18 replies to this topic

[avibuzz]

Spybot found a smitfraud c trojan virus and I can't get rid of it. Ran Tdsskiller and it said it was removed. Ran spybot and it says it's still there which i suspect is correct I have attached the DDS and Attach.txt help

Attached Files

•  DDS.txt   20.68K   11 downloads
•  Attach.txt   13.54K   8 downloads

[Maniac]

Hello avibuzz and ! My name is Maniac and I will be glad to help you solve your malware problem.

Please note:

• If you are a paying customer, you have the privilege to contact the help desk at support@malwarebytes.org or here (http://helpdesk.malwarebytes.org/home). If you choose this option to get help, please let me know.
  
• I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
  
• Make sure you read all of the instructions and fixes thoroughly before continuing with them.
  
• Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
  
• Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.

Let's start with the results of SpyBot and TDSSKiller. I want to see them.

Please locate to:
C:\ProgramData\Spybot - Search & Destroy\Logs

Please copy/paste the content of the latest log file. Their names are in the following date format: Checks.yymmdd-hhmm

About TDSSKiller, log files are located in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.


In your next reply, post the following log files:

• TDSSKiller log
  
• SpyBot log

[avibuzz]

Thanks for the help I couldn't see anyway of attaching the files so I just copied them

Mike

04.04.2012 22:14:41 - ##### check started #####
04.04.2012 22:14:41 - ### Version: 1.6.2
04.04.2012 22:14:41 - ### Date: 4/4/2012 10:14:41 PM
04.04.2012 22:14:43 - ##### checking bots #####
04.04.2012 22:25:01 - found: Statcounter Tracking cookie (Internet Explorer: Mike)
04.04.2012 22:25:01 - found: BurstMedia Tracking cookie (Internet Explorer: Mike)
04.04.2012 22:25:01 - found: BurstMedia Tracking cookie (Internet Explorer: Mike)
04.04.2012 22:25:01 - found: Zedo Tracking cookie (Internet Explorer: Mike)
04.04.2012 22:25:01 - found: WebTrends live Tracking cookie (Internet Explorer: Mike)
04.04.2012 22:25:01 - found: MediaPlex Tracking cookie (Internet Explorer: Mike)
04.04.2012 22:25:01 - found: Right Media Tracking cookie (Internet Explorer: Mike)
04.04.2012 22:25:01 - found: DoubleClick Tracking cookie (Internet Explorer: Mike)
04.04.2012 22:25:01 - found: FastClick Tracking cookie (Internet Explorer: Mike)
04.04.2012 22:25:01 - found: MediaPlex Tracking cookie (Internet Explorer: Mike)
04.04.2012 22:25:01 - found: CasaleMedia Tracking cookie (Internet Explorer: Mike)
04.04.2012 22:25:01 - found: DoubleClick Tracking cookie (Internet Explorer: Mike)
04.04.2012 22:25:02 - ##### check finished #####

