----A---- C:\Windows\system32\psisdecd.dll
2011-11-25 22:50:43 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2011-11-25 22:50:43 ----A---- C:\Windows\SYSWOW64\oleacc.dll
2011-11-25 22:50:43 ----A---- C:\Windows\system32\oleaut32.dll
2011-11-25 22:50:43 ----A---- C:\Windows\system32\oleacc.dll
2011-11-25 22:49:46 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2011-11-25 22:49:46 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2011-11-25 22:49:46 ----A---- C:\Windows\system32\ntoskrnl.exe
2011-11-25 22:48:51 ----A---- C:\Windows\SYSWOW64\odbctrac.dll
2011-11-25 22:48:51 ----A---- C:\Windows\SYSWOW64\odbcjt32.dll
2011-11-25 22:48:51 ----A---- C:\Windows\SYSWOW64\odbccu32.dll
2011-11-25 22:48:51 ----A---- C:\Windows\SYSWOW64\odbccr32.dll
2011-11-25 22:48:51 ----A---- C:\Windows\SYSWOW64\odbccp32.dll
2011-11-25 22:48:51 ----A---- C:\Windows\system32\odbctrac.dll
2011-11-25 22:48:51 ----A---- C:\Windows\system32\odbccu32.dll
2011-11-25 22:48:51 ----A---- C:\Windows\system32\odbccr32.dll
2011-11-25 22:48:51 ----A---- C:\Windows\system32\odbccp32.dll
2011-11-25 22:48:24 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2011-11-25 22:48:24 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2011-11-25 22:48:24 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2011-11-25 22:48:24 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2011-11-25 22:48:24 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2011-11-25 22:48:24 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2011-11-25 22:48:24 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2011-11-25 22:48:24 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2011-11-25 22:48:24 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2011-11-25 22:48:24 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2011-11-25 22:48:24 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2011-11-25 22:48:24 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2011-11-25 22:48:24 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2011-11-25 22:48:24 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2011-11-25 22:48:24 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2011-11-25 22:48:24 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2011-11-25 22:48:24 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2011-11-25 22:48:24 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2011-11-25 22:48:24 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2011-11-25 22:48:24 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2011-11-25 22:48:24 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2011-11-25 22:48:24 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2011-11-25 22:48:24 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2011-11-25 22:48:24 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2011-11-25 22:48:24 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2011-11-25 22:48:24 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2011-11-25 22:48:24 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2011-11-25 22:48:24 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2011-11-25 22:48:24 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2011-11-25 22:48:24 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2011-11-25 22:48:24 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2011-11-25 22:48:24 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2011-11-25 22:48:24 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2011-11-25 22:48:24 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2011-11-25 22:48:24 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2011-11-25 22:48:24 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2011-11-25 22:48:24 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2011-11-25 22:48:24 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2011-11-25 22:48:24 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2011-11-25 22:48:24 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2011-11-25 22:48:24 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2011-11-25 22:48:24 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2011-11-25 22:48:24 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2011-11-25 22:48:24 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2011-11-25 22:48:24 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2011-11-25 22:48:24 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2011-11-25 22:48:24 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2011-11-25 22:48:24 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2011-11-25 22:48:24 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2011-11-25 22:48:24 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2011-11-25 22:48:24 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2011-11-25 22:48:24 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2011-11-25 22:48:24 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2011-11-25 22:48:24 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2011-11-25 22:48:24 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2011-11-25 22:48:24 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2011-11-25 22:48:24 ----A---- C:\Windows\SYSWOW64\wow32.dll
2011-11-25 22:48:24 ----A---- C:\Windows\SYSWOW64\user.exe
2011-11-25 22:48:24 ----A---- C:\Windows\SYSWOW64\setup16.exe
2011-11-25 22:48:24 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2011-11-25 22:48:24 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2011-11-25 22:48:24 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2011-11-25 22:48:24 ----A---- C:\Windows\SYSWOW64\instnm.exe
2011-11-25 22:48:24 ----A---- C:\Windows\system32\wow64win.dll
2011-11-25 22:48:24 ----A---- C:\Windows\system32\wow64cpu.dll
2011-11-25 22:48:24 ----A---- C:\Windows\system32\wow64.dll
2011-11-25 22:48:24 ----A---- C:\Windows\system32\winsrv.dll
2011-11-25 22:48:24 ----A---- C:\Windows\system32\ntvdm64.dll
2011-11-25 22:48:24 ----A---- C:\Windows\system32\KernelBase.dll
2011-11-25 22:48:24 ----A---- C:\Windows\system32\kernel32.dll
2011-11-25 22:48:24 ----A---- C:\Windows\system32\conhost.exe
2011-11-25 22:47:55 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2011-11-25 22:47:55 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2011-11-25 22:47:55 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2011-11-25 22:47:32 ----A---- C:\Windows\SYSWOW64\drvinst.exe
2011-11-25 22:47:32 ----A---- C:\Windows\SYSWOW64\devrtl.dll
2011-11-25 22:47:32 ----A---- C:\Windows\SYSWOW64\devobj.dll
2011-11-25 22:47:32 ----A---- C:\Windows\SYSWOW64\cfgmgr32.dll
2011-11-25 22:47:32 ----A---- C:\Windows\system32\umpnpmgr.dll
2011-11-25 22:46:32 ----D---- C:\Program Files (x86)\MSXML 4.0
2011-11-25 22:42:39 ----A---- C:\Windows\system32\drivers\srvnet.sys
2011-11-25 22:42:39 ----A---- C:\Windows\system32\drivers\srv2.sys
2011-11-25 22:42:39 ----A---- C:\Windows\system32\drivers\srv.sys
2011-11-25 22:42:04 ----A---- C:\Windows\system32\drivers\dfsc.sys
2011-11-25 22:41:42 ----A---- C:\Windows\system32\drivers\afd.sys
2011-11-25 22:40:43 ----A---- C:\Windows\SYSWOW64\inetcomm.dll
2011-11-25 22:40:43 ----A---- C:\Windows\system32\inetcomm.dll
2011-11-25 22:40:24 ----A---- C:\Windows\SYSWOW64\dnscacheugc.exe
2011-11-25 22:40:24 ----A---- C:\Windows\SYSWOW64\dnsapi.dll
2011-11-25 22:40:24 ----A---- C:\Windows\system32\dnsrslvr.dll
2011-11-25 22:40:24 ----A---- C:\Windows\system32\dnscacheugc.exe
2011-11-25 22:40:24 ----A---- C:\Windows\system32\dnsapi.dll
2011-11-25 22:40:06 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2011-11-25 22:40:06 ----A---- C:\Windows\SYSWOW64\jscript.dll
2011-11-25 22:40:06 ----A---- C:\Windows\system32\vbscript.dll
2011-11-25 22:40:06 ----A---- C:\Windows\system32\jscript.dll
2011-11-25 22:39:48 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2011-11-25 22:39:48 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2011-11-25 22:39:48 ----A---- C:\Windows\system32\atmlib.dll
2011-11-25 22:39:48 ----A---- C:\Windows\system32\atmfd.dll
2011-11-25 22:39:14 ----A---- C:\Windows\system32\FXSCOVER.exe
2011-11-25 22:39:00 ----A---- C:\Windows\system32\drivers\bowser.sys
2011-11-25 22:38:44 ----A---- C:\Windows\SYSWOW64\mfc42u.dll
2011-11-25 22:38:44 ----A---- C:\Windows\SYSWOW64\mfc42.dll
2011-11-25 22:38:44 ----A---- C:\Windows\system32\mfc42u.dll
2011-11-25 22:38:44 ----A---- C:\Windows\system32\mfc42.dll
2011-11-25 22:38:16 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2011-11-25 22:38:16 ----A---- C:\Windows\SYSWOW64\mstsc.exe
2011-11-25 22:38:16 ----A---- C:\Windows\system32\mstscax.dll
2011-11-25 22:38:16 ----A---- C:\Windows\system32\mstsc.exe
2011-11-25 22:37:55 ----A---- C:\Windows\SYSWOW64\sbe.dll
2011-11-25 22:37:55 ----A---- C:\Windows\SYSWOW64\CPFilters.dll
2011-11-25 22:37:55 ----A---- C:\Windows\system32\sbe.dll
2011-11-25 22:37:55 ----A---- C:\Windows\system32\CPFilters.dll
2011-11-25 22:37:54 ----A---- C:\Windows\SYSWOW64\EncDec.dll
2011-11-25 22:37:54 ----A---- C:\Windows\system32\EncDec.dll
2011-11-25 22:37:20 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2011-11-25 22:37:20 ----A---- C:\Windows\system32\ntdll.dll
2011-11-25 22:36:03 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2011-11-25 22:36:03 ----A---- C:\Windows\system32\kerberos.dll
2011-11-25 22:35:44 ----A---- C:\Windows\SYSWOW64\odbc32.dll
2011-11-25 22:35:44 ----A---- C:\Windows\system32\odbc32.dll
2011-11-25 22:35:28 ----A---- C:\Windows\SYSWOW64\t2embed.dll
2011-11-25 22:35:28 ----A---- C:\Windows\system32\t2embed.dll
2011-11-25 22:35:11 ----A---- C:\Windows\SYSWOW64\ole32.dll
2011-11-25 22:35:11 ----A---- C:\Windows\system32\ole32.dll
2011-11-25 22:34:55 ----A---- C:\Windows\SYSWOW64\mfc40u.dll
2011-11-25 22:34:55 ----A---- C:\Windows\SYSWOW64\mfc40.dll
2011-11-25 22:34:42 ----A---- C:\Windows\SYSWOW64\comctl32.dll
2011-11-25 22:34:42 ----A---- C:\Windows\system32\comctl32.dll
2011-11-25 22:34:26 ----A---- C:\Windows\SYSWOW64\wmpmde.dll
2011-11-25 22:34:26 ----A---- C:\Windows\system32\wmpmde.dll
2011-11-25 22:34:10 ----A---- C:\Windows\SYSWOW64\schannel.dll
2011-11-25 22:34:10 ----A---- C:\Windows\system32\schannel.dll
2011-11-25 22:33:59 ----A---- C:\Windows\system32\consent.exe
2011-11-25 22:33:29 ----A---- C:\Windows\SYSWOW64\webio.dll
2011-11-25 22:33:29 ----A---- C:\Windows\system32\webio.dll
2011-11-25 22:33:10 ----A---- C:\Windows\SYSWOW64\taskschd.dll
2011-11-25 22:33:10 ----A---- C:\Windows\SYSWOW64\taskeng.exe
2011-11-25 22:33:10 ----A---- C:\Windows\SYSWOW64\taskcomp.dll
2011-11-25 22:33:10 ----A---- C:\Windows\SYSWOW64\schtasks.exe
2011-11-25 22:33:10 ----A---- C:\Windows\system32\wmicmiplugin.dll
2011-11-25 22:33:10 ----A---- C:\Windows\system32\taskschd.dll
2011-11-25 22:33:10 ----A---- C:\Windows\system32\taskeng.exe
2011-11-25 22:33:10 ----A---- C:\Windows\system32\taskcomp.dll
2011-11-25 22:33:10 ----A---- C:\Windows\system32\schtasks.exe
2011-11-25 22:33:10 ----A---- C:\Windows\system32\schedsvc.dll
2011-11-25 22:32:25 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2011-11-25 22:32:25 ----A---- C:\Windows\SYSWOW64\wmp.dll
2011-11-25 22:32:25 ----A---- C:\Windows\system32\wmploc.DLL
2011-11-25 22:32:25 ----A---- C:\Windows\system32\wmp.dll
2011-11-25 22:32:08 ----A---- C:\Windows\SYSWOW64\StructuredQuery.dll
2011-11-25 22:32:08 ----A---- C:\Windows\system32\StructuredQuery.dll
2011-11-25 22:31:59 ----A---- C:\Windows\system32\spoolsv.exe
2011-11-25 22:31:46 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2011-11-25 22:31:46 ----A---- C:\Windows\system32\msxml3.dll
2011-11-25 22:31:31 ----A---- C:\Windows\SYSWOW64\rtutils.dll
2011-11-25 22:31:31 ----A---- C:\Windows\system32\rtutils.dll
2011-11-25 22:31:22 ----A---- C:\Windows\SYSWOW64\iccvid.dll
2011-11-25 22:30:55 ----A---- C:\Windows\SYSWOW64\shell32.dll
2011-11-25 22:30:55 ----A---- C:\Windows\system32\shell32.dll
2011-11-25 22:30:42 ----A---- C:\Windows\system32\cdd.dll
2011-11-25 22:30:28 ----A---- C:\Windows\SYSWOW64\asycfilt.dll
2011-11-25 22:30:28 ----A---- C:\Windows\system32\asycfilt.dll
2011-11-25 22:30:13 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2011-11-25 22:30:13 ----A---- C:\Windows\system32\wintrust.dll
2011-11-25 22:30:06 ----A---- C:\Windows\SYSWOW64\cabview.dll
2011-11-25 22:30:06 ----A---- C:\Windows\system32\cabview.dll
2011-11-25 22:29:46 ----A---- C:\Windows\SYSWOW64\tsbyuv.dll
2011-11-25 22:29:46 ----A---- C:\Windows\SYSWOW64\quartz.dll
2011-11-25 22:29:46 ----A---- C:\Windows\SYSWOW64\msyuv.dll
2011-11-25 22:29:46 ----A---- C:\Windows\SYSWOW64\msvidc32.dll
2011-11-25 22:29:46 ----A---- C:\Windows\SYSWOW64\mciavi32.dll
2011-11-25 22:29:46 ----A---- C:\Windows\SYSWOW64\iyuv_32.dll
2011-11-25 22:29:46 ----A---- C:\Windows\SYSWOW64\avifil32.dll
2011-11-25 22:29:46 ----A---- C:\Windows\system32\tsbyuv.dll
2011-11-25 22:29:46 ----A---- C:\Windows\system32\quartz.dll
2011-11-25 22:29:46 ----A---- C:\Windows\system32\msyuv.dll
2011-11-25 22:29:46 ----A---- C:\Windows\system32\iyuv_32.dll
2011-11-25 22:29:45 ----A---- C:\Windows\SYSWOW64\msrle32.dll
2011-11-25 22:29:45 ----A---- C:\Windows\system32\msvidc32.dll
2011-11-25 22:29:45 ----A---- C:\Windows\system32\msrle32.dll
2011-11-25 22:21:23 ----D---- C:\Users\zhulo\AppData\Roaming\IObit
2011-11-25 22:12:42 ----D---- C:\Windows\Profiles
======List of files/folders modified in the last 1 month======
2011-12-23 13:29:51 ----D---- C:\Windows\Prefetch
2011-12-23 13:29:46 ----RD---- C:\Program Files
2011-12-23 13:29:28 ----D---- C:\Windows\Temp
2011-12-23 12:40:48 ----D---- C:\Windows
2011-12-23 12:22:43 ----SHD---- C:\Windows\Installer
2011-12-23 12:22:38 ----HD---- C:\Config.Msi
2011-12-23 12:22:34 ----RD---- C:\Program Files (x86)
2011-12-23 12:22:34 ----D---- C:\ProgramData\Apple Computer
2011-12-23 12:20:57 ----D---- C:\Program Files (x86)\Black_Box
2011-12-23 12:20:56 ----DC---- C:\Windows\system32\DRVSTORE
2011-12-23 12:20:56 ----D---- C:\Windows\SysWOW64
2011-12-23 12:20:56 ----D---- C:\Windows\system32\drivers
2011-12-23 12:20:56 ----D---- C:\Windows\System32
2011-12-23 12:20:09 ----SHD---- C:\System Volume Information
2011-12-23 12:17:40 ----D---- C:\Windows\system32\DriverStore
2011-12-23 12:17:40 ----D---- C:\Windows\system32\catroot
2011-12-23 12:17:40 ----D---- C:\Windows\inf
2011-12-23 12:17:32 ----D---- C:\Program Files\Common Files
2011-12-23 12:16:23 ----D---- C:\Windows\system32\Tasks
2011-12-23 12:13:27 ----D---- C:\Users\zhulo\AppData\Roaming\DAEMON Tools Lite
2011-12-23 12:12:40 ----D---- C:\Windows\Minidump
2011-12-23 12:12:40 ----D---- C:\Windows\Logs
2011-12-23 12:08:35 ----D---- C:\Windows\SYSWOW64\drivers
2011-12-23 12:07:46 ----HD---- C:\ProgramData
2011-12-23 11:24:03 ----D---- C:\Program Files (x86)\Mozilla Firefox
2011-12-23 11:23:39 ----D---- C:\Windows\system32\config
2011-12-23 11:13:36 ----D---- C:\Windows\Tasks
2011-12-23 11:12:59 ----A---- C:\Windows\SYSWOW64\log.txt
2011-12-19 23:40:52 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-12-18 19:01:50 ----D---- C:\Users\zhulo\AppData\Roaming\Skype
2011-12-11 20:29:53 ----D---- C:\Users\zhulo\AppData\Roaming\codeblocks
2011-12-11 19:00:53 ----SD---- C:\Users\zhulo\AppData\Roaming\Microsoft
2011-12-10 23:04:30 ----D---- C:\Users\zhulo\AppData\Roaming\BSplayer
2011-12-10 11:46:00 ----D---- C:\Windows\system32\catroot2
2011-12-09 22:23:31 ----SD---- C:\ProgramData\Microsoft
2011-12-09 15:26:36 ----RSD---- C:\Windows\Fonts
2011-12-08 20:32:11 ----D---- C:\Program Files (x86)\Connectify
2011-12-04 15:15:36 ----D---- C:\Users\zhulo\AppData\Roaming\FileZilla
2011-12-03 20:42:11 ----RSD---- C:\Windows\assembly
2011-12-01 23:53:33 ----D---- C:\Windows\Microsoft.NET
2011-12-01 16:59:51 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2011-12-01 14:32:22 ----D---- C:\Program Files (x86)\CodeBlocks
2011-11-30 20:24:57 ----D---- C:\Program Files\Common Files\Microsoft Shared
2011-11-30 20:24:32 ----D---- C:\Windows\winsxs
2011-11-30 20:23:54 ----D---- C:\Program Files (x86)\Microsoft Office
2011-11-30 18:12:56 ----RD---- C:\Users
2011-11-30 17:50:54 ----D---- C:\Windows\system32\NDF
2011-11-30 17:48:12 ----D---- C:\ProgramData\Microsoft Help
2011-11-30 17:39:40 ----D---- C:\Windows\Registration
2011-11-30 17:34:11 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 8
2011-11-30 17:34:03 ----D---- C:\Program Files (x86)\Common Files
2011-11-30 17:16:27 ----D---- C:\Program Files (x86)\Microsoft.NET
2011-11-30 17:15:26 ----D---- C:\Program Files (x86)\Microsoft Analysis Services
2011-11-29 13:46:53 ----D---- C:\Update
2011-11-26 12:51:25 ----D---- C:\Program Files\Sony
2011-11-26 12:51:09 ----D---- C:\ProgramData\Sony Corporation
2011-11-26 12:49:49 ----D---- C:\Program Files (x86)\SONY
2011-11-26 12:44:38 ----D---- C:\Program Files\Common Files\Sony Shared
2011-11-26 11:56:32 ----D---- C:\Program Files (x86)\Downloaded Installations
2011-11-25 23:43:59 ----D---- C:\Users\zhulo\AppData\Roaming\QipGuard
2011-11-25 23:43:55 ----D---- C:\Program Files (x86)\QIP 2012
2011-11-25 23:31:09 ----D---- C:\Program Files (x86)\Google
2011-11-25 23:29:08 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2011-11-25 23:19:20 ----D---- C:\Program Files\Common Files\System
2011-11-25 23:19:20 ----D---- C:\Program Files (x86)\Internet Explorer
2011-11-25 23:19:19 ----D---- C:\Windows\SYSWOW64\migration
2011-11-25 23:19:19 ----D---- C:\Windows\system32\migration
2011-11-25 23:19:19 ----D---- C:\Program Files\Internet Explorer
2011-11-25 23:19:18 ----D---- C:\Windows\ehome
2011-11-25 23:19:16 ----D---- C:\Windows\AppPatch
2011-11-25 23:19:11 ----D---- C:\Program Files\Windows Mail
2011-11-25 23:19:10 ----D---- C:\Program Files\Windows Media Player
2011-11-25 23:19:10 ----D---- C:\Program Files (x86)\Windows Media Player
2011-11-25 23:19:10 ----D---- C:\Program Files (x86)\Windows Mail
2011-11-25 22:38:25 ----D---- C:\Program Files\DVD Maker
2011-11-25 22:38:24 ----D---- C:\OS
2011-11-25 22:24:48 ----D---- C:\ProgramData\Partner
2011-11-25 22:24:48 ----D---- C:\ProgramData\EA Logs
2011-11-25 00:48:11 ----D---- C:\Users\zhulo\AppData\Roaming\vlc
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iaStor.sys [2009-11-21 537112]
R0 PxHlpa64;PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [2009-05-20 55280]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 214096]
R1 cnnctfy2;Connectify LightWeight Filter; C:\Windows\system32\DRIVERS\cnnctfy2.sys [2011-11-13 31344]
R1 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2011-04-18 189440]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 rimspci;rimspci; C:\Windows\system32\drivers\rimssne64.sys [2009-11-06 93696]
R2 risdsnpe;risdsnpe; C:\Windows\system32\drivers\risdsne64.sys [2009-09-15 75776]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-10-08 6661120]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2010-10-08 195584]
R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\Windows\system32\DRIVERS\Apfiltr.sys [2009-11-04 253488]
R3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect; C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys [2009-05-26 19968]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2009-11-12 1542656]
R3 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2011-10-03 270912]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-12-14 56344]
R3 Impcd;Impcd; C:\Windows\system32\drivers\Impcd.sys [2009-11-13 151936]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2009-12-16 2212640]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2011-08-31 25416]
R3 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2011-04-27 84864]
R3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIVX.sys [2009-12-16 213280]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-10-09 109056]
R3 SFEP;Sony Firmware Extension Parser; C:\Windows\system32\drivers\SFEP.sys [2009-08-19 11392]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
R4 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys []
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-10-08 6661120]
S3 BthEnum;Bluetooth Enumerator Service; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2009-07-14 551936]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2009-07-14 79360]
S3 btusbflt;Bluetooth USB Filter; C:\Windows\system32\drivers\btusbflt.sys [2009-11-18 52264]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2009-11-18 98344]
S3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\drivers\btwavdt.sys [2009-11-18 132648]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2009-11-18 35104]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2009-11-18 21160]
S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 145920]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2009-07-14 19968]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 43008]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2011-05-13 48488]
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2009-12-16 7778176]
S3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2009-12-16 244736]
S3 MpNWMon;Microsoft Malware Protection Network Driver; C:\Windows\system32\DRIVERS\MpNWMon.sys [2011-04-18 40832]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2011-05-10 51712]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 41984]
S4 RsFx0150;RsFx0150 Driver; C:\Windows\system32\DRIVERS\RsFx0150.sys [2010-04-03 313696]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2010-10-08 202752]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2009-09-04 873248]
R2 Connectify;Connectify; C:\Program Files (x86)\Connectify\ConnectifyService.exe [2011-12-01 69632]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2009-11-21 13336]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2009-12-14 268824]
R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-08-31 366152]
R2 MsDtsServer;SQL Server Integration Services; C:\Program Files\Microsoft SQL Server\90\DTS\Binn\MsDtsSrvr.exe [2005-10-14 195288]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe [2011-04-27 12784]
R2 MSSQLSERVER;SQL Server (MSSQLSERVER); C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2005-10-14 39379672]
R2 MSSQLServerOLAPService;SQL Server Analysis Services (MSSQLSERVER); C:\Program Files\Microsoft SQL Server\MSSQL.2\OLAP\bin\msmdsrv.exe [2005-10-14 29323480]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider; c:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2009-10-24 360224]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 QipGuard;QipGuard; C:\Program Files (x86)\QipGuard\QipGuard.exe [2011-11-23 191440]
R2 SampleCollector;VAIO Care Performance Service; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [2011-01-29 259192]
R2 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2010-04-03 146272]
R2 uCamMonitor;CamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2008-09-18 104960]
R2 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-12-14 2320920]
R2 VAIO Event Service;VAIO Event Service; C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe [2010-05-28 205168]
R2 VCFw;VAIO Content Folder Watcher; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2011-01-20 887000]
R2 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager; C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2011-05-19 549616]
R2 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager; C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2010-10-25 387896]
R2 VSNService;VSNService; C:\Program Files\Sony\VAIO Smart Network\VSNService.exe [2010-08-11 845312]
R3 NisSrv;@C:\Program Files\Microsoft Security Client\Antimalware\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-04-27 288272]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 SpfService;VAIO Entertainment Common Service; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [2011-01-20 286936]
R3 VAIO Power Management;VAIO Power Management; C:\Program Files\Sony\VAIO Power Management\SPMService.exe [2009-11-30 571248]
R3 VCService;VCService; C:\Program Files\Sony\VAIO Care\VCService.exe [2011-02-14 44736]
R3 VUAgent;VUAgent; C:\Program Files\Sony\VAIO Update Common\VUAgent.exe [2011-09-23 1429608]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-10-11 136176]
S2 msftesql;SQL Server FullText Search (MSSQLSERVER); C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\msftesql.exe [2005-08-26 155856]
S2 Roxio Upnp Server 10;Roxio Upnp Server 10; C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe [2009-08-31 362992]
S2 SQLAgent$DATABAZA;SQL Server Agent (DATABAZA); C:\Program Files\Microsoft SQL Server\MSSQL10_50.DATABAZA\MSSQL\Binn\SQLAGENT.EXE [2010-04-03 428384]
S3 ACDaemon;ArcSoft Connect Daemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2011-05-13 1492840]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-10-11 136176]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
S3 MSSQLFDLauncher$DATABAZA;SQL Full-text Filter Daemon Launcher (DATABAZA); C:\Program Files\Microsoft SQL Server\MSSQL10_50.DATABAZA\MSSQL\Binn\fdlauncher.exe [2010-04-03 32096]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 Roxio UPnP Renderer 10;Roxio UPnP Renderer 10; C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [2009-08-31 313840]
S3 SOHCImp;VAIO Media plus Content Importer; C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2010-09-10 108400]
S3 SOHDms;VAIO Media plus Digital Media Server; C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2010-10-12 423280]
S3 SOHDs;VAIO Media plus Device Searcher; C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2010-09-10 67952]
S3 SQLSERVERAGENT;SQL Server Agent (MSSQLSERVER); C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\SQLAGENT90.EXE [2005-10-14 389848]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S3 VAIO Entertainment TV Device Arbitration Service;VAIO Entertainment TV Device Arbitration Service; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe [2010-09-27 74496]
S3 VcmXmlIfHelper;VAIO Content Metadata XML Interface; C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2011-02-18 99104]
S4 MSOLAP$DATABAZA;SQL Server Analysis Services (DATABAZA); C:\Program Files\Microsoft SQL Server\MSAS10_50.DATABAZA\OLAP\bin\msmdsrv.exe [2010-04-03 54568288]
S4 MSSQL$DATABAZA;SQL Server (DATABAZA); C:\Program Files\Microsoft SQL Server\MSSQL10_50.DATABAZA\MSSQL\Binn\sqlservr.exe [2010-04-03 61913952]
S4 MSSQLServerADHelper;SQL Server Active Directory Helper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2005-10-14 64216]
S4 MSSQLServerADHelper100;SQL Active Directory Helper Service; C:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2010-04-03 59744]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 ReportServer$DATABAZA;SQL Server Reporting Services (DATABAZA); C:\Program Files\Microsoft SQL Server\MSRS10_50.DATABAZA\Reporting Services\ReportServer\bin\ReportingServicesService.exe [2010-04-03 2175328]
S4 SQLBrowser;SQL Server Browser; C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2010-04-03 267616]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Odstranenie viru
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Odstranenie viru
Zdravim a pekny den preji 
Kde MSE havet nachazi
Kde MSE havet nachazi
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen
od 1. února 2011.
Člen
od 1. února 2011.Re: Odstranenie viru
V Temp zložke a v Local (C:\Users\používateľ\AppData\Local).
Temp zložku som samozrejme aj prečistil, no ono sa to tam nanovo nakopiruje.
Temp zložku som samozrejme aj prečistil, no ono sa to tam nanovo nakopiruje.
