Prosím o kontrolu, dííky :)

Zpráva

Damon · #1 Příspěvek od **Damon** » 08 dub 2012 18:07

Ahoj. zaregistroval som sa tu len teraz, takže netuším či píšem do správnej sekcie, pokial nie prosimvas o link na správnu. Viem že vírus v PC mám. začalo to tým, že som bol na FB(neklikal som na žiadne vyskakovacie okna nikto mi nič nepisal v anglličtine ani nič take ) a zrazu, mi samé od seba začalo písať čiarky bodky a odosielať ich po jednom(takže moji kamarati mali vela sprav odomna....neposlalo to vŠetkým ludom, ale iba dvom či trom, s ktorými som si aktuálne písal. kamarát mi poslal link na obrazok(ani som na nho neklikal ale skratka važne ten link poslal on a bola to normalna fotka na internete ktoru mi chcel ukazať. nasledne na to virus odpisal"what the f*ck is that" a na koniec našej konverzacie keĎ som odchadzal napisal"your PC will be destroyed in 30seconds" skušal som spustiť kontrolu PC cez eset(ale ako som predpokladal spravne tak to je 0bodov). počítač sa prejavuje asi tak že, po tom ako ho uvediem do režimu spanku a nasledne ho prebudim padne na modru obrazovku a načita to niečo do 100 potom sa reštartuje. dalej tiez robí toto iste len tak(aj tento text píšem na 2x lebo mi to padlo) ak počúvam pesničky tak sa pesnička občas zasekne vydava to taký ten hnusný zvuk a padne system na modru obrazovku. Viem že sú sviatky takže sa ospravedlňujem že otravujem práve teraz ale je to aktuálne(ale pokial to nemôže niak gradovať alebo čo tak to má čas) tak ak by sa niaky strašne ochotny človek našiel bol by som rád. RSIT som si stiahol tak ho spustim a potom hodim popis, len neviem či som v spravnej sekcii takže ak nie tak ma prosím nasmerujte. vopred ďakujem

Damon · #2 Příspěvek od **Damon** » 08 dub 2012 18:31

díki, mohol by si mi prosím ťa hodiť link na príslušnú sekciu, neviem to tu niak nájsť musím sa rozkukať.

Damon · #3 Příspěvek od **Damon** » 08 dub 2012 19:44

Logfile of random's system information tool 1.09 (written by random/random)
Run by SONY at 2012-04-08 20:40:17
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 196 GB (67%) free of 291 GB
Total RAM: 3950 MB (60% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:40:23, on 08.04.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal

Running processes:
C:\Program Files\Sony\VAIO Care\VCSpt.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files\Sony\VAIO Care\listener.exe
C:\Program Files\trend micro\SONY.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
O2 - BHO: Pomocník pri prihlasovaní v konte Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - C:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll
O9 - Extra 'Tools' menuitem: Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - C:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - (no file)
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - (no file)
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Autodesk Content Service - Unknown owner - C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service 64 - Flexera Software, Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: McAfee SiteAdvisor Service - Unknown owner - c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PMBDeviceInfoProvider - Sony Corporation - C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Roxio UPnP Renderer 10 - Sonic Solutions - C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe
O23 - Service: Roxio Upnp Server 10 - Sonic Solutions - C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: VAIO Care Performance Service (SampleCollector) - Sony Corporation - C:\Program Files\Sony\VAIO Care\VCPerfService.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: VAIO Media plus Content Importer (SOHCImp) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
O23 - Service: VAIO Media plus Database Manager (SOHDBSvr) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe
O23 - Service: VAIO Media plus Digital Media Server (SOHDms) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
O23 - Service: VAIO Media plus Device Searcher (SOHDs) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
O23 - Service: VAIO Media plus Playlist Manager (SOHPlMgr) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: CamMonitor (uCamMonitor) - ArcSoft, Inc. - C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Power Management - Sony Corporation - C:\Program Files\Sony\VAIO Power Management\SPMService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: VAIO Content Folder Watcher (VCFw) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
O23 - Service: VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
O23 - Service: VAIO Content Metadata Intelligent Network Service Manager (VcmINSMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
O23 - Service: VAIO Content Metadata XML Interface (VcmXmlIfHelper) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VSNService - Sony Corporation - C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: VUAgent - Sony Corporation - C:\Program Files\Sony\VAIO Update 5\VUAgent.exe
O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12510 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
winlogon.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
atieclxx
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"taskhost.exe"
taskeng.exe {1765FAAE-1FBA-4C84-8F1D-635C4838B8AF}
taskeng.exe {B1ED95E8-3DB7-4151-BCE6-4B3D42A0E142}
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files\Sony\VAIO Care\VCSpt.exe"
"C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe"
"C:\Program Files\Sony\VAIO Power Management\SPMgr.exe" /Start
"C:\Program Files (x86)\Bonjour\mDNSResponder.exe"
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
"C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe"
"C:\Program Files\Sony\VAIO Update 5\VAIOUpdt.exe" /Stationary
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe"
"C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe"
"C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe"
"C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe"
"C:\Program Files\Sony\VAIO Smart Network\VSNService.exe"
"C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
WLIDSvcM.exe 2776
/Device:000000a0
"C:\Program Files (x86)\SONY\VAIO Event Service\VESMgrSub.exe"
"C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe"
"C:\Program Files\Sony\VAIO Power Management\SPMService.exe"
C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\Windows\system32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-4c1ef1bc-9e8f-4d95-a4f0-18b323dfe775 -SystemEventPortName:HostProcess-24f1aecd-2470-4b8d-b5ed-a138013794a5 -IoCancelEventPortName:HostProcess-b52185f7-7b85-4430-aeb1-da4098755404 -NonStateChangingEventPortName:HostProcess-0287cb04-9efe-43f9-9282-5e746dbe1b55 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:d2360844-d5c1-4b1d-8df8-2d640c4b8fc0
"C:\Program Files\Apoint\Apoint.exe"
"C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files (x86)\iTunes\iTunesHelper.exe"
"C:\Program Files\Apoint\ApMsgFwd.exe" -s{05FA8492-C047-4207-BE65-780D8591C113}
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Apoint\Apvfb.exe"
"C:\Program Files\iPod\bin\iPodService.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe"
"C:\Program Files\Sony\VAIO Care\VCPerfService.exe" "/service" "/sstates" "/sampleinterval=5000" "/procinterval=5" "/dllinterval=120" "/counter=\Processor(_Total)\% Processor Time:1/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:1" "/counter=\Network Interface(*)\Bytes Total/sec:1" "/expandcounter=\Processor Information(*)\Processor Frequency:1" "/expandcounter=\Processor(*)\% Idle Time:1" "/expandcounter=\Processor(*)\% C1 Time:1" "/expandcounter=\Processor(*)\% C2 Time:1" "/expandcounter=\Processor(*)\% C3 Time:1" "/expandcounter=\Processor(*)\% Processor Time:1" "/directory=inteldata"
C:\Program Files\Sony\VAIO Care/listener.exe /silent /slot=0
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Windows\system32\wuauclt.exe"
"C:\Program Files\Sony\VAIO Care\VCsystray.exe"
"C:\Program Files\ESET\ESET Smart Security\egui.exe"
notepad.exe "C:\Users\SONY\AppData\Local\Temp\log.txt"
"C:\Users\SONY\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job

=========Mozilla firefox=========

ProfilePath - C:\Users\SONY\AppData\Roaming\Mozilla\Firefox\Profiles\yv4t9dtg.default

prefs.js - "browser.startup.homepage" - "http://www.google.com/webhp?rls=ig"
prefs.js - "extensions.enabledItems" - "{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.16"
prefs.js - "keyword.URL" - "http://search.qip.ru/search?from=FF&query="

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.2.202.228 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_228.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=]
"Description"=iTunes Detector Plug-in
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Apple.com/iTunes,version=1.0]
"Description"=
"Path"=C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0]
"Description"=DivX Plus Web Player
"Path"=C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]
"Description"=DivX VOD Helper Plug-in
"Path"=C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5]
"Description"=Office Live Update v1.5
"Path"=C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.2.202.228 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_2_202_228.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0]
"Description"=DivX VOD Helper Plug-in
"Path"=C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files (x86)\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsIQTScriptablePlugin.xpt

C:\Program Files (x86)\Mozilla Firefox\plugins\
npdeployJava1.dll
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
npqtplugin6.dll
npqtplugin7.dll
QuickTimePlugin.class

C:\Program Files (x86)\Mozilla Firefox\searchplugins\
atlas-sk.xml
azet-sk.xml
dunaj-sk.xml
eBay.xml
google.xml
slovnik-sk.xml
wikipedia-sk.xml
zoznam-sk.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}]
McAfee SiteAdvisor BHO - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-02-19 43520]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-01-03 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}]
DivX Plus Web Player HTML5 <video> - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2011-12-12 194432]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pri prihlasovaní v konte Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-02-03 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - McAfee SiteAdvisor Toolbar - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll []

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2009-12-16 9636896]
"Apoint"=C:\Program Files\Apoint\Apoint.exe [2009-11-04 208384]
"IntelliPoint"=C:\Program Files\Microsoft IntelliPoint\ipoint.exe [2009-05-26 2314120]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2010-07-02 2903688]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-02 843712]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2012-01-03 37296]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISBMgr.exe]
C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [2009-08-26 320880]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes' Anti-Malware]
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe [2010-12-20 443728]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MarketingTools]
C:\Program Files (x86)\Sony\Marketing Tools\MarketingTools.exe [2010-02-19 26624]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NortonOnlineBackupReminder]
C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe [2009-06-17 538472]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PMBVolumeWatcher]
C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe [2009-10-24 597792]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2010-10-29 249064]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk]
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTTray.exe [2009-09-04 1081632]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^SONY^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^BE Help.lnk]
C:\PROGRA~2\BATTER~1\Data\English.hlp []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2009-11-21 284696]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-11-25 98304]
"DivXUpdate"=C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [2011-07-29 1259376]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2011-07-05 421888]
"iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2011-08-19 421736]
"Adobe Reader Speed Launcher"=C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [2012-01-03 37296]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-02 843712]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2009-12-16 268800]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\Windows\system32\webcheck.dll [2010-11-20 290304]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"VIDC.FFDS"=ff_vfw.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 month======

2012-04-08 20:40:17 ----D---- C:\rsit
2012-04-08 20:40:17 ----D---- C:\Program Files\trend micro
2012-04-08 20:35:59 ----A---- C:\ComboFix.txt
2012-04-08 19:45:41 ----A---- C:\Windows\zip.exe
2012-04-08 19:45:41 ----A---- C:\Windows\SWSC.exe
2012-04-08 19:45:41 ----A---- C:\Windows\SWREG.exe
2012-04-08 19:45:41 ----A---- C:\Windows\sed.exe
2012-04-08 19:45:41 ----A---- C:\Windows\PEV.exe
2012-04-08 19:45:41 ----A---- C:\Windows\NIRCMD.exe
2012-04-08 19:45:41 ----A---- C:\Windows\MBR.exe
2012-04-08 19:45:41 ----A---- C:\Windows\grep.exe
2012-04-08 19:45:34 ----D---- C:\Windows\ERDNT
2012-04-08 19:44:29 ----D---- C:\Qoobox
2012-04-01 23:58:04 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2012-03-24 12:07:18 ----D---- C:\Config.Msi
2012-03-18 01:48:00 ----D---- C:\Program Files (x86)\Adobe
2012-03-15 15:54:22 ----A---- C:\Windows\system32\ntoskrnl.exe
2012-03-15 15:54:20 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2012-03-15 15:54:17 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2012-03-14 16:26:47 ----A---- C:\Windows\system32\win32k.sys
2012-03-14 16:26:43 ----A---- C:\Windows\system32\DWrite.dll
2012-03-14 16:26:42 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2012-03-14 16:25:47 ----A---- C:\Windows\system32\rdpcore.dll
2012-03-14 16:25:46 ----A---- C:\Windows\SYSWOW64\rdpcore.dll
2012-03-14 16:25:45 ----A---- C:\Windows\system32\drivers\tdtcp.sys
2012-03-14 16:25:45 ----A---- C:\Windows\system32\drivers\rdpwd.sys
2012-03-14 16:25:44 ----A---- C:\Windows\system32\rdrmemptylst.exe
2012-03-14 16:25:44 ----A---- C:\Windows\system32\rdpwsx.dll
2012-03-14 16:25:44 ----A---- C:\Windows\system32\rdpcorekmts.dll

