avibuzz

smitfraud c virus

19 posts in this topic

Spybot found a smitfraud c trojan virus and I can't get rid of it. Ran Tdsskiller and it said it was removed. Ran spybot and it says it's still there which i suspect is correct I have attached the DDS and Attach.txt help

DDS.txt

Attach.txt

Share this post


Link to post
Share on other sites

Hello avibuzz and :welcome:! My name is Maniac and I will be glad to help you solve your malware problem.

Please note:

  • If you are a paying customer, you have the privilege to contact the help desk at support@malwarebytes.org or here (http://helpdesk.malwarebytes.org/home). If you choose this option to get help, please let me know.
  • I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
  • Make sure you read all of the instructions and fixes thoroughly before continuing with them.
  • Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
  • Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.

Let's start with the results of SpyBot and TDSSKiller. I want to see them.

Please locate to:

C:\ProgramData\Spybot - Search & Destroy\Logs

Please copy/paste the content of the latest log file. Their names are in the following date format: Checks.yymmdd-hhmm

About TDSSKiller, log files are located in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.

In your next reply, post the following log files:

  • TDSSKiller log
  • SpyBot log

Share this post


Link to post
Share on other sites

Thanks for the help I couldn't see anyway of attaching the files so I just copied them

Mike

04.04.2012 22:14:41 - ##### check started #####

04.04.2012 22:14:41 - ### Version: 1.6.2

04.04.2012 22:14:41 - ### Date: 4/4/2012 10:14:41 PM

04.04.2012 22:14:43 - ##### checking bots #####

04.04.2012 22:25:01 - found: Statcounter Tracking cookie (Internet Explorer: Mike)

04.04.2012 22:25:01 - found: BurstMedia Tracking cookie (Internet Explorer: Mike)

04.04.2012 22:25:01 - found: BurstMedia Tracking cookie (Internet Explorer: Mike)

04.04.2012 22:25:01 - found: Zedo Tracking cookie (Internet Explorer: Mike)

04.04.2012 22:25:01 - found: WebTrends live Tracking cookie (Internet Explorer: Mike)

04.04.2012 22:25:01 - found: MediaPlex Tracking cookie (Internet Explorer: Mike)

04.04.2012 22:25:01 - found: Right Media Tracking cookie (Internet Explorer: Mike)

04.04.2012 22:25:01 - found: DoubleClick Tracking cookie (Internet Explorer: Mike)

04.04.2012 22:25:01 - found: FastClick Tracking cookie (Internet Explorer: Mike)

04.04.2012 22:25:01 - found: MediaPlex Tracking cookie (Internet Explorer: Mike)

04.04.2012 22:25:01 - found: CasaleMedia Tracking cookie (Internet Explorer: Mike)

04.04.2012 22:25:01 - found: DoubleClick Tracking cookie (Internet Explorer: Mike)

04.04.2012 22:25:02 - ##### check finished #####

13:43:18.0284 4528 TDSS rootkit removing tool 2.7.26.0 Apr 4 2012 19:52:02

13:43:20.0296 4528 ============================================================

13:43:20.0296 4528 Current date / time: 2012/04/07 13:43:20.0296

13:43:20.0296 4528 SystemInfo:

13:43:20.0296 4528

13:43:20.0296 4528 OS Version: 6.1.7601 ServicePack: 1.0

13:43:20.0296 4528 Product type: Workstation

13:43:20.0296 4528 ComputerName: MIKE-VAIO

13:43:20.0296 4528 UserName: Mike

13:43:20.0296 4528 Windows directory: C:\Windows

13:43:20.0296 4528 System windows directory: C:\Windows

13:43:20.0296 4528 Running under WOW64

13:43:20.0296 4528 Processor architecture: Intel x64

13:43:20.0296 4528 Number of processors: 8

13:43:20.0296 4528 Page size: 0x1000

13:43:20.0296 4528 Boot type: Normal boot

13:43:20.0296 4528 ============================================================

13:43:21.0014 4528 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

13:43:21.0029 4528 \Device\Harddisk0\DR0:

13:43:21.0029 4528 MBR used

13:43:21.0029 4528 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1885800, BlocksNum 0x32000

13:43:21.0029 4528 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x18B7800, BlocksNum 0x38ACE030

13:43:21.0076 4528 Initialize success

13:43:21.0076 4528 ============================================================

13:43:37.0456 7952 ============================================================

13:43:37.0456 7952 Scan started

13:43:37.0456 7952 Mode: Manual; SigCheck; TDLFS;

13:43:37.0456 7952 ============================================================

13:43:38.0142 7952 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys

13:43:38.0408 7952 1394ohci - ok

13:43:38.0564 7952 ACDaemon (adc420616c501b45d26c0fd3ef1e54e4) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe

13:43:38.0610 7952 ACDaemon - ok

13:43:38.0798 7952 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys

13:43:38.0829 7952 ACPI - ok

13:43:38.0876 7952 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys

13:43:39.0032 7952 AcpiPmi - ok

13:43:39.0219 7952 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

13:43:39.0234 7952 AdobeARMservice - ok

13:43:39.0437 7952 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys

13:43:39.0468 7952 adp94xx - ok

13:43:39.0531 7952 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys

13:43:39.0562 7952 adpahci - ok

13:43:39.0687 7952 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys

13:43:39.0702 7952 adpu320 - ok

13:43:39.0796 7952 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll

13:43:40.0155 7952 AeLookupSvc - ok

13:43:40.0358 7952 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys

13:43:40.0467 7952 AFD - ok

13:43:40.0514 7952 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys

13:43:40.0545 7952 agp440 - ok

13:43:40.0701 7952 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe

13:43:40.0841 7952 ALG - ok

13:43:40.0919 7952 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys

13:43:40.0950 7952 aliide - ok

13:43:41.0138 7952 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys

13:43:41.0169 7952 amdide - ok

13:43:41.0231 7952 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys

13:43:41.0309 7952 AmdK8 - ok

13:43:41.0465 7952 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys

13:43:41.0528 7952 AmdPPM - ok

13:43:41.0574 7952 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys

13:43:41.0606 7952 amdsata - ok

13:43:41.0652 7952 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys

13:43:41.0684 7952 amdsbs - ok

13:43:41.0824 7952 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys

13:43:41.0840 7952 amdxata - ok

13:43:41.0918 7952 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys

13:43:42.0339 7952 AppID - ok

13:43:42.0495 7952 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll

13:43:42.0604 7952 AppIDSvc - ok

13:43:42.0651 7952 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll

13:43:42.0807 7952 Appinfo - ok

13:43:43.0010 7952 Apple Mobile Device (3debbecf665dcdde3a95d9b902010817) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

13:43:43.0041 7952 Apple Mobile Device - ok

13:43:43.0337 7952 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys

13:43:43.0353 7952 arc - ok

13:43:43.0415 7952 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys

13:43:43.0446 7952 arcsas - ok

13:43:43.0493 7952 ArcSoftKsUFilter (c130bc4a51b1382b2be8e44579ec4c0a) C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys

13:43:43.0509 7952 ArcSoftKsUFilter - ok

13:43:43.0836 7952 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe

13:43:43.0852 7952 aspnet_state - ok

13:43:43.0977 7952 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys

13:43:44.0102 7952 AsyncMac - ok

13:43:44.0148 7952 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys

13:43:44.0164 7952 atapi - ok

13:43:44.0523 7952 athr (a5e770426d18f8ef332a593f3289da91) C:\Windows\system32\DRIVERS\athrx.sys

13:43:44.0710 7952 athr - ok

13:43:44.0850 7952 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll

13:43:44.0960 7952 AudioEndpointBuilder - ok

13:43:44.0975 7952 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll

13:43:45.0084 7952 AudioSrv - ok

13:43:45.0287 7952 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll

13:43:45.0506 7952 AxInstSV - ok

13:43:45.0724 7952 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys

13:43:45.0802 7952 b06bdrv - ok

13:43:45.0896 7952 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys

13:43:45.0974 7952 b57nd60a - ok

13:43:46.0145 7952 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll

13:43:46.0239 7952 BDESVC - ok

13:43:46.0317 7952 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys

13:43:46.0442 7952 Beep - ok

13:43:46.0644 7952 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll

13:43:46.0769 7952 BFE - ok

13:43:46.0925 7952 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll

13:43:47.0097 7952 BITS - ok

13:43:47.0284 7952 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys

13:43:47.0346 7952 blbdrive - ok

13:43:47.0502 7952 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe

13:43:47.0534 7952 Bonjour Service - ok

13:43:47.0705 7952 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys

13:43:47.0768 7952 bowser - ok

13:43:47.0814 7952 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys

13:43:47.0877 7952 BrFiltLo - ok

13:43:47.0908 7952 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys

13:43:47.0939 7952 BrFiltUp - ok

13:43:48.0095 7952 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll

13:43:48.0220 7952 Browser - ok

13:43:48.0314 7952 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys

13:43:48.0454 7952 Brserid - ok

13:43:48.0626 7952 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys

13:43:48.0704 7952 BrSerWdm - ok

13:43:48.0750 7952 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys

13:43:48.0797 7952 BrUsbMdm - ok

13:43:48.0828 7952 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys

13:43:48.0860 7952 BrUsbSer - ok

13:43:49.0031 7952 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys

13:43:49.0125 7952 BthEnum - ok

13:43:49.0187 7952 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys

13:43:49.0234 7952 BTHMODEM - ok

13:43:49.0281 7952 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys

13:43:49.0343 7952 BthPan - ok

13:43:49.0702 7952 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys

13:43:49.0780 7952 BTHPORT - ok

13:43:49.0920 7952 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll

13:43:50.0014 7952 bthserv - ok

13:43:50.0092 7952 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys

13:43:50.0154 7952 BTHUSB - ok

13:43:50.0357 7952 BTWAMPFL (f8cfafbd5bf8b3ddb0d3c2943a5af8ce) C:\Windows\system32\DRIVERS\btwampfl.sys

13:43:50.0388 7952 BTWAMPFL - ok

13:43:50.0435 7952 btwaudio (44770a3c07ebd5d6d7cd7dba915b49bc) C:\Windows\system32\drivers\btwaudio.sys

13:43:50.0466 7952 btwaudio - ok

13:43:50.0654 7952 btwavdt (75b59923087ae6eb064d13d8f58a02b6) C:\Windows\system32\DRIVERS\btwavdt.sys

13:43:50.0685 7952 btwavdt - ok

13:43:50.0903 7952 btwdins (e1c1bcc8211e3ae2b524deef071faf2a) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe

13:43:50.0950 7952 btwdins - ok

13:43:51.0168 7952 btwl2cap (b9354f9f111c64f2495b60f1e24cb453) C:\Windows\system32\DRIVERS\btwl2cap.sys

13:43:51.0184 7952 btwl2cap - ok

13:43:51.0215 7952 btwrchid (9555e15f828760341751e9183bd34e60) C:\Windows\system32\DRIVERS\btwrchid.sys

13:43:51.0231 7952 btwrchid - ok

13:43:51.0262 7952 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys

13:43:51.0371 7952 cdfs - ok

13:43:51.0590 7952 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys

13:43:51.0652 7952 cdrom - ok

13:43:51.0699 7952 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll

13:43:51.0870 7952 CertPropSvc - ok

13:43:52.0058 7952 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys

13:43:52.0104 7952 circlass - ok

13:43:52.0214 7952 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys

13:43:52.0245 7952 CLFS - ok

13:43:52.0370 7952 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

13:43:52.0401 7952 clr_optimization_v2.0.50727_32 - ok

13:43:52.0448 7952 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

13:43:52.0463 7952 clr_optimization_v2.0.50727_64 - ok

13:43:52.0541 7952 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

13:43:52.0557 7952 clr_optimization_v4.0.30319_32 - ok

13:43:52.0697 7952 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

13:43:52.0713 7952 clr_optimization_v4.0.30319_64 - ok

13:43:52.0838 7952 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys

13:43:52.0884 7952 CmBatt - ok

13:43:52.0978 7952 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys

13:43:52.0994 7952 cmdide - ok

13:43:53.0087 7952 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys

13:43:53.0134 7952 CNG - ok

13:43:53.0290 7952 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys

13:43:53.0306 7952 Compbatt - ok

13:43:53.0415 7952 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys

13:43:53.0477 7952 CompositeBus - ok

13:43:53.0508 7952 COMSysApp - ok

13:43:53.0540 7952 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys

13:43:53.0555 7952 crcdisk - ok

13:43:53.0680 7952 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll

13:43:53.0805 7952 CryptSvc - ok

13:43:53.0930 7952 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll

13:43:54.0054 7952 DcomLaunch - ok

13:43:54.0210 7952 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll

13:43:54.0335 7952 defragsvc - ok

13:43:54.0491 7952 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys

13:43:54.0600 7952 DfsC - ok

13:43:54.0663 7952 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll

13:43:54.0772 7952 Dhcp - ok

13:43:54.0944 7952 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys

13:43:55.0053 7952 discache - ok

13:43:55.0131 7952 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys

13:43:55.0162 7952 Disk - ok

13:43:55.0193 7952 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll

13:43:55.0256 7952 Dnscache - ok

13:43:55.0458 7952 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll

13:43:55.0583 7952 dot3svc - ok

13:43:55.0708 7952 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll

13:43:55.0802 7952 DPS - ok

13:43:55.0895 7952 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys

13:43:55.0973 7952 drmkaud - ok

13:43:56.0129 7952 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys

13:43:56.0192 7952 DXGKrnl - ok

13:43:56.0332 7952 e1yexpress (50ad8fc1dc800ff36087994c8f7fdff2) C:\Windows\system32\DRIVERS\e1y60x64.sys

13:43:56.0441 7952 e1yexpress - ok

13:43:56.0550 7952 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll

13:43:56.0660 7952 EapHost - ok

13:43:56.0956 7952 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys

13:43:57.0081 7952 ebdrv - ok

13:43:57.0237 7952 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe

13:43:57.0330 7952 EFS - ok

13:43:57.0440 7952 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe

13:43:57.0533 7952 ehRecvr - ok

13:43:57.0596 7952 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe

13:43:57.0627 7952 ehSched - ok

13:43:57.0783 7952 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys

13:43:57.0830 7952 elxstor - ok

13:43:57.0892 7952 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys

13:43:57.0939 7952 ErrDev - ok

13:43:58.0064 7952 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll

13:43:58.0188 7952 EventSystem - ok

13:43:58.0344 7952 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys

13:43:58.0422 7952 exfat - ok

13:43:58.0532 7952 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys

13:43:58.0641 7952 fastfat - ok

13:43:58.0875 7952 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe

13:43:58.0968 7952 Fax - ok

13:43:59.0046 7952 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys

13:43:59.0093 7952 fdc - ok

13:43:59.0218 7952 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll

13:43:59.0343 7952 fdPHost - ok

13:43:59.0374 7952 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll

13:43:59.0468 7952 FDResPub - ok

13:43:59.0639 7952 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys

13:43:59.0655 7952 FileInfo - ok

13:43:59.0702 7952 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys

13:43:59.0842 7952 Filetrace - ok

13:44:00.0029 7952 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys

13:44:00.0045 7952 flpydisk - ok

13:44:00.0123 7952 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys

13:44:00.0154 7952 FltMgr - ok

13:44:00.0357 7952 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll

13:44:00.0450 7952 FontCache - ok

13:44:00.0653 7952 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

13:44:00.0669 7952 FontCache3.0.0.0 - ok

13:44:00.0840 7952 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys

13:44:00.0872 7952 FsDepends - ok

13:44:01.0059 7952 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys

13:44:01.0074 7952 Fs_Rec - ok

13:44:01.0152 7952 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys

13:44:01.0199 7952 fvevol - ok

13:44:01.0449 7952 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys

13:44:01.0464 7952 gagp30kx - ok

13:44:01.0605 7952 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys

13:44:01.0620 7952 GEARAspiWDM - ok

13:44:01.0730 7952 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll

13:44:01.0839 7952 gpsvc - ok

13:44:01.0995 7952 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

13:44:02.0010 7952 gupdate - ok

13:44:02.0182 7952 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

13:44:02.0198 7952 gupdatem - ok

13:44:02.0291 7952 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

13:44:02.0307 7952 gusvc - ok

13:44:02.0525 7952 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys

13:44:02.0603 7952 hcw85cir - ok

13:44:02.0759 7952 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys

13:44:02.0837 7952 HdAudAddService - ok

13:44:02.0993 7952 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys

13:44:03.0056 7952 HDAudBus - ok

13:44:03.0087 7952 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys

13:44:03.0134 7952 HidBatt - ok

13:44:03.0258 7952 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys

13:44:03.0321 7952 HidBth - ok

13:44:03.0368 7952 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys

13:44:03.0399 7952 HidIr - ok

13:44:03.0492 7952 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll

13:44:03.0617 7952 hidserv - ok

13:44:03.0836 7952 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys

13:44:03.0851 7952 HidUsb - ok

13:44:04.0116 7952 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll

13:44:04.0241 7952 hkmsvc - ok

13:44:04.0366 7952 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll

13:44:04.0491 7952 HomeGroupListener - ok

13:44:04.0522 7952 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll

13:44:04.0569 7952 HomeGroupProvider - ok

13:44:04.0772 7952 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys

13:44:04.0787 7952 HpSAMD - ok

13:44:04.0912 7952 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys

13:44:05.0037 7952 HTTP - ok

13:44:05.0208 7952 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys

13:44:05.0224 7952 hwpolicy - ok

13:44:05.0364 7952 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys

13:44:05.0396 7952 i8042prt - ok

13:44:05.0474 7952 iaStor (d469b77687e12fe43e344806740b624d) C:\Windows\system32\drivers\iaStor.sys