Re: Odstranenie viru
Stahnete RogueKiller http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe
- Ukoncete vsechny programy
- Pokud pouzivate Win Vista ci W7, kliknete na RogueKiller pravym a dejte Run As Administrator ci Spustit jako spravce
- Zvolte moznost 2 a potvrte enterem
- Utilita provede svou cinnost a da log - ten sem vlozte
- Nyni znovu, ale zvolte moznost 3 a pote jeste 4 - logy opet vlozte
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Odstranenie viru
RogueKiller V6.2.0 [12/12/2011] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo.com/forum/files/fi ... guekiller/
Blog: http://tigzyrk.blogspot.com
Operating System: Windows 7 (6.1.7600 ) 64 bits version
Started in : Normal mode
User: zhulo [Admin rights]
Mode: Remove -- Date : 12/23/2011 14:18:20
¤¤¤ Bad processes: 1 ¤¤¤
[SUSP PATH] QipGuard.exe -- C:\Users\zhulo\AppData\Roaming\QipGuard\QipGuard.exe -> KILLED [TermProc]
¤¤¤ Registry Entries: 6 ¤¤¤
[SUSP PATH] HKCU\[...]\Run : QIP Internet Guardian (C:\Users\zhulo\AppData\Roaming\QipGuard\QipGuard.exe /p) -> DELETED
[PROXY IE] HKCU\[...]\Internet Settings : ProxyServer (http=127.0.0.1:61515) -> NOT REMOVED, USE PROXYFIX
[HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> REPLACED (2)
[HJ] HKLM\[...]\System : EnableLUA (0) -> REPLACED (1)
[HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)
¤¤¤ Particular Files / Folders: ¤¤¤
¤¤¤ Driver: [NOT LOADED] ¤¤¤
¤¤¤ Infection : ¤¤¤
¤¤¤ HOSTS File: ¤¤¤
¤¤¤ MBR Check: ¤¤¤
--- User ---
[MBR] cd372bfde8daeb3eebeb34ded873c533
[BSP] e074189627cd9bd15c55848626c078a6 : MBR Code unknown
Partition table:
0 - [XXXXXX] NTFS [HIDDEN!] Offset (sectors): 2048 | Size: 15282 Mo
1 - [ACTIVE] NTFS [VISIBLE] Offset (sectors): 29851648 | Size: 104 Mo
2 - [XXXXXX] NTFS [VISIBLE] Offset (sectors): 30056448 | Size: 170144 Mo
3 - [XXXXXX] UNKNW [VISIBLE] Offset (sectors): 362369024 | Size: 314573 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Finished : << RKreport[1].txt >>
RKreport[1].txt
___________________________________________________________________________
RogueKiller V6.2.0 [12/12/2011] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo.com/forum/files/fi ... guekiller/
Blog: http://tigzyrk.blogspot.com
Operating System: Windows 7 (6.1.7600 ) 64 bits version
Started in : Normal mode
User: zhulo [Admin rights]
Mode: HOSTSFix -- Date : 12/23/2011 14:19:11
¤¤¤ Bad processes: 0 ¤¤¤
¤¤¤ Driver: [NOT LOADED] ¤¤¤
¤¤¤ HOSTS File: ¤¤¤
¤¤¤ Resetted HOSTS: ¤¤¤
127.0.0.1 localhost
Finished : << RKreport[2].txt >>
RKreport[1].txt ; RKreport[2].txt
___________________________________________________________________________
RogueKiller V6.2.0 [12/12/2011] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo.com/forum/files/fi ... guekiller/
Blog: http://tigzyrk.blogspot.com
Operating System: Windows 7 (6.1.7600 ) 64 bits version
Started in : Normal mode
User: zhulo [Admin rights]
Mode: ProxyFix -- Date : 12/23/2011 14:19:27
¤¤¤ Bad processes: 0 ¤¤¤
¤¤¤ Driver: [NOT LOADED] ¤¤¤
¤¤¤ Registry Entries: 1 ¤¤¤
[PROXY IE] HKCU\[...]\Internet Settings : ProxyServer (http=127.0.0.1:61515) -> DELETED
Finished : << RKreport[3].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo.com/forum/files/fi ... guekiller/
Blog: http://tigzyrk.blogspot.com
Operating System: Windows 7 (6.1.7600 ) 64 bits version
Started in : Normal mode
User: zhulo [Admin rights]
Mode: Remove -- Date : 12/23/2011 14:18:20
¤¤¤ Bad processes: 1 ¤¤¤
[SUSP PATH] QipGuard.exe -- C:\Users\zhulo\AppData\Roaming\QipGuard\QipGuard.exe -> KILLED [TermProc]
¤¤¤ Registry Entries: 6 ¤¤¤
[SUSP PATH] HKCU\[...]\Run : QIP Internet Guardian (C:\Users\zhulo\AppData\Roaming\QipGuard\QipGuard.exe /p) -> DELETED
[PROXY IE] HKCU\[...]\Internet Settings : ProxyServer (http=127.0.0.1:61515) -> NOT REMOVED, USE PROXYFIX
[HJ] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> REPLACED (2)
[HJ] HKLM\[...]\System : EnableLUA (0) -> REPLACED (1)
[HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)
¤¤¤ Particular Files / Folders: ¤¤¤
¤¤¤ Driver: [NOT LOADED] ¤¤¤
¤¤¤ Infection : ¤¤¤
¤¤¤ HOSTS File: ¤¤¤
¤¤¤ MBR Check: ¤¤¤
--- User ---
[MBR] cd372bfde8daeb3eebeb34ded873c533
[BSP] e074189627cd9bd15c55848626c078a6 : MBR Code unknown
Partition table:
0 - [XXXXXX] NTFS [HIDDEN!] Offset (sectors): 2048 | Size: 15282 Mo
1 - [ACTIVE] NTFS [VISIBLE] Offset (sectors): 29851648 | Size: 104 Mo
2 - [XXXXXX] NTFS [VISIBLE] Offset (sectors): 30056448 | Size: 170144 Mo
3 - [XXXXXX] UNKNW [VISIBLE] Offset (sectors): 362369024 | Size: 314573 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Finished : << RKreport[1].txt >>
RKreport[1].txt
___________________________________________________________________________
RogueKiller V6.2.0 [12/12/2011] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo.com/forum/files/fi ... guekiller/
Blog: http://tigzyrk.blogspot.com
Operating System: Windows 7 (6.1.7600 ) 64 bits version
Started in : Normal mode
User: zhulo [Admin rights]
Mode: HOSTSFix -- Date : 12/23/2011 14:19:11
¤¤¤ Bad processes: 0 ¤¤¤
¤¤¤ Driver: [NOT LOADED] ¤¤¤
¤¤¤ HOSTS File: ¤¤¤
¤¤¤ Resetted HOSTS: ¤¤¤
127.0.0.1 localhost
Finished : << RKreport[2].txt >>
RKreport[1].txt ; RKreport[2].txt
___________________________________________________________________________
RogueKiller V6.2.0 [12/12/2011] by Tigzy
mail: tigzyRK<at>gmail<dot>com
Feedback: http://www.geekstogo.com/forum/files/fi ... guekiller/
Blog: http://tigzyrk.blogspot.com
Operating System: Windows 7 (6.1.7600 ) 64 bits version
Started in : Normal mode
User: zhulo [Admin rights]
Mode: ProxyFix -- Date : 12/23/2011 14:19:27
¤¤¤ Bad processes: 0 ¤¤¤
¤¤¤ Driver: [NOT LOADED] ¤¤¤
¤¤¤ Registry Entries: 1 ¤¤¤
[PROXY IE] HKCU\[...]\Internet Settings : ProxyServer (http=127.0.0.1:61515) -> DELETED
Finished : << RKreport[3].txt >>
RKreport[1].txt ; RKreport[2].txt ; RKreport[3].txt
Re: Odstranenie viru
Udelejte tyto kroky dle kolegy
Naughty píše:
- spusť
- klik na volbu change parameters
- označ dole obě možnosti (klik do čtverečku)
- klik na Start scan
- po ukončení kontroly objeví se okno, kde zkontroluj, zda-li nacházi všude volby Skip
- pokud ano klik na Continue
- pokud ne, v řádcích kde není uprav na Skip, nyní klik na Continue
- na disku C se objeví textový soubor majicí přibližně tvar TDSSKiller.2.6.2.0_27.09.2011_10.16.46_log
- obsah logu vlož do příspěvku.
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Odstranenie viru
14:32:58.0480 0980 TDSS rootkit removing tool 2.6.25.0 Dec 23 2011 14:51:16
14:32:58.0629 0980 ============================================================
14:32:58.0630 0980 Current date / time: 2011/12/23 14:32:58.0629
14:32:58.0630 0980 SystemInfo:
14:32:58.0630 0980
14:32:58.0630 0980 OS Version: 6.1.7600 ServicePack: 0.0
14:32:58.0630 0980 Product type: Workstation
14:32:58.0630 0980 ComputerName: ZHULO-VAIO
14:32:58.0630 0980 UserName: zhulo
14:32:58.0630 0980 Windows directory: C:\Windows
14:32:58.0630 0980 System windows directory: C:\Windows
14:32:58.0630 0980 Running under WOW64
14:32:58.0630 0980 Processor architecture: Intel x64
14:32:58.0630 0980 Number of processors: 4
14:32:58.0630 0980 Page size: 0x1000
14:32:58.0630 0980 Boot type: Normal boot
14:32:58.0630 0980 ============================================================
14:32:59.0037 0980 Initialize success
14:33:23.0984 1736 ============================================================
14:33:23.0984 1736 Scan started
14:33:23.0985 1736 Mode: Manual; SigCheck; TDLFS;
14:33:23.0985 1736 ============================================================
14:33:24.0324 1736 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\drivers\1394ohci.sys
14:33:24.0471 1736 1394ohci - ok
14:33:24.0590 1736 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\drivers\ACPI.sys
14:33:24.0622 1736 ACPI - ok
14:33:24.0725 1736 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\drivers\acpipmi.sys
14:33:24.0769 1736 AcpiPmi - ok
14:33:24.0891 1736 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
14:33:24.0933 1736 adp94xx - ok
14:33:25.0039 1736 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
14:33:25.0067 1736 adpahci - ok
14:33:25.0169 1736 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
14:33:25.0200 1736 adpu320 - ok
14:33:25.0318 1736 AFD (6ef20ddf3172e97d69f596fb90602f29) C:\Windows\system32\drivers\afd.sys
14:33:25.0393 1736 AFD - ok
14:33:25.0507 1736 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
14:33:25.0530 1736 agp440 - ok
14:33:25.0646 1736 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
14:33:25.0669 1736 aliide - ok
14:33:25.0794 1736 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
14:33:25.0814 1736 amdide - ok
14:33:25.0912 1736 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
14:33:25.0956 1736 AmdK8 - ok
14:33:26.0200 1736 amdkmdag (ea244a8b88de8b5986bf3b7903b063af) C:\Windows\system32\DRIVERS\atikmdag.sys
14:33:26.0442 1736 amdkmdag - ok
14:33:26.0568 1736 amdkmdap (dca6e341a4a7c31ea8a14c6166c9b249) C:\Windows\system32\DRIVERS\atikmpag.sys
14:33:26.0635 1736 amdkmdap - ok
14:33:26.0736 1736 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
14:33:26.0785 1736 AmdPPM - ok
14:33:26.0895 1736 amdsata (7a4b413614c055935567cf88a9734d38) C:\Windows\system32\drivers\amdsata.sys
14:33:26.0923 1736 amdsata - ok
14:33:27.0037 1736 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
14:33:27.0064 1736 amdsbs - ok
14:33:27.0169 1736 amdxata (b4ad0cacbab298671dd6f6ef7e20679d) C:\Windows\system32\drivers\amdxata.sys
14:33:27.0193 1736 amdxata - ok
14:33:27.0314 1736 ApfiltrService (1661f9c9e4b0049fa0a5e30264375a87) C:\Windows\system32\DRIVERS\Apfiltr.sys
14:33:27.0373 1736 ApfiltrService - ok
14:33:27.0468 1736 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
14:33:27.0571 1736 AppID - ok
14:33:27.0679 1736 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
14:33:27.0703 1736 arc - ok
14:33:27.0808 1736 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
14:33:27.0832 1736 arcsas - ok
14:33:27.0943 1736 ArcSoftKsUFilter (c130bc4a51b1382b2be8e44579ec4c0a) C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys
14:33:27.0965 1736 ArcSoftKsUFilter - ok
14:33:28.0103 1736 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
14:33:28.0184 1736 AsyncMac - ok
14:33:28.0298 1736 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
14:33:28.0320 1736 atapi - ok
14:33:28.0457 1736 athr (0acc06fcf46f64ed4f11e57ee461c1f4) C:\Windows\system32\DRIVERS\athrx.sys
14:33:28.0533 1736 athr - ok
14:33:28.0784 1736 atikmdag (ea244a8b88de8b5986bf3b7903b063af) C:\Windows\system32\DRIVERS\atikmdag.sys
14:33:28.0871 1736 atikmdag - ok
14:33:29.0012 1736 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
14:33:29.0076 1736 b06bdrv - ok
14:33:29.0179 1736 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
14:33:29.0227 1736 b57nd60a - ok
14:33:29.0337 1736 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
14:33:29.0404 1736 Beep - ok
14:33:29.0502 1736 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys
14:33:29.0544 1736 blbdrive - ok
14:33:29.0636 1736 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys
14:33:29.0688 1736 bowser - ok
14:33:29.0793 1736 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
14:33:29.0849 1736 BrFiltLo - ok
14:33:29.0942 1736 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
14:33:29.0990 1736 BrFiltUp - ok
14:33:30.0093 1736 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
14:33:30.0144 1736 Brserid - ok
14:33:30.0255 1736 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
14:33:30.0302 1736 BrSerWdm - ok
14:33:30.0460 1736 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
14:33:30.0512 1736 BrUsbMdm - ok
14:33:30.0607 1736 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
14:33:30.0641 1736 BrUsbSer - ok
14:33:30.0753 1736 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\DRIVERS\BthEnum.sys
14:33:30.0796 1736 BthEnum - ok
14:33:30.0891 1736 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
14:33:30.0927 1736 BTHMODEM - ok
14:33:31.0024 1736 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
14:33:31.0071 1736 BthPan - ok
14:33:31.0178 1736 BTHPORT (a51fa9d0e85d5adabef72e67f386309c) C:\Windows\system32\Drivers\BTHport.sys
14:33:31.0235 1736 BTHPORT - ok
14:33:31.0348 1736 BTHUSB (f740b9a16b2c06700f2130e19986bf3b) C:\Windows\system32\Drivers\BTHUSB.sys
14:33:31.0384 1736 BTHUSB - ok
14:33:31.0483 1736 btusbflt (6e04458e98daf28826482e41a7a62df5) C:\Windows\system32\drivers\btusbflt.sys
14:33:31.0502 1736 btusbflt - ok
14:33:31.0604 1736 btwaudio (4bdbdb86abba924e029fb2683be7c505) C:\Windows\system32\drivers\btwaudio.sys
14:33:31.0638 1736 btwaudio - ok
14:33:31.0767 1736 btwavdt (5c849bd7c78791c5cee9f4651d7fe38d) C:\Windows\system32\drivers\btwavdt.sys
14:33:31.0803 1736 btwavdt - ok
14:33:31.0925 1736 btwl2cap (6149301dc3f81d6f9667a3fbac410975) C:\Windows\system32\DRIVERS\btwl2cap.sys
14:33:31.0953 1736 btwl2cap - ok
14:33:32.0048 1736 btwrchid (3e1991afa851a36dc978b0a1b0535c8b) C:\Windows\system32\DRIVERS\btwrchid.sys
14:33:32.0083 1736 btwrchid - ok
14:33:32.0181 1736 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
14:33:32.0254 1736 cdfs - ok
14:33:32.0359 1736 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
14:33:32.0410 1736 cdrom - ok
14:33:32.0531 1736 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
14:33:32.0576 1736 circlass - ok
14:33:32.0678 1736 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
14:33:32.0713 1736 CLFS - ok
14:33:32.0839 1736 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
14:33:32.0885 1736 CmBatt - ok
14:33:32.0966 1736 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
14:33:32.0987 1736 cmdide - ok
14:33:33.0093 1736 CNG (f95fd4cb7da00ba2a63ce9f6b5c053e1) C:\Windows\system32\Drivers\cng.sys
14:33:33.0135 1736 CNG - ok
14:33:33.0223 1736 cnnctfy2 (040ff3b09f26926a3792e047db0f47dd) C:\Windows\system32\DRIVERS\cnnctfy2.sys
14:33:33.0249 1736 cnnctfy2 - ok
14:33:33.0354 1736 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
14:33:33.0376 1736 Compbatt - ok
14:33:33.0490 1736 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\drivers\CompositeBus.sys
14:33:33.0537 1736 CompositeBus - ok
14:33:33.0661 1736 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
14:33:33.0683 1736 crcdisk - ok
14:33:33.0820 1736 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys
14:33:33.0859 1736 DfsC - ok
14:33:33.0960 1736 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
14:33:34.0023 1736 discache - ok
14:33:34.0124 1736 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
14:33:34.0151 1736 Disk - ok
14:33:34.0270 1736 Dot4 (b42ed0320c6e41102fde0005154849bb) C:\Windows\system32\DRIVERS\Dot4.sys
14:33:34.0315 1736 Dot4 - ok
14:33:34.0411 1736 Dot4Print (85135ad27e79b689335c08167d917cde) C:\Windows\system32\DRIVERS\Dot4Prt.sys
14:33:34.0459 1736 Dot4Print - ok
14:33:34.0554 1736 dot4usb (fd05a02b0370bc3000f402e543ca5814) C:\Windows\system32\DRIVERS\dot4usb.sys
14:33:34.0606 1736 dot4usb - ok
14:33:34.0735 1736 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
14:33:34.0777 1736 drmkaud - ok
14:33:34.0885 1736 dtsoftbus01 (d3d64cf7b2bceaa34a270f45a3fffb36) C:\Windows\system32\DRIVERS\dtsoftbus01.sys
14:33:34.0917 1736 dtsoftbus01 - ok
14:33:35.0046 1736 DXGKrnl (ebce0b0924835f635f620d19f0529dce) C:\Windows\System32\drivers\dxgkrnl.sys
14:33:35.0094 1736 DXGKrnl - ok
14:33:35.0256 1736 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
14:33:35.0368 1736 ebdrv - ok
14:33:35.0494 1736 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
14:33:35.0536 1736 elxstor - ok
14:33:35.0627 1736 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
14:33:35.0669 1736 ErrDev - ok
14:33:35.0772 1736 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
14:33:35.0852 1736 exfat - ok
14:33:35.0942 1736 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
14:33:36.0006 1736 fastfat - ok
14:33:36.0107 1736 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
14:33:36.0162 1736 fdc - ok
14:33:36.0266 1736 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
14:33:36.0294 1736 FileInfo - ok
14:33:36.0384 1736 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
14:33:36.0454 1736 Filetrace - ok
14:33:36.0594 1736 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
14:33:36.0648 1736 flpydisk - ok
14:33:36.0755 1736 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
14:33:36.0791 1736 FltMgr - ok
14:33:36.0899 1736 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
14:33:36.0924 1736 FsDepends - ok
14:33:37.0020 1736 fssfltr (dc0dce4ec2c5d2cf6472f9fd6aa9a7dc) C:\Windows\system32\DRIVERS\fssfltr.sys
14:33:37.0042 1736 fssfltr - ok
14:33:37.0142 1736 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
14:33:37.0166 1736 Fs_Rec - ok
14:33:37.0278 1736 fvevol (b8b2a6e1558f8f5de5ce431c5b2c7b09) C:\Windows\system32\DRIVERS\fvevol.sys
14:33:37.0309 1736 fvevol - ok
14:33:37.0405 1736 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
14:33:37.0431 1736 gagp30kx - ok
14:33:37.0560 1736 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
14:33:37.0610 1736 hcw85cir - ok
14:33:37.0728 1736 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys
14:33:37.0794 1736 HdAudAddService - ok
14:33:37.0893 1736 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\drivers\HDAudBus.sys
14:33:37.0941 1736 HDAudBus - ok
14:33:38.0042 1736 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys
14:33:38.0065 1736 HECIx64 - ok
14:33:38.0145 1736 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
14:33:38.0180 1736 HidBatt - ok
14:33:38.0292 1736 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
14:33:38.0350 1736 HidBth - ok
14:33:38.0441 1736 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
14:33:38.0492 1736 HidIr - ok
14:33:38.0597 1736 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
14:33:38.0650 1736 HidUsb - ok
14:33:38.0765 1736 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\drivers\HpSAMD.sys
14:33:38.0790 1736 HpSAMD - ok
14:33:38.0898 1736 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
14:33:38.0971 1736 HTTP - ok
14:33:39.0064 1736 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
14:33:39.0086 1736 hwpolicy - ok
14:33:39.0193 1736 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
14:33:39.0227 1736 i8042prt - ok
14:33:39.0336 1736 iaStor (073a606333b6f7bbf20aa856df7f0997) C:\Windows\system32\drivers\iaStor.sys
14:33:39.0374 1736 iaStor - ok
14:33:39.0493 1736 iaStorV (d83efb6fd45df9d55e9a1afc63640d50) C:\Windows\system32\drivers\iaStorV.sys
14:33:39.0529 1736 iaStorV - ok
14:33:39.0813 1736 igfx (31d1aff484d8a0906cf8d44251ec390f) C:\Windows\system32\DRIVERS\igdkmd64.sys
14:33:40.0240 1736 igfx ( UnsignedFile.Multi.Generic ) - warning
14:33:40.0240 1736 igfx - detected UnsignedFile.Multi.Generic (1)
14:33:40.0340 1736 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
14:33:40.0364 1736 iirsp - ok
14:33:40.0486 1736 Impcd (36fdf367a1dabff903e2214023d71368) C:\Windows\system32\drivers\Impcd.sys
14:33:40.0515 1736 Impcd - ok
14:33:40.0694 1736 IntcAzAudAddService (0f144e5f46cb9043004b5e84aa4bca6a) C:\Windows\system32\drivers\RTKVHD64.sys
14:33:40.0759 1736 IntcAzAudAddService - ok
14:33:40.0874 1736 IntcDAud (408b401cd7cdb075c7470b0ff7ba8d0b) C:\Windows\system32\DRIVERS\IntcDAud.sys
14:33:40.0908 1736 IntcDAud ( UnsignedFile.Multi.Generic ) - warning
14:33:40.0908 1736 IntcDAud - detected UnsignedFile.Multi.Generic (1)
14:33:40.0989 1736 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
14:33:41.0011 1736 intelide - ok
14:33:41.0106 1736 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
14:33:41.0140 1736 intelppm - ok
14:33:41.0229 1736 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:33:41.0309 1736 IpFilterDriver - ok
14:33:41.0391 1736 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\drivers\IPMIDrv.sys
14:33:41.0431 1736 IPMIDRV - ok
14:33:41.0538 1736 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
14:33:41.0609 1736 IPNAT - ok
14:33:41.0702 1736 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
14:33:41.0746 1736 IRENUM - ok
14:33:41.0835 1736 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
14:33:41.0860 1736 isapnp - ok
14:33:41.0952 1736 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\drivers\msiscsi.sys
14:33:41.0984 1736 iScsiPrt - ok
14:33:42.0082 1736 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
14:33:42.0105 1736 kbdclass - ok
14:33:42.0200 1736 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
14:33:42.0244 1736 kbdhid - ok
14:33:42.0339 1736 KSecDD (e8b6fcc9c83535c67f835d407620bd27) C:\Windows\system32\Drivers\ksecdd.sys
14:33:42.0368 1736 KSecDD - ok
14:33:42.0463 1736 KSecPkg (bbe1bf6d9b661c354d4857d5fadb943b) C:\Windows\system32\Drivers\ksecpkg.sys
14:33:42.0494 1736 KSecPkg - ok
14:33:42.0587 1736 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
14:33:42.0657 1736 ksthunk - ok
14:33:42.0775 1736 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
14:33:42.0857 1736 lltdio - ok
14:33:42.0994 1736 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
14:33:43.0020 1736 LSI_FC - ok
14:33:43.0127 1736 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
14:33:43.0155 1736 LSI_SAS - ok
14:33:43.0261 1736 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
14:33:43.0287 1736 LSI_SAS2 - ok
14:33:43.0403 1736 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
14:33:43.0431 1736 LSI_SCSI - ok
14:33:43.0534 1736 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
14:33:43.0601 1736 luafv - ok
14:33:43.0732 1736 MBAMProtector (23a854450dab5c9b7a42ab9be6f2e4bd) C:\Windows\system32\drivers\mbam.sys
14:33:43.0758 1736 MBAMProtector - ok
14:33:43.0864 1736 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
14:33:43.0886 1736 megasas - ok
14:33:43.0985 1736 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
14:33:44.0020 1736 MegaSR - ok
14:33:44.0122 1736 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
14:33:44.0191 1736 Modem - ok
14:33:44.0283 1736 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
14:33:44.0325 1736 monitor - ok
14:33:44.0445 1736 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
14:33:44.0470 1736 mouclass - ok
14:33:44.0577 1736 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
14:33:44.0628 1736 mouhid - ok
14:33:44.0729 1736 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
14:33:44.0755 1736 mountmgr - ok
14:33:44.0849 1736 MpFilter (c177a7ebf5e8a0b596f618870516cab8) C:\Windows\system32\DRIVERS\MpFilter.sys
14:33:44.0881 1736 MpFilter - ok
14:33:44.0977 1736 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\drivers\mpio.sys
14:33:45.0006 1736 mpio - ok
14:33:45.0104 1736 MpNWMon (8fbf6b31fe8af1833d93c5913d5b4d55) C:\Windows\system32\DRIVERS\MpNWMon.sys
14:33:45.0127 1736 MpNWMon - ok
14:33:45.0217 1736 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
14:33:45.0296 1736 mpsdrv - ok
14:33:45.0392 1736 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
14:33:45.0441 1736 MRxDAV - ok
14:33:45.0537 1736 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys
14:33:45.0588 1736 mrxsmb - ok
14:33:45.0698 1736 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:33:45.0745 1736 mrxsmb10 - ok
14:33:45.0848 1736 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:33:45.0900 1736 mrxsmb20 - ok
14:33:46.0001 1736 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\drivers\msahci.sys
14:33:46.0027 1736 msahci - ok
14:33:46.0115 1736 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\drivers\msdsm.sys
14:33:46.0145 1736 msdsm - ok
14:33:46.0258 1736 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
14:33:46.0317 1736 Msfs - ok
14:33:46.0418 1736 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
14:33:46.0494 1736 mshidkmdf - ok
14:33:46.0583 1736 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
14:33:46.0607 1736 msisadrv - ok
14:33:46.0734 1736 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
14:33:46.0803 1736 MSKSSRV - ok
14:33:46.0924 1736 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
14:33:46.0989 1736 MSPCLOCK - ok
14:33:47.0101 1736 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
14:33:47.0172 1736 MSPQM - ok
14:33:47.0265 1736 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
14:33:47.0298 1736 MsRPC - ok
14:33:47.0404 1736 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
14:33:47.0426 1736 mssmbios - ok
14:33:47.0564 1736 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
14:33:47.0617 1736 MSTEE - ok
14:33:47.0707 1736 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
14:33:47.0742 1736 MTConfig - ok
14:33:47.0824 1736 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
14:33:47.0850 1736 Mup - ok
14:33:47.0972 1736 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
14:33:48.0025 1736 NativeWifiP - ok
14:33:48.0162 1736 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
14:33:48.0211 1736 NDIS - ok
14:33:48.0324 1736 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
14:33:48.0395 1736 NdisCap - ok
14:33:48.0520 1736 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
14:33:48.0594 1736 NdisTapi - ok
14:33:48.0691 1736 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
14:33:48.0759 1736 Ndisuio - ok
14:33:48.0858 1736 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