======List of files/folders modified in the last 1 month======

2012-04-08 20:40:18 ----D---- C:\Windows\Temp
2012-04-08 20:40:17 ----RD---- C:\Program Files
2012-04-08 20:31:53 ----D---- C:\Windows
2012-04-08 20:31:53 ----A---- C:\Windows\system.ini
2012-04-08 20:23:46 ----D---- C:\Windows\SysWOW64
2012-04-08 20:23:46 ----D---- C:\Windows\System32
2012-04-08 20:23:45 ----D---- C:\Windows\SYSWOW64\drivers
2012-04-08 20:23:45 ----D---- C:\Windows\system32\drivers
2012-04-08 20:23:45 ----D---- C:\Windows\AppPatch
2012-04-08 20:23:42 ----D---- C:\Program Files\Common Files
2012-04-08 20:23:42 ----D---- C:\Program Files (x86)\Common Files
2012-04-08 19:58:10 ----D---- C:\Windows\Prefetch
2012-04-08 19:43:41 ----D---- C:\Windows\system32\config
2012-04-08 18:59:04 ----A---- C:\Windows\SYSWOW64\log.txt
2012-04-08 18:58:44 ----D---- C:\Windows\Minidump
2012-04-08 14:31:49 ----SHD---- C:\System Volume Information
2012-04-02 22:19:46 ----D---- C:\Users\SONY\AppData\Roaming\Apple Computer
2012-04-02 00:16:37 ----D---- C:\Users\SONY\AppData\Roaming\Skype
2012-04-01 23:58:07 ----D---- C:\Windows\Tasks
2012-04-01 23:58:07 ----D---- C:\Windows\system32\Tasks
2012-03-31 00:36:37 ----RSD---- C:\Windows\assembly
2012-03-31 00:36:37 ----D---- C:\Windows\Microsoft.NET
2012-03-29 23:23:19 ----D---- C:\Windows\system32\catroot2
2012-03-29 06:17:17 ----D---- C:\Windows\inf
2012-03-29 06:17:17 ----A---- C:\Windows\system32\PerfStringBackup.INI
2012-03-28 17:36:59 ----D---- C:\Windows\system32\NDF
2012-03-28 14:46:06 ----SHD---- C:\Windows\Installer
2012-03-28 14:45:53 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2012-03-27 21:06:13 ----D---- C:\ProgramData\Apple
2012-03-24 12:07:10 ----D---- C:\ProgramData\Microsoft Help
2012-03-18 01:48:03 ----D---- C:\ProgramData\Adobe
2012-03-18 01:48:00 ----RD---- C:\Program Files (x86)
2012-03-17 23:53:20 ----D---- C:\Program Files (x86)\Mozilla Firefox
2012-03-15 16:02:16 ----D---- C:\Windows\winsxs
2012-03-15 15:54:27 ----D---- C:\Windows\system32\catroot
2012-03-15 00:06:53 ----A---- C:\Windows\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iaStor.sys [2009-11-21 537112]
R0 PxHlpa64;PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [2011-11-29 55856]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2010-04-28 139704]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2010-06-24 166984]
R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2010-04-28 169592]
R2 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2010-04-28 50600]
R2 rimspci;rimspci; C:\Windows\system32\drivers\rimssne64.sys [2009-11-06 93696]
R2 risdsnpe;risdsnpe; C:\Windows\system32\drivers\risdsne64.sys [2009-09-15 75776]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-10-08 6661120]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2010-10-08 195584]
R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\Windows\system32\drivers\Apfiltr.sys [2009-11-04 253488]
R3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect; C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys [2009-05-26 19968]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2009-11-12 1542656]
R3 dc3d;MS Hardware Device Detection Driver (USB); C:\Windows\system32\DRIVERS\dc3d.sys [2009-05-21 25992]
R3 Epfwndis;Eset Personal Firewall; C:\Windows\system32\DRIVERS\Epfwndis.sys [2010-04-28 33608]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 34152]
R3 HECIx64;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECIx64.sys [2009-12-14 56344]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2009-12-16 2212640]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2010-12-20 24152]
R3 Point64;Microsoft IntelliPoint Filter Driver; C:\Windows\system32\DRIVERS\point64k.sys [2009-05-09 33160]
R3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIVX.sys [2009-12-16 213280]
R3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys [2010-11-20 109056]
R3 SFEP;Sony Firmware Extension Parser; C:\Windows\system32\drivers\SFEP.sys [2009-08-19 11392]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S2 Angelnt;Angelnt; C:\Windows\System32\Drivers\ANGELNT.SYS []
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2010-10-08 6661120]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2011-04-28 552960]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 btusbflt;Bluetooth USB Filter; C:\Windows\system32\drivers\btusbflt.sys [2009-11-18 52264]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2009-11-18 98344]
S3 btwavdt;Bluetooth AVDT; C:\Windows\system32\drivers\btwavdt.sys [2009-11-18 132648]
S3 btwl2cap;Bluetooth L2CAP Service; C:\Windows\system32\DRIVERS\btwl2cap.sys [2009-11-18 35104]
S3 btwrchid;btwrchid; C:\Windows\system32\drivers\btwrchid.sys [2009-11-18 21160]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2010-09-23 48488]
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2009-12-16 7778176]
S3 Impcd;Impcd; C:\Windows\system32\drivers\Impcd.sys [2009-11-13 151936]
S3 IntcDAud;Intel(R) Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2009-12-16 244736]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 TVICHW64;TVICHW64; \??\C:\Windows\system32\DRIVERS\TVICHW64.SYS [2010-12-01 21200]
S3 USBAAPL64;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl64.sys [2011-05-10 51712]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2010-10-08 202752]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2011-05-25 37664]
R2 Autodesk Content Service;Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [2011-02-02 18656]
R2 Bonjour Service;Bonjour Service; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [2011-07-12 387944]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2009-09-04 873248]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2010-07-02 810144]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2009-11-21 13336]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2009-12-14 268824]
R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2010-12-20 363344]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [2009-07-16 935208]
R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2009-10-24 360224]
R2 SampleCollector;VAIO Care Performance Service; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [2010-08-12 257936]
R2 uCamMonitor;CamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2008-09-18 104960]
R2 UNS;Intel(R) Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-12-14 2320920]
R2 VAIO Event Service;VAIO Event Service; C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe [2010-05-28 205168]
R2 VCFw;VAIO Content Folder Watcher; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2009-09-14 642416]
R2 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager; C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2010-02-19 529776]
R2 VSNService;VSNService; C:\Program Files\Sony\VAIO Smart Network\VSNService.exe [2010-08-11 845312]
R2 VzCdbSvc;VAIO Entertainment Database Service; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe [2009-09-14 206336]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2011-08-19 934760]
R3 VAIO Power Management;VAIO Power Management; C:\Program Files\Sony\VAIO Power Management\SPMService.exe [2009-11-30 571248]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service; c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe []
S2 Roxio Upnp Server 10;Roxio Upnp Server 10; C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe [2009-08-31 362992]
S3 ACDaemon;ArcSoft Connect Daemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-01 253600]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2010-07-02 42360]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2011-11-27 1431888]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-09-23 1493352]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Roxio UPnP Renderer 10;Roxio UPnP Renderer 10; C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [2009-08-31 313840]
S3 SOHCImp;VAIO Media plus Content Importer; C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2009-10-15 120104]
S3 SOHDBSvr;VAIO Media plus Database Manager; C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe [2009-10-15 70952]
S3 SOHDms;VAIO Media plus Digital Media Server; C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2009-10-15 427304]
S3 SOHDs;VAIO Media plus Device Searcher; C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2009-10-15 75048]
S3 SOHPlMgr;VAIO Media plus Playlist Manager; C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe [2009-10-15 91432]
S3 VAIO Entertainment TV Device Arbitration Service;VAIO Entertainment TV Device Arbitration Service; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe [2009-09-14 69632]
S3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager; C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2009-09-01 361840]
S3 VcmXmlIfHelper;VAIO Content Metadata XML Interface; C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2010-02-19 115568]
S3 VUAgent;VUAgent; C:\Program Files\Sony\VAIO Update 5\VUAgent.exe [2010-04-09 1223024]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-05-28 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

ďakujem moc za ochotu a eŠte mam log aj z combofixu tak sem môžem dať aj ten ak by to pomohlo

Damon · #4 Příspěvek od **Damon** » 08 dub 2012 21:18

ComboFix 12-04-07.04 - SONY 08.04.2012 19:47:31.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.421.1051.18.3950.2474 [GMT 2:00]
Running from: c:\users\SONY\Desktop\ComboFix.exe
AV: ESET Smart Security 4.2 *Enabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
FW: ESET personal firewall *Enabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
SP: ESET Smart Security 4.2 *Enabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\SONY\AppData\Roaming\.#
.
.
((((((((((((((((((((((((( Files Created from 2012-03-08 to 2012-04-08 )))))))))))))))))))))))))))))))
.
.
2012-04-08 18:31 . 2012-04-08 18:31 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-04-08 16:49 . 2012-04-08 17:02 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{15D19E50-9723-43ED-B81B-88C2C58B373C}\offreg.dll
2012-04-08 12:14 . 2012-03-14 03:27 8669240 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{15D19E50-9723-43ED-B81B-88C2C58B373C}\mpengine.dll
2012-04-01 21:58 . 2012-04-01 21:58 418464 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-03-17 21:53 . 2012-03-17 21:53 592824 ----a-w- c:\program files (x86)\Mozilla Firefox\gkmedias.dll
2012-03-17 21:53 . 2012-03-17 21:53 44472 ----a-w- c:\program files (x86)\Mozilla Firefox\mozglue.dll
2012-03-15 13:54 . 2011-11-19 15:20 5559152 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-03-15 13:54 . 2011-11-19 14:50 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-03-15 13:54 . 2011-11-19 14:50 3913584 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-03-14 14:26 . 2012-02-03 04:34 3145728 ----a-w- c:\windows\system32\win32k.sys
2012-03-14 14:26 . 2012-02-10 06:36 1544192 ----a-w- c:\windows\system32\DWrite.dll
2012-03-14 14:26 . 2012-02-10 05:38 1077248 ----a-w- c:\windows\SysWow64\DWrite.dll
2012-03-14 14:25 . 2012-02-17 06:38 1031680 ----a-w- c:\windows\system32\rdpcore.dll
2012-03-14 14:25 . 2012-02-17 05:34 826880 ----a-w- c:\windows\SysWow64\rdpcore.dll
2012-03-14 14:25 . 2012-02-17 04:58 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-03-14 14:25 . 2012-02-17 04:57 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys
2012-03-14 14:25 . 2012-01-25 06:38 77312 ----a-w- c:\windows\system32\rdpwsx.dll
2012-03-14 14:25 . 2012-01-25 06:38 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll
2012-03-14 14:25 . 2012-01-25 06:33 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-04-01 21:58 . 2011-05-14 08:02 70304 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-02-23 08:18 . 2010-05-27 12:18 279656 ------w- c:\windows\system32\MpSigStub.exe
2012-02-01 19:54 . 2012-02-01 19:54 419840 ----a-w- c:\windows\system32\wrap_oal.dll
2012-02-01 19:54 . 2012-02-01 19:54 413696 ----a-w- c:\windows\SysWow64\wrap_oal.dll
2012-02-01 19:54 . 2012-02-01 19:54 133632 ----a-w- c:\windows\system32\OpenAL32.dll
2012-02-01 19:54 . 2012-02-01 19:54 110592 ----a-w- c:\windows\SysWow64\OpenAL32.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2009-11-20 284696]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-11-25 98304]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2011-07-28 1259376]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-07-05 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-08-19 421736]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-01-03 37296]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-02 843712]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
2009-12-01 22:03 98304 ----a-w- c:\windows\System32\VESWinlogon.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\progra~2\mcafee\SITEAD~1\mcsacore.exe [x]
R2 Roxio Upnp Server 10;Roxio Upnp Server 10;c:\program files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe [2009-08-31 362992]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-01 253600]
R3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2011-11-27 1431888]
R3 Impcd;Impcd;c:\windows\system32\drivers\Impcd.sys [x]
R3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x]
R3 Roxio UPnP Renderer 10;Roxio UPnP Renderer 10;c:\program files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [2009-08-31 313840]
R3 SOHCImp;VAIO Media plus Content Importer;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2009-10-15 120104]
R3 SOHDBSvr;VAIO Media plus Database Manager;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe [2009-10-15 70952]
R3 SOHDms;VAIO Media plus Digital Media Server;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2009-10-15 427304]
R3 SOHDs;VAIO Media plus Device Searcher;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2009-10-15 75048]
R3 SOHPlMgr;VAIO Media plus Playlist Manager;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe [2009-10-15 91432]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 TVICHW64;TVICHW64;c:\windows\system32\DRIVERS\TVICHW64.SYS [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2009-09-01 361840]
R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2010-02-19 115568]
R3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update 5\VUAgent.exe [2010-04-09 1223024]
R3 WatAdminSvc;Služba Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x]
S2 Autodesk Content Service;Autodesk Content Service;c:\program files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [2011-02-02 18656]
S2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\x86\ekrn.exe [2010-07-02 810144]
S2 epfwwfp;epfwwfp;c:\windows\system32\DRIVERS\epfwwfp.sys [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2009-11-20 13336]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2010-12-20 363344]
S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2009-10-24 360224]
S2 rimspci;rimspci;c:\windows\system32\drivers\rimssne64.sys [x]
S2 risdsnpe;risdsnpe;c:\windows\system32\drivers\risdsne64.sys [x]
S2 SampleCollector;VAIO Care Performance Service;c:\program files\Sony\VAIO Care\VCPerfService.exe [2010-08-12 257936]
S2 uCamMonitor;CamMonitor;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2008-09-18 104960]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-12-14 2320920]
S2 VCFw;VAIO Content Folder Watcher;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2009-09-14 642416]
S2 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2010-02-19 529776]
S2 VSNService;VSNService;c:\program files\Sony\VAIO Smart Network\VSNService.exe [2010-08-11 845312]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x]
S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys [x]
S3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64k.sys [x]
S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\drivers\SFEP.sys [x]
S3 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe [2009-11-30 571248]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [x]
.
.
Contents of the 'Scheduled Tasks' folder
.
2012-04-08 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-01 21:58]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-12-16 9636896]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2009-05-26 2314120]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2010-07-02 2903688]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com/ig/redirectdomain?brand=SVEC&bmod=EU01
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\SONY\AppData\Roaming\Mozilla\Firefox\Profiles\yv4t9dtg.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/webhp?rls=ig
FF - prefs.js: keyword.URL - hxxp://search.qip.ru/search?from=FF&query=
.
- - - - ORPHANS REMOVED - - - -
.
SafeBoot-mcmscsvc
SafeBoot-MCODS
HKLM-Run-Apoint - c:\program files (x86)\Apoint\Apoint.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SampleCollector]
"ImagePath"="\"c:\program files\Sony\VAIO Care\VCPerfService.exe\" \"/service\" \"/sstates\" \"/sampleinterval=5000\" \"/procinterval=5\" \"/dllinterval=120\" \"/counter=\Processor(_Total)\% Processor Time:1/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:1\" \"/counter=\Network Interface(*)\Bytes Total/sec:1\" \"/expandcounter=\Processor Information(*)\Processor Frequency:1\" \"/expandcounter=\Processor(*)\% Idle Time:1\" \"/expandcounter=\Processor(*)\% C1 Time:1\" \"/expandcounter=\Processor(*)\% C2 Time:1\" \"/expandcounter=\Processor(*)\% C3 Time:1\" \"/expandcounter=\Processor(*)\% Processor Time:1\" \"/directory=inteldata\""
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10d.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10d.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2012-04-08 20:35:58
ComboFix-quarantined-files.txt 2012-04-08 18:35
.
Pre-Run: 202 687 164 416 bytes free
Post-Run: 205 404 995 584 bytes free
.
- - End Of File - - 0CB364312C6C492B7B61CDDF3A1FAB07

ja som to v pohode spustil nič sa neudialo zlé a PC mi zmrzol za posledne 3hodky len raz (to je pokrok) nooo a pišu tam že by to nemalo trvať viac ako 10min normalne a mne to trvalo 40min tak si vrtavim že na tom asi PC neni moc dobre

a hej to že je blbosť davať najprv CF mi došlo až neskoro

Damon · #5 Příspěvek od **Damon** » 09 dub 2012 19:39

nakolko CF zahladil stopy nepomohlo by keby som vratil zmeny v systeme a spustil znovu RSIT ? idem urobiť čo si napísal, a ďakujem pekne za ochotu

no a to že sa nić nestalo no chvalabohu, nabuduce som poučený že sa nepchám do niečoho skorej ako mi niekto skúsený neporadí

jednotlive txt subory sem budem kopirovať postupne nakolko mi PC zamrza tak to nechcem robiť na 100x tak snaď mi to prepačite

takže MBR SCAN :

Kód: Vybrat vše

MBRScan v1.1.1

OS             : Windows 7 Service Pack 1 (64 bit)
PROCESSOR      : Intel64 Family 6 Model 37 Stepping 2, GenuineIntel
BOOT           : Normal Boot
DATE           : 2012/04/09 (ISO 8601) at 20:43:21
________________________________________________________________________________

DISK           : Device\Harddisk0\DR0 __TOSHIBA MK3265GSX (GJ00)
BUS_TYPE       : (0x03)  P-ATA
USE_PIO        : NO
MAX_TRANSFER   : 128 Kb
ALIGNMENT_MASK : word aligned
________________________________________________________________________________

Device\Harddisk0\DR0	298.1 Go  [Fixed] ==> 7 MBR Code

MBR_MD5   : 44EF4D8B79A35A0ACFFCB0CAC94A886F
MBR_SHA1  : 412B841323765879C45C3094B77F7E15B8DDFA49

Device\Harddisk0\Partition1	14.23 Go  	0x27 RE Hidden partition 
Device\Harddisk0\Partition2	100.0 Mo  	0x07 NTFS / HPFS __ BOOTABLE __
Device\Harddisk0\Partition3	283.8 Go  	0x07 NTFS / HPFS
________________________________________________________________________________

############################### Additional scan ################################

DRIVER  : C:\Windows\system32\hal.dll => Invisible on the disk
ADDRESS : 0x035EB000
SIZE    : 292.0 Ko

DRIVER  : C:\Windows\system32\kdcom.dll => Invisible on the disk
ADDRESS : 0x00BA5000
SIZE    : 40.0 Ko

DRIVER  : C:\Windows\system32\mcupdate_GenuineIntel.dll => Invisible on the disk
ADDRESS : 0x00C57000
SIZE    : 316.0 Ko

DRIVER  : C:\Windows\system32\CLFS.SYS => Invisible on the disk
ADDRESS : 0x00CBA000
SIZE    : 376.0 Ko