13:43:18.0284 4528 TDSS rootkit removing tool 2.7.26.0 Apr 4 2012 19:52:02
13:43:20.0296 4528 ============================================================
13:43:20.0296 4528 Current date / time: 2012/04/07 13:43:20.0296
13:43:20.0296 4528 SystemInfo:
13:43:20.0296 4528
13:43:20.0296 4528 OS Version: 6.1.7601 ServicePack: 1.0
13:43:20.0296 4528 Product type: Workstation
13:43:20.0296 4528 ComputerName: MIKE-VAIO
13:43:20.0296 4528 UserName: Mike
13:43:20.0296 4528 Windows directory: C:\Windows
13:43:20.0296 4528 System windows directory: C:\Windows
13:43:20.0296 4528 Running under WOW64
13:43:20.0296 4528 Processor architecture: Intel x64
13:43:20.0296 4528 Number of processors: 8
13:43:20.0296 4528 Page size: 0x1000
13:43:20.0296 4528 Boot type: Normal boot
13:43:20.0296 4528 ============================================================
13:43:21.0014 4528 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:43:21.0029 4528 \Device\Harddisk0\DR0:
13:43:21.0029 4528 MBR used
13:43:21.0029 4528 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1885800, BlocksNum 0x32000
13:43:21.0029 4528 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x18B7800, BlocksNum 0x38ACE030
13:43:21.0076 4528 Initialize success
13:43:21.0076 4528 ============================================================
13:43:37.0456 7952 ============================================================
13:43:37.0456 7952 Scan started
13:43:37.0456 7952 Mode: Manual; SigCheck; TDLFS;
13:43:37.0456 7952 ============================================================
13:43:38.0142 7952 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
13:43:38.0408 7952 1394ohci - ok
13:43:38.0564 7952 ACDaemon (adc420616c501b45d26c0fd3ef1e54e4) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
13:43:38.0610 7952 ACDaemon - ok
13:43:38.0798 7952 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
13:43:38.0829 7952 ACPI - ok
13:43:38.0876 7952 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
13:43:39.0032 7952 AcpiPmi - ok
13:43:39.0219 7952 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
13:43:39.0234 7952 AdobeARMservice - ok
13:43:39.0437 7952 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
13:43:39.0468 7952 adp94xx - ok
13:43:39.0531 7952 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
13:43:39.0562 7952 adpahci - ok
13:43:39.0687 7952 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
13:43:39.0702 7952 adpu320 - ok
13:43:39.0796 7952 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
13:43:40.0155 7952 AeLookupSvc - ok
13:43:40.0358 7952 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
13:43:40.0467 7952 AFD - ok
13:43:40.0514 7952 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
13:43:40.0545 7952 agp440 - ok
13:43:40.0701 7952 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
13:43:40.0841 7952 ALG - ok
13:43:40.0919 7952 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
13:43:40.0950 7952 aliide - ok
13:43:41.0138 7952 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
13:43:41.0169 7952 amdide - ok
13:43:41.0231 7952 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
13:43:41.0309 7952 AmdK8 - ok
13:43:41.0465 7952 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
13:43:41.0528 7952 AmdPPM - ok
13:43:41.0574 7952 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
13:43:41.0606 7952 amdsata - ok
13:43:41.0652 7952 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
13:43:41.0684 7952 amdsbs - ok
13:43:41.0824 7952 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
13:43:41.0840 7952 amdxata - ok
13:43:41.0918 7952 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
13:43:42.0339 7952 AppID - ok
13:43:42.0495 7952 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
13:43:42.0604 7952 AppIDSvc - ok
13:43:42.0651 7952 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
13:43:42.0807 7952 Appinfo - ok
13:43:43.0010 7952 Apple Mobile Device (3debbecf665dcdde3a95d9b902010817) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
13:43:43.0041 7952 Apple Mobile Device - ok
13:43:43.0337 7952 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
13:43:43.0353 7952 arc - ok
13:43:43.0415 7952 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
13:43:43.0446 7952 arcsas - ok
13:43:43.0493 7952 ArcSoftKsUFilter (c130bc4a51b1382b2be8e44579ec4c0a) C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys
13:43:43.0509 7952 ArcSoftKsUFilter - ok
13:43:43.0836 7952 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
13:43:43.0852 7952 aspnet_state - ok
13:43:43.0977 7952 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
13:43:44.0102 7952 AsyncMac - ok
13:43:44.0148 7952 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
13:43:44.0164 7952 atapi - ok
13:43:44.0523 7952 athr (a5e770426d18f8ef332a593f3289da91) C:\Windows\system32\DRIVERS\athrx.sys
13:43:44.0710 7952 athr - ok
13:43:44.0850 7952 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
13:43:44.0960 7952 AudioEndpointBuilder - ok
13:43:44.0975 7952 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
13:43:45.0084 7952 AudioSrv - ok
13:43:45.0287 7952 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
13:43:45.0506 7952 AxInstSV - ok
13:43:45.0724 7952 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
13:43:45.0802 7952 b06bdrv - ok
13:43:45.0896 7952 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
13:43:45.0974 7952 b57nd60a - ok
13:43:46.0145 7952 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
13:43:46.0239 7952 BDESVC - ok
13:43:46.0317 7952 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
13:43:46.0442 7952 Beep - ok
13:43:46.0644 7952 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
13:43:46.0769 7952 BFE - ok
13:43:46.0925 7952 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
13:43:47.0097 7952 BITS - ok
13:43:47.0284 7952 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys
13:43:47.0346 7952 blbdrive - ok
13:43:47.0502 7952 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
13:43:47.0534 7952 Bonjour Service - ok
13:43:47.0705 7952 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
13:43:47.0768 7952 bowser - ok
13:43:47.0814 7952 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
13:43:47.0877 7952 BrFiltLo - ok
13:43:47.0908 7952 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
13:43:47.0939 7952 BrFiltUp - ok
13:43:48.0095 7952 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
13:43:48.0220 7952 Browser - ok
13:43:48.0314 7952 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
13:43:48.0454 7952 Brserid - ok
13:43:48.0626 7952 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
13:43:48.0704 7952 BrSerWdm - ok
13:43:48.0750 7952 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
13:43:48.0797 7952 BrUsbMdm - ok
13:43:48.0828 7952 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
13:43:48.0860 7952 BrUsbSer - ok
13:43:49.0031 7952 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
13:43:49.0125 7952 BthEnum - ok
13:43:49.0187 7952 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
13:43:49.0234 7952 BTHMODEM - ok
13:43:49.0281 7952 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
13:43:49.0343 7952 BthPan - ok
13:43:49.0702 7952 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys
13:43:49.0780 7952 BTHPORT - ok
13:43:49.0920 7952 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
13:43:50.0014 7952 bthserv - ok
13:43:50.0092 7952 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys
13:43:50.0154 7952 BTHUSB - ok
13:43:50.0357 7952 BTWAMPFL (f8cfafbd5bf8b3ddb0d3c2943a5af8ce) C:\Windows\system32\DRIVERS\btwampfl.sys
13:43:50.0388 7952 BTWAMPFL - ok
13:43:50.0435 7952 btwaudio (44770a3c07ebd5d6d7cd7dba915b49bc) C:\Windows\system32\drivers\btwaudio.sys
13:43:50.0466 7952 btwaudio - ok
13:43:50.0654 7952 btwavdt (75b59923087ae6eb064d13d8f58a02b6) C:\Windows\system32\DRIVERS\btwavdt.sys
13:43:50.0685 7952 btwavdt - ok
13:43:50.0903 7952 btwdins (e1c1bcc8211e3ae2b524deef071faf2a) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
13:43:50.0950 7952 btwdins - ok
13:43:51.0168 7952 btwl2cap (b9354f9f111c64f2495b60f1e24cb453) C:\Windows\system32\DRIVERS\btwl2cap.sys
13:43:51.0184 7952 btwl2cap - ok
13:43:51.0215 7952 btwrchid (9555e15f828760341751e9183bd34e60) C:\Windows\system32\DRIVERS\btwrchid.sys
13:43:51.0231 7952 btwrchid - ok
13:43:51.0262 7952 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
13:43:51.0371 7952 cdfs - ok
13:43:51.0590 7952 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
13:43:51.0652 7952 cdrom - ok
13:43:51.0699 7952 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
13:43:51.0870 7952 CertPropSvc - ok
13:43:52.0058 7952 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
13:43:52.0104 7952 circlass - ok
13:43:52.0214 7952 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
13:43:52.0245 7952 CLFS - ok
13:43:52.0370 7952 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:43:52.0401 7952 clr_optimization_v2.0.50727_32 - ok
13:43:52.0448 7952 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
13:43:52.0463 7952 clr_optimization_v2.0.50727_64 - ok
13:43:52.0541 7952 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:43:52.0557 7952 clr_optimization_v4.0.30319_32 - ok
13:43:52.0697 7952 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
13:43:52.0713 7952 clr_optimization_v4.0.30319_64 - ok
13:43:52.0838 7952 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
13:43:52.0884 7952 CmBatt - ok
13:43:52.0978 7952 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
13:43:52.0994 7952 cmdide - ok
13:43:53.0087 7952 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
13:43:53.0134 7952 CNG - ok
13:43:53.0290 7952 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
13:43:53.0306 7952 Compbatt - ok
13:43:53.0415 7952 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
13:43:53.0477 7952 CompositeBus - ok
13:43:53.0508 7952 COMSysApp - ok
13:43:53.0540 7952 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
13:43:53.0555 7952 crcdisk - ok
13:43:53.0680 7952 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll
13:43:53.0805 7952 CryptSvc - ok
13:43:53.0930 7952 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
13:43:54.0054 7952 DcomLaunch - ok
13:43:54.0210 7952 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
13:43:54.0335 7952 defragsvc - ok
13:43:54.0491 7952 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
13:43:54.0600 7952 DfsC - ok
13:43:54.0663 7952 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
13:43:54.0772 7952 Dhcp - ok
13:43:54.0944 7952 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
13:43:55.0053 7952 discache - ok
13:43:55.0131 7952 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
13:43:55.0162 7952 Disk - ok
13:43:55.0193 7952 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
13:43:55.0256 7952 Dnscache - ok
13:43:55.0458 7952 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
13:43:55.0583 7952 dot3svc - ok
13:43:55.0708 7952 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
13:43:55.0802 7952 DPS - ok
13:43:55.0895 7952 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
13:43:55.0973 7952 drmkaud - ok
13:43:56.0129 7952 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
13:43:56.0192 7952 DXGKrnl - ok
13:43:56.0332 7952 e1yexpress (50ad8fc1dc800ff36087994c8f7fdff2) C:\Windows\system32\DRIVERS\e1y60x64.sys
13:43:56.0441 7952 e1yexpress - ok
13:43:56.0550 7952 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
13:43:56.0660 7952 EapHost - ok
13:43:56.0956 7952 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
13:43:57.0081 7952 ebdrv - ok
13:43:57.0237 7952 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
13:43:57.0330 7952 EFS - ok
13:43:57.0440 7952 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
13:43:57.0533 7952 ehRecvr - ok
13:43:57.0596 7952 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
13:43:57.0627 7952 ehSched - ok
13:43:57.0783 7952 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
13:43:57.0830 7952 elxstor - ok
13:43:57.0892 7952 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
13:43:57.0939 7952 ErrDev - ok
13:43:58.0064 7952 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
13:43:58.0188 7952 EventSystem - ok
13:43:58.0344 7952 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
13:43:58.0422 7952 exfat - ok
13:43:58.0532 7952 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
13:43:58.0641 7952 fastfat - ok
13:43:58.0875 7952 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
13:43:58.0968 7952 Fax - ok
13:43:59.0046 7952 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
13:43:59.0093 7952 fdc - ok
13:43:59.0218 7952 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
13:43:59.0343 7952 fdPHost - ok
13:43:59.0374 7952 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
13:43:59.0468 7952 FDResPub - ok
13:43:59.0639 7952 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
13:43:59.0655 7952 FileInfo - ok
13:43:59.0702 7952 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
13:43:59.0842 7952 Filetrace - ok
13:44:00.0029 7952 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
13:44:00.0045 7952 flpydisk - ok
13:44:00.0123 7952 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
13:44:00.0154 7952 FltMgr - ok
13:44:00.0357 7952 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
13:44:00.0450 7952 FontCache - ok
13:44:00.0653 7952 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
13:44:00.0669 7952 FontCache3.0.0.0 - ok
13:44:00.0840 7952 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
13:44:00.0872 7952 FsDepends - ok
13:44:01.0059 7952 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
13:44:01.0074 7952 Fs_Rec - ok
13:44:01.0152 7952 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
13:44:01.0199 7952 fvevol - ok
13:44:01.0449 7952 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
13:44:01.0464 7952 gagp30kx - ok
13:44:01.0605 7952 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
13:44:01.0620 7952 GEARAspiWDM - ok
13:44:01.0730 7952 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
13:44:01.0839 7952 gpsvc - ok
13:44:01.0995 7952 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:44:02.0010 7952 gupdate - ok
13:44:02.0182 7952 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:44:02.0198 7952 gupdatem - ok
13:44:02.0291 7952 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
13:44:02.0307 7952 gusvc - ok
13:44:02.0525 7952 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
13:44:02.0603 7952 hcw85cir - ok
13:44:02.0759 7952 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
13:44:02.0837 7952 HdAudAddService - ok
13:44:02.0993 7952 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
13:44:03.0056 7952 HDAudBus - ok
13:44:03.0087 7952 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
13:44:03.0134 7952 HidBatt - ok
13:44:03.0258 7952 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
13:44:03.0321 7952 HidBth - ok
13:44:03.0368 7952 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
13:44:03.0399 7952 HidIr - ok
13:44:03.0492 7952 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
13:44:03.0617 7952 hidserv - ok
13:44:03.0836 7952 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
13:44:03.0851 7952 HidUsb - ok
13:44:04.0116 7952 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
13:44:04.0241 7952 hkmsvc - ok
13:44:04.0366 7952 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
13:44:04.0491 7952 HomeGroupListener - ok
13:44:04.0522 7952 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
13:44:04.0569 7952 HomeGroupProvider - ok
13:44:04.0772 7952 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
13:44:04.0787 7952 HpSAMD - ok
13:44:04.0912 7952 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
13:44:05.0037 7952 HTTP - ok
13:44:05.0208 7952 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
13:44:05.0224 7952 hwpolicy - ok
13:44:05.0364 7952 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
13:44:05.0396 7952 i8042prt - ok
13:44:05.0474 7952 iaStor (d469b77687e12fe43e344806740b624d) C:\Windows\system32\drivers\iaStor.sys
13:44:05.0505 7952 iaStor - ok
13:44:05.0614 7952 IAStorDataMgrSvc (983fc69644ddf0486c8dfea262948d1a) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
13:44:05.0630 7952 IAStorDataMgrSvc - ok
13:44:05.0786 7952 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
13:44:05.0817 7952 iaStorV - ok
13:44:05.0988 7952 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
13:44:06.0035 7952 idsvc - ok
13:44:06.0176 7952 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
13:44:06.0191 7952 iirsp - ok
13:44:06.0285 7952 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
13:44:06.0410 7952 IKEEXT - ok
13:44:06.0737 7952 IntcAzAudAddService (65f70696be5abc11634fcf96af7d7896) C:\Windows\system32\drivers\RTKVHD64.sys
13:44:07.0018 7952 IntcAzAudAddService - ok
13:44:07.0221 7952 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
13:44:07.0236 7952 intelide - ok
13:44:07.0299 7952 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\drivers\intelppm.sys
13:44:07.0361 7952 intelppm - ok
13:44:07.0564 7952 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
13:44:07.0673 7952 IPBusEnum - ok
13:44:07.0814 7952 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:44:07.0892 7952 IpFilterDriver - ok
13:44:08.0001 7952 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
13:44:08.0141 7952 iphlpsvc - ok
13:44:08.0266 7952 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
13:44:08.0328 7952 IPMIDRV - ok
13:44:08.0391 7952 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
13:44:08.0500 7952 IPNAT - ok
13:44:08.0656 7952 iPod Service (ee4c2a137c7088911a8919effc9812e7) C:\Program Files\iPod\bin\iPodService.exe
13:44:08.0703 7952 iPod Service - ok
13:44:08.0859 7952 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
13:44:08.0890 7952 IRENUM - ok
13:44:08.0968 7952 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
13:44:08.0984 7952 isapnp - ok
13:44:09.0046 7952 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
13:44:09.0077 7952 iScsiPrt - ok
13:44:09.0186 7952 IviRegMgr (f415a88162d23977b5edae4f0410e903) C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
13:44:09.0202 7952 IviRegMgr - ok
13:44:09.0311 7952 jhi_service (6c85719a21b3f62c2c76280f4bd36c7b) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
13:44:09.0327 7952 jhi_service - ok
13:44:09.0514 7952 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
13:44:09.0530 7952 kbdclass - ok
13:44:09.0561 7952 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
13:44:09.0608 7952 kbdhid - ok
13:44:09.0670 7952 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
13:44:09.0701 7952 KeyIso - ok
13:44:09.0764 7952 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
13:44:09.0795 7952 KSecDD - ok
13:44:09.0920 7952 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
13:44:09.0935 7952 KSecPkg - ok
13:44:09.0998 7952 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
13:44:10.0107 7952 ksthunk - ok
13:44:10.0247 7952 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
13:44:10.0356 7952 KtmRm - ok
13:44:10.0575 7952 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
13:44:10.0684 7952 LanmanServer - ok
13:44:10.0824 7952 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
13:44:10.0965 7952 LanmanWorkstation - ok
13:44:11.0043 7952 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
13:44:11.0136 7952 lltdio - ok
13:44:11.0292 7952 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
13:44:11.0417 7952 lltdsvc - ok
13:44:11.0589 7952 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
13:44:11.0682 7952 lmhosts - ok
13:44:11.0854 7952 LMS (f4a17dcab576267c85663e64f3ace5a4) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
13:44:11.0885 7952 LMS - ok
13:44:12.0026 7952 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
13:44:12.0041 7952 LSI_FC - ok
13:44:12.0104 7952 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
13:44:12.0119 7952 LSI_SAS - ok
13:44:12.0322 7952 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
13:44:12.0353 7952 LSI_SAS2 - ok
13:44:12.0384 7952 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
13:44:12.0400 7952 LSI_SCSI - ok
13:44:12.0431 7952 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
13:44:12.0603 7952 luafv - ok
13:44:12.0774 7952 MBAMProtector (79da94b35371b9e7104460c7693dcb2c) C:\Windows\system32\drivers\mbam.sys
13:44:12.0790 7952 MBAMProtector - ok
13:44:12.0852 7952 MBAMService (056b19651bd7b7ce5f89a3ac46dbdc08) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
13:44:12.0899 7952 MBAMService - ok
13:44:13.0040 7952 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
13:44:13.0071 7952 Mcx2Svc - ok
13:44:13.0133 7952 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
13:44:13.0164 7952 megasas - ok
13:44:13.0211 7952 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
13:44:13.0242 7952 MegaSR - ok
13:44:13.0398 7952 MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\drivers\HECIx64.sys
13:44:13.0414 7952 MEIx64 - ok
13:44:13.0554 7952 Microsoft SharePoint Workspace Audit Service - ok
13:44:13.0664 7952 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
13:44:13.0773 7952 MMCSS - ok
13:44:13.0851 7952 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
13:44:13.0960 7952 Modem - ok
13:44:14.0022 7952 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
13:44:14.0069 7952 monitor - ok
13:44:14.0241 7952 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
13:44:14.0256 7952 mouclass - ok
13:44:14.0366 7952 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
13:44:14.0412 7952 mouhid - ok
13:44:14.0537 7952 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
13:44:14.0553 7952 mountmgr - ok
13:44:14.0615 7952 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
13:44:14.0646 7952 mpio - ok
13:44:14.0693 7952 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
13:44:14.0787 7952 mpsdrv - ok
13:44:14.0943 7952 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
13:44:15.0083 7952 MpsSvc - ok
13:44:15.0255 7952 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
13:44:15.0333 7952 MRxDAV - ok
13:44:15.0380 7952 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
13:44:15.0458 7952 mrxsmb - ok
13:44:15.0645 7952 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:44:15.0676 7952 mrxsmb10 - ok
13:44:15.0723 7952 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:44:15.0754 7952 mrxsmb20 - ok
13:44:15.0879 7952 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
13:44:15.0894 7952 msahci - ok
13:44:15.0941 7952 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
13:44:15.0972 7952 msdsm - ok
13:44:16.0035 7952 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
13:44:16.0097 7952 MSDTC - ok
13:44:16.0222 7952 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
13:44:16.0316 7952 Msfs - ok
13:44:16.0347 7952 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
13:44:16.0456 7952 mshidkmdf - ok
13:44:16.0581 7952 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
13:44:16.0596 7952 msisadrv - ok
13:44:16.0659 7952 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
13:44:16.0737 7952 MSiSCSI - ok
13:44:16.0862 7952 msiserver - ok
13:44:16.0940 7952 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
13:44:17.0049 7952 MSKSSRV - ok
13:44:17.0252 7952 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
13:44:17.0361 7952 MSPCLOCK - ok
13:44:17.0486 7952 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
13:44:17.0595 7952 MSPQM - ok
13:44:17.0626 7952 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
13:44:17.0673 7952 MsRPC - ok
13:44:17.0782 7952 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
13:44:17.0798 7952 mssmbios - ok
13:44:17.0891 7952 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
13:44:18.0000 7952 MSTEE - ok
13:44:18.0110 7952 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
13:44:18.0141 7952 MTConfig - ok
13:44:18.0203 7952 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
13:44:18.0219 7952 Mup - ok
13:44:18.0266 7952 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
13:44:18.0390 7952 napagent - ok
13:44:18.0546 7952 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
13:44:18.0609 7952 NativeWifiP - ok
13:44:18.0858 7952 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
13:44:18.0921 7952 NDIS - ok
13:44:19.0046 7952 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
13:44:19.0155 7952 NdisCap - ok
13:44:19.0311 7952 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
13:44:19.0404 7952 NdisTapi - ok
13:44:19.0482 7952 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
13:44:19.0576 7952 Ndisuio - ok
13:44:19.0701 7952 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
13:44:19.0810 7952 NdisWan - ok
13:44:19.0904 7952 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
13:44:19.0982 7952 NDProxy - ok
13:44:20.0106 7952 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
13:44:20.0200 7952 NetBIOS - ok
13:44:20.0278 7952 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
13:44:20.0372 7952 NetBT - ok
13:44:20.0481 7952 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
13:44:20.0512 7952 Netlogon - ok
13:44:20.0606 7952 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
13:44:20.0730 7952 Netman - ok
13:44:20.0855 7952 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:44:20.0871 7952 NetMsmqActivator - ok
13:44:20.0886 7952 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:44:20.0902 7952 NetPipeActivator - ok
13:44:21.0027 7952 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
13:44:21.0136 7952 netprofm - ok
13:44:21.0230 7952 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:44:21.0245 7952 NetTcpActivator - ok
13:44:21.0261 7952 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:44:21.0276 7952 NetTcpPortSharing - ok