13:44:05.0505 7952 iaStor - ok

13:44:05.0614 7952 IAStorDataMgrSvc (983fc69644ddf0486c8dfea262948d1a) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

13:44:05.0630 7952 IAStorDataMgrSvc - ok

13:44:05.0786 7952 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys

13:44:05.0817 7952 iaStorV - ok

13:44:05.0988 7952 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

13:44:06.0035 7952 idsvc - ok

13:44:06.0176 7952 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys

13:44:06.0191 7952 iirsp - ok

13:44:06.0285 7952 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll

13:44:06.0410 7952 IKEEXT - ok

13:44:06.0737 7952 IntcAzAudAddService (65f70696be5abc11634fcf96af7d7896) C:\Windows\system32\drivers\RTKVHD64.sys

13:44:07.0018 7952 IntcAzAudAddService - ok

13:44:07.0221 7952 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys

13:44:07.0236 7952 intelide - ok

13:44:07.0299 7952 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\drivers\intelppm.sys

13:44:07.0361 7952 intelppm - ok

13:44:07.0564 7952 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll

13:44:07.0673 7952 IPBusEnum - ok

13:44:07.0814 7952 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys

13:44:07.0892 7952 IpFilterDriver - ok

13:44:08.0001 7952 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll

13:44:08.0141 7952 iphlpsvc - ok

13:44:08.0266 7952 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys

13:44:08.0328 7952 IPMIDRV - ok

13:44:08.0391 7952 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys

13:44:08.0500 7952 IPNAT - ok

13:44:08.0656 7952 iPod Service (ee4c2a137c7088911a8919effc9812e7) C:\Program Files\iPod\bin\iPodService.exe

13:44:08.0703 7952 iPod Service - ok

13:44:08.0859 7952 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys

13:44:08.0890 7952 IRENUM - ok

13:44:08.0968 7952 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys

13:44:08.0984 7952 isapnp - ok

13:44:09.0046 7952 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys

13:44:09.0077 7952 iScsiPrt - ok

13:44:09.0186 7952 IviRegMgr (f415a88162d23977b5edae4f0410e903) C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe

13:44:09.0202 7952 IviRegMgr - ok

13:44:09.0311 7952 jhi_service (6c85719a21b3f62c2c76280f4bd36c7b) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe

13:44:09.0327 7952 jhi_service - ok

13:44:09.0514 7952 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys

13:44:09.0530 7952 kbdclass - ok

13:44:09.0561 7952 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys

13:44:09.0608 7952 kbdhid - ok

13:44:09.0670 7952 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

13:44:09.0701 7952 KeyIso - ok

13:44:09.0764 7952 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys

13:44:09.0795 7952 KSecDD - ok

13:44:09.0920 7952 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys

13:44:09.0935 7952 KSecPkg - ok

13:44:09.0998 7952 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys

13:44:10.0107 7952 ksthunk - ok

13:44:10.0247 7952 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll

13:44:10.0356 7952 KtmRm - ok

13:44:10.0575 7952 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll

13:44:10.0684 7952 LanmanServer - ok

13:44:10.0824 7952 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll

13:44:10.0965 7952 LanmanWorkstation - ok

13:44:11.0043 7952 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys

13:44:11.0136 7952 lltdio - ok

13:44:11.0292 7952 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll

13:44:11.0417 7952 lltdsvc - ok

13:44:11.0589 7952 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll

13:44:11.0682 7952 lmhosts - ok

13:44:11.0854 7952 LMS (f4a17dcab576267c85663e64f3ace5a4) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

13:44:11.0885 7952 LMS - ok

13:44:12.0026 7952 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys

13:44:12.0041 7952 LSI_FC - ok

13:44:12.0104 7952 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys

13:44:12.0119 7952 LSI_SAS - ok

13:44:12.0322 7952 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys

13:44:12.0353 7952 LSI_SAS2 - ok

13:44:12.0384 7952 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys

13:44:12.0400 7952 LSI_SCSI - ok

13:44:12.0431 7952 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys

13:44:12.0603 7952 luafv - ok

13:44:12.0774 7952 MBAMProtector (79da94b35371b9e7104460c7693dcb2c) C:\Windows\system32\drivers\mbam.sys

13:44:12.0790 7952 MBAMProtector - ok

13:44:12.0852 7952 MBAMService (056b19651bd7b7ce5f89a3ac46dbdc08) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

13:44:12.0899 7952 MBAMService - ok

13:44:13.0040 7952 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll

13:44:13.0071 7952 Mcx2Svc - ok

13:44:13.0133 7952 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys

13:44:13.0164 7952 megasas - ok

13:44:13.0211 7952 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys

13:44:13.0242 7952 MegaSR - ok

13:44:13.0398 7952 MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\drivers\HECIx64.sys

13:44:13.0414 7952 MEIx64 - ok

13:44:13.0554 7952 Microsoft SharePoint Workspace Audit Service - ok

13:44:13.0664 7952 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll

13:44:13.0773 7952 MMCSS - ok

13:44:13.0851 7952 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys

13:44:13.0960 7952 Modem - ok

13:44:14.0022 7952 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys

13:44:14.0069 7952 monitor - ok

13:44:14.0241 7952 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys

13:44:14.0256 7952 mouclass - ok

13:44:14.0366 7952 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys

13:44:14.0412 7952 mouhid - ok

13:44:14.0537 7952 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys

13:44:14.0553 7952 mountmgr - ok

13:44:14.0615 7952 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys

13:44:14.0646 7952 mpio - ok

13:44:14.0693 7952 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys

13:44:14.0787 7952 mpsdrv - ok

13:44:14.0943 7952 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll

13:44:15.0083 7952 MpsSvc - ok

13:44:15.0255 7952 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys

13:44:15.0333 7952 MRxDAV - ok

13:44:15.0380 7952 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys

13:44:15.0458 7952 mrxsmb - ok

13:44:15.0645 7952 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys

13:44:15.0676 7952 mrxsmb10 - ok

13:44:15.0723 7952 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys

13:44:15.0754 7952 mrxsmb20 - ok

13:44:15.0879 7952 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys

13:44:15.0894 7952 msahci - ok

13:44:15.0941 7952 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys

13:44:15.0972 7952 msdsm - ok

13:44:16.0035 7952 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe

13:44:16.0097 7952 MSDTC - ok

13:44:16.0222 7952 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys

13:44:16.0316 7952 Msfs - ok

13:44:16.0347 7952 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys

13:44:16.0456 7952 mshidkmdf - ok

13:44:16.0581 7952 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys

13:44:16.0596 7952 msisadrv - ok

13:44:16.0659 7952 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll

13:44:16.0737 7952 MSiSCSI - ok

13:44:16.0862 7952 msiserver - ok

13:44:16.0940 7952 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys

13:44:17.0049 7952 MSKSSRV - ok

13:44:17.0252 7952 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys

13:44:17.0361 7952 MSPCLOCK - ok

13:44:17.0486 7952 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys

13:44:17.0595 7952 MSPQM - ok

13:44:17.0626 7952 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys

13:44:17.0673 7952 MsRPC - ok

13:44:17.0782 7952 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys

13:44:17.0798 7952 mssmbios - ok

13:44:17.0891 7952 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys

13:44:18.0000 7952 MSTEE - ok

13:44:18.0110 7952 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys

13:44:18.0141 7952 MTConfig - ok

13:44:18.0203 7952 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys

13:44:18.0219 7952 Mup - ok

13:44:18.0266 7952 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll

13:44:18.0390 7952 napagent - ok

13:44:18.0546 7952 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys

13:44:18.0609 7952 NativeWifiP - ok

13:44:18.0858 7952 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys

13:44:18.0921 7952 NDIS - ok

13:44:19.0046 7952 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys

13:44:19.0155 7952 NdisCap - ok

13:44:19.0311 7952 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys

13:44:19.0404 7952 NdisTapi - ok

13:44:19.0482 7952 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys

13:44:19.0576 7952 Ndisuio - ok

13:44:19.0701 7952 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys

13:44:19.0810 7952 NdisWan - ok

13:44:19.0904 7952 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys

13:44:19.0982 7952 NDProxy - ok

13:44:20.0106 7952 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys

13:44:20.0200 7952 NetBIOS - ok

13:44:20.0278 7952 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys

13:44:20.0372 7952 NetBT - ok

13:44:20.0481 7952 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

13:44:20.0512 7952 Netlogon - ok

13:44:20.0606 7952 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll

13:44:20.0730 7952 Netman - ok

13:44:20.0855 7952 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

13:44:20.0871 7952 NetMsmqActivator - ok

13:44:20.0886 7952 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

13:44:20.0902 7952 NetPipeActivator - ok

13:44:21.0027 7952 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll

13:44:21.0136 7952 netprofm - ok

13:44:21.0230 7952 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

13:44:21.0245 7952 NetTcpActivator - ok

13:44:21.0261 7952 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

13:44:21.0276 7952 NetTcpPortSharing - ok

13:44:21.0417 7952 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys

13:44:21.0432 7952 nfrd960 - ok

13:44:21.0510 7952 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll

13:44:21.0635 7952 NlaSvc - ok

13:44:21.0776 7952 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys

13:44:21.0869 7952 Npfs - ok

13:44:21.0916 7952 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll

13:44:22.0025 7952 nsi - ok

13:44:22.0103 7952 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys

13:44:22.0212 7952 nsiproxy - ok

13:44:22.0290 7952 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys

13:44:22.0384 7952 Ntfs - ok

13:44:22.0415 7952 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys

13:44:22.0493 7952 Null - ok

13:44:22.0634 7952 nusb3hub (158ad24745bd85ba9be3c51c38f48c32) C:\Windows\system32\drivers\nusb3hub.sys

13:44:22.0665 7952 nusb3hub - ok

13:44:22.0727 7952 nusb3xhc (d40a13b2c0891e218f9523b376955db6) C:\Windows\system32\drivers\nusb3xhc.sys

13:44:22.0790 7952 nusb3xhc - ok

13:44:22.0852 7952 NVHDA (f2662fdc20518ee8a8eed4f61ba42349) C:\Windows\system32\drivers\nvhda64v.sys

13:44:22.0868 7952 NVHDA - ok

13:44:23.0648 7952 nvlddmkm (a8151a773ce78233375445d41b77e85e) C:\Windows\system32\DRIVERS\nvlddmkm.sys

13:44:24.0334 7952 nvlddmkm - ok

13:44:24.0490 7952 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys

13:44:24.0521 7952 nvraid - ok

13:44:24.0584 7952 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys

13:44:24.0615 7952 nvstor - ok

13:44:24.0724 7952 NVSvc (b10cca77064c6171846e1cf0d7155af3) C:\Windows\system32\nvvsvc.exe

13:44:24.0802 7952 NVSvc - ok

13:44:24.0958 7952 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys

13:44:24.0974 7952 nv_agp - ok

13:44:25.0083 7952 Oasis2Service (07571684567859da796a566cc78ffa74) C:\Program Files (x86)\DDNi\Oasis2Service\Oasis2Service.exe

13:44:25.0114 7952 Oasis2Service ( UnsignedFile.Multi.Generic ) - warning

13:44:25.0114 7952 Oasis2Service - detected UnsignedFile.Multi.Generic (1)

13:44:25.0161 7952 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys

13:44:25.0208 7952 ohci1394 - ok

13:44:25.0301 7952 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

13:44:25.0317 7952 ose - ok

13:44:25.0707 7952 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

13:44:25.0910 7952 osppsvc - ok

13:44:26.0066 7952 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll

13:44:26.0144 7952 p2pimsvc - ok

13:44:26.0190 7952 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll

13:44:26.0222 7952 p2psvc - ok

13:44:26.0378 7952 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys

13:44:26.0393 7952 Parport - ok

13:44:26.0456 7952 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys

13:44:26.0471 7952 partmgr - ok

13:44:26.0534 7952 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll

13:44:26.0596 7952 PcaSvc - ok

13:44:26.0736 7952 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys

13:44:26.0768 7952 pci - ok

13:44:26.0846 7952 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys

13:44:26.0861 7952 pciide - ok

13:44:26.0924 7952 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys

13:44:26.0955 7952 pcmcia - ok

13:44:27.0080 7952 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys

13:44:27.0095 7952 pcw - ok

13:44:27.0142 7952 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys

13:44:27.0267 7952 PEAUTH - ok

13:44:27.0392 7952 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe

13:44:27.0438 7952 PerfHost - ok

13:44:27.0626 7952 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll

13:44:27.0766 7952 pla - ok

13:44:27.0969 7952 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll

13:44:28.0078 7952 PlugPlay - ok

13:44:28.0218 7952 PMBDeviceInfoProvider (e9605a180001a6b5551112d91de92ca1) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe

13:44:28.0250 7952 PMBDeviceInfoProvider - ok

13:44:28.0406 7952 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll

13:44:28.0452 7952 PNRPAutoReg - ok

13:44:28.0499 7952 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll

13:44:28.0530 7952 PNRPsvc - ok

13:44:28.0593 7952 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll

13:44:28.0780 7952 PolicyAgent - ok

13:44:28.0952 7952 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll

13:44:29.0061 7952 Power - ok

13:44:29.0139 7952 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys

13:44:29.0232 7952 PptpMiniport - ok

13:44:29.0342 7952 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys

13:44:29.0388 7952 Processor - ok

13:44:29.0435 7952 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll

13:44:29.0544 7952 ProfSvc - ok

13:44:29.0700 7952 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

13:44:29.0732 7952 ProtectedStorage - ok

13:44:29.0810 7952 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys

13:44:29.0919 7952 Psched - ok

13:44:29.0966 7952 PSI_SVC_2 (f036cfb275d0c55f4e45fbbf5f98b3c8) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe

13:44:29.0997 7952 PSI_SVC_2 - ok

13:44:30.0231 7952 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys

13:44:30.0324 7952 ql2300 - ok

13:44:30.0496 7952 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys

13:44:30.0527 7952 ql40xx - ok

13:44:30.0574 7952 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll

13:44:30.0621 7952 QWAVE - ok

13:44:30.0668 7952 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys

13:44:30.0730 7952 QWAVEdrv - ok

13:44:30.0964 7952 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys

13:44:31.0058 7952 RasAcd - ok

13:44:31.0229 7952 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys

13:44:31.0307 7952 RasAgileVpn - ok

13:44:31.0463 7952 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll

13:44:31.0588 7952 RasAuto - ok

13:44:31.0650 7952 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys

13:44:31.0775 7952 Rasl2tp - ok

13:44:31.0931 7952 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll

13:44:32.0040 7952 RasMan - ok

13:44:32.0212 7952 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys

13:44:32.0321 7952 RasPppoe - ok

13:44:32.0462 7952 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys

13:44:32.0555 7952 RasSstp - ok

13:44:32.0618 7952 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys

13:44:32.0727 7952 rdbss - ok

13:44:32.0899 7952 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys

13:44:32.0961 7952 rdpbus - ok

13:44:32.0992 7952 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys

13:44:33.0101 7952 RDPCDD - ok

13:44:33.0304 7952 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys

13:44:33.0413 7952 RDPENCDD - ok

13:44:33.0476 7952 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys

13:44:33.0554 7952 RDPREFMP - ok

13:44:33.0694 7952 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys

13:44:33.0772 7952 RDPWD - ok

13:44:33.0866 7952 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys

13:44:33.0897 7952 rdyboost - ok

13:44:34.0022 7952 regi (4d9afddda0efe97cdbfd3b5fa48b05f6) C:\Windows\system32\drivers\regi.sys