DRIVER  : C:\Windows\system32\CI.dll => Invisible on the disk
ADDRESS : 0x00D18000
SIZE    : 768.0 Ko

DRIVER  : C:\Windows\system32\drivers\Wdf01000.sys => Invisible on the disk
ADDRESS : 0x00E33000
SIZE    : 656.0 Ko

DRIVER  : C:\Windows\system32\drivers\WDFLDR.SYS => Invisible on the disk
ADDRESS : 0x00ED7000
SIZE    : 60.0 Ko

DRIVER  : C:\Windows\system32\drivers\ACPI.sys => Invisible on the disk
ADDRESS : 0x00EE6000
SIZE    : 348.0 Ko

DRIVER  : C:\Windows\system32\drivers\WMILIB.SYS => Invisible on the disk
ADDRESS : 0x00F3D000
SIZE    : 36.0 Ko

DRIVER  : C:\Windows\system32\drivers\msisadrv.sys => Invisible on the disk
ADDRESS : 0x00F46000
SIZE    : 40.0 Ko

DRIVER  : C:\Windows\system32\drivers\pci.sys => Invisible on the disk
ADDRESS : 0x00F50000
SIZE    : 204.0 Ko

DRIVER  : C:\Windows\system32\drivers\vdrvroot.sys => Invisible on the disk
ADDRESS : 0x00F83000
SIZE    : 52.0 Ko

DRIVER  : C:\Windows\System32\drivers\partmgr.sys => Invisible on the disk
ADDRESS : 0x00F90000
SIZE    : 84.0 Ko

DRIVER  : C:\Windows\system32\drivers\compbatt.sys => Invisible on the disk
ADDRESS : 0x00FA5000
SIZE    : 36.0 Ko

DRIVER  : C:\Windows\system32\drivers\BATTC.SYS => Invisible on the disk
ADDRESS : 0x00FAE000
SIZE    : 48.0 Ko

DRIVER  : C:\Windows\system32\drivers\volmgr.sys => Invisible on the disk
ADDRESS : 0x00FBA000
SIZE    : 84.0 Ko

DRIVER  : C:\Windows\System32\drivers\volmgrx.sys => Invisible on the disk
ADDRESS : 0x010A9000
SIZE    : 368.0 Ko

DRIVER  : C:\Windows\System32\drivers\mountmgr.sys => Invisible on the disk
ADDRESS : 0x01105000
SIZE    : 104.0 Ko

DRIVER  : C:\Windows\system32\drivers\iaStor.sys => Invisible on the disk
ADDRESS : 0x0121A000
SIZE    : 2.03 Mo

DRIVER  : C:\Windows\system32\drivers\amdxata.sys => Invisible on the disk
ADDRESS : 0x01422000
SIZE    : 44.0 Ko

DRIVER  : C:\Windows\system32\drivers\fltmgr.sys => Invisible on the disk
ADDRESS : 0x0142D000
SIZE    : 304.0 Ko

DRIVER  : C:\Windows\system32\drivers\fileinfo.sys => Invisible on the disk
ADDRESS : 0x01479000
SIZE    : 80.0 Ko

DRIVER  : C:\Windows\System32\Drivers\PxHlpa64.sys => Invisible on the disk
ADDRESS : 0x0148D000
SIZE    : 52.0 Ko

DRIVER  : C:\Windows\System32\Drivers\Ntfs.sys => Invisible on the disk
ADDRESS : 0x01605000
SIZE    : 1.64 Mo

DRIVER  : C:\Windows\System32\Drivers\msrpc.sys => Invisible on the disk
ADDRESS : 0x0149A000
SIZE    : 376.0 Ko

DRIVER  : C:\Windows\System32\Drivers\ksecdd.sys => Invisible on the disk
ADDRESS : 0x017A8000
SIZE    : 108.0 Ko

DRIVER  : C:\Windows\System32\Drivers\cng.sys => Invisible on the disk
ADDRESS : 0x014F8000
SIZE    : 456.0 Ko

DRIVER  : C:\Windows\System32\drivers\pcw.sys => Invisible on the disk
ADDRESS : 0x017C3000
SIZE    : 68.0 Ko

DRIVER  : C:\Windows\System32\Drivers\Fs_Rec.sys => Invisible on the disk
ADDRESS : 0x017D4000
SIZE    : 40.0 Ko

DRIVER  : C:\Windows\system32\drivers\ndis.sys => Invisible on the disk
ADDRESS : 0x018CB000
SIZE    : 972.0 Ko

DRIVER  : C:\Windows\system32\drivers\NETIO.SYS => Invisible on the disk
ADDRESS : 0x01800000
SIZE    : 384.0 Ko

DRIVER  : C:\Windows\System32\Drivers\ksecpkg.sys => Invisible on the disk
ADDRESS : 0x01860000
SIZE    : 172.0 Ko

DRIVER  : C:\Windows\System32\drivers\tcpip.sys => Invisible on the disk
ADDRESS : 0x01AEC000
SIZE    : 2.02 Mo

DRIVER  : C:\Windows\System32\drivers\fwpkclnt.sys => Invisible on the disk
ADDRESS : 0x01CF0000
SIZE    : 296.0 Ko

DRIVER  : C:\Windows\system32\drivers\volsnap.sys => Invisible on the disk
ADDRESS : 0x01D3A000
SIZE    : 304.0 Ko

DRIVER  : C:\Windows\System32\Drivers\spldr.sys => Invisible on the disk
ADDRESS : 0x01D86000
SIZE    : 32.0 Ko

DRIVER  : C:\Windows\System32\drivers\rdyboost.sys => Invisible on the disk
ADDRESS : 0x01D8E000
SIZE    : 232.0 Ko

DRIVER  : C:\Windows\System32\Drivers\mup.sys => Invisible on the disk
ADDRESS : 0x01DC8000
SIZE    : 72.0 Ko

DRIVER  : C:\Windows\System32\drivers\hwpolicy.sys => Invisible on the disk
ADDRESS : 0x01DDA000
SIZE    : 36.0 Ko

DRIVER  : C:\Windows\System32\DRIVERS\fvevol.sys => Invisible on the disk
ADDRESS : 0x01A00000
SIZE    : 232.0 Ko

DRIVER  : C:\Windows\system32\drivers\disk.sys => Invisible on the disk
ADDRESS : 0x01A3A000
SIZE    : 88.0 Ko

DRIVER  : C:\Windows\system32\drivers\CLASSPNP.SYS => Invisible on the disk
ADDRESS : 0x01A50000
SIZE    : 192.0 Ko

DRIVER  : C:\Windows\system32\drivers\cdrom.sys => Invisible on the disk
ADDRESS : 0x0443D000
SIZE    : 168.0 Ko

DRIVER  : C:\Windows\System32\Drivers\Null.SYS => Invisible on the disk
ADDRESS : 0x04467000
SIZE    : 36.0 Ko

DRIVER  : C:\Windows\System32\Drivers\Beep.SYS => Invisible on the disk
ADDRESS : 0x04470000
SIZE    : 28.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\ehdrv.sys => Invisible on the disk
ADDRESS : 0x04477000
SIZE    : 148.0 Ko

DRIVER  : C:\Windows\System32\drivers\vga.sys => Invisible on the disk
ADDRESS : 0x0449C000
SIZE    : 56.0 Ko

DRIVER  : C:\Windows\System32\drivers\VIDEOPRT.SYS => Invisible on the disk
ADDRESS : 0x044AA000
SIZE    : 148.0 Ko

DRIVER  : C:\Windows\System32\drivers\watchdog.sys => Invisible on the disk
ADDRESS : 0x044CF000
SIZE    : 64.0 Ko

DRIVER  : C:\Windows\System32\DRIVERS\RDPCDD.sys => Invisible on the disk
ADDRESS : 0x044DF000
SIZE    : 36.0 Ko

DRIVER  : C:\Windows\system32\drivers\rdpencdd.sys => Invisible on the disk
ADDRESS : 0x044E8000
SIZE    : 36.0 Ko

DRIVER  : C:\Windows\system32\drivers\rdprefmp.sys => Invisible on the disk
ADDRESS : 0x044F1000
SIZE    : 36.0 Ko

DRIVER  : C:\Windows\System32\Drivers\Msfs.SYS => Invisible on the disk
ADDRESS : 0x044FA000
SIZE    : 44.0 Ko

DRIVER  : C:\Windows\System32\Drivers\Npfs.SYS => Invisible on the disk
ADDRESS : 0x04505000
SIZE    : 68.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\tdx.sys => Invisible on the disk
ADDRESS : 0x04516000
SIZE    : 136.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\TDI.SYS => Invisible on the disk
ADDRESS : 0x04538000
SIZE    : 52.0 Ko

DRIVER  : C:\Windows\system32\drivers\afd.sys => Invisible on the disk
ADDRESS : 0x04545000
SIZE    : 548.0 Ko

DRIVER  : C:\Windows\System32\DRIVERS\netbt.sys => Invisible on the disk
ADDRESS : 0x01A8E000
SIZE    : 276.0 Ko

DRIVER  : C:\Windows\system32\drivers\ws2ifsl.sys => Invisible on the disk
ADDRESS : 0x045CE000
SIZE    : 44.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\wfplwf.sys => Invisible on the disk
ADDRESS : 0x045D9000
SIZE    : 36.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\pacer.sys => Invisible on the disk
ADDRESS : 0x0188B000
SIZE    : 152.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\vwififlt.sys => Invisible on the disk
ADDRESS : 0x045E2000
SIZE    : 88.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\netbios.sys => Invisible on the disk
ADDRESS : 0x04200000
SIZE    : 60.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\wanarp.sys => Invisible on the disk
ADDRESS : 0x01DE3000
SIZE    : 108.0 Ko

DRIVER  : C:\Windows\system32\drivers\termdd.sys => Invisible on the disk
ADDRESS : 0x01AD3000
SIZE    : 80.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\rdbss.sys => Invisible on the disk
ADDRESS : 0x0156A000
SIZE    : 324.0 Ko

DRIVER  : C:\Windows\system32\drivers\nsiproxy.sys => Invisible on the disk
ADDRESS : 0x0420F000
SIZE    : 48.0 Ko

DRIVER  : C:\Windows\system32\drivers\mssmbios.sys => Invisible on the disk
ADDRESS : 0x018B1000
SIZE    : 44.0 Ko

DRIVER  : C:\Windows\System32\drivers\discache.sys => Invisible on the disk
ADDRESS : 0x018BC000
SIZE    : 60.0 Ko

DRIVER  : C:\Windows\System32\Drivers\dfsc.sys => Invisible on the disk
ADDRESS : 0x019BE000
SIZE    : 120.0 Ko

DRIVER  : C:\Windows\system32\drivers\blbdrive.sys => Invisible on the disk
ADDRESS : 0x019DC000
SIZE    : 68.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\tunnel.sys => Invisible on the disk
ADDRESS : 0x015BB000
SIZE    : 152.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\atikmpag.sys => Invisible on the disk
ADDRESS : 0x0111F000
SIZE    : 216.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\atikmdag.sys => Invisible on the disk
ADDRESS : 0x04CA4000
SIZE    : 6.67 Mo

DRIVER  : C:\Windows\System32\drivers\dxgkrnl.sys => Invisible on the disk
ADDRESS : 0x046F2000
SIZE    : 976.0 Ko

DRIVER  : C:\Windows\System32\drivers\dxgmms1.sys => Invisible on the disk
ADDRESS : 0x04600000
SIZE    : 280.0 Ko

DRIVER  : C:\Windows\system32\drivers\HDAudBus.sys => Invisible on the disk
ADDRESS : 0x04646000
SIZE    : 144.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\HECIx64.sys => Invisible on the disk
ADDRESS : 0x0466A000
SIZE    : 68.0 Ko

DRIVER  : C:\Windows\system32\drivers\usbehci.sys => Invisible on the disk
ADDRESS : 0x0467B000
SIZE    : 68.0 Ko

DRIVER  : C:\Windows\system32\drivers\USBPORT.SYS => Invisible on the disk
ADDRESS : 0x0468C000
SIZE    : 344.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\athrx.sys => Invisible on the disk
ADDRESS : 0x04850000
SIZE    : 1.49 Mo

DRIVER  : C:\Windows\system32\DRIVERS\vwifibus.sys => Invisible on the disk
ADDRESS : 0x049CD000
SIZE    : 52.0 Ko

DRIVER  : C:\Windows\system32\drivers\sdbus.sys => Invisible on the disk
ADDRESS : 0x049DA000
SIZE    : 128.0 Ko

DRIVER  : C:\Windows\system32\drivers\rimssne64.sys => Invisible on the disk
ADDRESS : 0x04800000
SIZE    : 128.0 Ko

DRIVER  : C:\Windows\system32\drivers\risdsne64.sys => Invisible on the disk
ADDRESS : 0x04820000
SIZE    : 96.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\yk62x64.sys => Invisible on the disk
ADDRESS : 0x05350000
SIZE    : 404.0 Ko

DRIVER  : C:\Windows\system32\drivers\i8042prt.sys => Invisible on the disk
ADDRESS : 0x053B5000
SIZE    : 120.0 Ko

DRIVER  : C:\Windows\system32\drivers\kbdclass.sys => Invisible on the disk
ADDRESS : 0x04838000
SIZE    : 60.0 Ko

DRIVER  : C:\Windows\system32\drivers\Apfiltr.sys => Invisible on the disk
ADDRESS : 0x04C00000
SIZE    : 272.0 Ko

DRIVER  : C:\Windows\system32\drivers\mouclass.sys => Invisible on the disk
ADDRESS : 0x046E2000
SIZE    : 60.0 Ko

DRIVER  : C:\Windows\system32\drivers\SFEP.sys => Invisible on the disk
ADDRESS : 0x04847000
SIZE    : 12.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\GEARAspiWDM.sys => Invisible on the disk
ADDRESS : 0x047E6000
SIZE    : 52.0 Ko

DRIVER  : C:\Windows\system32\drivers\intelppm.sys => Invisible on the disk
ADDRESS : 0x04C44000
SIZE    : 88.0 Ko

DRIVER  : C:\Windows\system32\drivers\CmBatt.sys => Invisible on the disk
ADDRESS : 0x0484A000
SIZE    : 20.0 Ko

DRIVER  : C:\Windows\system32\drivers\CompositeBus.sys => Invisible on the disk
ADDRESS : 0x04C5A000
SIZE    : 64.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\Epfwndis.sys => Invisible on the disk
ADDRESS : 0x047F3000
SIZE    : 44.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\AgileVpn.sys => Invisible on the disk
ADDRESS : 0x04C6A000
SIZE    : 88.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\rasl2tp.sys => Invisible on the disk
ADDRESS : 0x04C80000
SIZE    : 144.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\ndistapi.sys => Invisible on the disk
ADDRESS : 0x053D3000
SIZE    : 48.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\ndiswan.sys => Invisible on the disk
ADDRESS : 0x01155000
SIZE    : 188.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\raspppoe.sys => Invisible on the disk
ADDRESS : 0x053DF000
SIZE    : 108.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\raspptp.sys => Invisible on the disk
ADDRESS : 0x017DE000
SIZE    : 132.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\rassstp.sys => Invisible on the disk
ADDRESS : 0x015E1000
SIZE    : 104.0 Ko

DRIVER  : C:\Windows\system32\drivers\swenum.sys => Invisible on the disk
ADDRESS : 0x049FA000
SIZE    : 8.0 Ko

DRIVER  : C:\Windows\system32\drivers\ks.sys => Invisible on the disk
ADDRESS : 0x01184000
SIZE    : 268.0 Ko