13:44:21.0417 7952 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
13:44:21.0432 7952 nfrd960 - ok
13:44:21.0510 7952 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
13:44:21.0635 7952 NlaSvc - ok
13:44:21.0776 7952 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
13:44:21.0869 7952 Npfs - ok
13:44:21.0916 7952 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
13:44:22.0025 7952 nsi - ok
13:44:22.0103 7952 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
13:44:22.0212 7952 nsiproxy - ok
13:44:22.0290 7952 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
13:44:22.0384 7952 Ntfs - ok
13:44:22.0415 7952 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
13:44:22.0493 7952 Null - ok
13:44:22.0634 7952 nusb3hub (158ad24745bd85ba9be3c51c38f48c32) C:\Windows\system32\drivers\nusb3hub.sys
13:44:22.0665 7952 nusb3hub - ok
13:44:22.0727 7952 nusb3xhc (d40a13b2c0891e218f9523b376955db6) C:\Windows\system32\drivers\nusb3xhc.sys
13:44:22.0790 7952 nusb3xhc - ok
13:44:22.0852 7952 NVHDA (f2662fdc20518ee8a8eed4f61ba42349) C:\Windows\system32\drivers\nvhda64v.sys
13:44:22.0868 7952 NVHDA - ok
13:44:23.0648 7952 nvlddmkm (a8151a773ce78233375445d41b77e85e) C:\Windows\system32\DRIVERS\nvlddmkm.sys
13:44:24.0334 7952 nvlddmkm - ok
13:44:24.0490 7952 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
13:44:24.0521 7952 nvraid - ok
13:44:24.0584 7952 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
13:44:24.0615 7952 nvstor - ok
13:44:24.0724 7952 NVSvc (b10cca77064c6171846e1cf0d7155af3) C:\Windows\system32\nvvsvc.exe
13:44:24.0802 7952 NVSvc - ok
13:44:24.0958 7952 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
13:44:24.0974 7952 nv_agp - ok
13:44:25.0083 7952 Oasis2Service (07571684567859da796a566cc78ffa74) C:\Program Files (x86)\DDNi\Oasis2Service\Oasis2Service.exe
13:44:25.0114 7952 Oasis2Service ( UnsignedFile.Multi.Generic ) - warning
13:44:25.0114 7952 Oasis2Service - detected UnsignedFile.Multi.Generic (1)
13:44:25.0161 7952 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
13:44:25.0208 7952 ohci1394 - ok
13:44:25.0301 7952 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:44:25.0317 7952 ose - ok
13:44:25.0707 7952 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
13:44:25.0910 7952 osppsvc - ok
13:44:26.0066 7952 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
13:44:26.0144 7952 p2pimsvc - ok
13:44:26.0190 7952 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
13:44:26.0222 7952 p2psvc - ok
13:44:26.0378 7952 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
13:44:26.0393 7952 Parport - ok
13:44:26.0456 7952 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
13:44:26.0471 7952 partmgr - ok
13:44:26.0534 7952 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
13:44:26.0596 7952 PcaSvc - ok
13:44:26.0736 7952 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
13:44:26.0768 7952 pci - ok
13:44:26.0846 7952 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
13:44:26.0861 7952 pciide - ok
13:44:26.0924 7952 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
13:44:26.0955 7952 pcmcia - ok
13:44:27.0080 7952 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
13:44:27.0095 7952 pcw - ok
13:44:27.0142 7952 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
13:44:27.0267 7952 PEAUTH - ok
13:44:27.0392 7952 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
13:44:27.0438 7952 PerfHost - ok
13:44:27.0626 7952 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
13:44:27.0766 7952 pla - ok
13:44:27.0969 7952 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
13:44:28.0078 7952 PlugPlay - ok
13:44:28.0218 7952 PMBDeviceInfoProvider (e9605a180001a6b5551112d91de92ca1) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
13:44:28.0250 7952 PMBDeviceInfoProvider - ok
13:44:28.0406 7952 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
13:44:28.0452 7952 PNRPAutoReg - ok
13:44:28.0499 7952 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
13:44:28.0530 7952 PNRPsvc - ok
13:44:28.0593 7952 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
13:44:28.0780 7952 PolicyAgent - ok
13:44:28.0952 7952 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
13:44:29.0061 7952 Power - ok
13:44:29.0139 7952 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
13:44:29.0232 7952 PptpMiniport - ok
13:44:29.0342 7952 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
13:44:29.0388 7952 Processor - ok
13:44:29.0435 7952 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll
13:44:29.0544 7952 ProfSvc - ok
13:44:29.0700 7952 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
13:44:29.0732 7952 ProtectedStorage - ok
13:44:29.0810 7952 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
13:44:29.0919 7952 Psched - ok
13:44:29.0966 7952 PSI_SVC_2 (f036cfb275d0c55f4e45fbbf5f98b3c8) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
13:44:29.0997 7952 PSI_SVC_2 - ok
13:44:30.0231 7952 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
13:44:30.0324 7952 ql2300 - ok
13:44:30.0496 7952 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
13:44:30.0527 7952 ql40xx - ok
13:44:30.0574 7952 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
13:44:30.0621 7952 QWAVE - ok
13:44:30.0668 7952 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
13:44:30.0730 7952 QWAVEdrv - ok
13:44:30.0964 7952 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
13:44:31.0058 7952 RasAcd - ok
13:44:31.0229 7952 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
13:44:31.0307 7952 RasAgileVpn - ok
13:44:31.0463 7952 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
13:44:31.0588 7952 RasAuto - ok
13:44:31.0650 7952 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
13:44:31.0775 7952 Rasl2tp - ok
13:44:31.0931 7952 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
13:44:32.0040 7952 RasMan - ok
13:44:32.0212 7952 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
13:44:32.0321 7952 RasPppoe - ok
13:44:32.0462 7952 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
13:44:32.0555 7952 RasSstp - ok
13:44:32.0618 7952 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
13:44:32.0727 7952 rdbss - ok
13:44:32.0899 7952 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
13:44:32.0961 7952 rdpbus - ok
13:44:32.0992 7952 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
13:44:33.0101 7952 RDPCDD - ok
13:44:33.0304 7952 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
13:44:33.0413 7952 RDPENCDD - ok
13:44:33.0476 7952 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
13:44:33.0554 7952 RDPREFMP - ok
13:44:33.0694 7952 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys
13:44:33.0772 7952 RDPWD - ok
13:44:33.0866 7952 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
13:44:33.0897 7952 rdyboost - ok
13:44:34.0022 7952 regi (4d9afddda0efe97cdbfd3b5fa48b05f6) C:\Windows\system32\drivers\regi.sys
13:44:34.0037 7952 regi - ok
13:44:34.0100 7952 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
13:44:34.0225 7952 RemoteAccess - ok
13:44:34.0381 7952 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
13:44:34.0490 7952 RemoteRegistry - ok
13:44:34.0646 7952 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
13:44:34.0724 7952 RFCOMM - ok
13:44:34.0802 7952 rimspci (ff71ecb1b121c6273ec4c45eddbc4fe4) C:\Windows\system32\drivers\rimssne64.sys
13:44:34.0864 7952 rimspci - ok
13:44:35.0067 7952 risdsnpe (e33075c22c14c57095f037253f936bb8) C:\Windows\system32\drivers\risdsnxc64.sys
13:44:35.0145 7952 risdsnpe - ok
13:44:35.0176 7952 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
13:44:35.0285 7952 RpcEptMapper - ok
13:44:35.0457 7952 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
13:44:35.0488 7952 RpcLocator - ok
13:44:35.0582 7952 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
13:44:35.0675 7952 RpcSs - ok
13:44:35.0863 7952 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
13:44:35.0956 7952 rspndr - ok
13:44:36.0019 7952 RTL8167 (f4c374b1c46de294b573bb43723ac3f6) C:\Windows\system32\DRIVERS\Rt64win7.sys
13:44:36.0050 7952 RTL8167 - ok
13:44:36.0206 7952 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
13:44:36.0253 7952 SamSs - ok
13:44:36.0315 7952 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
13:44:36.0331 7952 sbp2port - ok
13:44:36.0580 7952 SBSDWSCService (794d4b48dfb6e999537c7c3947863463) C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
13:44:36.0643 7952 SBSDWSCService - ok
13:44:36.0783 7952 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
13:44:36.0877 7952 SCardSvr - ok
13:44:36.0939 7952 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
13:44:37.0033 7952 scfilter - ok
13:44:37.0298 7952 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
13:44:37.0438 7952 Schedule - ok
13:44:37.0563 7952 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
13:44:37.0657 7952 SCPolicySvc - ok
13:44:37.0750 7952 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\DRIVERS\sdbus.sys
13:44:37.0813 7952 sdbus - ok
13:44:37.0922 7952 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
13:44:38.0000 7952 SDRSVC - ok
13:44:38.0062 7952 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
13:44:38.0187 7952 secdrv - ok
13:44:38.0343 7952 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
13:44:38.0421 7952 seclogon - ok
13:44:38.0468 7952 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
13:44:38.0577 7952 SENS - ok
13:44:38.0780 7952 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
13:44:38.0858 7952 SensrSvc - ok
13:44:38.0936 7952 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
13:44:38.0983 7952 Serenum - ok
13:44:39.0061 7952 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
13:44:39.0123 7952 Serial - ok
13:44:39.0201 7952 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
13:44:39.0263 7952 sermouse - ok
13:44:39.0310 7952 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
13:44:39.0419 7952 SessionEnv - ok
13:44:39.0560 7952 SFEP (286d3889e6ab5589646ff8a63cb928ae) C:\Windows\system32\drivers\SFEP.sys
13:44:39.0622 7952 SFEP - ok
13:44:39.0685 7952 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
13:44:39.0747 7952 sffdisk - ok
13:44:39.0763 7952 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
13:44:39.0825 7952 sffp_mmc - ok
13:44:39.0919 7952 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
13:44:39.0997 7952 sffp_sd - ok
13:44:40.0121 7952 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
13:44:40.0153 7952 sfloppy - ok
13:44:40.0262 7952 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
13:44:40.0355 7952 SharedAccess - ok
13:44:40.0449 7952 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
13:44:40.0558 7952 ShellHWDetection - ok
13:44:40.0714 7952 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
13:44:40.0745 7952 SiSRaid2 - ok
13:44:40.0777 7952 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
13:44:40.0808 7952 SiSRaid4 - ok
13:44:40.0855 7952 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
13:44:40.0964 7952 Smb - ok
13:44:41.0120 7952 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
13:44:41.0167 7952 SNMPTRAP - ok
13:44:41.0291 7952 SOHCImp (ddf2ec98af6fc70608a4f9ce4db52758) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
13:44:41.0323 7952 SOHCImp - ok
13:44:41.0338 7952 SOHDs (5fa03f5ea6efef6d17b4a1a48c40a23c) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
13:44:41.0354 7952 SOHDs - ok
13:44:41.0416 7952 SpfService (65e5659e9c2a0762d05657c0e22a7ca2) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
13:44:41.0447 7952 SpfService - ok
13:44:41.0619 7952 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
13:44:41.0635 7952 spldr - ok
13:44:41.0728 7952 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
13:44:41.0822 7952 Spooler - ok
13:44:42.0227 7952 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
13:44:42.0446 7952 sppsvc - ok
13:44:42.0617 7952 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
13:44:42.0711 7952 sppuinotify - ok
13:44:42.0820 7952 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
13:44:42.0914 7952 srv - ok
13:44:43.0054 7952 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
13:44:43.0085 7952 srv2 - ok
13:44:43.0210 7952 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
13:44:43.0241 7952 srvnet - ok
13:44:43.0319 7952 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
13:44:43.0444 7952 SSDPSRV - ok
13:44:43.0491 7952 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
13:44:43.0585 7952 SstpSvc - ok
13:44:43.0741 7952 Stereo Service (525597fa2e9d49f19c59623b05562968) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
13:44:43.0772 7952 Stereo Service - ok
13:44:43.0928 7952 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
13:44:43.0943 7952 stexstor - ok
13:44:44.0006 7952 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
13:44:44.0068 7952 stisvc - ok
13:44:44.0099 7952 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
13:44:44.0131 7952 swenum - ok
13:44:44.0380 7952 SwitchBoard (f577910a133a592234ebaad3f3afa258) C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
13:44:44.0427 7952 SwitchBoard ( UnsignedFile.Multi.Generic ) - warning
13:44:44.0427 7952 SwitchBoard - detected UnsignedFile.Multi.Generic (1)
13:44:44.0739 7952 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
13:44:44.0879 7952 swprv - ok
13:44:45.0207 7952 SynTP (b0c7d4dcf4800df2f2145b500d0161e8) C:\Windows\system32\drivers\SynTP.sys
13:44:45.0269 7952 SynTP - ok
13:44:45.0457 7952 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
13:44:45.0566 7952 SysMain - ok
13:44:45.0706 7952 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
13:44:45.0769 7952 TabletInputService - ok
13:44:45.0800 7952 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
13:44:45.0909 7952 TapiSrv - ok
13:44:46.0018 7952 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
13:44:46.0112 7952 TBS - ok
13:44:46.0283 7952 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
13:44:46.0377 7952 Tcpip - ok
13:44:46.0689 7952 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
13:44:46.0783 7952 TCPIP6 - ok
13:44:46.0939 7952 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
13:44:47.0048 7952 tcpipreg - ok
13:44:47.0063 7952 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
13:44:47.0110 7952 TDPIPE - ok
13:44:47.0297 7952 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
13:44:47.0360 7952 TDTCP - ok
13:44:47.0422 7952 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
13:44:47.0500 7952 tdx - ok
13:44:47.0656 7952 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
13:44:47.0687 7952 TermDD - ok
13:44:47.0812 7952 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
13:44:47.0921 7952 TermService - ok
13:44:48.0077 7952 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
13:44:48.0124 7952 Themes - ok
13:44:48.0171 7952 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
13:44:48.0265 7952 THREADORDER - ok
13:44:48.0389 7952 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
13:44:48.0514 7952 TrkWks - ok
13:44:48.0561 7952 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
13:44:48.0655 7952 TrustedInstaller - ok
13:44:48.0811 7952 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
13:44:48.0920 7952 tssecsrv - ok
13:44:48.0951 7952 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
13:44:48.0998 7952 TsUsbFlt - ok
13:44:49.0123 7952 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
13:44:49.0169 7952 TsUsbGD - ok
13:44:49.0232 7952 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
13:44:49.0341 7952 tunnel - ok
13:44:49.0497 7952 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
13:44:49.0528 7952 uagp35 - ok
13:44:49.0653 7952 uCamMonitor (1fe69f3c1ca1cf4b7ec7e2e9090fffdc) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
13:44:49.0669 7952 uCamMonitor - ok
13:44:49.0793 7952 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
13:44:49.0903 7952 udfs - ok
13:44:49.0949 7952 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
13:44:49.0981 7952 UI0Detect - ok
13:44:50.0121 7952 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
13:44:50.0152 7952 uliagpkx - ok
13:44:50.0199 7952 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
13:44:50.0261 7952 umbus - ok
13:44:50.0293 7952 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
13:44:50.0339 7952 UmPass - ok
13:44:50.0605 7952 UNS (db641944f7e4b14c13c3fefc89843f69) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
13:44:50.0729 7952 UNS - ok
13:44:50.0870 7952 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
13:44:50.0995 7952 upnphost - ok
13:44:51.0229 7952 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
13:44:51.0291 7952 USBAAPL64 - ok
13:44:51.0416 7952 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
13:44:51.0478 7952 usbaudio - ok
13:44:51.0556 7952 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
13:44:51.0587 7952 usbccgp - ok
13:44:51.0712 7952 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
13:44:51.0743 7952 usbcir - ok
13:44:51.0837 7952 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
13:44:51.0868 7952 usbehci - ok
13:44:52.0055 7952 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\drivers\usbhub.sys
13:44:52.0133 7952 usbhub - ok
13:44:52.0196 7952 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
13:44:52.0227 7952 usbohci - ok
13:44:52.0399 7952 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\drivers\usbprint.sys
13:44:52.0445 7952 usbprint - ok
13:44:52.0492 7952 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:44:52.0601 7952 USBSTOR - ok
13:44:52.0757 7952 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
13:44:52.0898 7952 usbuhci - ok
13:44:53.0023 7952 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys
13:44:53.0069 7952 usbvideo - ok
13:44:53.0101 7952 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
13:44:53.0194 7952 UxSms - ok
13:44:53.0319 7952 VAIO Event Service (387d3dffcf0a544539e9c5d8b81169a2) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
13:44:53.0350 7952 VAIO Event Service - ok
13:44:53.0475 7952 VAIO Power Management (d1933e428d991b15affd48b1a7beb643) C:\Program Files\Sony\VAIO Power Management\SPMService.exe
13:44:53.0522 7952 VAIO Power Management - ok
13:44:53.0631 7952 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
13:44:53.0647 7952 VaultSvc - ok
13:44:53.0803 7952 VCFw (d00058c1fff3f3de990444a5734e9639) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
13:44:53.0849 7952 VCFw - ok
13:44:53.0959 7952 VcmIAlzMgr (f19275655b42086c884abcdae2c659ae) C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
13:44:54.0005 7952 VcmIAlzMgr - ok
13:44:54.0099 7952 VcmINSMgr (2f06d134554ba84fe253dbc481dcfe6d) C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
13:44:54.0146 7952 VcmINSMgr - ok
13:44:54.0224 7952 VcmXmlIfHelper (32a3735f6874b7783c6209ed5ca36d9d) C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe
13:44:54.0239 7952 VcmXmlIfHelper - ok
13:44:54.0364 7952 VCService (b26dab275900e604f247f5a8b72cffe1) C:\Program Files\Sony\VAIO Care\VCService.exe
13:44:54.0380 7952 VCService - ok
13:44:54.0505 7952 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
13:44:54.0520 7952 vdrvroot - ok
13:44:54.0583 7952 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
13:44:54.0707 7952 vds - ok
13:44:54.0785 7952 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
13:44:54.0832 7952 vga - ok
13:44:54.0863 7952 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
13:44:54.0957 7952 VgaSave - ok
13:44:55.0097 7952 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
13:44:55.0129 7952 vhdmp - ok
13:44:55.0207 7952 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
13:44:55.0222 7952 viaide - ok
13:44:55.0300 7952 VIPAppService (6ad85f32ea4aa65bb2ea652f2b9d4005) C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe
13:44:55.0331 7952 VIPAppService - ok
13:44:55.0456 7952 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
13:44:55.0472 7952 volmgr - ok
13:44:55.0519 7952 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
13:44:55.0550 7952 volmgrx - ok
13:44:55.0597 7952 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
13:44:55.0628 7952 volsnap - ok
13:44:55.0768 7952 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
13:44:55.0784 7952 vsmraid - ok
13:44:55.0955 7952 VSNService (8be8c47d5b09f5550dcbf6fcd8832ccb) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
13:44:56.0033 7952 VSNService - ok
13:44:56.0221 7952 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
13:44:56.0392 7952 VSS - ok
13:44:56.0595 7952 VUAgent (5498369d830f2d22104af518e50d8aaf) C:\Program Files\Sony\VAIO Update Common\VUAgent.exe
13:44:56.0657 7952 VUAgent - ok
13:44:56.0798 7952 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
13:44:56.0860 7952 vwifibus - ok
13:44:56.0954 7952 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
13:44:57.0016 7952 vwififlt - ok
13:44:57.0125 7952 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
13:44:57.0219 7952 W32Time - ok
13:44:57.0344 7952 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
13:44:57.0391 7952 WacomPen - ok
13:44:57.0484 7952 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
13:44:57.0593 7952 WANARP - ok
13:44:57.0609 7952 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
13:44:57.0687 7952 Wanarpv6 - ok
13:44:57.0968 7952 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
13:44:58.0046 7952 WatAdminSvc - ok
13:44:58.0233 7952 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
13:44:58.0358 7952 wbengine - ok
13:44:58.0436 7952 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
13:44:58.0483 7952 WbioSrvc - ok
13:44:58.0514 7952 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
13:44:58.0592 7952 wcncsvc - ok
13:44:58.0623 7952 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
13:44:58.0670 7952 WcsPlugInService - ok
13:44:58.0732 7952 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
13:44:58.0748 7952 Wd - ok
13:44:58.0873 7952 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
13:44:58.0919 7952 Wdf01000 - ok
13:44:58.0966 7952 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
13:44:59.0044 7952 WdiServiceHost - ok
13:44:59.0060 7952 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
13:44:59.0107 7952 WdiSystemHost - ok
13:44:59.0216 7952 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
13:44:59.0294 7952 WebClient - ok
13:44:59.0309 7952 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
13:44:59.0434 7952 Wecsvc - ok
13:44:59.0543 7952 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
13:44:59.0637 7952 wercplsupport - ok
13:44:59.0699 7952 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
13:44:59.0809 7952 WerSvc - ok
13:44:59.0933 7952 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
13:45:00.0011 7952 WfpLwf - ok
13:45:00.0043 7952 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
13:45:00.0074 7952 WIMMount - ok
13:45:00.0105 7952 WinDefend - ok
13:45:00.0121 7952 WinHttpAutoProxySvc - ok
13:45:00.0230 7952 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
13:45:00.0323 7952 Winmgmt - ok
13:45:00.0464 7952 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
13:45:00.0620 7952 WinRM - ok
13:45:00.0854 7952 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
13:45:00.0885 7952 WinUsb - ok
13:45:00.0979 7952 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
13:45:01.0088 7952 Wlansvc - ok
13:45:01.0197 7952 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
13:45:01.0213 7952 wlcrasvc - ok
13:45:01.0306 7952 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
13:45:01.0415 7952 wlidsvc - ok
13:45:01.0571 7952 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
13:45:01.0618 7952 WmiAcpi - ok
13:45:01.0696 7952 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
13:45:01.0759 7952 wmiApSrv - ok
13:45:01.0790 7952 WMPNetworkSvc - ok
13:45:01.0899 7952 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
13:45:01.0946 7952 WPCSvc - ok
13:45:01.0977 7952 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
13:45:02.0024 7952 WPDBusEnum - ok
13:45:02.0133 7952 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
13:45:02.0211 7952 ws2ifsl - ok
13:45:02.0258 7952 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
13:45:02.0320 7952 wscsvc - ok
13:45:02.0398 7952 WSearch - ok
13:45:02.0492 7952 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
13:45:02.0679 7952 wuauserv - ok
13:45:02.0804 7952 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
13:45:02.0913 7952 WudfPf - ok
13:45:02.0960 7952 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
13:45:03.0069 7952 WUDFRd - ok
13:45:03.0319 7952 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
13:45:03.0397 7952 wudfsvc - ok
13:45:03.0506 7952 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
13:45:03.0584 7952 WwanSvc - ok
13:45:03.0677 7952 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
13:45:04.0005 7952 \Device\Harddisk0\DR0 - ok
13:45:04.0021 7952 Boot (0x1200) (cbfdb3d148cc65bb6909108aeed038ba) \Device\Harddisk0\DR0\Partition0
13:45:04.0021 7952 \Device\Harddisk0\DR0\Partition0 - ok
13:45:04.0052 7952 Boot (0x1200) (6ad979b8b0283f631d02d1e72bb0faeb) \Device\Harddisk0\DR0\Partition1
13:45:04.0052 7952 \Device\Harddisk0\DR0\Partition1 - ok
13:45:04.0052 7952 ============================================================
13:45:04.0052 7952 Scan finished
13:45:04.0052 7952 ============================================================
13:45:04.0067 2900 Detected object count: 2
13:45:04.0067 2900 Actual detected object count: 2
13:45:30.0151 2900 Oasis2Service ( UnsignedFile.Multi.Generic ) - skipped by user
13:45:30.0151 2900 Oasis2Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:45:30.0151 2900 SwitchBoard ( UnsignedFile.Multi.Generic ) - skipped by user
13:45:30.0151 2900 SwitchBoard ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:46:42.0004 7768 Deinitialize success