13:44:34.0037 7952 regi - ok

13:44:34.0100 7952 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll

13:44:34.0225 7952 RemoteAccess - ok

13:44:34.0381 7952 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll

13:44:34.0490 7952 RemoteRegistry - ok

13:44:34.0646 7952 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys

13:44:34.0724 7952 RFCOMM - ok

13:44:34.0802 7952 rimspci (ff71ecb1b121c6273ec4c45eddbc4fe4) C:\Windows\system32\drivers\rimssne64.sys

13:44:34.0864 7952 rimspci - ok

13:44:35.0067 7952 risdsnpe (e33075c22c14c57095f037253f936bb8) C:\Windows\system32\drivers\risdsnxc64.sys

13:44:35.0145 7952 risdsnpe - ok

13:44:35.0176 7952 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll

13:44:35.0285 7952 RpcEptMapper - ok

13:44:35.0457 7952 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe

13:44:35.0488 7952 RpcLocator - ok

13:44:35.0582 7952 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll

13:44:35.0675 7952 RpcSs - ok

13:44:35.0863 7952 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys

13:44:35.0956 7952 rspndr - ok

13:44:36.0019 7952 RTL8167 (f4c374b1c46de294b573bb43723ac3f6) C:\Windows\system32\DRIVERS\Rt64win7.sys

13:44:36.0050 7952 RTL8167 - ok

13:44:36.0206 7952 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

13:44:36.0253 7952 SamSs - ok

13:44:36.0315 7952 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys

13:44:36.0331 7952 sbp2port - ok

13:44:36.0580 7952 SBSDWSCService (794d4b48dfb6e999537c7c3947863463) C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe

13:44:36.0643 7952 SBSDWSCService - ok

13:44:36.0783 7952 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll

13:44:36.0877 7952 SCardSvr - ok

13:44:36.0939 7952 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys

13:44:37.0033 7952 scfilter - ok

13:44:37.0298 7952 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll

13:44:37.0438 7952 Schedule - ok

13:44:37.0563 7952 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll

13:44:37.0657 7952 SCPolicySvc - ok

13:44:37.0750 7952 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\DRIVERS\sdbus.sys

13:44:37.0813 7952 sdbus - ok

13:44:37.0922 7952 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll

13:44:38.0000 7952 SDRSVC - ok

13:44:38.0062 7952 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys

13:44:38.0187 7952 secdrv - ok

13:44:38.0343 7952 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll

13:44:38.0421 7952 seclogon - ok

13:44:38.0468 7952 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll

13:44:38.0577 7952 SENS - ok

13:44:38.0780 7952 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll

13:44:38.0858 7952 SensrSvc - ok

13:44:38.0936 7952 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys

13:44:38.0983 7952 Serenum - ok

13:44:39.0061 7952 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys

13:44:39.0123 7952 Serial - ok

13:44:39.0201 7952 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys

13:44:39.0263 7952 sermouse - ok

13:44:39.0310 7952 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll

13:44:39.0419 7952 SessionEnv - ok

13:44:39.0560 7952 SFEP (286d3889e6ab5589646ff8a63cb928ae) C:\Windows\system32\drivers\SFEP.sys

13:44:39.0622 7952 SFEP - ok

13:44:39.0685 7952 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys

13:44:39.0747 7952 sffdisk - ok

13:44:39.0763 7952 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys

13:44:39.0825 7952 sffp_mmc - ok

13:44:39.0919 7952 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys

13:44:39.0997 7952 sffp_sd - ok

13:44:40.0121 7952 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys

13:44:40.0153 7952 sfloppy - ok

13:44:40.0262 7952 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll

13:44:40.0355 7952 SharedAccess - ok

13:44:40.0449 7952 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll

13:44:40.0558 7952 ShellHWDetection - ok

13:44:40.0714 7952 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys

13:44:40.0745 7952 SiSRaid2 - ok

13:44:40.0777 7952 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys

13:44:40.0808 7952 SiSRaid4 - ok

13:44:40.0855 7952 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys

13:44:40.0964 7952 Smb - ok

13:44:41.0120 7952 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe

13:44:41.0167 7952 SNMPTRAP - ok

13:44:41.0291 7952 SOHCImp (ddf2ec98af6fc70608a4f9ce4db52758) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe

13:44:41.0323 7952 SOHCImp - ok

13:44:41.0338 7952 SOHDs (5fa03f5ea6efef6d17b4a1a48c40a23c) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe

13:44:41.0354 7952 SOHDs - ok

13:44:41.0416 7952 SpfService (65e5659e9c2a0762d05657c0e22a7ca2) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe

13:44:41.0447 7952 SpfService - ok

13:44:41.0619 7952 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys

13:44:41.0635 7952 spldr - ok

13:44:41.0728 7952 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe

13:44:41.0822 7952 Spooler - ok

13:44:42.0227 7952 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe

13:44:42.0446 7952 sppsvc - ok

13:44:42.0617 7952 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll

13:44:42.0711 7952 sppuinotify - ok

13:44:42.0820 7952 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys

13:44:42.0914 7952 srv - ok

13:44:43.0054 7952 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys

13:44:43.0085 7952 srv2 - ok

13:44:43.0210 7952 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys

13:44:43.0241 7952 srvnet - ok

13:44:43.0319 7952 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll

13:44:43.0444 7952 SSDPSRV - ok

13:44:43.0491 7952 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll

13:44:43.0585 7952 SstpSvc - ok

13:44:43.0741 7952 Stereo Service (525597fa2e9d49f19c59623b05562968) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

13:44:43.0772 7952 Stereo Service - ok

13:44:43.0928 7952 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys

13:44:43.0943 7952 stexstor - ok

13:44:44.0006 7952 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll

13:44:44.0068 7952 stisvc - ok

13:44:44.0099 7952 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys

13:44:44.0131 7952 swenum - ok

13:44:44.0380 7952 SwitchBoard (f577910a133a592234ebaad3f3afa258) C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

13:44:44.0427 7952 SwitchBoard ( UnsignedFile.Multi.Generic ) - warning

13:44:44.0427 7952 SwitchBoard - detected UnsignedFile.Multi.Generic (1)

13:44:44.0739 7952 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll

13:44:44.0879 7952 swprv - ok

13:44:45.0207 7952 SynTP (b0c7d4dcf4800df2f2145b500d0161e8) C:\Windows\system32\drivers\SynTP.sys

13:44:45.0269 7952 SynTP - ok

13:44:45.0457 7952 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll

13:44:45.0566 7952 SysMain - ok

13:44:45.0706 7952 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll

13:44:45.0769 7952 TabletInputService - ok

13:44:45.0800 7952 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll

13:44:45.0909 7952 TapiSrv - ok

13:44:46.0018 7952 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll

13:44:46.0112 7952 TBS - ok

13:44:46.0283 7952 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys

13:44:46.0377 7952 Tcpip - ok

13:44:46.0689 7952 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys

13:44:46.0783 7952 TCPIP6 - ok

13:44:46.0939 7952 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys

13:44:47.0048 7952 tcpipreg - ok

13:44:47.0063 7952 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys

13:44:47.0110 7952 TDPIPE - ok

13:44:47.0297 7952 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys

13:44:47.0360 7952 TDTCP - ok

13:44:47.0422 7952 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys

13:44:47.0500 7952 tdx - ok

13:44:47.0656 7952 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys

13:44:47.0687 7952 TermDD - ok

13:44:47.0812 7952 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll

13:44:47.0921 7952 TermService - ok

13:44:48.0077 7952 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll

13:44:48.0124 7952 Themes - ok

13:44:48.0171 7952 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll

13:44:48.0265 7952 THREADORDER - ok

13:44:48.0389 7952 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll

13:44:48.0514 7952 TrkWks - ok

13:44:48.0561 7952 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe

13:44:48.0655 7952 TrustedInstaller - ok

13:44:48.0811 7952 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys

13:44:48.0920 7952 tssecsrv - ok

13:44:48.0951 7952 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys

13:44:48.0998 7952 TsUsbFlt - ok

13:44:49.0123 7952 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys

13:44:49.0169 7952 TsUsbGD - ok

13:44:49.0232 7952 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys

13:44:49.0341 7952 tunnel - ok

13:44:49.0497 7952 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys

13:44:49.0528 7952 uagp35 - ok

13:44:49.0653 7952 uCamMonitor (1fe69f3c1ca1cf4b7ec7e2e9090fffdc) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe

13:44:49.0669 7952 uCamMonitor - ok

13:44:49.0793 7952 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys

13:44:49.0903 7952 udfs - ok

13:44:49.0949 7952 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe

13:44:49.0981 7952 UI0Detect - ok

13:44:50.0121 7952 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys

13:44:50.0152 7952 uliagpkx - ok

13:44:50.0199 7952 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys

13:44:50.0261 7952 umbus - ok

13:44:50.0293 7952 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys

13:44:50.0339 7952 UmPass - ok

13:44:50.0605 7952 UNS (db641944f7e4b14c13c3fefc89843f69) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

13:44:50.0729 7952 UNS - ok

13:44:50.0870 7952 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll

13:44:50.0995 7952 upnphost - ok

13:44:51.0229 7952 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys

13:44:51.0291 7952 USBAAPL64 - ok

13:44:51.0416 7952 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys

13:44:51.0478 7952 usbaudio - ok

13:44:51.0556 7952 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys

13:44:51.0587 7952 usbccgp - ok

13:44:51.0712 7952 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys

13:44:51.0743 7952 usbcir - ok

13:44:51.0837 7952 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys

13:44:51.0868 7952 usbehci - ok

13:44:52.0055 7952 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\drivers\usbhub.sys

13:44:52.0133 7952 usbhub - ok

13:44:52.0196 7952 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys

13:44:52.0227 7952 usbohci - ok

13:44:52.0399 7952 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\drivers\usbprint.sys

13:44:52.0445 7952 usbprint - ok

13:44:52.0492 7952 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS

13:44:52.0601 7952 USBSTOR - ok

13:44:52.0757 7952 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys

13:44:52.0898 7952 usbuhci - ok

13:44:53.0023 7952 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys

13:44:53.0069 7952 usbvideo - ok

13:44:53.0101 7952 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll

13:44:53.0194 7952 UxSms - ok

13:44:53.0319 7952 VAIO Event Service (387d3dffcf0a544539e9c5d8b81169a2) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe

13:44:53.0350 7952 VAIO Event Service - ok

13:44:53.0475 7952 VAIO Power Management (d1933e428d991b15affd48b1a7beb643) C:\Program Files\Sony\VAIO Power Management\SPMService.exe

13:44:53.0522 7952 VAIO Power Management - ok

13:44:53.0631 7952 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

13:44:53.0647 7952 VaultSvc - ok

13:44:53.0803 7952 VCFw (d00058c1fff3f3de990444a5734e9639) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe

13:44:53.0849 7952 VCFw - ok

13:44:53.0959 7952 VcmIAlzMgr (f19275655b42086c884abcdae2c659ae) C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe

13:44:54.0005 7952 VcmIAlzMgr - ok

13:44:54.0099 7952 VcmINSMgr (2f06d134554ba84fe253dbc481dcfe6d) C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe

13:44:54.0146 7952 VcmINSMgr - ok

13:44:54.0224 7952 VcmXmlIfHelper (32a3735f6874b7783c6209ed5ca36d9d) C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe

13:44:54.0239 7952 VcmXmlIfHelper - ok

13:44:54.0364 7952 VCService (b26dab275900e604f247f5a8b72cffe1) C:\Program Files\Sony\VAIO Care\VCService.exe

13:44:54.0380 7952 VCService - ok

13:44:54.0505 7952 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys

13:44:54.0520 7952 vdrvroot - ok

13:44:54.0583 7952 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe

13:44:54.0707 7952 vds - ok

13:44:54.0785 7952 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys

13:44:54.0832 7952 vga - ok

13:44:54.0863 7952 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys

13:44:54.0957 7952 VgaSave - ok

13:44:55.0097 7952 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys

13:44:55.0129 7952 vhdmp - ok

13:44:55.0207 7952 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys

13:44:55.0222 7952 viaide - ok

13:44:55.0300 7952 VIPAppService (6ad85f32ea4aa65bb2ea652f2b9d4005) C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe

13:44:55.0331 7952 VIPAppService - ok

13:44:55.0456 7952 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys

13:44:55.0472 7952 volmgr - ok

13:44:55.0519 7952 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys

13:44:55.0550 7952 volmgrx - ok

13:44:55.0597 7952 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys

13:44:55.0628 7952 volsnap - ok

13:44:55.0768 7952 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys

13:44:55.0784 7952 vsmraid - ok

13:44:55.0955 7952 VSNService (8be8c47d5b09f5550dcbf6fcd8832ccb) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe

13:44:56.0033 7952 VSNService - ok

13:44:56.0221 7952 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe

13:44:56.0392 7952 VSS - ok

13:44:56.0595 7952 VUAgent (5498369d830f2d22104af518e50d8aaf) C:\Program Files\Sony\VAIO Update Common\VUAgent.exe

13:44:56.0657 7952 VUAgent - ok

13:44:56.0798 7952 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys

13:44:56.0860 7952 vwifibus - ok

13:44:56.0954 7952 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys

13:44:57.0016 7952 vwififlt - ok

13:44:57.0125 7952 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll

13:44:57.0219 7952 W32Time - ok

13:44:57.0344 7952 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys

13:44:57.0391 7952 WacomPen - ok

13:44:57.0484 7952 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys

13:44:57.0593 7952 WANARP - ok

13:44:57.0609 7952 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys

13:44:57.0687 7952 Wanarpv6 - ok

13:44:57.0968 7952 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe

13:44:58.0046 7952 WatAdminSvc - ok

13:44:58.0233 7952 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe

13:44:58.0358 7952 wbengine - ok

13:44:58.0436 7952 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll

13:44:58.0483 7952 WbioSrvc - ok

13:44:58.0514 7952 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll

13:44:58.0592 7952 wcncsvc - ok

13:44:58.0623 7952 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll

13:44:58.0670 7952 WcsPlugInService - ok

13:44:58.0732 7952 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys

13:44:58.0748 7952 Wd - ok

13:44:58.0873 7952 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys

13:44:58.0919 7952 Wdf01000 - ok

13:44:58.0966 7952 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll

13:44:59.0044 7952 WdiServiceHost - ok

13:44:59.0060 7952 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll

13:44:59.0107 7952 WdiSystemHost - ok

13:44:59.0216 7952 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll

13:44:59.0294 7952 WebClient - ok

13:44:59.0309 7952 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll

13:44:59.0434 7952 Wecsvc - ok

13:44:59.0543 7952 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll

13:44:59.0637 7952 wercplsupport - ok

13:44:59.0699 7952 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll

13:44:59.0809 7952 WerSvc - ok

13:44:59.0933 7952 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys

13:45:00.0011 7952 WfpLwf - ok

13:45:00.0043 7952 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys

13:45:00.0074 7952 WIMMount - ok

13:45:00.0105 7952 WinDefend - ok

13:45:00.0121 7952 WinHttpAutoProxySvc - ok

13:45:00.0230 7952 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll

13:45:00.0323 7952 Winmgmt - ok

13:45:00.0464 7952 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll

13:45:00.0620 7952 WinRM - ok

13:45:00.0854 7952 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys

13:45:00.0885 7952 WinUsb - ok

13:45:00.0979 7952 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll

13:45:01.0088 7952 Wlansvc - ok

13:45:01.0197 7952 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe

13:45:01.0213 7952 wlcrasvc - ok

13:45:01.0306 7952 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

13:45:01.0415 7952 wlidsvc - ok

13:45:01.0571 7952 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys

13:45:01.0618 7952 WmiAcpi - ok

13:45:01.0696 7952 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe

13:45:01.0759 7952 wmiApSrv - ok

13:45:01.0790 7952 WMPNetworkSvc - ok

13:45:01.0899 7952 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll

13:45:01.0946 7952 WPCSvc - ok

13:45:01.0977 7952 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll

13:45:02.0024 7952 WPDBusEnum - ok

13:45:02.0133 7952 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys

13:45:02.0211 7952 ws2ifsl - ok

13:45:02.0258 7952 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll

13:45:02.0320 7952 wscsvc - ok

13:45:02.0398 7952 WSearch - ok

13:45:02.0492 7952 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll

13:45:02.0679 7952 wuauserv - ok

13:45:02.0804 7952 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys

13:45:02.0913 7952 WudfPf - ok

13:45:02.0960 7952 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys

13:45:03.0069 7952 WUDFRd - ok

13:45:03.0319 7952 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll

13:45:03.0397 7952 wudfsvc - ok

13:45:03.0506 7952 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll

13:45:03.0584 7952 WwanSvc - ok

13:45:03.0677 7952 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0

13:45:04.0005 7952 \Device\Harddisk0\DR0 - ok

13:45:04.0021 7952 Boot (0x1200) (cbfdb3d148cc65bb6909108aeed038ba) \Device\Harddisk0\DR0\Partition0

13:45:04.0021 7952 \Device\Harddisk0\DR0\Partition0 - ok

13:45:04.0052 7952 Boot (0x1200) (6ad979b8b0283f631d02d1e72bb0faeb) \Device\Harddisk0\DR0\Partition1

13:45:04.0052 7952 \Device\Harddisk0\DR0\Partition1 - ok

13:45:04.0052 7952 ============================================================

13:45:04.0052 7952 Scan finished

13:45:04.0052 7952 ============================================================

13:45:04.0067 2900 Detected object count: 2

13:45:04.0067 2900 Actual detected object count: 2

13:45:30.0151 2900 Oasis2Service ( UnsignedFile.Multi.Generic ) - skipped by user

13:45:30.0151 2900 Oasis2Service ( UnsignedFile.Multi.Generic ) - User select action: Skip

13:45:30.0151 2900 SwitchBoard ( UnsignedFile.Multi.Generic ) - skipped by user

13:45:30.0151 2900 SwitchBoard ( UnsignedFile.Multi.Generic ) - User select action: Skip

13:46:42.0004 7768 Deinitialize success

Share this post


Link to post
Share on other sites

Thanks!