14:33:48.0931 1736 NdisWan - ok
14:33:49.0017 1736 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
14:33:49.0100 1736 NDProxy - ok
14:33:49.0217 1736 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
14:33:49.0274 1736 NetBIOS - ok
14:33:49.0363 1736 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
14:33:49.0452 1736 NetBT - ok
14:33:49.0585 1736 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
14:33:49.0607 1736 nfrd960 - ok
14:33:49.0691 1736 NisDrv (5f7d72cbcdd025af1f38fdeee5646968) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
14:33:49.0717 1736 NisDrv - ok
14:33:49.0834 1736 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
14:33:49.0891 1736 Npfs - ok
14:33:49.0990 1736 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
14:33:50.0067 1736 nsiproxy - ok
14:33:50.0199 1736 Ntfs (356698a13c4630d5b31c37378d469196) C:\Windows\system32\drivers\Ntfs.sys
14:33:50.0258 1736 Ntfs - ok
14:33:50.0354 1736 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
14:33:50.0427 1736 Null - ok
14:33:50.0535 1736 nvraid (3e38712941e9bb4ddbee00affe3fed3d) C:\Windows\system32\drivers\nvraid.sys
14:33:50.0564 1736 nvraid - ok
14:33:50.0654 1736 nvstor (477dc4d6deb99be37084c9ac6d013da1) C:\Windows\system32\drivers\nvstor.sys
14:33:50.0682 1736 nvstor - ok
14:33:50.0801 1736 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
14:33:50.0850 1736 nv_agp - ok
14:33:50.0953 1736 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
14:33:50.0999 1736 ohci1394 - ok
14:33:51.0182 1736 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
14:33:51.0227 1736 Parport - ok
14:33:51.0316 1736 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys
14:33:51.0344 1736 partmgr - ok
14:33:51.0445 1736 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\drivers\pci.sys
14:33:51.0473 1736 pci - ok
14:33:51.0566 1736 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
14:33:51.0590 1736 pciide - ok
14:33:51.0686 1736 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
14:33:51.0721 1736 pcmcia - ok
14:33:51.0834 1736 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
14:33:51.0861 1736 pcw - ok
14:33:51.0959 1736 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
14:33:52.0046 1736 PEAUTH - ok
14:33:52.0178 1736 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
14:33:52.0252 1736 PptpMiniport - ok
14:33:52.0344 1736 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
14:33:52.0385 1736 Processor - ok
14:33:52.0507 1736 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
14:33:52.0586 1736 Psched - ok
14:33:52.0675 1736 PxHlpa64 (aed797cca02783296c68aa10d0cff8a9) C:\Windows\system32\Drivers\PxHlpa64.sys
14:33:52.0702 1736 PxHlpa64 - ok
14:33:52.0850 1736 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
14:33:52.0906 1736 ql2300 - ok
14:33:53.0002 1736 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
14:33:53.0027 1736 ql40xx - ok
14:33:53.0114 1736 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
14:33:53.0159 1736 QWAVEdrv - ok
14:33:53.0257 1736 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
14:33:53.0324 1736 RasAcd - ok
14:33:53.0431 1736 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
14:33:53.0504 1736 RasAgileVpn - ok
14:33:53.0611 1736 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
14:33:53.0668 1736 Rasl2tp - ok
14:33:53.0778 1736 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
14:33:53.0851 1736 RasPppoe - ok
14:33:53.0957 1736 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
14:33:54.0027 1736 RasSstp - ok
14:33:54.0131 1736 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
14:33:54.0202 1736 rdbss - ok
14:33:54.0301 1736 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
14:33:54.0342 1736 rdpbus - ok
14:33:54.0436 1736 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
14:33:54.0491 1736 RDPCDD - ok
14:33:54.0593 1736 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
14:33:54.0683 1736 RDPENCDD - ok
14:33:54.0783 1736 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
14:33:54.0860 1736 RDPREFMP - ok
14:33:54.0962 1736 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys
14:33:55.0027 1736 RDPWD - ok
14:33:55.0134 1736 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys
14:33:55.0162 1736 rdyboost - ok
14:33:55.0275 1736 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
14:33:55.0320 1736 RFCOMM - ok
14:33:55.0406 1736 rimspci (5ca4abd888b602551b59baa26941c167) C:\Windows\system32\drivers\rimssne64.sys
14:33:55.0449 1736 rimspci - ok
14:33:55.0541 1736 risdsnpe (bb6e138aeb351728959da5e2731d8140) C:\Windows\system32\drivers\risdsne64.sys
14:33:55.0576 1736 risdsnpe - ok
14:33:55.0693 1736 RsFx0150 (eb1c539e621a35a49f7692b0eb565ab9) C:\Windows\system32\DRIVERS\RsFx0150.sys
14:33:55.0726 1736 RsFx0150 - ok
14:33:55.0856 1736 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
14:33:55.0947 1736 rspndr - ok
14:33:56.0052 1736 RTHDMIAzAudService (4e821c740a675f6d040be41d59a62b1d) C:\Windows\system32\drivers\RtHDMIVX.sys
14:33:56.0089 1736 RTHDMIAzAudService - ok
14:33:56.0210 1736 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\drivers\sbp2port.sys
14:33:56.0239 1736 sbp2port - ok
14:33:56.0326 1736 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
14:33:56.0400 1736 scfilter - ok
14:33:56.0509 1736 sdbus (4e54822ed2350eb1f31f95f0fd674ef3) C:\Windows\system32\DRIVERS\sdbus.sys
14:33:56.0552 1736 sdbus - ok
14:33:56.0653 1736 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
14:33:56.0736 1736 secdrv - ok
14:33:56.0838 1736 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
14:33:56.0875 1736 Serenum - ok
14:33:56.0970 1736 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
14:33:57.0008 1736 Serial - ok
14:33:57.0101 1736 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
14:33:57.0145 1736 sermouse - ok
14:33:57.0251 1736 SFEP (70f9c476b62de4f2823e918a6c181ade) C:\Windows\system32\drivers\SFEP.sys
14:33:57.0288 1736 SFEP - ok
14:33:57.0413 1736 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
14:33:57.0456 1736 sffdisk - ok
14:33:57.0575 1736 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
14:33:57.0612 1736 sffp_mmc - ok
14:33:57.0712 1736 sffp_sd (5588b8c6193eb1522490c122eb94dffa) C:\Windows\system32\drivers\sffp_sd.sys
14:33:57.0755 1736 sffp_sd - ok
14:33:57.0851 1736 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
14:33:57.0889 1736 sfloppy - ok
14:33:58.0020 1736 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
14:33:58.0044 1736 SiSRaid2 - ok
14:33:58.0128 1736 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
14:33:58.0154 1736 SiSRaid4 - ok
14:33:58.0262 1736 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
14:33:58.0326 1736 Smb - ok
14:33:58.0448 1736 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
14:33:58.0471 1736 spldr - ok
14:33:58.0628 1736 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys
14:33:58.0675 1736 srv - ok
14:33:58.0767 1736 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys
14:33:58.0808 1736 srv2 - ok
14:33:58.0894 1736 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys
14:33:58.0924 1736 srvnet - ok
14:33:59.0033 1736 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
14:33:59.0055 1736 stexstor - ok
14:33:59.0153 1736 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
14:33:59.0179 1736 swenum - ok
14:33:59.0371 1736 Tcpip (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\drivers\tcpip.sys
14:33:59.0434 1736 Tcpip - ok
14:33:59.0571 1736 TCPIP6 (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\DRIVERS\tcpip.sys
14:33:59.0626 1736 TCPIP6 - ok
14:33:59.0721 1736 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
14:33:59.0792 1736 tcpipreg - ok
14:33:59.0882 1736 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
14:33:59.0945 1736 TDPIPE - ok
14:34:00.0039 1736 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
14:34:00.0097 1736 TDTCP - ok
14:34:00.0202 1736 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
14:34:00.0271 1736 tdx - ok
14:34:00.0374 1736 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\drivers\termdd.sys
14:34:00.0401 1736 TermDD - ok
14:34:00.0557 1736 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
14:34:00.0629 1736 tssecsrv - ok
14:34:00.0749 1736 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
14:34:00.0811 1736 tunnel - ok
14:34:00.0896 1736 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
14:34:00.0939 1736 uagp35 - ok
14:34:01.0075 1736 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys
14:34:01.0152 1736 udfs - ok
14:34:01.0253 1736 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
14:34:01.0280 1736 uliagpkx - ok
14:34:01.0382 1736 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
14:34:01.0410 1736 umbus - ok
14:34:01.0511 1736 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
14:34:01.0553 1736 UmPass - ok
14:34:01.0667 1736 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
14:34:01.0707 1736 USBAAPL64 ( UnsignedFile.Multi.Generic ) - warning
14:34:01.0707 1736 USBAAPL64 - detected UnsignedFile.Multi.Generic (1)
14:34:01.0830 1736 usbccgp (b26afb54a534d634523c4fb66765b026) C:\Windows\system32\DRIVERS\usbccgp.sys
14:34:01.0877 1736 usbccgp - ok
14:34:02.0015 1736 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
14:34:02.0058 1736 usbcir - ok
14:34:02.0171 1736 usbehci (2ea4aff7be7eb4632e3aa8595b0803b5) C:\Windows\system32\drivers\usbehci.sys
14:34:02.0200 1736 usbehci - ok
14:34:02.0299 1736 usbhub (4c9042b8df86c1e8e6240c218b99b39b) C:\Windows\system32\drivers\usbhub.sys
14:34:02.0344 1736 usbhub - ok
14:34:02.0490 1736 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\drivers\usbohci.sys
14:34:02.0517 1736 usbohci - ok
14:34:02.0664 1736 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
14:34:02.0711 1736 usbprint - ok
14:34:02.0805 1736 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
14:34:02.0851 1736 usbscan - ok
14:34:02.0937 1736 USBSTOR (080d3820da6c046be82fc8b45a893e83) C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:34:02.0982 1736 USBSTOR - ok
14:34:03.0067 1736 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\drivers\usbuhci.sys
14:34:03.0105 1736 usbuhci - ok
14:34:03.0207 1736 usbvideo (d501e12614b00a3252073101d6a1a74b) C:\Windows\system32\Drivers\usbvideo.sys
14:34:03.0264 1736 usbvideo - ok
14:34:03.0401 1736 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
14:34:03.0428 1736 vdrvroot - ok
14:34:03.0522 1736 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
14:34:03.0554 1736 vga - ok
14:34:03.0629 1736 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
14:34:03.0711 1736 VgaSave - ok
14:34:03.0801 1736 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\drivers\vhdmp.sys
14:34:03.0832 1736 vhdmp - ok
14:34:03.0921 1736 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
14:34:03.0944 1736 viaide - ok
14:34:04.0016 1736 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\drivers\volmgr.sys
14:34:04.0043 1736 volmgr - ok
14:34:04.0074 1736 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
14:34:04.0096 1736 volmgrx - ok
14:34:04.0178 1736 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\drivers\volsnap.sys
14:34:04.0211 1736 volsnap - ok
14:34:04.0314 1736 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
14:34:04.0340 1736 vsmraid - ok
14:34:04.0487 1736 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
14:34:04.0532 1736 vwifibus - ok
14:34:04.0622 1736 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
14:34:04.0665 1736 vwififlt - ok
14:34:04.0760 1736 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
14:34:04.0808 1736 vwifimp - ok
14:34:04.0903 1736 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
14:34:04.0945 1736 WacomPen - ok
14:34:05.0051 1736 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
14:34:05.0125 1736 WANARP - ok
14:34:05.0162 1736 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
14:34:05.0205 1736 Wanarpv6 - ok
14:34:05.0300 1736 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
14:34:05.0325 1736 Wd - ok
14:34:05.0427 1736 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
14:34:05.0473 1736 Wdf01000 - ok
14:34:05.0577 1736 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
14:34:05.0635 1736 WfpLwf - ok
14:34:05.0726 1736 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
14:34:05.0751 1736 WIMMount - ok
14:34:05.0898 1736 WinUsb (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUsb.sys
14:34:05.0950 1736 WinUsb - ok
14:34:06.0038 1736 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
14:34:06.0067 1736 WmiAcpi - ok
14:34:06.0165 1736 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
14:34:06.0235 1736 ws2ifsl - ok
14:34:06.0325 1736 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
14:34:06.0401 1736 WudfPf - ok
14:34:06.0505 1736 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys
14:34:06.0577 1736 WUDFRd - ok
14:34:06.0697 1736 yukonw7 (64f88af327aa74e03658ae32b48ccb8b) C:\Windows\system32\DRIVERS\yk62x64.sys
14:34:06.0753 1736 yukonw7 - ok
14:34:06.0794 1736 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
14:34:07.0725 1736 \Device\Harddisk0\DR0 - ok
14:34:07.0743 1736 Boot (0x1200) (6c26b4c11fa3946ad8c5fa2e7803210e) \Device\Harddisk0\DR0\Partition0
14:34:07.0744 1736 \Device\Harddisk0\DR0\Partition0 - ok
14:34:07.0760 1736 Boot (0x1200) (a14e0b38d63c83a09274eaae78759ef9) \Device\Harddisk0\DR0\Partition1
14:34:07.0762 1736 \Device\Harddisk0\DR0\Partition1 - ok
14:34:07.0782 1736 Boot (0x1200) (ed64c217a340d27456fb5df62d5c53ff) \Device\Harddisk0\DR0\Partition2
14:34:07.0783 1736 \Device\Harddisk0\DR0\Partition2 - ok
14:34:07.0786 1736 ============================================================
14:34:07.0786 1736 Scan finished
14:34:07.0786 1736 ============================================================
14:34:07.0798 6380 Detected object count: 3
14:34:07.0798 6380 Actual detected object count: 3
14:34:16.0420 6380 igfx ( UnsignedFile.Multi.Generic ) - skipped by user
14:34:16.0420 6380 igfx ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:34:16.0420 6380 IntcDAud ( UnsignedFile.Multi.Generic ) - skipped by user
14:34:16.0420 6380 IntcDAud ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:34:16.0422 6380 USBAAPL64 ( UnsignedFile.Multi.Generic ) - skipped by user
14:34:16.0422 6380 USBAAPL64 ( UnsignedFile.Multi.Generic ) - User select action: Skip
Ten oddiel:
http://img.zhulo.eu/images/510_disk.JPG
14:32:58.0629 0980 ============================================================
14:32:58.0630 0980 Current date / time: 2011/12/23 14:32:58.0629
14:32:58.0630 0980 SystemInfo:
14:32:58.0630 0980
14:32:58.0630 0980 OS Version: 6.1.7600 ServicePack: 0.0
14:32:58.0630 0980 Product type: Workstation
14:32:58.0630 0980 ComputerName: ZHULO-VAIO
14:32:58.0630 0980 UserName: zhulo
14:32:58.0630 0980 Windows directory: C:\Windows
14:32:58.0630 0980 System windows directory: C:\Windows
14:32:58.0630 0980 Running under WOW64
14:32:58.0630 0980 Processor architecture: Intel x64
14:32:58.0630 0980 Number of processors: 4
14:32:58.0630 0980 Page size: 0x1000
14:32:58.0630 0980 Boot type: Normal boot
14:32:58.0630 0980 ============================================================
14:32:59.0037 0980 Initialize success
14:33:23.0984 1736 ============================================================
14:33:23.0984 1736 Scan started
14:33:23.0985 1736 Mode: Manual; SigCheck; TDLFS;
14:33:23.0985 1736 ============================================================
14:33:24.0324 1736 1394ohci (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\drivers\1394ohci.sys
14:33:24.0471 1736 1394ohci - ok
14:33:24.0590 1736 ACPI (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\drivers\ACPI.sys
14:33:24.0622 1736 ACPI - ok
14:33:24.0725 1736 AcpiPmi (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\drivers\acpipmi.sys
14:33:24.0769 1736 AcpiPmi - ok
14:33:24.0891 1736 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
14:33:24.0933 1736 adp94xx - ok
14:33:25.0039 1736 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
14:33:25.0067 1736 adpahci - ok
14:33:25.0169 1736 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
14:33:25.0200 1736 adpu320 - ok
14:33:25.0318 1736 AFD (6ef20ddf3172e97d69f596fb90602f29) C:\Windows\system32\drivers\afd.sys
14:33:25.0393 1736 AFD - ok
14:33:25.0507 1736 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
14:33:25.0530 1736 agp440 - ok
14:33:25.0646 1736 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
14:33:25.0669 1736 aliide - ok
14:33:25.0794 1736 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
14:33:25.0814 1736 amdide - ok
14:33:25.0912 1736 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
14:33:25.0956 1736 AmdK8 - ok
14:33:26.0200 1736 amdkmdag (ea244a8b88de8b5986bf3b7903b063af) C:\Windows\system32\DRIVERS\atikmdag.sys
14:33:26.0442 1736 amdkmdag - ok
14:33:26.0568 1736 amdkmdap (dca6e341a4a7c31ea8a14c6166c9b249) C:\Windows\system32\DRIVERS\atikmpag.sys
14:33:26.0635 1736 amdkmdap - ok
14:33:26.0736 1736 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
14:33:26.0785 1736 AmdPPM - ok
14:33:26.0895 1736 amdsata (7a4b413614c055935567cf88a9734d38) C:\Windows\system32\drivers\amdsata.sys
14:33:26.0923 1736 amdsata - ok
14:33:27.0037 1736 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
14:33:27.0064 1736 amdsbs - ok
14:33:27.0169 1736 amdxata (b4ad0cacbab298671dd6f6ef7e20679d) C:\Windows\system32\drivers\amdxata.sys
14:33:27.0193 1736 amdxata - ok
14:33:27.0314 1736 ApfiltrService (1661f9c9e4b0049fa0a5e30264375a87) C:\Windows\system32\DRIVERS\Apfiltr.sys
14:33:27.0373 1736 ApfiltrService - ok
14:33:27.0468 1736 AppID (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
14:33:27.0571 1736 AppID - ok
14:33:27.0679 1736 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
14:33:27.0703 1736 arc - ok
14:33:27.0808 1736 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
14:33:27.0832 1736 arcsas - ok
14:33:27.0943 1736 ArcSoftKsUFilter (c130bc4a51b1382b2be8e44579ec4c0a) C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys
14:33:27.0965 1736 ArcSoftKsUFilter - ok
14:33:28.0103 1736 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
14:33:28.0184 1736 AsyncMac - ok
14:33:28.0298 1736 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
14:33:28.0320 1736 atapi - ok
14:33:28.0457 1736 athr (0acc06fcf46f64ed4f11e57ee461c1f4) C:\Windows\system32\DRIVERS\athrx.sys
14:33:28.0533 1736 athr - ok
14:33:28.0784 1736 atikmdag (ea244a8b88de8b5986bf3b7903b063af) C:\Windows\system32\DRIVERS\atikmdag.sys
14:33:28.0871 1736 atikmdag - ok
14:33:29.0012 1736 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
14:33:29.0076 1736 b06bdrv - ok
14:33:29.0179 1736 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
14:33:29.0227 1736 b57nd60a - ok
14:33:29.0337 1736 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
14:33:29.0404 1736 Beep - ok
14:33:29.0502 1736 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys
14:33:29.0544 1736 blbdrive - ok
14:33:29.0636 1736 bowser (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys
14:33:29.0688 1736 bowser - ok
14:33:29.0793 1736 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
14:33:29.0849 1736 BrFiltLo - ok
14:33:29.0942 1736 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
14:33:29.0990 1736 BrFiltUp - ok
14:33:30.0093 1736 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
14:33:30.0144 1736 Brserid - ok
14:33:30.0255 1736 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
14:33:30.0302 1736 BrSerWdm - ok
14:33:30.0460 1736 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
14:33:30.0512 1736 BrUsbMdm - ok
14:33:30.0607 1736 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
14:33:30.0641 1736 BrUsbSer - ok
14:33:30.0753 1736 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\DRIVERS\BthEnum.sys
14:33:30.0796 1736 BthEnum - ok
14:33:30.0891 1736 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
14:33:30.0927 1736 BTHMODEM - ok
14:33:31.0024 1736 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
14:33:31.0071 1736 BthPan - ok
14:33:31.0178 1736 BTHPORT (a51fa9d0e85d5adabef72e67f386309c) C:\Windows\system32\Drivers\BTHport.sys
14:33:31.0235 1736 BTHPORT - ok
14:33:31.0348 1736 BTHUSB (f740b9a16b2c06700f2130e19986bf3b) C:\Windows\system32\Drivers\BTHUSB.sys
14:33:31.0384 1736 BTHUSB - ok
14:33:31.0483 1736 btusbflt (6e04458e98daf28826482e41a7a62df5) C:\Windows\system32\drivers\btusbflt.sys
14:33:31.0502 1736 btusbflt - ok
14:33:31.0604 1736 btwaudio (4bdbdb86abba924e029fb2683be7c505) C:\Windows\system32\drivers\btwaudio.sys
14:33:31.0638 1736 btwaudio - ok
14:33:31.0767 1736 btwavdt (5c849bd7c78791c5cee9f4651d7fe38d) C:\Windows\system32\drivers\btwavdt.sys
14:33:31.0803 1736 btwavdt - ok
14:33:31.0925 1736 btwl2cap (6149301dc3f81d6f9667a3fbac410975) C:\Windows\system32\DRIVERS\btwl2cap.sys
14:33:31.0953 1736 btwl2cap - ok
14:33:32.0048 1736 btwrchid (3e1991afa851a36dc978b0a1b0535c8b) C:\Windows\system32\DRIVERS\btwrchid.sys
14:33:32.0083 1736 btwrchid - ok
14:33:32.0181 1736 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
14:33:32.0254 1736 cdfs - ok
14:33:32.0359 1736 cdrom (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
14:33:32.0410 1736 cdrom - ok
14:33:32.0531 1736 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
14:33:32.0576 1736 circlass - ok
14:33:32.0678 1736 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
14:33:32.0713 1736 CLFS - ok
14:33:32.0839 1736 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
14:33:32.0885 1736 CmBatt - ok
14:33:32.0966 1736 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
14:33:32.0987 1736 cmdide - ok
14:33:33.0093 1736 CNG (f95fd4cb7da00ba2a63ce9f6b5c053e1) C:\Windows\system32\Drivers\cng.sys
14:33:33.0135 1736 CNG - ok
14:33:33.0223 1736 cnnctfy2 (040ff3b09f26926a3792e047db0f47dd) C:\Windows\system32\DRIVERS\cnnctfy2.sys
14:33:33.0249 1736 cnnctfy2 - ok
14:33:33.0354 1736 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
14:33:33.0376 1736 Compbatt - ok
14:33:33.0490 1736 CompositeBus (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\drivers\CompositeBus.sys
14:33:33.0537 1736 CompositeBus - ok
14:33:33.0661 1736 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
14:33:33.0683 1736 crcdisk - ok
14:33:33.0820 1736 DfsC (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys
14:33:33.0859 1736 DfsC - ok
14:33:33.0960 1736 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
14:33:34.0023 1736 discache - ok
14:33:34.0124 1736 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
14:33:34.0151 1736 Disk - ok
14:33:34.0270 1736 Dot4 (b42ed0320c6e41102fde0005154849bb) C:\Windows\system32\DRIVERS\Dot4.sys
14:33:34.0315 1736 Dot4 - ok
14:33:34.0411 1736 Dot4Print (85135ad27e79b689335c08167d917cde) C:\Windows\system32\DRIVERS\Dot4Prt.sys
14:33:34.0459 1736 Dot4Print - ok
14:33:34.0554 1736 dot4usb (fd05a02b0370bc3000f402e543ca5814) C:\Windows\system32\DRIVERS\dot4usb.sys
14:33:34.0606 1736 dot4usb - ok
14:33:34.0735 1736 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
14:33:34.0777 1736 drmkaud - ok
14:33:34.0885 1736 dtsoftbus01 (d3d64cf7b2bceaa34a270f45a3fffb36) C:\Windows\system32\DRIVERS\dtsoftbus01.sys
14:33:34.0917 1736 dtsoftbus01 - ok
14:33:35.0046 1736 DXGKrnl (ebce0b0924835f635f620d19f0529dce) C:\Windows\System32\drivers\dxgkrnl.sys
14:33:35.0094 1736 DXGKrnl - ok
14:33:35.0256 1736 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
14:33:35.0368 1736 ebdrv - ok
14:33:35.0494 1736 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
14:33:35.0536 1736 elxstor - ok
14:33:35.0627 1736 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
14:33:35.0669 1736 ErrDev - ok
14:33:35.0772 1736 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
14:33:35.0852 1736 exfat - ok
14:33:35.0942 1736 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
14:33:36.0006 1736 fastfat - ok
14:33:36.0107 1736 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
14:33:36.0162 1736 fdc - ok
14:33:36.0266 1736 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
14:33:36.0294 1736 FileInfo - ok
14:33:36.0384 1736 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
14:33:36.0454 1736 Filetrace - ok
14:33:36.0594 1736 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
14:33:36.0648 1736 flpydisk - ok
14:33:36.0755 1736 FltMgr (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
14:33:36.0791 1736 FltMgr - ok
14:33:36.0899 1736 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
14:33:36.0924 1736 FsDepends - ok
14:33:37.0020 1736 fssfltr (dc0dce4ec2c5d2cf6472f9fd6aa9a7dc) C:\Windows\system32\DRIVERS\fssfltr.sys
14:33:37.0042 1736 fssfltr - ok
14:33:37.0142 1736 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
14:33:37.0166 1736 Fs_Rec - ok
14:33:37.0278 1736 fvevol (b8b2a6e1558f8f5de5ce431c5b2c7b09) C:\Windows\system32\DRIVERS\fvevol.sys
14:33:37.0309 1736 fvevol - ok
14:33:37.0405 1736 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
14:33:37.0431 1736 gagp30kx - ok
14:33:37.0560 1736 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
14:33:37.0610 1736 hcw85cir - ok
14:33:37.0728 1736 HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys
14:33:37.0794 1736 HdAudAddService - ok