DRIVER  : C:\Windows\system32\drivers\umbus.sys => Invisible on the disk
ADDRESS : 0x019ED000
SIZE    : 72.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\usbhub.sys => Invisible on the disk
ADDRESS : 0x01000000
SIZE    : 360.0 Ko

DRIVER  : C:\Windows\System32\Drivers\NDProxy.SYS => Invisible on the disk
ADDRESS : 0x01200000
SIZE    : 84.0 Ko

DRIVER  : C:\Windows\system32\drivers\RtHDMIVX.sys => Invisible on the disk
ADDRESS : 0x0105A000
SIZE    : 204.0 Ko

DRIVER  : C:\Windows\system32\drivers\portcls.sys => Invisible on the disk
ADDRESS : 0x00C00000
SIZE    : 244.0 Ko

DRIVER  : C:\Windows\system32\drivers\drmk.sys => Invisible on the disk
ADDRESS : 0x011C7000
SIZE    : 136.0 Ko

DRIVER  : C:\Windows\system32\drivers\ksthunk.sys => Invisible on the disk
ADDRESS : 0x053FA000
SIZE    : 24.0 Ko

DRIVER  : C:\Windows\system32\drivers\RTKVHD64.sys => Invisible on the disk
ADDRESS : 0x05EEF000
SIZE    : 2.11 Mo

DRIVER  : C:\Windows\System32\win32k.sys => Invisible on the disk
ADDRESS : 0x00050000
SIZE    : 3.08 Mo

DRIVER  : C:\Windows\System32\drivers\Dxapi.sys => Invisible on the disk
ADDRESS : 0x0610A000
SIZE    : 48.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\usbccgp.sys => Invisible on the disk
ADDRESS : 0x06116000
SIZE    : 116.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\USBD.SYS => Invisible on the disk
ADDRESS : 0x06133000
SIZE    : 8.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\dc3d.sys => Invisible on the disk
ADDRESS : 0x06135000
SIZE    : 48.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\HIDPARSE.SYS => Invisible on the disk
ADDRESS : 0x06141000
SIZE    : 36.0 Ko

DRIVER  : C:\Windows\system32\drivers\hidusb.sys => Invisible on the disk
ADDRESS : 0x0614A000
SIZE    : 56.0 Ko

DRIVER  : C:\Windows\system32\drivers\HIDCLASS.SYS => Invisible on the disk
ADDRESS : 0x06158000
SIZE    : 100.0 Ko

DRIVER  : C:\Windows\system32\drivers\kbdhid.sys => Invisible on the disk
ADDRESS : 0x06171000
SIZE    : 56.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\mouhid.sys => Invisible on the disk
ADDRESS : 0x0617F000
SIZE    : 52.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\point64k.sys => Invisible on the disk
ADDRESS : 0x0618C000
SIZE    : 56.0 Ko

DRIVER  : C:\Windows\System32\Drivers\crashdmp.sys => Invisible on the disk
ADDRESS : 0x0619A000
SIZE    : 56.0 Ko

DRIVER  : C:\Windows\System32\TSDDD.dll => Invisible on the disk
ADDRESS : 0x00410000
SIZE    : 40.0 Ko

DRIVER  : C:\Windows\System32\cdd.dll => Invisible on the disk
ADDRESS : 0x00790000
SIZE    : 156.0 Ko

DRIVER  : C:\Windows\system32\drivers\luafv.sys => Invisible on the disk
ADDRESS : 0x061BB000
SIZE    : 140.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\eamonm.sys => Invisible on the disk
ADDRESS : 0x05E00000
SIZE    : 856.0 Ko

DRIVER  : C:\Windows\system32\drivers\WudfPf.sys => Invisible on the disk
ADDRESS : 0x061DE000
SIZE    : 132.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\epfw.sys => Invisible on the disk
ADDRESS : 0x00FCF000
SIZE    : 180.0 Ko

DRIVER  : C:\Windows\System32\Drivers\usbvideo.sys => Invisible on the disk
ADDRESS : 0x00E00000
SIZE    : 184.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys => Invisible on the disk
ADDRESS : 0x05ED6000
SIZE    : 40.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\lltdio.sys => Invisible on the disk
ADDRESS : 0x04423000
SIZE    : 84.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\nwifi.sys => Invisible on the disk
ADDRESS : 0x03EBE000
SIZE    : 332.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\ndisuio.sys => Invisible on the disk
ADDRESS : 0x03F11000
SIZE    : 76.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\rspndr.sys => Invisible on the disk
ADDRESS : 0x03F24000
SIZE    : 96.0 Ko

DRIVER  : C:\Windows\system32\drivers\HTTP.sys => Invisible on the disk
ADDRESS : 0x062FD000
SIZE    : 804.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\vwifimp.sys => Invisible on the disk
ADDRESS : 0x063C6000
SIZE    : 40.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\bowser.sys => Invisible on the disk
ADDRESS : 0x063D0000
SIZE    : 120.0 Ko

DRIVER  : C:\Windows\System32\drivers\mpsdrv.sys => Invisible on the disk
ADDRESS : 0x06200000
SIZE    : 96.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\mrxsmb.sys => Invisible on the disk
ADDRESS : 0x06218000
SIZE    : 180.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\mrxsmb10.sys => Invisible on the disk
ADDRESS : 0x06245000
SIZE    : 312.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\mrxsmb20.sys => Invisible on the disk
ADDRESS : 0x06293000
SIZE    : 144.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\epfwwfp.sys => Invisible on the disk
ADDRESS : 0x062B7000
SIZE    : 68.0 Ko

DRIVER  : C:\Windows\system32\drivers\peauth.sys => Invisible on the disk
ADDRESS : 0x03F3C000
SIZE    : 664.0 Ko

DRIVER  : C:\Windows\System32\Drivers\secdrv.SYS => Invisible on the disk
ADDRESS : 0x062C8000
SIZE    : 44.0 Ko

DRIVER  : C:\Windows\System32\DRIVERS\srvnet.sys => Invisible on the disk
ADDRESS : 0x03E00000
SIZE    : 196.0 Ko

DRIVER  : C:\Windows\System32\drivers\tcpipreg.sys => Invisible on the disk
ADDRESS : 0x062D3000
SIZE    : 72.0 Ko

DRIVER  : C:\Windows\System32\DRIVERS\srv2.sys => Invisible on the disk
ADDRESS : 0x03E31000
SIZE    : 420.0 Ko

DRIVER  : C:\Windows\System32\DRIVERS\srv.sys => Invisible on the disk
ADDRESS : 0x09046000
SIZE    : 608.0 Ko

DRIVER  : C:\Windows\system32\DRIVERS\WUDFRd.sys => Invisible on the disk
ADDRESS : 0x090DE000
SIZE    : 196.0 Ko

DRIVER  : C:\Windows\system32\drivers\mbam.sys => Invisible on the disk
ADDRESS : 0x0910F000
SIZE    : 40.0 Ko

DRIVER  : C:\Windows\System32\smss.exe => Invisible on the disk
ADDRESS : 0x48080000
SIZE    : 128.0 Ko

SystemStartOptions :  NOEXECUTE=OPTIN

________________________________________________________________________________

_______MBR   \Device\Harddisk0\DR0  

0x00000000   33 C0 8E D0 BC 00 7C 8E C0 8E D8 BE 00 7C BF 00   3À.Ð¼.|.À.Ø¾.|¿.
0x00000010   06 B9 00 02 FC F3 A4 50 68 1C 06 CB FB B9 04 00   .¹..üó¤Ph..Ëû¹..
0x00000020   BD BE 07 80 7E 00 00 7C 0B 0F 85 0E 01 83 C5 10   ½¾..~..|......Å.
0x00000030   E2 F1 CD 18 88 56 00 55 C6 46 11 05 C6 46 10 00   âñÍ..V.UÆF..ÆF..
0x00000040   B4 41 BB AA 55 CD 13 5D 72 0F 81 FB 55 AA 75 09   ´A»ªUÍ.]r..ûUªu.
0x00000050   F7 C1 01 00 74 03 FE 46 10 66 60 80 7E 10 00 74   ÷Á..t.þF.f`.~..t
0x00000060   26 66 68 00 00 00 00 66 FF 76 08 68 00 00 68 00   &fh....f.v.h..h.
0x00000070   7C 68 01 00 68 10 00 B4 42 8A 56 00 8B F4 CD 13   |h..h..´B.V..ôÍ.
0x00000080   9F 83 C4 10 9E EB 14 B8 01 02 BB 00 7C 8A 56 00   ..Ä..ë.¸..».|.V.
0x00000090   8A 76 01 8A 4E 02 8A 6E 03 CD 13 66 61 73 1C FE   .v..N..n.Í.fas.þ
0x000000A0   4E 11 75 0C 80 7E 00 80 0F 84 8A 00 B2 80 EB 84   N.u..~......².ë.
0x000000B0   55 32 E4 8A 56 00 CD 13 5D EB 9E 81 3E FE 7D 55   U2ä.V.Í.]ë..>þ}U
0x000000C0   AA 75 6E FF 76 00 E8 8D 00 75 17 FA B0 D1 E6 64   ªun.v.è..u.ú°Ñæd
0x000000D0   E8 83 00 B0 DF E6 60 E8 7C 00 B0 FF E6 64 E8 75   è..°ßæ`è|.°.ædèu
0x000000E0   00 FB B8 00 BB CD 1A 66 23 C0 75 3B 66 81 FB 54   .û¸.»Í.f#Àu;f.ûT
0x000000F0   43 50 41 75 32 81 F9 02 01 72 2C 66 68 07 BB 00   CPAu2.ù..r,fh.».
0x00000100   00 66 68 00 02 00 00 66 68 08 00 00 00 66 53 66   .fh....fh....fSf
0x00000110   53 66 55 66 68 00 00 00 00 66 68 00 7C 00 00 66   SfUfh....fh.|..f
0x00000120   61 68 00 00 07 CD 1A 5A 32 F6 EA 00 7C 00 00 CD   ah...Í.Z2öê.|..Í
0x00000130   18 A0 B7 07 EB 08 A0 B6 07 EB 03 A0 B5 07 32 E4   ..·.ë..¶.ë..µ.2ä
0x00000140   05 00 07 8B F0 AC 3C 00 74 09 BB 07 00 B4 0E CD   ....ð¬<.t.»..´.Í
0x00000150   10 EB F2 F4 EB FD 2B C9 E4 64 EB 00 24 02 E0 F8   .ëòôëý+Éädë.$.àø
0x00000160   24 02 C3 49 6E 76 61 6C 69 64 20 70 61 72 74 69   $.ÃInvalid parti
0x00000170   74 69 6F 6E 20 74 61 62 6C 65 00 45 72 72 6F 72   tion table.Error
0x00000180   20 6C 6F 61 64 69 6E 67 20 6F 70 65 72 61 74 69    loading operati
0x00000190   6E 67 20 73 79 73 74 65 6D 00 4D 69 73 73 69 6E   ng system.Missin
0x000001A0   67 20 6F 70 65 72 61 74 69 6E 67 20 73 79 73 74   g operating syst
0x000001B0   65 6D 00 00 00 63 7B 9A 0D 58 B5 C2 00 00 00 20   em...c{..XµÂ... 
0x000001C0   21 00 27 FE FF FF 00 08 00 00 00 78 C7 01 80 FE   !.'þ.......xÇ..þ
0x000001D0   FF FF 07 FE FF FF 00 80 C7 01 00 20 03 00 00 FE   ...þ....Ç.. ...þ
0x000001E0   FF FF 07 FE FF FF 00 A0 CA 01 B0 42 78 23 00 00   ...þ....Ê.°Bx#..
0x000001F0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 55 AA   ..............Uª