[Maniac]

Thanks!

• Launch Malwarebytes' Anti-Malware
  
• Go to Update tab and select Check for Updates. If an update is found, it will download and install the latest version.
  
• Go to Scanner tab and select Perform Quick Scan, then click Scan.
  
• The scan may take some time to finish,so please be patient.
  
• When the scan is complete, click OK, then Show Results to view the results.
  
• Make sure that everything is checked, and click Remove Selected.
  
• When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
  
• The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  
• Copy&Paste the entire report in your next reply.

Extra Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer,please do so immediately.


In your next reply, post the following log files:

• Malwarebytes' Anti-Malware log
  
• a new fresh DDS log file

[avibuzz]

Ran it this time and it didn't pick up anything. I included the first one I ran (in red)

i also tried to install a free version of AVG and a trial version of Kaspersky (my anti virus that came with the laptop expired) with not luck. Not sure if something was blocking the installation. Virus???
Thanks again

alwarebytes Anti-Malware (Trial) 1.60.1.1000
www.malwarebytes.org
Database version: v2012.04.07.10
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Mike :: MIKE-VAIO [administrator]
Protection: Enabled
4/7/2012 16:53:18
mbam-log-2012-04-07 (16-53-18).txt
Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 364992
Time elapsed: 38 minute(s), 27 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)

Malwarebytes Anti-Malware (Trial) 1.60.1.1000
www.malwarebytes.org
Database version: v2012.04.05.01
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Mike :: MIKE-VAIO [administrator]
Protection: Enabled
4/4/2012 22:08:52
mbam-log-2012-04-04 (22-08-52).txt
Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 361985
Time elapsed: 35 minute(s), 51 second(s)
Memory Processes Detected: 1
C:\Windows\svchost.exe (Trojan.Agent) -> 3904 -> Delete on reboot.
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 1
C:\Windows\svchost.exe (Trojan.Agent) -> Delete on reboot.
(end)

[Maniac]

Quote

a new fresh DDS log file

Please generate a new fresh DDS log file.

[avibuzz]