14:33:37.0893 1736 HDAudBus (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\drivers\HDAudBus.sys
14:33:37.0941 1736 HDAudBus - ok
14:33:38.0042 1736 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys
14:33:38.0065 1736 HECIx64 - ok
14:33:38.0145 1736 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
14:33:38.0180 1736 HidBatt - ok
14:33:38.0292 1736 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
14:33:38.0350 1736 HidBth - ok
14:33:38.0441 1736 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
14:33:38.0492 1736 HidIr - ok
14:33:38.0597 1736 HidUsb (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
14:33:38.0650 1736 HidUsb - ok
14:33:38.0765 1736 HpSAMD (0886d440058f203eba0e1825e4355914) C:\Windows\system32\drivers\HpSAMD.sys
14:33:38.0790 1736 HpSAMD - ok
14:33:38.0898 1736 HTTP (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
14:33:38.0971 1736 HTTP - ok
14:33:39.0064 1736 hwpolicy (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
14:33:39.0086 1736 hwpolicy - ok
14:33:39.0193 1736 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
14:33:39.0227 1736 i8042prt - ok
14:33:39.0336 1736 iaStor (073a606333b6f7bbf20aa856df7f0997) C:\Windows\system32\drivers\iaStor.sys
14:33:39.0374 1736 iaStor - ok
14:33:39.0493 1736 iaStorV (d83efb6fd45df9d55e9a1afc63640d50) C:\Windows\system32\drivers\iaStorV.sys
14:33:39.0529 1736 iaStorV - ok
14:33:39.0813 1736 igfx (31d1aff484d8a0906cf8d44251ec390f) C:\Windows\system32\DRIVERS\igdkmd64.sys
14:33:40.0240 1736 igfx ( UnsignedFile.Multi.Generic ) - warning
14:33:40.0240 1736 igfx - detected UnsignedFile.Multi.Generic (1)
14:33:40.0340 1736 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
14:33:40.0364 1736 iirsp - ok
14:33:40.0486 1736 Impcd (36fdf367a1dabff903e2214023d71368) C:\Windows\system32\drivers\Impcd.sys
14:33:40.0515 1736 Impcd - ok
14:33:40.0694 1736 IntcAzAudAddService (0f144e5f46cb9043004b5e84aa4bca6a) C:\Windows\system32\drivers\RTKVHD64.sys
14:33:40.0759 1736 IntcAzAudAddService - ok
14:33:40.0874 1736 IntcDAud (408b401cd7cdb075c7470b0ff7ba8d0b) C:\Windows\system32\DRIVERS\IntcDAud.sys
14:33:40.0908 1736 IntcDAud ( UnsignedFile.Multi.Generic ) - warning
14:33:40.0908 1736 IntcDAud - detected UnsignedFile.Multi.Generic (1)
14:33:40.0989 1736 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
14:33:41.0011 1736 intelide - ok
14:33:41.0106 1736 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
14:33:41.0140 1736 intelppm - ok
14:33:41.0229 1736 IpFilterDriver (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:33:41.0309 1736 IpFilterDriver - ok
14:33:41.0391 1736 IPMIDRV (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\drivers\IPMIDrv.sys
14:33:41.0431 1736 IPMIDRV - ok
14:33:41.0538 1736 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
14:33:41.0609 1736 IPNAT - ok
14:33:41.0702 1736 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
14:33:41.0746 1736 IRENUM - ok
14:33:41.0835 1736 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
14:33:41.0860 1736 isapnp - ok
14:33:41.0952 1736 iScsiPrt (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\drivers\msiscsi.sys
14:33:41.0984 1736 iScsiPrt - ok
14:33:42.0082 1736 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
14:33:42.0105 1736 kbdclass - ok
14:33:42.0200 1736 kbdhid (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
14:33:42.0244 1736 kbdhid - ok
14:33:42.0339 1736 KSecDD (e8b6fcc9c83535c67f835d407620bd27) C:\Windows\system32\Drivers\ksecdd.sys
14:33:42.0368 1736 KSecDD - ok
14:33:42.0463 1736 KSecPkg (bbe1bf6d9b661c354d4857d5fadb943b) C:\Windows\system32\Drivers\ksecpkg.sys
14:33:42.0494 1736 KSecPkg - ok
14:33:42.0587 1736 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
14:33:42.0657 1736 ksthunk - ok
14:33:42.0775 1736 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
14:33:42.0857 1736 lltdio - ok
14:33:42.0994 1736 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
14:33:43.0020 1736 LSI_FC - ok
14:33:43.0127 1736 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
14:33:43.0155 1736 LSI_SAS - ok
14:33:43.0261 1736 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
14:33:43.0287 1736 LSI_SAS2 - ok
14:33:43.0403 1736 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
14:33:43.0431 1736 LSI_SCSI - ok
14:33:43.0534 1736 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
14:33:43.0601 1736 luafv - ok
14:33:43.0732 1736 MBAMProtector (23a854450dab5c9b7a42ab9be6f2e4bd) C:\Windows\system32\drivers\mbam.sys
14:33:43.0758 1736 MBAMProtector - ok
14:33:43.0864 1736 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
14:33:43.0886 1736 megasas - ok
14:33:43.0985 1736 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
14:33:44.0020 1736 MegaSR - ok
14:33:44.0122 1736 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
14:33:44.0191 1736 Modem - ok
14:33:44.0283 1736 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
14:33:44.0325 1736 monitor - ok
14:33:44.0445 1736 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
14:33:44.0470 1736 mouclass - ok
14:33:44.0577 1736 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
14:33:44.0628 1736 mouhid - ok
14:33:44.0729 1736 mountmgr (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
14:33:44.0755 1736 mountmgr - ok
14:33:44.0849 1736 MpFilter (c177a7ebf5e8a0b596f618870516cab8) C:\Windows\system32\DRIVERS\MpFilter.sys
14:33:44.0881 1736 MpFilter - ok
14:33:44.0977 1736 mpio (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\drivers\mpio.sys
14:33:45.0006 1736 mpio - ok
14:33:45.0104 1736 MpNWMon (8fbf6b31fe8af1833d93c5913d5b4d55) C:\Windows\system32\DRIVERS\MpNWMon.sys
14:33:45.0127 1736 MpNWMon - ok
14:33:45.0217 1736 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
14:33:45.0296 1736 mpsdrv - ok
14:33:45.0392 1736 MRxDAV (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
14:33:45.0441 1736 MRxDAV - ok
14:33:45.0537 1736 mrxsmb (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys
14:33:45.0588 1736 mrxsmb - ok
14:33:45.0698 1736 mrxsmb10 (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:33:45.0745 1736 mrxsmb10 - ok
14:33:45.0848 1736 mrxsmb20 (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:33:45.0900 1736 mrxsmb20 - ok
14:33:46.0001 1736 msahci (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\drivers\msahci.sys
14:33:46.0027 1736 msahci - ok
14:33:46.0115 1736 msdsm (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\drivers\msdsm.sys
14:33:46.0145 1736 msdsm - ok
14:33:46.0258 1736 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
14:33:46.0317 1736 Msfs - ok
14:33:46.0418 1736 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
14:33:46.0494 1736 mshidkmdf - ok
14:33:46.0583 1736 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
14:33:46.0607 1736 msisadrv - ok
14:33:46.0734 1736 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
14:33:46.0803 1736 MSKSSRV - ok
14:33:46.0924 1736 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
14:33:46.0989 1736 MSPCLOCK - ok
14:33:47.0101 1736 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
14:33:47.0172 1736 MSPQM - ok
14:33:47.0265 1736 MsRPC (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
14:33:47.0298 1736 MsRPC - ok
14:33:47.0404 1736 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
14:33:47.0426 1736 mssmbios - ok
14:33:47.0564 1736 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
14:33:47.0617 1736 MSTEE - ok
14:33:47.0707 1736 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
14:33:47.0742 1736 MTConfig - ok
14:33:47.0824 1736 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
14:33:47.0850 1736 Mup - ok
14:33:47.0972 1736 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
14:33:48.0025 1736 NativeWifiP - ok
14:33:48.0162 1736 NDIS (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
14:33:48.0211 1736 NDIS - ok
14:33:48.0324 1736 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
14:33:48.0395 1736 NdisCap - ok
14:33:48.0520 1736 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
14:33:48.0594 1736 NdisTapi - ok
14:33:48.0691 1736 Ndisuio (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
14:33:48.0759 1736 Ndisuio - ok
14:33:48.0858 1736 NdisWan (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
14:33:48.0931 1736 NdisWan - ok
14:33:49.0017 1736 NDProxy (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
14:33:49.0100 1736 NDProxy - ok
14:33:49.0217 1736 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
14:33:49.0274 1736 NetBIOS - ok
14:33:49.0363 1736 NetBT (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
14:33:49.0452 1736 NetBT - ok
14:33:49.0585 1736 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
14:33:49.0607 1736 nfrd960 - ok
14:33:49.0691 1736 NisDrv (5f7d72cbcdd025af1f38fdeee5646968) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
14:33:49.0717 1736 NisDrv - ok
14:33:49.0834 1736 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
14:33:49.0891 1736 Npfs - ok
14:33:49.0990 1736 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
14:33:50.0067 1736 nsiproxy - ok
14:33:50.0199 1736 Ntfs (356698a13c4630d5b31c37378d469196) C:\Windows\system32\drivers\Ntfs.sys
14:33:50.0258 1736 Ntfs - ok
14:33:50.0354 1736 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
14:33:50.0427 1736 Null - ok
14:33:50.0535 1736 nvraid (3e38712941e9bb4ddbee00affe3fed3d) C:\Windows\system32\drivers\nvraid.sys
14:33:50.0564 1736 nvraid - ok
14:33:50.0654 1736 nvstor (477dc4d6deb99be37084c9ac6d013da1) C:\Windows\system32\drivers\nvstor.sys
14:33:50.0682 1736 nvstor - ok
14:33:50.0801 1736 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
14:33:50.0850 1736 nv_agp - ok
14:33:50.0953 1736 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
14:33:50.0999 1736 ohci1394 - ok
14:33:51.0182 1736 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
14:33:51.0227 1736 Parport - ok
14:33:51.0316 1736 partmgr (7daa117143316c4a1537e074a5a9eaf0) C:\Windows\system32\drivers\partmgr.sys
14:33:51.0344 1736 partmgr - ok
14:33:51.0445 1736 pci (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\drivers\pci.sys
14:33:51.0473 1736 pci - ok
14:33:51.0566 1736 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
14:33:51.0590 1736 pciide - ok
14:33:51.0686 1736 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
14:33:51.0721 1736 pcmcia - ok
14:33:51.0834 1736 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
14:33:51.0861 1736 pcw - ok
14:33:51.0959 1736 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
14:33:52.0046 1736 PEAUTH - ok
14:33:52.0178 1736 PptpMiniport (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
14:33:52.0252 1736 PptpMiniport - ok
14:33:52.0344 1736 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
14:33:52.0385 1736 Processor - ok
14:33:52.0507 1736 Psched (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
14:33:52.0586 1736 Psched - ok
14:33:52.0675 1736 PxHlpa64 (aed797cca02783296c68aa10d0cff8a9) C:\Windows\system32\Drivers\PxHlpa64.sys
14:33:52.0702 1736 PxHlpa64 - ok
14:33:52.0850 1736 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
14:33:52.0906 1736 ql2300 - ok
14:33:53.0002 1736 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
14:33:53.0027 1736 ql40xx - ok
14:33:53.0114 1736 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
14:33:53.0159 1736 QWAVEdrv - ok
14:33:53.0257 1736 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
14:33:53.0324 1736 RasAcd - ok
14:33:53.0431 1736 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
14:33:53.0504 1736 RasAgileVpn - ok
14:33:53.0611 1736 Rasl2tp (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
14:33:53.0668 1736 Rasl2tp - ok
14:33:53.0778 1736 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
14:33:53.0851 1736 RasPppoe - ok
14:33:53.0957 1736 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
14:33:54.0027 1736 RasSstp - ok
14:33:54.0131 1736 rdbss (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
14:33:54.0202 1736 rdbss - ok
14:33:54.0301 1736 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
14:33:54.0342 1736 rdpbus - ok
14:33:54.0436 1736 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
14:33:54.0491 1736 RDPCDD - ok
14:33:54.0593 1736 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
14:33:54.0683 1736 RDPENCDD - ok
14:33:54.0783 1736 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
14:33:54.0860 1736 RDPREFMP - ok
14:33:54.0962 1736 RDPWD (8a3e6bea1c53ea6177fe2b6eba2c80d7) C:\Windows\system32\drivers\RDPWD.sys
14:33:55.0027 1736 RDPWD - ok
14:33:55.0134 1736 rdyboost (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys
14:33:55.0162 1736 rdyboost - ok
14:33:55.0275 1736 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
14:33:55.0320 1736 RFCOMM - ok
14:33:55.0406 1736 rimspci (5ca4abd888b602551b59baa26941c167) C:\Windows\system32\drivers\rimssne64.sys
14:33:55.0449 1736 rimspci - ok
14:33:55.0541 1736 risdsnpe (bb6e138aeb351728959da5e2731d8140) C:\Windows\system32\drivers\risdsne64.sys
14:33:55.0576 1736 risdsnpe - ok
14:33:55.0693 1736 RsFx0150 (eb1c539e621a35a49f7692b0eb565ab9) C:\Windows\system32\DRIVERS\RsFx0150.sys
14:33:55.0726 1736 RsFx0150 - ok
14:33:55.0856 1736 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
14:33:55.0947 1736 rspndr - ok
14:33:56.0052 1736 RTHDMIAzAudService (4e821c740a675f6d040be41d59a62b1d) C:\Windows\system32\drivers\RtHDMIVX.sys
14:33:56.0089 1736 RTHDMIAzAudService - ok
14:33:56.0210 1736 sbp2port (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\drivers\sbp2port.sys
14:33:56.0239 1736 sbp2port - ok
14:33:56.0326 1736 scfilter (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
14:33:56.0400 1736 scfilter - ok
14:33:56.0509 1736 sdbus (4e54822ed2350eb1f31f95f0fd674ef3) C:\Windows\system32\DRIVERS\sdbus.sys
14:33:56.0552 1736 sdbus - ok
14:33:56.0653 1736 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
14:33:56.0736 1736 secdrv - ok
14:33:56.0838 1736 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
14:33:56.0875 1736 Serenum - ok
14:33:56.0970 1736 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
14:33:57.0008 1736 Serial - ok
14:33:57.0101 1736 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
14:33:57.0145 1736 sermouse - ok
14:33:57.0251 1736 SFEP (70f9c476b62de4f2823e918a6c181ade) C:\Windows\system32\drivers\SFEP.sys
14:33:57.0288 1736 SFEP - ok
14:33:57.0413 1736 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
14:33:57.0456 1736 sffdisk - ok
14:33:57.0575 1736 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
14:33:57.0612 1736 sffp_mmc - ok
14:33:57.0712 1736 sffp_sd (5588b8c6193eb1522490c122eb94dffa) C:\Windows\system32\drivers\sffp_sd.sys
14:33:57.0755 1736 sffp_sd - ok
14:33:57.0851 1736 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
14:33:57.0889 1736 sfloppy - ok
14:33:58.0020 1736 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
14:33:58.0044 1736 SiSRaid2 - ok
14:33:58.0128 1736 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
14:33:58.0154 1736 SiSRaid4 - ok
14:33:58.0262 1736 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
14:33:58.0326 1736 Smb - ok
14:33:58.0448 1736 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
14:33:58.0471 1736 spldr - ok
14:33:58.0628 1736 srv (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys
14:33:58.0675 1736 srv - ok
14:33:58.0767 1736 srv2 (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys
14:33:58.0808 1736 srv2 - ok
14:33:58.0894 1736 srvnet (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys
14:33:58.0924 1736 srvnet - ok
14:33:59.0033 1736 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
14:33:59.0055 1736 stexstor - ok
14:33:59.0153 1736 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
14:33:59.0179 1736 swenum - ok
14:33:59.0371 1736 Tcpip (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\drivers\tcpip.sys
14:33:59.0434 1736 Tcpip - ok
14:33:59.0571 1736 TCPIP6 (f18f56efc0bfb9c87ba01c37b27f4da5) C:\Windows\system32\DRIVERS\tcpip.sys
14:33:59.0626 1736 TCPIP6 - ok
14:33:59.0721 1736 tcpipreg (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
14:33:59.0792 1736 tcpipreg - ok
14:33:59.0882 1736 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
14:33:59.0945 1736 TDPIPE - ok
14:34:00.0039 1736 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
14:34:00.0097 1736 TDTCP - ok
14:34:00.0202 1736 tdx (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
14:34:00.0271 1736 tdx - ok
14:34:00.0374 1736 TermDD (c448651339196c0e869a355171875522) C:\Windows\system32\drivers\termdd.sys
14:34:00.0401 1736 TermDD - ok
14:34:00.0557 1736 tssecsrv (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
14:34:00.0629 1736 tssecsrv - ok
14:34:00.0749 1736 tunnel (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
14:34:00.0811 1736 tunnel - ok
14:34:00.0896 1736 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
14:34:00.0939 1736 uagp35 - ok
14:34:01.0075 1736 udfs (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys
14:34:01.0152 1736 udfs - ok
14:34:01.0253 1736 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
14:34:01.0280 1736 uliagpkx - ok
14:34:01.0382 1736 umbus (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
14:34:01.0410 1736 umbus - ok
14:34:01.0511 1736 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
14:34:01.0553 1736 UmPass - ok
14:34:01.0667 1736 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
14:34:01.0707 1736 USBAAPL64 ( UnsignedFile.Multi.Generic ) - warning
14:34:01.0707 1736 USBAAPL64 - detected UnsignedFile.Multi.Generic (1)
14:34:01.0830 1736 usbccgp (b26afb54a534d634523c4fb66765b026) C:\Windows\system32\DRIVERS\usbccgp.sys
14:34:01.0877 1736 usbccgp - ok
14:34:02.0015 1736 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
14:34:02.0058 1736 usbcir - ok
14:34:02.0171 1736 usbehci (2ea4aff7be7eb4632e3aa8595b0803b5) C:\Windows\system32\drivers\usbehci.sys
14:34:02.0200 1736 usbehci - ok
14:34:02.0299 1736 usbhub (4c9042b8df86c1e8e6240c218b99b39b) C:\Windows\system32\drivers\usbhub.sys
14:34:02.0344 1736 usbhub - ok
14:34:02.0490 1736 usbohci (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\drivers\usbohci.sys
14:34:02.0517 1736 usbohci - ok
14:34:02.0664 1736 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
14:34:02.0711 1736 usbprint - ok
14:34:02.0805 1736 usbscan (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
14:34:02.0851 1736 usbscan - ok
14:34:02.0937 1736 USBSTOR (080d3820da6c046be82fc8b45a893e83) C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:34:02.0982 1736 USBSTOR - ok
14:34:03.0067 1736 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\drivers\usbuhci.sys
14:34:03.0105 1736 usbuhci - ok
14:34:03.0207 1736 usbvideo (d501e12614b00a3252073101d6a1a74b) C:\Windows\system32\Drivers\usbvideo.sys
14:34:03.0264 1736 usbvideo - ok
14:34:03.0401 1736 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
14:34:03.0428 1736 vdrvroot - ok
14:34:03.0522 1736 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
14:34:03.0554 1736 vga - ok
14:34:03.0629 1736 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
14:34:03.0711 1736 VgaSave - ok
14:34:03.0801 1736 vhdmp (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\drivers\vhdmp.sys
14:34:03.0832 1736 vhdmp - ok
14:34:03.0921 1736 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
14:34:03.0944 1736 viaide - ok
14:34:04.0016 1736 volmgr (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\drivers\volmgr.sys
14:34:04.0043 1736 volmgr - ok
14:34:04.0074 1736 volmgrx (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
14:34:04.0096 1736 volmgrx - ok
14:34:04.0178 1736 volsnap (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\drivers\volsnap.sys
14:34:04.0211 1736 volsnap - ok
14:34:04.0314 1736 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
14:34:04.0340 1736 vsmraid - ok
14:34:04.0487 1736 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
14:34:04.0532 1736 vwifibus - ok
14:34:04.0622 1736 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
14:34:04.0665 1736 vwififlt - ok
14:34:04.0760 1736 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
14:34:04.0808 1736 vwifimp - ok
14:34:04.0903 1736 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
14:34:04.0945 1736 WacomPen - ok
14:34:05.0051 1736 WANARP (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
14:34:05.0125 1736 WANARP - ok
14:34:05.0162 1736 Wanarpv6 (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
14:34:05.0205 1736 Wanarpv6 - ok
14:34:05.0300 1736 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
14:34:05.0325 1736 Wd - ok
14:34:05.0427 1736 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
14:34:05.0473 1736 Wdf01000 - ok
14:34:05.0577 1736 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
14:34:05.0635 1736 WfpLwf - ok
14:34:05.0726 1736 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
14:34:05.0751 1736 WIMMount - ok
14:34:05.0898 1736 WinUsb (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUsb.sys
14:34:05.0950 1736 WinUsb - ok
14:34:06.0038 1736 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
14:34:06.0067 1736 WmiAcpi - ok
14:34:06.0165 1736 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
14:34:06.0235 1736 ws2ifsl - ok
14:34:06.0325 1736 WudfPf (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
14:34:06.0401 1736 WudfPf - ok
14:34:06.0505 1736 WUDFRd (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys
14:34:06.0577 1736 WUDFRd - ok
14:34:06.0697 1736 yukonw7 (64f88af327aa74e03658ae32b48ccb8b) C:\Windows\system32\DRIVERS\yk62x64.sys
14:34:06.0753 1736 yukonw7 - ok
14:34:06.0794 1736 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
14:34:07.0725 1736 \Device\Harddisk0\DR0 - ok
14:34:07.0743 1736 Boot (0x1200) (6c26b4c11fa3946ad8c5fa2e7803210e) \Device\Harddisk0\DR0\Partition0
14:34:07.0744 1736 \Device\Harddisk0\DR0\Partition0 - ok
14:34:07.0760 1736 Boot (0x1200) (a14e0b38d63c83a09274eaae78759ef9) \Device\Harddisk0\DR0\Partition1
14:34:07.0762 1736 \Device\Harddisk0\DR0\Partition1 - ok
14:34:07.0782 1736 Boot (0x1200) (ed64c217a340d27456fb5df62d5c53ff) \Device\Harddisk0\DR0\Partition2
14:34:07.0783 1736 \Device\Harddisk0\DR0\Partition2 - ok
14:34:07.0786 1736 ============================================================
14:34:07.0786 1736 Scan finished
14:34:07.0786 1736 ============================================================
14:34:07.0798 6380 Detected object count: 3
14:34:07.0798 6380 Actual detected object count: 3
14:34:16.0420 6380 igfx ( UnsignedFile.Multi.Generic ) - skipped by user
14:34:16.0420 6380 igfx ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:34:16.0420 6380 IntcDAud ( UnsignedFile.Multi.Generic ) - skipped by user
14:34:16.0420 6380 IntcDAud ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:34:16.0422 6380 USBAAPL64 ( UnsignedFile.Multi.Generic ) - skipped by user
14:34:16.0422 6380 USBAAPL64 ( UnsignedFile.Multi.Generic ) - User select action: Skip
Ten oddiel:
http://img.zhulo.eu/images/510_disk.JPG
Re: Odstranenie viru
Fajn, mel jsem tam podezreni na jednu mrchu, neprokazala se
PROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK
Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe
PROSIM CTETE DUKLADNE NAVOD - TATO UTILITA MA VELKOU SCHOPNOST MAZAT A JE NUTNE JI APLIKOVAT JEN NA DOPORUCENI, JINAK VAM MUZE JIT SYSTEM DO KYTEK
Stahnete a ulozte na plochu Combofix http://download.bleepingcomputer.com/sUBs/ComboFix.exe
- Vypnete vsechny rezidentni bezpecnostní programy - firewally, antiviry, antispywary apod.
- Pokud mate Win XP spustte pod uctem Spravce\Administratora
- Pokud mate Win Vista ci Win 7, kliknete na Combofix pravym a dejte Run As Administrator ci Spustit jako spravce
- Ihned po startu se zobrazi stranka s licencnim ujednanim, pokracujte kliknutim na Ano
- Pokud Vam CF nabidne instalaci Konzoly pro zotaveni, tak souhlaste
- Dale postupujte dle pokynu, behem scanu nechte PC naprosto v klidu - nespoustejte zadne aplikace a neklikejte do zobrazujiciho se okna
- Scan by mel trvat cca 10 min, ale pokud bude PC hodne zaneseno, muze se cas prodlouzit
- Po dokonceni skenu a pripadnem restartu CF zobrazi log, pripadne jej najdete zde C:\ComboFix.txt, jeho obsah sem vlozte
- Detailni postup vc. obrazku mate zde http://www.bleepingcomputer.com/combofi ... t-combofix
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Odstranenie viru
ComboFix 11-12-23.01 - zhulo . 12. 2011 14:53:33.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7600.0.1250.421.1051.18.3950.2192 [GMT 1:00]
Running from: c:\users\zhulo\Downloads\ComboFix.exe
AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\LP
c:\program files (x86)\LP\985C\4C36.tmp
c:\program files (x86)\LP\985C\BAD1.tmp
c:\program files (x86)\LP\985C\CB32.tmp
c:\program files (x86)\LP\E4FC\366A.tmp
c:\program files (x86)\QIP 2012\Core\MousePhone.dll
c:\users\zhulo\AppData\Local\1c454a2f\U
c:\users\zhulo\AppData\Local\1c454a2f\U\80000000.@
c:\users\zhulo\AppData\Local\1c454a2f\U\800000cb.@
c:\users\zhulo\AppData\Local\1c454a2f\U\800000cf.@
c:\users\zhulo\AppData\Local\1c454a2f\X
c:\windows\assembly\tmp\U
c:\windows\system32\java.exe
.
.
((((((((((((((((((((((((( Files Created from 2011-11-23 to 2011-12-23 )))))))))))))))))))))))))))))))
.
.