__________________________16_BIT_ASM_CODE
   
0x0000    33c0            XOR AX, AX   
0x0002    8ed0            MOV SS, AX   
0x0004    bc 007c         MOV SP, 0x7c00   
0x0007    8ec0            MOV ES, AX   
0x0009    8ed8            MOV DS, AX   
0x000B    be 007c         MOV SI, 0x7c00   
0x000E    bf 0006         MOV DI, 0x600   
0x0011    b9 0002         MOV CX, 0x200   
0x0014    fc              CLD   
0x0015    f3 a4           REP MOVSB   
0x0017    50              PUSH AX   
0x0018    68 1c06         PUSH 0x61c   
0x001B    cb              RETF   
0x001C    fb              STI   
0x001D    b9 0400         MOV CX, 0x4   
0x0020    bd be07         MOV BP, 0x7be   
0x0023    807e 00 00      CMP BYTE [BP+0x0], 0x0   
0x0027    7c 0b           JL 0x34   
0x0029    0f85 0e01       JNZ 0x13b   
0x002D    83c5 10         ADD BP, 0x10   
0x0030    e2 f1           LOOP 0x23   
0x0032    cd 18           INT 0x18   
0x0034    8856 00         MOV [BP+0x0], DL   
0x0037    55              PUSH BP   
0x0038    c646 11 05      MOV BYTE [BP+0x11], 0x5   
0x003C    c646 10 00      MOV BYTE [BP+0x10], 0x0   
0x0040    b4 41           MOV AH, 0x41   
0x0042    bb aa55         MOV BX, 0x55aa   
0x0045    cd 13           INT 0x13   
0x0047    5d              POP BP   
0x0048    72 0f           JB 0x59   
0x004A    81fb 55aa       CMP BX, 0xaa55   
0x004E    75 09           JNZ 0x59   
0x0050    f7c1 0100       TEST CX, 0x1   
0x0054    74 03           JZ 0x59   
0x0056    fe46 10         INC BYTE [BP+0x10]   
0x0059    66 60           PUSHAD   
0x005B    807e 10 00      CMP BYTE [BP+0x10], 0x0   
0x005F    74 26           JZ 0x87   
0x0061    66 68 00000000  PUSH 0x0   
0x0067    66 ff76 08      PUSH DWORD [BP+0x8]   
0x006B    68 0000         PUSH 0x0   
0x006E    68 007c         PUSH 0x7c00   
0x0071    68 0100         PUSH 0x1   
0x0074    68 1000         PUSH 0x10   
0x0077    b4 42           MOV AH, 0x42   
0x0079    8a56 00         MOV DL, [BP+0x0]   
0x007C    8bf4            MOV SI, SP   
0x007E    cd 13           INT 0x13   
0x0080    9f              LAHF   
0x0081    83c4 10         ADD SP, 0x10   
0x0084    9e              SAHF   
0x0085    eb 14           JMP 0x9b   
0x0087    b8 0102         MOV AX, 0x201   
0x008A    bb 007c         MOV BX, 0x7c00   
0x008D    8a56 00         MOV DL, [BP+0x0]   
0x0090    8a76 01         MOV DH, [BP+0x1]   
0x0093    8a4e 02         MOV CL, [BP+0x2]   
0x0096    8a6e 03         MOV CH, [BP+0x3]   
0x0099    cd 13           INT 0x13   
0x009B    66 61           POPAD   
0x009D    73 1c           JAE 0xbb   
0x009F    fe4e 11         DEC BYTE [BP+0x11]   
0x00A2    75 0c           JNZ 0xb0   
0x00A4    807e 00 80      CMP BYTE [BP+0x0], 0x80   
0x00A8    0f84 8a00       JZ 0x136   
0x00AC    b2 80           MOV DL, 0x80   
0x00AE    eb 84           JMP 0x34   
0x00B0    55              PUSH BP   
0x00B1    32e4            XOR AH, AH   
0x00B3    8a56 00         MOV DL, [BP+0x0]   
0x00B6    cd 13           INT 0x13   
0x00B8    5d              POP BP   
0x00B9    eb 9e           JMP 0x59   
0x00BB    813e fe7d 55aa  CMP WORD [0x7dfe], 0xaa55   
0x00C1    75 6e           JNZ 0x131   
0x00C3    ff76 00         PUSH WORD [BP+0x0]   
0x00C6    e8 8d00         CALL 0x156   
0x00C9    75 17           JNZ 0xe2   
0x00CB    fa              CLI   
0x00CC    b0 d1           MOV AL, 0xd1   
0x00CE    e6 64           OUT 0x64, AL   
0x00D0    e8 8300         CALL 0x156   
0x00D3    b0 df           MOV AL, 0xdf   
0x00D5    e6 60           OUT 0x60, AL   
0x00D7    e8 7c00         CALL 0x156   
0x00DA    b0 ff           MOV AL, 0xff   
0x00DC    e6 64           OUT 0x64, AL   
0x00DE    e8 7500         CALL 0x156   
0x00E1    fb              STI   
0x00E2    b8 00bb         MOV AX, 0xbb00   
0x00E5    cd 1a           INT 0x1a   
0x00E7    66 23c0         AND EAX, EAX   
0x00EA    75 3b           JNZ 0x127   
0x00EC    66 81fb 54435041CMP EBX, 0x41504354   
0x00F3    75 32           JNZ 0x127   
0x00F5    81f9 0201       CMP CX, 0x102   
0x00F9    72 2c           JB 0x127   
0x00FB    66 68 07bb0000  PUSH 0xbb07   
0x0101    66 68 00020000  PUSH 0x200   
0x0107    66 68 08000000  PUSH 0x8   
0x010D    66 53           PUSH EBX   
0x010F    66 53           PUSH EBX   
0x0111    66 55           PUSH EBP   
0x0113    66 68 00000000  PUSH 0x0   
0x0119    66 68 007c0000  PUSH 0x7c00   
0x011F    66 61           POPAD   
0x0121    68 0000         PUSH 0x0   
0x0124    07              POP ES   
0x0125    cd 1a           INT 0x1a   
0x0127    5a              POP DX   
0x0128    32f6            XOR DH, DH   
0x012A    ea 007c 0000    JMP FAR 0x0:0x7c00   
0x012F    cd 18           INT 0x18   
0x0131    a0 b707         MOV AL, [0x7b7]   
0x0134    eb 08           JMP 0x13e   
0x0136    a0 b607         MOV AL, [0x7b6]   
0x0139    eb 03           JMP 0x13e   
0x013B    a0 b507         MOV AL, [0x7b5]   
0x013E    32e4            XOR AH, AH   
0x0140    05 0007         ADD AX, 0x700   
0x0143    8bf0            MOV SI, AX   
0x0145    ac              LODSB   
0x0146    3c 00           CMP AL, 0x0   
0x0148    74 09           JZ 0x153   
0x014A    bb 0700         MOV BX, 0x7   
0x014D    b4 0e           MOV AH, 0xe   
0x014F    cd 10           INT 0x10   
0x0151    eb f2           JMP 0x145   
0x0153    f4              HLT   
0x0154    eb fd           JMP 0x153   
0x0156    2bc9            SUB CX, CX   
0x0158    e4 64           IN AL, 0x64   
0x015A    eb 00           JMP 0x15c   
0x015C    24 02           AND AL, 0x2   
0x015E    e0 f8           LOOPNZ 0x158   
0x0160    24 02           AND AL, 0x2   
0x0162    c3              RET   
0x0163    49              DEC CX   
0x0164    6e              OUTSB   
0x0165    76 61           JBE 0x1c8   
0x0167    6c              INSB   
0x0168    6964 20 7061    IMUL SP, [SI+0x20], 0x6170   
0x016D    72 74           JB 0x1e3   
0x016F    6974 69 6f6e    IMUL SI, [SI+0x69], 0x6e6f   
0x0174    2074 61         AND [SI+0x61], DH   
0x0177    626c 65         BOUND BP, [SI+0x65]   
0x017A    0045 72         ADD [DI+0x72], AL   
0x017D    72 6f           JB 0x1ee   
0x017F    72 20           JB 0x1a1   
0x0181    6c              INSB   
0x0182    6f              OUTSW   
0x0183    61              POPA   
0x0184    64 696e 67 206f IMUL BP, FS:[BP+0x67], 0x6f20   
0x018A    70 65           JO 0x1f1   
0x018C    72 61           JB 0x1ef   
0x018E    74 69           JZ 0x1f9   
0x0190    6e              OUTSB   
0x0191    67 2073 79      AND [EBX+0x79], DH   
0x0195    73 74           JAE 0x20b   
0x0197    65 6d           INS WORD GS:[DI], DX   
0x0199    004d 69         ADD [DI+0x69], CL   
0x019C    73 73           JAE 0x211   
0x019E    696e 67 206f    IMUL BP, [BP+0x67], 0x6f20   
0x01A3    70 65           JO 0x20a   
0x01A5    72 61           JB 0x208   
0x01A7    74 69           JZ 0x212   
0x01A9    6e              OUTSB   
0x01AA    67 2073 79      AND [EBX+0x79], DH   
0x01AE    73 74           JAE 0x224   
0x01B0    65 6d           INS WORD GS:[DI], DX   
0x01B2    0000            ADD [BX+SI], AL   
0x01B4    0063 7b         ADD [BP+DI+0x7b], AH   
0x01B7    9a 0d58 b5c2    CALL FAR 0xc2b5:0x580d   
0x01BC    0000            ADD [BX+SI], AL   
0x01BE    0020            ADD [BX+SI], AH   
0x01C0    2100            AND [BX+SI], AX   
0x01C2    27              DAA   
0x01C3    fe              DB 0xfe   
0x01C4    ff              DB 0xff   
0x01C5    ff00            INC WORD [BX+SI]   
0x01C7    0800            OR [BX+SI], AL   
0x01C9    0000            ADD [BX+SI], AL   
0x01CB    78 c7           JS 0x194   
0x01CD    0180 feff       ADD [BX+SI-0x2], AX   
0x01D1    ff07            INC WORD [BX]   
0x01D3    fe              DB 0xfe   
0x01D4    ff              DB 0xff   
0x01D5    ff00            INC WORD [BX+SI]   
0x01D7    80c7 01         ADD BH, 0x1   
0x01DA    0020            ADD [BX+SI], AH   
0x01DC    0300            ADD AX, [BX+SI]   
0x01DE    00fe            ADD DH, BH   
0x01E0    ff              DB 0xff   
0x01E1    ff07            INC WORD [BX]   
0x01E3    fe              DB 0xfe   
0x01E4    ff              DB 0xff   
0x01E5    ff00            INC WORD [BX+SI]   
0x01E7    a0 ca01         MOV AL, [0x1ca]   
0x01EA    b0 42           MOV AL, 0x42   
0x01EC    78 23           JS 0x211   
0x01EE    0000            ADD [BX+SI], AL   
0x01F0    0000            ADD [BX+SI], AL   
0x01F2    0000            ADD [BX+SI], AL   
0x01F4    0000            ADD [BX+SI], AL   
0x01F6    0000            ADD [BX+SI], AL   
0x01F8    0000            ADD [BX+SI], AL   
0x01FA    0000            ADD [BX+SI], AL   
0x01FC    0000            ADD [BX+SI], AL   
0x01FE    55              PUSH BP   
0x01FF    aa              STOSB

Damon · #6 Příspěvek od **Damon** » 09 dub 2012 19:51

tss killer :