09:43:58.0845 8764 TDSS rootkit removing tool 2.7.26.0 Apr 4 2012 19:52:02
09:43:59.0562 8764 ============================================================
09:43:59.0562 8764 Current date / time: 2012/04/08 09:43:59.0562
09:43:59.0562 8764 SystemInfo:
09:43:59.0562 8764
09:43:59.0562 8764 OS Version: 6.1.7601 ServicePack: 1.0
09:43:59.0562 8764 Product type: Workstation
09:43:59.0562 8764 ComputerName: MIKE-VAIO
09:43:59.0562 8764 UserName: Mike
09:43:59.0562 8764 Windows directory: C:\Windows
09:43:59.0562 8764 System windows directory: C:\Windows
09:43:59.0562 8764 Running under WOW64
09:43:59.0562 8764 Processor architecture: Intel x64
09:43:59.0562 8764 Number of processors: 8
09:43:59.0562 8764 Page size: 0x1000
09:43:59.0562 8764 Boot type: Normal boot
09:43:59.0562 8764 ============================================================
09:44:00.0202 8764 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
09:44:00.0217 8764 Drive \Device\Harddisk1\DR2 - Size: 0x3B97FE00 (0.93 Gb), SectorSize: 0x200, Cylinders: 0x79, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
09:44:00.0217 8764 \Device\Harddisk0\DR0:
09:44:00.0217 8764 MBR used
09:44:00.0217 8764 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1885800, BlocksNum 0x32000
09:44:00.0217 8764 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x18B7800, BlocksNum 0x38ACE030
09:44:00.0217 8764 \Device\Harddisk1\DR2:
09:44:00.0217 8764 MBR used
09:44:00.0217 8764 \Device\Harddisk1\DR2\Partition0: MBR, Type 0xE, StartLBA 0x8, BlocksNum 0x1DCBF7
09:44:00.0249 8764 Initialize success
09:44:00.0249 8764 ============================================================
09:44:11.0964 6212 ============================================================
09:44:11.0964 6212 Scan started
09:44:11.0964 6212 Mode: Manual;
09:44:11.0964 6212 ============================================================
09:44:13.0150 6212 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
09:44:13.0165 6212 1394ohci - ok
09:44:13.0259 6212 ACDaemon (adc420616c501b45d26c0fd3ef1e54e4) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
09:44:13.0259 6212 ACDaemon - ok
09:44:13.0321 6212 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
09:44:13.0321 6212 ACPI - ok
09:44:13.0399 6212 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
09:44:13.0415 6212 AcpiPmi - ok
09:44:13.0477 6212 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
09:44:13.0477 6212 AdobeARMservice - ok
09:44:13.0555 6212 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
09:44:13.0571 6212 adp94xx - ok
09:44:13.0618 6212 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
09:44:13.0633 6212 adpahci - ok
09:44:13.0665 6212 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
09:44:13.0680 6212 adpu320 - ok
09:44:13.0821 6212 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
09:44:13.0821 6212 AeLookupSvc - ok
09:44:13.0899 6212 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
09:44:13.0914 6212 AFD - ok
09:44:13.0977 6212 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
09:44:13.0977 6212 agp440 - ok
09:44:14.0023 6212 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
09:44:14.0023 6212 ALG - ok
09:44:14.0133 6212 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
09:44:14.0133 6212 aliide - ok
09:44:14.0211 6212 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
09:44:14.0211 6212 amdide - ok
09:44:14.0273 6212 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
09:44:14.0273 6212 AmdK8 - ok
09:44:14.0304 6212 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
09:44:14.0304 6212 AmdPPM - ok
09:44:14.0351 6212 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
09:44:14.0351 6212 amdsata - ok
09:44:14.0445 6212 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
09:44:14.0445 6212 amdsbs - ok
09:44:14.0476 6212 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
09:44:14.0476 6212 amdxata - ok
09:44:14.0523 6212 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
09:44:14.0523 6212 AppID - ok
09:44:14.0554 6212 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
09:44:14.0554 6212 AppIDSvc - ok
09:44:14.0632 6212 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
09:44:14.0632 6212 Appinfo - ok
09:44:14.0788 6212 Apple Mobile Device (3debbecf665dcdde3a95d9b902010817) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
09:44:14.0788 6212 Apple Mobile Device - ok
09:44:14.0897 6212 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
09:44:14.0897 6212 arc - ok
09:44:14.0944 6212 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
09:44:14.0944 6212 arcsas - ok
09:44:14.0975 6212 ArcSoftKsUFilter (c130bc4a51b1382b2be8e44579ec4c0a) C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys
09:44:14.0975 6212 ArcSoftKsUFilter - ok
09:44:15.0069 6212 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
09:44:15.0084 6212 aspnet_state - ok
09:44:15.0178 6212 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
09:44:15.0178 6212 AsyncMac - ok
09:44:15.0209 6212 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
09:44:15.0209 6212 atapi - ok
09:44:15.0349 6212 athr (a5e770426d18f8ef332a593f3289da91) C:\Windows\system32\DRIVERS\athrx.sys
09:44:15.0412 6212 athr - ok
09:44:15.0537 6212 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
09:44:15.0552 6212 AudioEndpointBuilder - ok
09:44:15.0568 6212 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
09:44:15.0583 6212 AudioSrv - ok
09:44:15.0630 6212 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
09:44:15.0646 6212 AxInstSV - ok
09:44:15.0739 6212 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
09:44:15.0739 6212 b06bdrv - ok
09:44:15.0833 6212 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
09:44:15.0833 6212 b57nd60a - ok
09:44:15.0864 6212 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
09:44:15.0864 6212 BDESVC - ok
09:44:15.0911 6212 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
09:44:15.0911 6212 Beep - ok
09:44:16.0005 6212 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
09:44:16.0020 6212 BFE - ok
09:44:16.0192 6212 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
09:44:16.0223 6212 BITS - ok
09:44:16.0285 6212 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys
09:44:16.0285 6212 blbdrive - ok
09:44:16.0410 6212 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
09:44:16.0426 6212 Bonjour Service - ok
09:44:16.0551 6212 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
09:44:16.0551 6212 bowser - ok
09:44:16.0582 6212 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
09:44:16.0582 6212 BrFiltLo - ok
09:44:16.0597 6212 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
09:44:16.0597 6212 BrFiltUp - ok
09:44:16.0629 6212 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
09:44:16.0644 6212 Browser - ok
09:44:16.0675 6212 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
09:44:16.0691 6212 Brserid - ok
09:44:16.0707 6212 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
09:44:16.0707 6212 BrSerWdm - ok
09:44:16.0785 6212 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
09:44:16.0800 6212 BrUsbMdm - ok
09:44:16.0831 6212 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
09:44:16.0831 6212 BrUsbSer - ok
09:44:16.0894 6212 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
09:44:16.0894 6212 BthEnum - ok
09:44:16.0972 6212 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys
09:44:16.0972 6212 BTHMODEM - ok
09:44:17.0112 6212 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
09:44:17.0112 6212 BthPan - ok
09:44:17.0190 6212 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys
09:44:17.0206 6212 BTHPORT - ok
09:44:17.0253 6212 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
09:44:17.0268 6212 bthserv - ok
09:44:17.0331 6212 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys
09:44:17.0331 6212 BTHUSB - ok
09:44:17.0409 6212 BTWAMPFL (f8cfafbd5bf8b3ddb0d3c2943a5af8ce) C:\Windows\system32\DRIVERS\btwampfl.sys
09:44:17.0409 6212 BTWAMPFL - ok
09:44:17.0455 6212 btwaudio (44770a3c07ebd5d6d7cd7dba915b49bc) C:\Windows\system32\drivers\btwaudio.sys
09:44:17.0455 6212 btwaudio - ok
09:44:17.0533 6212 btwavdt (75b59923087ae6eb064d13d8f58a02b6) C:\Windows\system32\DRIVERS\btwavdt.sys
09:44:17.0549 6212 btwavdt - ok
09:44:17.0705 6212 btwdins (e1c1bcc8211e3ae2b524deef071faf2a) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
09:44:17.0736 6212 btwdins - ok
09:44:17.0830 6212 btwl2cap (b9354f9f111c64f2495b60f1e24cb453) C:\Windows\system32\DRIVERS\btwl2cap.sys
09:44:17.0830 6212 btwl2cap - ok
09:44:17.0861 6212 btwrchid (9555e15f828760341751e9183bd34e60) C:\Windows\system32\DRIVERS\btwrchid.sys
09:44:17.0861 6212 btwrchid - ok
09:44:17.0923 6212 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
09:44:17.0923 6212 cdfs - ok
09:44:17.0955 6212 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
09:44:17.0970 6212 cdrom - ok
09:44:18.0048 6212 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
09:44:18.0064 6212 CertPropSvc - ok
09:44:18.0111 6212 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
09:44:18.0111 6212 circlass - ok
09:44:18.0142 6212 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
09:44:18.0142 6212 CLFS - ok
09:44:18.0204 6212 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:44:18.0204 6212 clr_optimization_v2.0.50727_32 - ok
09:44:18.0282 6212 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
09:44:18.0282 6212 clr_optimization_v2.0.50727_64 - ok
09:44:18.0329 6212 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:44:18.0376 6212 clr_optimization_v4.0.30319_32 - ok
09:44:18.0438 6212 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
09:44:18.0438 6212 clr_optimization_v4.0.30319_64 - ok
09:44:18.0516 6212 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
09:44:18.0516 6212 CmBatt - ok
09:44:18.0547 6212 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
09:44:18.0547 6212 cmdide - ok
09:44:18.0625 6212 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
09:44:18.0641 6212 CNG - ok
09:44:18.0688 6212 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
09:44:18.0688 6212 Compbatt - ok
09:44:18.0781 6212 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
09:44:18.0797 6212 CompositeBus - ok
09:44:18.0813 6212 COMSysApp - ok
09:44:18.0844 6212 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
09:44:18.0844 6212 crcdisk - ok
09:44:18.0922 6212 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll
09:44:18.0922 6212 CryptSvc - ok
09:44:18.0984 6212 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
09:44:19.0000 6212 DcomLaunch - ok
09:44:19.0078 6212 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
09:44:19.0093 6212 defragsvc - ok
09:44:19.0125 6212 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
09:44:19.0125 6212 DfsC - ok
09:44:19.0187 6212 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
09:44:19.0203 6212 Dhcp - ok
09:44:19.0218 6212 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
09:44:19.0218 6212 discache - ok
09:44:19.0312 6212 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
09:44:19.0312 6212 Disk - ok
09:44:19.0327 6212 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
09:44:19.0343 6212 Dnscache - ok
09:44:19.0390 6212 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
09:44:19.0390 6212 dot3svc - ok
09:44:19.0405 6212 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
09:44:19.0421 6212 DPS - ok
09:44:19.0452 6212 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
09:44:19.0452 6212 drmkaud - ok
09:44:19.0546 6212 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
09:44:19.0577 6212 DXGKrnl - ok
09:44:19.0608 6212 e1yexpress (50ad8fc1dc800ff36087994c8f7fdff2) C:\Windows\system32\DRIVERS\e1y60x64.sys
09:44:19.0624 6212 e1yexpress - ok
09:44:19.0671 6212 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
09:44:19.0671 6212 EapHost - ok
09:44:19.0998 6212 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
09:44:20.0076 6212 ebdrv - ok
09:44:20.0170 6212 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
09:44:20.0170 6212 EFS - ok
09:44:20.0232 6212 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
09:44:20.0248 6212 ehRecvr - ok
09:44:20.0279 6212 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
09:44:20.0279 6212 ehSched - ok
09:44:20.0326 6212 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
09:44:20.0341 6212 elxstor - ok
09:44:20.0357 6212 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
09:44:20.0357 6212 ErrDev - ok
09:44:20.0482 6212 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
09:44:20.0482 6212 EventSystem - ok
09:44:20.0544 6212 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
09:44:20.0544 6212 exfat - ok
09:44:20.0575 6212 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
09:44:20.0591 6212 fastfat - ok
09:44:20.0716 6212 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
09:44:20.0731 6212 Fax - ok
09:44:20.0778 6212 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
09:44:20.0778 6212 fdc - ok
09:44:20.0825 6212 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
09:44:20.0825 6212 fdPHost - ok
09:44:20.0919 6212 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
09:44:20.0919 6212 FDResPub - ok
09:44:20.0997 6212 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
09:44:20.0997 6212 FileInfo - ok
09:44:21.0012 6212 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
09:44:21.0012 6212 Filetrace - ok
09:44:21.0059 6212 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
09:44:21.0059 6212 flpydisk - ok
09:44:21.0106 6212 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
09:44:21.0106 6212 FltMgr - ok
09:44:21.0262 6212 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
09:44:21.0293 6212 FontCache - ok
09:44:21.0387 6212 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
09:44:21.0387 6212 FontCache3.0.0.0 - ok
09:44:21.0465 6212 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
09:44:21.0465 6212 FsDepends - ok
09:44:21.0511 6212 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
09:44:21.0511 6212 Fs_Rec - ok
09:44:21.0558 6212 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
09:44:21.0558 6212 fvevol - ok
09:44:21.0605 6212 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
09:44:21.0605 6212 gagp30kx - ok
09:44:21.0699 6212 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
09:44:21.0699 6212 GEARAspiWDM - ok
09:44:21.0761 6212 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
09:44:21.0792 6212 gpsvc - ok
09:44:21.0886 6212 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
09:44:21.0886 6212 gupdate - ok
09:44:21.0917 6212 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
09:44:21.0917 6212 gupdatem - ok
09:44:21.0948 6212 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
09:44:21.0948 6212 gusvc - ok
09:44:22.0042 6212 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
09:44:22.0042 6212 hcw85cir - ok
09:44:22.0073 6212 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
09:44:22.0089 6212 HdAudAddService - ok
09:44:22.0151 6212 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
09:44:22.0151 6212 HDAudBus - ok
09:44:22.0213 6212 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
09:44:22.0213 6212 HidBatt - ok
09:44:22.0229 6212 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
09:44:22.0245 6212 HidBth - ok
09:44:22.0276 6212 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
09:44:22.0276 6212 HidIr - ok
09:44:22.0323 6212 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
09:44:22.0323 6212 hidserv - ok
09:44:22.0369 6212 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
09:44:22.0369 6212 HidUsb - ok
09:44:22.0447 6212 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
09:44:22.0463 6212 hkmsvc - ok
09:44:22.0494 6212 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
09:44:22.0494 6212 HomeGroupListener - ok
09:44:22.0541 6212 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
09:44:22.0541 6212 HomeGroupProvider - ok
09:44:22.0619 6212 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
09:44:22.0619 6212 HpSAMD - ok
09:44:22.0728 6212 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
09:44:22.0744 6212 HTTP - ok
09:44:22.0791 6212 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
09:44:22.0791 6212 hwpolicy - ok
09:44:22.0853 6212 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
09:44:22.0853 6212 i8042prt - ok
09:44:22.0931 6212 iaStor (d469b77687e12fe43e344806740b624d) C:\Windows\system32\drivers\iaStor.sys
09:44:22.0947 6212 iaStor - ok
09:44:23.0071 6212 IAStorDataMgrSvc (983fc69644ddf0486c8dfea262948d1a) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
09:44:23.0071 6212 IAStorDataMgrSvc - ok
09:44:23.0212 6212 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
09:44:23.0212 6212 iaStorV - ok
09:44:23.0337 6212 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
09:44:23.0352 6212 idsvc - ok
09:44:23.0446 6212 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
09:44:23.0461 6212 iirsp - ok
09:44:23.0555 6212 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
09:44:23.0571 6212 IKEEXT - ok
09:44:23.0742 6212 IntcAzAudAddService (65f70696be5abc11634fcf96af7d7896) C:\Windows\system32\drivers\RTKVHD64.sys
09:44:23.0805 6212 IntcAzAudAddService - ok
09:44:23.0883 6212 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
09:44:23.0883 6212 intelide - ok
09:44:24.0007 6212 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\drivers\intelppm.sys
09:44:24.0007 6212 intelppm - ok
09:44:24.0054 6212 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
09:44:24.0054 6212 IPBusEnum - ok
09:44:24.0117 6212 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
09:44:24.0117 6212 IpFilterDriver - ok
09:44:24.0163 6212 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
09:44:24.0163 6212 iphlpsvc - ok
09:44:24.0226 6212 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
09:44:24.0226 6212 IPMIDRV - ok
09:44:24.0257 6212 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
09:44:24.0257 6212 IPNAT - ok
09:44:24.0351 6212 iPod Service (ee4c2a137c7088911a8919effc9812e7) C:\Program Files\iPod\bin\iPodService.exe
09:44:24.0366 6212 iPod Service - ok
09:44:24.0460 6212 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
09:44:24.0460 6212 IRENUM - ok
09:44:24.0507 6212 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
09:44:24.0507 6212 isapnp - ok
09:44:24.0538 6212 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
09:44:24.0553 6212 iScsiPrt - ok
09:44:24.0600 6212 IviRegMgr (f415a88162d23977b5edae4f0410e903) C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
09:44:24.0600 6212 IviRegMgr - ok
09:44:24.0678 6212 jhi_service (6c85719a21b3f62c2c76280f4bd36c7b) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
09:44:24.0678 6212 jhi_service - ok
09:44:24.0787 6212 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
09:44:24.0787 6212 kbdclass - ok
09:44:24.0819 6212 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
09:44:24.0819 6212 kbdhid - ok
09:44:24.0865 6212 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
09:44:24.0865 6212 KeyIso - ok
09:44:24.0959 6212 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
09:44:24.0959 6212 KSecDD - ok
09:44:25.0037 6212 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
09:44:25.0037 6212 KSecPkg - ok
09:44:25.0068 6212 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
09:44:25.0084 6212 ksthunk - ok
09:44:25.0115 6212 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
09:44:25.0131 6212 KtmRm - ok
09:44:25.0177 6212 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
09:44:25.0193 6212 LanmanServer - ok
09:44:25.0255 6212 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
09:44:25.0255 6212 LanmanWorkstation - ok
09:44:25.0318 6212 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
09:44:25.0318 6212 lltdio - ok
09:44:25.0365 6212 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
09:44:25.0365 6212 lltdsvc - ok
09:44:25.0396 6212 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
09:44:25.0396 6212 lmhosts - ok
09:44:25.0489 6212 LMS (f4a17dcab576267c85663e64f3ace5a4) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
09:44:25.0505 6212 LMS - ok
09:44:25.0630 6212 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
09:44:25.0630 6212 LSI_FC - ok
09:44:25.0661 6212 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
09:44:25.0661 6212 LSI_SAS - ok
09:44:25.0692 6212 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
09:44:25.0692 6212 LSI_SAS2 - ok
09:44:25.0723 6212 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
09:44:25.0723 6212 LSI_SCSI - ok
09:44:25.0755 6212 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
09:44:25.0770 6212 luafv - ok
09:44:25.0911 6212 MBAMProtector (79da94b35371b9e7104460c7693dcb2c) C:\Windows\system32\drivers\mbam.sys
09:44:25.0911 6212 MBAMProtector - ok
09:44:25.0973 6212 MBAMService (056b19651bd7b7ce5f89a3ac46dbdc08) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
09:44:25.0989 6212 MBAMService - ok
09:44:26.0035 6212 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
09:44:26.0035 6212 Mcx2Svc - ok
09:44:26.0082 6212 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
09:44:26.0082 6212 megasas - ok
09:44:26.0176 6212 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
09:44:26.0191 6212 MegaSR - ok
09:44:26.0238 6212 MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\drivers\HECIx64.sys
09:44:26.0238 6212 MEIx64 - ok
09:44:26.0347 6212 Microsoft SharePoint Workspace Audit Service - ok
09:44:26.0441 6212 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
09:44:26.0457 6212 MMCSS - ok
09:44:26.0488 6212 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
09:44:26.0488 6212 Modem - ok
09:44:26.0519 6212 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
09:44:26.0519 6212 monitor - ok
09:44:26.0550 6212 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
09:44:26.0550 6212 mouclass - ok
09:44:26.0644 6212 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
09:44:26.0644 6212 mouhid - ok
09:44:26.0691 6212 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
09:44:26.0691 6212 mountmgr - ok
09:44:26.0706 6212 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
09:44:26.0722 6212 mpio - ok
09:44:26.0737 6212 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
09:44:26.0737 6212 mpsdrv - ok
09:44:26.0800 6212 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
09:44:26.0815 6212 MpsSvc - ok
09:44:26.0940 6212 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
09:44:26.0940 6212 MRxDAV - ok
09:44:26.0971 6212 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
09:44:26.0987 6212 mrxsmb - ok
09:44:27.0018 6212 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
09:44:27.0018 6212 mrxsmb10 - ok
09:44:27.0049 6212 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
09:44:27.0049 6212 mrxsmb20 - ok
09:44:27.0081 6212 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
09:44:27.0081 6212 msahci - ok
09:44:27.0174 6212 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
09:44:27.0174 6212 msdsm - ok
09:44:27.0205 6212 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
09:44:27.0205 6212 MSDTC - ok
09:44:27.0237 6212 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
09:44:27.0237 6212 Msfs - ok
09:44:27.0283 6212 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
09:44:27.0283 6212 mshidkmdf - ok
09:44:27.0299 6212 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
09:44:27.0299 6212 msisadrv - ok
09:44:27.0393 6212 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
09:44:27.0393 6212 MSiSCSI - ok
09:44:27.0408 6212 msiserver - ok
09:44:27.0455 6212 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
09:44:27.0455 6212 MSKSSRV - ok
09:44:27.0486 6212 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
09:44:27.0486 6212 MSPCLOCK - ok
09:44:27.0502 6212 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
09:44:27.0502 6212 MSPQM - ok
09:44:27.0533 6212 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
09:44:27.0533 6212 MsRPC - ok
09:44:27.0580 6212 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
09:44:27.0580 6212 mssmbios - ok
09:44:27.0658 6212 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
09:44:27.0658 6212 MSTEE - ok
09:44:27.0705 6212 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
09:44:27.0705 6212 MTConfig - ok
09:44:27.0736 6212 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
09:44:27.0736 6212 Mup - ok
09:44:27.0783 6212 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
09:44:27.0798 6212 napagent - ok
09:44:27.0923 6212 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
09:44:27.0923 6212 NativeWifiP - ok
09:44:28.0017 6212 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
09:44:28.0032 6212 NDIS - ok
09:44:28.0079 6212 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
09:44:28.0079 6212 NdisCap - ok
09:44:28.0173 6212 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
09:44:28.0173 6212 NdisTapi - ok
09:44:28.0204 6212 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
09:44:28.0204 6212 Ndisuio - ok
09:44:28.0219 6212 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
09:44:28.0235 6212 NdisWan - ok
09:44:28.0266 6212 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
09:44:28.0266 6212 NDProxy - ok
09:44:28.0282 6212 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
09:44:28.0282 6212 NetBIOS - ok
09:44:28.0407 6212 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
09:44:28.0407 6212 NetBT - ok
09:44:28.0453 6212 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
09:44:28.0453 6212 Netlogon - ok
09:44:28.0500 6212 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
09:44:28.0516 6212 Netman - ok
09:44:28.0594 6212 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:44:28.0594 6212 NetMsmqActivator - ok
09:44:28.0609 6212 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:44:28.0609 6212 NetPipeActivator - ok