2011-12-23 13:58 . 2011-12-23 13:58 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-12-23 13:11 . 2011-12-23 13:52 69000 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{D85D7093-1D67-4E84-95E0-DAE8A8B4199B}\offreg.dll
2011-12-23 13:10 . 2011-11-21 11:40 8822856 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{D85D7093-1D67-4E84-95E0-DAE8A8B4199B}\mpengine.dll
2011-12-23 12:29 . 2011-12-23 12:29 -------- d-----w- C:\rsit
2011-12-23 12:29 . 2011-12-23 12:29 -------- d-----w- c:\program files\trend micro
2011-12-23 11:08 . 2011-12-23 11:08 -------- d-----w- c:\users\zhulo\AppData\Roaming\Malwarebytes
2011-12-23 11:07 . 2011-12-23 11:07 -------- d-----w- c:\programdata\Malwarebytes
2011-12-23 11:07 . 2011-12-23 11:07 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2011-12-23 11:07 . 2011-08-31 16:00 25416 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-12-21 23:54 . 2011-12-23 10:23 43992 ----a-w- c:\program files (x86)\Mozilla Firefox\mozutils.dll
2011-12-21 23:54 . 2011-12-21 23:54 479232 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcm80.dll
2011-12-21 23:54 . 2011-12-21 23:54 548864 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcp80.dll
2011-12-21 23:54 . 2011-12-21 23:54 626688 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcr80.dll
2011-12-14 22:35 . 2011-12-14 22:35 -------- d-----w- c:\program files (x86)\StarUML
2011-12-10 20:39 . 2011-12-10 20:39 -------- d-----w- c:\users\zhulo\AppData\Local\BlackHawk
2011-12-10 20:39 . 2011-12-10 20:39 -------- d-----w- c:\program files\NETGATE
2011-12-09 18:55 . 2011-12-17 07:10 -------- d-----w- c:\program files (x86)\5E4AF
2011-12-09 18:55 . 2011-12-11 10:08 -------- d-----w- c:\users\zhulo\AppData\Roaming\C2E5E
2011-12-04 17:06 . 2011-12-04 17:06 -------- d-----w- c:\users\zhulo\AppData\Roaming\TeamViewer
2011-12-04 06:44 . 2011-12-04 06:44 458064 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2011-12-03 19:48 . 2011-12-03 19:53 -------- d-----w- c:\users\zhulo\AppData\Local\Ubisoft Game Launcher
2011-12-01 16:02 . 2009-09-04 16:44 515416 ----a-w- c:\windows\SysWow64\XAudio2_5.dll
2011-12-01 16:02 . 2009-09-04 16:29 523088 ----a-w- c:\windows\system32\d3dx10_42.dll
2011-12-01 16:01 . 2009-09-04 16:44 69464 ----a-w- c:\windows\SysWow64\XAPOFX1_3.dll
2011-12-01 15:50 . 2011-12-03 19:25 -------- d-----w- c:\program files (x86)\Ubisoft
2011-12-01 15:50 . 2011-12-01 15:50 -------- d--h--w- c:\users\zhulo\InstallAnywhere
2011-11-30 19:32 . 2011-11-30 19:32 -------- d-----w- c:\users\zhulo\AppData\Local\Microsoft_Corporation
2011-11-30 19:30 . 2010-04-03 10:51 47968 ----a-w- c:\windows\SysWow64\perf-ReportServer$DATABAZA-rsctr.dll
2011-11-30 19:30 . 2010-04-03 09:57 77664 ----a-w- c:\windows\system32\perf-ReportServer$DATABAZA-rsctr.dll
2011-11-30 19:29 . 2010-04-03 11:51 47456 ----a-w- c:\windows\SysWow64\perf-MSSQL10_50.DATABAZA-sqlagtctr.dll
2011-11-30 19:29 . 2010-04-03 10:57 77152 ----a-w- c:\windows\system32\perf-MSSQL10_50.DATABAZA-sqlagtctr.dll
2011-11-30 19:29 . 2010-04-03 11:51 73568 ----a-w- c:\windows\SysWow64\perf-MSSQL$DATABAZA-sqlctr10.50.1600.1.dll
2011-11-30 19:29 . 2010-04-03 10:57 79200 ----a-w- c:\windows\system32\perf-MSSQL$DATABAZA-sqlctr10.50.1600.1.dll
2011-11-30 19:25 . 2011-11-30 19:25 -------- d-----w- c:\windows\system32\RsFx
2011-11-30 19:25 . 2011-11-30 19:25 -------- d-----w- c:\program files\Microsoft Analysis Services
2011-11-30 19:25 . 2011-11-30 19:25 -------- d-----w- c:\program files\Microsoft Visual Studio 9.0
2011-11-30 19:25 . 2011-11-30 19:25 -------- d-----w- c:\program files (x86)\Microsoft Visual Studio 9.0
2011-11-30 19:23 . 2011-11-30 19:23 -------- d-----w- c:\windows\system32\1033
2011-11-30 17:23 . 2011-11-30 17:23 -------- d-----w- c:\users\zhulo\AppData\Roaming\postgresql
2011-11-30 17:12 . 2011-12-23 13:52 -------- d-----w- c:\users\postgres
2011-11-30 17:11 . 2011-11-30 17:11 -------- d-----w- c:\program files\PostgreSQL
2011-11-30 16:39 . 2011-11-30 16:39 -------- d-----w- c:\program files (x86)\SQLXML 4.0
2011-11-30 16:39 . 2011-11-30 16:39 -------- d-----w- c:\program files\SQLXML 4.0
2011-11-30 16:34 . 2011-11-30 19:23 -------- d-----w- c:\windows\SysWow64\1033
2011-11-30 16:34 . 2011-11-30 16:34 -------- d-----w- c:\program files (x86)\Common Files\Merge Modules
2011-11-30 16:16 . 2011-11-30 16:16 -------- d-----w- c:\program files\Microsoft.NET
2011-11-30 16:02 . 2011-11-30 19:23 -------- d-----w- c:\program files (x86)\Microsoft SQL Server
2011-11-30 16:02 . 2011-11-30 19:27 -------- d-----w- c:\program files\Microsoft SQL Server
2011-11-28 19:38 . 2011-12-23 10:24 121816 ----a-w- c:\program files (x86)\Mozilla Firefox\components\browsercomps.dll
2011-11-26 11:48 . 2011-11-26 11:48 -------- d-----w- c:\users\zhulo\AppData\Roaming\InstallShield
2011-11-26 11:30 . 2011-11-26 11:30 -------- d-----w- c:\users\zhulo\AppData\Roaming\Stardock
2011-11-26 11:30 . 2011-11-26 11:30 -------- dc-h--w- c:\programdata\{A3A26C56-02C3-4F76-A033-12EE2FB52AE6}
2011-11-26 11:30 . 2011-11-26 11:30 -------- d-----w- c:\program files (x86)\Stardock
2011-11-26 11:30 . 2011-11-26 11:30 -------- d-----w- c:\users\zhulo\AppData\Local\PackageAware
2011-11-26 10:56 . 2011-11-26 10:56 -------- d-----w- C:\SPLASH.SYS
2011-11-25 22:43 . 2011-11-25 22:44 -------- d-----w- c:\users\zhulo\AppData\Roaming\QIP
2011-11-25 22:32 . 2011-11-25 22:32 -------- d-----w- c:\windows\system32\Macromed
2011-11-25 22:01 . 2011-11-25 22:01 3141120 ----a-w- c:\windows\system32\win32k.sys
2011-11-25 22:00 . 2011-11-25 22:00 886784 ----a-w- c:\program files\Common Files\System\wab32.dll
2011-11-25 22:00 . 2011-11-25 22:00 708608 ----a-w- c:\program files (x86)\Common Files\System\wab32.dll
2011-11-25 22:00 . 2011-11-25 22:00 1897328 ----a-w- c:\windows\system32\drivers\tcpip.sys
2011-11-25 21:51 . 2011-11-25 21:51 75776 ----a-w- c:\windows\SysWow64\psisrndr.ax
2011-11-25 21:51 . 2011-11-25 21:51 72704 ----a-w- c:\windows\SysWow64\Mpeg2Data.ax
2011-11-25 21:51 . 2011-11-25 21:51 59904 ----a-w- c:\windows\SysWow64\MSDvbNP.ax
2011-11-25 21:51 . 2011-11-25 21:51 465408 ----a-w- c:\windows\SysWow64\psisdecd.dll
2011-11-25 21:51 . 2011-11-25 21:51 288256 ----a-w- c:\windows\system32\MSNP.ax
2011-11-25 21:51 . 2011-11-25 21:51 204288 ----a-w- c:\windows\SysWow64\MSNP.ax
2011-11-25 21:51 . 2011-11-25 21:51 108032 ----a-w- c:\windows\system32\psisrndr.ax
2011-11-25 21:51 . 2011-11-25 21:51 75776 ----a-w- c:\windows\system32\MSDvbNP.ax
2011-11-25 21:51 . 2011-11-25 21:51 613888 ----a-w- c:\windows\system32\psisdecd.dll
2011-11-25 21:51 . 2011-11-25 21:51 104960 ----a-w- c:\windows\system32\Mpeg2Data.ax
2011-11-25 21:50 . 2011-11-25 21:50 331776 ----a-w- c:\windows\system32\oleacc.dll
2011-11-25 21:50 . 2011-11-25 21:50 861184 ----a-w- c:\windows\system32\oleaut32.dll
2011-11-25 21:50 . 2011-11-25 21:50 571904 ----a-w- c:\windows\SysWow64\oleaut32.dll
2011-11-25 21:50 . 2011-11-25 21:50 233472 ----a-w- c:\windows\SysWow64\oleacc.dll
2011-11-25 21:49 . 2011-11-25 21:49 5507968 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-11-25 21:49 . 2011-11-25 21:49 3957120 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2011-11-25 21:49 . 2011-11-25 21:49 3902336 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2011-11-25 21:47 . 2011-11-25 21:47 287744 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-11-25 21:47 . 2011-11-25 21:47 157696 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-11-25 21:47 . 2011-11-25 21:47 126464 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2011-11-25 21:47 . 2011-11-25 21:47 64512 ----a-w- c:\windows\SysWow64\devobj.dll
2011-11-25 21:47 . 2011-11-25 21:47 44544 ----a-w- c:\windows\SysWow64\devrtl.dll
2011-11-25 21:47 . 2011-11-25 21:47 404992 ----a-w- c:\windows\system32\umpnpmgr.dll
2011-11-25 21:47 . 2011-11-25 21:47 252928 ----a-w- c:\windows\SysWow64\drvinst.exe
2011-11-25 21:47 . 2011-11-25 21:47 145920 ----a-w- c:\windows\SysWow64\cfgmgr32.dll
2011-11-25 21:46 . 2011-11-25 21:46 -------- d-----w- c:\program files (x86)\MSXML 4.0
2011-11-25 21:42 . 2011-11-25 21:42 759296 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\VGX\VGX.dll
2011-11-25 21:42 . 2011-11-25 21:42 1110528 ----a-w- c:\program files\Common Files\Microsoft Shared\VGX\VGX.dll
2011-11-25 21:42 . 2011-11-25 21:42 461312 ----a-w- c:\windows\system32\drivers\srv.sys
2011-11-25 21:42 . 2011-11-25 21:42 399872 ----a-w- c:\windows\system32\drivers\srv2.sys
2011-11-25 21:42 . 2011-11-25 21:42 161792 ----a-w- c:\windows\system32\drivers\srvnet.sys
2011-11-25 21:42 . 2011-11-25 21:42 102400 ----a-w- c:\windows\system32\drivers\dfsc.sys
2011-11-25 21:41 . 2011-11-25 21:41 499712 ----a-w- c:\windows\system32\drivers\afd.sys
2011-11-25 21:40 . 2011-11-25 21:40 976896 ----a-w- c:\windows\system32\inetcomm.dll
2011-11-25 21:40 . 2011-11-25 21:40 740864 ----a-w- c:\windows\SysWow64\inetcomm.dll
2011-11-25 21:40 . 2011-11-25 21:40 30208 ----a-w- c:\windows\system32\dnscacheugc.exe
2011-11-25 21:40 . 2011-11-25 21:40 28672 ----a-w- c:\windows\SysWow64\dnscacheugc.exe
2011-11-25 21:40 . 2011-11-25 21:40 182272 ----a-w- c:\windows\system32\dnsrslvr.dll
2011-11-25 21:40 . 2011-11-25 21:40 612352 ----a-w- c:\windows\system32\vbscript.dll
2011-11-25 21:40 . 2011-11-25 21:40 428032 ----a-w- c:\windows\SysWow64\vbscript.dll
2011-11-25 21:39 . 2011-11-25 21:39 46080 ----a-w- c:\windows\system32\atmlib.dll
2011-11-25 21:39 . 2011-11-25 21:39 367104 ----a-w- c:\windows\system32\atmfd.dll
2011-11-25 21:39 . 2011-11-25 21:39 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2011-11-25 21:39 . 2011-11-25 21:39 294912 ----a-w- c:\windows\SysWow64\atmfd.dll
2011-11-25 21:39 . 2011-11-25 21:39 267776 ----a-w- c:\windows\system32\FXSCOVER.exe
2011-11-25 21:39 . 2011-11-25 21:39 90624 ----a-w- c:\windows\system32\drivers\bowser.sys
2011-11-25 21:38 . 2011-11-25 21:38 1395712 ----a-w- c:\windows\system32\mfc42.dll
2011-11-25 21:38 . 2011-11-25 21:38 1359872 ----a-w- c:\windows\system32\mfc42u.dll
2011-11-25 21:38 . 2011-11-25 21:38 1164288 ----a-w- c:\windows\SysWow64\mfc42u.dll
2011-11-25 21:38 . 2011-11-25 21:38 1137664 ----a-w- c:\windows\SysWow64\mfc42.dll
2011-11-25 21:38 . 2011-11-25 21:38 3138048 ----a-w- c:\windows\system32\mstscax.dll
2011-11-25 21:38 . 2011-11-25 21:38 2690560 ----a-w- c:\windows\SysWow64\mstscax.dll
2011-11-25 21:38 . 2011-11-25 21:38 1097216 ----a-w- c:\windows\system32\mstsc.exe
2011-11-25 21:38 . 2011-11-25 21:38 1034240 ----a-w- c:\windows\SysWow64\mstsc.exe
2011-11-25 21:37 . 2011-11-25 21:37 961024 ----a-w- c:\windows\system32\CPFilters.dll
2011-11-25 21:37 . 2011-11-25 21:37 850432 ----a-w- c:\windows\SysWow64\sbe.dll
2011-11-25 21:37 . 2011-11-25 21:37 642048 ----a-w- c:\windows\SysWow64\CPFilters.dll
2011-11-25 21:37 . 2011-11-25 21:37 1118720 ----a-w- c:\windows\system32\sbe.dll
2011-11-25 21:37 . 2011-11-25 21:37 723968 ----a-w- c:\windows\system32\EncDec.dll
2011-11-25 21:37 . 2011-11-25 21:37 534528 ----a-w- c:\windows\SysWow64\EncDec.dll
2011-11-25 21:37 . 2011-11-25 21:37 259072 ----a-w- c:\windows\system32\mpg2splt.ax
2011-11-25 21:37 . 2011-11-25 21:37 199680 ----a-w- c:\windows\SysWow64\mpg2splt.ax
2011-11-25 21:37 . 2011-11-25 21:37 1739176 ----a-w- c:\windows\system32\ntdll.dll
2011-11-25 21:37 . 2011-11-25 21:37 1293120 ----a-w- c:\windows\SysWow64\ntdll.dll
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-11-25 22:32 . 2011-10-04 16:38 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-11-25 21:48 . 2011-11-25 21:48 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2011-11-25 21:34 . 2011-11-25 21:34 340992 ----a-w- c:\windows\system32\schannel.dll
2011-11-25 21:34 . 2011-11-25 21:34 224256 ----a-w- c:\windows\SysWow64\schannel.dll
2011-11-25 21:33 . 2011-11-25 21:33 285696 ----a-w- c:\windows\system32\schtasks.exe
2011-11-25 21:33 . 2011-11-25 21:33 179712 ----a-w- c:\windows\SysWow64\schtasks.exe
2011-11-25 21:33 . 2011-11-25 21:33 1114624 ----a-w- c:\windows\system32\schedsvc.dll
2011-11-21 11:40 . 2011-10-04 14:50 8822856 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2011-11-13 11:34 . 2011-11-13 11:34 31344 ----a-w- c:\windows\system32\drivers\cnnctfy2.sys
2011-10-26 19:45 . 2011-10-06 22:40 627600 ----a-w- c:\windows\system32\deployJava1.dll
2011-10-11 13:08 . 2011-10-11 13:08 917840 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{B6CABF72-5EA4-4473-A8E5-E25EA607687E}\gapaengine.dll
2011-10-03 22:03 . 2011-10-03 22:03 270912 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2011-10-03 19:28 . 2011-03-28 16:36 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-10-03 12:15 . 2011-10-11 13:08 601424 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SugarSync"="c:\program files (x86)\SugarSync\SugarSyncManager.exe" [2011-11-11 12210176]
"Elbserver"="c:\program files (x86)\Sony\Media Gallery\ElbServer.exe" [2009-10-15 72192]
"Infium"="c:\program files (x86)\QIP 2012\qip.exe" [2011-11-23 7248848]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"ISBMgr.exe"="c:\program files (x86)\Sony\ISB Utility\ISBMgr.exe" [2009-08-26 320880]
"MarketingTools"="c:\program files (x86)\Sony\Marketing Tools\MarketingTools.exe" [2011-10-03 26624]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-09-20 102400]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-09-07 37296]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-08-31 449608]
.
c:\users\zhulo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
networx - odkaz.lnk - d:\programy\Networkx\networx.exe [2011-11-26 4507648]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-9-4 1081632]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"HideSCAHealth"= 1 (0x1)
.
[HKEY_CURRENT_USER\software\microsoft\windows nt\currentversion\winlogon]
"Shell"="c:\users\zhulo\AppData\Local\1c454a2f\X"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
2009-12-01 21:03 98304 ----a-w- c:\windows\System32\VESWinlogon.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Služba Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-10-11 136176]
R2 Roxio Upnp Server 10;Roxio Upnp Server 10;c:\program files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe [2009-08-31 362992]
R2 SQLAgent$DATABAZA;SQL Server Agent (DATABAZA);c:\program files\Microsoft SQL Server\MSSQL10_50.DATABAZA\MSSQL\Binn\SQLAGENT.EXE [2010-04-03 428384]
R3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
R3 gupdatem;Služba Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-10-11 136176]
R3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [x]
R3 MSSQLFDLauncher$DATABAZA;SQL Full-text Filter Daemon Launcher (DATABAZA);c:\program files\Microsoft SQL Server\MSSQL10_50.DATABAZA\MSSQL\Binn\fdlauncher.exe [2010-04-03 32096]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Kontrola siete od spoločnosti Microsoft;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-04-27 288272]
R3 Roxio UPnP Renderer 10;Roxio UPnP Renderer 10;c:\program files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [2009-08-31 313840]
R3 SOHCImp;VAIO Media plus Content Importer;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2010-09-10 108400]
R3 SOHDms;VAIO Media plus Digital Media Server;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2010-10-12 423280]
R3 SOHDs;VAIO Media plus Device Searcher;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2010-09-10 67952]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2011-02-18 99104]
R4 MSOLAP$DATABAZA;SQL Server Analysis Services (DATABAZA);c:\program files\Microsoft SQL Server\MSAS10_50.DATABAZA\OLAP\bin\msmdsrv.exe [2010-04-03 54568288]
R4 MSSQL$DATABAZA;SQL Server (DATABAZA);c:\program files\Microsoft SQL Server\MSSQL10_50.DATABAZA\MSSQL\Binn\sqlservr.exe [2010-04-03 61913952]
R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2010-04-03 59744]
R4 ReportServer$DATABAZA;SQL Server Reporting Services (DATABAZA);c:\program files\Microsoft SQL Server\MSRS10_50.DATABAZA\Reporting Services\ReportServer\bin\ReportingServicesService.exe [2010-04-03 2175328]
R4 RsFx0150;RsFx0150 Driver;c:\windows\system32\DRIVERS\RsFx0150.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]
S1 cnnctfy2;Connectify LightWeight Filter;c:\windows\system32\DRIVERS\cnnctfy2.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 Connectify;Connectify;c:\program files (x86)\Connectify\ConnectifyService.exe [2011-12-01 69632]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2009-11-20 13336]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-08-31 366152]
S2 MsDtsServer;SQL Server Integration Services;c:\program files\Microsoft SQL Server\90\DTS\Binn\MsDtsSrvr.exe [2005-10-14 195288]
S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2009-10-24 360224]
S2 QipGuard;QipGuard;c:\program files (x86)\QipGuard\QipGuard.exe [2011-11-23 191440]
S2 rimspci;rimspci;c:\windows\system32\drivers\rimssne64.sys [x]
S2 risdsnpe;risdsnpe;c:\windows\system32\drivers\risdsne64.sys [x]
S2 SampleCollector;VAIO Care Performance Service;c:\program files\Sony\VAIO Care\VCPerfService.exe [2011-01-29 259192]
S2 uCamMonitor;CamMonitor;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2008-09-18 104960]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-12-14 2320920]
S2 VCFw;VAIO Content Folder Watcher;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2011-01-20 887000]
S2 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2011-05-19 549616]
S2 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2010-10-25 387896]
S2 VSNService;VSNService;c:\program files\Sony\VAIO Smart Network\VSNService.exe [2010-08-11 845312]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys [x]
S3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 Impcd;Impcd;c:\windows\system32\drivers\Impcd.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\drivers\SFEP.sys [x]
S3 SpfService;VAIO Entertainment Common Service;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [2011-01-20 286936]
S3 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe [2009-11-30 571248]
S3 VCService;VCService;c:\program files\Sony\VAIO Care\VCService.exe [2011-02-14 44736]
S3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update Common\VUAgent.exe [2011-09-23 1429608]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [x]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - 54987110
*Deregistered* - 54987110
.
Contents of the 'Scheduled Tasks' folder
.
2011-12-23 c:\windows\Tasks\AutoKMS.job
- c:\windows\AutoKMS\AutoKMS.exe [2011-10-05 16:57]
.
2011-12-23 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-10-11 21:02]
.
2011-12-23 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-10-11 21:02]
.
2011-12-22 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-949965917-3753343039-3259282721-1000Core.job
- c:\users\zhulo\AppData\Local\Google\Update\GoogleUpdate.exe [2011-10-12 21:07]
.
2011-12-23 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-949965917-3753343039-3259282721-1000UA.job
- c:\users\zhulo\AppData\Local\Google\Update\GoogleUpdate.exe [2011-10-12 21:07]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncBackedUp]
@="{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}"
[HKEY_CLASSES_ROOT\CLSID\{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}]
2011-11-11 08:36 405504 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncPending]
@="{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}"
[HKEY_CLASSES_ROOT\CLSID\{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}]
2011-11-11 08:36 405504 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncRoot]
@="{A759AFF6-5851-457D-A540-F4ECED148351}"
[HKEY_CLASSES_ROOT\CLSID\{A759AFF6-5851-457D-A540-F4ECED148351}]
2011-11-11 08:36 405504 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncShared]
@="{1574C9EF-7D58-488F-B358-8B78C1538F51}"
[HKEY_CLASSES_ROOT\CLSID\{1574C9EF-7D58-488F-B358-8B78C1538F51}]
2011-11-11 08:36 405504 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-12-16 9636896]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 1436736]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\SharedTaskScheduler]
"{1984DD45-52CF-49cd-AB77-18F378FEA264}"= "c:\program files (x86)\Stardock\Fences\FencesMenu64.dll" [2010-06-22 253288]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://qip.ru
uDefault_Search_URL = hxxp://search.qip.ru
mLocal Page = c:\windows\SysWOW64\blank.htm
uSearchAssistant = hxxp://search.qip.ru/ie
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: E&xportovať do programu Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Od&oslať do programu OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\users\zhulo\AppData\Roaming\Mozilla\Firefox\Profiles\bwbpj3wv.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2233703&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ig
FF - prefs.js: network.proxy.http - 147.175.122.1
FF - prefs.js: network.proxy.http_port - 3128
FF - prefs.js: network.proxy.type - 0
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.urlbar.autofill - True
FF - user.js: browser.xul.error_pages.enabled - true
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.max.tokenizing.time - 3000000
FF - user.js: content.maxtextrun - 8191
FF - user.js: content.notify.backoffcount - 5
FF - user.js: content.notify.interval - 750000
FF - user.js: content.notify.ontimer - true
FF - user.js: content.switch.threshold - 750000
FF - user.js: network.http.max-connections - 32
FF - user.js: network.http.max-connections-per-server - 8
FF - user.js: network.http.max-persistent-connections-per-proxy - 8
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: nglayout.initialpaint.delay - 0
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
.
- - - - ORPHANS REMOVED - - - -
.
SafeBoot-mcmscsvc
SafeBoot-MCODS
HKLM-Run-Apoint - c:\program files (x86)\Apoint\Apoint.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\msftesql]
"ImagePath"="\"c:\program files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\msftesql.exe\" -s:MSSQL.1 -f:MSSQLSERVER"
--
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SampleCollector]
"ImagePath"="\"c:\program files\Sony\VAIO Care\VCPerfService.exe\" \"/service\" \"/sstates\" \"/sampleinterval=5000\" \"/procinterval=5\" \"/dllinterval=120\" \"/counter=\Processor(_Total)\% Processor Time:1/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:1\" \"/counter=\Network Interface(*)\Bytes Total/sec:1\" \"/expandcounter=\Processor Information(*)\Processor Frequency:1\" \"/expandcounter=\Processor(*)\% Idle Time:1\" \"/expandcounter=\Processor(*)\% C1 Time:1\" \"/expandcounter=\Processor(*)\% C2 Time:1\" \"/expandcounter=\Processor(*)\% C3 Time:1\" \"/expandcounter=\Processor(*)\% Processor Time:1\" \"/directory=c:\programdata\Sony Corporation\VAIO Care\inteldata\""
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-949965917-3753343039-3259282721-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-949965917-3753343039-3259282721-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_USERS\S-1-5-21-949965917-3753343039-3259282721-1000\Software\SecuROM\License information*]
"datasecu"=hex:16,ec,ce,39,63,ef,d1,b0,da,5a,35,13,bc,b2,91,97,61,3a,5e,99,a8,
45,04,36,7a,42,eb,f2,07,13,28,5d,8d,b4,0b,d1,42,08,4f,a5,30,97,34,a4,81,36,\
"rkeysecu"=hex:3e,42,af,b1,bb,95,91,b1,05,20,f7,ad,c9,eb,94,17
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10d.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10d.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2011-12-23 15:01:45
ComboFix-quarantined-files.txt 2011-12-23 14:01
.
Pre-Run: 90 834 628 608 bytes free
Post-Run: 90 470 686 720 bytes free
.
- - End Of File - - 7A6CC051965AD48963D1046E7A1DA662
Microsoft Windows 7 Home Premium 6.1.7600.0.1250.421.1051.18.3950.2192 [GMT 1:00]
Running from: c:\users\zhulo\Downloads\ComboFix.exe
AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\LP
c:\program files (x86)\LP\985C\4C36.tmp
c:\program files (x86)\LP\985C\BAD1.tmp
c:\program files (x86)\LP\985C\CB32.tmp
c:\program files (x86)\LP\E4FC\366A.tmp
c:\program files (x86)\QIP 2012\Core\MousePhone.dll
c:\users\zhulo\AppData\Local\1c454a2f\U
c:\users\zhulo\AppData\Local\1c454a2f\U\80000000.@
c:\users\zhulo\AppData\Local\1c454a2f\U\800000cb.@
c:\users\zhulo\AppData\Local\1c454a2f\U\800000cf.@
c:\users\zhulo\AppData\Local\1c454a2f\X
c:\windows\assembly\tmp\U
c:\windows\system32\java.exe
.
.
((((((((((((((((((((((((( Files Created from 2011-11-23 to 2011-12-23 )))))))))))))))))))))))))))))))
.
.