20:46:26.0291 5272 TDSS rootkit removing tool 2.7.27.0 Apr 9 2012 09:53:37
20:46:26.0477 5272 ============================================================
20:46:26.0477 5272 Current date / time: 2012/04/09 20:46:26.0477
20:46:26.0477 5272 SystemInfo:
20:46:26.0477 5272
20:46:26.0477 5272 OS Version: 6.1.7601 ServicePack: 1.0
20:46:26.0477 5272 Product type: Workstation
20:46:26.0478 5272 ComputerName: SONY-VAIO
20:46:26.0478 5272 UserName: SONY
20:46:26.0478 5272 Windows directory: C:\Windows
20:46:26.0478 5272 System windows directory: C:\Windows
20:46:26.0478 5272 Running under WOW64
20:46:26.0478 5272 Processor architecture: Intel x64
20:46:26.0478 5272 Number of processors: 4
20:46:26.0478 5272 Page size: 0x1000
20:46:26.0478 5272 Boot type: Normal boot
20:46:26.0478 5272 ============================================================
20:46:27.0169 5272 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:46:27.0179 5272 \Device\Harddisk0\DR0:
20:46:27.0179 5272 MBR used
20:46:27.0179 5272 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1C78000, BlocksNum 0x32000
20:46:27.0179 5272 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1CAA000, BlocksNum 0x237842B0
20:46:27.0207 5272 Initialize success
20:46:27.0207 5272 ============================================================
20:47:48.0520 3660 ============================================================
20:47:48.0520 3660 Scan started
20:47:48.0520 3660 Mode: Manual; SigCheck; TDLFS;
20:47:48.0520 3660 ============================================================
20:47:49.0482 3660 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
20:47:49.0690 3660 1394ohci - ok
20:47:49.0803 3660 ACDaemon (adc420616c501b45d26c0fd3ef1e54e4) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
20:47:49.0930 3660 ACDaemon - ok
20:47:50.0036 3660 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
20:47:50.0073 3660 ACPI - ok
20:47:50.0169 3660 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
20:47:50.0295 3660 AcpiPmi - ok
20:47:50.0430 3660 AdobeFlashPlayerUpdateSvc (0d4c486a24a711a45fd83acdf4d18506) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
20:47:50.0455 3660 AdobeFlashPlayerUpdateSvc - ok
20:47:50.0565 3660 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
20:47:50.0810 3660 adp94xx - ok
20:47:50.0908 3660 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
20:47:51.0007 3660 adpahci - ok
20:47:51.0116 3660 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
20:47:51.0143 3660 adpu320 - ok
20:47:51.0219 3660 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
20:47:51.0391 3660 AeLookupSvc - ok
20:47:51.0490 3660 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
20:47:51.0561 3660 AFD - ok
20:47:51.0656 3660 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
20:47:51.0678 3660 agp440 - ok
20:47:51.0760 3660 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
20:47:51.0837 3660 ALG - ok
20:47:51.0937 3660 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
20:47:51.0957 3660 aliide - ok
20:47:52.0030 3660 AMD External Events Utility (3f9b03b72577a6a7405bf30801cbd159) C:\Windows\system32\atiesrxx.exe
20:47:52.0114 3660 AMD External Events Utility - ok
20:47:52.0215 3660 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
20:47:52.0235 3660 amdide - ok
20:47:52.0328 3660 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
20:47:52.0423 3660 AmdK8 - ok
20:47:52.0684 3660 amdkmdag (ea244a8b88de8b5986bf3b7903b063af) C:\Windows\system32\DRIVERS\atikmdag.sys
20:47:53.0067 3660 amdkmdag - ok
20:47:53.0201 3660 amdkmdap (dca6e341a4a7c31ea8a14c6166c9b249) C:\Windows\system32\DRIVERS\atikmpag.sys
20:47:53.0252 3660 amdkmdap - ok
20:47:53.0366 3660 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
20:47:53.0405 3660 AmdPPM - ok
20:47:53.0525 3660 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
20:47:53.0615 3660 amdsata - ok
20:47:53.0706 3660 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
20:47:53.0733 3660 amdsbs - ok
20:47:53.0825 3660 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
20:47:53.0878 3660 amdxata - ok
20:47:53.0959 3660 Angelnt - ok
20:47:54.0067 3660 ApfiltrService (1661f9c9e4b0049fa0a5e30264375a87) C:\Windows\system32\drivers\Apfiltr.sys
20:47:54.0125 3660 ApfiltrService - ok
20:47:54.0223 3660 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
20:47:54.0405 3660 AppID - ok
20:47:54.0482 3660 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
20:47:54.0596 3660 AppIDSvc - ok
20:47:54.0699 3660 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
20:47:54.0815 3660 Appinfo - ok
20:47:54.0900 3660 Apple Mobile Device (20f6f19fe9e753f2780dc2fa083ad597) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:47:54.0915 3660 Apple Mobile Device - ok
20:47:55.0036 3660 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
20:47:55.0059 3660 arc - ok
20:47:55.0158 3660 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
20:47:55.0181 3660 arcsas - ok
20:47:55.0265 3660 ArcSoftKsUFilter (c130bc4a51b1382b2be8e44579ec4c0a) C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys
20:47:55.0281 3660 ArcSoftKsUFilter - ok
20:47:55.0404 3660 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
20:47:55.0423 3660 aspnet_state - ok
20:47:55.0521 3660 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
20:47:55.0629 3660 AsyncMac - ok
20:47:55.0725 3660 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
20:47:55.0744 3660 atapi - ok
20:47:55.0869 3660 athr (0acc06fcf46f64ed4f11e57ee461c1f4) C:\Windows\system32\DRIVERS\athrx.sys
20:47:56.0046 3660 athr - ok
20:47:56.0297 3660 atikmdag (ea244a8b88de8b5986bf3b7903b063af) C:\Windows\system32\DRIVERS\atikmdag.sys
20:47:56.0494 3660 atikmdag - ok
20:47:56.0620 3660 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
20:47:56.0769 3660 AudioEndpointBuilder - ok
20:47:56.0820 3660 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
20:47:56.0924 3660 AudioSrv - ok
20:47:56.0997 3660 Autodesk Content Service (1992c2a1867d95aa3a0802539358d162) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
20:47:57.0016 3660 Autodesk Content Service - ok
20:47:57.0096 3660 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
20:47:57.0196 3660 AxInstSV - ok
20:47:57.0315 3660 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
20:47:57.0387 3660 b06bdrv - ok
20:47:57.0487 3660 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
20:47:57.0574 3660 b57nd60a - ok
20:47:57.0671 3660 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
20:47:57.0739 3660 BDESVC - ok
20:47:57.0837 3660 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
20:47:57.0965 3660 Beep - ok
20:47:58.0078 3660 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
20:47:58.0205 3660 BFE - ok
20:47:58.0300 3660 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\system32\qmgr.dll
20:47:58.0441 3660 BITS - ok
20:47:58.0551 3660 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys
20:47:58.0637 3660 blbdrive - ok
20:47:58.0764 3660 Bonjour Service (1c87705ccb2f60172b0fc86b5d82f00d) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
20:47:58.0793 3660 Bonjour Service - ok
20:47:58.0883 3660 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
20:47:59.0015 3660 bowser - ok
20:47:59.0114 3660 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
20:47:59.0192 3660 BrFiltLo - ok
20:47:59.0270 3660 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
20:47:59.0319 3660 BrFiltUp - ok
20:47:59.0443 3660 BridgeMP (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
20:47:59.0560 3660 BridgeMP - ok
20:47:59.0662 3660 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
20:47:59.0784 3660 Browser - ok
20:47:59.0882 3660 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
20:47:59.0964 3660 Brserid - ok
20:48:00.0063 3660 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
20:48:00.0114 3660 BrSerWdm - ok
20:48:00.0209 3660 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
20:48:00.0274 3660 BrUsbMdm - ok
20:48:00.0379 3660 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
20:48:00.0422 3660 BrUsbSer - ok
20:48:00.0549 3660 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
20:48:00.0613 3660 BthEnum - ok
20:48:00.0698 3660 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
20:48:00.0751 3660 BTHMODEM - ok
20:48:00.0856 3660 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
20:48:00.0915 3660 BthPan - ok
20:48:01.0028 3660 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys
20:48:01.0140 3660 BTHPORT - ok
20:48:01.0227 3660 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
20:48:01.0338 3660 bthserv - ok
20:48:01.0434 3660 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys
20:48:01.0495 3660 BTHUSB - ok
20:48:01.0591 3660 btusbflt (6e04458e98daf28826482e41a7a62df5) C:\Windows\system32\drivers\btusbflt.sys
20:48:01.0608 3660 btusbflt - ok
20:48:01.0698 3660 btwaudio (4bdbdb86abba924e029fb2683be7c505) C:\Windows\system32\drivers\btwaudio.sys
20:48:01.0715 3660 btwaudio - ok
20:48:01.0807 3660 btwavdt (5c849bd7c78791c5cee9f4651d7fe38d) C:\Windows\system32\drivers\btwavdt.sys
20:48:01.0829 3660 btwavdt - ok
20:48:01.0925 3660 btwdins (31da517946ffe416442e864592548f8a) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
20:48:01.0972 3660 btwdins - ok
20:48:02.0051 3660 btwl2cap (6149301dc3f81d6f9667a3fbac410975) C:\Windows\system32\DRIVERS\btwl2cap.sys
20:48:02.0063 3660 btwl2cap - ok
20:48:02.0162 3660 btwrchid (3e1991afa851a36dc978b0a1b0535c8b) C:\Windows\system32\drivers\btwrchid.sys
20:48:02.0177 3660 btwrchid - ok
20:48:02.0283 3660 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
20:48:02.0396 3660 cdfs - ok
20:48:02.0488 3660 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
20:48:02.0572 3660 cdrom - ok
20:48:02.0671 3660 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
20:48:02.0759 3660 CertPropSvc - ok
20:48:02.0862 3660 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
20:48:02.0919 3660 circlass - ok
20:48:03.0022 3660 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
20:48:03.0058 3660 CLFS - ok
20:48:03.0164 3660 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:48:03.0187 3660 clr_optimization_v2.0.50727_32 - ok
20:48:03.0268 3660 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
20:48:03.0289 3660 clr_optimization_v2.0.50727_64 - ok
20:48:03.0401 3660 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:48:03.0421 3660 clr_optimization_v4.0.30319_32 - ok
20:48:03.0533 3660 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
20:48:03.0553 3660 clr_optimization_v4.0.30319_64 - ok
20:48:03.0655 3660 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
20:48:03.0728 3660 CmBatt - ok
20:48:03.0815 3660 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
20:48:03.0834 3660 cmdide - ok
20:48:03.0937 3660 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
20:48:04.0022 3660 CNG - ok
20:48:04.0126 3660 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
20:48:04.0145 3660 Compbatt - ok
20:48:04.0247 3660 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
20:48:04.0304 3660 CompositeBus - ok
20:48:04.0370 3660 COMSysApp - ok
20:48:04.0467 3660 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
20:48:04.0489 3660 crcdisk - ok
20:48:04.0573 3660 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll
20:48:04.0680 3660 CryptSvc - ok
20:48:04.0776 3660 dc3d (486a81e022f89b64c8dd811083abad62) C:\Windows\system32\DRIVERS\dc3d.sys
20:48:04.0826 3660 dc3d - ok
20:48:04.0925 3660 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
20:48:05.0053 3660 DcomLaunch - ok
20:48:05.0146 3660 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
20:48:05.0265 3660 defragsvc - ok
20:48:05.0361 3660 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
20:48:05.0478 3660 DfsC - ok
20:48:05.0575 3660 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
20:48:05.0696 3660 Dhcp - ok
20:48:05.0788 3660 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
20:48:05.0966 3660 discache - ok
20:48:06.0071 3660 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
20:48:06.0128 3660 Disk - ok
20:48:06.0211 3660 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
20:48:06.0288 3660 Dnscache - ok
20:48:06.0362 3660 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
20:48:06.0461 3660 dot3svc - ok
20:48:06.0502 3660 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
20:48:06.0621 3660 DPS - ok
20:48:06.0731 3660 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
20:48:06.0809 3660 drmkaud - ok
20:48:06.0935 3660 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
20:48:06.0996 3660 DXGKrnl - ok
20:48:07.0097 3660 eamonm (29b06c2346fc6c39d073391f73fc4bb0) C:\Windows\system32\DRIVERS\eamonm.sys
20:48:07.0123 3660 eamonm - ok
20:48:07.0192 3660 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
20:48:07.0302 3660 EapHost - ok
20:48:07.0460 3660 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
20:48:07.0656 3660 ebdrv - ok
20:48:07.0744 3660 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
20:48:07.0827 3660 EFS - ok
20:48:07.0926 3660 ehdrv (4b52cf6d057a1b8a751a5475c126933f) C:\Windows\system32\DRIVERS\ehdrv.sys
20:48:07.0981 3660 ehdrv - ok
20:48:08.0055 3660 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
20:48:08.0143 3660 ehRecvr - ok
20:48:08.0210 3660 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
20:48:08.0278 3660 ehSched - ok
20:48:08.0390 3660 EhttpSrv (691e1180bd4010e0718485679a6a5951) C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
20:48:08.0406 3660 EhttpSrv - ok
20:48:08.0525 3660 ekrn (edf788343a0700428620cf03187d3c13) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
20:48:08.0587 3660 ekrn - ok
20:48:08.0708 3660 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
20:48:08.0749 3660 elxstor - ok
20:48:08.0855 3660 epfw (6be46c1caf414c10cf58cc44191a9ff1) C:\Windows\system32\DRIVERS\epfw.sys
20:48:08.0903 3660 epfw - ok
20:48:08.0993 3660 Epfwndis (958d8c84173ba885d3ebfd199deb3cd3) C:\Windows\system32\DRIVERS\Epfwndis.sys
20:48:09.0090 3660 Epfwndis - ok
20:48:09.0212 3660 epfwwfp (7df59af64858ee06749bc7ed4a6452e1) C:\Windows\system32\DRIVERS\epfwwfp.sys
20:48:09.0263 3660 epfwwfp - ok
20:48:09.0346 3660 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
20:48:09.0419 3660 ErrDev - ok
20:48:09.0516 3660 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
20:48:09.0637 3660 EventSystem - ok
20:48:09.0748 3660 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
20:48:09.0870 3660 exfat - ok
20:48:09.0971 3660 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
20:48:10.0084 3660 fastfat - ok
20:48:10.0186 3660 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
20:48:10.0272 3660 Fax - ok
20:48:10.0369 3660 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
20:48:10.0482 3660 fdc - ok
20:48:10.0559 3660 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
20:48:10.0680 3660 fdPHost - ok
20:48:10.0749 3660 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
20:48:10.0861 3660 FDResPub - ok
20:48:10.0962 3660 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
20:48:11.0019 3660 FileInfo - ok
20:48:11.0113 3660 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
20:48:11.0227 3660 Filetrace - ok
20:48:11.0320 3660 FLEXnet Licensing Service 64 (5cee6cd43ae5844c49300ea0b1e557ee) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
20:48:11.0403 3660 FLEXnet Licensing Service 64 - ok
20:48:11.0513 3660 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
20:48:11.0563 3660 flpydisk - ok
20:48:11.0773 3660 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
20:48:11.0946 3660 FltMgr - ok
20:48:12.0110 3660 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
20:48:12.0212 3660 FontCache - ok
20:48:12.0302 3660 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:48:12.0322 3660 FontCache3.0.0.0 - ok
20:48:12.0432 3660 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
20:48:12.0507 3660 FsDepends - ok
20:48:12.0601 3660 fssfltr (6c06701bf1db05405804d7eb610991ce) C:\Windows\system32\DRIVERS\fssfltr.sys
20:48:12.0620 3660 fssfltr - ok
20:48:12.0805 3660 fsssvc (4ce9dac1518ff7e77bd213e6394b9d77) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
20:48:12.0885 3660 fsssvc - ok
20:48:12.0993 3660 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
20:48:13.0041 3660 Fs_Rec - ok
20:48:13.0141 3660 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
20:48:13.0171 3660 fvevol - ok
20:48:13.0274 3660 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
20:48:13.0392 3660 gagp30kx - ok
20:48:13.0532 3660 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
20:48:13.0548 3660 GEARAspiWDM - ok
20:48:13.0682 3660 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
20:48:13.0795 3660 gpsvc - ok
20:48:13.0886 3660 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
20:48:13.0956 3660 hcw85cir - ok
20:48:14.0051 3660 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
20:48:14.0096 3660 HdAudAddService - ok
20:48:14.0286 3660 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
20:48:14.0346 3660 HDAudBus - ok
20:48:14.0515 3660 HECIx64 (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys
20:48:14.0535 3660 HECIx64 - ok
20:48:14.0622 3660 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
20:48:14.0717 3660 HidBatt - ok
20:48:14.0799 3660 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
20:48:14.0834 3660 HidBth - ok
20:48:14.0937 3660 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
20:48:14.0992 3660 HidIr - ok
20:48:15.0064 3660 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll
20:48:15.0177 3660 hidserv - ok
20:48:15.0292 3660 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
20:48:15.0373 3660 HidUsb - ok
20:48:15.0468 3660 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
20:48:15.0597 3660 hkmsvc - ok
20:48:15.0684 3660 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
20:48:15.0746 3660 HomeGroupListener - ok
20:48:15.0813 3660 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
20:48:15.0864 3660 HomeGroupProvider - ok
20:48:15.0982 3660 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
20:48:16.0004 3660 HpSAMD - ok
20:48:16.0114 3660 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
20:48:16.0282 3660 HTTP - ok
20:48:16.0378 3660 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
20:48:16.0437 3660 hwpolicy - ok
20:48:16.0543 3660 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
20:48:16.0606 3660 i8042prt - ok
20:48:16.0724 3660 iaStor (073a606333b6f7bbf20aa856df7f0997) C:\Windows\system32\drivers\iaStor.sys
20:48:16.0759 3660 iaStor - ok
20:48:16.0814 3660 IAStorDataMgrSvc (cc800d2d9fd467542bac7c186c4774ad) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
20:48:16.0830 3660 IAStorDataMgrSvc - ok
20:48:16.0944 3660 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
20:48:16.0982 3660 iaStorV - ok
20:48:17.0082 3660 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
20:48:17.0137 3660 idsvc - ok
20:48:17.0419 3660 igfx (31d1aff484d8a0906cf8d44251ec390f) C:\Windows\system32\DRIVERS\igdkmd64.sys
20:48:17.0800 3660 igfx ( UnsignedFile.Multi.Generic ) - warning
20:48:17.0801 3660 igfx - detected UnsignedFile.Multi.Generic (1)
20:48:17.0937 3660 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
20:48:17.0956 3660 iirsp - ok
20:48:18.0060 3660 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
20:48:18.0177 3660 IKEEXT - ok
20:48:18.0303 3660 Impcd (36fdf367a1dabff903e2214023d71368) C:\Windows\system32\drivers\Impcd.sys
20:48:18.0332 3660 Impcd - ok
20:48:18.0552 3660 IntcAzAudAddService (0f144e5f46cb9043004b5e84aa4bca6a) C:\Windows\system32\drivers\RTKVHD64.sys
20:48:18.0661 3660 IntcAzAudAddService - ok
20:48:18.0763 3660 IntcDAud (408b401cd7cdb075c7470b0ff7ba8d0b) C:\Windows\system32\DRIVERS\IntcDAud.sys
20:48:18.0797 3660 IntcDAud ( UnsignedFile.Multi.Generic ) - warning
20:48:18.0797 3660 IntcDAud - detected UnsignedFile.Multi.Generic (1)
20:48:18.0918 3660 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
20:48:18.0936 3660 intelide - ok
20:48:19.0057 3660 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\drivers\intelppm.sys
20:48:19.0103 3660 intelppm - ok
20:48:19.0214 3660 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
20:48:19.0337 3660 IPBusEnum - ok
20:48:19.0477 3660 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:48:19.0570 3660 IpFilterDriver - ok
20:48:19.0665 3660 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
20:48:19.0775 3660 iphlpsvc - ok
20:48:19.0858 3660 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
20:48:19.0887 3660 IPMIDRV - ok
20:48:19.0971 3660 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
20:48:20.0127 3660 IPNAT - ok
20:48:20.0207 3660 iPod Service (b7cb0b121962cd89f98c0dd89331b0c0) C:\Program Files\iPod\bin\iPodService.exe
20:48:20.0261 3660 iPod Service - ok
20:48:20.0348 3660 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
20:48:20.0410 3660 IRENUM - ok
20:48:20.0501 3660 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
20:48:20.0523 3660 isapnp - ok
20:48:20.0622 3660 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
20:48:20.0687 3660 iScsiPrt - ok
20:48:20.0784 3660 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
20:48:20.0809 3660 kbdclass - ok
20:48:20.0898 3660 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
20:48:20.0950 3660 kbdhid - ok
20:48:21.0034 3660 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
20:48:21.0059 3660 KeyIso - ok
20:48:21.0098 3660 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
20:48:21.0124 3660 KSecDD - ok
20:48:21.0200 3660 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
20:48:21.0266 3660 KSecPkg - ok
20:48:21.0358 3660 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
20:48:21.0499 3660 ksthunk - ok
20:48:21.0596 3660 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
20:48:21.0710 3660 KtmRm - ok
20:48:21.0844 3660 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\System32\srvsvc.dll
20:48:22.0040 3660 LanmanServer - ok
20:48:22.0186 3660 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
20:48:22.0300 3660 LanmanWorkstation - ok
20:48:22.0448 3660 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
20:48:22.0600 3660 lltdio - ok
20:48:22.0696 3660 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
20:48:22.0832 3660 lltdsvc - ok
20:48:22.0918 3660 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
20:48:23.0009 3660 lmhosts - ok
20:48:23.0116 3660 LMS (5460828f8951d310b42b442877603b8d) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
20:48:23.0136 3660 LMS - ok
20:48:23.0263 3660 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
20:48:23.0286 3660 LSI_FC - ok
20:48:23.0404 3660 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
20:48:23.0425 3660 LSI_SAS - ok
20:48:23.0518 3660 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
20:48:23.0567 3660 LSI_SAS2 - ok
20:48:23.0664 3660 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
20:48:23.0682 3660 LSI_SCSI - ok
20:48:23.0836 3660 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
20:48:23.0931 3660 luafv - ok
20:48:24.0031 3660 MBAMProtector (79da94b35371b9e7104460c7693dcb2c) C:\Windows\system32\drivers\mbam.sys
20:48:24.0066 3660 MBAMProtector - ok
20:48:24.0168 3660 MBAMService (056b19651bd7b7ce5f89a3ac46dbdc08) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
20:48:24.0210 3660 MBAMService - ok
20:48:24.0281 3660 McAfee SiteAdvisor Service - ok
20:48:24.0349 3660 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
20:48:24.0400 3660 Mcx2Svc - ok
20:48:24.0499 3660 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
20:48:24.0524 3660 megasas - ok
20:48:24.0610 3660 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
20:48:24.0686 3660 MegaSR - ok
20:48:24.0763 3660 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
20:48:24.0896 3660 MMCSS - ok
20:48:25.0017 3660 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
20:48:25.0135 3660 Modem - ok
20:48:25.0264 3660 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
20:48:25.0350 3660 monitor - ok
20:48:25.0456 3660 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
20:48:25.0477 3660 mouclass - ok
20:48:25.0579 3660 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
20:48:25.0642 3660 mouhid - ok
20:48:25.0749 3660 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
20:48:25.0773 3660 mountmgr - ok
20:48:25.0847 3660 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
20:48:25.0886 3660 mpio - ok
20:48:25.0975 3660 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
20:48:26.0131 3660 mpsdrv - ok
20:48:26.0238 3660 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
20:48:26.0373 3660 MpsSvc - ok
20:48:26.0460 3660 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
20:48:26.0523 3660 MRxDAV - ok
20:48:26.0619 3660 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
20:48:26.0700 3660 mrxsmb - ok
20:48:26.0804 3660 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:48:26.0909 3660 mrxsmb10 - ok
20:48:27.0004 3660 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:48:27.0084 3660 mrxsmb20 - ok
20:48:27.0209 3660 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
20:48:27.0230 3660 msahci - ok
20:48:27.0317 3660 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
20:48:27.0342 3660 msdsm - ok
20:48:27.0424 3660 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
20:48:27.0458 3660 MSDTC - ok
20:48:27.0553 3660 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
20:48:27.0661 3660 Msfs - ok
20:48:27.0750 3660 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
20:48:27.0856 3660 mshidkmdf - ok
20:48:27.0941 3660 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
20:48:27.0961 3660 msisadrv - ok
20:48:28.0040 3660 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
20:48:28.0157 3660 MSiSCSI - ok
20:48:28.0215 3660 msiserver - ok
20:48:28.0271 3660 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
20:48:28.0397 3660 MSKSSRV - ok
20:48:28.0524 3660 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
20:48:28.0639 3660 MSPCLOCK - ok
20:48:28.0718 3660 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
20:48:28.0861 3660 MSPQM - ok
20:48:28.0967 3660 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
20:48:29.0004 3660 MsRPC - ok
20:48:29.0092 3660 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
20:48:29.0113 3660 mssmbios - ok
20:48:29.0204 3660 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
20:48:29.0311 3660 MSTEE - ok
20:48:29.0411 3660 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
20:48:29.0454 3660 MTConfig - ok
20:48:29.0544 3660 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
20:48:29.0601 3660 Mup - ok
20:48:29.0677 3660 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
20:48:29.0806 3660 napagent - ok
20:48:29.0906 3660 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
20:48:30.0031 3660 NativeWifiP - ok
20:48:30.0146 3660 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
20:48:30.0203 3660 NDIS - ok
20:48:30.0293 3660 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
20:48:30.0381 3660 NdisCap - ok
20:48:30.0481 3660 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
20:48:30.0580 3660 NdisTapi - ok
20:48:30.0683 3660 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
20:48:30.0806 3660 Ndisuio - ok