  • Launch Malwarebytes' Anti-Malware
  • Go to Update tab and select Check for Updates. If an update is found, it will download and install the latest version.
  • Go to Scanner tab and select Perform Quick Scan, then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.

Extra Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer,please do so immediately.

In your next reply, post the following log files:

  • Malwarebytes' Anti-Malware log
  • a new fresh DDS log file

Share this post


Link to post
Share on other sites

Ran it this time and it didn't pick up anything. I included the first one I ran (in red)

i also tried to install a free version of AVG and a trial version of Kaspersky (my anti virus that came with the laptop expired) with not luck. Not sure if something was blocking the installation. Virus???

Thanks again

alwarebytes Anti-Malware (Trial) 1.60.1.1000

www.malwarebytes.org

Database version: v2012.04.07.10

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 9.0.8112.16421

Mike :: MIKE-VAIO [administrator]

Protection: Enabled

4/7/2012 16:53:18

mbam-log-2012-04-07 (16-53-18).txt

Scan type: Full scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 364992

Time elapsed: 38 minute(s), 27 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 0

(No malicious items detected)

(end)

Malwarebytes Anti-Malware (Trial) 1.60.1.1000

www.malwarebytes.org

Database version: v2012.04.05.01

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 9.0.8112.16421

Mike :: MIKE-VAIO [administrator]

Protection: Enabled

4/4/2012 22:08:52

mbam-log-2012-04-04 (22-08-52).txt

Scan type: Full scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 361985

Time elapsed: 35 minute(s), 51 second(s)

Memory Processes Detected: 1

C:\Windows\svchost.exe (Trojan.Agent) -> 3904 -> Delete on reboot.

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 1

C:\Windows\svchost.exe (Trojan.Agent) -> Delete on reboot.

(end)

Share this post


Link to post
Share on other sites
a new fresh DDS log file

Please generate a new fresh DDS log file.

Share this post


Link to post
Share on other sites

09:43:58.0845 8764 TDSS rootkit removing tool 2.7.26.0 Apr 4 2012 19:52:02

09:43:59.0562 8764 ============================================================

09:43:59.0562 8764 Current date / time: 2012/04/08 09:43:59.0562

09:43:59.0562 8764 SystemInfo:

09:43:59.0562 8764

09:43:59.0562 8764 OS Version: 6.1.7601 ServicePack: 1.0

09:43:59.0562 8764 Product type: Workstation

09:43:59.0562 8764 ComputerName: MIKE-VAIO

09:43:59.0562 8764 UserName: Mike

09:43:59.0562 8764 Windows directory: C:\Windows

09:43:59.0562 8764 System windows directory: C:\Windows

09:43:59.0562 8764 Running under WOW64

09:43:59.0562 8764 Processor architecture: Intel x64

09:43:59.0562 8764 Number of processors: 8

09:43:59.0562 8764 Page size: 0x1000

09:43:59.0562 8764 Boot type: Normal boot

09:43:59.0562 8764 ============================================================

09:44:00.0202 8764 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

09:44:00.0217 8764 Drive \Device\Harddisk1\DR2 - Size: 0x3B97FE00 (0.93 Gb), SectorSize: 0x200, Cylinders: 0x79, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'

09:44:00.0217 8764 \Device\Harddisk0\DR0:

09:44:00.0217 8764 MBR used

09:44:00.0217 8764 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1885800, BlocksNum 0x32000

09:44:00.0217 8764 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x18B7800, BlocksNum 0x38ACE030

09:44:00.0217 8764 \Device\Harddisk1\DR2:

09:44:00.0217 8764 MBR used

09:44:00.0217 8764 \Device\Harddisk1\DR2\Partition0: MBR, Type 0xE, StartLBA 0x8, BlocksNum 0x1DCBF7

09:44:00.0249 8764 Initialize success

09:44:00.0249 8764 ============================================================

09:44:11.0964 6212 ============================================================

09:44:11.0964 6212 Scan started

09:44:11.0964 6212 Mode: Manual;

09:44:11.0964 6212 ============================================================

09:44:13.0150 6212 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys

09:44:13.0165 6212 1394ohci - ok

09:44:13.0259 6212 ACDaemon (adc420616c501b45d26c0fd3ef1e54e4) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe

09:44:13.0259 6212 ACDaemon - ok

09:44:13.0321 6212 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys

09:44:13.0321 6212 ACPI - ok

09:44:13.0399 6212 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys

09:44:13.0415 6212 AcpiPmi - ok

09:44:13.0477 6212 AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

09:44:13.0477 6212 AdobeARMservice - ok

09:44:13.0555 6212 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys

09:44:13.0571 6212 adp94xx - ok

09:44:13.0618 6212 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys

09:44:13.0633 6212 adpahci - ok

09:44:13.0665 6212 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys

09:44:13.0680 6212 adpu320 - ok

09:44:13.0821 6212 AeLookupSvc (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll

09:44:13.0821 6212 AeLookupSvc - ok

09:44:13.0899 6212 AFD (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys

09:44:13.0914 6212 AFD - ok

09:44:13.0977 6212 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys

09:44:13.0977 6212 agp440 - ok

09:44:14.0023 6212 ALG (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe

09:44:14.0023 6212 ALG - ok

09:44:14.0133 6212 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys

09:44:14.0133 6212 aliide - ok

09:44:14.0211 6212 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys

09:44:14.0211 6212 amdide - ok

09:44:14.0273 6212 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys

09:44:14.0273 6212 AmdK8 - ok

09:44:14.0304 6212 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys

09:44:14.0304 6212 AmdPPM - ok

09:44:14.0351 6212 amdsata (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys

09:44:14.0351 6212 amdsata - ok

09:44:14.0445 6212 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys

09:44:14.0445 6212 amdsbs - ok

09:44:14.0476 6212 amdxata (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys

09:44:14.0476 6212 amdxata - ok

09:44:14.0523 6212 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys

09:44:14.0523 6212 AppID - ok

09:44:14.0554 6212 AppIDSvc (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll

09:44:14.0554 6212 AppIDSvc - ok

09:44:14.0632 6212 Appinfo (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll

09:44:14.0632 6212 Appinfo - ok

09:44:14.0788 6212 Apple Mobile Device (3debbecf665dcdde3a95d9b902010817) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

09:44:14.0788 6212 Apple Mobile Device - ok

09:44:14.0897 6212 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys

09:44:14.0897 6212 arc - ok

09:44:14.0944 6212 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys

09:44:14.0944 6212 arcsas - ok

09:44:14.0975 6212 ArcSoftKsUFilter (c130bc4a51b1382b2be8e44579ec4c0a) C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys

09:44:14.0975 6212 ArcSoftKsUFilter - ok

09:44:15.0069 6212 aspnet_state (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe

09:44:15.0084 6212 aspnet_state - ok

09:44:15.0178 6212 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys

09:44:15.0178 6212 AsyncMac - ok

09:44:15.0209 6212 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys

09:44:15.0209 6212 atapi - ok

09:44:15.0349 6212 athr (a5e770426d18f8ef332a593f3289da91) C:\Windows\system32\DRIVERS\athrx.sys

09:44:15.0412 6212 athr - ok

09:44:15.0537 6212 AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll

09:44:15.0552 6212 AudioEndpointBuilder - ok

09:44:15.0568 6212 AudioSrv (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll

09:44:15.0583 6212 AudioSrv - ok

09:44:15.0630 6212 AxInstSV (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll

09:44:15.0646 6212 AxInstSV - ok

09:44:15.0739 6212 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys

09:44:15.0739 6212 b06bdrv - ok

09:44:15.0833 6212 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys

09:44:15.0833 6212 b57nd60a - ok

09:44:15.0864 6212 BDESVC (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll

09:44:15.0864 6212 BDESVC - ok

09:44:15.0911 6212 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys

09:44:15.0911 6212 Beep - ok

09:44:16.0005 6212 BFE (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll

09:44:16.0020 6212 BFE - ok

09:44:16.0192 6212 BITS (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll

09:44:16.0223 6212 BITS - ok

09:44:16.0285 6212 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys

09:44:16.0285 6212 blbdrive - ok

09:44:16.0410 6212 Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe

09:44:16.0426 6212 Bonjour Service - ok

09:44:16.0551 6212 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys

09:44:16.0551 6212 bowser - ok

09:44:16.0582 6212 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys

09:44:16.0582 6212 BrFiltLo - ok

09:44:16.0597 6212 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys

09:44:16.0597 6212 BrFiltUp - ok

09:44:16.0629 6212 Browser (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll

09:44:16.0644 6212 Browser - ok

09:44:16.0675 6212 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys

09:44:16.0691 6212 Brserid - ok

09:44:16.0707 6212 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys

09:44:16.0707 6212 BrSerWdm - ok

09:44:16.0785 6212 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys

09:44:16.0800 6212 BrUsbMdm - ok

09:44:16.0831 6212 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys

09:44:16.0831 6212 BrUsbSer - ok

09:44:16.0894 6212 BthEnum (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys

09:44:16.0894 6212 BthEnum - ok

09:44:16.0972 6212 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys

09:44:16.0972 6212 BTHMODEM - ok

09:44:17.0112 6212 BthPan (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys

09:44:17.0112 6212 BthPan - ok

09:44:17.0190 6212 BTHPORT (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys

09:44:17.0206 6212 BTHPORT - ok

09:44:17.0253 6212 bthserv (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll

09:44:17.0268 6212 bthserv - ok

09:44:17.0331 6212 BTHUSB (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys

09:44:17.0331 6212 BTHUSB - ok

09:44:17.0409 6212 BTWAMPFL (f8cfafbd5bf8b3ddb0d3c2943a5af8ce) C:\Windows\system32\DRIVERS\btwampfl.sys

09:44:17.0409 6212 BTWAMPFL - ok

09:44:17.0455 6212 btwaudio (44770a3c07ebd5d6d7cd7dba915b49bc) C:\Windows\system32\drivers\btwaudio.sys

09:44:17.0455 6212 btwaudio - ok

09:44:17.0533 6212 btwavdt (75b59923087ae6eb064d13d8f58a02b6) C:\Windows\system32\DRIVERS\btwavdt.sys

09:44:17.0549 6212 btwavdt - ok

09:44:17.0705 6212 btwdins (e1c1bcc8211e3ae2b524deef071faf2a) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe

09:44:17.0736 6212 btwdins - ok

09:44:17.0830 6212 btwl2cap (b9354f9f111c64f2495b60f1e24cb453) C:\Windows\system32\DRIVERS\btwl2cap.sys

09:44:17.0830 6212 btwl2cap - ok

09:44:17.0861 6212 btwrchid (9555e15f828760341751e9183bd34e60) C:\Windows\system32\DRIVERS\btwrchid.sys

09:44:17.0861 6212 btwrchid - ok

09:44:17.0923 6212 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys

09:44:17.0923 6212 cdfs - ok

09:44:17.0955 6212 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys

09:44:17.0970 6212 cdrom - ok

09:44:18.0048 6212 CertPropSvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll

09:44:18.0064 6212 CertPropSvc - ok

09:44:18.0111 6212 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys

09:44:18.0111 6212 circlass - ok

09:44:18.0142 6212 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys

09:44:18.0142 6212 CLFS - ok

09:44:18.0204 6212 clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

09:44:18.0204 6212 clr_optimization_v2.0.50727_32 - ok

09:44:18.0282 6212 clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

09:44:18.0282 6212 clr_optimization_v2.0.50727_64 - ok

09:44:18.0329 6212 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

09:44:18.0376 6212 clr_optimization_v4.0.30319_32 - ok

09:44:18.0438 6212 clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

09:44:18.0438 6212 clr_optimization_v4.0.30319_64 - ok

09:44:18.0516 6212 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys

09:44:18.0516 6212 CmBatt - ok

09:44:18.0547 6212 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys

09:44:18.0547 6212 cmdide - ok

09:44:18.0625 6212 CNG (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys

09:44:18.0641 6212 CNG - ok

09:44:18.0688 6212 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys

09:44:18.0688 6212 Compbatt - ok

09:44:18.0781 6212 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys

09:44:18.0797 6212 CompositeBus - ok

09:44:18.0813 6212 COMSysApp - ok

09:44:18.0844 6212 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys

09:44:18.0844 6212 crcdisk - ok

09:44:18.0922 6212 CryptSvc (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll

09:44:18.0922 6212 CryptSvc - ok

09:44:18.0984 6212 DcomLaunch (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll

09:44:19.0000 6212 DcomLaunch - ok

09:44:19.0078 6212 defragsvc (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll

09:44:19.0093 6212 defragsvc - ok

09:44:19.0125 6212 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys

09:44:19.0125 6212 DfsC - ok

09:44:19.0187 6212 Dhcp (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll

09:44:19.0203 6212 Dhcp - ok

09:44:19.0218 6212 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys

09:44:19.0218 6212 discache - ok

09:44:19.0312 6212 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys

09:44:19.0312 6212 Disk - ok

09:44:19.0327 6212 Dnscache (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll

09:44:19.0343 6212 Dnscache - ok

09:44:19.0390 6212 dot3svc (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll

09:44:19.0390 6212 dot3svc - ok

09:44:19.0405 6212 DPS (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll

09:44:19.0421 6212 DPS - ok

09:44:19.0452 6212 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys

09:44:19.0452 6212 drmkaud - ok

09:44:19.0546 6212 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys

09:44:19.0577 6212 DXGKrnl - ok

09:44:19.0608 6212 e1yexpress (50ad8fc1dc800ff36087994c8f7fdff2) C:\Windows\system32\DRIVERS\e1y60x64.sys

09:44:19.0624 6212 e1yexpress - ok

09:44:19.0671 6212 EapHost (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll

09:44:19.0671 6212 EapHost - ok

09:44:19.0998 6212 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys

09:44:20.0076 6212 ebdrv - ok

09:44:20.0170 6212 EFS (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe

09:44:20.0170 6212 EFS - ok

09:44:20.0232 6212 ehRecvr (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe

09:44:20.0248 6212 ehRecvr - ok

09:44:20.0279 6212 ehSched (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe

09:44:20.0279 6212 ehSched - ok

09:44:20.0326 6212 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys

09:44:20.0341 6212 elxstor - ok

09:44:20.0357 6212 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys

09:44:20.0357 6212 ErrDev - ok

09:44:20.0482 6212 EventSystem (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll

09:44:20.0482 6212 EventSystem - ok

09:44:20.0544 6212 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys

09:44:20.0544 6212 exfat - ok

09:44:20.0575 6212 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys

09:44:20.0591 6212 fastfat - ok

09:44:20.0716 6212 Fax (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe

09:44:20.0731 6212 Fax - ok

09:44:20.0778 6212 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys

09:44:20.0778 6212 fdc - ok

09:44:20.0825 6212 fdPHost (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll

09:44:20.0825 6212 fdPHost - ok

09:44:20.0919 6212 FDResPub (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll

09:44:20.0919 6212 FDResPub - ok

09:44:20.0997 6212 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys

09:44:20.0997 6212 FileInfo - ok

09:44:21.0012 6212 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys

09:44:21.0012 6212 Filetrace - ok

09:44:21.0059 6212 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys

09:44:21.0059 6212 flpydisk - ok

09:44:21.0106 6212 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys

09:44:21.0106 6212 FltMgr - ok

09:44:21.0262 6212 FontCache (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll

09:44:21.0293 6212 FontCache - ok

09:44:21.0387 6212 FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

09:44:21.0387 6212 FontCache3.0.0.0 - ok

09:44:21.0465 6212 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys

09:44:21.0465 6212 FsDepends - ok

09:44:21.0511 6212 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys

09:44:21.0511 6212 Fs_Rec - ok

09:44:21.0558 6212 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys

09:44:21.0558 6212 fvevol - ok

09:44:21.0605 6212 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys

09:44:21.0605 6212 gagp30kx - ok

09:44:21.0699 6212 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys

09:44:21.0699 6212 GEARAspiWDM - ok

09:44:21.0761 6212 gpsvc (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll

09:44:21.0792 6212 gpsvc - ok

09:44:21.0886 6212 gupdate (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

09:44:21.0886 6212 gupdate - ok

09:44:21.0917 6212 gupdatem (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

09:44:21.0917 6212 gupdatem - ok

09:44:21.0948 6212 gusvc (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

09:44:21.0948 6212 gusvc - ok

09:44:22.0042 6212 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys

09:44:22.0042 6212 hcw85cir - ok

09:44:22.0073 6212 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys

09:44:22.0089 6212 HdAudAddService - ok

09:44:22.0151 6212 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys

09:44:22.0151 6212 HDAudBus - ok

09:44:22.0213 6212 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys

09:44:22.0213 6212 HidBatt - ok

09:44:22.0229 6212 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys

09:44:22.0245 6212 HidBth - ok

09:44:22.0276 6212 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys

09:44:22.0276 6212 HidIr - ok

09:44:22.0323 6212 hidserv (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll

09:44:22.0323 6212 hidserv - ok

09:44:22.0369 6212 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys

09:44:22.0369 6212 HidUsb - ok

09:44:22.0447 6212 hkmsvc (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll

09:44:22.0463 6212 hkmsvc - ok

09:44:22.0494 6212 HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll

09:44:22.0494 6212 HomeGroupListener - ok

09:44:22.0541 6212 HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll

09:44:22.0541 6212 HomeGroupProvider - ok

09:44:22.0619 6212 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys

09:44:22.0619 6212 HpSAMD - ok

09:44:22.0728 6212 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys

09:44:22.0744 6212 HTTP - ok

09:44:22.0791 6212 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys

09:44:22.0791 6212 hwpolicy - ok

09:44:22.0853 6212 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys

09:44:22.0853 6212 i8042prt - ok

09:44:22.0931 6212 iaStor (d469b77687e12fe43e344806740b624d) C:\Windows\system32\drivers\iaStor.sys

09:44:22.0947 6212 iaStor - ok

09:44:23.0071 6212 IAStorDataMgrSvc (983fc69644ddf0486c8dfea262948d1a) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

09:44:23.0071 6212 IAStorDataMgrSvc - ok

09:44:23.0212 6212 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys

09:44:23.0212 6212 iaStorV - ok

09:44:23.0337 6212 idsvc (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

09:44:23.0352 6212 idsvc - ok

09:44:23.0446 6212 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys

09:44:23.0461 6212 iirsp - ok

09:44:23.0555 6212 IKEEXT (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll

09:44:23.0571 6212 IKEEXT - ok

09:44:23.0742 6212 IntcAzAudAddService (65f70696be5abc11634fcf96af7d7896) C:\Windows\system32\drivers\RTKVHD64.sys

09:44:23.0805 6212 IntcAzAudAddService - ok

09:44:23.0883 6212 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys

09:44:23.0883 6212 intelide - ok

09:44:24.0007 6212 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\drivers\intelppm.sys

09:44:24.0007 6212 intelppm - ok

09:44:24.0054 6212 IPBusEnum (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll

09:44:24.0054 6212 IPBusEnum - ok

09:44:24.0117 6212 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys

09:44:24.0117 6212 IpFilterDriver - ok

09:44:24.0163 6212 iphlpsvc (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll

09:44:24.0163 6212 iphlpsvc - ok

09:44:24.0226 6212 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys

09:44:24.0226 6212 IPMIDRV - ok

09:44:24.0257 6212 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys

09:44:24.0257 6212 IPNAT - ok

09:44:24.0351 6212 iPod Service (ee4c2a137c7088911a8919effc9812e7) C:\Program Files\iPod\bin\iPodService.exe

09:44:24.0366 6212 iPod Service - ok

09:44:24.0460 6212 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys

09:44:24.0460 6212 IRENUM - ok

09:44:24.0507 6212 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys

09:44:24.0507 6212 isapnp - ok

09:44:24.0538 6212 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys

09:44:24.0553 6212 iScsiPrt - ok

09:44:24.0600 6212 IviRegMgr (f415a88162d23977b5edae4f0410e903) C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe

09:44:24.0600 6212 IviRegMgr - ok

09:44:24.0678 6212 jhi_service (6c85719a21b3f62c2c76280f4bd36c7b) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe

09:44:24.0678 6212 jhi_service - ok

09:44:24.0787 6212 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys

09:44:24.0787 6212 kbdclass - ok

09:44:24.0819 6212 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys

09:44:24.0819 6212 kbdhid - ok

09:44:24.0865 6212 KeyIso (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

09:44:24.0865 6212 KeyIso - ok

09:44:24.0959 6212 KSecDD (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys

09:44:24.0959 6212 KSecDD - ok

09:44:25.0037 6212 KSecPkg (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys

09:44:25.0037 6212 KSecPkg - ok

09:44:25.0068 6212 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys

09:44:25.0084 6212 ksthunk - ok

09:44:25.0115 6212 KtmRm (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll

09:44:25.0131 6212 KtmRm - ok

09:44:25.0177 6212 LanmanServer (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll

09:44:25.0193 6212 LanmanServer - ok

09:44:25.0255 6212 LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll

09:44:25.0255 6212 LanmanWorkstation - ok

09:44:25.0318 6212 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys

09:44:25.0318 6212 lltdio - ok

09:44:25.0365 6212 lltdsvc (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll

09:44:25.0365 6212 lltdsvc - ok

09:44:25.0396 6212 lmhosts (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll

09:44:25.0396 6212 lmhosts - ok

09:44:25.0489 6212 LMS (f4a17dcab576267c85663e64f3ace5a4) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

09:44:25.0505 6212 LMS - ok

09:44:25.0630 6212 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys

09:44:25.0630 6212 LSI_FC - ok

09:44:25.0661 6212 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys

09:44:25.0661 6212 LSI_SAS - ok

09:44:25.0692 6212 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys

09:44:25.0692 6212 LSI_SAS2 - ok

09:44:25.0723 6212 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys

09:44:25.0723 6212 LSI_SCSI - ok

09:44:25.0755 6212 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys

09:44:25.0770 6212 luafv - ok

09:44:25.0911 6212 MBAMProtector (79da94b35371b9e7104460c7693dcb2c) C:\Windows\system32\drivers\mbam.sys

09:44:25.0911 6212 MBAMProtector - ok

09:44:25.0973 6212 MBAMService (056b19651bd7b7ce5f89a3ac46dbdc08) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

09:44:25.0989 6212 MBAMService - ok

09:44:26.0035 6212 Mcx2Svc (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll

09:44:26.0035 6212 Mcx2Svc - ok

09:44:26.0082 6212 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys

09:44:26.0082 6212 megasas - ok

09:44:26.0176 6212 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys

09:44:26.0191 6212 MegaSR - ok

09:44:26.0238 6212 MEIx64 (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\drivers\HECIx64.sys

09:44:26.0238 6212 MEIx64 - ok

09:44:26.0347 6212 Microsoft SharePoint Workspace Audit Service - ok

09:44:26.0441 6212 MMCSS (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll

09:44:26.0457 6212 MMCSS - ok

09:44:26.0488 6212 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys

09:44:26.0488 6212 Modem - ok

09:44:26.0519 6212 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys

09:44:26.0519 6212 monitor - ok

09:44:26.0550 6212 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys

09:44:26.0550 6212 mouclass - ok

09:44:26.0644 6212 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys

09:44:26.0644 6212 mouhid - ok

09:44:26.0691 6212 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys

09:44:26.0691 6212 mountmgr - ok

09:44:26.0706 6212 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys

09:44:26.0722 6212 mpio - ok

09:44:26.0737 6212 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys

09:44:26.0737 6212 mpsdrv - ok

09:44:26.0800 6212 MpsSvc (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll

09:44:26.0815 6212 MpsSvc - ok

09:44:26.0940 6212 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys

09:44:26.0940 6212 MRxDAV - ok

09:44:26.0971 6212 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys

09:44:26.0987 6212 mrxsmb - ok

09:44:27.0018 6212 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys

09:44:27.0018 6212 mrxsmb10 - ok

09:44:27.0049 6212 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys

09:44:27.0049 6212 mrxsmb20 - ok

09:44:27.0081 6212 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys

09:44:27.0081 6212 msahci - ok

09:44:27.0174 6212 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys

09:44:27.0174 6212 msdsm - ok

09:44:27.0205 6212 MSDTC (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe

09:44:27.0205 6212 MSDTC - ok

09:44:27.0237 6212 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys

09:44:27.0237 6212 Msfs - ok

09:44:27.0283 6212 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys

09:44:27.0283 6212 mshidkmdf - ok

09:44:27.0299 6212 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys

09:44:27.0299 6212 msisadrv - ok

09:44:27.0393 6212 MSiSCSI (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll

09:44:27.0393 6212 MSiSCSI - ok

09:44:27.0408 6212 msiserver - ok

09:44:27.0455 6212 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys

09:44:27.0455 6212 MSKSSRV - ok

09:44:27.0486 6212 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys

09:44:27.0486 6212 MSPCLOCK - ok

09:44:27.0502 6212 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys

09:44:27.0502 6212 MSPQM - ok

09:44:27.0533 6212 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys

09:44:27.0533 6212 MsRPC - ok

09:44:27.0580 6212 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys

09:44:27.0580 6212 mssmbios - ok

09:44:27.0658 6212 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys

09:44:27.0658 6212 MSTEE - ok

09:44:27.0705 6212 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys

09:44:27.0705 6212 MTConfig - ok

09:44:27.0736 6212 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys

09:44:27.0736 6212 Mup - ok

09:44:27.0783 6212 napagent (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll

09:44:27.0798 6212 napagent - ok

09:44:27.0923 6212 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys

09:44:27.0923 6212 NativeWifiP - ok

09:44:28.0017 6212 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys

09:44:28.0032 6212 NDIS - ok

09:44:28.0079 6212 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys

09:44:28.0079 6212 NdisCap - ok

09:44:28.0173 6212 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys

09:44:28.0173 6212 NdisTapi - ok

09:44:28.0204 6212 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys

09:44:28.0204 6212 Ndisuio - ok

09:44:28.0219 6212 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys

09:44:28.0235 6212 NdisWan - ok

09:44:28.0266 6212 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys

09:44:28.0266 6212 NDProxy - ok

09:44:28.0282 6212 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys

09:44:28.0282 6212 NetBIOS - ok

09:44:28.0407 6212 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys

09:44:28.0407 6212 NetBT - ok

09:44:28.0453 6212 Netlogon (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

09:44:28.0453 6212 Netlogon - ok

09:44:28.0500 6212 Netman (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll

09:44:28.0516 6212 Netman - ok

09:44:28.0594 6212 NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

09:44:28.0594 6212 NetMsmqActivator - ok

09:44:28.0609 6212 NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

09:44:28.0609 6212 NetPipeActivator - ok

09:44:28.0656 6212 netprofm (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll

09:44:28.0672 6212 netprofm - ok

09:44:28.0687 6212 NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

09:44:28.0687 6212 NetTcpActivator - ok

09:44:28.0703 6212 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

09:44:28.0703 6212 NetTcpPortSharing - ok

09:44:28.0750 6212 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys

09:44:28.0750 6212 nfrd960 - ok

09:44:28.0828 6212 NlaSvc (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll

09:44:28.0828 6212 NlaSvc - ok

09:44:28.0859 6212 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys

09:44:28.0859 6212 Npfs - ok

09:44:28.0906 6212 nsi (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll

09:44:28.0906 6212 nsi - ok

09:44:28.0953 6212 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys

09:44:28.0953 6212 nsiproxy - ok

09:44:29.0031 6212 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys

09:44:29.0062 6212 Ntfs - ok

09:44:29.0155 6212 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys

09:44:29.0155 6212 Null - ok

09:44:29.0202 6212 nusb3hub (158ad24745bd85ba9be3c51c38f48c32) C:\Windows\system32\drivers\nusb3hub.sys

09:44:29.0202 6212 nusb3hub - ok

09:44:29.0249 6212 nusb3xhc (d40a13b2c0891e218f9523b376955db6) C:\Windows\system32\drivers\nusb3xhc.sys

09:44:29.0249 6212 nusb3xhc - ok

09:44:29.0358 6212 NVHDA (f2662fdc20518ee8a8eed4f61ba42349) C:\Windows\system32\drivers\nvhda64v.sys

09:44:29.0358 6212 NVHDA - ok

09:44:29.0904 6212 nvlddmkm (a8151a773ce78233375445d41b77e85e) C:\Windows\system32\DRIVERS\nvlddmkm.sys

09:44:30.0091 6212 nvlddmkm - ok

09:44:30.0247 6212 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys

09:44:30.0247 6212 nvraid - ok

09:44:30.0310 6212 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys

09:44:30.0325 6212 nvstor - ok

09:44:30.0450 6212 NVSvc (b10cca77064c6171846e1cf0d7155af3) C:\Windows\system32\nvvsvc.exe

09:44:30.0466 6212 NVSvc - ok

09:44:30.0513 6212 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys

09:44:30.0528 6212 nv_agp - ok

09:44:30.0591 6212 Oasis2Service (07571684567859da796a566cc78ffa74) C:\Program Files (x86)\DDNi\Oasis2Service\Oasis2Service.exe

09:44:30.0591 6212 Oasis2Service - ok

09:44:30.0700 6212 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys

09:44:30.0700 6212 ohci1394 - ok

09:44:30.0747 6212 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

09:44:30.0747 6212 ose - ok

09:44:30.0949 6212 osppsvc (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

09:44:31.0027 6212 osppsvc - ok

09:44:31.0137 6212 p2pimsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll

09:44:31.0152 6212 p2pimsvc - ok

09:44:31.0183 6212 p2psvc (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll

09:44:31.0183 6212 p2psvc - ok

09:44:31.0246 6212 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys

09:44:31.0246 6212 Parport - ok

09:44:31.0277 6212 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys

09:44:31.0277 6212 partmgr - ok

09:44:31.0308 6212 PcaSvc (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll

09:44:31.0308 6212 PcaSvc - ok

09:44:31.0433 6212 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys

09:44:31.0433 6212 pci - ok

09:44:31.0495 6212 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys

09:44:31.0495 6212 pciide - ok

09:44:31.0527 6212 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys

09:44:31.0527 6212 pcmcia - ok

09:44:31.0605 6212 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys

09:44:31.0620 6212 pcw - ok

09:44:31.0636 6212 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys

09:44:31.0651 6212 PEAUTH - ok

09:44:31.0729 6212 PerfHost (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe

09:44:31.0729 6212 PerfHost - ok

09:44:31.0917 6212 pla (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll

09:44:31.0948 6212 pla - ok

09:44:32.0197 6212 PlugPlay (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll

09:44:32.0197 6212 PlugPlay - ok

09:44:32.0291 6212 PMBDeviceInfoProvider (e9605a180001a6b5551112d91de92ca1) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe

09:44:32.0307 6212 PMBDeviceInfoProvider - ok

09:44:32.0385 6212 PNRPAutoReg (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll

09:44:32.0385 6212 PNRPAutoReg - ok

09:44:32.0416 6212 PNRPsvc (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll

09:44:32.0416 6212 PNRPsvc - ok

09:44:32.0463 6212 PolicyAgent (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll

09:44:32.0478 6212 PolicyAgent - ok

09:44:32.0525 6212 Power (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll

09:44:32.0541 6212 Power - ok

09:44:32.0634 6212 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys

09:44:32.0634 6212 PptpMiniport - ok

09:44:32.0665 6212 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys

09:44:32.0665 6212 Processor - ok

09:44:32.0712 6212 ProfSvc (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll

09:44:32.0712 6212 ProfSvc - ok

09:44:32.0743 6212 ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

09:44:32.0759 6212 ProtectedStorage - ok

09:44:32.0775 6212 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys

09:44:32.0775 6212 Psched - ok

09:44:32.0821 6212 PSI_SVC_2 (f036cfb275d0c55f4e45fbbf5f98b3c8) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe

09:44:32.0837 6212 PSI_SVC_2 - ok

09:44:33.0055 6212 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys

09:44:33.0087 6212 ql2300 - ok

09:44:33.0118 6212 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys

09:44:33.0118 6212 ql40xx - ok

09:44:33.0165 6212 QWAVE (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll

09:44:33.0165 6212 QWAVE - ok

09:44:33.0258 6212 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys

09:44:33.0258 6212 QWAVEdrv - ok

09:44:33.0274 6212 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys

09:44:33.0274 6212 RasAcd - ok

09:44:33.0321 6212 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys

09:44:33.0321 6212 RasAgileVpn - ok

09:44:33.0367 6212 RasAuto (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll

09:44:33.0367 6212 RasAuto - ok

09:44:33.0383 6212 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys

09:44:33.0399 6212 Rasl2tp - ok

09:44:33.0461 6212 RasMan (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll

09:44:33.0477 6212 RasMan - ok

09:44:33.0523 6212 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys

09:44:33.0523 6212 RasPppoe - ok

09:44:33.0555 6212 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys

09:44:33.0570 6212 RasSstp - ok

09:44:33.0586 6212 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys

09:44:33.0601 6212 rdbss - ok

09:44:33.0664 6212 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys

09:44:33.0664 6212 rdpbus - ok

09:44:33.0711 6212 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys

09:44:33.0711 6212 RDPCDD - ok

09:44:33.0742 6212 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys

09:44:33.0742 6212 RDPENCDD - ok

09:44:33.0757 6212 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys

09:44:33.0757 6212 RDPREFMP - ok

09:44:33.0804 6212 RDPWD (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys

09:44:33.0820 6212 RDPWD - ok

09:44:33.0867 6212 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys

09:44:33.0867 6212 rdyboost - ok

09:44:33.0960 6212 regi (4d9afddda0efe97cdbfd3b5fa48b05f6) C:\Windows\system32\drivers\regi.sys

09:44:33.0960 6212 regi - ok

09:44:34.0007 6212 RemoteAccess (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll

09:44:34.0023 6212 RemoteAccess - ok

09:44:34.0069 6212 RemoteRegistry (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll

09:44:34.0085 6212 RemoteRegistry - ok

09:44:34.0132 6212 RFCOMM (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys

09:44:34.0147 6212 RFCOMM - ok

09:44:34.0210 6212 rimspci (ff71ecb1b121c6273ec4c45eddbc4fe4) C:\Windows\system32\drivers\rimssne64.sys

09:44:34.0210 6212 rimspci - ok

09:44:34.0257 6212 risdsnpe (e33075c22c14c57095f037253f936bb8) C:\Windows\system32\drivers\risdsnxc64.sys

09:44:34.0272 6212 risdsnpe - ok

09:44:34.0303 6212 RpcEptMapper (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll

09:44:34.0303 6212 RpcEptMapper - ok

09:44:34.0350 6212 RpcLocator (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe

09:44:34.0350 6212 RpcLocator - ok

09:44:34.0381 6212 RpcSs (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll

09:44:34.0397 6212 RpcSs - ok

09:44:34.0459 6212 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys

09:44:34.0475 6212 rspndr - ok

09:44:34.0537 6212 RTL8167 (f4c374b1c46de294b573bb43723ac3f6) C:\Windows\system32\DRIVERS\Rt64win7.sys

09:44:34.0553 6212 RTL8167 - ok

09:44:34.0584 6212 SamSs (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

09:44:34.0600 6212 SamSs - ok

09:44:34.0615 6212 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys

09:44:34.0631 6212 sbp2port - ok

09:44:34.0787 6212 SBSDWSCService (794d4b48dfb6e999537c7c3947863463) C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe

09:44:34.0803 6212 SBSDWSCService - ok

09:44:34.0881 6212 SCardSvr (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll

09:44:34.0896 6212 SCardSvr - ok

09:44:34.0943 6212 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys

09:44:34.0943 6212 scfilter - ok

09:44:34.0990 6212 Schedule (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll

09:44:35.0021 6212 Schedule - ok

09:44:35.0052 6212 SCPolicySvc (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll

09:44:35.0052 6212 SCPolicySvc - ok

09:44:35.0130 6212 sdbus (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\DRIVERS\sdbus.sys

09:44:35.0130 6212 sdbus - ok

09:44:35.0177 6212 SDRSVC (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll

09:44:35.0193 6212 SDRSVC - ok

09:44:35.0239 6212 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys

09:44:35.0239 6212 secdrv - ok

09:44:35.0255 6212 seclogon (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll

09:44:35.0255 6212 seclogon - ok

09:44:35.0411 6212 SENS (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll

09:44:35.0411 6212 SENS - ok

09:44:35.0442 6212 SensrSvc (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll

09:44:35.0458 6212 SensrSvc - ok

09:44:35.0520 6212 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys

09:44:35.0520 6212 Serenum - ok

09:44:35.0598 6212 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys

09:44:35.0598 6212 Serial - ok

09:44:35.0645 6212 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys

09:44:35.0645 6212 sermouse - ok

09:44:35.0707 6212 SessionEnv (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll

09:44:35.0707 6212 SessionEnv - ok

09:44:35.0770 6212 SFEP (286d3889e6ab5589646ff8a63cb928ae) C:\Windows\system32\drivers\SFEP.sys

09:44:35.0770 6212 SFEP - ok

09:44:35.0910 6212 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys

09:44:35.0910 6212 sffdisk - ok

09:44:35.0957 6212 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys

09:44:35.0957 6212 sffp_mmc - ok

09:44:35.0973 6212 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys

09:44:35.0973 6212 sffp_sd - ok

09:44:36.0051 6212 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys

09:44:36.0051 6212 sfloppy - ok

09:44:36.0160 6212 SharedAccess (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll

09:44:36.0160 6212 SharedAccess - ok

09:44:36.0191 6212 ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll

09:44:36.0207 6212 ShellHWDetection - ok

09:44:36.0269 6212 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys

09:44:36.0269 6212 SiSRaid2 - ok

09:44:36.0316 6212 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys

09:44:36.0316 6212 SiSRaid4 - ok

09:44:36.0394 6212 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys

09:44:36.0409 6212 Smb - ok

09:44:36.0456 6212 SNMPTRAP (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe

09:44:36.0456 6212 SNMPTRAP - ok

09:44:36.0565 6212 SOHCImp (ddf2ec98af6fc70608a4f9ce4db52758) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe

09:44:36.0581 6212 SOHCImp - ok

09:44:36.0597 6212 SOHDs (5fa03f5ea6efef6d17b4a1a48c40a23c) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe

09:44:36.0597 6212 SOHDs - ok

09:44:36.0659 6212 SpfService (65e5659e9c2a0762d05657c0e22a7ca2) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe

09:44:36.0675 6212 SpfService - ok

09:44:36.0753 6212 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys

09:44:36.0753 6212 spldr - ok

09:44:36.0800 6212 Spooler (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe

09:44:36.0815 6212 Spooler - ok

09:44:36.0924 6212 sppsvc (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe

09:44:36.0987 6212 sppsvc - ok

09:44:37.0096 6212 sppuinotify (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll

09:44:37.0112 6212 sppuinotify - ok

09:44:37.0174 6212 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys

09:44:37.0190 6212 srv - ok

09:44:37.0221 6212 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys

09:44:37.0221 6212 srv2 - ok

09:44:37.0236 6212 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys

09:44:37.0252 6212 srvnet - ok

09:44:37.0361 6212 SSDPSRV (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll

09:44:37.0361 6212 SSDPSRV - ok

09:44:37.0392 6212 SstpSvc (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll

09:44:37.0392 6212 SstpSvc - ok

09:44:37.0486 6212 Stereo Service (525597fa2e9d49f19c59623b05562968) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

09:44:37.0502 6212 Stereo Service - ok

09:44:37.0533 6212 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys

09:44:37.0533 6212 stexstor - ok

09:44:37.0658 6212 stisvc (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll

09:44:37.0673 6212 stisvc - ok

09:44:37.0720 6212 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys

09:44:37.0720 6212 swenum - ok

09:44:37.0876 6212 SwitchBoard (f577910a133a592234ebaad3f3afa258) C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

09:44:37.0876 6212 SwitchBoard - ok

09:44:38.0032 6212 swprv (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll

09:44:38.0048 6212 swprv - ok

09:44:38.0141 6212 SynTP (b0c7d4dcf4800df2f2145b500d0161e8) C:\Windows\system32\drivers\SynTP.sys

09:44:38.0172 6212 SynTP - ok

09:44:38.0360 6212 SysMain (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll

09:44:38.0406 6212 SysMain - ok

09:44:38.0438 6212 TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll

09:44:38.0438 6212 TabletInputService - ok

09:44:38.0547 6212 TapiSrv (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll

09:44:38.0562 6212 TapiSrv - ok

09:44:38.0594 6212 TBS (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll

09:44:38.0594 6212 TBS - ok

09:44:38.0687 6212 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys

09:44:38.0718 6212 Tcpip - ok

09:44:38.0828 6212 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys

09:44:38.0859 6212 TCPIP6 - ok

09:44:38.0921 6212 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys

09:44:38.0921 6212 tcpipreg - ok

09:44:38.0937 6212 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys

09:44:38.0937 6212 TDPIPE - ok

09:44:38.0984 6212 TDTCP (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys

09:44:38.0984 6212 TDTCP - ok

09:44:39.0030 6212 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys

09:44:39.0030 6212 tdx - ok

09:44:39.0124 6212 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys

09:44:39.0124 6212 TermDD - ok

09:44:39.0186 6212 TermService (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll

09:44:39.0202 6212 TermService - ok

09:44:39.0218 6212 Themes (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll

09:44:39.0218 6212 Themes - ok

09:44:39.0249 6212 THREADORDER (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll

09:44:39.0264 6212 THREADORDER - ok

09:44:39.0342 6212 TrkWks (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll

09:44:39.0358 6212 TrkWks - ok

09:44:39.0389 6212 TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe

09:44:39.0405 6212 TrustedInstaller - ok

09:44:39.0436 6212 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys

09:44:39.0436 6212 tssecsrv - ok

09:44:39.0483 6212 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys

09:44:39.0483 6212 TsUsbFlt - ok

09:44:39.0576 6212 TsUsbGD (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys

09:44:39.0576 6212 TsUsbGD - ok

09:44:39.0623 6212 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys

09:44:39.0623 6212 tunnel - ok

09:44:39.0654 6212 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys

09:44:39.0654 6212 uagp35 - ok

09:44:39.0732 6212 uCamMonitor (1fe69f3c1ca1cf4b7ec7e2e9090fffdc) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe

09:44:39.0748 6212 uCamMonitor - ok

09:44:39.0826 6212 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys

09:44:39.0842 6212 udfs - ok

09:44:39.0873 6212 UI0Detect (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe

09:44:39.0873 6212 UI0Detect - ok

09:44:39.0951 6212 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys

09:44:39.0951 6212 uliagpkx - ok

09:44:39.0998 6212 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys

09:44:39.0998 6212 umbus - ok

09:44:40.0029 6212 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys

09:44:40.0029 6212 UmPass - ok

09:44:40.0356 6212 UNS (db641944f7e4b14c13c3fefc89843f69) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

09:44:40.0403 6212 UNS - ok

09:44:40.0528 6212 upnphost (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll

09:44:40.0528 6212 upnphost - ok

09:44:40.0606 6212 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys

09:44:40.0606 6212 USBAAPL64 - ok

09:44:40.0715 6212 usbaudio (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys

09:44:40.0715 6212 usbaudio - ok

09:44:40.0762 6212 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys

09:44:40.0762 6212 usbccgp - ok

09:44:40.0824 6212 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys

09:44:40.0840 6212 usbcir - ok

09:44:40.0856 6212 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys

09:44:40.0871 6212 usbehci - ok

09:44:40.0980 6212 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\drivers\usbhub.sys

09:44:40.0996 6212 usbhub - ok

09:44:41.0012 6212 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys

09:44:41.0012 6212 usbohci - ok

09:44:41.0043 6212 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\drivers\usbprint.sys

09:44:41.0043 6212 usbprint - ok

09:44:41.0074 6212 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS

09:44:41.0090 6212 USBSTOR - ok

09:44:41.0121 6212 usbuhci (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys

09:44:41.0136 6212 usbuhci - ok

09:44:41.0230 6212 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys

09:44:41.0230 6212 usbvideo - ok

09:44:41.0261 6212 UxSms (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll

09:44:41.0261 6212 UxSms - ok

09:44:41.0370 6212 VAIO Event Service (387d3dffcf0a544539e9c5d8b81169a2) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe

09:44:41.0370 6212 VAIO Event Service - ok

09:44:41.0448 6212 VAIO Power Management (d1933e428d991b15affd48b1a7beb643) C:\Program Files\Sony\VAIO Power Management\SPMService.exe

09:44:41.0464 6212 VAIO Power Management - ok

09:44:41.0542 6212 VaultSvc (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

09:44:41.0558 6212 VaultSvc - ok

09:44:41.0714 6212 VCFw (d00058c1fff3f3de990444a5734e9639) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe

09:44:41.0729 6212 VCFw - ok

09:44:41.0823 6212 VcmIAlzMgr (f19275655b42086c884abcdae2c659ae) C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe

09:44:41.0838 6212 VcmIAlzMgr - ok

09:44:41.0916 6212 VcmINSMgr (2f06d134554ba84fe253dbc481dcfe6d) C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe

09:44:41.0916 6212 VcmINSMgr - ok

09:44:42.0010 6212 VcmXmlIfHelper (32a3735f6874b7783c6209ed5ca36d9d) C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe

09:44:42.0010 6212 VcmXmlIfHelper - ok

09:44:42.0104 6212 VCService (b26dab275900e604f247f5a8b72cffe1) C:\Program Files\Sony\VAIO Care\VCService.exe

09:44:42.0104 6212 VCService - ok

09:44:42.0213 6212 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys

09:44:42.0213 6212 vdrvroot - ok

09:44:42.0244 6212 vds (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe

09:44:42.0260 6212 vds - ok

09:44:42.0291 6212 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys

09:44:42.0291 6212 vga - ok

09:44:42.0322 6212 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys

09:44:42.0322 6212 VgaSave - ok

09:44:42.0353 6212 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys

09:44:42.0353 6212 vhdmp - ok

09:44:42.0478 6212 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys

09:44:42.0478 6212 viaide - ok

09:44:42.0556 6212 VIPAppService (6ad85f32ea4aa65bb2ea652f2b9d4005) C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe

09:44:42.0572 6212 VIPAppService - ok

09:44:42.0618 6212 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys

09:44:42.0618 6212 volmgr - ok

09:44:42.0681 6212 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys

09:44:42.0681 6212 volmgrx - ok

09:44:42.0790 6212 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys

09:44:42.0806 6212 volsnap - ok

09:44:42.0852 6212 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys

09:44:42.0852 6212 vsmraid - ok

09:44:43.0040 6212 VSNService (8be8c47d5b09f5550dcbf6fcd8832ccb) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe

09:44:43.0055 6212 VSNService - ok

09:44:43.0336 6212 VSS (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe

09:44:43.0367 6212 VSS - ok

09:44:43.0586 6212 VUAgent (5498369d830f2d22104af518e50d8aaf) C:\Program Files\Sony\VAIO Update Common\VUAgent.exe

09:44:43.0601 6212 VUAgent - ok

09:44:43.0695 6212 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys

09:44:43.0695 6212 vwifibus - ok

09:44:43.0742 6212 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys

09:44:43.0742 6212 vwififlt - ok

09:44:43.0788 6212 W32Time (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll

09:44:43.0788 6212 W32Time - ok

09:44:43.0820 6212 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys

09:44:43.0835 6212 WacomPen - ok

09:44:43.0913 6212 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys

09:44:43.0929 6212 WANARP - ok

09:44:43.0960 6212 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys

09:44:43.0976 6212 Wanarpv6 - ok

09:44:44.0116 6212 WatAdminSvc (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe

09:44:44.0147 6212 WatAdminSvc - ok

09:44:44.0412 6212 wbengine (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe

09:44:44.0459 6212 wbengine - ok

09:44:44.0568 6212 WbioSrvc (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll

09:44:44.0568 6212 WbioSrvc - ok

09:44:44.0600 6212 wcncsvc (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll

09:44:44.0615 6212 wcncsvc - ok

09:44:44.0631 6212 WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll

09:44:44.0646 6212 WcsPlugInService - ok

09:44:44.0693 6212 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys

09:44:44.0693 6212 Wd - ok

09:44:44.0834 6212 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys

09:44:44.0849 6212 Wdf01000 - ok

09:44:44.0880 6212 WdiServiceHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll

09:44:44.0896 6212 WdiServiceHost - ok

09:44:44.0896 6212 WdiSystemHost (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll

09:44:44.0896 6212 WdiSystemHost - ok

09:44:44.0927 6212 WebClient (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll

09:44:44.0943 6212 WebClient - ok

09:44:44.0974 6212 Wecsvc (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll

09:44:44.0974 6212 Wecsvc - ok

09:44:45.0146 6212 wercplsupport (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll

09:44:45.0146 6212 wercplsupport - ok

09:44:45.0192 6212 WerSvc (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll

09:44:45.0192 6212 WerSvc - ok

09:44:45.0302 6212 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys

09:44:45.0302 6212 WfpLwf - ok

09:44:45.0333 6212 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys

09:44:45.0333 6212 WIMMount - ok

09:44:45.0364 6212 WinDefend - ok

09:44:45.0364 6212 WinHttpAutoProxySvc - ok

09:44:45.0473 6212 Winmgmt (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll

09:44:45.0473 6212 Winmgmt - ok

09:44:45.0707 6212 WinRM (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll

09:44:45.0738 6212 WinRM - ok

09:44:45.0863 6212 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys

09:44:45.0879 6212 WinUsb - ok

09:44:45.0957 6212 Wlansvc (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll

09:44:45.0988 6212 Wlansvc - ok

09:44:46.0050 6212 wlcrasvc (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe

09:44:46.0050 6212 wlcrasvc - ok

09:44:46.0144 6212 wlidsvc (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

09:44:46.0175 6212 wlidsvc - ok

09:44:46.0300 6212 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys

09:44:46.0300 6212 WmiAcpi - ok

09:44:46.0362 6212 wmiApSrv (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe

09:44:46.0378 6212 wmiApSrv - ok

09:44:46.0409 6212 WMPNetworkSvc - ok

09:44:46.0440 6212 WPCSvc (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll

09:44:46.0440 6212 WPCSvc - ok

09:44:46.0503 6212 WPDBusEnum (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll

09:44:46.0503 6212 WPDBusEnum - ok

09:44:46.0550 6212 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys

09:44:46.0565 6212 ws2ifsl - ok

09:44:46.0581 6212 wscsvc (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll

09:44:46.0596 6212 wscsvc - ok

09:44:46.0596 6212 WSearch - ok

09:44:46.0674 6212 wuauserv (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll

09:44:46.0737 6212 wuauserv - ok

09:44:46.0877 6212 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys

09:44:46.0877 6212 WudfPf - ok

09:44:46.0971 6212 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys

09:44:46.0971 6212 WUDFRd - ok

09:44:47.0002 6212 wudfsvc (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll

09:44:47.0002 6212 wudfsvc - ok

09:44:47.0033 6212 WwanSvc (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll

09:44:47.0049 6212 WwanSvc - ok

09:44:47.0096 6212 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0

09:44:47.0158 6212 \Device\Harddisk0\DR0 - ok

09:44:47.0158 6212 MBR (0x1B8) (671b81004fdd1588fa9ed1331c9ceca9) \Device\Harddisk1\DR2

09:44:59.0700 6212 \Device\Harddisk1\DR2 - ok

09:44:59.0747 6212 Boot (0x1200) (cbfdb3d148cc65bb6909108aeed038ba) \Device\Harddisk0\DR0\Partition0

09:44:59.0747 6212 \Device\Harddisk0\DR0\Partition0 - ok

09:44:59.0763 6212 Boot (0x1200) (6ad979b8b0283f631d02d1e72bb0faeb) \Device\Harddisk0\DR0\Partition1

09:44:59.0763 6212 \Device\Harddisk0\DR0\Partition1 - ok

09:44:59.0778 6212 Boot (0x1200) (55225e6db320e994396664accfbd54d2) \Device\Harddisk1\DR2\Partition0

09:44:59.0778 6212 \Device\Harddisk1\DR2\Partition0 - ok

09:44:59.0778 6212 ============================================================

09:44:59.0778 6212 Scan finished

09:44:59.0778 6212 ============================================================

09:44:59.0794 5136 Detected object count: 0

09:44:59.0794 5136 Actual detected object count: 0

Share this post


Link to post
Share on other sites

Ok but I'm confused. What did i give you on the last post?

Share this post


Link to post
Share on other sites

Never mind, proceed as follows:

Please visit this webpage for download links, and instructions for running the tool:

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

* Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Please include the C:\ComboFix.txt in your next reply for further review.

Share this post


Link to post
Share on other sites

ComboFix 12-04-08.01 - Mike 04/08/2012 19:21:25.1.8 - x64

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4077.1957 [GMT -5:00]

Running from: c:\users\Mike\Downloads\ComboFix.exe

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

* Created a new restore point

.

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\users\Mike\AppData\Local\Temp\{A757F0E6-89E3-402A-A055-B991623728BC}\fpb.tmp

c:\users\Mike\Documents\~WRL0004.tmp

c:\users\Mike\Documents\~WRL0005.tmp

c:\users\Mike\Documents\~WRL0365.tmp

c:\users\Mike\Documents\~WRL0730.tmp

c:\users\Mike\Documents\~WRL1291.tmp

c:\users\Mike\Documents\~WRL1704.tmp

c:\users\Mike\Documents\~WRL2065.tmp

c:\users\Mike\Documents\~WRL3155.tmp

c:\users\Mike\Documents\~WRL3548.tmp

c:\windows\SysWow64\404Fix.exe

c:\windows\SysWow64\Agent.OMZ.Fix.exe

c:\windows\SysWow64\dumphive.exe

c:\windows\SysWow64\IEDFix.C.exe

c:\windows\SysWow64\IEDFix.exe

c:\windows\SysWow64\o4Patch.exe

c:\windows\SysWow64\Process.exe

c:\windows\SysWow64\SrchSTS.exe

c:\windows\SysWow64\tmp.reg

c:\windows\SysWow64\VACFix.exe

c:\windows\SysWow64\VCCLSID.exe

c:\windows\SysWow64\WS2Fix.exe

.

.

((((((((((((((((((((((((( Files Created from 2012-03-09 to 2012-04-09 )))))))))))))))))))))))))))))))

.

.

2012-04-08 23:53 . 2012-04-08 23:53 -------- d-----w- c:\program files (x86)\Handbrake

2012-04-08 23:50 . 2012-04-08 23:50 8738464 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe

2012-04-08 22:56 . 2012-04-08 22:56 -------- d-----w- c:\users\Mike\AppData\Local\CrashDumps

2012-04-08 22:56 . 2012-04-08 23:56 -------- d-----w- c:\users\Mike\AppData\Roaming\HandBrake

2012-04-08 22:53 . 2012-04-08 23:50 418464 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe

2012-04-06 23:51 . 2012-04-06 23:51 -------- d-----w- c:\program files (x86)\EASEUS

2012-04-06 22:15 . 2012-03-14 03:27 8669240 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{BFC4662D-3760-4BEA-9A50-24B112B2A6DA}\mpengine.dll

2012-04-06 22:14 . 2011-11-19 15:20 5559152 ----a-w- c:\windows\system32\ntoskrnl.exe

2012-04-06 22:14 . 2011-11-19 14:50 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe

2012-04-06 22:14 . 2011-11-19 14:50 3913584 ----a-w- c:\windows\SysWow64\ntoskrnl.exe

2012-04-05 19:58 . 2012-04-06 02:12 -------- d-----w- C:\TDSSKiller_Quarantine

2012-04-05 04:00 . 2012-04-05 04:07 691 ----a-w- c:\users\Mike\AppData\Roaming\GetValue.vbs

2012-04-05 04:00 . 2012-04-05 04:07 35 ----a-w- c:\users\Mike\AppData\Roaming\SetValue.bat

2012-04-05 03:08 . 2012-04-05 03:08 -------- d-----w- c:\users\Mike\AppData\Roaming\Malwarebytes

2012-04-05 03:08 . 2012-04-05 03:08 -------- d-----w- c:\programdata\Malwarebytes

2012-04-05 03:08 . 2012-04-05 03:08 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware

2012-04-05 03:08 . 2011-12-10 20:24 23152 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-04-05 02:50 . 2012-04-05 02:50 -------- d-----w- C:\$AVG

2012-04-05 02:30 . 2012-04-05 02:30 -------- d-----w- c:\windows\SysWow64\drivers\AVG

2012-03-15 15:34 . 2012-02-10 06:36 1544192 ----a-w- c:\windows\system32\DWrite.dll

2012-03-15 15:34 . 2012-02-10 05:38 1077248 ----a-w- c:\windows\SysWow64\DWrite.dll

2012-03-15 15:34 . 2012-02-03 04:34 3145728 ----a-w- c:\windows\system32\win32k.sys

2012-03-15 15:28 . 2012-01-25 06:38 77312 ----a-w- c:\windows\system32\rdpwsx.dll

2012-03-15 15:28 . 2012-01-25 06:38 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll

2012-03-15 15:28 . 2012-01-25 06:33 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe

2012-03-15 15:28 . 2012-02-17 06:38 1031680 ----a-w- c:\windows\system32\rdpcore.dll

2012-03-15 15:28 . 2012-02-17 05:34 826880 ----a-w- c:\windows\SysWow64\rdpcore.dll

2012-03-15 15:28 . 2012-02-17 04:58 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys

2012-03-15 15:28 . 2012-02-17 04:57 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys

2012-03-13 03:22 . 2012-03-13 03:22 -------- dc-h--w- c:\programdata\{F974CC36-BF25-4374-A035-B0A9DA79E735}

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-04-08 23:50 . 2011-08-12 09:51 70304 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2012-02-23 14:18 . 2010-11-21 03:27 279656 ------w- c:\windows\system32\MpSigStub.exe

2012-02-19 22:12 . 2011-12-26 15:07 952 --sha-w- c:\programdata\KGyGaAvL.sys

2012-02-02 21:48 . 2012-02-02 21:48 6656 ----a-w- c:\programdata\Microsoft\Windows\DRM\A083.tmp

2012-02-02 21:48 . 2012-02-02 21:48 6656 ----a-w- c:\programdata\Microsoft\Windows\DRM\A082.tmp

.

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Elbserver"="c:\program files (x86)\Sony\Media Gallery\ElbServer.exe" [2011-05-18 83344]

"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2011-12-30 39408]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2011-01-13 283160]

"Dolby Home Theater v4"="c:\program files (x86)\Dolby Home Theater v4\pcee4.exe" [2011-05-02 500736]

"ISBMgr.exe"="c:\program files (x86)\Sony\ISB Utility\ISBMgr.exe" [2011-06-01 2801288]

"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-01-13 460872]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

.

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-30 136176]

R2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-06-24 2656536]

R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-08 253600]

R3 BTWAMPFL;BTWAMPFL;c:\windows\system32\DRIVERS\btwampfl.sys [x]

R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]

R3 e1yexpress;Intel® Gigabit Network Connections Driver;c:\windows\system32\DRIVERS\e1y60x64.sys [x]

R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-30 136176]

R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880]

R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184]

R3 SwitchBoard;Adobe SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]

R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [x]

R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]

R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2011-02-19 99104]

R3 VCService;VCService;c:\program files\Sony\VAIO Care\VCService.exe [2011-10-30 54432]

R3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update Common\VUAgent.exe [2011-10-28 1245800]

R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]

R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]

S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]

S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]

S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-01-13 13336]

S2 jhi_service;Intel® Identity Protection Technology Host Interface Service;c:\program files (x86)\Intel\Services\IPT\jhi_service.exe [2011-02-24 212944]

S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-01-13 652360]

S2 Oasis2Service;Oasis2Service;c:\program files (x86)\DDNi\Oasis2Service\Oasis2Service.exe [2012-02-10 53248]

S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2011-03-15 428384]

S2 regi;regi;c:\windows\system32\drivers\regi.sys [x]

S2 rimspci;rimspci;c:\windows\system32\drivers\rimssne64.sys [x]

S2 risdsnpe;risdsnpe;c:\windows\system32\drivers\risdsnxc64.sys [x]

S2 SampleCollector;VAIO Care Performance Service;c:\program files\Sony\VAIO Care\VCPerfService.exe [2011-08-26 260768]

S2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]

S2 SOHCImp;VAIO Content Importer;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2011-02-21 113824]

S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-06-17 378472]

S2 uCamMonitor;CamMonitor;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2011-02-23 105024]

S2 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe [2011-05-31 552584]

S2 VCFw;VAIO Content Folder Watcher;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2011-01-20 887000]

S2 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2011-05-20 549616]

S2 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2011-02-19 385336]

S2 VIPAppService;VIPAppService;c:\program files (x86)\Symantec\VIP Access Client\VIPAppService.exe [2011-04-13 84088]

S2 VSNService;VSNService;c:\program files\Sony\VAIO Smart Network\VSNService.exe [2011-07-15 969352]

S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys [x]

S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]

S3 MEIx64;Intel® Management Engine Interface;c:\windows\system32\drivers\HECIx64.sys [x]

S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\drivers\nusb3hub.sys [x]

S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\drivers\nusb3xhc.sys [x]

S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x]

S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]

S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\drivers\SFEP.sys [x]

S3 SOHDs;VAIO Device Searcher;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2011-02-21 67232]

S3 SpfService;VAIO Entertainment Common Service;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [2011-01-20 286936]

.

.

--- Other Services/Drivers In Memory ---

.

*NewlyCreated* - WS2IFSL

.

Contents of the 'Scheduled Tasks' folder

.

2012-04-09 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-08 23:50]

.

2012-04-08 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1224217748-1873316770-580351221-1000Core.job

- c:\users\Mike\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-01-27 22:58]

.

2012-04-08 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1224217748-1873316770-580351221-1000UA.job

- c:\users\Mike\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-01-27 22:58]

.

2012-04-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-30 23:39]

.

2012-04-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-30 23:39]

.

.

--------- x86-64 -----------

.

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-07-20 11895400]

"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-07-20 2226280]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"LoadAppInit_DLLs"=0x0

.

------- Supplementary Scan -------

.

uLocal Page = c:\windows\system32\blank.htm

uStart Page = hxxp://www.cnn.com/

mLocal Page = c:\windows\SysWOW64\blank.htm

uInternet Settings,ProxyOverride = *.local

IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000

IE: Se&nd to OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105

TCP: DhcpNameServer = 192.168.1.254

.

- - - - ORPHANS REMOVED - - - -

.

HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe

.

.

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\services\SampleCollector]

"ImagePath"="\"c:\program files\Sony\VAIO Care\VCPerfService.exe\" \"/service\" \"/sstates\" \"/sampleinterval=5000\" \"/procinterval=5\" \"/dllinterval=120\" \"/counter=\Processor(_Total)\% Processor Time:1/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:1\" \"/counter=\Network Interface(*)\Bytes Total/sec:1\" \"/expandcounter=\Processor Information(*)\Processor Frequency:1\" \"&_\" \"/expandcounter=\Processor(*)\% Idle Time:1\" \"/expandcounter=\Processor(*)\% C1 Time:1\" \"/expandcounter=\Processor(*)\% C2 Time:1\" \"/expandcounter=\Processor(*)\%C3 &_ Time:1\" \"/expandcounter=\Processor(*)\% Processor Time:1\" \"/directory=c:\programdata\Sony Corporation\VAIO Care\inteldata\""

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_228_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_228_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_228.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.11"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_228.ocx, 1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_228.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_228.ocx, 1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]

@Denied: (A 2) (Everyone)

@="IFlashBroker4"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]

@Denied: (A) (Everyone)

"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"

.