2011-12-23 13:58 . 2011-12-23 13:58 -------- d-----w- c:\users\Default\AppData\Local\temp
2011-12-23 13:11 . 2011-12-23 13:52 69000 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{D85D7093-1D67-4E84-95E0-DAE8A8B4199B}\offreg.dll
2011-12-23 13:10 . 2011-11-21 11:40 8822856 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{D85D7093-1D67-4E84-95E0-DAE8A8B4199B}\mpengine.dll
2011-12-23 12:29 . 2011-12-23 12:29 -------- d-----w- C:\rsit
2011-12-23 12:29 . 2011-12-23 12:29 -------- d-----w- c:\program files\trend micro
2011-12-23 11:08 . 2011-12-23 11:08 -------- d-----w- c:\users\zhulo\AppData\Roaming\Malwarebytes
2011-12-23 11:07 . 2011-12-23 11:07 -------- d-----w- c:\programdata\Malwarebytes
2011-12-23 11:07 . 2011-12-23 11:07 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2011-12-23 11:07 . 2011-08-31 16:00 25416 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-12-21 23:54 . 2011-12-23 10:23 43992 ----a-w- c:\program files (x86)\Mozilla Firefox\mozutils.dll
2011-12-21 23:54 . 2011-12-21 23:54 479232 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcm80.dll
2011-12-21 23:54 . 2011-12-21 23:54 548864 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcp80.dll
2011-12-21 23:54 . 2011-12-21 23:54 626688 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcr80.dll
2011-12-14 22:35 . 2011-12-14 22:35 -------- d-----w- c:\program files (x86)\StarUML
2011-12-10 20:39 . 2011-12-10 20:39 -------- d-----w- c:\users\zhulo\AppData\Local\BlackHawk
2011-12-10 20:39 . 2011-12-10 20:39 -------- d-----w- c:\program files\NETGATE
2011-12-09 18:55 . 2011-12-17 07:10 -------- d-----w- c:\program files (x86)\5E4AF
2011-12-09 18:55 . 2011-12-11 10:08 -------- d-----w- c:\users\zhulo\AppData\Roaming\C2E5E
2011-12-04 17:06 . 2011-12-04 17:06 -------- d-----w- c:\users\zhulo\AppData\Roaming\TeamViewer
2011-12-04 06:44 . 2011-12-04 06:44 458064 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2011-12-03 19:48 . 2011-12-03 19:53 -------- d-----w- c:\users\zhulo\AppData\Local\Ubisoft Game Launcher
2011-12-01 16:02 . 2009-09-04 16:44 515416 ----a-w- c:\windows\SysWow64\XAudio2_5.dll
2011-12-01 16:02 . 2009-09-04 16:29 523088 ----a-w- c:\windows\system32\d3dx10_42.dll
2011-12-01 16:01 . 2009-09-04 16:44 69464 ----a-w- c:\windows\SysWow64\XAPOFX1_3.dll
2011-12-01 15:50 . 2011-12-03 19:25 -------- d-----w- c:\program files (x86)\Ubisoft
2011-12-01 15:50 . 2011-12-01 15:50 -------- d--h--w- c:\users\zhulo\InstallAnywhere
2011-11-30 19:32 . 2011-11-30 19:32 -------- d-----w- c:\users\zhulo\AppData\Local\Microsoft_Corporation
2011-11-30 19:30 . 2010-04-03 10:51 47968 ----a-w- c:\windows\SysWow64\perf-ReportServer$DATABAZA-rsctr.dll
2011-11-30 19:30 . 2010-04-03 09:57 77664 ----a-w- c:\windows\system32\perf-ReportServer$DATABAZA-rsctr.dll
2011-11-30 19:29 . 2010-04-03 11:51 47456 ----a-w- c:\windows\SysWow64\perf-MSSQL10_50.DATABAZA-sqlagtctr.dll
2011-11-30 19:29 . 2010-04-03 10:57 77152 ----a-w- c:\windows\system32\perf-MSSQL10_50.DATABAZA-sqlagtctr.dll
2011-11-30 19:29 . 2010-04-03 11:51 73568 ----a-w- c:\windows\SysWow64\perf-MSSQL$DATABAZA-sqlctr10.50.1600.1.dll
2011-11-30 19:29 . 2010-04-03 10:57 79200 ----a-w- c:\windows\system32\perf-MSSQL$DATABAZA-sqlctr10.50.1600.1.dll
2011-11-30 19:25 . 2011-11-30 19:25 -------- d-----w- c:\windows\system32\RsFx
2011-11-30 19:25 . 2011-11-30 19:25 -------- d-----w- c:\program files\Microsoft Analysis Services
2011-11-30 19:25 . 2011-11-30 19:25 -------- d-----w- c:\program files\Microsoft Visual Studio 9.0
2011-11-30 19:25 . 2011-11-30 19:25 -------- d-----w- c:\program files (x86)\Microsoft Visual Studio 9.0
2011-11-30 19:23 . 2011-11-30 19:23 -------- d-----w- c:\windows\system32\1033
2011-11-30 17:23 . 2011-11-30 17:23 -------- d-----w- c:\users\zhulo\AppData\Roaming\postgresql
2011-11-30 17:12 . 2011-12-23 13:52 -------- d-----w- c:\users\postgres
2011-11-30 17:11 . 2011-11-30 17:11 -------- d-----w- c:\program files\PostgreSQL
2011-11-30 16:39 . 2011-11-30 16:39 -------- d-----w- c:\program files (x86)\SQLXML 4.0
2011-11-30 16:39 . 2011-11-30 16:39 -------- d-----w- c:\program files\SQLXML 4.0
2011-11-30 16:34 . 2011-11-30 19:23 -------- d-----w- c:\windows\SysWow64\1033
2011-11-30 16:34 . 2011-11-30 16:34 -------- d-----w- c:\program files (x86)\Common Files\Merge Modules
2011-11-30 16:16 . 2011-11-30 16:16 -------- d-----w- c:\program files\Microsoft.NET
2011-11-30 16:02 . 2011-11-30 19:23 -------- d-----w- c:\program files (x86)\Microsoft SQL Server
2011-11-30 16:02 . 2011-11-30 19:27 -------- d-----w- c:\program files\Microsoft SQL Server
2011-11-28 19:38 . 2011-12-23 10:24 121816 ----a-w- c:\program files (x86)\Mozilla Firefox\components\browsercomps.dll
2011-11-26 11:48 . 2011-11-26 11:48 -------- d-----w- c:\users\zhulo\AppData\Roaming\InstallShield
2011-11-26 11:30 . 2011-11-26 11:30 -------- d-----w- c:\users\zhulo\AppData\Roaming\Stardock
2011-11-26 11:30 . 2011-11-26 11:30 -------- dc-h--w- c:\programdata\{A3A26C56-02C3-4F76-A033-12EE2FB52AE6}
2011-11-26 11:30 . 2011-11-26 11:30 -------- d-----w- c:\program files (x86)\Stardock
2011-11-26 11:30 . 2011-11-26 11:30 -------- d-----w- c:\users\zhulo\AppData\Local\PackageAware
2011-11-26 10:56 . 2011-11-26 10:56 -------- d-----w- C:\SPLASH.SYS
2011-11-25 22:43 . 2011-11-25 22:44 -------- d-----w- c:\users\zhulo\AppData\Roaming\QIP
2011-11-25 22:32 . 2011-11-25 22:32 -------- d-----w- c:\windows\system32\Macromed
2011-11-25 22:01 . 2011-11-25 22:01 3141120 ----a-w- c:\windows\system32\win32k.sys
2011-11-25 22:00 . 2011-11-25 22:00 886784 ----a-w- c:\program files\Common Files\System\wab32.dll
2011-11-25 22:00 . 2011-11-25 22:00 708608 ----a-w- c:\program files (x86)\Common Files\System\wab32.dll
2011-11-25 22:00 . 2011-11-25 22:00 1897328 ----a-w- c:\windows\system32\drivers\tcpip.sys
2011-11-25 21:51 . 2011-11-25 21:51 75776 ----a-w- c:\windows\SysWow64\psisrndr.ax
2011-11-25 21:51 . 2011-11-25 21:51 72704 ----a-w- c:\windows\SysWow64\Mpeg2Data.ax
2011-11-25 21:51 . 2011-11-25 21:51 59904 ----a-w- c:\windows\SysWow64\MSDvbNP.ax
2011-11-25 21:51 . 2011-11-25 21:51 465408 ----a-w- c:\windows\SysWow64\psisdecd.dll
2011-11-25 21:51 . 2011-11-25 21:51 288256 ----a-w- c:\windows\system32\MSNP.ax
2011-11-25 21:51 . 2011-11-25 21:51 204288 ----a-w- c:\windows\SysWow64\MSNP.ax
2011-11-25 21:51 . 2011-11-25 21:51 108032 ----a-w- c:\windows\system32\psisrndr.ax
2011-11-25 21:51 . 2011-11-25 21:51 75776 ----a-w- c:\windows\system32\MSDvbNP.ax
2011-11-25 21:51 . 2011-11-25 21:51 613888 ----a-w- c:\windows\system32\psisdecd.dll
2011-11-25 21:51 . 2011-11-25 21:51 104960 ----a-w- c:\windows\system32\Mpeg2Data.ax
2011-11-25 21:50 . 2011-11-25 21:50 331776 ----a-w- c:\windows\system32\oleacc.dll
2011-11-25 21:50 . 2011-11-25 21:50 861184 ----a-w- c:\windows\system32\oleaut32.dll
2011-11-25 21:50 . 2011-11-25 21:50 571904 ----a-w- c:\windows\SysWow64\oleaut32.dll
2011-11-25 21:50 . 2011-11-25 21:50 233472 ----a-w- c:\windows\SysWow64\oleacc.dll
2011-11-25 21:49 . 2011-11-25 21:49 5507968 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-11-25 21:49 . 2011-11-25 21:49 3957120 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2011-11-25 21:49 . 2011-11-25 21:49 3902336 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2011-11-25 21:47 . 2011-11-25 21:47 287744 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-11-25 21:47 . 2011-11-25 21:47 157696 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-11-25 21:47 . 2011-11-25 21:47 126464 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2011-11-25 21:47 . 2011-11-25 21:47 64512 ----a-w- c:\windows\SysWow64\devobj.dll
2011-11-25 21:47 . 2011-11-25 21:47 44544 ----a-w- c:\windows\SysWow64\devrtl.dll
2011-11-25 21:47 . 2011-11-25 21:47 404992 ----a-w- c:\windows\system32\umpnpmgr.dll
2011-11-25 21:47 . 2011-11-25 21:47 252928 ----a-w- c:\windows\SysWow64\drvinst.exe
2011-11-25 21:47 . 2011-11-25 21:47 145920 ----a-w- c:\windows\SysWow64\cfgmgr32.dll
2011-11-25 21:46 . 2011-11-25 21:46 -------- d-----w- c:\program files (x86)\MSXML 4.0
2011-11-25 21:42 . 2011-11-25 21:42 759296 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\VGX\VGX.dll
2011-11-25 21:42 . 2011-11-25 21:42 1110528 ----a-w- c:\program files\Common Files\Microsoft Shared\VGX\VGX.dll
2011-11-25 21:42 . 2011-11-25 21:42 461312 ----a-w- c:\windows\system32\drivers\srv.sys
2011-11-25 21:42 . 2011-11-25 21:42 399872 ----a-w- c:\windows\system32\drivers\srv2.sys
2011-11-25 21:42 . 2011-11-25 21:42 161792 ----a-w- c:\windows\system32\drivers\srvnet.sys
2011-11-25 21:42 . 2011-11-25 21:42 102400 ----a-w- c:\windows\system32\drivers\dfsc.sys
2011-11-25 21:41 . 2011-11-25 21:41 499712 ----a-w- c:\windows\system32\drivers\afd.sys
2011-11-25 21:40 . 2011-11-25 21:40 976896 ----a-w- c:\windows\system32\inetcomm.dll
2011-11-25 21:40 . 2011-11-25 21:40 740864 ----a-w- c:\windows\SysWow64\inetcomm.dll
2011-11-25 21:40 . 2011-11-25 21:40 30208 ----a-w- c:\windows\system32\dnscacheugc.exe
2011-11-25 21:40 . 2011-11-25 21:40 28672 ----a-w- c:\windows\SysWow64\dnscacheugc.exe
2011-11-25 21:40 . 2011-11-25 21:40 182272 ----a-w- c:\windows\system32\dnsrslvr.dll
2011-11-25 21:40 . 2011-11-25 21:40 612352 ----a-w- c:\windows\system32\vbscript.dll
2011-11-25 21:40 . 2011-11-25 21:40 428032 ----a-w- c:\windows\SysWow64\vbscript.dll
2011-11-25 21:39 . 2011-11-25 21:39 46080 ----a-w- c:\windows\system32\atmlib.dll
2011-11-25 21:39 . 2011-11-25 21:39 367104 ----a-w- c:\windows\system32\atmfd.dll
2011-11-25 21:39 . 2011-11-25 21:39 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2011-11-25 21:39 . 2011-11-25 21:39 294912 ----a-w- c:\windows\SysWow64\atmfd.dll
2011-11-25 21:39 . 2011-11-25 21:39 267776 ----a-w- c:\windows\system32\FXSCOVER.exe
2011-11-25 21:39 . 2011-11-25 21:39 90624 ----a-w- c:\windows\system32\drivers\bowser.sys
2011-11-25 21:38 . 2011-11-25 21:38 1395712 ----a-w- c:\windows\system32\mfc42.dll
2011-11-25 21:38 . 2011-11-25 21:38 1359872 ----a-w- c:\windows\system32\mfc42u.dll
2011-11-25 21:38 . 2011-11-25 21:38 1164288 ----a-w- c:\windows\SysWow64\mfc42u.dll
2011-11-25 21:38 . 2011-11-25 21:38 1137664 ----a-w- c:\windows\SysWow64\mfc42.dll
2011-11-25 21:38 . 2011-11-25 21:38 3138048 ----a-w- c:\windows\system32\mstscax.dll
2011-11-25 21:38 . 2011-11-25 21:38 2690560 ----a-w- c:\windows\SysWow64\mstscax.dll
2011-11-25 21:38 . 2011-11-25 21:38 1097216 ----a-w- c:\windows\system32\mstsc.exe
2011-11-25 21:38 . 2011-11-25 21:38 1034240 ----a-w- c:\windows\SysWow64\mstsc.exe
2011-11-25 21:37 . 2011-11-25 21:37 961024 ----a-w- c:\windows\system32\CPFilters.dll
2011-11-25 21:37 . 2011-11-25 21:37 850432 ----a-w- c:\windows\SysWow64\sbe.dll
2011-11-25 21:37 . 2011-11-25 21:37 642048 ----a-w- c:\windows\SysWow64\CPFilters.dll
2011-11-25 21:37 . 2011-11-25 21:37 1118720 ----a-w- c:\windows\system32\sbe.dll
2011-11-25 21:37 . 2011-11-25 21:37 723968 ----a-w- c:\windows\system32\EncDec.dll
2011-11-25 21:37 . 2011-11-25 21:37 534528 ----a-w- c:\windows\SysWow64\EncDec.dll
2011-11-25 21:37 . 2011-11-25 21:37 259072 ----a-w- c:\windows\system32\mpg2splt.ax
2011-11-25 21:37 . 2011-11-25 21:37 199680 ----a-w- c:\windows\SysWow64\mpg2splt.ax
2011-11-25 21:37 . 2011-11-25 21:37 1739176 ----a-w- c:\windows\system32\ntdll.dll
2011-11-25 21:37 . 2011-11-25 21:37 1293120 ----a-w- c:\windows\SysWow64\ntdll.dll
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-11-25 22:32 . 2011-10-04 16:38 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-11-25 21:48 . 2011-11-25 21:48 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2011-11-25 21:34 . 2011-11-25 21:34 340992 ----a-w- c:\windows\system32\schannel.dll
2011-11-25 21:34 . 2011-11-25 21:34 224256 ----a-w- c:\windows\SysWow64\schannel.dll
2011-11-25 21:33 . 2011-11-25 21:33 285696 ----a-w- c:\windows\system32\schtasks.exe
2011-11-25 21:33 . 2011-11-25 21:33 179712 ----a-w- c:\windows\SysWow64\schtasks.exe
2011-11-25 21:33 . 2011-11-25 21:33 1114624 ----a-w- c:\windows\system32\schedsvc.dll
2011-11-21 11:40 . 2011-10-04 14:50 8822856 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2011-11-13 11:34 . 2011-11-13 11:34 31344 ----a-w- c:\windows\system32\drivers\cnnctfy2.sys
2011-10-26 19:45 . 2011-10-06 22:40 627600 ----a-w- c:\windows\system32\deployJava1.dll
2011-10-11 13:08 . 2011-10-11 13:08 917840 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{B6CABF72-5EA4-4473-A8E5-E25EA607687E}\gapaengine.dll
2011-10-03 22:03 . 2011-10-03 22:03 270912 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2011-10-03 19:28 . 2011-03-28 16:36 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-10-03 12:15 . 2011-10-11 13:08 601424 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SugarSync"="c:\program files (x86)\SugarSync\SugarSyncManager.exe" [2011-11-11 12210176]
"Elbserver"="c:\program files (x86)\Sony\Media Gallery\ElbServer.exe" [2009-10-15 72192]
"Infium"="c:\program files (x86)\QIP 2012\qip.exe" [2011-11-23 7248848]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"ISBMgr.exe"="c:\program files (x86)\Sony\ISB Utility\ISBMgr.exe" [2009-08-26 320880]
"MarketingTools"="c:\program files (x86)\Sony\Marketing Tools\MarketingTools.exe" [2011-10-03 26624]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-09-20 102400]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-09-07 37296]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-08-31 449608]
.
c:\users\zhulo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
networx - odkaz.lnk - d:\programy\Networkx\networx.exe [2011-11-26 4507648]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-9-4 1081632]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"HideSCAHealth"= 1 (0x1)
.
[HKEY_CURRENT_USER\software\microsoft\windows nt\currentversion\winlogon]
"Shell"="c:\users\zhulo\AppData\Local\1c454a2f\X"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
2009-12-01 21:03 98304 ----a-w- c:\windows\System32\VESWinlogon.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Služba Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-10-11 136176]
R2 Roxio Upnp Server 10;Roxio Upnp Server 10;c:\program files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe [2009-08-31 362992]
R2 SQLAgent$DATABAZA;SQL Server Agent (DATABAZA);c:\program files\Microsoft SQL Server\MSSQL10_50.DATABAZA\MSSQL\Binn\SQLAGENT.EXE [2010-04-03 428384]
R3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
R3 gupdatem;Služba Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-10-11 136176]
R3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [x]
R3 MSSQLFDLauncher$DATABAZA;SQL Full-text Filter Daemon Launcher (DATABAZA);c:\program files\Microsoft SQL Server\MSSQL10_50.DATABAZA\MSSQL\Binn\fdlauncher.exe [2010-04-03 32096]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Kontrola siete od spoločnosti Microsoft;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-04-27 288272]
R3 Roxio UPnP Renderer 10;Roxio UPnP Renderer 10;c:\program files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [2009-08-31 313840]
R3 SOHCImp;VAIO Media plus Content Importer;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2010-09-10 108400]
R3 SOHDms;VAIO Media plus Digital Media Server;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2010-10-12 423280]
R3 SOHDs;VAIO Media plus Device Searcher;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2010-09-10 67952]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2011-02-18 99104]
R4 MSOLAP$DATABAZA;SQL Server Analysis Services (DATABAZA);c:\program files\Microsoft SQL Server\MSAS10_50.DATABAZA\OLAP\bin\msmdsrv.exe [2010-04-03 54568288]
R4 MSSQL$DATABAZA;SQL Server (DATABAZA);c:\program files\Microsoft SQL Server\MSSQL10_50.DATABAZA\MSSQL\Binn\sqlservr.exe [2010-04-03 61913952]
R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2010-04-03 59744]
R4 ReportServer$DATABAZA;SQL Server Reporting Services (DATABAZA);c:\program files\Microsoft SQL Server\MSRS10_50.DATABAZA\Reporting Services\ReportServer\bin\ReportingServicesService.exe [2010-04-03 2175328]
R4 RsFx0150;RsFx0150 Driver;c:\windows\system32\DRIVERS\RsFx0150.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]
S1 cnnctfy2;Connectify LightWeight Filter;c:\windows\system32\DRIVERS\cnnctfy2.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 Connectify;Connectify;c:\program files (x86)\Connectify\ConnectifyService.exe [2011-12-01 69632]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2009-11-20 13336]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-08-31 366152]
S2 MsDtsServer;SQL Server Integration Services;c:\program files\Microsoft SQL Server\90\DTS\Binn\MsDtsSrvr.exe [2005-10-14 195288]
S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2009-10-24 360224]
S2 QipGuard;QipGuard;c:\program files (x86)\QipGuard\QipGuard.exe [2011-11-23 191440]
S2 rimspci;rimspci;c:\windows\system32\drivers\rimssne64.sys [x]
S2 risdsnpe;risdsnpe;c:\windows\system32\drivers\risdsne64.sys [x]
S2 SampleCollector;VAIO Care Performance Service;c:\program files\Sony\VAIO Care\VCPerfService.exe [2011-01-29 259192]
S2 uCamMonitor;CamMonitor;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2008-09-18 104960]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-12-14 2320920]
S2 VCFw;VAIO Content Folder Watcher;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2011-01-20 887000]
S2 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2011-05-19 549616]
S2 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2010-10-25 387896]
S2 VSNService;VSNService;c:\program files\Sony\VAIO Smart Network\VSNService.exe [2010-08-11 845312]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys [x]
S3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 Impcd;Impcd;c:\windows\system32\drivers\Impcd.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\drivers\SFEP.sys [x]
S3 SpfService;VAIO Entertainment Common Service;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [2011-01-20 286936]
S3 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe [2009-11-30 571248]
S3 VCService;VCService;c:\program files\Sony\VAIO Care\VCService.exe [2011-02-14 44736]
S3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update Common\VUAgent.exe [2011-09-23 1429608]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [x]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - 54987110
*Deregistered* - 54987110
.
Contents of the 'Scheduled Tasks' folder
.
2011-12-23 c:\windows\Tasks\AutoKMS.job
- c:\windows\AutoKMS\AutoKMS.exe [2011-10-05 16:57]
.
2011-12-23 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-10-11 21:02]
.
2011-12-23 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-10-11 21:02]
.
2011-12-22 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-949965917-3753343039-3259282721-1000Core.job
- c:\users\zhulo\AppData\Local\Google\Update\GoogleUpdate.exe [2011-10-12 21:07]
.
2011-12-23 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-949965917-3753343039-3259282721-1000UA.job
- c:\users\zhulo\AppData\Local\Google\Update\GoogleUpdate.exe [2011-10-12 21:07]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncBackedUp]
@="{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}"
[HKEY_CLASSES_ROOT\CLSID\{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}]
2011-11-11 08:36 405504 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncPending]
@="{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}"
[HKEY_CLASSES_ROOT\CLSID\{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}]
2011-11-11 08:36 405504 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncRoot]
@="{A759AFF6-5851-457D-A540-F4ECED148351}"
[HKEY_CLASSES_ROOT\CLSID\{A759AFF6-5851-457D-A540-F4ECED148351}]
2011-11-11 08:36 405504 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncShared]
@="{1574C9EF-7D58-488F-B358-8B78C1538F51}"
[HKEY_CLASSES_ROOT\CLSID\{1574C9EF-7D58-488F-B358-8B78C1538F51}]
2011-11-11 08:36 405504 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-12-16 9636896]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 1436736]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\SharedTaskScheduler]
"{1984DD45-52CF-49cd-AB77-18F378FEA264}"= "c:\program files (x86)\Stardock\Fences\FencesMenu64.dll" [2010-06-22 253288]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://qip.ru
uDefault_Search_URL = hxxp://search.qip.ru
mLocal Page = c:\windows\SysWOW64\blank.htm
uSearchAssistant = hxxp://search.qip.ru/ie
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: E&xportovať do programu Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Od&oslať do programu OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\users\zhulo\AppData\Roaming\Mozilla\Firefox\Profiles\bwbpj3wv.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2233703&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ig
FF - prefs.js: network.proxy.http - 147.175.122.1
FF - prefs.js: network.proxy.http_port - 3128
FF - prefs.js: network.proxy.type - 0
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.urlbar.autofill - True
FF - user.js: browser.xul.error_pages.enabled - true
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.max.tokenizing.time - 3000000
FF - user.js: content.maxtextrun - 8191
FF - user.js: content.notify.backoffcount - 5
FF - user.js: content.notify.interval - 750000
FF - user.js: content.notify.ontimer - true
FF - user.js: content.switch.threshold - 750000
FF - user.js: network.http.max-connections - 32
FF - user.js: network.http.max-connections-per-server - 8
FF - user.js: network.http.max-persistent-connections-per-proxy - 8
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: nglayout.initialpaint.delay - 0
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
.
- - - - ORPHANS REMOVED - - - -
.
SafeBoot-mcmscsvc
SafeBoot-MCODS
HKLM-Run-Apoint - c:\program files (x86)\Apoint\Apoint.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\msftesql]
"ImagePath"="\"c:\program files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\msftesql.exe\" -s:MSSQL.1 -f:MSSQLSERVER"
--
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SampleCollector]
"ImagePath"="\"c:\program files\Sony\VAIO Care\VCPerfService.exe\" \"/service\" \"/sstates\" \"/sampleinterval=5000\" \"/procinterval=5\" \"/dllinterval=120\" \"/counter=\Processor(_Total)\% Processor Time:1/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:1\" \"/counter=\Network Interface(*)\Bytes Total/sec:1\" \"/expandcounter=\Processor Information(*)\Processor Frequency:1\" \"/expandcounter=\Processor(*)\% Idle Time:1\" \"/expandcounter=\Processor(*)\% C1 Time:1\" \"/expandcounter=\Processor(*)\% C2 Time:1\" \"/expandcounter=\Processor(*)\% C3 Time:1\" \"/expandcounter=\Processor(*)\% Processor Time:1\" \"/directory=c:\programdata\Sony Corporation\VAIO Care\inteldata\""
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-949965917-3753343039-3259282721-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-949965917-3753343039-3259282721-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_USERS\S-1-5-21-949965917-3753343039-3259282721-1000\Software\SecuROM\License information*]
"datasecu"=hex:16,ec,ce,39,63,ef,d1,b0,da,5a,35,13,bc,b2,91,97,61,3a,5e,99,a8,
45,04,36,7a,42,eb,f2,07,13,28,5d,8d,b4,0b,d1,42,08,4f,a5,30,97,34,a4,81,36,\
"rkeysecu"=hex:3e,42,af,b1,bb,95,91,b1,05,20,f7,ad,c9,eb,94,17
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10d.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10d.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2011-12-23 15:01:45
ComboFix-quarantined-files.txt 2011-12-23 14:01
.
Pre-Run: 90 834 628 608 bytes free
Post-Run: 90 470 686 720 bytes free
.
- - End Of File - - 7A6CC051965AD48963D1046E7A1DA662
Re: Odstranenie viru
Aplikujte exeHelper by Raktor
- Linky ke stazeni
- COM soubor http://vyosek.ic.cz/BE/exeHelper.com
- SCR soubor http://vyosek.ic.cz/BE/exeHelper.scr
- Utilitu staci spustit jako Spravce (klik pravym mysidlem), probehne oprava a vznikne log exehelperlog.txt
Pokud nemate, tak presunte Combofix na plochu
- Spustte poznamkovy blok (Start-spustit-notepad)
- Zkopirujte skript nize
Kód: Vybrat vše
KillAll:: Folder:: c:\program files (x86)\5E4AF c:\users\zhulo\AppData\Roaming\C2E5E c:\users\zhulo\AppData\Local\1c454a2f c:\windows\AutoKMS Registry:: [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Infium"=- [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "StartCCC"=- "SwitchBoard"=- "Adobe Reader Speed Launcher"=- "Malwarebytes' Anti-Malware"=- [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] "Shell"="explorer.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "AdobeAAMUpdater-1.0"=- Driver:: gupdate gupdatem 54987110 File:: C:\Windows\tasks\AutoKMS.job C:\Windows\tasks\GoogleUpdateTaskMachineCore.job C:\Windows\tasks\GoogleUpdateTaskMachineUA.job C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-949965917-3753343039-3259282721-1000Core.job C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-949965917-3753343039-3259282721-1000UA.job DDS:: uStart Page = hxxp://qip.ru uDefault_Search_URL = hxxp://search.qip.ru mLocal Page = c:\windows\SysWOW64\blank.htm uSearchAssistant = hxxp://search.qip.ru/ie Firefox:: FF - ProfilePath - c:\users\zhulo\AppData\Roaming\Mozilla\Firefox\Profiles\bwbpj3wv.default\ FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.as ... ource=3&q={searchTerms} FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ig FF - prefs.js: network.proxy.http - 147.175.122.1 FF - prefs.js: network.proxy.http_port - 3128 FF - prefs.js: network.proxy.type - 0 FF - user.js: browser.cache.memory.capacity - 65536 FF - user.js: browser.display.show_image_placeholders - true FF - user.js: browser.chrome.favicons - false FF - user.js: browser.turbo.enabled - true FF - user.js: browser.urlbar.autocomplete.enabled - true FF - user.js: browser.urlbar.autofill - True FF - user.js: browser.xul.error_pages.enabled - true FF - user.js: content.interrupt.parsing - true FF - user.js: content.max.tokenizing.time - 3000000 FF - user.js: content.maxtextrun - 8191 FF - user.js: content.notify.backoffcount - 5 FF - user.js: content.notify.interval - 750000 FF - user.js: content.notify.ontimer - true FF - user.js: content.switch.threshold - 750000 FF - user.js: network.http.max-connections - 32 FF - user.js: network.http.max-connections-per-server - 8 FF - user.js: network.http.max-persistent-connections-per-proxy - 8 FF - user.js: network.http.max-persistent-connections-per-server - 4 FF - user.js: network.http.pipelining - true FF - user.js: network.http.pipelining.maxrequests - 8 FF - user.js: network.http.proxy.pipelining - true FF - user.js: network.http.request.max-start-delay - 0 FF - user.js: nglayout.initialpaint.delay - 0 FF - user.js: plugin.expose_full_path - true FF - user.js: ui.submenuDelay - 0 RegNull:: [HKEY_USERS\S-1-5-21-949965917-3753343039-3259282721-1000\Software\SecuROM\License information*] RegLock:: [HKEY_USERS\S-1-5-21-949965917-3753343039-3259282721-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice] [HKEY_USERS\S-1-5-21-949965917-3753343039-3259282721-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}] [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}] [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3] [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings] [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] ClearJavaCache:: AtJob:: Reboot::- Ulozte vytvoreny TXT jako CFScript.txt
- Pretahnete vytvoreny CFScript.txt nad Combofix a pustte (viz obrazek nize)
- Po aplikaci skriptu (a pripadnem restartu) na Vas vypadne log, jeho obsah sem vlozte
Muze se stat, ze po aplikaci skriptu nenabehnou windows, v tomto pripade restartuje PC a mackejte F8 a zvolte Posledni znamou konfiguraci"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Odstranenie viru
ComboFix 11-12-23.01 - zhulo . 12. 2011 15:55:36.2.4 - x64
Microsoft Windows 7 Home Premium 6.1.7600.0.1250.421.1051.18.3950.1980 [GMT 1:00]
Running from: c:\users\zhulo\Desktop\ComboFix.exe
Command switches used :: c:\users\zhulo\Desktop\CFScript.txt
AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\tasks\AutoKMS.job"
"c:\windows\tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\tasks\GoogleUpdateTaskMachineUA.job"
"c:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-949965917-3753343039-3259282721-1000Core.job"
"c:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-949965917-3753343039-3259282721-1000UA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\5E4AF
c:\users\zhulo\AppData\Local\1c454a2f
c:\users\zhulo\AppData\Local\1c454a2f\@
c:\users\zhulo\AppData\Local\1c454a2f\loader.tlb
c:\users\zhulo\AppData\Roaming\C2E5E
c:\users\zhulo\AppData\Roaming\C2E5E\E4AF.2E5
c:\windows\AutoKMS
c:\windows\AutoKMS\AutoKMS.exe
c:\windows\AutoKMS\AutoKMS.ini
c:\windows\AutoKMS\AutoKMS.log
c:\windows\tasks\AutoKMS.job
c:\windows\tasks\GoogleUpdateTaskMachineCore.job
c:\windows\tasks\GoogleUpdateTaskMachineUA.job
c:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-949965917-3753343039-3259282721-1000Core.job
c:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-949965917-3753343039-3259282721-1000UA.job
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_54987110
-------\Service_gupdate
-------\Service_gupdatem
.
.
((((((((((((((((((((((((( Files Created from 2011-11-23 to 2011-12-23 )))))))))))))))))))))))))))))))
.
.