09:44:28.0656 6212 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
09:44:28.0672 6212 netprofm - ok
09:44:28.0687 6212 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:44:28.0687 6212 NetTcpActivator - ok
09:44:28.0703 6212 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:44:28.0703 6212 NetTcpPortSharing - ok
09:44:28.0750 6212 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
09:44:28.0750 6212 nfrd960 - ok
09:44:28.0828 6212 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
09:44:28.0828 6212 NlaSvc - ok
09:44:28.0859 6212 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
09:44:28.0859 6212 Npfs - ok
09:44:28.0906 6212 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
09:44:28.0906 6212 nsi - ok
09:44:28.0953 6212 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
09:44:28.0953 6212 nsiproxy - ok
09:44:29.0031 6212 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
09:44:29.0062 6212 Ntfs - ok
09:44:29.0155 6212 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
09:44:29.0155 6212 Null - ok
09:44:29.0202 6212 nusb3hub (158ad24745bd85ba9be3c51c38f48c32) C:\Windows\system32\drivers\nusb3hub.sys
09:44:29.0202 6212 nusb3hub - ok
09:44:29.0249 6212 nusb3xhc (d40a13b2c0891e218f9523b376955db6) C:\Windows\system32\drivers\nusb3xhc.sys
09:44:29.0249 6212 nusb3xhc - ok
09:44:29.0358 6212 NVHDA (f2662fdc20518ee8a8eed4f61ba42349) C:\Windows\system32\drivers\nvhda64v.sys
09:44:29.0358 6212 NVHDA - ok
09:44:29.0904 6212 nvlddmkm (a8151a773ce78233375445d41b77e85e) C:\Windows\system32\DRIVERS\nvlddmkm.sys
09:44:30.0091 6212 nvlddmkm - ok
09:44:30.0247 6212 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
09:44:30.0247 6212 nvraid - ok
09:44:30.0310 6212 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
09:44:30.0325 6212 nvstor - ok
09:44:30.0450 6212 NVSvc (b10cca77064c6171846e1cf0d7155af3) C:\Windows\system32\nvvsvc.exe
09:44:30.0466 6212 NVSvc - ok
09:44:30.0513 6212 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
09:44:30.0528 6212 nv_agp - ok
09:44:30.0591 6212 Oasis2Service (07571684567859da796a566cc78ffa74) C:\Program Files (x86)\DDNi\Oasis2Service\Oasis2Service.exe
09:44:30.0591 6212 Oasis2Service - ok
09:44:30.0700 6212 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
09:44:30.0700 6212 ohci1394 - ok
09:44:30.0747 6212 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
09:44:30.0747 6212 ose - ok
09:44:30.0949 6212 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
09:44:31.0027 6212 osppsvc - ok
09:44:31.0137 6212 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
09:44:31.0152 6212 p2pimsvc - ok
09:44:31.0183 6212 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
09:44:31.0183 6212 p2psvc - ok
09:44:31.0246 6212 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
09:44:31.0246 6212 Parport - ok
09:44:31.0277 6212 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
09:44:31.0277 6212 partmgr - ok
09:44:31.0308 6212 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
09:44:31.0308 6212 PcaSvc - ok
09:44:31.0433 6212 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
09:44:31.0433 6212 pci - ok
09:44:31.0495 6212 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
09:44:31.0495 6212 pciide - ok
09:44:31.0527 6212 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
09:44:31.0527 6212 pcmcia - ok
09:44:31.0605 6212 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
09:44:31.0620 6212 pcw - ok
09:44:31.0636 6212 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
09:44:31.0651 6212 PEAUTH - ok
09:44:31.0729 6212 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
09:44:31.0729 6212 PerfHost - ok
09:44:31.0917 6212 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
09:44:31.0948 6212 pla - ok
09:44:32.0197 6212 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
09:44:32.0197 6212 PlugPlay - ok
09:44:32.0291 6212 PMBDeviceInfoProvider (e9605a180001a6b5551112d91de92ca1) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
09:44:32.0307 6212 PMBDeviceInfoProvider - ok
09:44:32.0385 6212 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
09:44:32.0385 6212 PNRPAutoReg - ok
09:44:32.0416 6212 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
09:44:32.0416 6212 PNRPsvc - ok
09:44:32.0463 6212 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
09:44:32.0478 6212 PolicyAgent - ok
09:44:32.0525 6212 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
09:44:32.0541 6212 Power - ok
09:44:32.0634 6212 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
09:44:32.0634 6212 PptpMiniport - ok
09:44:32.0665 6212 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
09:44:32.0665 6212 Processor - ok
09:44:32.0712 6212 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll
09:44:32.0712 6212 ProfSvc - ok
09:44:32.0743 6212 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
09:44:32.0759 6212 ProtectedStorage - ok
09:44:32.0775 6212 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
09:44:32.0775 6212 Psched - ok
09:44:32.0821 6212 PSI_SVC_2 (f036cfb275d0c55f4e45fbbf5f98b3c8) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
09:44:32.0837 6212 PSI_SVC_2 - ok
09:44:33.0055 6212 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
09:44:33.0087 6212 ql2300 - ok
09:44:33.0118 6212 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
09:44:33.0118 6212 ql40xx - ok
09:44:33.0165 6212 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
09:44:33.0165 6212 QWAVE - ok
09:44:33.0258 6212 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
09:44:33.0258 6212 QWAVEdrv - ok
09:44:33.0274 6212 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
09:44:33.0274 6212 RasAcd - ok
09:44:33.0321 6212 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
09:44:33.0321 6212 RasAgileVpn - ok
09:44:33.0367 6212 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
09:44:33.0367 6212 RasAuto - ok
09:44:33.0383 6212 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
09:44:33.0399 6212 Rasl2tp - ok
09:44:33.0461 6212 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
09:44:33.0477 6212 RasMan - ok
09:44:33.0523 6212 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
09:44:33.0523 6212 RasPppoe - ok
09:44:33.0555 6212 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
09:44:33.0570 6212 RasSstp - ok
09:44:33.0586 6212 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
09:44:33.0601 6212 rdbss - ok
09:44:33.0664 6212 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
09:44:33.0664 6212 rdpbus - ok
09:44:33.0711 6212 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
09:44:33.0711 6212 RDPCDD - ok
09:44:33.0742 6212 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
09:44:33.0742 6212 RDPENCDD - ok
09:44:33.0757 6212 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
09:44:33.0757 6212 RDPREFMP - ok
09:44:33.0804 6212 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys
09:44:33.0820 6212 RDPWD - ok
09:44:33.0867 6212 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
09:44:33.0867 6212 rdyboost - ok
09:44:33.0960 6212 regi (4d9afddda0efe97cdbfd3b5fa48b05f6) C:\Windows\system32\drivers\regi.sys
09:44:33.0960 6212 regi - ok
09:44:34.0007 6212 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
09:44:34.0023 6212 RemoteAccess - ok
09:44:34.0069 6212 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
09:44:34.0085 6212 RemoteRegistry - ok
09:44:34.0132 6212 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
09:44:34.0147 6212 RFCOMM - ok
09:44:34.0210 6212 rimspci (ff71ecb1b121c6273ec4c45eddbc4fe4) C:\Windows\system32\drivers\rimssne64.sys
09:44:34.0210 6212 rimspci - ok
09:44:34.0257 6212 risdsnpe (e33075c22c14c57095f037253f936bb8) C:\Windows\system32\drivers\risdsnxc64.sys
09:44:34.0272 6212 risdsnpe - ok
09:44:34.0303 6212 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
09:44:34.0303 6212 RpcEptMapper - ok
09:44:34.0350 6212 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
09:44:34.0350 6212 RpcLocator - ok
09:44:34.0381 6212 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
09:44:34.0397 6212 RpcSs - ok
09:44:34.0459 6212 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
09:44:34.0475 6212 rspndr - ok
09:44:34.0537 6212 RTL8167 (f4c374b1c46de294b573bb43723ac3f6) C:\Windows\system32\DRIVERS\Rt64win7.sys
09:44:34.0553 6212 RTL8167 - ok
09:44:34.0584 6212 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
09:44:34.0600 6212 SamSs - ok
09:44:34.0615 6212 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
09:44:34.0631 6212 sbp2port - ok
09:44:34.0787 6212 SBSDWSCService (794d4b48dfb6e999537c7c3947863463) C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
09:44:34.0803 6212 SBSDWSCService - ok
09:44:34.0881 6212 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
09:44:34.0896 6212 SCardSvr - ok
09:44:34.0943 6212 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
09:44:34.0943 6212 scfilter - ok
09:44:34.0990 6212 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
09:44:35.0021 6212 Schedule - ok
09:44:35.0052 6212 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
09:44:35.0052 6212 SCPolicySvc - ok
09:44:35.0130 6212 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\DRIVERS\sdbus.sys
09:44:35.0130 6212 sdbus - ok
09:44:35.0177 6212 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
09:44:35.0193 6212 SDRSVC - ok
09:44:35.0239 6212 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
09:44:35.0239 6212 secdrv - ok
09:44:35.0255 6212 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
09:44:35.0255 6212 seclogon - ok
09:44:35.0411 6212 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
09:44:35.0411 6212 SENS - ok
09:44:35.0442 6212 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
09:44:35.0458 6212 SensrSvc - ok
09:44:35.0520 6212 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
09:44:35.0520 6212 Serenum - ok
09:44:35.0598 6212 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
09:44:35.0598 6212 Serial - ok
09:44:35.0645 6212 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
09:44:35.0645 6212 sermouse - ok
09:44:35.0707 6212 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
09:44:35.0707 6212 SessionEnv - ok
09:44:35.0770 6212 SFEP (286d3889e6ab5589646ff8a63cb928ae) C:\Windows\system32\drivers\SFEP.sys
09:44:35.0770 6212 SFEP - ok
09:44:35.0910 6212 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
09:44:35.0910 6212 sffdisk - ok
09:44:35.0957 6212 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
09:44:35.0957 6212 sffp_mmc - ok
09:44:35.0973 6212 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
09:44:35.0973 6212 sffp_sd - ok
09:44:36.0051 6212 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
09:44:36.0051 6212 sfloppy - ok
09:44:36.0160 6212 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
09:44:36.0160 6212 SharedAccess - ok
09:44:36.0191 6212 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
09:44:36.0207 6212 ShellHWDetection - ok
09:44:36.0269 6212 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
09:44:36.0269 6212 SiSRaid2 - ok
09:44:36.0316 6212 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
09:44:36.0316 6212 SiSRaid4 - ok
09:44:36.0394 6212 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
09:44:36.0409 6212 Smb - ok
09:44:36.0456 6212 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
09:44:36.0456 6212 SNMPTRAP - ok
09:44:36.0565 6212 SOHCImp (ddf2ec98af6fc70608a4f9ce4db52758) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
09:44:36.0581 6212 SOHCImp - ok
09:44:36.0597 6212 SOHDs (5fa03f5ea6efef6d17b4a1a48c40a23c) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
09:44:36.0597 6212 SOHDs - ok
09:44:36.0659 6212 SpfService (65e5659e9c2a0762d05657c0e22a7ca2) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
09:44:36.0675 6212 SpfService - ok
09:44:36.0753 6212 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
09:44:36.0753 6212 spldr - ok
09:44:36.0800 6212 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
09:44:36.0815 6212 Spooler - ok
09:44:36.0924 6212 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
09:44:36.0987 6212 sppsvc - ok
09:44:37.0096 6212 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
09:44:37.0112 6212 sppuinotify - ok
09:44:37.0174 6212 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
09:44:37.0190 6212 srv - ok
09:44:37.0221 6212 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
09:44:37.0221 6212 srv2 - ok
09:44:37.0236 6212 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
09:44:37.0252 6212 srvnet - ok
09:44:37.0361 6212 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
09:44:37.0361 6212 SSDPSRV - ok
09:44:37.0392 6212 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
09:44:37.0392 6212 SstpSvc - ok
09:44:37.0486 6212 Stereo Service (525597fa2e9d49f19c59623b05562968) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
09:44:37.0502 6212 Stereo Service - ok
09:44:37.0533 6212 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
09:44:37.0533 6212 stexstor - ok
09:44:37.0658 6212 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
09:44:37.0673 6212 stisvc - ok
09:44:37.0720 6212 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
09:44:37.0720 6212 swenum - ok
09:44:37.0876 6212 SwitchBoard (f577910a133a592234ebaad3f3afa258) C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
09:44:37.0876 6212 SwitchBoard - ok
09:44:38.0032 6212 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
09:44:38.0048 6212 swprv - ok
09:44:38.0141 6212 SynTP (b0c7d4dcf4800df2f2145b500d0161e8) C:\Windows\system32\drivers\SynTP.sys
09:44:38.0172 6212 SynTP - ok
09:44:38.0360 6212 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
09:44:38.0406 6212 SysMain - ok
09:44:38.0438 6212 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
09:44:38.0438 6212 TabletInputService - ok
09:44:38.0547 6212 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
09:44:38.0562 6212 TapiSrv - ok
09:44:38.0594 6212 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
09:44:38.0594 6212 TBS - ok
09:44:38.0687 6212 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
09:44:38.0718 6212 Tcpip - ok
09:44:38.0828 6212 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
09:44:38.0859 6212 TCPIP6 - ok
09:44:38.0921 6212 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
09:44:38.0921 6212 tcpipreg - ok
09:44:38.0937 6212 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
09:44:38.0937 6212 TDPIPE - ok
09:44:38.0984 6212 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
09:44:38.0984 6212 TDTCP - ok
09:44:39.0030 6212 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
09:44:39.0030 6212 tdx - ok
09:44:39.0124 6212 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
09:44:39.0124 6212 TermDD - ok
09:44:39.0186 6212 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
09:44:39.0202 6212 TermService - ok
09:44:39.0218 6212 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
09:44:39.0218 6212 Themes - ok
09:44:39.0249 6212 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
09:44:39.0264 6212 THREADORDER - ok
09:44:39.0342 6212 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
09:44:39.0358 6212 TrkWks - ok
09:44:39.0389 6212 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
09:44:39.0405 6212 TrustedInstaller - ok
09:44:39.0436 6212 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
09:44:39.0436 6212 tssecsrv - ok
09:44:39.0483 6212 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
09:44:39.0483 6212 TsUsbFlt - ok
09:44:39.0576 6212 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
09:44:39.0576 6212 TsUsbGD - ok
09:44:39.0623 6212 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
09:44:39.0623 6212 tunnel - ok
09:44:39.0654 6212 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
09:44:39.0654 6212 uagp35 - ok
09:44:39.0732 6212 uCamMonitor (1fe69f3c1ca1cf4b7ec7e2e9090fffdc) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
09:44:39.0748 6212 uCamMonitor - ok
09:44:39.0826 6212 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
09:44:39.0842 6212 udfs - ok
09:44:39.0873 6212 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
09:44:39.0873 6212 UI0Detect - ok
09:44:39.0951 6212 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
09:44:39.0951 6212 uliagpkx - ok
09:44:39.0998 6212 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
09:44:39.0998 6212 umbus - ok
09:44:40.0029 6212 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
09:44:40.0029 6212 UmPass - ok
09:44:40.0356 6212 UNS (db641944f7e4b14c13c3fefc89843f69) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
09:44:40.0403 6212 UNS - ok
09:44:40.0528 6212 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
09:44:40.0528 6212 upnphost - ok
09:44:40.0606 6212 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
09:44:40.0606 6212 USBAAPL64 - ok
09:44:40.0715 6212 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
09:44:40.0715 6212 usbaudio - ok
09:44:40.0762 6212 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
09:44:40.0762 6212 usbccgp - ok
09:44:40.0824 6212 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
09:44:40.0840 6212 usbcir - ok
09:44:40.0856 6212 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
09:44:40.0871 6212 usbehci - ok
09:44:40.0980 6212 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\drivers\usbhub.sys
09:44:40.0996 6212 usbhub - ok
09:44:41.0012 6212 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
09:44:41.0012 6212 usbohci - ok
09:44:41.0043 6212 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\drivers\usbprint.sys
09:44:41.0043 6212 usbprint - ok
09:44:41.0074 6212 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
09:44:41.0090 6212 USBSTOR - ok
09:44:41.0121 6212 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
09:44:41.0136 6212 usbuhci - ok
09:44:41.0230 6212 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys
09:44:41.0230 6212 usbvideo - ok
09:44:41.0261 6212 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
09:44:41.0261 6212 UxSms - ok
09:44:41.0370 6212 VAIO Event Service (387d3dffcf0a544539e9c5d8b81169a2) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
09:44:41.0370 6212 VAIO Event Service - ok
09:44:41.0448 6212 VAIO Power Management (d1933e428d991b15affd48b1a7beb643) C:\Program Files\Sony\VAIO Power Management\SPMService.exe
09:44:41.0464 6212 VAIO Power Management - ok
09:44:41.0542 6212 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
09:44:41.0558 6212 VaultSvc - ok
09:44:41.0714 6212 VCFw (d00058c1fff3f3de990444a5734e9639) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
09:44:41.0729 6212 VCFw - ok
09:44:41.0823 6212 VcmIAlzMgr (f19275655b42086c884abcdae2c659ae) C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
09:44:41.0838 6212 VcmIAlzMgr - ok
09:44:41.0916 6212 VcmINSMgr (2f06d134554ba84fe253dbc481dcfe6d) C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
09:44:41.0916 6212 VcmINSMgr - ok
09:44:42.0010 6212 VcmXmlIfHelper (32a3735f6874b7783c6209ed5ca36d9d) C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe
09:44:42.0010 6212 VcmXmlIfHelper - ok
09:44:42.0104 6212 VCService (b26dab275900e604f247f5a8b72cffe1) C:\Program Files\Sony\VAIO Care\VCService.exe
09:44:42.0104 6212 VCService - ok
09:44:42.0213 6212 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
09:44:42.0213 6212 vdrvroot - ok
09:44:42.0244 6212 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
09:44:42.0260 6212 vds - ok
09:44:42.0291 6212 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
09:44:42.0291 6212 vga - ok
09:44:42.0322 6212 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
09:44:42.0322 6212 VgaSave - ok
09:44:42.0353 6212 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
09:44:42.0353 6212 vhdmp - ok
09:44:42.0478 6212 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
09:44:42.0478 6212 viaide - ok
09:44:42.0556 6212 VIPAppService (6ad85f32ea4aa65bb2ea652f2b9d4005) C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe
09:44:42.0572 6212 VIPAppService - ok
09:44:42.0618 6212 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
09:44:42.0618 6212 volmgr - ok
09:44:42.0681 6212 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
09:44:42.0681 6212 volmgrx - ok
09:44:42.0790 6212 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
09:44:42.0806 6212 volsnap - ok
09:44:42.0852 6212 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
09:44:42.0852 6212 vsmraid - ok
09:44:43.0040 6212 VSNService (8be8c47d5b09f5550dcbf6fcd8832ccb) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
09:44:43.0055 6212 VSNService - ok
09:44:43.0336 6212 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
09:44:43.0367 6212 VSS - ok
09:44:43.0586 6212 VUAgent (5498369d830f2d22104af518e50d8aaf) C:\Program Files\Sony\VAIO Update Common\VUAgent.exe
09:44:43.0601 6212 VUAgent - ok
09:44:43.0695 6212 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
09:44:43.0695 6212 vwifibus - ok
09:44:43.0742 6212 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
09:44:43.0742 6212 vwififlt - ok
09:44:43.0788 6212 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
09:44:43.0788 6212 W32Time - ok
09:44:43.0820 6212 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
09:44:43.0835 6212 WacomPen - ok
09:44:43.0913 6212 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
09:44:43.0929 6212 WANARP - ok
09:44:43.0960 6212 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
09:44:43.0976 6212 Wanarpv6 - ok
09:44:44.0116 6212 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
09:44:44.0147 6212 WatAdminSvc - ok
09:44:44.0412 6212 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
09:44:44.0459 6212 wbengine - ok
09:44:44.0568 6212 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
09:44:44.0568 6212 WbioSrvc - ok
09:44:44.0600 6212 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
09:44:44.0615 6212 wcncsvc - ok
09:44:44.0631 6212 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
09:44:44.0646 6212 WcsPlugInService - ok
09:44:44.0693 6212 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
09:44:44.0693 6212 Wd - ok
09:44:44.0834 6212 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
09:44:44.0849 6212 Wdf01000 - ok
09:44:44.0880 6212 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
09:44:44.0896 6212 WdiServiceHost - ok
09:44:44.0896 6212 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
09:44:44.0896 6212 WdiSystemHost - ok
09:44:44.0927 6212 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
09:44:44.0943 6212 WebClient - ok
09:44:44.0974 6212 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
09:44:44.0974 6212 Wecsvc - ok
09:44:45.0146 6212 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
09:44:45.0146 6212 wercplsupport - ok
09:44:45.0192 6212 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
09:44:45.0192 6212 WerSvc - ok
09:44:45.0302 6212 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
09:44:45.0302 6212 WfpLwf - ok
09:44:45.0333 6212 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
09:44:45.0333 6212 WIMMount - ok
09:44:45.0364 6212 WinDefend - ok
09:44:45.0364 6212 WinHttpAutoProxySvc - ok
09:44:45.0473 6212 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
09:44:45.0473 6212 Winmgmt - ok
09:44:45.0707 6212 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
09:44:45.0738 6212 WinRM - ok
09:44:45.0863 6212 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
09:44:45.0879 6212 WinUsb - ok
09:44:45.0957 6212 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
09:44:45.0988 6212 Wlansvc - ok
09:44:46.0050 6212 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
09:44:46.0050 6212 wlcrasvc - ok
09:44:46.0144 6212 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
09:44:46.0175 6212 wlidsvc - ok
09:44:46.0300 6212 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
09:44:46.0300 6212 WmiAcpi - ok
09:44:46.0362 6212 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
09:44:46.0378 6212 wmiApSrv - ok
09:44:46.0409 6212 WMPNetworkSvc - ok
09:44:46.0440 6212 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
09:44:46.0440 6212 WPCSvc - ok
09:44:46.0503 6212 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
09:44:46.0503 6212 WPDBusEnum - ok
09:44:46.0550 6212 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
09:44:46.0565 6212 ws2ifsl - ok
09:44:46.0581 6212 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
09:44:46.0596 6212 wscsvc - ok
09:44:46.0596 6212 WSearch - ok
09:44:46.0674 6212 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
09:44:46.0737 6212 wuauserv - ok
09:44:46.0877 6212 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
09:44:46.0877 6212 WudfPf - ok
09:44:46.0971 6212 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
09:44:46.0971 6212 WUDFRd - ok
09:44:47.0002 6212 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
09:44:47.0002 6212 wudfsvc - ok
09:44:47.0033 6212 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
09:44:47.0049 6212 WwanSvc - ok
09:44:47.0096 6212 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
09:44:47.0158 6212 \Device\Harddisk0\DR0 - ok
09:44:47.0158 6212 MBR (0x1B8) (671b81004fdd1588fa9ed1331c9ceca9) \Device\Harddisk1\DR2
09:44:59.0700 6212 \Device\Harddisk1\DR2 - ok
09:44:59.0747 6212 Boot (0x1200) (cbfdb3d148cc65bb6909108aeed038ba) \Device\Harddisk0\DR0\Partition0
09:44:59.0747 6212 \Device\Harddisk0\DR0\Partition0 - ok
09:44:59.0763 6212 Boot (0x1200) (6ad979b8b0283f631d02d1e72bb0faeb) \Device\Harddisk0\DR0\Partition1
09:44:59.0763 6212 \Device\Harddisk0\DR0\Partition1 - ok
09:44:59.0778 6212 Boot (0x1200) (55225e6db320e994396664accfbd54d2) \Device\Harddisk1\DR2\Partition0
09:44:59.0778 6212 \Device\Harddisk1\DR2\Partition0 - ok
09:44:59.0778 6212 ============================================================
09:44:59.0778 6212 Scan finished
09:44:59.0778 6212 ============================================================
09:44:59.0794 5136 Detected object count: 0
09:44:59.0794 5136 Actual detected object count: 0