[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]

@Denied: (A) (Everyone)

.

[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]

"Key"="ActionsPane3"

"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

------------------------ Other Running Processes ------------------------

.

c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

c:\program files (x86)\Common Files\Protexis\License Service\PsiService_2.exe

c:\program files (x86)\Sony\VAIO Control Center\VESMgr.exe

c:\program files (x86)\Sony\VAIO Control Center\VESMgrSub.exe

c:\program files (x86)\Sony\VAIO Control Center\VESMgrSub.exe

c:\windows\SysWOW64\DllHost.exe

c:\windows\SysWOW64\DllHost.exe

c:\program files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe

c:\program files (x86)\Sony\Keyboard Shortcuts\KeyboardShortcuts.exe

c:\program files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe

c:\program files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

c:\program files\Sony\VAIO Care\listener.exe

c:\program files (x86)\DDNi\Oasis\VAIO Messenger.exe

.

**************************************************************************

.

Completion time: 2012-04-08 19:34:34 - machine was rebooted

ComboFix-quarantined-files.txt 2012-04-09 00:34

.

Pre-Run: 374,912,126,976 bytes free

Post-Run: 377,146,638,336 bytes free

.

- - End Of File - - 9EC982FDA784E1F0F452630F851C279B

Share this post


Link to post
Share on other sites

1. Close any open browsers.

2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

3. Open notepad and copy/paste the text in the quotebox below into it:

File::
c:\users\Mike\AppData\Roaming\GetValue.vbs
c:\users\Mike\AppData\Roaming\SetValue.bat

Save this as CFScript.txt, in the same location as ComboFix.exe

CFScriptB-4.gif

Refering to the picture above, drag CFScript into ComboFix.exe

When finished, it shall produce a log for you at C:\ComboFix.txt which I will require in your next reply.

Share this post


Link to post
Share on other sites

hope i did it right

ComboFix 12-04-12.03 - Mike 04/12/2012 15:53:19.4.8 - x64

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4077.2130 [GMT -5:00]

Running from: c:\users\Mike\Desktop\ComboFix.exe

Command switches used :: c:\users\Mike\Desktop\CFScript.txt

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

((((((((((((((((((((((((( Files Created from 2012-03-12 to 2012-04-12 )))))))))))))))))))))))))))))))

.

.

2012-04-12 20:56 . 2012-04-12 20:56 -------- d-----w- c:\users\Default\AppData\Local\temp

2012-04-10 11:19 . 2012-04-10 11:19 69000 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{4E5C1BBE-491D-4A2B-8E1F-CAD5C36E2B4D}\offreg.dll

2012-04-10 11:18 . 2012-03-14 03:27 8669240 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{4E5C1BBE-491D-4A2B-8E1F-CAD5C36E2B4D}\mpengine.dll

2012-04-08 23:53 . 2012-04-08 23:53 -------- d-----w- c:\program files (x86)\Handbrake

2012-04-08 23:50 . 2012-04-08 23:50 8738464 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe

2012-04-08 22:56 . 2012-04-12 20:26 -------- d-----w- c:\users\Mike\AppData\Local\CrashDumps

2012-04-08 22:56 . 2012-04-12 02:15 -------- d-----w- c:\users\Mike\AppData\Roaming\HandBrake

2012-04-08 22:53 . 2012-04-08 23:50 418464 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe

2012-04-06 23:51 . 2012-04-06 23:51 -------- d-----w- c:\program files (x86)\EASEUS

2012-04-06 22:14 . 2011-11-19 15:20 5559152 ----a-w- c:\windows\system32\ntoskrnl.exe

2012-04-06 22:14 . 2011-11-19 14:50 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe

2012-04-06 22:14 . 2011-11-19 14:50 3913584 ----a-w- c:\windows\SysWow64\ntoskrnl.exe

2012-04-05 19:58 . 2012-04-06 02:12 -------- d-----w- C:\TDSSKiller_Quarantine

2012-04-05 04:00 . 2012-04-05 04:07 691 ----a-w- c:\users\Mike\AppData\Roaming\GetValue.vbs

2012-04-05 04:00 . 2012-04-05 04:07 35 ----a-w- c:\users\Mike\AppData\Roaming\SetValue.bat

2012-04-05 03:08 . 2012-04-05 03:08 -------- d-----w- c:\users\Mike\AppData\Roaming\Malwarebytes

2012-04-05 03:08 . 2012-04-05 03:08 -------- d-----w- c:\programdata\Malwarebytes

2012-04-05 03:08 . 2012-04-05 03:08 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware

2012-04-05 03:08 . 2011-12-10 20:24 23152 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-04-05 02:50 . 2012-04-05 02:50 -------- d-----w- C:\$AVG

2012-04-05 02:30 . 2012-04-05 02:30 -------- d-----w- c:\windows\SysWow64\drivers\AVG

2012-03-15 15:34 . 2012-02-10 06:36 1544192 ----a-w- c:\windows\system32\DWrite.dll

2012-03-15 15:34 . 2012-02-10 05:38 1077248 ----a-w- c:\windows\SysWow64\DWrite.dll

2012-03-15 15:34 . 2012-02-03 04:34 3145728 ----a-w- c:\windows\system32\win32k.sys

2012-03-15 15:28 . 2012-01-25 06:38 77312 ----a-w- c:\windows\system32\rdpwsx.dll

2012-03-15 15:28 . 2012-01-25 06:38 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll

2012-03-15 15:28 . 2012-01-25 06:33 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe

2012-03-15 15:28 . 2012-02-17 06:38 1031680 ----a-w- c:\windows\system32\rdpcore.dll

2012-03-15 15:28 . 2012-02-17 05:34 826880 ----a-w- c:\windows\SysWow64\rdpcore.dll

2012-03-15 15:28 . 2012-02-17 04:58 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys

2012-03-15 15:28 . 2012-02-17 04:57 23552 ----a-w- c:\windows\system32\drivers\tdtcp.sys

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-04-08 23:50 . 2011-08-12 09:51 70304 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2012-02-23 14:18 . 2010-11-21 03:27 279656 ------w- c:\windows\system32\MpSigStub.exe

2012-02-19 22:12 . 2011-12-26 15:07 952 --sha-w- c:\programdata\KGyGaAvL.sys

2012-02-02 21:48 . 2012-02-02 21:48 6656 ----a-w- c:\programdata\Microsoft\Windows\DRM\A083.tmp

2012-02-02 21:48 . 2012-02-02 21:48 6656 ----a-w- c:\programdata\Microsoft\Windows\DRM\A082.tmp

.

.

((((((((((((((((((((((((((((( SnapShot@2012-04-09_00.30.54 )))))))))))))))))))))))))))))))))))))))))

.

+ 2010-11-21 03:09 . 2012-04-09 00:50 65922 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin

+ 2012-01-03 21:15 . 2012-04-09 00:48 12192 c:\windows\system32\wdi\ERCQueuedResolutions.dat

+ 2009-07-14 05:10 . 2012-04-09 00:32 40282 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin

+ 2011-12-27 01:03 . 2012-04-09 00:32 11028 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1224217748-1873316770-580351221-1000_UserData.bin

- 2011-11-02 03:11 . 2012-04-08 23:50 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

+ 2011-11-02 03:11 . 2012-04-12 02:41 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

- 2011-11-02 03:11 . 2012-04-08 23:50 65536 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

+ 2011-11-02 03:11 . 2012-04-12 02:41 65536 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

- 2009-07-14 04:54 . 2012-04-08 23:50 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

+ 2009-07-14 04:54 . 2012-04-12 02:41 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

+ 2009-07-14 04:46 . 2012-04-10 11:18 99040 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat

+ 2012-04-09 00:48 . 2012-04-09 00:48 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat

- 2012-04-09 00:30 . 2012-04-09 00:30 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat

+ 2012-04-09 00:48 . 2012-04-09 00:48 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat

- 2012-04-09 00:30 . 2012-04-09 00:30 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat

- 2009-07-14 04:54 . 2012-04-09 00:29 524288 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

+ 2009-07-14 04:54 . 2012-04-09 00:48 524288 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat

+ 2011-12-27 21:55 . 2012-04-12 00:45 264762 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S4.bin

+ 2011-12-26 19:29 . 2012-04-12 09:19 254546 c:\windows\system32\wdi\SuspendPerformanceDiagnostics_SystemData_S3.bin

- 2009-07-14 02:36 . 2012-04-08 22:57 663260 c:\windows\system32\perfh009.dat

+ 2009-07-14 02:36 . 2012-04-12 02:34 663260 c:\windows\system32\perfh009.dat

+ 2009-07-14 02:36 . 2012-04-12 02:34 122096 c:\windows\system32\perfc009.dat

- 2009-07-14 02:36 . 2012-04-08 22:57 122096 c:\windows\system32\perfc009.dat

- 2009-07-14 05:01 . 2012-04-09 00:29 498236 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat

+ 2009-07-14 05:01 . 2012-04-09 00:48 498236 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat

+ 2011-12-26 19:56 . 2012-04-09 00:48 549480 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1224217748-1873316770-580351221-1000-12288.dat

- 2011-12-26 19:56 . 2012-04-09 00:29 549480 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1224217748-1873316770-580351221-1000-12288.dat

- 2009-07-14 04:54 . 2012-04-09 00:29 4947968 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

+ 2009-07-14 04:54 . 2012-04-09 00:48 4947968 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat

- 2011-12-26 19:56 . 2012-04-09 00:29 1298408 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1224217748-1873316770-580351221-1000-8192.dat

+ 2011-12-26 19:56 . 2012-04-09 00:48 1298408 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-1224217748-1873316770-580351221-1000-8192.dat

- 2011-12-26 19:56 . 2012-04-09 00:29 7978928 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-18-16384.dat

+ 2011-12-26 19:56 . 2012-04-09 00:48 7978928 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-18-16384.dat

+ 2009-07-14 04:54 . 2012-04-09 00:48 16187392 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

- 2009-07-14 04:54 . 2012-04-09 00:29 16187392 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Elbserver"="c:\program files (x86)\Sony\Media Gallery\ElbServer.exe" [2011-05-18 83344]

"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2011-12-30 39408]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2011-01-13 283160]

"Dolby Home Theater v4"="c:\program files (x86)\Dolby Home Theater v4\pcee4.exe" [2011-05-02 500736]

"ISBMgr.exe"="c:\program files (x86)\Sony\ISB Utility\ISBMgr.exe" [2011-06-01 2801288]

"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-01-13 460872]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

.

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-30 136176]

R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-08 253600]

R3 BTWAMPFL;BTWAMPFL;c:\windows\system32\DRIVERS\btwampfl.sys [x]

R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]

R3 e1yexpress;Intel® Gigabit Network Connections Driver;c:\windows\system32\DRIVERS\e1y60x64.sys [x]

R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-30 136176]

R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880]

R3 SwitchBoard;Adobe SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]

R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [x]

R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]

R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2011-02-19 99104]

R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]

R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]

S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]

S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]

S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-01-13 13336]

S2 jhi_service;Intel® Identity Protection Technology Host Interface Service;c:\program files (x86)\Intel\Services\IPT\jhi_service.exe [2011-02-24 212944]

S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-01-13 652360]

S2 Oasis2Service;Oasis2Service;c:\program files (x86)\DDNi\Oasis2Service\Oasis2Service.exe [2012-02-10 53248]

S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2011-03-15 428384]

S2 regi;regi;c:\windows\system32\drivers\regi.sys [x]

S2 rimspci;rimspci;c:\windows\system32\drivers\rimssne64.sys [x]

S2 risdsnpe;risdsnpe;c:\windows\system32\drivers\risdsnxc64.sys [x]

S2 SampleCollector;VAIO Care Performance Service;c:\program files\Sony\VAIO Care\VCPerfService.exe [2011-08-26 260768]

S2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]

S2 SOHCImp;VAIO Content Importer;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2011-02-21 113824]

S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-06-17 378472]

S2 uCamMonitor;CamMonitor;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2011-02-23 105024]

S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-06-24 2656536]

S2 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe [2011-05-31 552584]

S2 VCFw;VAIO Content Folder Watcher;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2011-01-20 887000]

S2 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2011-05-20 549616]

S2 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2011-02-19 385336]

S2 VIPAppService;VIPAppService;c:\program files (x86)\Symantec\VIP Access Client\VIPAppService.exe [2011-04-13 84088]

S2 VSNService;VSNService;c:\program files\Sony\VAIO Smart Network\VSNService.exe [2011-07-15 969352]

S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys [x]

S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]

S3 MEIx64;Intel® Management Engine Interface;c:\windows\system32\drivers\HECIx64.sys [x]

S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\drivers\nusb3hub.sys [x]

S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\drivers\nusb3xhc.sys [x]

S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x]

S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184]

S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x]

S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\drivers\SFEP.sys [x]

S3 SOHDs;VAIO Device Searcher;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2011-02-21 67232]

S3 SpfService;VAIO Entertainment Common Service;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [2011-01-20 286936]

S3 VCService;VCService;c:\program files\Sony\VAIO Care\VCService.exe [2011-10-30 54432]

S3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update Common\VUAgent.exe [2011-10-28 1245800]

.

.

Contents of the 'Scheduled Tasks' folder

.

2012-04-12 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-08 23:50]

.

2012-04-12 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1224217748-1873316770-580351221-1000Core.job

- c:\users\Mike\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-01-27 22:58]

.

2012-04-12 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1224217748-1873316770-580351221-1000UA.job

- c:\users\Mike\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-01-27 22:58]

.

2012-04-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-30 23:39]

.

2012-04-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-30 23:39]

.

.

--------- x86-64 -----------

.

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-07-20 11895400]

"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-07-20 2226280]

"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [bU]

.

------- Supplementary Scan -------

.

uLocal Page = c:\windows\system32\blank.htm

uStart Page = hxxp://www.cnn.com/

mLocal Page = c:\windows\SysWOW64\blank.htm

uInternet Settings,ProxyOverride = *.local

IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000

IE: Se&nd to OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105

TCP: DhcpNameServer = 192.168.1.254

.

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\services\SampleCollector]

"ImagePath"="\"c:\program files\Sony\VAIO Care\VCPerfService.exe\" \"/service\" \"/sstates\" \"/sampleinterval=5000\" \"/procinterval=5\" \"/dllinterval=120\" \"/counter=\Processor(_Total)\% Processor Time:1/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:1\" \"/counter=\Network Interface(*)\Bytes Total/sec:1\" \"/expandcounter=\Processor Information(*)\Processor Frequency:1\" \"&_\" \"/expandcounter=\Processor(*)\% Idle Time:1\" \"/expandcounter=\Processor(*)\% C1 Time:1\" \"/expandcounter=\Processor(*)\% C2 Time:1\" \"/expandcounter=\Processor(*)\%C3 &_ Time:1\" \"/expandcounter=\Processor(*)\% Processor Time:1\" \"/directory=c:\programdata\Sony Corporation\VAIO Care\inteldata\""

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_228_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_228_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_228.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.11"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_228.ocx, 1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_228.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_228.ocx, 1"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]

@Denied: (A 2) (Everyone)

@="IFlashBroker4"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]

@Denied: (A) (Everyone)

"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"

.

[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]

@Denied: (A) (Everyone)

.

[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]

"Key"="ActionsPane3"

"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"

.

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Completion time: 2012-04-12 15:57:20

ComboFix-quarantined-files.txt 2012-04-12 20:57

ComboFix2.txt 2012-04-12 20:48

ComboFix3.txt 2012-04-12 20:38

ComboFix4.txt 2012-04-09 00:34

.

Pre-Run: 374,293,057,536 bytes free

Post-Run: 374,006,771,712 bytes free

.

- - End Of File - - CD584C135E95FEFC64AFD3A35741C76A

Share this post


Link to post
Share on other sites

Please make sure your SpyBot is up-to-date and perform a full system scan. Let me know.

Share this post


Link to post
Share on other sites

Full scan done found Zedo, Doubleclick and right media thats all

Share this post


Link to post
Share on other sites

These are cookies. How are things running now?

Share this post


Link to post
Share on other sites

Everything seems to be back in order. thanks so much any suggestions for speeding up my laptop?

Share this post


Link to post
Share on other sites

Glad I could help! :)

Please uninstall ComboFix:

www.bleepingcomputer.com/combofix/how-to-use-combofix#uninstall

Please manually delete DDS and TDSSKiller.

Some malware prevention tips:

http://forums.malwarebytes.org/index.php?showtopic=104379&pid=515983&st=0entry515983

For better perfomance:

http://forums.malwarebytes.org/index.php?showtopic=81990

Safe surfing! :)

Share this post


Link to post
Share on other sites

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.

  • Recently Browsing   0 members

    No registered users viewing this page.