2011-12-23 15:01 . 2011-12-23 15:01 69000 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{D85D7093-1D67-4E84-95E0-DAE8A8B4199B}\offreg.dll
2011-12-23 13:10 . 2011-11-21 11:40 8822856 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{D85D7093-1D67-4E84-95E0-DAE8A8B4199B}\mpengine.dll
2011-12-23 12:29 . 2011-12-23 12:29 -------- d-----w- C:\rsit
2011-12-23 12:29 . 2011-12-23 12:29 -------- d-----w- c:\program files\trend micro
2011-12-23 11:08 . 2011-12-23 11:08 -------- d-----w- c:\users\zhulo\AppData\Roaming\Malwarebytes
2011-12-23 11:07 . 2011-12-23 11:07 -------- d-----w- c:\programdata\Malwarebytes
2011-12-23 11:07 . 2011-12-23 11:07 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2011-12-23 11:07 . 2011-08-31 16:00 25416 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-12-21 23:54 . 2011-12-23 10:23 43992 ----a-w- c:\program files (x86)\Mozilla Firefox\mozutils.dll
2011-12-21 23:54 . 2011-12-21 23:54 479232 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcm80.dll
2011-12-21 23:54 . 2011-12-21 23:54 548864 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcp80.dll
2011-12-21 23:54 . 2011-12-21 23:54 626688 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcr80.dll
2011-12-14 22:35 . 2011-12-14 22:35 -------- d-----w- c:\program files (x86)\StarUML
2011-12-10 20:39 . 2011-12-10 20:39 -------- d-----w- c:\users\zhulo\AppData\Local\BlackHawk
2011-12-10 20:39 . 2011-12-10 20:39 -------- d-----w- c:\program files\NETGATE
2011-12-04 17:06 . 2011-12-04 17:06 -------- d-----w- c:\users\zhulo\AppData\Roaming\TeamViewer
2011-12-04 06:44 . 2011-12-04 06:44 458064 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2011-12-03 19:48 . 2011-12-03 19:53 -------- d-----w- c:\users\zhulo\AppData\Local\Ubisoft Game Launcher
2011-12-01 16:02 . 2009-09-04 16:44 515416 ----a-w- c:\windows\SysWow64\XAudio2_5.dll
2011-12-01 16:02 . 2009-09-04 16:29 523088 ----a-w- c:\windows\system32\d3dx10_42.dll
2011-12-01 16:01 . 2009-09-04 16:44 69464 ----a-w- c:\windows\SysWow64\XAPOFX1_3.dll
2011-12-01 15:50 . 2011-12-03 19:25 -------- d-----w- c:\program files (x86)\Ubisoft
2011-12-01 15:50 . 2011-12-01 15:50 -------- d--h--w- c:\users\zhulo\InstallAnywhere
2011-11-30 19:32 . 2011-11-30 19:32 -------- d-----w- c:\users\zhulo\AppData\Local\Microsoft_Corporation
2011-11-30 19:30 . 2010-04-03 10:51 47968 ----a-w- c:\windows\SysWow64\perf-ReportServer$DATABAZA-rsctr.dll
2011-11-30 19:30 . 2010-04-03 09:57 77664 ----a-w- c:\windows\system32\perf-ReportServer$DATABAZA-rsctr.dll
2011-11-30 19:29 . 2010-04-03 11:51 47456 ----a-w- c:\windows\SysWow64\perf-MSSQL10_50.DATABAZA-sqlagtctr.dll
2011-11-30 19:29 . 2010-04-03 10:57 77152 ----a-w- c:\windows\system32\perf-MSSQL10_50.DATABAZA-sqlagtctr.dll
2011-11-30 19:29 . 2010-04-03 11:51 73568 ----a-w- c:\windows\SysWow64\perf-MSSQL$DATABAZA-sqlctr10.50.1600.1.dll
2011-11-30 19:29 . 2010-04-03 10:57 79200 ----a-w- c:\windows\system32\perf-MSSQL$DATABAZA-sqlctr10.50.1600.1.dll
2011-11-30 19:25 . 2011-11-30 19:25 -------- d-----w- c:\windows\system32\RsFx
2011-11-30 19:25 . 2011-11-30 19:25 -------- d-----w- c:\program files\Microsoft Analysis Services
2011-11-30 19:25 . 2011-11-30 19:25 -------- d-----w- c:\program files\Microsoft Visual Studio 9.0
2011-11-30 19:25 . 2011-11-30 19:25 -------- d-----w- c:\program files (x86)\Microsoft Visual Studio 9.0
2011-11-30 19:23 . 2011-11-30 19:23 -------- d-----w- c:\windows\system32\1033
2011-11-30 17:23 . 2011-11-30 17:23 -------- d-----w- c:\users\zhulo\AppData\Roaming\postgresql
2011-11-30 17:12 . 2011-12-23 13:52 -------- d-----w- c:\users\postgres
2011-11-30 17:11 . 2011-11-30 17:11 -------- d-----w- c:\program files\PostgreSQL
2011-11-30 16:39 . 2011-11-30 16:39 -------- d-----w- c:\program files (x86)\SQLXML 4.0
2011-11-30 16:39 . 2011-11-30 16:39 -------- d-----w- c:\program files\SQLXML 4.0
2011-11-30 16:34 . 2011-11-30 19:23 -------- d-----w- c:\windows\SysWow64\1033
2011-11-30 16:34 . 2011-11-30 16:34 -------- d-----w- c:\program files (x86)\Common Files\Merge Modules
2011-11-30 16:16 . 2011-11-30 16:16 -------- d-----w- c:\program files\Microsoft.NET
2011-11-30 16:02 . 2011-11-30 19:23 -------- d-----w- c:\program files (x86)\Microsoft SQL Server
2011-11-30 16:02 . 2011-11-30 19:27 -------- d-----w- c:\program files\Microsoft SQL Server
2011-11-28 19:38 . 2011-12-23 10:24 121816 ----a-w- c:\program files (x86)\Mozilla Firefox\components\browsercomps.dll
2011-11-26 11:48 . 2011-11-26 11:48 -------- d-----w- c:\users\zhulo\AppData\Roaming\InstallShield
2011-11-26 11:30 . 2011-11-26 11:30 -------- d-----w- c:\users\zhulo\AppData\Roaming\Stardock
2011-11-26 11:30 . 2011-11-26 11:30 -------- dc-h--w- c:\programdata\{A3A26C56-02C3-4F76-A033-12EE2FB52AE6}
2011-11-26 11:30 . 2011-11-26 11:30 -------- d-----w- c:\program files (x86)\Stardock
2011-11-26 11:30 . 2011-11-26 11:30 -------- d-----w- c:\users\zhulo\AppData\Local\PackageAware
2011-11-26 10:56 . 2011-11-26 10:56 -------- d-----w- C:\SPLASH.SYS
2011-11-25 22:43 . 2011-11-25 22:44 -------- d-----w- c:\users\zhulo\AppData\Roaming\QIP
2011-11-25 22:32 . 2011-11-25 22:32 -------- d-----w- c:\windows\system32\Macromed
2011-11-25 22:01 . 2011-11-25 22:01 3141120 ----a-w- c:\windows\system32\win32k.sys
2011-11-25 22:00 . 2011-11-25 22:00 886784 ----a-w- c:\program files\Common Files\System\wab32.dll
2011-11-25 22:00 . 2011-11-25 22:00 708608 ----a-w- c:\program files (x86)\Common Files\System\wab32.dll
2011-11-25 22:00 . 2011-11-25 22:00 1897328 ----a-w- c:\windows\system32\drivers\tcpip.sys
2011-11-25 21:51 . 2011-11-25 21:51 75776 ----a-w- c:\windows\SysWow64\psisrndr.ax
2011-11-25 21:51 . 2011-11-25 21:51 72704 ----a-w- c:\windows\SysWow64\Mpeg2Data.ax
2011-11-25 21:51 . 2011-11-25 21:51 59904 ----a-w- c:\windows\SysWow64\MSDvbNP.ax
2011-11-25 21:51 . 2011-11-25 21:51 465408 ----a-w- c:\windows\SysWow64\psisdecd.dll
2011-11-25 21:51 . 2011-11-25 21:51 288256 ----a-w- c:\windows\system32\MSNP.ax
2011-11-25 21:51 . 2011-11-25 21:51 204288 ----a-w- c:\windows\SysWow64\MSNP.ax
2011-11-25 21:51 . 2011-11-25 21:51 108032 ----a-w- c:\windows\system32\psisrndr.ax
2011-11-25 21:51 . 2011-11-25 21:51 75776 ----a-w- c:\windows\system32\MSDvbNP.ax
2011-11-25 21:51 . 2011-11-25 21:51 613888 ----a-w- c:\windows\system32\psisdecd.dll
2011-11-25 21:51 . 2011-11-25 21:51 104960 ----a-w- c:\windows\system32\Mpeg2Data.ax
2011-11-25 21:50 . 2011-11-25 21:50 331776 ----a-w- c:\windows\system32\oleacc.dll
2011-11-25 21:50 . 2011-11-25 21:50 861184 ----a-w- c:\windows\system32\oleaut32.dll
2011-11-25 21:50 . 2011-11-25 21:50 571904 ----a-w- c:\windows\SysWow64\oleaut32.dll
2011-11-25 21:50 . 2011-11-25 21:50 233472 ----a-w- c:\windows\SysWow64\oleacc.dll
2011-11-25 21:49 . 2011-11-25 21:49 5507968 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-11-25 21:49 . 2011-11-25 21:49 3957120 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2011-11-25 21:49 . 2011-11-25 21:49 3902336 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2011-11-25 21:47 . 2011-11-25 21:47 287744 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-11-25 21:47 . 2011-11-25 21:47 157696 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-11-25 21:47 . 2011-11-25 21:47 126464 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2011-11-25 21:47 . 2011-11-25 21:47 64512 ----a-w- c:\windows\SysWow64\devobj.dll
2011-11-25 21:47 . 2011-11-25 21:47 44544 ----a-w- c:\windows\SysWow64\devrtl.dll
2011-11-25 21:47 . 2011-11-25 21:47 404992 ----a-w- c:\windows\system32\umpnpmgr.dll
2011-11-25 21:47 . 2011-11-25 21:47 252928 ----a-w- c:\windows\SysWow64\drvinst.exe
2011-11-25 21:47 . 2011-11-25 21:47 145920 ----a-w- c:\windows\SysWow64\cfgmgr32.dll
2011-11-25 21:46 . 2011-11-25 21:46 -------- d-----w- c:\program files (x86)\MSXML 4.0
2011-11-25 21:42 . 2011-11-25 21:42 759296 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\VGX\VGX.dll
2011-11-25 21:42 . 2011-11-25 21:42 1110528 ----a-w- c:\program files\Common Files\Microsoft Shared\VGX\VGX.dll
2011-11-25 21:42 . 2011-11-25 21:42 461312 ----a-w- c:\windows\system32\drivers\srv.sys
2011-11-25 21:42 . 2011-11-25 21:42 399872 ----a-w- c:\windows\system32\drivers\srv2.sys
2011-11-25 21:42 . 2011-11-25 21:42 161792 ----a-w- c:\windows\system32\drivers\srvnet.sys
2011-11-25 21:42 . 2011-11-25 21:42 102400 ----a-w- c:\windows\system32\drivers\dfsc.sys
2011-11-25 21:41 . 2011-11-25 21:41 499712 ----a-w- c:\windows\system32\drivers\afd.sys
2011-11-25 21:40 . 2011-11-25 21:40 976896 ----a-w- c:\windows\system32\inetcomm.dll
2011-11-25 21:40 . 2011-11-25 21:40 740864 ----a-w- c:\windows\SysWow64\inetcomm.dll
2011-11-25 21:40 . 2011-11-25 21:40 30208 ----a-w- c:\windows\system32\dnscacheugc.exe
2011-11-25 21:40 . 2011-11-25 21:40 28672 ----a-w- c:\windows\SysWow64\dnscacheugc.exe
2011-11-25 21:40 . 2011-11-25 21:40 182272 ----a-w- c:\windows\system32\dnsrslvr.dll
2011-11-25 21:40 . 2011-11-25 21:40 612352 ----a-w- c:\windows\system32\vbscript.dll
2011-11-25 21:40 . 2011-11-25 21:40 428032 ----a-w- c:\windows\SysWow64\vbscript.dll
2011-11-25 21:39 . 2011-11-25 21:39 46080 ----a-w- c:\windows\system32\atmlib.dll
2011-11-25 21:39 . 2011-11-25 21:39 367104 ----a-w- c:\windows\system32\atmfd.dll
2011-11-25 21:39 . 2011-11-25 21:39 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2011-11-25 21:39 . 2011-11-25 21:39 294912 ----a-w- c:\windows\SysWow64\atmfd.dll
2011-11-25 21:39 . 2011-11-25 21:39 267776 ----a-w- c:\windows\system32\FXSCOVER.exe
2011-11-25 21:39 . 2011-11-25 21:39 90624 ----a-w- c:\windows\system32\drivers\bowser.sys
2011-11-25 21:38 . 2011-11-25 21:38 1395712 ----a-w- c:\windows\system32\mfc42.dll
2011-11-25 21:38 . 2011-11-25 21:38 1359872 ----a-w- c:\windows\system32\mfc42u.dll
2011-11-25 21:38 . 2011-11-25 21:38 1164288 ----a-w- c:\windows\SysWow64\mfc42u.dll
2011-11-25 21:38 . 2011-11-25 21:38 1137664 ----a-w- c:\windows\SysWow64\mfc42.dll
2011-11-25 21:38 . 2011-11-25 21:38 3138048 ----a-w- c:\windows\system32\mstscax.dll
2011-11-25 21:38 . 2011-11-25 21:38 2690560 ----a-w- c:\windows\SysWow64\mstscax.dll
2011-11-25 21:38 . 2011-11-25 21:38 1097216 ----a-w- c:\windows\system32\mstsc.exe
2011-11-25 21:38 . 2011-11-25 21:38 1034240 ----a-w- c:\windows\SysWow64\mstsc.exe
2011-11-25 21:37 . 2011-11-25 21:37 961024 ----a-w- c:\windows\system32\CPFilters.dll
2011-11-25 21:37 . 2011-11-25 21:37 850432 ----a-w- c:\windows\SysWow64\sbe.dll
2011-11-25 21:37 . 2011-11-25 21:37 642048 ----a-w- c:\windows\SysWow64\CPFilters.dll
2011-11-25 21:37 . 2011-11-25 21:37 1118720 ----a-w- c:\windows\system32\sbe.dll
2011-11-25 21:37 . 2011-11-25 21:37 723968 ----a-w- c:\windows\system32\EncDec.dll
2011-11-25 21:37 . 2011-11-25 21:37 534528 ----a-w- c:\windows\SysWow64\EncDec.dll
2011-11-25 21:37 . 2011-11-25 21:37 259072 ----a-w- c:\windows\system32\mpg2splt.ax
2011-11-25 21:37 . 2011-11-25 21:37 199680 ----a-w- c:\windows\SysWow64\mpg2splt.ax
2011-11-25 21:37 . 2011-11-25 21:37 1739176 ----a-w- c:\windows\system32\ntdll.dll
2011-11-25 21:37 . 2011-11-25 21:37 1293120 ----a-w- c:\windows\SysWow64\ntdll.dll
2011-11-25 21:36 . 2011-11-25 21:36 714752 ----a-w- c:\windows\system32\kerberos.dll
2011-11-25 21:36 . 2011-11-25 21:36 541184 ----a-w- c:\windows\SysWow64\kerberos.dll
2011-11-25 21:34 . 2011-11-25 21:34 954752 ----a-w- c:\windows\SysWow64\mfc40.dll
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-11-25 22:32 . 2011-10-04 16:38 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-11-25 21:48 . 2011-11-25 21:48 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2011-11-25 21:34 . 2011-11-25 21:34 340992 ----a-w- c:\windows\system32\schannel.dll
2011-11-25 21:34 . 2011-11-25 21:34 224256 ----a-w- c:\windows\SysWow64\schannel.dll
2011-11-25 21:33 . 2011-11-25 21:33 285696 ----a-w- c:\windows\system32\schtasks.exe
2011-11-25 21:33 . 2011-11-25 21:33 179712 ----a-w- c:\windows\SysWow64\schtasks.exe
2011-11-25 21:33 . 2011-11-25 21:33 1114624 ----a-w- c:\windows\system32\schedsvc.dll
2011-11-21 11:40 . 2011-10-04 14:50 8822856 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2011-11-13 11:34 . 2011-11-13 11:34 31344 ----a-w- c:\windows\system32\drivers\cnnctfy2.sys
2011-10-26 19:45 . 2011-10-06 22:40 627600 ----a-w- c:\windows\system32\deployJava1.dll
2011-10-11 13:08 . 2011-10-11 13:08 917840 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{B6CABF72-5EA4-4473-A8E5-E25EA607687E}\gapaengine.dll
2011-10-03 22:03 . 2011-10-03 22:03 270912 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2011-10-03 19:28 . 2011-03-28 16:36 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-10-03 12:15 . 2011-10-11 13:08 601424 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2011-12-23_13.58.58 )))))))))))))))))))))))))))))))))))))))))
.
- 2009-07-14 04:54 . 2011-12-23 13:02 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2011-12-23 15:02 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2011-12-23 15:02 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2011-12-23 13:02 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2011-12-23 13:02 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2011-12-23 15:02 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-10-03 09:30 . 2011-12-23 15:01 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2011-10-03 09:30 . 2011-12-23 13:16 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2011-10-03 09:30 . 2011-12-23 15:01 65536 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2011-10-03 09:30 . 2011-12-23 13:16 65536 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2011-12-23 13:16 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2011-12-23 15:01 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-10-03 10:21 . 2011-12-23 15:02 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2011-10-03 10:21 . 2011-12-23 13:02 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2011-10-03 10:21 . 2011-12-23 13:02 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2011-10-03 10:21 . 2011-12-23 15:02 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2011-10-03 10:21 . 2011-12-23 15:02 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2011-10-03 10:21 . 2011-12-23 13:02 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-10-03 09:39 . 2011-12-23 15:02 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2011-10-03 09:39 . 2011-12-23 13:02 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2011-10-03 09:39 . 2011-12-23 15:02 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2011-10-03 09:39 . 2011-12-23 13:02 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-12-23 15:01 . 2011-12-23 15:01 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2011-12-23 13:00 . 2011-12-23 13:00 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2011-12-23 13:00 . 2011-12-23 13:00 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2011-12-23 15:01 . 2011-12-23 15:01 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2009-07-14 05:01 . 2011-12-23 12:59 521128 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 05:01 . 2011-12-23 15:00 521128 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
- 2011-10-03 14:29 . 2011-12-23 12:59 12064440 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-949965917-3753343039-3259282721-1000-12288.dat
+ 2011-10-03 14:29 . 2011-12-23 15:00 12064440 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-949965917-3753343039-3259282721-1000-12288.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SugarSync"="c:\program files (x86)\SugarSync\SugarSyncManager.exe" [2011-11-11 12210176]
"Elbserver"="c:\program files (x86)\Sony\Media Gallery\ElbServer.exe" [2009-10-15 72192]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"ISBMgr.exe"="c:\program files (x86)\Sony\ISB Utility\ISBMgr.exe" [2009-08-26 320880]
"MarketingTools"="c:\program files (x86)\Sony\Marketing Tools\MarketingTools.exe" [2011-10-03 26624]
.
c:\users\zhulo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
networx - odkaz.lnk - d:\programy\Networkx\networx.exe [2011-11-26 4507648]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-9-4 1081632]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"HideSCAHealth"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
2009-12-01 21:03 98304 ----a-w- c:\windows\System32\VESWinlogon.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 Roxio Upnp Server 10;Roxio Upnp Server 10;c:\program files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe [2009-08-31 362992]
R2 SQLAgent$DATABAZA;SQL Server Agent (DATABAZA);c:\program files\Microsoft SQL Server\MSSQL10_50.DATABAZA\MSSQL\Binn\SQLAGENT.EXE [2010-04-03 428384]
R3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
R3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [x]
R3 MSSQLFDLauncher$DATABAZA;SQL Full-text Filter Daemon Launcher (DATABAZA);c:\program files\Microsoft SQL Server\MSSQL10_50.DATABAZA\MSSQL\Binn\fdlauncher.exe [2010-04-03 32096]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Kontrola siete od spoločnosti Microsoft;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-04-27 288272]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 Roxio UPnP Renderer 10;Roxio UPnP Renderer 10;c:\program files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [2009-08-31 313840]
R3 SOHCImp;VAIO Media plus Content Importer;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2010-09-10 108400]
R3 SOHDms;VAIO Media plus Digital Media Server;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2010-10-12 423280]
R3 SOHDs;VAIO Media plus Device Searcher;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2010-09-10 67952]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2011-02-18 99104]
R3 VCService;VCService;c:\program files\Sony\VAIO Care\VCService.exe [2011-02-14 44736]
R4 MSOLAP$DATABAZA;SQL Server Analysis Services (DATABAZA);c:\program files\Microsoft SQL Server\MSAS10_50.DATABAZA\OLAP\bin\msmdsrv.exe [2010-04-03 54568288]
R4 MSSQL$DATABAZA;SQL Server (DATABAZA);c:\program files\Microsoft SQL Server\MSSQL10_50.DATABAZA\MSSQL\Binn\sqlservr.exe [2010-04-03 61913952]
R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2010-04-03 59744]
R4 ReportServer$DATABAZA;SQL Server Reporting Services (DATABAZA);c:\program files\Microsoft SQL Server\MSRS10_50.DATABAZA\Reporting Services\ReportServer\bin\ReportingServicesService.exe [2010-04-03 2175328]
R4 RsFx0150;RsFx0150 Driver;c:\windows\system32\DRIVERS\RsFx0150.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]
S1 cnnctfy2;Connectify LightWeight Filter;c:\windows\system32\DRIVERS\cnnctfy2.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 Connectify;Connectify;c:\program files (x86)\Connectify\ConnectifyService.exe [2011-12-01 69632]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2009-11-20 13336]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-08-31 366152]
S2 MsDtsServer;SQL Server Integration Services;c:\program files\Microsoft SQL Server\90\DTS\Binn\MsDtsSrvr.exe [2005-10-14 195288]
S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2009-10-24 360224]
S2 QipGuard;QipGuard;c:\program files (x86)\QipGuard\QipGuard.exe [2011-11-23 191440]
S2 rimspci;rimspci;c:\windows\system32\drivers\rimssne64.sys [x]
S2 risdsnpe;risdsnpe;c:\windows\system32\drivers\risdsne64.sys [x]
S2 SampleCollector;VAIO Care Performance Service;c:\program files\Sony\VAIO Care\VCPerfService.exe [2011-01-29 259192]
S2 uCamMonitor;CamMonitor;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2008-09-18 104960]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-12-14 2320920]
S2 VCFw;VAIO Content Folder Watcher;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2011-01-20 887000]
S2 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2011-05-19 549616]
S2 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2010-10-25 387896]
S2 VSNService;VSNService;c:\program files\Sony\VAIO Smart Network\VSNService.exe [2010-08-11 845312]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys [x]
S3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 Impcd;Impcd;c:\windows\system32\drivers\Impcd.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\drivers\SFEP.sys [x]
S3 SpfService;VAIO Entertainment Common Service;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [2011-01-20 286936]
S3 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe [2009-11-30 571248]
S3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update Common\VUAgent.exe [2011-09-23 1429608]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [x]
.
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncBackedUp]
@="{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}"
[HKEY_CLASSES_ROOT\CLSID\{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}]
2011-11-11 08:36 405504 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncPending]
@="{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}"
[HKEY_CLASSES_ROOT\CLSID\{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}]
2011-11-11 08:36 405504 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncRoot]
@="{A759AFF6-5851-457D-A540-F4ECED148351}"
[HKEY_CLASSES_ROOT\CLSID\{A759AFF6-5851-457D-A540-F4ECED148351}]
2011-11-11 08:36 405504 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncShared]
@="{1574C9EF-7D58-488F-B358-8B78C1538F51}"
[HKEY_CLASSES_ROOT\CLSID\{1574C9EF-7D58-488F-B358-8B78C1538F51}]
2011-11-11 08:36 405504 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-12-16 9636896]
"Apoint"="c:\program files (x86)\Apoint\Apoint.exe" [BU]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 1436736]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
"combofix"="c:\combofix\CF19780.3XE" [2009-07-14 344576]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\SharedTaskScheduler]
"{1984DD45-52CF-49cd-AB77-18F378FEA264}"= "c:\program files (x86)\Stardock\Fences\FencesMenu64.dll" [2010-06-22 253288]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = %SystemRoot%\system32\blank.htm
uSearchAssistant = hxxp://search.qip.ru/ie
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: E&xportovať do programu Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Od&oslať do programu OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\users\zhulo\AppData\Roaming\Mozilla\Firefox\Profiles\bwbpj3wv.default\
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\msftesql]
"ImagePath"="\"c:\program files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\msftesql.exe\" -s:MSSQL.1 -f:MSSQLSERVER"
--
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SampleCollector]
"ImagePath"="\"c:\program files\Sony\VAIO Care\VCPerfService.exe\" \"/service\" \"/sstates\" \"/sampleinterval=5000\" \"/procinterval=5\" \"/dllinterval=120\" \"/counter=\Processor(_Total)\% Processor Time:1/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:1\" \"/counter=\Network Interface(*)\Bytes Total/sec:1\" \"/expandcounter=\Processor Information(*)\Processor Frequency:1\" \"/expandcounter=\Processor(*)\% Idle Time:1\" \"/expandcounter=\Processor(*)\% C1 Time:1\" \"/expandcounter=\Processor(*)\% C2 Time:1\" \"/expandcounter=\Processor(*)\% C3 Time:1\" \"/expandcounter=\Processor(*)\% Processor Time:1\" \"/directory=c:\programdata\Sony Corporation\VAIO Care\inteldata\""
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\Connectify\ConnectifyD.exe
c:\program files (x86)\Google\Update\GoogleUpdate.exe
c:\program files (x86)\SONY\VAIO Event Service\VESMgr.exe
c:\windows\SysWOW64\DllHost.exe
c:\program files (x86)\SONY\VAIO Event Service\VESMgrSub.exe
c:\program files\Sony\VAIO Care\listener.exe
.
**************************************************************************
.
Completion time: 2011-12-23 16:06:34 - machine was rebooted
ComboFix-quarantined-files.txt 2011-12-23 15:06
ComboFix2.txt 2011-12-23 14:01
.
Pre-Run: 90 209 378 304 bytes free
Post-Run: 89 718 804 480 bytes free
.
- - End Of File - - F3CA02A7C66481C746A512A5E19F6DBD
Microsoft Windows 7 Home Premium 6.1.7600.0.1250.421.1051.18.3950.1980 [GMT 1:00]
Running from: c:\users\zhulo\Desktop\ComboFix.exe
Command switches used :: c:\users\zhulo\Desktop\CFScript.txt
AV: Microsoft Security Essentials *Enabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Enabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
FILE ::
"c:\windows\tasks\AutoKMS.job"
"c:\windows\tasks\GoogleUpdateTaskMachineCore.job"
"c:\windows\tasks\GoogleUpdateTaskMachineUA.job"
"c:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-949965917-3753343039-3259282721-1000Core.job"
"c:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-949965917-3753343039-3259282721-1000UA.job"
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\5E4AF
c:\users\zhulo\AppData\Local\1c454a2f
c:\users\zhulo\AppData\Local\1c454a2f\@
c:\users\zhulo\AppData\Local\1c454a2f\loader.tlb
c:\users\zhulo\AppData\Roaming\C2E5E
c:\users\zhulo\AppData\Roaming\C2E5E\E4AF.2E5
c:\windows\AutoKMS
c:\windows\AutoKMS\AutoKMS.exe
c:\windows\AutoKMS\AutoKMS.ini
c:\windows\AutoKMS\AutoKMS.log
c:\windows\tasks\AutoKMS.job
c:\windows\tasks\GoogleUpdateTaskMachineCore.job
c:\windows\tasks\GoogleUpdateTaskMachineUA.job
c:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-949965917-3753343039-3259282721-1000Core.job
c:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-949965917-3753343039-3259282721-1000UA.job
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_54987110
-------\Service_gupdate
-------\Service_gupdatem
.
.
((((((((((((((((((((((((( Files Created from 2011-11-23 to 2011-12-23 )))))))))))))))))))))))))))))))
.
.