20:48:30.0900 3660 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
20:48:31.0063 3660 NdisWan - ok
20:48:31.0169 3660 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
20:48:31.0342 3660 NDProxy - ok
20:48:31.0465 3660 Nero BackItUp Scheduler 4.0 (b90e093e7a7250906f1054418b5339c0) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
20:48:31.0514 3660 Nero BackItUp Scheduler 4.0 - ok
20:48:31.0594 3660 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
20:48:31.0735 3660 NetBIOS - ok
20:48:31.0821 3660 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
20:48:31.0937 3660 NetBT - ok
20:48:32.0019 3660 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
20:48:32.0045 3660 Netlogon - ok
20:48:32.0145 3660 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
20:48:32.0271 3660 Netman - ok
20:48:32.0385 3660 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:48:32.0409 3660 NetMsmqActivator - ok
20:48:32.0440 3660 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:48:32.0459 3660 NetPipeActivator - ok
20:48:32.0544 3660 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
20:48:32.0674 3660 netprofm - ok
20:48:32.0785 3660 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:48:32.0806 3660 NetTcpActivator - ok
20:48:32.0813 3660 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:48:32.0839 3660 NetTcpPortSharing - ok
20:48:32.0944 3660 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
20:48:32.0966 3660 nfrd960 - ok
20:48:33.0053 3660 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
20:48:33.0176 3660 NlaSvc - ok
20:48:33.0271 3660 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
20:48:33.0414 3660 Npfs - ok
20:48:33.0489 3660 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
20:48:33.0598 3660 nsi - ok
20:48:33.0683 3660 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
20:48:33.0774 3660 nsiproxy - ok
20:48:33.0844 3660 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
20:48:33.0966 3660 Ntfs - ok
20:48:34.0042 3660 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
20:48:34.0185 3660 Null - ok
20:48:34.0293 3660 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
20:48:34.0320 3660 nvraid - ok
20:48:34.0412 3660 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
20:48:34.0438 3660 nvstor - ok
20:48:34.0519 3660 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
20:48:34.0544 3660 nv_agp - ok
20:48:34.0653 3660 odserv (1f0e05dff4f5a833168e49be1256f002) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
20:48:34.0695 3660 odserv - ok
20:48:34.0779 3660 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
20:48:34.0805 3660 ohci1394 - ok
20:48:34.0888 3660 ose (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:48:34.0916 3660 ose - ok
20:48:34.0979 3660 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
20:48:35.0063 3660 p2pimsvc - ok
20:48:35.0151 3660 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
20:48:35.0206 3660 p2psvc - ok
20:48:35.0303 3660 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
20:48:35.0353 3660 Parport - ok
20:48:35.0449 3660 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
20:48:35.0471 3660 partmgr - ok
20:48:35.0550 3660 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
20:48:35.0612 3660 PcaSvc - ok
20:48:35.0714 3660 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
20:48:35.0741 3660 pci - ok
20:48:35.0842 3660 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
20:48:35.0862 3660 pciide - ok
20:48:35.0944 3660 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
20:48:36.0008 3660 pcmcia - ok
20:48:36.0095 3660 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
20:48:36.0151 3660 pcw - ok
20:48:36.0244 3660 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
20:48:36.0408 3660 PEAUTH - ok
20:48:36.0498 3660 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
20:48:36.0556 3660 PerfHost - ok
20:48:36.0701 3660 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
20:48:36.0871 3660 pla - ok
20:48:36.0970 3660 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
20:48:37.0045 3660 PlugPlay - ok
20:48:37.0144 3660 PMBDeviceInfoProvider (627fa58adc043704f9d14ca44340956f) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
20:48:37.0192 3660 PMBDeviceInfoProvider - ok
20:48:37.0267 3660 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
20:48:37.0296 3660 PNRPAutoReg - ok
20:48:37.0378 3660 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
20:48:37.0413 3660 PNRPsvc - ok
20:48:37.0499 3660 Point64 (a6d06378f37bdba0c0019294c2aabbd0) C:\Windows\system32\DRIVERS\point64k.sys
20:48:37.0517 3660 Point64 - ok
20:48:37.0563 3660 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
20:48:37.0664 3660 PolicyAgent - ok
20:48:37.0746 3660 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
20:48:37.0859 3660 Power - ok
20:48:37.0976 3660 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
20:48:38.0194 3660 PptpMiniport - ok
20:48:38.0298 3660 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
20:48:38.0325 3660 Processor - ok
20:48:38.0407 3660 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll
20:48:38.0525 3660 ProfSvc - ok
20:48:38.0617 3660 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
20:48:38.0653 3660 ProtectedStorage - ok
20:48:38.0748 3660 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
20:48:38.0862 3660 Psched - ok
20:48:38.0958 3660 PxHlpa64 (87b04878a6d59d6c79251dc960c674c1) C:\Windows\system32\Drivers\PxHlpa64.sys
20:48:39.0010 3660 PxHlpa64 - ok
20:48:39.0134 3660 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
20:48:39.0222 3660 ql2300 - ok
20:48:39.0309 3660 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
20:48:39.0334 3660 ql40xx - ok
20:48:39.0410 3660 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
20:48:39.0458 3660 QWAVE - ok
20:48:39.0542 3660 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
20:48:39.0629 3660 QWAVEdrv - ok
20:48:39.0718 3660 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
20:48:39.0863 3660 RasAcd - ok
20:48:39.0968 3660 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
20:48:40.0086 3660 RasAgileVpn - ok
20:48:40.0178 3660 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
20:48:40.0276 3660 RasAuto - ok
20:48:40.0378 3660 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
20:48:40.0558 3660 Rasl2tp - ok
20:48:40.0661 3660 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
20:48:40.0776 3660 RasMan - ok
20:48:40.0868 3660 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
20:48:40.0977 3660 RasPppoe - ok
20:48:41.0081 3660 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
20:48:41.0211 3660 RasSstp - ok
20:48:41.0309 3660 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
20:48:41.0410 3660 rdbss - ok
20:48:41.0499 3660 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
20:48:41.0619 3660 rdpbus - ok
20:48:41.0721 3660 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
20:48:41.0814 3660 RDPCDD - ok
20:48:41.0914 3660 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
20:48:42.0019 3660 RDPENCDD - ok
20:48:42.0120 3660 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
20:48:42.0231 3660 RDPREFMP - ok
20:48:42.0330 3660 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys
20:48:42.0401 3660 RDPWD - ok
20:48:42.0496 3660 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
20:48:42.0527 3660 rdyboost - ok
20:48:42.0607 3660 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
20:48:42.0725 3660 RemoteAccess - ok
20:48:42.0807 3660 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
20:48:42.0926 3660 RemoteRegistry - ok
20:48:43.0026 3660 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
20:48:43.0114 3660 RFCOMM - ok
20:48:43.0220 3660 rimspci (5ca4abd888b602551b59baa26941c167) C:\Windows\system32\drivers\rimssne64.sys
20:48:43.0285 3660 rimspci - ok
20:48:43.0394 3660 risdsnpe (bb6e138aeb351728959da5e2731d8140) C:\Windows\system32\drivers\risdsne64.sys
20:48:43.0494 3660 risdsnpe - ok
20:48:43.0593 3660 Roxio UPnP Renderer 10 (d151224bc11078895a60fa970728ff59) C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe
20:48:43.0622 3660 Roxio UPnP Renderer 10 - ok
20:48:43.0722 3660 Roxio Upnp Server 10 (5022a927944878bd750960bd21e751af) C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe
20:48:43.0753 3660 Roxio Upnp Server 10 - ok
20:48:43.0822 3660 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
20:48:43.0931 3660 RpcEptMapper - ok
20:48:44.0017 3660 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
20:48:44.0057 3660 RpcLocator - ok
20:48:44.0149 3660 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
20:48:44.0254 3660 RpcSs - ok
20:48:44.0345 3660 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
20:48:44.0495 3660 rspndr - ok
20:48:44.0613 3660 RTHDMIAzAudService (4e821c740a675f6d040be41d59a62b1d) C:\Windows\system32\drivers\RtHDMIVX.sys
20:48:44.0636 3660 RTHDMIAzAudService - ok
20:48:44.0723 3660 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
20:48:44.0749 3660 SamSs - ok
20:48:44.0798 3660 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
20:48:44.0821 3660 sbp2port - ok
20:48:44.0896 3660 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
20:48:45.0009 3660 SCardSvr - ok
20:48:45.0106 3660 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
20:48:45.0244 3660 scfilter - ok
20:48:45.0348 3660 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
20:48:45.0478 3660 Schedule - ok
20:48:45.0551 3660 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
20:48:45.0633 3660 SCPolicySvc - ok
20:48:45.0719 3660 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\drivers\sdbus.sys
20:48:45.0775 3660 sdbus - ok
20:48:45.0858 3660 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
20:48:45.0898 3660 SDRSVC - ok
20:48:45.0990 3660 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
20:48:46.0138 3660 secdrv - ok
20:48:46.0222 3660 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
20:48:46.0310 3660 seclogon - ok
20:48:46.0398 3660 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\system32\sens.dll
20:48:46.0496 3660 SENS - ok
20:48:46.0578 3660 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
20:48:46.0637 3660 SensrSvc - ok
20:48:46.0726 3660 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
20:48:46.0752 3660 Serenum - ok
20:48:46.0845 3660 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
20:48:46.0895 3660 Serial - ok
20:48:46.0987 3660 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
20:48:47.0069 3660 sermouse - ok
20:48:47.0156 3660 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
20:48:47.0266 3660 SessionEnv - ok
20:48:47.0369 3660 SFEP (70f9c476b62de4f2823e918a6c181ade) C:\Windows\system32\drivers\SFEP.sys
20:48:47.0420 3660 SFEP - ok
20:48:47.0497 3660 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
20:48:47.0597 3660 sffdisk - ok
20:48:47.0676 3660 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
20:48:47.0717 3660 sffp_mmc - ok
20:48:47.0813 3660 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
20:48:47.0848 3660 sffp_sd - ok
20:48:47.0942 3660 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
20:48:47.0985 3660 sfloppy - ok
20:48:48.0070 3660 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
20:48:48.0190 3660 SharedAccess - ok
20:48:48.0281 3660 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
20:48:48.0406 3660 ShellHWDetection - ok
20:48:48.0507 3660 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
20:48:48.0597 3660 SiSRaid2 - ok
20:48:48.0685 3660 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
20:48:48.0708 3660 SiSRaid4 - ok
20:48:48.0787 3660 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
20:48:48.0896 3660 Smb - ok
20:48:48.0988 3660 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
20:48:49.0040 3660 SNMPTRAP - ok
20:48:49.0132 3660 SOHCImp (98886c88a1cb13d61672ae2c638b7e1c) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
20:48:49.0155 3660 SOHCImp - ok
20:48:49.0245 3660 SOHDBSvr (442a13f395546f4564c377296d43b564) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe
20:48:49.0264 3660 SOHDBSvr - ok
20:48:49.0365 3660 SOHDms (556681be668d71dc162391a45422b52c) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
20:48:49.0401 3660 SOHDms - ok
20:48:49.0483 3660 SOHDs (72b46103e4111439109acf5882627c24) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
20:48:49.0503 3660 SOHDs - ok
20:48:49.0593 3660 SOHPlMgr (725b6e9cd1959271ac993dc035e1606d) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe
20:48:49.0613 3660 SOHPlMgr - ok
20:48:49.0700 3660 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
20:48:49.0752 3660 spldr - ok
20:48:49.0823 3660 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
20:48:49.0925 3660 Spooler - ok
20:48:50.0071 3660 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
20:48:50.0314 3660 sppsvc - ok
20:48:50.0407 3660 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
20:48:50.0522 3660 sppuinotify - ok
20:48:50.0623 3660 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
20:48:50.0790 3660 srv - ok
20:48:50.0888 3660 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
20:48:50.0946 3660 srv2 - ok
20:48:51.0043 3660 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
20:48:51.0073 3660 srvnet - ok
20:48:51.0153 3660 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
20:48:51.0274 3660 SSDPSRV - ok
20:48:51.0369 3660 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
20:48:51.0462 3660 SstpSvc - ok
20:48:51.0539 3660 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
20:48:51.0557 3660 stexstor - ok
20:48:51.0648 3660 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
20:48:51.0724 3660 stisvc - ok
20:48:51.0807 3660 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
20:48:51.0859 3660 swenum - ok
20:48:51.0948 3660 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
20:48:52.0069 3660 swprv - ok
20:48:52.0189 3660 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
20:48:52.0282 3660 SysMain - ok
20:48:52.0359 3660 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
20:48:52.0418 3660 TabletInputService - ok
20:48:52.0510 3660 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
20:48:52.0630 3660 TapiSrv - ok
20:48:52.0697 3660 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
20:48:52.0814 3660 TBS - ok
20:48:52.0956 3660 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
20:48:53.0059 3660 Tcpip - ok
20:48:53.0200 3660 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
20:48:53.0297 3660 TCPIP6 - ok
20:48:53.0383 3660 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
20:48:53.0492 3660 tcpipreg - ok
20:48:53.0584 3660 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
20:48:53.0628 3660 TDPIPE - ok
20:48:53.0722 3660 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
20:48:53.0791 3660 TDTCP - ok
20:48:53.0879 3660 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
20:48:54.0022 3660 tdx - ok
20:48:54.0124 3660 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
20:48:54.0180 3660 TermDD - ok
20:48:54.0264 3660 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
20:48:54.0396 3660 TermService - ok
20:48:54.0475 3660 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
20:48:54.0516 3660 Themes - ok
20:48:54.0592 3660 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
20:48:54.0672 3660 THREADORDER - ok
20:48:54.0759 3660 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
20:48:54.0868 3660 TrkWks - ok
20:48:54.0936 3660 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
20:48:55.0042 3660 TrustedInstaller - ok
20:48:55.0130 3660 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
20:48:55.0233 3660 tssecsrv - ok
20:48:55.0334 3660 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
20:48:55.0396 3660 TsUsbFlt - ok
20:48:55.0491 3660 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
20:48:55.0616 3660 tunnel - ok
20:48:55.0733 3660 TVICHW64 (1a006963644c7fde5be60036f3a43e68) C:\Windows\system32\DRIVERS\TVICHW64.SYS
20:48:55.0787 3660 TVICHW64 - ok
20:48:55.0868 3660 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
20:48:55.0889 3660 uagp35 - ok
20:48:55.0974 3660 uCamMonitor (63f6d08c54d5b3c1b12a6172032055c7) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
20:48:55.0993 3660 uCamMonitor - ok
20:48:56.0088 3660 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
20:48:56.0209 3660 udfs - ok
20:48:56.0299 3660 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
20:48:56.0330 3660 UI0Detect - ok
20:48:56.0409 3660 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
20:48:56.0431 3660 uliagpkx - ok
20:48:56.0533 3660 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
20:48:56.0608 3660 umbus - ok
20:48:56.0711 3660 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
20:48:56.0750 3660 UmPass - ok
20:48:56.0882 3660 UNS (9e89c2d6945389270de067ce51ff7425) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
20:48:56.0994 3660 UNS - ok
20:48:57.0073 3660 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
20:48:57.0193 3660 upnphost - ok
20:48:57.0295 3660 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
20:48:57.0379 3660 USBAAPL64 - ok
20:48:57.0485 3660 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
20:48:57.0583 3660 usbccgp - ok
20:48:57.0675 3660 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
20:48:57.0735 3660 usbcir - ok
20:48:57.0833 3660 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
20:48:57.0905 3660 usbehci - ok
20:48:58.0026 3660 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
20:48:58.0104 3660 usbhub - ok
20:48:58.0194 3660 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
20:48:58.0241 3660 usbohci - ok
20:48:58.0333 3660 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
20:48:58.0384 3660 usbprint - ok
20:48:58.0474 3660 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:48:58.0549 3660 USBSTOR - ok
20:48:58.0651 3660 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
20:48:58.0698 3660 usbuhci - ok
20:48:58.0799 3660 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
20:48:58.0871 3660 usbvideo - ok
20:48:58.0946 3660 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
20:48:59.0039 3660 UxSms - ok
20:48:59.0119 3660 VAIO Entertainment TV Device Arbitration Service (4e7135d6d0127067e4cfee12259f895d) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe
20:48:59.0145 3660 VAIO Entertainment TV Device Arbitration Service ( UnsignedFile.Multi.Generic ) - warning
20:48:59.0146 3660 VAIO Entertainment TV Device Arbitration Service - detected UnsignedFile.Multi.Generic (1)
20:48:59.0275 3660 VAIO Event Service (6b31c9cb94927dbeeb62e15275f4cc54) C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe
20:48:59.0300 3660 VAIO Event Service - ok
20:48:59.0421 3660 VAIO Power Management (b8c9a7010afd5cbbe194cb9ef7c4fd14) C:\Program Files\Sony\VAIO Power Management\SPMService.exe
20:48:59.0457 3660 VAIO Power Management - ok
20:48:59.0529 3660 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
20:48:59.0554 3660 VaultSvc - ok
20:48:59.0649 3660 VCFw (6a740f5ff3246c3be3dd317299efc88e) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
20:48:59.0685 3660 VCFw - ok
20:48:59.0817 3660 VcmIAlzMgr (10e212bfb7eab152a64c1aaec2f7f4e0) C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
20:48:59.0849 3660 VcmIAlzMgr - ok
20:48:59.0960 3660 VcmINSMgr (9d9b34b430b4dc683112f59c80d20ab8) C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
20:48:59.0994 3660 VcmINSMgr - ok
20:49:00.0082 3660 VcmXmlIfHelper (8efaaccc7bfa1e9031efdfb01a1b0d69) C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe
20:49:00.0102 3660 VcmXmlIfHelper - ok
20:49:00.0194 3660 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
20:49:00.0215 3660 vdrvroot - ok
20:49:00.0296 3660 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
20:49:00.0401 3660 vds - ok
20:49:00.0488 3660 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
20:49:00.0544 3660 vga - ok
20:49:00.0637 3660 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
20:49:00.0774 3660 VgaSave - ok
20:49:00.0871 3660 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
20:49:00.0935 3660 vhdmp - ok
20:49:01.0032 3660 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
20:49:01.0052 3660 viaide - ok
20:49:01.0127 3660 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
20:49:01.0217 3660 volmgr - ok
20:49:01.0308 3660 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
20:49:01.0344 3660 volmgrx - ok
20:49:01.0451 3660 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
20:49:01.0487 3660 volsnap - ok
20:49:01.0578 3660 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
20:49:01.0640 3660 vsmraid - ok
20:49:01.0806 3660 VSNService (047f22bdfdae6df6f1e47e747a1237a2) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
20:49:01.0853 3660 VSNService ( UnsignedFile.Multi.Generic ) - warning
20:49:01.0853 3660 VSNService - detected UnsignedFile.Multi.Generic (1)
20:49:01.0967 3660 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
20:49:02.0104 3660 VSS - ok
20:49:02.0260 3660 VUAgent (2be941d459316a9da023028332726163) C:\Program Files\Sony\VAIO Update 5\VUAgent.exe
20:49:02.0313 3660 VUAgent - ok
20:49:02.0397 3660 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
20:49:02.0466 3660 vwifibus - ok
20:49:02.0565 3660 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
20:49:02.0626 3660 vwififlt - ok
20:49:02.0718 3660 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
20:49:02.0789 3660 vwifimp - ok
20:49:02.0890 3660 VzCdbSvc (d8bef4ac1eac809dbdbd441d6cff6c4c) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
20:49:02.0902 3660 VzCdbSvc ( UnsignedFile.Multi.Generic ) - warning
20:49:02.0902 3660 VzCdbSvc - detected UnsignedFile.Multi.Generic (1)
20:49:02.0992 3660 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
20:49:03.0097 3660 W32Time - ok
20:49:03.0190 3660 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
20:49:03.0236 3660 WacomPen - ok
20:49:03.0347 3660 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
20:49:03.0460 3660 WANARP - ok
20:49:03.0502 3660 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
20:49:03.0596 3660 Wanarpv6 - ok
20:49:03.0749 3660 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
20:49:03.0827 3660 WatAdminSvc - ok
20:49:03.0935 3660 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
20:49:04.0048 3660 wbengine - ok
20:49:04.0125 3660 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
20:49:04.0186 3660 WbioSrvc - ok
20:49:04.0274 3660 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
20:49:04.0340 3660 wcncsvc - ok
20:49:04.0423 3660 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
20:49:04.0462 3660 WcsPlugInService - ok
20:49:04.0551 3660 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
20:49:04.0573 3660 Wd - ok
20:49:04.0676 3660 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
20:49:04.0727 3660 Wdf01000 - ok
20:49:04.0797 3660 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
20:49:04.0921 3660 WdiServiceHost - ok
20:49:04.0941 3660 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
20:49:04.0988 3660 WdiSystemHost - ok
20:49:05.0068 3660 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
20:49:05.0134 3660 WebClient - ok
20:49:05.0215 3660 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
20:49:05.0334 3660 Wecsvc - ok
20:49:05.0412 3660 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
20:49:05.0535 3660 wercplsupport - ok
20:49:05.0620 3660 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
20:49:05.0736 3660 WerSvc - ok
20:49:05.0841 3660 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
20:49:05.0931 3660 WfpLwf - ok
20:49:06.0011 3660 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
20:49:06.0066 3660 WIMMount - ok
20:49:06.0116 3660 WinDefend - ok
20:49:06.0130 3660 WinHttpAutoProxySvc - ok
20:49:06.0223 3660 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
20:49:06.0335 3660 Winmgmt - ok
20:49:06.0466 3660 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
20:49:06.0647 3660 WinRM - ok
20:49:06.0754 3660 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
20:49:06.0787 3660 WinUsb - ok
20:49:06.0872 3660 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
20:49:06.0939 3660 Wlansvc - ok
20:49:07.0054 3660 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
20:49:07.0157 3660 wlidsvc - ok
20:49:07.0246 3660 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
20:49:07.0290 3660 WmiAcpi - ok
20:49:07.0393 3660 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
20:49:07.0451 3660 wmiApSrv - ok
20:49:07.0500 3660 WMPNetworkSvc - ok
20:49:07.0588 3660 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
20:49:07.0621 3660 WPCSvc - ok
20:49:07.0694 3660 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
20:49:07.0731 3660 WPDBusEnum - ok
20:49:07.0779 3660 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
20:49:07.0921 3660 ws2ifsl - ok
20:49:08.0008 3660 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\system32\wscsvc.dll
20:49:08.0065 3660 wscsvc - ok
20:49:08.0121 3660 WSearch - ok
20:49:08.0210 3660 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
20:49:08.0363 3660 wuauserv - ok
20:49:08.0445 3660 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
20:49:08.0590 3660 WudfPf - ok
20:49:08.0691 3660 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
20:49:08.0817 3660 WUDFRd - ok
20:49:08.0894 3660 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
20:49:08.0986 3660 wudfsvc - ok
20:49:09.0057 3660 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
20:49:09.0106 3660 WwanSvc - ok
20:49:09.0216 3660 yukonw7 (64f88af327aa74e03658ae32b48ccb8b) C:\Windows\system32\DRIVERS\yk62x64.sys
20:49:09.0289 3660 yukonw7 - ok
20:49:09.0336 3660 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
20:49:10.0250 3660 \Device\Harddisk0\DR0 - ok
20:49:10.0283 3660 Boot (0x1200) (89c0da6952b4138485a1ce3fd1ddecf9) \Device\Harddisk0\DR0\Partition0
20:49:10.0285 3660 \Device\Harddisk0\DR0\Partition0 - ok
20:49:10.0296 3660 Boot (0x1200) (13ea5eb7b429c166254c5d2425fa17d6) \Device\Harddisk0\DR0\Partition1
20:49:10.0297 3660 \Device\Harddisk0\DR0\Partition1 - ok
20:49:10.0298 3660 ============================================================
20:49:10.0298 3660 Scan finished
20:49:10.0298 3660 ============================================================
20:49:10.0326 4820 Detected object count: 5
20:49:10.0326 4820 Actual detected object count: 5
20:49:27.0290 4820 igfx ( UnsignedFile.Multi.Generic ) - skipped by user
20:49:27.0290 4820 igfx ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:49:27.0291 4820 IntcDAud ( UnsignedFile.Multi.Generic ) - skipped by user
20:49:27.0291 4820 IntcDAud ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:49:27.0293 4820 VAIO Entertainment TV Device Arbitration Service ( UnsignedFile.Multi.Generic ) - skipped by user
20:49:27.0294 4820 VAIO Entertainment TV Device Arbitration Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:49:27.0298 4820 VSNService ( UnsignedFile.Multi.Generic ) - skipped by user
20:49:27.0298 4820 VSNService ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:49:27.0299 4820 VzCdbSvc ( UnsignedFile.Multi.Generic ) - skipped by user
20:49:27.0299 4820 VzCdbSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip

Damon · #7 Příspěvek od **Damon** » 09 dub 2012 20:35

zbytky dam preč cez reg cleaner alebo inak ?

a minidump subory nájdem kde ešte prosím ?

Damon · #8 Příspěvek od **Damon** » 09 dub 2012 20:51

OTL mi napisal že nemože vytvoriť cmd.bat čo robím zle ?
takisto zatial ani jeden z tých ktoré mam zazipovať

Damon · #9 Příspěvek od **Damon** » 10 dub 2012 17:03

ok, vŠetko prebehlo v poriadku v prílohe je zip

Damon · #10 Příspěvek od **Damon** » 10 dub 2012 19:29

========== OTL ==========
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{3CECEDCF-3076-463F-AC59-6C4310FB7CC5}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3CECEDCF-3076-463F-AC59-6C4310FB7CC5}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{43121B42-AB3E-4FF5-B92C-CCCB38EF520D}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{43121B42-AB3E-4FF5-B92C-CCCB38EF520D}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{854A9BC0-1084-490E-A33A-3709D3DDD035}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{854A9BC0-1084-490E-A33A-3709D3DDD035}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{A77F54E3-8D6F-4186-B516-C48C8681E88E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A77F54E3-8D6F-4186-B516-C48C8681E88E}\ not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.

OTL by OldTimer - Version 3.2.39.2 log created on 04102012_201802

VT nič nenašiel https://www.virustotal.com/file/f29b028 ... 334082566/

dufam že je to spravny ine som nenašiel...
ešte mi akurat nod zoranžovel a hlasi že chce aktualizovať windows, lebo niekolko položiek je kritických(čo sa aktualizacie tyka) je možne že vir narušil niake časti systemu a CF sa uź odstranil nakolko logy su čiste ? aktualizaciu zrejme nemam spušťať zatial za žiadnych okolnosti že ?

Damon · #11 Příspěvek od **Damon** » 10 dub 2012 19:43

ok idem na to, dám vedieť ako sa to zatvári

Damon · #12 Příspěvek od **Damon** » 10 dub 2012 19:48

lame otazka, ale nejde nainštalovať aktualizacia lebo to chce povolenie spravcu resp. prepnutie na spravcu ale som jediný používatel PC...

Damon · #13 Příspěvek od **Damon** » 10 dub 2012 20:12

no nakoniec sa 5aktualizacii nainštalovalo bráni sa len jedna skusim sa s tým pohrať keď to nepojde je možne že to blokuje niaka háveď ?

Damon · #14 Příspěvek od **Damon** » 10 dub 2012 20:46

ide o produkt "microsoft ofice suites takže myslim že by to nemalo byť nič dôležite snáď. aktualiziacie ktore sa stiahli sa nainštalovali pridavalo to pri štarte aj niečo do registrov tak uvidim zachvilku či to padne alebo nie

Damon · #15 Příspěvek od **Damon** » 10 dub 2012 21:02

no tak stále mi to padá... ešte dodám že pri zapínaní, po tom ako napíše vitajte je asi na 5a viac sekund čierna obrazovka až potom nabehne plocha(nikdy to nerobilo takže to nieje v poriadku)

VIRY.CZ

Prosím o kontrolu, dííky :)

Prosím o kontrolu, dííky :)

Re: Prosím o kontrolu, dííky :)

Re: Prosím o kontrolu, dííky :)

Re: Prosím o kontrolu, dííky :)

Re: Prosím o kontrolu, dííky :)

Re: Prosím o kontrolu, dííky :)

Re: Prosím o kontrolu, dííky :)

Re: Prosím o kontrolu, dííky :)

Re: Prosím o kontrolu, dííky :)

Re: Prosím o kontrolu, dííky :)

Re: Prosím o kontrolu, dííky :)

Re: Prosím o kontrolu, dííky :)

Re: Prosím o kontrolu, dííky :)

Re: Prosím o kontrolu, dííky :)

Re: Prosím o kontrolu, dííky :)