[Maniac]

I mean DDS log file like in the first post:
http://forums.malwar...ndpost&p=540291

[avibuzz]

Ok but I'm confused. What did i give you on the last post?

[Maniac]

Never mind, proceed as follows:

Please visit this webpage for download links, and instructions for running the tool:

http://www.bleepingc...to-use-combofix

* Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Please include the C:\ComboFix.txt in your next reply for further review.

[avibuzz]

ComboFix 12-04-08.01 - Mike 04/08/2012 19:21:25.1.8 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4077.1957 [GMT -5:00]
Running from: c:\users\Mike\Downloads\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Mike\AppData\Local\Temp\{A757F0E6-89E3-402A-A055-B991623728BC}\fpb.tmp
c:\users\Mike\Documents\~WRL0004.tmp
c:\users\Mike\Documents\~WRL0005.tmp
c:\users\Mike\Documents\~WRL0365.tmp
c:\users\Mike\Documents\~WRL0730.tmp
c:\users\Mike\Documents\~WRL1291.tmp
c:\users\Mike\Documents\~WRL1704.tmp
c:\users\Mike\Documents\~WRL2065.tmp
c:\users\Mike\Documents\~WRL3155.tmp
c:\users\Mike\Documents\~WRL3548.tmp
c:\windows\SysWow64\404Fix.exe
c:\windows\SysWow64\Agent.OMZ.Fix.exe
c:\windows\SysWow64\dumphive.exe
c:\windows\SysWow64\IEDFix.C.exe
c:\windows\SysWow64\IEDFix.exe
c:\windows\SysWow64\o4Patch.exe
c:\windows\SysWow64\Process.exe
c:\windows\SysWow64\SrchSTS.exe
c:\windows\SysWow64\tmp.reg
c:\windows\SysWow64\VACFix.exe
c:\windows\SysWow64\VCCLSID.exe
c:\windows\SysWow64\WS2Fix.exe
.
.
((((((((((((((((((((((((( Files Created from 2012-03-09 to 2012-04-09 )))))))))))))))))))))))))))))))
.
.
2012-04-08 23:53 . 2012-04-08 23:53 -------- d-----w- c:\program files (x86)\Handbrake
2012-04-08 23:50 . 2012-04-08 23:50 8738464 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2012-04-08 22:56 . 2012-04-08 22:56 -------- d-----w- c:\users\Mike\AppData\Local\CrashDumps
2012-04-08 22:56 . 2012-04-08 23:56 -------- d-----w- c:\users\Mike\AppData\Roaming\HandBrake
2012-04-08 22:53 . 2012-04-08 23:50 418464 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-04-06 23:51 . 2012-04-06 23:51 -------- d-----w- c:\program files (x86)\EASEUS
2012-04-06 22:15 . 2012-03-14 03:27 8669240 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{BFC4662D-3760-4BEA-9A50-24B112B2A6DA}\mpengine.dll
2012-04-06 22:14 . 2011-11-19 15:20 5559152 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-04-06 22:14 . 2011-11-19 14:50 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-04-06 22:14 . 2011-11-19 14:50 3913584 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-04-05 19:58 . 2012-04-06 02:12 -------- d-----w- C:\TDSSKiller_Quarantine
2012-04-05 04:00 . 2012-04-05 04:07 691 ----a-w- c:\users\Mike\AppData\Roaming\GetValue.vbs
2012-04-05 04:00 . 2012-04-05 04:07 35 ----a-w- c:\users\Mike\AppData\Roaming\SetValue.bat
2012-04-05 03:08 . 2012-04-05 03:08 -------- d-----w- c:\users\Mike\AppData\Roaming\Malwarebytes
2012-04-05 03:08 . 2012-04-05 03:08 -------- d-----w- c:\programdata\Malwarebytes
2012-04-05 03:08 . 2012-04-05 03:08 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-04-05 03:08 . 2011-12-10 20:24 23152 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-04-05 02:50 . 2012-04-05 02:50 -------- d-----w- C:\$AVG
2012-04-05 02:30 . 2012-04-05 02:30 -------- d-----w- c:\windows\SysWow64\drivers\AVG
2012-03-15 15:34 . 2012-02-10 06:36 1544192 ----a-w- c:\windows\system32\DWrite.dll
2012-03-15 15:34 . 2012-02-10 05:38 1077248 ----a-w- c:\windows\SysWow64\DWrite.dll
2012-03-15 15:34 . 2012-02-03 04:34 3145728 ----a-w- c:\windows\system32\win32k.sys
2012-03-15 15:28 . 2012-01-25 06:38 77312 ----a-w- c:\windows\system32\rdpwsx.dll
2012-03-15 15:28 . 2012-01-25 06:38 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll
2012-03-15 15:28 . 2012-01-25 06:33 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe
2012-03-15 15:28 . 2012-02-17 06:38 1031680 ----a-w- c:\windows\system32\rdpcore.dll
2012-03-15 15:28 . 2012-02-17 05:34 826880 ----a-w- c:\windows\SysWow64\rdpcore.dll
2012-03-15 15:28 . 2012-02-17 04:58 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-03-15 15:28 . 2012-02-17 04:57 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys
2012-03-13 03:22 . 2012-03-13 03:22 -------- dc-h--w- c:\programdata\{F974CC36-BF25-4374-A035-B0A9DA79E735}
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-04-08 23:50 . 2011-08-12 09:51 70304 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-02-23 14:18 . 2010-11-21 03:27 279656 ------w- c:\windows\system32\MpSigStub.exe
2012-02-19 22:12 . 2011-12-26 15:07 952 --sha-w- c:\programdata\KGyGaAvL.sys
2012-02-02 21:48 . 2012-02-02 21:48 6656 ----a-w- c:\programdata\Microsoft\Windows\DRM\A083.tmp
2012-02-02 21:48 . 2012-02-02 21:48 6656 ----a-w- c:\programdata\Microsoft\Windows\DRM\A082.tmp
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Elbserver"="c:\program files (x86)\Sony\Media Gallery\ElbServer.exe" [2011-05-18 83344]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2011-12-30 39408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2011-01-13 283160]
"Dolby Home Theater v4"="c:\program files (x86)\Dolby Home Theater v4\pcee4.exe" [2011-05-02 500736]
"ISBMgr.exe"="c:\program files (x86)\Sony\ISB Utility\ISBMgr.exe" [2011-06-01 2801288]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-01-13 460872]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-30 136176]
R2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-06-24 2656536]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-08 253600]
R3 BTWAMPFL;BTWAMPFL;c:\windows\system32\DRIVERS\btwampfl.sys [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
R3 e1yexpress;Intel® Gigabit Network Connections Driver;c:\windows\system32\DRIVERS\e1y60x64.sys [x]
R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-30 136176]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184]
R3 SwitchBoard;Adobe SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2011-02-19 99104]
R3 VCService;VCService;c:\program files\Sony\VAIO Care\VCService.exe [2011-10-30 54432]
R3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update Common\VUAgent.exe [2011-10-28 1245800]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-01-13 13336]
S2 jhi_service;Intel® Identity Protection Technology Host Interface Service;c:\program files (x86)\Intel\Services\IPT\jhi_service.exe [2011-02-24 212944]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-01-13 652360]
S2 Oasis2Service;Oasis2Service;c:\program files (x86)\DDNi\Oasis2Service\Oasis2Service.exe [2012-02-10 53248]
S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2011-03-15 428384]
S2 regi;regi;c:\windows\system32\drivers\regi.sys [x]
S2 rimspci;rimspci;c:\windows\system32\drivers\rimssne64.sys [x]
S2 risdsnpe;risdsnpe;c:\windows\system32\drivers\risdsnxc64.sys [x]
S2 SampleCollector;VAIO Care Performance Service;c:\program files\Sony\VAIO Care\VCPerfService.exe [2011-08-26 260768]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
S2 SOHCImp;VAIO Content Importer;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2011-02-21 113824]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-06-17 378472]
S2 uCamMonitor;CamMonitor;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2011-02-23 105024]
S2 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe [2011-05-31 552584]
S2 VCFw;VAIO Content Folder Watcher;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2011-01-20 887000]
S2 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2011-05-20 549616]
S2 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2011-02-19 385336]
S2 VIPAppService;VIPAppService;c:\program files (x86)\Symantec\VIP Access Client\VIPAppService.exe [2011-04-13 84088]
S2 VSNService;VSNService;c:\program files\Sony\VAIO Smart Network\VSNService.exe [2011-07-15 969352]
S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 MEIx64;Intel® Management Engine Interface;c:\windows\system32\drivers\HECIx64.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\drivers\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\drivers\nusb3xhc.sys [x]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\drivers\SFEP.sys [x]
S3 SOHDs;VAIO Device Searcher;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2011-02-21 67232]
S3 SpfService;VAIO Entertainment Common Service;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [2011-01-20 286936]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
.
Contents of the 'Scheduled Tasks' folder
.
2012-04-09 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-08 23:50]
.
2012-04-08 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1224217748-1873316770-580351221-1000Core.job
- c:\users\Mike\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-01-27 22:58]
.
2012-04-08 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1224217748-1873316770-580351221-1000UA.job
- c:\users\Mike\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-01-27 22:58]
.
2012-04-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-30 23:39]
.
2012-04-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-30 23:39]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-07-20 11895400]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-07-20 2226280]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.cnn.com/
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.1.254
.
- - - - ORPHANS REMOVED - - - -
.
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\SampleCollector]
"ImagePath"="\"c:\program files\Sony\VAIO Care\VCPerfService.exe\" \"/service\" \"/sstates\" \"/sampleinterval=5000\" \"/procinterval=5\" \"/dllinterval=120\" \"/counter=\Processor(_Total)\% Processor Time:1/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:1\" \"/counter=\Network Interface(*)\Bytes Total/sec:1\" \"/expandcounter=\Processor Information(*)\Processor Frequency:1\" \"&_\" \"/expandcounter=\Processor(*)\% Idle Time:1\" \"/expandcounter=\Processor(*)\% C1 Time:1\" \"/expandcounter=\Processor(*)\% C2 Time:1\" \"/expandcounter=\Processor(*)\%C3 &_ Time:1\" \"/expandcounter=\Processor(*)\% Processor Time:1\" \"/directory=c:\programdata\Sony Corporation\VAIO Care\inteldata\""
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_228_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_228_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_228.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_228.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_228.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_228.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
c:\program files (x86)\Sony\VAIO Control Center\VESMgr.exe
c:\program files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
c:\program files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
c:\windows\SysWOW64\DllHost.exe
c:\windows\SysWOW64\DllHost.exe
c:\program files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe
c:\program files (x86)\Sony\Keyboard Shortcuts\KeyboardShortcuts.exe
c:\program files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
c:\program files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
c:\program files\Sony\VAIO Care\listener.exe
c:\program files (x86)\DDNi\Oasis\VAIO Messenger.exe
.
**************************************************************************
.
Completion time: 2012-04-08 19:34:34 - machine was rebooted
ComboFix-quarantined-files.txt 2012-04-09 00:34
.
Pre-Run: 374,912,126,976 bytes free
Post-Run: 377,146,638,336 bytes free
.
- - End Of File - - 9EC982FDA784E1F0F452630F851C279B