2011-12-23 15:01 . 2011-12-23 15:01 69000 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{D85D7093-1D67-4E84-95E0-DAE8A8B4199B}\offreg.dll
2011-12-23 13:10 . 2011-11-21 11:40 8822856 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{D85D7093-1D67-4E84-95E0-DAE8A8B4199B}\mpengine.dll
2011-12-23 12:29 . 2011-12-23 12:29 -------- d-----w- C:\rsit
2011-12-23 12:29 . 2011-12-23 12:29 -------- d-----w- c:\program files\trend micro
2011-12-23 11:08 . 2011-12-23 11:08 -------- d-----w- c:\users\zhulo\AppData\Roaming\Malwarebytes
2011-12-23 11:07 . 2011-12-23 11:07 -------- d-----w- c:\programdata\Malwarebytes
2011-12-23 11:07 . 2011-12-23 11:07 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2011-12-23 11:07 . 2011-08-31 16:00 25416 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-12-21 23:54 . 2011-12-23 10:23 43992 ----a-w- c:\program files (x86)\Mozilla Firefox\mozutils.dll
2011-12-21 23:54 . 2011-12-21 23:54 479232 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcm80.dll
2011-12-21 23:54 . 2011-12-21 23:54 548864 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcp80.dll
2011-12-21 23:54 . 2011-12-21 23:54 626688 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcr80.dll
2011-12-14 22:35 . 2011-12-14 22:35 -------- d-----w- c:\program files (x86)\StarUML
2011-12-10 20:39 . 2011-12-10 20:39 -------- d-----w- c:\users\zhulo\AppData\Local\BlackHawk
2011-12-10 20:39 . 2011-12-10 20:39 -------- d-----w- c:\program files\NETGATE
2011-12-04 17:06 . 2011-12-04 17:06 -------- d-----w- c:\users\zhulo\AppData\Roaming\TeamViewer
2011-12-04 06:44 . 2011-12-04 06:44 458064 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2011-12-03 19:48 . 2011-12-03 19:53 -------- d-----w- c:\users\zhulo\AppData\Local\Ubisoft Game Launcher
2011-12-01 16:02 . 2009-09-04 16:44 515416 ----a-w- c:\windows\SysWow64\XAudio2_5.dll
2011-12-01 16:02 . 2009-09-04 16:29 523088 ----a-w- c:\windows\system32\d3dx10_42.dll
2011-12-01 16:01 . 2009-09-04 16:44 69464 ----a-w- c:\windows\SysWow64\XAPOFX1_3.dll
2011-12-01 15:50 . 2011-12-03 19:25 -------- d-----w- c:\program files (x86)\Ubisoft
2011-12-01 15:50 . 2011-12-01 15:50 -------- d--h--w- c:\users\zhulo\InstallAnywhere
2011-11-30 19:32 . 2011-11-30 19:32 -------- d-----w- c:\users\zhulo\AppData\Local\Microsoft_Corporation
2011-11-30 19:30 . 2010-04-03 10:51 47968 ----a-w- c:\windows\SysWow64\perf-ReportServer$DATABAZA-rsctr.dll
2011-11-30 19:30 . 2010-04-03 09:57 77664 ----a-w- c:\windows\system32\perf-ReportServer$DATABAZA-rsctr.dll
2011-11-30 19:29 . 2010-04-03 11:51 47456 ----a-w- c:\windows\SysWow64\perf-MSSQL10_50.DATABAZA-sqlagtctr.dll
2011-11-30 19:29 . 2010-04-03 10:57 77152 ----a-w- c:\windows\system32\perf-MSSQL10_50.DATABAZA-sqlagtctr.dll
2011-11-30 19:29 . 2010-04-03 11:51 73568 ----a-w- c:\windows\SysWow64\perf-MSSQL$DATABAZA-sqlctr10.50.1600.1.dll
2011-11-30 19:29 . 2010-04-03 10:57 79200 ----a-w- c:\windows\system32\perf-MSSQL$DATABAZA-sqlctr10.50.1600.1.dll
2011-11-30 19:25 . 2011-11-30 19:25 -------- d-----w- c:\windows\system32\RsFx
2011-11-30 19:25 . 2011-11-30 19:25 -------- d-----w- c:\program files\Microsoft Analysis Services
2011-11-30 19:25 . 2011-11-30 19:25 -------- d-----w- c:\program files\Microsoft Visual Studio 9.0
2011-11-30 19:25 . 2011-11-30 19:25 -------- d-----w- c:\program files (x86)\Microsoft Visual Studio 9.0
2011-11-30 19:23 . 2011-11-30 19:23 -------- d-----w- c:\windows\system32\1033
2011-11-30 17:23 . 2011-11-30 17:23 -------- d-----w- c:\users\zhulo\AppData\Roaming\postgresql
2011-11-30 17:12 . 2011-12-23 13:52 -------- d-----w- c:\users\postgres
2011-11-30 17:11 . 2011-11-30 17:11 -------- d-----w- c:\program files\PostgreSQL
2011-11-30 16:39 . 2011-11-30 16:39 -------- d-----w- c:\program files (x86)\SQLXML 4.0
2011-11-30 16:39 . 2011-11-30 16:39 -------- d-----w- c:\program files\SQLXML 4.0
2011-11-30 16:34 . 2011-11-30 19:23 -------- d-----w- c:\windows\SysWow64\1033
2011-11-30 16:34 . 2011-11-30 16:34 -------- d-----w- c:\program files (x86)\Common Files\Merge Modules
2011-11-30 16:16 . 2011-11-30 16:16 -------- d-----w- c:\program files\Microsoft.NET
2011-11-30 16:02 . 2011-11-30 19:23 -------- d-----w- c:\program files (x86)\Microsoft SQL Server
2011-11-30 16:02 . 2011-11-30 19:27 -------- d-----w- c:\program files\Microsoft SQL Server
2011-11-28 19:38 . 2011-12-23 10:24 121816 ----a-w- c:\program files (x86)\Mozilla Firefox\components\browsercomps.dll
2011-11-26 11:48 . 2011-11-26 11:48 -------- d-----w- c:\users\zhulo\AppData\Roaming\InstallShield
2011-11-26 11:30 . 2011-11-26 11:30 -------- d-----w- c:\users\zhulo\AppData\Roaming\Stardock
2011-11-26 11:30 . 2011-11-26 11:30 -------- dc-h--w- c:\programdata\{A3A26C56-02C3-4F76-A033-12EE2FB52AE6}
2011-11-26 11:30 . 2011-11-26 11:30 -------- d-----w- c:\program files (x86)\Stardock
2011-11-26 11:30 . 2011-11-26 11:30 -------- d-----w- c:\users\zhulo\AppData\Local\PackageAware
2011-11-26 10:56 . 2011-11-26 10:56 -------- d-----w- C:\SPLASH.SYS
2011-11-25 22:43 . 2011-11-25 22:44 -------- d-----w- c:\users\zhulo\AppData\Roaming\QIP
2011-11-25 22:32 . 2011-11-25 22:32 -------- d-----w- c:\windows\system32\Macromed
2011-11-25 22:01 . 2011-11-25 22:01 3141120 ----a-w- c:\windows\system32\win32k.sys
2011-11-25 22:00 . 2011-11-25 22:00 886784 ----a-w- c:\program files\Common Files\System\wab32.dll
2011-11-25 22:00 . 2011-11-25 22:00 708608 ----a-w- c:\program files (x86)\Common Files\System\wab32.dll
2011-11-25 22:00 . 2011-11-25 22:00 1897328 ----a-w- c:\windows\system32\drivers\tcpip.sys
2011-11-25 21:51 . 2011-11-25 21:51 75776 ----a-w- c:\windows\SysWow64\psisrndr.ax
2011-11-25 21:51 . 2011-11-25 21:51 72704 ----a-w- c:\windows\SysWow64\Mpeg2Data.ax
2011-11-25 21:51 . 2011-11-25 21:51 59904 ----a-w- c:\windows\SysWow64\MSDvbNP.ax
2011-11-25 21:51 . 2011-11-25 21:51 465408 ----a-w- c:\windows\SysWow64\psisdecd.dll
2011-11-25 21:51 . 2011-11-25 21:51 288256 ----a-w- c:\windows\system32\MSNP.ax
2011-11-25 21:51 . 2011-11-25 21:51 204288 ----a-w- c:\windows\SysWow64\MSNP.ax
2011-11-25 21:51 . 2011-11-25 21:51 108032 ----a-w- c:\windows\system32\psisrndr.ax
2011-11-25 21:51 . 2011-11-25 21:51 75776 ----a-w- c:\windows\system32\MSDvbNP.ax
2011-11-25 21:51 . 2011-11-25 21:51 613888 ----a-w- c:\windows\system32\psisdecd.dll
2011-11-25 21:51 . 2011-11-25 21:51 104960 ----a-w- c:\windows\system32\Mpeg2Data.ax
2011-11-25 21:50 . 2011-11-25 21:50 331776 ----a-w- c:\windows\system32\oleacc.dll
2011-11-25 21:50 . 2011-11-25 21:50 861184 ----a-w- c:\windows\system32\oleaut32.dll
2011-11-25 21:50 . 2011-11-25 21:50 571904 ----a-w- c:\windows\SysWow64\oleaut32.dll
2011-11-25 21:50 . 2011-11-25 21:50 233472 ----a-w- c:\windows\SysWow64\oleacc.dll
2011-11-25 21:49 . 2011-11-25 21:49 5507968 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-11-25 21:49 . 2011-11-25 21:49 3957120 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2011-11-25 21:49 . 2011-11-25 21:49 3902336 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2011-11-25 21:47 . 2011-11-25 21:47 287744 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-11-25 21:47 . 2011-11-25 21:47 157696 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2011-11-25 21:47 . 2011-11-25 21:47 126464 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2011-11-25 21:47 . 2011-11-25 21:47 64512 ----a-w- c:\windows\SysWow64\devobj.dll
2011-11-25 21:47 . 2011-11-25 21:47 44544 ----a-w- c:\windows\SysWow64\devrtl.dll
2011-11-25 21:47 . 2011-11-25 21:47 404992 ----a-w- c:\windows\system32\umpnpmgr.dll
2011-11-25 21:47 . 2011-11-25 21:47 252928 ----a-w- c:\windows\SysWow64\drvinst.exe
2011-11-25 21:47 . 2011-11-25 21:47 145920 ----a-w- c:\windows\SysWow64\cfgmgr32.dll
2011-11-25 21:46 . 2011-11-25 21:46 -------- d-----w- c:\program files (x86)\MSXML 4.0
2011-11-25 21:42 . 2011-11-25 21:42 759296 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\VGX\VGX.dll
2011-11-25 21:42 . 2011-11-25 21:42 1110528 ----a-w- c:\program files\Common Files\Microsoft Shared\VGX\VGX.dll
2011-11-25 21:42 . 2011-11-25 21:42 461312 ----a-w- c:\windows\system32\drivers\srv.sys
2011-11-25 21:42 . 2011-11-25 21:42 399872 ----a-w- c:\windows\system32\drivers\srv2.sys
2011-11-25 21:42 . 2011-11-25 21:42 161792 ----a-w- c:\windows\system32\drivers\srvnet.sys
2011-11-25 21:42 . 2011-11-25 21:42 102400 ----a-w- c:\windows\system32\drivers\dfsc.sys
2011-11-25 21:41 . 2011-11-25 21:41 499712 ----a-w- c:\windows\system32\drivers\afd.sys
2011-11-25 21:40 . 2011-11-25 21:40 976896 ----a-w- c:\windows\system32\inetcomm.dll
2011-11-25 21:40 . 2011-11-25 21:40 740864 ----a-w- c:\windows\SysWow64\inetcomm.dll
2011-11-25 21:40 . 2011-11-25 21:40 30208 ----a-w- c:\windows\system32\dnscacheugc.exe
2011-11-25 21:40 . 2011-11-25 21:40 28672 ----a-w- c:\windows\SysWow64\dnscacheugc.exe
2011-11-25 21:40 . 2011-11-25 21:40 182272 ----a-w- c:\windows\system32\dnsrslvr.dll
2011-11-25 21:40 . 2011-11-25 21:40 612352 ----a-w- c:\windows\system32\vbscript.dll
2011-11-25 21:40 . 2011-11-25 21:40 428032 ----a-w- c:\windows\SysWow64\vbscript.dll
2011-11-25 21:39 . 2011-11-25 21:39 46080 ----a-w- c:\windows\system32\atmlib.dll
2011-11-25 21:39 . 2011-11-25 21:39 367104 ----a-w- c:\windows\system32\atmfd.dll
2011-11-25 21:39 . 2011-11-25 21:39 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2011-11-25 21:39 . 2011-11-25 21:39 294912 ----a-w- c:\windows\SysWow64\atmfd.dll
2011-11-25 21:39 . 2011-11-25 21:39 267776 ----a-w- c:\windows\system32\FXSCOVER.exe
2011-11-25 21:39 . 2011-11-25 21:39 90624 ----a-w- c:\windows\system32\drivers\bowser.sys
2011-11-25 21:38 . 2011-11-25 21:38 1395712 ----a-w- c:\windows\system32\mfc42.dll
2011-11-25 21:38 . 2011-11-25 21:38 1359872 ----a-w- c:\windows\system32\mfc42u.dll
2011-11-25 21:38 . 2011-11-25 21:38 1164288 ----a-w- c:\windows\SysWow64\mfc42u.dll
2011-11-25 21:38 . 2011-11-25 21:38 1137664 ----a-w- c:\windows\SysWow64\mfc42.dll
2011-11-25 21:38 . 2011-11-25 21:38 3138048 ----a-w- c:\windows\system32\mstscax.dll
2011-11-25 21:38 . 2011-11-25 21:38 2690560 ----a-w- c:\windows\SysWow64\mstscax.dll
2011-11-25 21:38 . 2011-11-25 21:38 1097216 ----a-w- c:\windows\system32\mstsc.exe
2011-11-25 21:38 . 2011-11-25 21:38 1034240 ----a-w- c:\windows\SysWow64\mstsc.exe
2011-11-25 21:37 . 2011-11-25 21:37 961024 ----a-w- c:\windows\system32\CPFilters.dll
2011-11-25 21:37 . 2011-11-25 21:37 850432 ----a-w- c:\windows\SysWow64\sbe.dll
2011-11-25 21:37 . 2011-11-25 21:37 642048 ----a-w- c:\windows\SysWow64\CPFilters.dll
2011-11-25 21:37 . 2011-11-25 21:37 1118720 ----a-w- c:\windows\system32\sbe.dll
2011-11-25 21:37 . 2011-11-25 21:37 723968 ----a-w- c:\windows\system32\EncDec.dll
2011-11-25 21:37 . 2011-11-25 21:37 534528 ----a-w- c:\windows\SysWow64\EncDec.dll
2011-11-25 21:37 . 2011-11-25 21:37 259072 ----a-w- c:\windows\system32\mpg2splt.ax
2011-11-25 21:37 . 2011-11-25 21:37 199680 ----a-w- c:\windows\SysWow64\mpg2splt.ax
2011-11-25 21:37 . 2011-11-25 21:37 1739176 ----a-w- c:\windows\system32\ntdll.dll
2011-11-25 21:37 . 2011-11-25 21:37 1293120 ----a-w- c:\windows\SysWow64\ntdll.dll
2011-11-25 21:36 . 2011-11-25 21:36 714752 ----a-w- c:\windows\system32\kerberos.dll
2011-11-25 21:36 . 2011-11-25 21:36 541184 ----a-w- c:\windows\SysWow64\kerberos.dll
2011-11-25 21:34 . 2011-11-25 21:34 954752 ----a-w- c:\windows\SysWow64\mfc40.dll
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-11-25 22:32 . 2011-10-04 16:38 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-11-25 21:48 . 2011-11-25 21:48 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2011-11-25 21:34 . 2011-11-25 21:34 340992 ----a-w- c:\windows\system32\schannel.dll
2011-11-25 21:34 . 2011-11-25 21:34 224256 ----a-w- c:\windows\SysWow64\schannel.dll
2011-11-25 21:33 . 2011-11-25 21:33 285696 ----a-w- c:\windows\system32\schtasks.exe
2011-11-25 21:33 . 2011-11-25 21:33 179712 ----a-w- c:\windows\SysWow64\schtasks.exe
2011-11-25 21:33 . 2011-11-25 21:33 1114624 ----a-w- c:\windows\system32\schedsvc.dll
2011-11-21 11:40 . 2011-10-04 14:50 8822856 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2011-11-13 11:34 . 2011-11-13 11:34 31344 ----a-w- c:\windows\system32\drivers\cnnctfy2.sys
2011-10-26 19:45 . 2011-10-06 22:40 627600 ----a-w- c:\windows\system32\deployJava1.dll
2011-10-11 13:08 . 2011-10-11 13:08 917840 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{B6CABF72-5EA4-4473-A8E5-E25EA607687E}\gapaengine.dll
2011-10-03 22:03 . 2011-10-03 22:03 270912 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2011-10-03 19:28 . 2011-03-28 16:36 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-10-03 12:15 . 2011-10-11 13:08 601424 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2011-12-23_13.58.58 )))))))))))))))))))))))))))))))))))))))))
.
- 2009-07-14 04:54 . 2011-12-23 13:02 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2011-12-23 15:02 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2011-12-23 15:02 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2011-12-23 13:02 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2011-12-23 13:02 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2011-12-23 15:02 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-10-03 09:30 . 2011-12-23 15:01 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2011-10-03 09:30 . 2011-12-23 13:16 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2011-10-03 09:30 . 2011-12-23 15:01 65536 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2011-10-03 09:30 . 2011-12-23 13:16 65536 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2011-12-23 13:16 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2011-12-23 15:01 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-10-03 10:21 . 2011-12-23 15:02 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2011-10-03 10:21 . 2011-12-23 13:02 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2011-10-03 10:21 . 2011-12-23 13:02 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2011-10-03 10:21 . 2011-12-23 15:02 32768 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2011-10-03 10:21 . 2011-12-23 15:02 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2011-10-03 10:21 . 2011-12-23 13:02 16384 c:\windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-10-03 09:39 . 2011-12-23 15:02 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2011-10-03 09:39 . 2011-12-23 13:02 16384 c:\windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2011-10-03 09:39 . 2011-12-23 15:02 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2011-10-03 09:39 . 2011-12-23 13:02 16384 c:\windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2011-12-23 15:01 . 2011-12-23 15:01 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2011-12-23 13:00 . 2011-12-23 13:00 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2011-12-23 13:00 . 2011-12-23 13:00 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2011-12-23 15:01 . 2011-12-23 15:01 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2009-07-14 05:01 . 2011-12-23 12:59 521128 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 05:01 . 2011-12-23 15:00 521128 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
- 2011-10-03 14:29 . 2011-12-23 12:59 12064440 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-949965917-3753343039-3259282721-1000-12288.dat
+ 2011-10-03 14:29 . 2011-12-23 15:00 12064440 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-949965917-3753343039-3259282721-1000-12288.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SugarSync"="c:\program files (x86)\SugarSync\SugarSyncManager.exe" [2011-11-11 12210176]
"Elbserver"="c:\program files (x86)\Sony\Media Gallery\ElbServer.exe" [2009-10-15 72192]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"ISBMgr.exe"="c:\program files (x86)\Sony\ISB Utility\ISBMgr.exe" [2009-08-26 320880]
"MarketingTools"="c:\program files (x86)\Sony\Marketing Tools\MarketingTools.exe" [2011-10-03 26624]
.
c:\users\zhulo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
networx - odkaz.lnk - d:\programy\Networkx\networx.exe [2011-11-26 4507648]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-9-4 1081632]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"HideSCAHealth"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
2009-12-01 21:03 98304 ----a-w- c:\windows\System32\VESWinlogon.dll
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 Roxio Upnp Server 10;Roxio Upnp Server 10;c:\program files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe [2009-08-31 362992]
R2 SQLAgent$DATABAZA;SQL Server Agent (DATABAZA);c:\program files\Microsoft SQL Server\MSSQL10_50.DATABAZA\MSSQL\Binn\SQLAGENT.EXE [2010-04-03 428384]
R3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
R3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-03-25 30969208]
R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [x]
R3 MSSQLFDLauncher$DATABAZA;SQL Full-text Filter Daemon Launcher (DATABAZA);c:\program files\Microsoft SQL Server\MSSQL10_50.DATABAZA\MSSQL\Binn\fdlauncher.exe [2010-04-03 32096]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Kontrola siete od spoločnosti Microsoft;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-04-27 288272]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 Roxio UPnP Renderer 10;Roxio UPnP Renderer 10;c:\program files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [2009-08-31 313840]
R3 SOHCImp;VAIO Media plus Content Importer;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2010-09-10 108400]
R3 SOHDms;VAIO Media plus Digital Media Server;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2010-10-12 423280]
R3 SOHDs;VAIO Media plus Device Searcher;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2010-09-10 67952]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2011-02-18 99104]
R3 VCService;VCService;c:\program files\Sony\VAIO Care\VCService.exe [2011-02-14 44736]
R4 MSOLAP$DATABAZA;SQL Server Analysis Services (DATABAZA);c:\program files\Microsoft SQL Server\MSAS10_50.DATABAZA\OLAP\bin\msmdsrv.exe [2010-04-03 54568288]
R4 MSSQL$DATABAZA;SQL Server (DATABAZA);c:\program files\Microsoft SQL Server\MSSQL10_50.DATABAZA\MSSQL\Binn\sqlservr.exe [2010-04-03 61913952]
R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2010-04-03 59744]
R4 ReportServer$DATABAZA;SQL Server Reporting Services (DATABAZA);c:\program files\Microsoft SQL Server\MSRS10_50.DATABAZA\Reporting Services\ReportServer\bin\ReportingServicesService.exe [2010-04-03 2175328]
R4 RsFx0150;RsFx0150 Driver;c:\windows\system32\DRIVERS\RsFx0150.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]
S1 cnnctfy2;Connectify LightWeight Filter;c:\windows\system32\DRIVERS\cnnctfy2.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 Connectify;Connectify;c:\program files (x86)\Connectify\ConnectifyService.exe [2011-12-01 69632]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2009-11-20 13336]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-08-31 366152]
S2 MsDtsServer;SQL Server Integration Services;c:\program files\Microsoft SQL Server\90\DTS\Binn\MsDtsSrvr.exe [2005-10-14 195288]
S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2009-10-24 360224]
S2 QipGuard;QipGuard;c:\program files (x86)\QipGuard\QipGuard.exe [2011-11-23 191440]
S2 rimspci;rimspci;c:\windows\system32\drivers\rimssne64.sys [x]
S2 risdsnpe;risdsnpe;c:\windows\system32\drivers\risdsne64.sys [x]
S2 SampleCollector;VAIO Care Performance Service;c:\program files\Sony\VAIO Care\VCPerfService.exe [2011-01-29 259192]
S2 uCamMonitor;CamMonitor;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2008-09-18 104960]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-12-14 2320920]
S2 VCFw;VAIO Content Folder Watcher;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2011-01-20 887000]
S2 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2011-05-19 549616]
S2 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2010-10-25 387896]
S2 VSNService;VSNService;c:\program files\Sony\VAIO Smart Network\VSNService.exe [2010-08-11 845312]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys [x]
S3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 Impcd;Impcd;c:\windows\system32\drivers\Impcd.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\drivers\SFEP.sys [x]
S3 SpfService;VAIO Entertainment Common Service;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [2011-01-20 286936]
S3 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe [2009-11-30 571248]
S3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update Common\VUAgent.exe [2011-09-23 1429608]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [x]
.
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncBackedUp]
@="{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}"
[HKEY_CLASSES_ROOT\CLSID\{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}]
2011-11-11 08:36 405504 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncPending]
@="{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}"
[HKEY_CLASSES_ROOT\CLSID\{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}]
2011-11-11 08:36 405504 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncRoot]
@="{A759AFF6-5851-457D-A540-F4ECED148351}"
[HKEY_CLASSES_ROOT\CLSID\{A759AFF6-5851-457D-A540-F4ECED148351}]
2011-11-11 08:36 405504 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncShared]
@="{1574C9EF-7D58-488F-B358-8B78C1538F51}"
[HKEY_CLASSES_ROOT\CLSID\{1574C9EF-7D58-488F-B358-8B78C1538F51}]
2011-11-11 08:36 405504 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-12-16 9636896]
"Apoint"="c:\program files (x86)\Apoint\Apoint.exe" [BU]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 1436736]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
"combofix"="c:\combofix\CF19780.3XE" [2009-07-14 344576]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\SharedTaskScheduler]
"{1984DD45-52CF-49cd-AB77-18F378FEA264}"= "c:\program files (x86)\Stardock\Fences\FencesMenu64.dll" [2010-06-22 253288]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = %SystemRoot%\system32\blank.htm
uSearchAssistant = hxxp://search.qip.ru/ie
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: E&xportovať do programu Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Od&oslať do programu OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 10.0.0.138
FF - ProfilePath - c:\users\zhulo\AppData\Roaming\Mozilla\Firefox\Profiles\bwbpj3wv.default\
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\msftesql]
"ImagePath"="\"c:\program files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\msftesql.exe\" -s:MSSQL.1 -f:MSSQLSERVER"
--
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SampleCollector]
"ImagePath"="\"c:\program files\Sony\VAIO Care\VCPerfService.exe\" \"/service\" \"/sstates\" \"/sampleinterval=5000\" \"/procinterval=5\" \"/dllinterval=120\" \"/counter=\Processor(_Total)\% Processor Time:1/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:1\" \"/counter=\Network Interface(*)\Bytes Total/sec:1\" \"/expandcounter=\Processor Information(*)\Processor Frequency:1\" \"/expandcounter=\Processor(*)\% Idle Time:1\" \"/expandcounter=\Processor(*)\% C1 Time:1\" \"/expandcounter=\Processor(*)\% C2 Time:1\" \"/expandcounter=\Processor(*)\% C3 Time:1\" \"/expandcounter=\Processor(*)\% Processor Time:1\" \"/directory=c:\programdata\Sony Corporation\VAIO Care\inteldata\""
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\Connectify\ConnectifyD.exe
c:\program files (x86)\Google\Update\GoogleUpdate.exe
c:\program files (x86)\SONY\VAIO Event Service\VESMgr.exe
c:\windows\SysWOW64\DllHost.exe
c:\program files (x86)\SONY\VAIO Event Service\VESMgrSub.exe
c:\program files\Sony\VAIO Care\listener.exe
.
**************************************************************************
.
Completion time: 2011-12-23 16:06:34 - machine was rebooted
ComboFix-quarantined-files.txt 2011-12-23 15:06
ComboFix2.txt 2011-12-23 14:01
.
Pre-Run: 90 209 378 304 bytes free
Post-Run: 89 718 804 480 bytes free
.
- - End Of File - - F3CA02A7C66481C746A512A5E19F6DBD
Re: Odstranenie viru
Jak se chova PC, MSE stale krici
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Odstranenie viru
Zatiaľ nič nevyhodil. Dúfam, že to tak aj zostane.
Ďakujem veľmi pekne za pomoc a želám pekné (už snáď aj nikým) nerušené sviatky
Ďakujem veľmi pekne za pomoc a želám pekné (už snáď aj nikým) nerušené sviatky
Re: Odstranenie viru
Tak jeste uklidime 
Odinstalujte Combofix
T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe
OTC http://oldtimer.geekstogo.com/OTC.exe
TFC http://oldtimer.geekstogo.com/TFC.exe
Stahnete Ccleaner (viz muj podpis)
Panel čistič
A pokud tedy nejsou problemy ci dotazy, je to z me strany vse 
Nemate zac, rado se stalo
Klidne svatky i Vam
Odinstalujte Combofix
- Prejmenujte ComboFix na Uninstall
- Spustte jej
- Tohle smaze Combofix a jeho slozky
T-Cleaner http://vyosek.ic.cz/pro_usery/T-Cleaner.exe
- Stahnete a spustte
- Pro potvrzeni volby mackejte A, Enter
- Po pouziti utilitu smazte
- Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)
OTC http://oldtimer.geekstogo.com/OTC.exe
- Stahnete a spustte
- Kliknete na CleanUp a potvrdte YES
- Program uklidi a restartuje PC
TFC http://oldtimer.geekstogo.com/TFC.exe
- Stahnete a spustte
- Kliknete na Start a potvrdte OK
- Program uklidi a restartuje pc
- Po pouziti utilitu smazte
Stahnete Ccleaner (viz muj podpis)Panel čistič
- Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner
- dejte Hledej problémy
- nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
- postup opakujte dokud nebude bez problemu - vetsinou cca 3x
- Zde muzete odinstalovat nepotrebne programy
A pokud tedy nejsou problemy ci dotazy, je to z me strany vse Nemate zac, rado se stalo Klidne svatky i Vam "Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Odstranenie viru
Čistenia vykonané, CCleaner používam pravidelne.
Nateraz otázky nemám a dúfam, že ani v najbližšej dobe nebudem mať.
Ešte raz veľmi pekne ďakujem.
Nateraz otázky nemám a dúfam, že ani v najbližšej dobe nebudem mať.
Ešte raz veľmi pekne ďakujem.
Přispějete na provoz fóra?