[Maniac]

1. Close any open browsers.

2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

3. Open notepad and copy/paste the text in the quotebox below into it:

File::
c:\users\Mike\AppData\Roaming\GetValue.vbs
c:\users\Mike\AppData\Roaming\SetValue.bat

Save this as CFScript.txt, in the same location as ComboFix.exe



Refering to the picture above, drag CFScript into ComboFix.exe

When finished, it shall produce a log for you at C:\ComboFix.txt which I will require in your next reply.

[avibuzz]

hope i did it right

ComboFix 12-04-12.03 - Mike 04/12/2012 15:53:19.4.8 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4077.2130 [GMT -5:00]
Running from: c:\users\Mike\Desktop\ComboFix.exe
Command switches used :: c:\users\Mike\Desktop\CFScript.txt
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((( Files Created from 2012-03-12 to 2012-04-12 )))))))))))))))))))))))))))))))
.
.
2012-04-12 20:56 . 2012-04-12 20:56 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-04-10 11:19 . 2012-04-10 11:19 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{4E5C1BBE-491D-4A2B-8E1F-CAD5C36E2B4D}\offreg.dll
2012-04-10 11:18 . 2012-03-14 03:27 8669240 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{4E5C1BBE-491D-4A2B-8E1F-CAD5C36E2B4D}\mpengine.dll
2012-04-08 23:53 . 2012-04-08 23:53 -------- d-----w- c:\program files (x86)\Handbrake
2012-04-08 23:50 . 2012-04-08 23:50 8738464 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2012-04-08 22:56 . 2012-04-12 20:26 -------- d-----w- c:\users\Mike\AppData\Local\CrashDumps
2012-04-08 22:56 . 2012-04-12 02:15 -------- d-----w- c:\users\Mike\AppData\Roaming\HandBrake
2012-04-08 22:53 . 2012-04-08 23:50 418464 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-04-06 23:51 . 2012-04-06 23:51 -------- d-----w- c:\program files (x86)\EASEUS
2012-04-06 22:14 . 2011-11-19 15:20 5559152 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-04-06 22:14 . 2011-11-19 14:50 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2012-04-06 22:14 . 2011-11-19 14:50 3913584 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2012-04-05 19:58 . 2012-04-06 02:12 -------- d-----w- C:\TDSSKiller_Quarantine
2012-04-05 04:00 . 2012-04-05 04:07 691 ----a-w- c:\users\Mike\AppData\Roaming\GetValue.vbs
2012-04-05 04:00 . 2012-04-05 04:07 35 ----a-w- c:\users\Mike\AppData\Roaming\SetValue.bat
2012-04-05 03:08 . 2012-04-05 03:08 -------- d-----w- c:\users\Mike\AppData\Roaming\Malwarebytes
2012-04-05 03:08 . 2012-04-05 03:08 -------- d-----w- c:\programdata\Malwarebytes
2012-04-05 03:08 . 2012-04-05 03:08 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-04-05 03:08 . 2011-12-10 20:24 23152 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-04-05 02:50 . 2012-04-05 02:50 -------- d-----w- C:\$AVG
2012-04-05 02:30 . 2012-04-05 02:30 -------- d-----w- c:\windows\SysWow64\drivers\AVG
2012-03-15 15:34 . 2012-02-10 06:36 1544192 ----a-w- c:\windows\system32\DWrite.dll
2012-03-15 15:34 . 2012-02-10 05:38 1077248 ----a-w- c:\windows\SysWow64\DWrite.dll
2012-03-15 15:34 . 2012-02-03 04:34 3145728 ----a-w- c:\windows\system32\win32k.sys
2012-03-15 15:28 . 2012-01-25 06:38 77312 ----a-w- c:\windows\system32\rdpwsx.dll
2012-03-15 15:28 . 2012-01-25 06:38 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll
2012-03-15 15:28 . 2012-01-25 06:33 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe
2012-03-15 15:28 . 2012-02-17 06:38 1031680 ----a-w- c:\windows\system32\rdpcore.dll
2012-03-15 15:28 . 2012-02-17 05:34 826880 ----a-w- c:\windows\SysWow64\rdpcore.dll
2012-03-15 15:28 . 2012-02-17 04:58 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-03-15 15:28 . 2012-02-17 04:57 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-04-08 23:50 . 2011-08-12 09:51 70304 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-02-23 14:18 . 2010-11-21 03:27 279656 ------w- c:\windows\system32\MpSigStub.exe
2012-02-19 22:12 . 2011-12-26 15:07 952 --sha-w- c:\programdata\KGyGaAvL.sys
2012-02-02 21:48 . 2012-02-02 21:48 6656 ----a-w- c:\programdata\Microsoft\Windows\DRM\A083.tmp
2012-02-02 21:48 . 2012-02-02 21:48 6656 ----a-w- c:\programdata\Microsoft\Windows\DRM\A082.tmp
.
.
((((((((((((((((((((((((((((( SnapShot@2012-04-09_00.30.54 )))))))))))))))))))))))))))))))))))))))))
.
+ 2010-11-21 03:09 . 2012-04-09 00:50 65922 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2012-01-03 21:15 . 2012-04-09 00:48 12192 c:\windows\system32\wdi\ERCQueuedResolutions.dat
+ 2009-07-14 05:10 . 2012-04-09 00:32 40282 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2011-12-27 01:03 . 2012-04-09 00:32 11028 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1224217748-1873316770-580351221-1000_UserData.bin
- 2011-11-02 03:11 . 2012-04-08 23:50 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2011-11-02 03:11 . 2012-04-12 02:41 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2011-11-02 03:11 . 2012-04-08 23:50 65536 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2011-11-02 03:11 . 2012-04-12 02:41 65536 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2012-04-08 23:50 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2012-04-12 02:41 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:46 . 2012-04-10 11:18 99040 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat
+ 2012-04-09 00:48 . 2012-04-09 00:48 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2012-04-09 00:30 . 2012-04-09 00:30 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-04-09 00:48 . 2012-04-09 00:48 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2012-04-09 00:30 . 2012-04-09 00:30 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2009-07-14 04:54 . 2012-04-09 00:29 524288 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2012-04-09 00:48 524288 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2011-12-27 21:55 . 2012-04-12 00:45 264762 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S4.bin
+ 2011-12-26 19:29 . 2012-04-12 09:19 254546 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S3.bin
- 2009-07-14 02:36 . 2012-04-08 22:57 663260 c:\windows\system32\perfh009.dat
+ 2009-07-14 02:36 . 2012-04-12 02:34 663260 c:\windows\system32\perfh009.dat
+ 2009-07-14 02:36 . 2012-04-12 02:34 122096 c:\windows\system32\perfc009.dat
- 2009-07-14 02:36 . 2012-04-08 22:57 122096 c:\windows\system32\perfc009.dat
- 2009-07-14 05:01 . 2012-04-09 00:29 498236 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 05:01 . 2012-04-09 00:48 498236 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2011-12-26 19:56 . 2012-04-09 00:48 549480 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1224217748-1873316770-580351221-1000-12288.dat
- 2011-12-26 19:56 . 2012-04-09 00:29 549480 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1224217748-1873316770-580351221-1000-12288.dat
- 2009-07-14 04:54 . 2012-04-09 00:29 4947968 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2009-07-14 04:54 . 2012-04-09 00:48 4947968 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2011-12-26 19:56 . 2012-04-09 00:29 1298408 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1224217748-1873316770-580351221-1000-8192.dat
+ 2011-12-26 19:56 . 2012-04-09 00:48 1298408 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1224217748-1873316770-580351221-1000-8192.dat
- 2011-12-26 19:56 . 2012-04-09 00:29 7978928 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-18-16384.dat
+ 2011-12-26 19:56 . 2012-04-09 00:48 7978928 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-18-16384.dat
+ 2009-07-14 04:54 . 2012-04-09 00:48 16187392 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2009-07-14 04:54 . 2012-04-09 00:29 16187392 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Elbserver"="c:\program files (x86)\Sony\Media Gallery\ElbServer.exe" [2011-05-18 83344]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2011-12-30 39408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2011-01-13 283160]
"Dolby Home Theater v4"="c:\program files (x86)\Dolby Home Theater v4\pcee4.exe" [2011-05-02 500736]
"ISBMgr.exe"="c:\program files (x86)\Sony\ISB Utility\ISBMgr.exe" [2011-06-01 2801288]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-01-13 460872]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-30 136176]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-08 253600]
R3 BTWAMPFL;BTWAMPFL;c:\windows\system32\DRIVERS\btwampfl.sys [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
R3 e1yexpress;Intel® Gigabit Network Connections Driver;c:\windows\system32\DRIVERS\e1y60x64.sys [x]
R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-30 136176]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880]
R3 SwitchBoard;Adobe SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2011-02-19 99104]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-01-13 13336]
S2 jhi_service;Intel® Identity Protection Technology Host Interface Service;c:\program files (x86)\Intel\Services\IPT\jhi_service.exe [2011-02-24 212944]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-01-13 652360]
S2 Oasis2Service;Oasis2Service;c:\program files (x86)\DDNi\Oasis2Service\Oasis2Service.exe [2012-02-10 53248]
S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2011-03-15 428384]
S2 regi;regi;c:\windows\system32\drivers\regi.sys [x]
S2 rimspci;rimspci;c:\windows\system32\drivers\rimssne64.sys [x]
S2 risdsnpe;risdsnpe;c:\windows\system32\drivers\risdsnxc64.sys [x]
S2 SampleCollector;VAIO Care Performance Service;c:\program files\Sony\VAIO Care\VCPerfService.exe [2011-08-26 260768]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
S2 SOHCImp;VAIO Content Importer;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2011-02-21 113824]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-06-17 378472]
S2 uCamMonitor;CamMonitor;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2011-02-23 105024]
S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-06-24 2656536]
S2 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe [2011-05-31 552584]
S2 VCFw;VAIO Content Folder Watcher;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2011-01-20 887000]
S2 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2011-05-20 549616]
S2 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2011-02-19 385336]
S2 VIPAppService;VIPAppService;c:\program files (x86)\Symantec\VIP Access Client\VIPAppService.exe [2011-04-13 84088]
S2 VSNService;VSNService;c:\program files\Sony\VAIO Smart Network\VSNService.exe [2011-07-15 969352]
S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 MEIx64;Intel® Management Engine Interface;c:\windows\system32\drivers\HECIx64.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\drivers\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\drivers\nusb3xhc.sys [x]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x]
S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]
S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\drivers\SFEP.sys [x]
S3 SOHDs;VAIO Device Searcher;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2011-02-21 67232]
S3 SpfService;VAIO Entertainment Common Service;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [2011-01-20 286936]
S3 VCService;VCService;c:\program files\Sony\VAIO Care\VCService.exe [2011-10-30 54432]
S3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update Common\VUAgent.exe [2011-10-28 1245800]
.
.
Contents of the 'Scheduled Tasks' folder
.
2012-04-12 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-08 23:50]
.
2012-04-12 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1224217748-1873316770-580351221-1000Core.job
- c:\users\Mike\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-01-27 22:58]
.
2012-04-12 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1224217748-1873316770-580351221-1000UA.job
- c:\users\Mike\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-01-27 22:58]
.
2012-04-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-30 23:39]
.
2012-04-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-30 23:39]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-07-20 11895400]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-07-20 2226280]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.cnn.com/
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.1.254
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\SampleCollector]
"ImagePath"="\"c:\program files\Sony\VAIO Care\VCPerfService.exe\" \"/service\" \"/sstates\" \"/sampleinterval=5000\" \"/procinterval=5\" \"/dllinterval=120\" \"/counter=\Processor(_Total)\% Processor Time:1/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:1\" \"/counter=\Network Interface(*)\Bytes Total/sec:1\" \"/expandcounter=\Processor Information(*)\Processor Frequency:1\" \"&_\" \"/expandcounter=\Processor(*)\% Idle Time:1\" \"/expandcounter=\Processor(*)\% C1 Time:1\" \"/expandcounter=\Processor(*)\% C2 Time:1\" \"/expandcounter=\Processor(*)\%C3 &_ Time:1\" \"/expandcounter=\Processor(*)\% Processor Time:1\" \"/directory=c:\programdata\Sony Corporation\VAIO Care\inteldata\""
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_228_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_228_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_228.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_228.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_228.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_228.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2012-04-12 15:57:20
ComboFix-quarantined-files.txt 2012-04-12 20:57
ComboFix2.txt 2012-04-12 20:48
ComboFix3.txt 2012-04-12 20:38
ComboFix4.txt 2012-04-09 00:34
.
Pre-Run: 374,293,057,536 bytes free
Post-Run: 374,006,771,712 bytes free
.
- - End Of File - - CD584C135E95FEFC64AFD3A35741C76A

[Maniac]

Please make sure your SpyBot is up-to-date and perform a full system scan. Let me know.

[avibuzz]

Full scan done found Zedo, Doubleclick and right media thats all

[Maniac]

These are cookies. How are things running now?

[avibuzz]

Everything seems to be back in order. thanks so much any suggestions for speeding up my laptop?

[Maniac]

Glad I could help!

Please uninstall ComboFix:
www.bleepingcomputer.com/combofix/how-to-use-combofix#uninstall

Please manually delete DDS and TDSSKiller.

Some malware prevention tips:
http://forums.malwar...=0

For better perfomance:
http://forums.malwar...showtopic=81990


Safe surfing!

[Maurice Naggar]

Glad we could help.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!